Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Virus & Other Malware Removal Virus & Other Malware Removal
Search Search
Search for:
Tech Support Guy > > >

Solved: continued previous message: trojan horse dropper


(!)

nicoles217's Avatar
nicoles217 nicoles217 is offline
Computer Specs
Member with 32 posts.
THREAD STARTER
 
Join Date: Jun 2012
Experience: Beginner
24-Jun-2012, 01:00 AM #1
continued previous message: trojan horse dropper
Sorry, before I posted the previous message I did not read the : must read this before posting in thread regarding downloading hijack this...
I just posted in this thread a few minutes ago without the following reports. The problem I am having is I have avg free and I keep getting a virus : trojan horse dropper.generic_c.mmi, object is white listed, and I also get redirected when searching webpages. I just bought this computer a couple of months ago. Please help..

Thank you,

Nicole Smith

below is my hijack this report:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:44:55 PM, on 6/23/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\TechSmith\Jing\Jing.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files (x86)\AVG\AVG2012\avgcsrvx.exe
C:\Users\Nicole\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.pch.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.6.2.10\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.6.2.10\IPS\IPSBHO.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.6.2.10\coIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
O4 - HKLM\..\Run: [InstaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe" startup
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Jing] C:\Program Files (x86)\TechSmith\Jing\Jing.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AffinegyService - Affinegy, Inc. - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\19.6.2.10\ccSvcHst.exe
O23 - Service: Toshiba Laptop Checkup Application Launcher (Norton PC Checkup Application Launcher) - Symantec Corporation - C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe
O23 - Service: Common Client Job Manager Service (PCCUJobMgr) - Symantec Corporation - C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater11.1.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12746 bytes

dds text file:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Nicole at 21:50:05 on 2012-06-23
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4044.2159 [GMT -7:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\TODDSrv.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\TECO\Teco.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\TechSmith\Jing\Jing.exe
C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Norton Internet Security\Engine\19.6.2.10\ccSvcHst.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files (x86)\AVG\AVG2012\avgcsrvx.exe
C:\Users\Nicole\Downloads\HijackThis.exe
C:\windows\system32\NOTEPAD.EXE
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\windows\system32\igfxsrvc.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\SysWOW64\cscript.exe
C:\windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.pch.com/
uDefault_Page_URL = hxxp://start.toshiba.com
uInternet Settings,ProxyOverride = <local>
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.6.2.10\coIEPlg.dll
BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\19.6.2.10\IPS\IPSBHO.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: TOSHIBA Media Controller Plug-in: {f3c88694-effa-4d78-b409-54b7b2535b14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\19.6.2.10\coIEPlg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Jing] C:\Program Files (x86)\TechSmith\Jing\Jing.exe
mRun: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED
mRun: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
mRun: [InstaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe" startup
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{65B15265-0C8E-4D4F-AC21-8068FB2E7224} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{65B15265-0C8E-4D4F-AC21-8068FB2E7224}\2456C6B696E6F5934303036393 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{BAE381F0-CC03-4612-A384-C74BDF548F96} : DhcpNameServer = 192.168.1.254
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO-X64: AVG Do Not Track - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.6.2.10\coIEPlg.dll
BHO-X64: Norton Identity Protection - No File
BHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.6.2.10\IPS\IPSBHO.DLL
BHO-X64: Norton Vulnerability Protection - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.6.2.10\coIEPlg.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
mRun-x64: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
mRun-x64: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED
mRun-x64: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun-x64: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
mRun-x64: [InstaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe" startup
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\windows\system32\DRIVERS\avgidsha.sys --> C:\windows\system32\DRIVERS\avgidsha.sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\windows\system32\DRIVERS\avgrkx64.sys --> C:\windows\system32\DRIVERS\avgrkx64.sys [?]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\system32\DRIVERS\tos_sps64.sys --> C:\windows\system32\DRIVERS\tos_sps64.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\windows\system32\DRIVERS\avgldx64.sys --> C:\windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\windows\system32\DRIVERS\avgmfx64.sys --> C:\windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\windows\system32\DRIVERS\avgtdia.sys --> C:\windows\system32\DRIVERS\avgtdia.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-4-30 5106744]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.6.2.10\ccsvchst.exe [2012-3-31 138232]
R2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe [2012-2-15 135608]
R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [2012-2-15 126392]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2011-5-24 294848]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\system32\DRIVERS\TVALZFL.sys --> C:\windows\system32\DRIVERS\TVALZFL.sys [?]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-2-15 2656280]
R2 vToolbarUpdater11.1.0;vToolbarUpdater11.1.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe [2012-6-18 935480]
R3 AVGIDSDriver;AVGIDSDriver;C:\windows\system32\DRIVERS\avgidsdrivera.sys --> C:\windows\system32\DRIVERS\avgidsdrivera.sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\windows\system32\DRIVERS\avgidsfiltera.sys --> C:\windows\system32\DRIVERS\avgidsfiltera.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys --> C:\windows\system32\DRIVERS\IntcDAud.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\system32\DRIVERS\L1C62x64.sys --> C:\windows\system32\DRIVERS\L1C62x64.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?]
R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys --> C:\windows\system32\DRIVERS\pgeffect.sys [?]
R3 QIOMem;Generic IO & Memory Access;C:\windows\system32\DRIVERS\QIOMem.sys --> C:\windows\system32\DRIVERS\QIOMem.sys [?]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\system32\DRIVERS\rtl8192Ce.sys --> C:\windows\system32\DRIVERS\rtl8192Ce.sys [?]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2012-2-15 57216]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-6-9 138152]
R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2011-7-1 828856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-15 136176]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-7 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-15 250056]
S3 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120413.001\BHDrvx64.sys [2012-4-20 1160824]
S3 ccSet_NIS;Norton Internet Security Settings Manager;C:\windows\system32\drivers\NISx64\1306020.00A\ccSetx64.sys --> C:\windows\system32\drivers\NISx64\1306020.00A\ccSetx64.sys [?]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-3-31 138360]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-15 136176]
S3 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120419.001\IDSviA64.sys [2012-4-20 488568]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUStor.sys --> C:\windows\system32\Drivers\RtsUStor.sys [?]
S3 RSUSBVSTOR;RTSUVSTOR.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RTSUVSTOR.sys --> C:\windows\system32\Drivers\RTSUVSTOR.sys [?]
S3 SrvHsfHDA;SrvHsfHDA;C:\windows\system32\DRIVERS\VSTAZL6.SYS --> C:\windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\windows\system32\DRIVERS\VSTDPV6.SYS --> C:\windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 SymDS;Symantec Data Store;C:\windows\system32\drivers\NISx64\1306020.00A\SYMDS64.SYS --> C:\windows\system32\drivers\NISx64\1306020.00A\SYMDS64.SYS [?]
S3 SymEFA;Symantec Extended File Attributes;C:\windows\system32\drivers\NISx64\1306020.00A\SYMEFA64.SYS --> C:\windows\system32\drivers\NISx64\1306020.00A\SYMEFA64.SYS [?]
S3 SymIRON;Symantec Iron Driver;C:\windows\system32\drivers\NISx64\1306020.00A\Ironx64.SYS --> C:\windows\system32\drivers\NISx64\1306020.00A\Ironx64.SYS [?]
S3 SymNetS;Symantec Network Security WFP Driver;C:\windows\system32\Drivers\NISx64\1306020.00A\SYMNETS.SYS --> C:\windows\system32\Drivers\NISx64\1306020.00A\SYMNETS.SYS [?]
S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\system32\drivers\TsUsbGD.sys --> C:\windows\system32\drivers\TsUsbGD.sys [?]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\system32\DRIVERS\vwifimp.sys --> C:\windows\system32\DRIVERS\vwifimp.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-06-23 03:37:31 -------- d-----w- C:\Users\Nicole\AppData\Roaming\PCCUStubInstaller
2012-06-22 02:44:01 2622464 ----a-w- C:\windows\System32\wucltux.dll
2012-06-22 02:43:46 99840 ----a-w- C:\windows\System32\wudriver.dll
2012-06-22 02:43:36 36864 ----a-w- C:\windows\System32\wuapp.exe
2012-06-22 02:43:36 186752 ----a-w- C:\windows\System32\wuwebv.dll
2012-06-21 21:52:48 328704 ----a-w- C:\windows\System32\services.exe.3E5B70EC402FA27E
2012-06-21 21:52:48 -------- d-----w- C:\windows\System32\MpEngineStore
2012-06-21 21:09:26 -------- d-----r- C:\Program Files (x86)\Skype
2012-06-21 17:11:10 -------- d-----w- C:\Users\Nicole\AppData\Roaming\AVG
2012-06-20 22:03:13 -------- d-sh--w- C:\windows\SysWow64\%APPDATA%
2012-06-20 21:22:44 -------- d-----w- C:\Users\Nicole\AppData\Local\{3D2CA8C3-778B-444C-A938-B64D687084CD}
2012-06-20 21:21:57 -------- d-----w- C:\Users\Nicole\AppData\Local\{783215A7-DC0A-42FB-B4E9-AE2D97CB6CF7}
2012-06-20 21:01:51 -------- d-----w- C:\windows\en
2012-06-20 20:58:38 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\7725a4271cd4f2702\MeshBetaRemover.exe
2012-06-20 20:58:36 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\759f427a1cd4f2701\DSETUP.dll
2012-06-20 20:58:36 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\759f427a1cd4f2701\DXSETUP.exe
2012-06-20 20:58:36 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\759f427a1cd4f2701\dsetup32.dll
2012-06-20 20:58:28 -------- d-----w- C:\Users\Nicole\AppData\Local\{801EFD36-C49F-402E-BFE3-99B094520D23}
2012-06-20 20:58:17 -------- d-----w- C:\Users\Nicole\AppData\Local\{FE5D8EEC-47A3-47AC-B944-371E6D19B1FB}
2012-06-20 20:58:07 -------- d-----w- C:\Users\Nicole\AppData\Local\{B8F89024-4C9F-4AA4-8DE4-822DCAEC9CDB}
2012-06-20 20:57:45 -------- d-----w- C:\Users\Nicole\AppData\Local\{46BDC45E-1CF1-408C-8751-2B6D0634F4DD}
2012-06-20 20:57:02 -------- d-----w- C:\Users\Nicole\AppData\Local\{4E1F2D27-CDD0-43E6-8088-057FAD5D62A8}
2012-06-20 20:56:40 -------- d-----w- C:\Users\Nicole\AppData\Local\{0BD82611-0736-4C07-B4E1-6959324FD28E}
2012-06-20 20:55:45 -------- d-----w- C:\Users\Nicole\AppData\Local\{A11ACB5E-EDD2-4C64-A587-FC5C64D0BBFB}
2012-06-20 20:55:22 -------- d-----w- C:\Users\Nicole\AppData\Local\{9BB1B091-A5CD-4AB1-AA7A-5E812F2295A0}
2012-06-20 20:53:38 -------- d-----w- C:\Users\Nicole\AppData\Local\{2D9A4E44-13E8-420B-A002-C645935A814C}
2012-06-20 20:53:27 -------- d-----w- C:\Users\Nicole\AppData\Local\{214F8EB3-736B-4920-8E1B-3C11BEF1D335}
2012-06-20 20:53:10 -------- d-----w- C:\Users\Nicole\AppData\Local\{2F2ED772-2EAA-432E-9014-CD67D2459C85}
2012-06-20 20:52:51 -------- d-----w- C:\Users\Nicole\AppData\Local\{B608DE4B-7DFD-42DD-9B5F-7054264B9B22}
2012-06-16 08:31:11 -------- d-----w- C:\Users\Nicole\AppData\Local\TechSmith
2012-06-16 07:53:18 737072 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2012-06-15 23:05:33 -------- d-----w- C:\Users\Nicole\AppData\Local\ElevatedDiagnostics
2012-06-15 09:39:59 887296 ----a-w- C:\Program Files\Internet Explorer\iedvtool.dll
2012-06-15 09:39:59 678912 ----a-w- C:\Program Files (x86)\Internet Explorer\iedvtool.dll
2012-06-15 09:39:59 499200 ----a-w- C:\Program Files\Internet Explorer\jsdbgui.dll
2012-06-15 09:39:59 387584 ----a-w- C:\Program Files (x86)\Internet Explorer\jsdbgui.dll
2012-06-15 04:21:10 9216 ----a-w- C:\windows\System32\rdrmemptylst.exe
2012-06-15 04:21:10 77312 ----a-w- C:\windows\System32\rdpwsx.dll
2012-06-15 04:21:10 149504 ----a-w- C:\windows\System32\rdpcorekmts.dll
2012-06-15 04:14:02 -------- d-----w- C:\ProgramData\Affinegy
2012-06-15 04:14:02 -------- d-----w- C:\Program Files (x86)\Belkin
2012-06-13 05:04:50 -------- d-----w- C:\Program Files (x86)\Motive
2012-05-28 23:56:25 -------- d-----w- C:\Users\Nicole\AppData\Local\Diagnostics
2012-05-28 23:32:06 -------- d-----w- C:\Users\Nicole\AppData\Local\Tific
2012-05-28 23:02:04 -------- d-----w- C:\Users\Nicole\AppData\Local\BVRP Software
2012-05-27 07:16:30 -------- d-----w- C:\ProgramData\Book Place
2012-05-25 06:38:15 -------- d-----w- C:\Downloads
2012-05-25 06:38:12 -------- d-----w- C:\ProgramData\Tarma Installer
.
==================== Find3M ====================
.
2012-06-23 04:27:18 70344 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-23 04:27:18 426184 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2012-05-18 02:06:48 2311680 ----a-w- C:\windows\System32\jscript9.dll
2012-05-18 01:59:14 1392128 ----a-w- C:\windows\System32\wininet.dll
2012-05-18 01:58:39 1494528 ----a-w- C:\windows\System32\inetcpl.cpl
2012-05-18 01:55:22 173056 ----a-w- C:\windows\System32\ieUnatt.exe
2012-05-18 01:51:30 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2012-05-17 22:45:37 1800192 ----a-w- C:\windows\SysWow64\jscript9.dll
2012-05-17 22:35:47 1129472 ----a-w- C:\windows\SysWow64\wininet.dll
2012-05-17 22:35:39 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2012-05-17 22:29:45 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2012-05-17 22:24:45 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2012-05-15 01:32:33 3146752 ----a-w- C:\windows\System32\win32k.sys
2012-05-04 11:06:22 5559664 ----a-w- C:\windows\System32\ntoskrnl.exe
2012-05-04 10:03:53 3968368 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03:50 3913072 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40:20 209920 ----a-w- C:\windows\System32\profsvc.dll
2012-04-28 03:55:21 210944 ----a-w- C:\windows\System32\drivers\rdpwd.sys
2012-04-24 05:37:37 184320 ----a-w- C:\windows\System32\cryptsvc.dll
2012-04-24 05:37:37 140288 ----a-w- C:\windows\System32\cryptnet.dll
2012-04-24 05:37:36 1462272 ----a-w- C:\windows\System32\crypt32.dll
2012-04-24 04:36:42 140288 ----a-w- C:\windows\SysWow64\cryptsvc.dll
2012-04-24 04:36:42 1158656 ----a-w- C:\windows\SysWow64\crypt32.dll
2012-04-24 04:36:42 103936 ----a-w- C:\windows\SysWow64\cryptnet.dll
2012-04-19 11:50:26 28480 ----a-w- C:\windows\System32\drivers\avgidsha.sys
2012-04-07 12:31:40 3216384 ----a-w- C:\windows\System32\msi.dll
2012-04-07 11:26:29 2342400 ----a-w- C:\windows\SysWow64\msi.dll
2012-03-31 14:54:46 175736 ----a-w- C:\windows\System32\drivers\SYMEVENT64x86.SYS
2012-03-30 11:35:47 1918320 ----a-w- C:\windows\System32\drivers\tcpip.sys
.
============= FINISH: 21:50:43.94 ===============

2nd file labeled attach:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 3/30/2012 8:24:31 PM
System Uptime: 6/23/2012 9:16:45 PM (0 hours ago)
.
Motherboard: Intel Corp. | | Base Board Product Name
Processor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz | CPU1 | 2200/1333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 580 GiB total, 537.837 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Virtual WiFi Miniport Adapter
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&2371D2EC&0&01
Manufacturer: Microsoft
Name: Microsoft Virtual WiFi Miniport Adapter
PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&2371D2EC&0&01
Service: vwifimp
.
==== System Restore Points ===================
.
RP26: 6/4/2012 1:11:08 AM - Windows Update
RP27: 6/15/2012 2:39:38 AM - Windows Update
RP28: 6/16/2012 1:30:06 AM - Installed Jing
RP29: 6/20/2012 1:58:39 PM - Windows Live Essentials
RP30: 6/20/2012 1:59:20 PM - Installed DirectX
RP31: 6/20/2012 1:59:41 PM - Installed DirectX
RP32: 6/20/2012 2:00:03 PM - WLSetup
RP33: 6/21/2012 7:43:13 PM - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3) MUI
Amazon Links
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
Bejeweled 3
Belkin Router Monitor and Setup
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
D3DX10
FATE - The Traitor Soul
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
HP Deskjet 1050 J410 series Help
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) Rapid Storage Technology
Java Auto Updater
Java(TM) 6 Update 25
Jing
Junk Mail filter update
Label@Once 1.0
Letters from Nowhere 2
Mesh Runtime
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Standard 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nancy Drew: Ghost Dogs Of Moon Lake
Netwaiting
Norton Internet Security
Penguins!
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime x86
Polar Bowler
Realtek USB 2.0 Reader Driver
Realtek WLAN Driver
RollerCoaster Tycoon 3: Platinum
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Shape Solitaire
Skype Launcher
Skype™ 5.10
Tales of Lagoona
Toshiba App Place
TOSHIBA Application Installer
TOSHIBA Assist
Toshiba Book Place
TOSHIBA Bulletin Board
TOSHIBA Face Recognition
TOSHIBA Hardware Setup
Toshiba Laptop Checkup
TOSHIBA Media Controller
TOSHIBA Media Controller Plug-in
Toshiba Online Backup
TOSHIBA Quality Application
TOSHIBA Recovery Media Creator
TOSHIBA ReelTime
TOSHIBA Resolution+ Plug-in for Windows Media Player
TOSHIBA Service Station
TOSHIBA Sleep Utility
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
TOSHIBARegistration
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687267) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update Installer for WildTangent Games App
Virtual Villagers 4 - The Tree of Life
Visual Studio 2008 x64 Redistributables
WildTangent Games
WildTangent Games App (Toshiba Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Zuma's Revenge
.
==== Event Viewer Messages From Past Week ========
.
6/23/2012 9:17:53 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891
6/23/2012 9:17:53 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891
6/23/2012 9:17:19 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
6/23/2012 9:17:19 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
6/23/2012 9:17:19 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
6/16/2012 1:04:37 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user Nicole-PC\Nicole SID (S-1-5-21-102462457-671049934-769496480-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
.
==== End Of File ===========================
nicoles217's Avatar
nicoles217 nicoles217 is offline
Computer Specs
Member with 32 posts.
THREAD STARTER
 
Join Date: Jun 2012
Experience: Beginner
30-Jun-2012, 03:58 AM #2
bump
bump
Mark1956's Avatar
Malware Removal Specialist with 12,487 posts.
 
Join Date: May 2011
Location: Spain
Experience: Advanced
30-Jun-2012, 09:57 AM #3
Hi Nicoles217 and welcome to TSG, my name is Mark and I will be helping you. Sorry you had to wait so long, there just aren't enough volunteer helpers to cope with the demand.

First thing you need to do is remove one of the Anti Virus programs. You should only have one Anti Virus running on your system. Running more than one Anti Virus can slow system performance, cause conflicts and actually reduce your systems security level. Using more than one anti-virus program is not advisable. Why?

You should go to Programs and Features from the Control Panel and uninstall the program you choose to remove and then run the appropriate tool to remove the remnants.

AVG Removal tool
Norton Uninstall Tool

After that please run the following scans and post the logs back here.


STEP 1
Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
  • Double-click on the renamed file to install, then follow these instructions for doing a Quick Scan in normal mode.
  • Don't forget to check for database definition updates through the program's interface (preferable method) before scanning.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Double click on the Malwarebytes icon on your desktop to launch the program
  • Under the Scanner tab, make sure the Perform Quick Scan option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click Show Results to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

Note: A 14-day trial of Malwarebytes Anti-Malware PRO is available as an option when first installing the free version so all users can test the real-time protection component for a period of two weeks. When the limited time period expires those features will be deactivated and locked. Enabling the Protection Module feature again requires registration and purchase of a license key that includes free lifetime upgrades and support. If you continue to use the free version, there is no requirement to buy a license...you can just use it as a stand-alone scanner.

NOTE: Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).



STEP 2
Please follow the instructions exactly as written, deviating from the instructions and trying to fix anything before I have seen the logs may make your PC unbootable. If TDSSKiller does not offer the Cure option DO NOT select delete as you may remove files needed for the system to operate.
Please download Kaspersky's TDSSKiller and save it to your Desktop. <-Important!
-- The tool is frequently updated...if you used TDSSKiller before, delete that version and download the most current one before using again.
Be sure to print out and follow the instructions for performing a scan.
  • Extract (unzip) the file to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the Desktop.
  • Alternatively, you can download TDSSKiller.exe and use that instead.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If an update is available, TDSSKiller will prompt you to update and download the most current version. Click Load Update. Close TDSSKiller and start again.
  • When the program opens, click the Change parameters.

  • Under "Additional options", check the boxes next to Verify file digital signatures and Detect TDLFS file system, then click OK.

  • Click the Start Scan button.

  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If 'Suspicious objects' are detected, the default action will be Skip. Leave the default set to Skip and click on Continue.
  • If Malicious objects are detected, they will show in the Scan results - Select action for found objects and offer three options.

  • Ensure Cure is selected...then click Continue -> Reboot computer for cure completion.

  • Important! -> If Cure is not available, please choose Skip instead. Do not choose Delete unless instructed. If you choose Delete you may remove critical system files and make your PC unstable or possibly unbootable.
  • A log file named TDSSKiller_version_date_time_log.txt will be created and saved to the root directory (usually Local Disk C: ).
  • Copy and paste the contents of that file in your next reply.
-- If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it to something else before beginning the download and saving to the computer or to perform the scan in "safe mode".
nicoles217's Avatar
nicoles217 nicoles217 is offline
Computer Specs
Member with 32 posts.
THREAD STARTER
 
Join Date: Jun 2012
Experience: Beginner
01-Jul-2012, 11:28 AM #4
Hi, Thank you very much for helping me. When I installed AVG, I had thought I uninstalled Norton, but obviously it was not uninstalled completely. I had only uninstalled it through my programs uninstall/change programs but with the link I was able to uninstall it completely. Below is the first report you asked for from Malwarebytes Anti-Malware:

Note: I did the full scan because when I clicked on the instructions link in your post about the malwarebytes instructions it said to check full scan.
I am now going to follow step 2 of your reply.

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org
Database version: v2012.07.01.02
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Nicole :: NICOLE-PC [administrator]
7/1/2012 3:53:52 AM
mbam-log-2012-07-01 (03-53-52).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 336413
Time elapsed: 43 minute(s), 39 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Windows\Installer\{768b45b4-16ba-46f6-339f-6d732a96de12}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully.
(end)
nicoles217's Avatar
nicoles217 nicoles217 is offline
Computer Specs
Member with 32 posts.
THREAD STARTER
 
Join Date: Jun 2012
Experience: Beginner
01-Jul-2012, 11:51 AM #5
Below is the TDSSKiller log file you asked for:

08:38:47.0609 4444 TDSS rootkit removing tool 2.7.43.0 Jun 29 2012 17:54:22
08:38:48.0015 4444 ============================================================
08:38:48.0015 4444 Current date / time: 2012/07/01 08:38:48.0015
08:38:48.0015 4444 SystemInfo:
08:38:48.0015 4444
08:38:48.0015 4444 OS Version: 6.1.7601 ServicePack: 1.0
08:38:48.0015 4444 Product type: Workstation
08:38:48.0015 4444 ComputerName: NICOLE-PC
08:38:48.0015 4444 UserName: Nicole
08:38:48.0015 4444 Windows directory: C:\windows
08:38:48.0015 4444 System windows directory: C:\windows
08:38:48.0015 4444 Running under WOW64
08:38:48.0015 4444 Processor architecture: Intel x64
08:38:48.0015 4444 Number of processors: 2
08:38:48.0015 4444 Page size: 0x1000
08:38:48.0015 4444 Boot type: Normal boot
08:38:48.0015 4444 ============================================================
08:38:48.0405 4444 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:38:48.0420 4444 ============================================================
08:38:48.0420 4444 \Device\Harddisk0\DR0:
08:38:48.0420 4444 MBR partitions:
08:38:48.0420 4444 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x48810800
08:38:48.0420 4444 ============================================================
08:38:48.0451 4444 C: <-> \Device\Harddisk0\DR0\Partition0
08:38:48.0451 4444 ============================================================
08:38:48.0451 4444 Initialize success
08:38:48.0451 4444 ============================================================
08:39:53.0238 4692 ============================================================
08:39:53.0238 4692 Scan started
08:39:53.0238 4692 Mode: Manual; SigCheck; TDLFS;
08:39:53.0238 4692 ============================================================
08:39:53.0971 4692 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
08:39:54.0127 4692 1394ohci - ok
08:39:54.0174 4692 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
08:39:54.0221 4692 ACPI - ok
08:39:54.0252 4692 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
08:39:54.0346 4692 AcpiPmi - ok
08:39:54.0486 4692 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:39:54.0517 4692 AdobeARMservice - ok
08:39:54.0689 4692 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:39:54.0720 4692 AdobeFlashPlayerUpdateSvc - ok
08:39:54.0829 4692 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\drivers\adp94xx.sys
08:39:54.0861 4692 adp94xx - ok
08:39:54.0907 4692 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\drivers\adpahci.sys
08:39:54.0939 4692 adpahci - ok
08:39:55.0017 4692 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\drivers\adpu320.sys
08:39:55.0048 4692 adpu320 - ok
08:39:55.0079 4692 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
08:39:55.0204 4692 AeLookupSvc - ok
08:39:55.0266 4692 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
08:39:55.0313 4692 AFD - ok
08:39:55.0438 4692 AffinegyService (95b99265e83988cc81970a856ea2159a) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
08:39:55.0469 4692 AffinegyService - ok
08:39:55.0516 4692 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
08:39:55.0531 4692 agp440 - ok
08:39:55.0563 4692 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
08:39:55.0641 4692 ALG - ok
08:39:55.0672 4692 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
08:39:55.0703 4692 aliide - ok
08:39:55.0719 4692 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
08:39:55.0734 4692 amdide - ok
08:39:55.0765 4692 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\drivers\amdk8.sys
08:39:55.0812 4692 AmdK8 - ok
08:39:55.0828 4692 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\drivers\amdppm.sys
08:39:55.0859 4692 AmdPPM - ok
08:39:55.0875 4692 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
08:39:55.0890 4692 amdsata - ok
08:39:55.0906 4692 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\drivers\amdsbs.sys
08:39:55.0921 4692 amdsbs - ok
08:39:55.0937 4692 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
08:39:55.0953 4692 amdxata - ok
08:39:55.0968 4692 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
08:39:56.0015 4692 AppID - ok
08:39:56.0062 4692 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
08:39:56.0155 4692 AppIDSvc - ok
08:39:56.0202 4692 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
08:39:56.0249 4692 Appinfo - ok
08:39:56.0280 4692 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\drivers\arc.sys
08:39:56.0296 4692 arc - ok
08:39:56.0327 4692 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\drivers\arcsas.sys
08:39:56.0343 4692 arcsas - ok
08:39:56.0436 4692 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:39:56.0483 4692 aspnet_state - ok
08:39:56.0514 4692 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
08:39:56.0592 4692 AsyncMac - ok
08:39:56.0623 4692 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
08:39:56.0639 4692 atapi - ok
08:39:56.0686 4692 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
08:39:56.0748 4692 AudioEndpointBuilder - ok
08:39:56.0748 4692 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
08:39:56.0795 4692 AudioSrv - ok
08:39:57.0045 4692 AVGIDSAgent (ba60fd7a64b9759a14c0fba4a9ed4c7b) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
08:39:57.0232 4692 AVGIDSAgent - ok
08:39:57.0325 4692 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\windows\system32\DRIVERS\avgidsdrivera.sys
08:39:57.0357 4692 AVGIDSDriver - ok
08:39:57.0372 4692 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\windows\system32\DRIVERS\avgidsfiltera.sys
08:39:57.0388 4692 AVGIDSFilter - ok
08:39:57.0403 4692 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\windows\system32\DRIVERS\avgidsha.sys
08:39:57.0419 4692 AVGIDSHA - ok
08:39:57.0435 4692 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\windows\system32\DRIVERS\avgldx64.sys
08:39:57.0450 4692 Avgldx64 - ok
08:39:57.0450 4692 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\windows\system32\DRIVERS\avgmfx64.sys
08:39:57.0466 4692 Avgmfx64 - ok
08:39:57.0497 4692 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\windows\system32\DRIVERS\avgrkx64.sys
08:39:57.0513 4692 Avgrkx64 - ok
08:39:57.0528 4692 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\windows\system32\DRIVERS\avgtdia.sys
08:39:57.0544 4692 Avgtdia - ok
08:39:57.0622 4692 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
08:39:57.0653 4692 avgwd - ok
08:39:57.0700 4692 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
08:39:57.0793 4692 AxInstSV - ok
08:39:57.0856 4692 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\drivers\bxvbda.sys
08:39:57.0903 4692 b06bdrv - ok
08:39:57.0934 4692 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
08:39:57.0981 4692 b57nd60a - ok
08:39:58.0043 4692 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
08:39:58.0074 4692 BDESVC - ok
08:39:58.0105 4692 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
08:39:58.0183 4692 Beep - ok
08:39:58.0230 4692 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
08:39:58.0293 4692 BITS - ok
08:39:58.0324 4692 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
08:39:58.0339 4692 blbdrive - ok
08:39:58.0386 4692 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
08:39:58.0417 4692 bowser - ok
08:39:58.0449 4692 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\drivers\BrFiltLo.sys
08:39:58.0480 4692 BrFiltLo - ok
08:39:58.0495 4692 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\drivers\BrFiltUp.sys
08:39:58.0527 4692 BrFiltUp - ok
08:39:58.0573 4692 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
08:39:58.0651 4692 Browser - ok
08:39:58.0683 4692 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
08:39:58.0745 4692 Brserid - ok
08:39:58.0776 4692 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
08:39:58.0807 4692 BrSerWdm - ok
08:39:58.0823 4692 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
08:39:58.0839 4692 BrUsbMdm - ok
08:39:58.0870 4692 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
08:39:58.0885 4692 BrUsbSer - ok
08:39:58.0917 4692 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\drivers\bthmodem.sys
08:39:58.0948 4692 BTHMODEM - ok
08:39:58.0979 4692 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
08:39:59.0026 4692 bthserv - ok
08:39:59.0775 4692 CarboniteService (4d1b31aa1cd11122e9abca04708a1b1c) C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
08:39:59.0884 4692 CarboniteService - ok
08:39:59.0993 4692 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
08:40:00.0118 4692 cdfs - ok
08:40:00.0149 4692 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
08:40:00.0180 4692 cdrom - ok
08:40:00.0227 4692 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
08:40:00.0321 4692 CertPropSvc - ok
08:40:00.0352 4692 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\drivers\circlass.sys
08:40:00.0383 4692 circlass - ok
08:40:00.0414 4692 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
08:40:00.0430 4692 CLFS - ok
08:40:00.0524 4692 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:40:00.0539 4692 clr_optimization_v2.0.50727_32 - ok
08:40:00.0586 4692 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:40:00.0602 4692 clr_optimization_v2.0.50727_64 - ok
08:40:00.0680 4692 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:40:00.0789 4692 clr_optimization_v4.0.30319_32 - ok
08:40:00.0836 4692 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:40:00.0898 4692 clr_optimization_v4.0.30319_64 - ok
08:40:00.0945 4692 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
08:40:00.0976 4692 CmBatt - ok
08:40:01.0038 4692 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
08:40:01.0070 4692 cmdide - ok
08:40:01.0116 4692 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
08:40:01.0148 4692 CNG - ok
08:40:01.0257 4692 CnxtHdAudService (20506f12afad3db588d007ea9325fbbc) C:\windows\system32\drivers\CHDRT64.sys
08:40:01.0304 4692 CnxtHdAudService - ok
08:40:01.0413 4692 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\drivers\compbatt.sys
08:40:01.0444 4692 Compbatt - ok
08:40:01.0475 4692 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\DRIVERS\CompositeBus.sys
08:40:01.0506 4692 CompositeBus - ok
08:40:01.0522 4692 COMSysApp - ok
08:40:01.0553 4692 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\drivers\crcdisk.sys
08:40:01.0553 4692 crcdisk - ok
08:40:01.0600 4692 CryptSvc (4f5414602e2544a4554d95517948b705) C:\windows\system32\cryptsvc.dll
08:40:01.0647 4692 CryptSvc - ok
08:40:01.0709 4692 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
08:40:01.0772 4692 DcomLaunch - ok
08:40:01.0818 4692 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
08:40:01.0881 4692 defragsvc - ok
08:40:01.0912 4692 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
08:40:01.0959 4692 DfsC - ok
08:40:02.0006 4692 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
08:40:02.0084 4692 Dhcp - ok
08:40:02.0099 4692 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
08:40:02.0146 4692 discache - ok
08:40:02.0193 4692 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\drivers\disk.sys
08:40:02.0208 4692 Disk - ok
08:40:02.0255 4692 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
08:40:02.0318 4692 Dnscache - ok
08:40:02.0349 4692 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
08:40:02.0396 4692 dot3svc - ok
08:40:02.0427 4692 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
08:40:02.0474 4692 DPS - ok
08:40:02.0520 4692 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
08:40:02.0552 4692 drmkaud - ok
08:40:02.0614 4692 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
08:40:02.0630 4692 DXGKrnl - ok
08:40:02.0676 4692 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
08:40:02.0723 4692 EapHost - ok
08:40:03.0082 4692 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\drivers\evbda.sys
08:40:03.0222 4692 ebdrv - ok
08:40:03.0363 4692 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
08:40:03.0394 4692 EFS - ok
08:40:03.0550 4692 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
08:40:03.0612 4692 ehRecvr - ok
08:40:03.0659 4692 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
08:40:03.0675 4692 ehSched - ok
08:40:03.0768 4692 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\drivers\elxstor.sys
08:40:03.0800 4692 elxstor - ok
08:40:03.0800 4692 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
08:40:03.0831 4692 ErrDev - ok
08:40:03.0878 4692 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
08:40:03.0924 4692 EventSystem - ok
08:40:03.0971 4692 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
08:40:04.0034 4692 exfat - ok
08:40:04.0049 4692 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
08:40:04.0127 4692 fastfat - ok
08:40:04.0190 4692 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
08:40:04.0252 4692 Fax - ok
08:40:04.0268 4692 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\drivers\fdc.sys
08:40:04.0299 4692 fdc - ok
08:40:04.0346 4692 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
08:40:04.0392 4692 fdPHost - ok
08:40:04.0408 4692 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
08:40:04.0455 4692 FDResPub - ok
08:40:04.0486 4692 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
08:40:04.0502 4692 FileInfo - ok
08:40:04.0517 4692 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
08:40:04.0564 4692 Filetrace - ok
08:40:04.0580 4692 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\drivers\flpydisk.sys
08:40:04.0595 4692 flpydisk - ok
08:40:04.0611 4692 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
08:40:04.0611 4692 FltMgr - ok
08:40:04.0689 4692 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
08:40:04.0751 4692 FontCache - ok
08:40:04.0814 4692 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:40:04.0829 4692 FontCache3.0.0.0 - ok
08:40:04.0876 4692 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
08:40:04.0907 4692 FsDepends - ok
08:40:04.0938 4692 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
08:40:04.0954 4692 Fs_Rec - ok
08:40:05.0001 4692 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
08:40:05.0016 4692 fvevol - ok
08:40:05.0079 4692 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\drivers\gagp30kx.sys
08:40:05.0110 4692 gagp30kx - ok
08:40:05.0266 4692 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
08:40:05.0297 4692 GamesAppService - ok
08:40:05.0375 4692 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
08:40:05.0422 4692 gpsvc - ok
08:40:05.0500 4692 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:40:05.0531 4692 gupdate - ok
08:40:05.0547 4692 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:40:05.0562 4692 gupdatem - ok
08:40:05.0578 4692 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
08:40:05.0594 4692 gusvc - ok
08:40:05.0656 4692 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
08:40:05.0703 4692 hcw85cir - ok
08:40:05.0734 4692 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
08:40:05.0781 4692 HdAudAddService - ok
08:40:05.0812 4692 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\DRIVERS\HDAudBus.sys
08:40:05.0828 4692 HDAudBus - ok
08:40:05.0859 4692 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\drivers\HidBatt.sys
08:40:05.0890 4692 HidBatt - ok
08:40:05.0906 4692 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\drivers\hidbth.sys
08:40:05.0937 4692 HidBth - ok
08:40:05.0952 4692 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\drivers\hidir.sys
08:40:05.0999 4692 HidIr - ok
08:40:06.0030 4692 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
08:40:06.0108 4692 hidserv - ok
08:40:06.0140 4692 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
08:40:06.0155 4692 HidUsb - ok
08:40:06.0186 4692 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
08:40:06.0249 4692 hkmsvc - ok
08:40:06.0296 4692 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
08:40:06.0358 4692 HomeGroupListener - ok
08:40:06.0389 4692 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
08:40:06.0420 4692 HomeGroupProvider - ok
08:40:06.0452 4692 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
08:40:06.0467 4692 HpSAMD - ok
08:40:06.0514 4692 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
08:40:06.0576 4692 HTTP - ok
08:40:06.0592 4692 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
08:40:06.0608 4692 hwpolicy - ok
08:40:06.0623 4692 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
08:40:06.0639 4692 i8042prt - ok
08:40:06.0717 4692 iaStor (2fdaec4b02729c48c0fd1b0b4695995b) C:\windows\system32\DRIVERS\iaStor.sys
08:40:06.0748 4692 iaStor - ok
08:40:06.0779 4692 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
08:40:06.0810 4692 iaStorV - ok
08:40:06.0904 4692 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
08:40:06.0920 4692 IDriverT ( UnsignedFile.Multi.Generic ) - warning
08:40:06.0920 4692 IDriverT - detected UnsignedFile.Multi.Generic (1)
08:40:07.0091 4692 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:40:07.0185 4692 idsvc - ok
08:40:09.0431 4692 igfx (0d1b8c64bdf0e5cdc523a1409ffb5ef0) C:\windows\system32\DRIVERS\igdkmd64.sys
08:40:09.0868 4692 igfx - ok
08:40:10.0040 4692 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\drivers\iirsp.sys
08:40:10.0071 4692 iirsp - ok
08:40:10.0149 4692 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
08:40:10.0211 4692 IKEEXT - ok
08:40:10.0320 4692 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\windows\system32\DRIVERS\IntcDAud.sys
08:40:10.0352 4692 IntcDAud - ok
08:40:10.0383 4692 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
08:40:10.0414 4692 intelide - ok
08:40:10.0445 4692 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
08:40:10.0492 4692 intelppm - ok
08:40:10.0523 4692 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
08:40:10.0601 4692 IPBusEnum - ok
08:40:10.0617 4692 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
08:40:10.0648 4692 IpFilterDriver - ok
08:40:10.0742 4692 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
08:40:10.0788 4692 IPMIDRV - ok
08:40:10.0820 4692 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
08:40:10.0866 4692 IPNAT - ok
08:40:10.0898 4692 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
08:40:10.0929 4692 IRENUM - ok
08:40:10.0944 4692 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
08:40:10.0960 4692 isapnp - ok
08:40:10.0991 4692 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
08:40:11.0007 4692 iScsiPrt - ok
08:40:11.0038 4692 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
08:40:11.0054 4692 kbdclass - ok
08:40:11.0085 4692 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
08:40:11.0100 4692 kbdhid - ok
08:40:11.0147 4692 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:40:11.0178 4692 KeyIso - ok
08:40:11.0194 4692 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
08:40:11.0194 4692 KSecDD - ok
08:40:11.0225 4692 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
08:40:11.0241 4692 KSecPkg - ok
08:40:11.0272 4692 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
08:40:11.0319 4692 ksthunk - ok
08:40:11.0366 4692 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
08:40:11.0412 4692 KtmRm - ok
08:40:11.0475 4692 L1C (ebed8b3ff4a823c1a6eebeed7b29353f) C:\windows\system32\DRIVERS\L1C62x64.sys
08:40:11.0490 4692 L1C - ok
08:40:11.0646 4692 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
08:40:11.0724 4692 LanmanServer - ok
08:40:11.0756 4692 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
08:40:11.0834 4692 LanmanWorkstation - ok
08:40:11.0865 4692 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
08:40:11.0943 4692 lltdio - ok
08:40:12.0005 4692 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
08:40:12.0099 4692 lltdsvc - ok
08:40:12.0146 4692 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
08:40:12.0208 4692 lmhosts - ok
08:40:12.0395 4692 LMS (2ed1786b7542cda261029f6b526edf44) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
08:40:12.0426 4692 LMS - ok
08:40:12.0489 4692 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\drivers\lsi_fc.sys
08:40:12.0504 4692 LSI_FC - ok
08:40:12.0520 4692 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\drivers\lsi_sas.sys
08:40:12.0520 4692 LSI_SAS - ok
08:40:12.0551 4692 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\drivers\lsi_sas2.sys
08:40:12.0551 4692 LSI_SAS2 - ok
08:40:12.0582 4692 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\drivers\lsi_scsi.sys
08:40:12.0582 4692 LSI_SCSI - ok
08:40:12.0614 4692 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
08:40:12.0660 4692 luafv - ok
08:40:12.0707 4692 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
08:40:12.0738 4692 Mcx2Svc - ok
08:40:12.0770 4692 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\drivers\megasas.sys
08:40:12.0785 4692 megasas - ok
08:40:12.0816 4692 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\drivers\MegaSR.sys
08:40:12.0832 4692 MegaSR - ok
08:40:12.0863 4692 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\windows\system32\DRIVERS\HECIx64.sys
08:40:12.0879 4692 MEIx64 - ok
08:40:12.0910 4692 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
08:40:12.0957 4692 MMCSS - ok
08:40:13.0004 4692 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
08:40:13.0082 4692 Modem - ok
08:40:13.0113 4692 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
08:40:13.0144 4692 monitor - ok
08:40:13.0175 4692 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
08:40:13.0191 4692 mouclass - ok
08:40:13.0206 4692 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
08:40:13.0238 4692 mouhid - ok
08:40:13.0253 4692 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
08:40:13.0269 4692 mountmgr - ok
08:40:13.0284 4692 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
08:40:13.0300 4692 mpio - ok
08:40:13.0300 4692 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
08:40:13.0331 4692 mpsdrv - ok
08:40:13.0362 4692 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
08:40:13.0394 4692 MRxDAV - ok
08:40:13.0425 4692 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
08:40:13.0456 4692 mrxsmb - ok
08:40:13.0487 4692 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
08:40:13.0503 4692 mrxsmb10 - ok
08:40:13.0518 4692 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
08:40:13.0534 4692 mrxsmb20 - ok
08:40:13.0534 4692 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\DRIVERS\msahci.sys
08:40:13.0550 4692 msahci - ok
08:40:13.0581 4692 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
08:40:13.0581 4692 msdsm - ok
08:40:13.0612 4692 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
08:40:13.0643 4692 MSDTC - ok
08:40:13.0643 4692 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
08:40:13.0674 4692 Msfs - ok
08:40:13.0721 4692 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
08:40:13.0752 4692 mshidkmdf - ok
08:40:13.0784 4692 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
08:40:13.0815 4692 msisadrv - ok
08:40:14.0142 4692 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
08:40:14.0220 4692 MSiSCSI - ok
08:40:14.0220 4692 msiserver - ok
08:40:14.0267 4692 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
08:40:14.0345 4692 MSKSSRV - ok
08:40:14.0376 4692 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
08:40:14.0423 4692 MSPCLOCK - ok
08:40:14.0439 4692 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
08:40:14.0486 4692 MSPQM - ok
08:40:14.0579 4692 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
08:40:14.0642 4692 MsRPC - ok
08:40:14.0657 4692 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
08:40:14.0673 4692 mssmbios - ok
08:40:14.0704 4692 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
08:40:14.0751 4692 MSTEE - ok
08:40:14.0766 4692 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\drivers\MTConfig.sys
08:40:14.0782 4692 MTConfig - ok
08:40:14.0798 4692 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
08:40:14.0813 4692 Mup - ok
08:40:14.0844 4692 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
08:40:14.0907 4692 napagent - ok
08:40:14.0969 4692 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
08:40:15.0000 4692 NativeWifiP - ok
08:40:15.0063 4692 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
08:40:15.0110 4692 NDIS - ok
08:40:15.0172 4692 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
08:40:15.0234 4692 NdisCap - ok
08:40:15.0266 4692 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
08:40:15.0297 4692 NdisTapi - ok
08:40:15.0328 4692 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
08:40:15.0375 4692 Ndisuio - ok
08:40:15.0390 4692 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
08:40:15.0437 4692 NdisWan - ok
08:40:15.0453 4692 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
08:40:15.0484 4692 NDProxy - ok
08:40:15.0500 4692 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
08:40:15.0546 4692 NetBIOS - ok
08:40:15.0562 4692 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
08:40:15.0609 4692 NetBT - ok
08:40:15.0640 4692 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:40:15.0656 4692 Netlogon - ok
08:40:15.0734 4692 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
08:40:15.0827 4692 Netman - ok
08:40:15.0952 4692 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:40:15.0999 4692 NetMsmqActivator - ok
08:40:15.0999 4692 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:40:16.0014 4692 NetPipeActivator - ok
08:40:16.0077 4692 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
08:40:16.0124 4692 netprofm - ok
08:40:16.0139 4692 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:40:16.0155 4692 NetTcpActivator - ok
08:40:16.0155 4692 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:40:16.0170 4692 NetTcpPortSharing - ok
08:40:16.0248 4692 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\drivers\nfrd960.sys
08:40:16.0280 4692 nfrd960 - ok
08:40:16.0326 4692 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
08:40:16.0389 4692 NlaSvc - ok
08:40:16.0514 4692 Norton PC Checkup Application Launcher - ok
08:40:16.0623 4692 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
08:40:16.0685 4692 Npfs - ok
08:40:16.0716 4692 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
08:40:16.0763 4692 nsi - ok
08:40:16.0763 4692 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
08:40:16.0826 4692 nsiproxy - ok
08:40:16.0982 4692 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
08:40:17.0075 4692 Ntfs - ok
08:40:17.0231 4692 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
08:40:17.0294 4692 Null - ok
08:40:17.0309 4692 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
08:40:17.0340 4692 nvraid - ok
08:40:17.0340 4692 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
08:40:17.0356 4692 nvstor - ok
08:40:17.0372 4692 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
08:40:17.0387 4692 nv_agp - ok
08:40:17.0606 4692 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:40:17.0637 4692 odserv - ok
08:40:17.0684 4692 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
08:40:17.0715 4692 ohci1394 - ok
08:40:17.0762 4692 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:40:17.0777 4692 ose - ok
08:40:17.0840 4692 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
08:40:17.0886 4692 p2pimsvc - ok
08:40:17.0918 4692 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
08:40:17.0933 4692 p2psvc - ok
08:40:17.0964 4692 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\drivers\parport.sys
08:40:17.0980 4692 Parport - ok
08:40:17.0996 4692 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
08:40:18.0011 4692 partmgr - ok
08:40:18.0042 4692 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
08:40:18.0074 4692 PcaSvc - ok
08:40:18.0214 4692 PCCUJobMgr (2f86be1818c2d7ac90478e3323ee7fcb) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
08:40:18.0245 4692 PCCUJobMgr - ok
08:40:18.0323 4692 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
08:40:18.0354 4692 pci - ok
08:40:18.0354 4692 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys
08:40:18.0370 4692 pciide - ok
08:40:18.0386 4692 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\drivers\pcmcia.sys
08:40:18.0401 4692 pcmcia - ok
08:40:18.0432 4692 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
08:40:18.0432 4692 pcw - ok
08:40:18.0479 4692 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
08:40:18.0526 4692 PEAUTH - ok
08:40:18.0620 4692 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
08:40:18.0682 4692 PerfHost - ok
08:40:18.0744 4692 PGEffect (91111cebbde8015e822c46120ed9537c) C:\windows\system32\DRIVERS\pgeffect.sys
08:40:18.0776 4692 PGEffect - ok
08:40:19.0088 4692 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
08:40:19.0212 4692 pla - ok
08:40:19.0415 4692 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
08:40:19.0478 4692 PlugPlay - ok
08:40:19.0509 4692 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
08:40:19.0540 4692 PNRPAutoReg - ok
08:40:19.0571 4692 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
08:40:19.0587 4692 PNRPsvc - ok
08:40:19.0899 4692 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
08:40:20.0008 4692 PolicyAgent - ok
08:40:20.0070 4692 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
08:40:20.0180 4692 Power - ok
08:40:20.0258 4692 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
08:40:20.0336 4692 PptpMiniport - ok
08:40:20.0351 4692 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\drivers\processr.sys
08:40:20.0382 4692 Processor - ok
08:40:20.0429 4692 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\windows\system32\profsvc.dll
08:40:20.0492 4692 ProfSvc - ok
08:40:20.0570 4692 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:40:20.0601 4692 ProtectedStorage - ok
08:40:20.0663 4692 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
08:40:20.0726 4692 Psched - ok
08:40:20.0788 4692 QIOMem (c8fcb4899f8b70cc34e0d9876a80963c) C:\windows\system32\DRIVERS\QIOMem.sys
08:40:20.0850 4692 QIOMem - ok
08:40:20.0944 4692 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\drivers\ql2300.sys
08:40:21.0022 4692 ql2300 - ok
08:40:21.0256 4692 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\drivers\ql40xx.sys
08:40:21.0303 4692 ql40xx - ok
08:40:21.0350 4692 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
08:40:21.0381 4692 QWAVE - ok
08:40:21.0396 4692 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
08:40:21.0428 4692 QWAVEdrv - ok
08:40:21.0459 4692 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
08:40:21.0521 4692 RasAcd - ok
08:40:21.0568 4692 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
08:40:21.0615 4692 RasAgileVpn - ok
08:40:21.0630 4692 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
08:40:21.0693 4692 RasAuto - ok
08:40:21.0708 4692 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
08:40:21.0755 4692 Rasl2tp - ok
08:40:21.0802 4692 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
08:40:21.0849 4692 RasMan - ok
08:40:21.0880 4692 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
08:40:21.0927 4692 RasPppoe - ok
08:40:21.0942 4692 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
08:40:21.0989 4692 RasSstp - ok
08:40:22.0036 4692 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
08:40:22.0098 4692 rdbss - ok
08:40:22.0130 4692 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\drivers\rdpbus.sys
08:40:22.0161 4692 rdpbus - ok
08:40:22.0192 4692 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
08:40:22.0254 4692 RDPCDD - ok
08:40:22.0254 4692 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
08:40:22.0301 4692 RDPENCDD - ok
08:40:22.0301 4692 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
08:40:22.0332 4692 RDPREFMP - ok
08:40:22.0379 4692 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys
08:40:22.0426 4692 RDPWD - ok
08:40:22.0473 4692 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
08:40:22.0504 4692 rdyboost - ok
08:40:22.0535 4692 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
08:40:22.0598 4692 RemoteAccess - ok
08:40:22.0644 4692 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
08:40:22.0707 4692 RemoteRegistry - ok
08:40:22.0707 4692 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
08:40:22.0754 4692 RpcEptMapper - ok
08:40:22.0816 4692 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
08:40:22.0847 4692 RpcLocator - ok
08:40:22.0910 4692 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
08:40:22.0956 4692 RpcSs - ok
08:40:23.0003 4692 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
08:40:23.0097 4692 rspndr - ok
08:40:23.0144 4692 RSUSBSTOR (135a64530d7699ad48f29d73a658dd11) C:\windows\system32\Drivers\RtsUStor.sys
08:40:23.0175 4692 RSUSBSTOR - ok
08:40:23.0222 4692 RSUSBVSTOR (e5dc911d0feb72caff2bbdd6e7c3672f) C:\windows\system32\Drivers\RTSUVSTOR.sys
08:40:23.0237 4692 RSUSBVSTOR - ok
08:40:23.0284 4692 RTL8192Ce (64fdf4fe366ca42da2b7d9d424b6e39b) C:\windows\system32\DRIVERS\rtl8192Ce.sys
08:40:23.0331 4692 RTL8192Ce - ok
08:40:23.0362 4692 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:40:23.0378 4692 SamSs - ok
08:40:23.0440 4692 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
08:40:23.0471 4692 sbp2port - ok
08:40:23.0502 4692 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
08:40:23.0549 4692 SCardSvr - ok
08:40:23.0565 4692 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
08:40:23.0612 4692 scfilter - ok
08:40:23.0690 4692 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
08:40:23.0752 4692 Schedule - ok
08:40:23.0783 4692 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
08:40:23.0814 4692 SCPolicySvc - ok
08:40:23.0861 4692 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
08:40:23.0924 4692 SDRSVC - ok
08:40:23.0970 4692 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
08:40:24.0033 4692 secdrv - ok
08:40:24.0080 4692 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
08:40:24.0126 4692 seclogon - ok
08:40:24.0173 4692 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
08:40:24.0236 4692 SENS - ok
08:40:24.0251 4692 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
08:40:24.0298 4692 SensrSvc - ok
08:40:24.0392 4692 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\drivers\serenum.sys
08:40:24.0470 4692 Serenum - ok
08:40:24.0516 4692 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\drivers\serial.sys
08:40:24.0548 4692 Serial - ok
08:40:24.0610 4692 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\drivers\sermouse.sys
08:40:24.0641 4692 sermouse - ok
08:40:24.0750 4692 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
08:40:24.0875 4692 SessionEnv - ok
08:40:24.0906 4692 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
08:40:24.0922 4692 sffdisk - ok
08:40:24.0953 4692 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
08:40:24.0984 4692 sffp_mmc - ok
08:40:24.0984 4692 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
08:40:25.0016 4692 sffp_sd - ok
08:40:25.0016 4692 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\drivers\sfloppy.sys
08:40:25.0047 4692 sfloppy - ok
08:40:25.0109 4692 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
08:40:25.0187 4692 ShellHWDetection - ok
08:40:25.0421 4692 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\drivers\SiSRaid2.sys
08:40:25.0452 4692 SiSRaid2 - ok
08:40:25.0515 4692 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\drivers\sisraid4.sys
08:40:25.0546 4692 SiSRaid4 - ok
08:40:25.0733 4692 SkypeUpdate (ddaa5f4a6b958fc313ebd02dd925752f) C:\Program Files (x86)\Skype\Updater\Updater.exe
08:40:25.0764 4692 SkypeUpdate - ok
08:40:25.0889 4692 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
08:40:25.0983 4692 Smb - ok
08:40:26.0092 4692 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
08:40:26.0170 4692 SNMPTRAP - ok
08:40:26.0201 4692 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
08:40:26.0217 4692 spldr - ok
08:40:26.0310 4692 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
08:40:26.0357 4692 Spooler - ok
08:40:26.0747 4692 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
08:40:26.0919 4692 sppsvc - ok
08:40:27.0075 4692 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
08:40:27.0122 4692 sppuinotify - ok
08:40:27.0200 4692 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
08:40:27.0246 4692 srv - ok
08:40:27.0293 4692 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
08:40:27.0324 4692 srv2 - ok
08:40:27.0387 4692 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\windows\system32\DRIVERS\VSTAZL6.SYS
08:40:27.0402 4692 SrvHsfHDA - ok
08:40:27.0496 4692 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\windows\system32\DRIVERS\VSTDPV6.SYS
08:40:27.0543 4692 SrvHsfV92 - ok
08:40:27.0714 4692 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\windows\system32\DRIVERS\VSTCNXT6.SYS
08:40:27.0761 4692 SrvHsfWinac - ok
08:40:27.0808 4692 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
08:40:27.0839 4692 srvnet - ok
08:40:27.0886 4692 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
08:40:27.0948 4692 SSDPSRV - ok
08:40:27.0980 4692 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
08:40:28.0026 4692 SstpSvc - ok
08:40:28.0058 4692 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\drivers\stexstor.sys
08:40:28.0073 4692 stexstor - ok
08:40:28.0120 4692 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
08:40:28.0167 4692 stisvc - ok
08:40:28.0214 4692 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
08:40:28.0245 4692 swenum - ok
08:40:28.0292 4692 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
08:40:28.0354 4692 swprv - ok
08:40:28.0432 4692 SynTP (f5b46df59feaa48a442aed7eeb754d4b) C:\windows\system32\DRIVERS\SynTP.sys
08:40:28.0463 4692 SynTP - ok
08:40:28.0760 4692 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
08:40:28.0947 4692 SysMain - ok
08:40:29.0150 4692 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
08:40:29.0212 4692 TabletInputService - ok
08:40:29.0228 4692 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
08:40:29.0290 4692 TapiSrv - ok
08:40:29.0306 4692 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
08:40:29.0352 4692 TBS - ok
08:40:29.0586 4692 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
08:40:29.0633 4692 Tcpip - ok
08:40:29.0898 4692 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
08:40:29.0945 4692 TCPIP6 - ok
08:40:30.0117 4692 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
08:40:30.0164 4692 tcpipreg - ok
08:40:30.0226 4692 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
08:40:30.0242 4692 tdcmdpst - ok
08:40:30.0273 4692 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
08:40:30.0335 4692 TDPIPE - ok
08:40:30.0351 4692 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
08:40:30.0398 4692 TDTCP - ok
08:40:30.0413 4692 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
08:40:30.0444 4692 tdx - ok
08:40:30.0522 4692 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\DRIVERS\termdd.sys
08:40:30.0538 4692 TermDD - ok
08:40:30.0616 4692 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
08:40:30.0678 4692 TermService - ok
08:40:30.0694 4692 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
08:40:30.0710 4692 Themes - ok
08:40:30.0756 4692 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
08:40:30.0788 4692 THREADORDER - ok
08:40:30.0912 4692 TMachInfo (71c321649b28638ee80a2eeb164c1dc8) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
08:40:30.0928 4692 TMachInfo - ok
08:40:31.0006 4692 TODDSrv (8e2c799d3476eac32c3ba0df7ce6af19) C:\Windows\system32\TODDSrv.exe
08:40:31.0022 4692 TODDSrv - ok
08:40:31.0178 4692 TosCoSrv (1c73689b900428c7d054a41c4687f55c) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
08:40:31.0193 4692 TosCoSrv - ok
08:40:31.0552 4692 TOSHIBA eco Utility Service (63aafcf3ea5dbb17123e0bae9afe4d58) C:\Program Files\TOSHIBA\TECO\TecoService.exe
08:40:31.0583 4692 TOSHIBA eco Utility Service - ok
08:40:31.0677 4692 TOSHIBA HDD SSD Alert Service (29d0886cf250fcef1bf9e65ab8d2c0c8) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
08:40:31.0692 4692 TOSHIBA HDD SSD Alert Service - ok
08:40:31.0802 4692 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\windows\system32\DRIVERS\tos_sps64.sys
08:40:31.0817 4692 tos_sps64 - ok
08:40:31.0942 4692 TPCHSrv (098b8a408c17e125a3d9a8e1166780c8) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
08:40:31.0958 4692 TPCHSrv - ok
08:40:32.0129 4692 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
08:40:32.0192 4692 TrkWks - ok
08:40:32.0254 4692 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
08:40:32.0332 4692 TrustedInstaller - ok
08:40:32.0394 4692 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
08:40:32.0457 4692 tssecsrv - ok
08:40:32.0488 4692 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
08:40:32.0519 4692 TsUsbFlt - ok
08:40:32.0535 4692 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\windows\system32\drivers\TsUsbGD.sys
08:40:32.0566 4692 TsUsbGD - ok
08:40:32.0597 4692 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
08:40:32.0660 4692 tunnel - ok
08:40:32.0722 4692 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
08:40:32.0738 4692 TVALZ - ok
08:40:32.0769 4692 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys
08:40:32.0784 4692 TVALZFL - ok
08:40:32.0831 4692 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\drivers\uagp35.sys
08:40:32.0847 4692 uagp35 - ok
08:40:32.0909 4692 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
08:40:32.0987 4692 udfs - ok
08:40:33.0018 4692 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
08:40:33.0034 4692 UI0Detect - ok
08:40:33.0081 4692 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
08:40:33.0096 4692 uliagpkx - ok
08:40:33.0128 4692 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys
08:40:33.0159 4692 umbus - ok
08:40:33.0206 4692 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\drivers\umpass.sys
08:40:33.0237 4692 UmPass - ok
08:40:33.0440 4692 UNS (7e5e1603d0ff2d240ae70295c5c3fefc) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
08:40:33.0502 4692 UNS - ok
08:40:33.0627 4692 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
08:40:33.0689 4692 upnphost - ok
08:40:33.0767 4692 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
08:40:33.0783 4692 usbccgp - ok
08:40:33.0783 4692 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
08:40:33.0814 4692 usbcir - ok
08:40:33.0830 4692 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
08:40:33.0861 4692 usbehci - ok
08:40:33.0892 4692 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
08:40:33.0923 4692 usbhub - ok
08:40:33.0970 4692 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
08:40:34.0032 4692 usbohci - ok
08:40:34.0064 4692 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
08:40:34.0095 4692 usbprint - ok
08:40:34.0142 4692 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys
08:40:34.0157 4692 usbscan - ok
08:40:34.0173 4692 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
08:40:34.0204 4692 USBSTOR - ok
08:40:34.0251 4692 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
08:40:34.0282 4692 usbuhci - ok
08:40:34.0313 4692 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\system32\Drivers\usbvideo.sys
08:40:34.0329 4692 usbvideo - ok
08:40:34.0344 4692 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
08:40:34.0407 4692 UxSms - ok
08:40:34.0438 4692 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:40:34.0454 4692 VaultSvc - ok
08:40:34.0500 4692 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
08:40:34.0500 4692 vdrvroot - ok
08:40:34.0547 4692 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
08:40:34.0625 4692 vds - ok
08:40:34.0703 4692 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
08:40:34.0734 4692 vga - ok
08:40:34.0750 4692 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
08:40:34.0812 4692 VgaSave - ok
08:40:34.0828 4692 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
08:40:34.0844 4692 vhdmp - ok
08:40:34.0890 4692 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
08:40:34.0906 4692 viaide - ok
08:40:34.0937 4692 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
08:40:34.0953 4692 volmgr - ok
08:40:34.0968 4692 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
08:40:34.0984 4692 volmgrx - ok
08:40:35.0031 4692 volsnap (df8126bd41180351a093a3ad2fc8903b) C:\windows\system32\drivers\volsnap.sys
08:40:35.0046 4692 volsnap - ok
08:40:35.0078 4692 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\drivers\vsmraid.sys
08:40:35.0093 4692 vsmraid - ok
08:40:35.0249 4692 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
08:40:35.0358 4692 VSS - ok
08:40:35.0561 4692 vToolbarUpdater11.1.0 (5fa45791413acce628d5361458f32dde) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
08:40:35.0577 4692 vToolbarUpdater11.1.0 - ok
08:40:35.0733 4692 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
08:40:35.0764 4692 vwifibus - ok
08:40:35.0780 4692 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
08:40:35.0811 4692 vwififlt - ok
08:40:35.0842 4692 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
08:40:35.0889 4692 vwifimp - ok
08:40:35.0951 4692 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
08:40:35.0998 4692 W32Time - ok
08:40:36.0045 4692 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\drivers\wacompen.sys
08:40:36.0076 4692 WacomPen - ok
08:40:36.0107 4692 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
08:40:36.0170 4692 WANARP - ok
08:40:36.0170 4692 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
08:40:36.0201 4692 Wanarpv6 - ok
08:40:36.0450 4692 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
08:40:36.0731 4692 WatAdminSvc - ok
08:40:36.0809 4692 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
08:40:36.0872 4692 wbengine - ok
08:40:37.0074 4692 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
08:40:37.0090 4692 WbioSrvc - ok
08:40:37.0106 4692 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
08:40:37.0152 4692 wcncsvc - ok
08:40:37.0184 4692 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
08:40:37.0230 4692 WcsPlugInService - ok
08:40:37.0262 4692 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\drivers\wd.sys
08:40:37.0262 4692 Wd - ok
08:40:37.0324 4692 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
08:40:37.0355 4692 Wdf01000 - ok
08:40:37.0418 4692 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
08:40:37.0527 4692 WdiServiceHost - ok
08:40:37.0527 4692 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
08:40:37.0542 4692 WdiSystemHost - ok
08:40:37.0589 4692 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
08:40:37.0636 4692 WebClient - ok
08:40:37.0667 4692 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
08:40:37.0730 4692 Wecsvc - ok
08:40:37.0761 4692 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
08:40:37.0792 4692 wercplsupport - ok
08:40:37.0886 4692 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
08:40:37.0917 4692 WerSvc - ok
08:40:37.0979 4692 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
08:40:38.0291 4692 WfpLwf - ok
08:40:38.0369 4692 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
08:40:38.0385 4692 WIMMount - ok
08:40:38.0385 4692 WinHttpAutoProxySvc - ok
08:40:38.0494 4692 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
08:40:38.0541 4692 Winmgmt - ok
08:40:38.0697 4692 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
08:40:38.0775 4692 WinRM - ok
08:40:38.0978 4692 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
08:40:38.0993 4692 WinUsb - ok
08:40:39.0071 4692 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
08:40:39.0102 4692 Wlansvc - ok
08:40:39.0305 4692 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:40:39.0305 4692 wlcrasvc - ok
08:40:39.0524 4692 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:40:39.0555 4692 wlidsvc - ok
08:40:39.0711 4692 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys
08:40:39.0742 4692 WmiAcpi - ok
08:40:39.0804 4692 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
08:40:39.0820 4692 wmiApSrv - ok
08:40:39.0914 4692 WMPNetworkSvc - ok
08:40:39.0945 4692 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
08:40:39.0992 4692 WPCSvc - ok
08:40:39.0992 4692 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
08:40:40.0023 4692 WPDBusEnum - ok
08:40:40.0038 4692 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
08:40:40.0085 4692 ws2ifsl - ok
08:40:40.0085 4692 WSearch - ok
08:40:40.0397 4692 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\windows\system32\wuaueng.dll
08:40:40.0475 4692 wuauserv - ok
08:40:40.0662 4692 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
08:40:40.0709 4692 WudfPf - ok
08:40:40.0740 4692 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
08:40:40.0787 4692 wudfsvc - ok
08:40:40.0803 4692 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
08:40:40.0850 4692 WwanSvc - ok
08:40:40.0896 4692 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
08:40:42.0519 4692 \Device\Harddisk0\DR0 - ok
08:40:42.0534 4692 Boot (0x1200) (8965e93a21cdad1cf5dbdd89c4699861) \Device\Harddisk0\DR0\Partition0
08:40:42.0550 4692 \Device\Harddisk0\DR0\Partition0 - ok
08:40:42.0550 4692 ============================================================
08:40:42.0550 4692 Scan finished
08:40:42.0550 4692 ============================================================
08:40:42.0550 4028 Detected object count: 1
08:40:42.0550 4028 Actual detected object count: 1
08:40:56.0871 4028 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:56.0871 4028 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:43:34.0010 4240 ============================================================
08:43:34.0010 4240 Scan started
08:43:34.0010 4240 Mode: Manual; SigCheck; TDLFS;
08:43:34.0010 4240 ============================================================
08:43:34.0665 4240 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
08:43:34.0712 4240 1394ohci - ok
08:43:34.0790 4240 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
08:43:34.0821 4240 ACPI - ok
08:43:34.0837 4240 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
08:43:34.0852 4240 AcpiPmi - ok
08:43:34.0946 4240 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:43:34.0946 4240 AdobeARMservice - ok
08:43:35.0133 4240 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:43:35.0149 4240 AdobeFlashPlayerUpdateSvc - ok
08:43:35.0195 4240 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\drivers\adp94xx.sys
08:43:35.0211 4240 adp94xx - ok
08:43:35.0273 4240 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\drivers\adpahci.sys
08:43:35.0289 4240 adpahci - ok
08:43:35.0320 4240 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\drivers\adpu320.sys
08:43:35.0336 4240 adpu320 - ok
08:43:35.0398 4240 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
08:43:35.0429 4240 AeLookupSvc - ok
08:43:35.0476 4240 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
08:43:35.0507 4240 AFD - ok
08:43:35.0632 4240 AffinegyService (95b99265e83988cc81970a856ea2159a) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
08:43:35.0648 4240 AffinegyService - ok
08:43:35.0695 4240 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
08:43:35.0695 4240 agp440 - ok
08:43:35.0741 4240 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
08:43:35.0741 4240 ALG - ok
08:43:35.0757 4240 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
08:43:35.0773 4240 aliide - ok
08:43:35.0773 4240 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
08:43:35.0788 4240 amdide - ok
08:43:35.0804 4240 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\drivers\amdk8.sys
08:43:35.0804 4240 AmdK8 - ok
08:43:35.0819 4240 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\drivers\amdppm.sys
08:43:35.0835 4240 AmdPPM - ok
08:43:35.0851 4240 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
08:43:35.0866 4240 amdsata - ok
08:43:35.0913 4240 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\drivers\amdsbs.sys
08:43:35.0929 4240 amdsbs - ok
08:43:35.0944 4240 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
08:43:35.0960 4240 amdxata - ok
08:43:35.0975 4240 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
08:43:36.0007 4240 AppID - ok
08:43:36.0069 4240 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
08:43:36.0131 4240 AppIDSvc - ok
08:43:36.0147 4240 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
08:43:36.0178 4240 Appinfo - ok
08:43:36.0194 4240 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\drivers\arc.sys
08:43:36.0209 4240 arc - ok
08:43:36.0241 4240 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\drivers\arcsas.sys
08:43:36.0256 4240 arcsas - ok
08:43:36.0365 4240 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:43:36.0397 4240 aspnet_state - ok
08:43:36.0428 4240 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
08:43:36.0459 4240 AsyncMac - ok
08:43:36.0490 4240 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
08:43:36.0506 4240 atapi - ok
08:43:36.0553 4240 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
08:43:36.0599 4240 AudioEndpointBuilder - ok
08:43:36.0599 4240 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
08:43:36.0646 4240 AudioSrv - ok
08:43:36.0911 4240 AVGIDSAgent (ba60fd7a64b9759a14c0fba4a9ed4c7b) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
08:43:37.0005 4240 AVGIDSAgent - ok
08:43:37.0145 4240 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\windows\system32\DRIVERS\avgidsdrivera.sys
08:43:37.0161 4240 AVGIDSDriver - ok
08:43:37.0177 4240 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\windows\system32\DRIVERS\avgidsfiltera.sys
08:43:37.0177 4240 AVGIDSFilter - ok
08:43:37.0192 4240 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\windows\system32\DRIVERS\avgidsha.sys
08:43:37.0208 4240 AVGIDSHA - ok
08:43:37.0223 4240 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\windows\system32\DRIVERS\avgldx64.sys
08:43:37.0239 4240 Avgldx64 - ok
08:43:37.0239 4240 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\windows\system32\DRIVERS\avgmfx64.sys
08:43:37.0255 4240 Avgmfx64 - ok
08:43:37.0270 4240 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\windows\system32\DRIVERS\avgrkx64.sys
08:43:37.0270 4240 Avgrkx64 - ok
08:43:37.0286 4240 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\windows\system32\DRIVERS\avgtdia.sys
08:43:37.0301 4240 Avgtdia - ok
08:43:37.0426 4240 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
08:43:37.0442 4240 avgwd - ok
08:43:37.0473 4240 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
08:43:37.0489 4240 AxInstSV - ok
08:43:37.0567 4240 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\drivers\bxvbda.sys
08:43:37.0582 4240 b06bdrv - ok
08:43:37.0613 4240 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
08:43:37.0629 4240 b57nd60a - ok
08:43:37.0660 4240 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
08:43:37.0660 4240 BDESVC - ok
08:43:37.0691 4240 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
08:43:37.0723 4240 Beep - ok
08:43:37.0816 4240 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
08:43:37.0863 4240 BITS - ok
08:43:37.0863 4240 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
08:43:37.0879 4240 blbdrive - ok
08:43:37.0894 4240 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
08:43:37.0910 4240 bowser - ok
08:43:37.0972 4240 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\drivers\BrFiltLo.sys
08:43:37.0972 4240 BrFiltLo - ok
08:43:37.0988 4240 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\drivers\BrFiltUp.sys
08:43:38.0019 4240 BrFiltUp - ok
08:43:38.0050 4240 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
08:43:38.0081 4240 Browser - ok
08:43:38.0113 4240 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
08:43:38.0128 4240 Brserid - ok
08:43:38.0144 4240 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
08:43:38.0159 4240 BrSerWdm - ok
08:43:38.0159 4240 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
08:43:38.0175 4240 BrUsbMdm - ok
08:43:38.0191 4240 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
08:43:38.0206 4240 BrUsbSer - ok
08:43:38.0222 4240 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\drivers\bthmodem.sys
08:43:38.0237 4240 BTHMODEM - ok
08:43:38.0269 4240 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
08:43:38.0300 4240 bthserv - ok
08:43:39.0158 4240 CarboniteService (4d1b31aa1cd11122e9abca04708a1b1c) C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
08:43:39.0251 4240 CarboniteService - ok
08:43:39.0407 4240 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
08:43:39.0439 4240 cdfs - ok
08:43:39.0439 4240 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
08:43:39.0454 4240 cdrom - ok
08:43:39.0485 4240 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
08:43:39.0517 4240 CertPropSvc - ok
08:43:39.0563 4240 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\drivers\circlass.sys
08:43:39.0579 4240 circlass - ok
08:43:39.0626 4240 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
08:43:39.0641 4240 CLFS - ok
08:43:39.0735 4240 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:43:39.0751 4240 clr_optimization_v2.0.50727_32 - ok
08:43:39.0797 4240 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:43:39.0797 4240 clr_optimization_v2.0.50727_64 - ok
08:43:39.0829 4240 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:43:39.0844 4240 clr_optimization_v4.0.30319_32 - ok
08:43:39.0891 4240 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:43:39.0891 4240 clr_optimization_v4.0.30319_64 - ok
08:43:39.0938 4240 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
08:43:39.0953 4240 CmBatt - ok
08:43:39.0969 4240 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
08:43:39.0969 4240 cmdide - ok
08:43:40.0031 4240 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
08:43:40.0047 4240 CNG - ok
08:43:40.0234 4240 CnxtHdAudService (20506f12afad3db588d007ea9325fbbc) C:\windows\system32\drivers\CHDRT64.sys
08:43:40.0265 4240 CnxtHdAudService - ok
08:43:40.0437 4240 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\drivers\compbatt.sys
08:43:40.0437 4240 Compbatt - ok
08:43:40.0468 4240 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\DRIVERS\CompositeBus.sys
08:43:40.0484 4240 CompositeBus - ok
08:43:40.0484 4240 COMSysApp - ok
08:43:40.0499 4240 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\drivers\crcdisk.sys
08:43:40.0499 4240 crcdisk - ok
08:43:40.0546 4240 CryptSvc (4f5414602e2544a4554d95517948b705) C:\windows\system32\cryptsvc.dll
08:43:40.0562 4240 CryptSvc - ok
08:43:40.0593 4240 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
08:43:40.0640 4240 DcomLaunch - ok
08:43:40.0733 4240 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
08:43:40.0765 4240 defragsvc - ok
08:43:40.0796 4240 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
08:43:40.0827 4240 DfsC - ok
08:43:40.0874 4240 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
08:43:40.0921 4240 Dhcp - ok
08:43:40.0983 4240 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
08:43:41.0030 4240 discache - ok
08:43:41.0045 4240 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\drivers\disk.sys
08:43:41.0061 4240 Disk - ok
08:43:41.0077 4240 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
08:43:41.0092 4240 Dnscache - ok
08:43:41.0123 4240 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
08:43:41.0155 4240 dot3svc - ok
08:43:41.0186 4240 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
08:43:41.0217 4240 DPS - ok
08:43:41.0248 4240 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
08:43:41.0264 4240 drmkaud - ok
08:43:41.0357 4240 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
08:43:41.0389 4240 DXGKrnl - ok
08:43:41.0404 4240 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
08:43:41.0451 4240 EapHost - ok
08:43:41.0669 4240 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\drivers\evbda.sys
08:43:41.0716 4240 ebdrv - ok
08:43:41.0841 4240 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
08:43:41.0857 4240 EFS - ok
08:43:41.0950 4240 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
08:43:41.0981 4240 ehRecvr - ok
08:43:41.0997 4240 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
08:43:42.0013 4240 ehSched - ok
08:43:42.0137 4240 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\drivers\elxstor.sys
08:43:42.0153 4240 elxstor - ok
08:43:42.0169 4240 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
08:43:42.0184 4240 ErrDev - ok
08:43:42.0231 4240 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
08:43:42.0278 4240 EventSystem - ok
08:43:42.0340 4240 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
08:43:42.0371 4240 exfat - ok
08:43:42.0418 4240 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
08:43:42.0449 4240 fastfat - ok
08:43:42.0512 4240 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
08:43:42.0527 4240 Fax - ok
08:43:42.0543 4240 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\drivers\fdc.sys
08:43:42.0559 4240 fdc - ok
08:43:42.0574 4240 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
08:43:42.0605 4240 fdPHost - ok
08:43:42.0621 4240 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
08:43:42.0652 4240 FDResPub - ok
08:43:42.0683 4240 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
08:43:42.0683 4240 FileInfo - ok
08:43:42.0699 4240 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
08:43:42.0730 4240 Filetrace - ok
08:43:42.0746 4240 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\drivers\flpydisk.sys
08:43:42.0746 4240 flpydisk - ok
08:43:42.0777 4240 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
08:43:42.0793 4240 FltMgr - ok
08:43:42.0855 4240 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
08:43:42.0871 4240 FontCache - ok
08:43:42.0964 4240 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:43:42.0980 4240 FontCache3.0.0.0 - ok
08:43:43.0042 4240 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
08:43:43.0058 4240 FsDepends - ok
08:43:43.0089 4240 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
08:43:43.0089 4240 Fs_Rec - ok
08:43:43.0105 4240 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
08:43:43.0120 4240 fvevol - ok
08:43:43.0151 4240 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\drivers\gagp30kx.sys
08:43:43.0167 4240 gagp30kx - ok
08:43:43.0276 4240 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
08:43:43.0292 4240 GamesAppService - ok
08:43:43.0401 4240 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
08:43:43.0448 4240 gpsvc - ok
08:43:43.0479 4240 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:43:43.0495 4240 gupdate - ok
08:43:43.0495 4240 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:43:43.0510 4240 gupdatem - ok
08:43:43.0557 4240 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
08:43:43.0557 4240 gusvc - ok
08:43:43.0619 4240 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
08:43:43.0635 4240 hcw85cir - ok
08:43:43.0713 4240 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
08:43:43.0744 4240 HdAudAddService - ok
08:43:43.0760 4240 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\DRIVERS\HDAudBus.sys
08:43:43.0775 4240 HDAudBus - ok
08:43:43.0807 4240 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\drivers\HidBatt.sys
08:43:43.0822 4240 HidBatt - ok
08:43:43.0822 4240 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\drivers\hidbth.sys
08:43:43.0838 4240 HidBth - ok
08:43:43.0853 4240 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\drivers\hidir.sys
08:43:43.0869 4240 HidIr - ok
08:43:43.0916 4240 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
08:43:43.0947 4240 hidserv - ok
08:43:43.0994 4240 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
08:43:44.0009 4240 HidUsb - ok
08:43:44.0041 4240 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
08:43:44.0072 4240 hkmsvc - ok
08:43:44.0103 4240 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
08:43:44.0119 4240 HomeGroupListener - ok
08:43:44.0165 4240 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
08:43:44.0181 4240 HomeGroupProvider - ok
08:43:44.0197 4240 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
08:43:44.0212 4240 HpSAMD - ok
08:43:44.0259 4240 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
08:43:44.0290 4240 HTTP - ok
08:43:44.0306 4240 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
08:43:44.0321 4240 hwpolicy - ok
08:43:44.0321 4240 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
08:43:44.0337 4240 i8042prt - ok
08:43:44.0399 4240 iaStor (2fdaec4b02729c48c0fd1b0b4695995b) C:\windows\system32\DRIVERS\iaStor.sys
08:43:44.0415 4240 iaStor - ok
08:43:44.0462 4240 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
08:43:44.0477 4240 iaStorV - ok
08:43:44.0571 4240 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
08:43:44.0571 4240 IDriverT ( UnsignedFile.Multi.Generic ) - warning
08:43:44.0587 4240 IDriverT - detected UnsignedFile.Multi.Generic (1)
08:43:44.0743 4240 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:43:44.0758 4240 idsvc - ok
08:43:45.0741 4240 igfx (0d1b8c64bdf0e5cdc523a1409ffb5ef0) C:\windows\system32\DRIVERS\igdkmd64.sys
08:43:45.0881 4240 igfx - ok
08:43:46.0069 4240 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\drivers\iirsp.sys
08:43:46.0100 4240 iirsp - ok
08:43:46.0162 4240 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
08:43:46.0209 4240 IKEEXT - ok
08:43:46.0256 4240 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\windows\system32\DRIVERS\IntcDAud.sys
08:43:46.0271 4240 IntcDAud - ok
08:43:46.0303 4240 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
08:43:46.0318 4240 intelide - ok
08:43:46.0334 4240 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
08:43:46.0349 4240 intelppm - ok
08:43:46.0396 4240 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
08:43:46.0459 4240 IPBusEnum - ok
08:43:46.0474 4240 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
08:43:46.0505 4240 IpFilterDriver - ok
08:43:46.0537 4240 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
08:43:46.0552 4240 IPMIDRV - ok
08:43:46.0552 4240 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
08:43:46.0599 4240 IPNAT - ok
08:43:46.0615 4240 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
08:43:46.0630 4240 IRENUM - ok
08:43:46.0630 4240 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
08:43:46.0646 4240 isapnp - ok
08:43:46.0661 4240 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
08:43:46.0677 4240 iScsiPrt - ok
08:43:46.0739 4240 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
08:43:46.0755 4240 kbdclass - ok
08:43:46.0771 4240 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
08:43:46.0786 4240 kbdhid - ok
08:43:46.0802 4240 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:43:46.0817 4240 KeyIso - ok
08:43:46.0833 4240 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
08:43:46.0849 4240 KSecDD - ok
08:43:46.0864 4240 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
08:43:46.0880 4240 KSecPkg - ok
08:43:46.0911 4240 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
08:43:46.0958 4240 ksthunk - ok
08:43:47.0005 4240 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
08:43:47.0051 4240 KtmRm - ok
08:43:47.0098 4240 L1C (ebed8b3ff4a823c1a6eebeed7b29353f) C:\windows\system32\DRIVERS\L1C62x64.sys
08:43:47.0114 4240 L1C - ok
08:43:47.0176 4240 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
08:43:47.0223 4240 LanmanServer - ok
08:43:47.0239 4240 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
08:43:47.0286 4240 LanmanWorkstation - ok
08:43:47.0317 4240 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
08:43:47.0348 4240 lltdio - ok
08:43:47.0379 4240 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
08:43:47.0426 4240 lltdsvc - ok
08:43:47.0442 4240 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
08:43:47.0473 4240 lmhosts - ok
08:43:47.0582 4240 LMS (2ed1786b7542cda261029f6b526edf44) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
08:43:47.0613 4240 LMS - ok
08:43:47.0644 4240 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\drivers\lsi_fc.sys
08:43:47.0660 4240 LSI_FC - ok
08:43:47.0676 4240 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\drivers\lsi_sas.sys
08:43:47.0691 4240 LSI_SAS - ok
08:43:47.0722 4240 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\drivers\lsi_sas2.sys
08:43:47.0722 4240 LSI_SAS2 - ok
08:43:47.0754 4240 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\drivers\lsi_scsi.sys
08:43:47.0769 4240 LSI_SCSI - ok
08:43:47.0816 4240 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
08:43:47.0847 4240 luafv - ok
08:43:47.0878 4240 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
08:43:47.0894 4240 Mcx2Svc - ok
08:43:47.0941 4240 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\drivers\megasas.sys
08:43:47.0941 4240 megasas - ok
08:43:47.0972 4240 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\drivers\MegaSR.sys
08:43:47.0988 4240 MegaSR - ok
08:43:48.0034 4240 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\windows\system32\DRIVERS\HECIx64.sys
08:43:48.0034 4240 MEIx64 - ok
08:43:48.0097 4240 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
08:43:48.0128 4240 MMCSS - ok
08:43:48.0175 4240 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
08:43:48.0222 4240 Modem - ok
08:43:48.0237 4240 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
08:43:48.0253 4240 monitor - ok
08:43:48.0268 4240 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
08:43:48.0284 4240 mouclass - ok
08:43:48.0284 4240 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
08:43:48.0300 4240 mouhid - ok
08:43:48.0300 4240 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
08:43:48.0315 4240 mountmgr - ok
08:43:48.0346 4240 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
08:43:48.0346 4240 mpio - ok
08:43:48.0378 4240 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
08:43:48.0409 4240 mpsdrv - ok
08:43:48.0424 4240 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
08:43:48.0456 4240 MRxDAV - ok
08:43:48.0456 4240 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
08:43:48.0471 4240 mrxsmb - ok
08:43:48.0502 4240 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
08:43:48.0518 4240 mrxsmb10 - ok
08:43:48.0518 4240 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
08:43:48.0534 4240 mrxsmb20 - ok
08:43:48.0534 4240 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\DRIVERS\msahci.sys
08:43:48.0549 4240 msahci - ok
08:43:48.0596 4240 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
08:43:48.0612 4240 msdsm - ok
08:43:48.0658 4240 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
08:43:48.0690 4240 MSDTC - ok
08:43:48.0721 4240 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
08:43:48.0752 4240 Msfs - ok
08:43:48.0783 4240 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
08:43:48.0814 4240 mshidkmdf - ok
08:43:48.0830 4240 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
08:43:48.0846 4240 msisadrv - ok
08:43:48.0924 4240 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
08:43:48.0955 4240 MSiSCSI - ok
08:43:48.0955 4240 msiserver - ok
08:43:49.0002 4240 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
08:43:49.0033 4240 MSKSSRV - ok
08:43:49.0048 4240 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
08:43:49.0080 4240 MSPCLOCK - ok
08:43:49.0095 4240 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
08:43:49.0126 4240 MSPQM - ok
08:43:49.0204 4240 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
08:43:49.0236 4240 MsRPC - ok
08:43:49.0251 4240 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
08:43:49.0251 4240 mssmbios - ok
08:43:49.0298 4240 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
08:43:49.0329 4240 MSTEE - ok
08:43:49.0329 4240 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\drivers\MTConfig.sys
08:43:49.0345 4240 MTConfig - ok
08:43:49.0376 4240 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
08:43:49.0376 4240 Mup - ok
08:43:49.0501 4240 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
08:43:49.0532 4240 napagent - ok
08:43:49.0610 4240 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
08:43:49.0641 4240 NativeWifiP - ok
08:43:49.0735 4240 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
08:43:49.0766 4240 NDIS - ok
08:43:49.0766 4240 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
08:43:49.0813 4240 NdisCap - ok
08:43:49.0813 4240 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
08:43:49.0844 4240 NdisTapi - ok
08:43:49.0875 4240 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
08:43:49.0906 4240 Ndisuio - ok
08:43:49.0938 4240 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
08:43:49.0969 4240 NdisWan - ok
08:43:49.0969 4240 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
08:43:50.0000 4240 NDProxy - ok
08:43:50.0016 4240 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
08:43:50.0047 4240 NetBIOS - ok
08:43:50.0062 4240 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
08:43:50.0109 4240 NetBT - ok
08:43:50.0140 4240 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:43:50.0140 4240 Netlogon - ok
08:43:50.0187 4240 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
08:43:50.0234 4240 Netman - ok
08:43:50.0328 4240 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:43:50.0328 4240 NetMsmqActivator - ok
08:43:50.0328 4240 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:43:50.0343 4240 NetPipeActivator - ok
08:43:50.0421 4240 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
08:43:50.0468 4240 netprofm - ok
08:43:50.0468 4240 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:43:50.0484 4240 NetTcpActivator - ok
08:43:50.0484 4240 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:43:50.0499 4240 NetTcpPortSharing - ok
08:43:50.0593 4240 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\drivers\nfrd960.sys
08:43:50.0608 4240 nfrd960 - ok
08:43:50.0655 4240 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
08:43:50.0702 4240 NlaSvc - ok
08:43:50.0780 4240 Norton PC Checkup Application Launcher - ok
08:43:50.0827 4240 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
08:43:50.0889 4240 Npfs - ok
08:43:50.0905 4240 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
08:43:50.0936 4240 nsi - ok
08:43:50.0967 4240 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
08:43:50.0998 4240 nsiproxy - ok
08:43:51.0139 4240 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
08:43:51.0170 4240 Ntfs - ok
08:43:51.0342 4240 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
08:43:51.0388 4240 Null - ok
08:43:51.0404 4240 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
08:43:51.0420 4240 nvraid - ok
08:43:51.0466 4240 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
08:43:51.0466 4240 nvstor - ok
08:43:51.0498 4240 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
08:43:51.0513 4240 nv_agp - ok
08:43:51.0669 4240 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:43:51.0685 4240 odserv - ok
08:43:51.0716 4240 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
08:43:51.0732 4240 ohci1394 - ok
08:43:51.0794 4240 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:43:51.0810 4240 ose - ok
08:43:51.0856 4240 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
08:43:51.0872 4240 p2pimsvc - ok
08:43:51.0997 4240 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
08:43:52.0028 4240 p2psvc - ok
08:43:52.0075 4240 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\drivers\parport.sys
08:43:52.0090 4240 Parport - ok
08:43:52.0122 4240 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
08:43:52.0137 4240 partmgr - ok
08:43:52.0184 4240 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
08:43:52.0200 4240 PcaSvc - ok
08:43:52.0293 4240 PCCUJobMgr (2f86be1818c2d7ac90478e3323ee7fcb) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
08:43:52.0293 4240 PCCUJobMgr - ok
08:43:52.0387 4240 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
08:43:52.0387 4240 pci - ok
08:43:52.0402 4240 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys
08:43:52.0418 4240 pciide - ok
08:43:52.0496 4240 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\drivers\pcmcia.sys
08:43:52.0512 4240 pcmcia - ok
08:43:52.0527 4240 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
08:43:52.0543 4240 pcw - ok
08:43:52.0621 4240 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
08:43:52.0668 4240 PEAUTH - ok
08:43:52.0777 4240 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
08:43:52.0792 4240 PerfHost - ok
08:43:52.0839 4240 PGEffect (91111cebbde8015e822c46120ed9537c) C:\windows\system32\DRIVERS\pgeffect.sys
08:43:52.0839 4240 PGEffect - ok
08:43:52.0948 4240 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
08:43:52.0995 4240 pla - ok
08:43:53.0026 4240 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
08:43:53.0058 4240 PlugPlay - ok
08:43:53.0073 4240 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
08:43:53.0089 4240 PNRPAutoReg - ok
08:43:53.0104 4240 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
08:43:53.0120 4240 PNRPsvc - ok
08:43:53.0198 4240 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
08:43:53.0229 4240 PolicyAgent - ok
08:43:53.0260 4240 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
08:43:53.0292 4240 Power - ok
08:43:53.0416 4240 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
08:43:53.0463 4240 PptpMiniport - ok
08:43:53.0479 4240 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\drivers\processr.sys
08:43:53.0479 4240 Processor - ok
08:43:53.0572 4240 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\windows\system32\profsvc.dll
08:43:53.0588 4240 ProfSvc - ok
08:43:53.0619 4240 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:43:53.0635 4240 ProtectedStorage - ok
08:43:53.0697 4240 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
08:43:53.0744 4240 Psched - ok
08:43:53.0775 4240 QIOMem (c8fcb4899f8b70cc34e0d9876a80963c) C:\windows\system32\DRIVERS\QIOMem.sys
08:43:53.0791 4240 QIOMem - ok
08:43:53.0916 4240 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\drivers\ql2300.sys
08:43:53.0962 4240 ql2300 - ok
08:43:54.0181 4240 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\drivers\ql40xx.sys
08:43:54.0196 4240 ql40xx - ok
08:43:54.0274 4240 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
08:43:54.0290 4240 QWAVE - ok
08:43:54.0306 4240 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
08:43:54.0321 4240 QWAVEdrv - ok
08:43:54.0368 4240 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
08:43:54.0399 4240 RasAcd - ok
08:43:54.0430 4240 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
08:43:54.0462 4240 RasAgileVpn - ok
08:43:54.0493 4240 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
08:43:54.0540 4240 RasAuto - ok
08:43:54.0555 4240 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
08:43:54.0602 4240 Rasl2tp - ok
08:43:54.0633 4240 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
08:43:54.0680 4240 RasMan - ok
08:43:54.0696 4240 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
08:43:54.0742 4240 RasPppoe - ok
08:43:54.0758 4240 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
08:43:54.0789 4240 RasSstp - ok
08:43:54.0820 4240 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
08:43:54.0867 4240 rdbss - ok
08:43:54.0883 4240 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\drivers\rdpbus.sys
08:43:54.0898 4240 rdpbus - ok
08:43:54.0914 4240 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
08:43:54.0945 4240 RDPCDD - ok
08:43:54.0976 4240 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
08:43:55.0008 4240 RDPENCDD - ok
08:43:55.0039 4240 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
08:43:55.0070 4240 RDPREFMP - ok
08:43:55.0101 4240 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys
08:43:55.0117 4240 RDPWD - ok
08:43:55.0164 4240 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
08:43:55.0179 4240 rdyboost - ok
08:43:55.0210 4240 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
08:43:55.0242 4240 RemoteAccess - ok
08:43:55.0288 4240 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
08:43:55.0335 4240 RemoteRegistry - ok
08:43:55.0351 4240 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
08:43:55.0382 4240 RpcEptMapper - ok
08:43:55.0413 4240 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
08:43:55.0429 4240 RpcLocator - ok
08:43:55.0491 4240 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
08:43:55.0522 4240 RpcSs - ok
08:43:55.0585 4240 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
08:43:55.0647 4240 rspndr - ok
08:43:55.0694 4240 RSUSBSTOR (135a64530d7699ad48f29d73a658dd11) C:\windows\system32\Drivers\RtsUStor.sys
08:43:55.0710 4240 RSUSBSTOR - ok
08:43:55.0725 4240 RSUSBVSTOR (e5dc911d0feb72caff2bbdd6e7c3672f) C:\windows\system32\Drivers\RTSUVSTOR.sys
08:43:55.0741 4240 RSUSBVSTOR - ok
08:43:55.0803 4240 RTL8192Ce (64fdf4fe366ca42da2b7d9d424b6e39b) C:\windows\system32\DRIVERS\rtl8192Ce.sys
08:43:55.0819 4240 RTL8192Ce - ok
08:43:55.0866 4240 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:43:55.0881 4240 SamSs - ok
08:43:55.0928 4240 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
08:43:55.0928 4240 sbp2port - ok
08:43:55.0959 4240 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
08:43:56.0006 4240 SCardSvr - ok
08:43:56.0006 4240 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
08:43:56.0053 4240 scfilter - ok
08:43:56.0115 4240 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
08:43:56.0162 4240 Schedule - ok
08:43:56.0209 4240 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
08:43:56.0240 4240 SCPolicySvc - ok
08:43:56.0302 4240 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
08:43:56.0318 4240 SDRSVC - ok
08:43:56.0365 4240 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
08:43:56.0396 4240 secdrv - ok
08:43:56.0412 4240 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
08:43:56.0443 4240 seclogon - ok
08:43:56.0458 4240 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
08:43:56.0490 4240 SENS - ok
08:43:56.0505 4240 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
08:43:56.0521 4240 SensrSvc - ok
08:43:56.0583 4240 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\drivers\serenum.sys
08:43:56.0583 4240 Serenum - ok
08:43:56.0614 4240 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\drivers\serial.sys
08:43:56.0614 4240 Serial - ok
08:43:56.0630 4240 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\drivers\sermouse.sys
08:43:56.0630 4240 sermouse - ok
08:43:56.0661 4240 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
08:43:56.0692 4240 SessionEnv - ok
08:43:56.0724 4240 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
08:43:56.0724 4240 sffdisk - ok
08:43:56.0802 4240 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
08:43:56.0817 4240 sffp_mmc - ok
08:43:56.0833 4240 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
08:43:56.0848 4240 sffp_sd - ok
08:43:56.0848 4240 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\drivers\sfloppy.sys
08:43:56.0864 4240 sfloppy - ok
08:43:57.0036 4240 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
08:43:57.0067 4240 ShellHWDetection - ok
08:43:57.0145 4240 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\drivers\SiSRaid2.sys
08:43:57.0160 4240 SiSRaid2 - ok
08:43:57.0192 4240 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\drivers\sisraid4.sys
08:43:57.0207 4240 SiSRaid4 - ok
08:43:57.0285 4240 SkypeUpdate (ddaa5f4a6b958fc313ebd02dd925752f) C:\Program Files (x86)\Skype\Updater\Updater.exe
08:43:57.0301 4240 SkypeUpdate - ok
08:43:57.0363 4240 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
08:43:57.0394 4240 Smb - ok
08:43:57.0441 4240 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
08:43:57.0457 4240 SNMPTRAP - ok
08:43:57.0519 4240 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
08:43:57.0535 4240 spldr - ok
08:43:57.0644 4240 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
08:43:57.0675 4240 Spooler - ok
08:43:58.0252 4240 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
08:43:58.0315 4240 sppsvc - ok
08:43:58.0502 4240 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
08:43:58.0549 4240 sppuinotify - ok
08:43:58.0845 4240 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
08:43:58.0861 4240 srv - ok
08:43:58.0876 4240 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
08:43:58.0892 4240 srv2 - ok
08:43:58.0986 4240 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\windows\system32\DRIVERS\VSTAZL6.SYS
08:43:59.0001 4240 SrvHsfHDA - ok
08:43:59.0110 4240 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\windows\system32\DRIVERS\VSTDPV6.SYS
08:43:59.0142 4240 SrvHsfV92 - ok
08:43:59.0532 4240 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\windows\system32\DRIVERS\VSTCNXT6.SYS
08:43:59.0547 4240 SrvHsfWinac - ok
08:43:59.0578 4240 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
08:43:59.0594 4240 srvnet - ok
08:43:59.0625 4240 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
08:43:59.0672 4240 SSDPSRV - ok
08:43:59.0672 4240 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
08:43:59.0719 4240 SstpSvc - ok
08:43:59.0750 4240 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\drivers\stexstor.sys
08:43:59.0766 4240 stexstor - ok
08:43:59.0812 4240 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
08:43:59.0844 4240 stisvc - ok
08:43:59.0890 4240 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
08:43:59.0890 4240 swenum - ok
08:44:00.0140 4240 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
08:44:00.0187 4240 swprv - ok
08:44:00.0312 4240 SynTP (f5b46df59feaa48a442aed7eeb754d4b) C:\windows\system32\DRIVERS\SynTP.sys
08:44:00.0343 4240 SynTP - ok
08:44:00.0546 4240 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
08:44:00.0577 4240 SysMain - ok
08:44:00.0717 4240 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
08:44:00.0748 4240 TabletInputService - ok
08:44:00.0748 4240 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
08:44:00.0795 4240 TapiSrv - ok
08:44:00.0811 4240 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
08:44:00.0858 4240 TBS - ok
08:44:01.0294 4240 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
08:44:01.0341 4240 Tcpip - ok
08:44:01.0528 4240 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
08:44:01.0560 4240 TCPIP6 - ok
08:44:01.0700 4240 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
08:44:01.0747 4240 tcpipreg - ok
08:44:01.0794 4240 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
08:44:01.0809 4240 tdcmdpst - ok
08:44:01.0825 4240 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
08:44:01.0840 4240 TDPIPE - ok
08:44:01.0856 4240 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
08:44:01.0872 4240 TDTCP - ok
08:44:01.0887 4240 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
08:44:01.0918 4240 tdx - ok
08:44:01.0934 4240 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\DRIVERS\termdd.sys
08:44:01.0950 4240 TermDD - ok
08:44:01.0981 4240 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
08:44:02.0028 4240 TermService - ok
08:44:02.0043 4240 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
08:44:02.0059 4240 Themes - ok
08:44:02.0106 4240 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
08:44:02.0152 4240 THREADORDER - ok
08:44:02.0230 4240 TMachInfo (71c321649b28638ee80a2eeb164c1dc8) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
08:44:02.0246 4240 TMachInfo - ok
08:44:02.0277 4240 TODDSrv (8e2c799d3476eac32c3ba0df7ce6af19) C:\Windows\system32\TODDSrv.exe
08:44:02.0277 4240 TODDSrv - ok
08:44:02.0371 4240 TosCoSrv (1c73689b900428c7d054a41c4687f55c) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
08:44:02.0402 4240 TosCoSrv - ok
08:44:02.0449 4240 TOSHIBA eco Utility Service (63aafcf3ea5dbb17123e0bae9afe4d58) C:\Program Files\TOSHIBA\TECO\TecoService.exe
08:44:02.0480 4240 TOSHIBA eco Utility Service - ok
08:44:02.0527 4240 TOSHIBA HDD SSD Alert Service (29d0886cf250fcef1bf9e65ab8d2c0c8) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
08:44:02.0542 4240 TOSHIBA HDD SSD Alert Service - ok
08:44:02.0605 4240 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\windows\system32\DRIVERS\tos_sps64.sys
08:44:02.0620 4240 tos_sps64 - ok
08:44:02.0714 4240 TPCHSrv (098b8a408c17e125a3d9a8e1166780c8) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
08:44:02.0730 4240 TPCHSrv - ok
08:44:02.0823 4240 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
08:44:02.0886 4240 TrkWks - ok
08:44:02.0932 4240 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
08:44:02.0979 4240 TrustedInstaller - ok
08:44:03.0010 4240 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
08:44:03.0057 4240 tssecsrv - ok
08:44:03.0057 4240 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
08:44:03.0073 4240 TsUsbFlt - ok
08:44:03.0088 4240 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\windows\system32\drivers\TsUsbGD.sys
08:44:03.0104 4240 TsUsbGD - ok
08:44:03.0104 4240 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
08:44:03.0135 4240 tunnel - ok
08:44:03.0166 4240 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
08:44:03.0182 4240 TVALZ - ok
08:44:03.0213 4240 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys
08:44:03.0213 4240 TVALZFL - ok
08:44:03.0244 4240 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\drivers\uagp35.sys
08:44:03.0244 4240 uagp35 - ok
08:44:03.0276 4240 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
08:44:03.0307 4240 udfs - ok
08:44:03.0338 4240 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
08:44:03.0354 4240 UI0Detect - ok
08:44:03.0369 4240 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
08:44:03.0385 4240 uliagpkx - ok
08:44:03.0400 4240 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys
08:44:03.0400 4240 umbus - ok
08:44:03.0432 4240 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\drivers\umpass.sys
08:44:03.0432 4240 UmPass - ok
08:44:03.0619 4240 UNS (7e5e1603d0ff2d240ae70295c5c3fefc) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
08:44:03.0681 4240 UNS - ok
08:44:03.0775 4240 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
08:44:03.0837 4240 upnphost - ok
08:44:03.0884 4240 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
08:44:03.0884 4240 usbccgp - ok
08:44:03.0900 4240 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
08:44:03.0915 4240 usbcir - ok
08:44:03.0915 4240 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
08:44:03.0931 4240 usbehci - ok
08:44:03.0946 4240 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
08:44:03.0962 4240 usbhub - ok
08:44:03.0962 4240 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
08:44:03.0978 4240 usbohci - ok
08:44:03.0978 4240 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
08:44:04.0009 4240 usbprint - ok
08:44:04.0024 4240 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys
08:44:04.0040 4240 usbscan - ok
08:44:04.0056 4240 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
08:44:04.0071 4240 USBSTOR - ok
08:44:04.0102 4240 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
08:44:04.0118 4240 usbuhci - ok
08:44:04.0118 4240 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\system32\Drivers\usbvideo.sys
08:44:04.0134 4240 usbvideo - ok
08:44:04.0165 4240 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
08:44:04.0196 4240 UxSms - ok
08:44:04.0227 4240 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:44:04.0243 4240 VaultSvc - ok
08:44:04.0243 4240 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
08:44:04.0258 4240 vdrvroot - ok
08:44:04.0290 4240 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
08:44:04.0321 4240 vds - ok
08:44:04.0352 4240 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
08:44:04.0383 4240 vga - ok
08:44:04.0399 4240 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
08:44:04.0430 4240 VgaSave - ok
08:44:04.0446 4240 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
08:44:04.0461 4240 vhdmp - ok
08:44:04.0461 4240 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
08:44:04.0477 4240 viaide - ok
08:44:04.0492 4240 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
08:44:04.0508 4240 volmgr - ok
08:44:04.0524 4240 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
08:44:04.0539 4240 volmgrx - ok
08:44:04.0539 4240 volsnap (df8126bd41180351a093a3ad2fc8903b) C:\windows\system32\drivers\volsnap.sys
08:44:04.0555 4240 volsnap - ok
08:44:04.0570 4240 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\drivers\vsmraid.sys
08:44:04.0586 4240 vsmraid - ok
08:44:04.0695 4240 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
08:44:04.0742 4240 VSS - ok
08:44:04.0851 4240 vToolbarUpdater11.1.0 (5fa45791413acce628d5361458f32dde) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
08:44:04.0867 4240 vToolbarUpdater11.1.0 - ok
08:44:04.0976 4240 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
08:44:05.0007 4240 vwifibus - ok
08:44:05.0023 4240 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
08:44:05.0038 4240 vwififlt - ok
08:44:05.0038 4240 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
08:44:05.0070 4240 vwifimp - ok
08:44:05.0101 4240 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
08:44:05.0132 4240 W32Time - ok
08:44:05.0163 4240 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\drivers\wacompen.sys
08:44:05.0163 4240 WacomPen - ok
08:44:05.0179 4240 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
08:44:05.0210 4240 WANARP - ok
08:44:05.0210 4240 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
08:44:05.0241 4240 Wanarpv6 - ok
08:44:05.0319 4240 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
08:44:05.0350 4240 WatAdminSvc - ok
08:44:05.0428 4240 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
08:44:05.0460 4240 wbengine - ok
08:44:05.0553 4240 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
08:44:05.0600 4240 WbioSrvc - ok
08:44:05.0631 4240 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
08:44:05.0647 4240 wcncsvc - ok
08:44:05.0662 4240 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
08:44:05.0678 4240 WcsPlugInService - ok
08:44:05.0709 4240 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\drivers\wd.sys
08:44:05.0709 4240 Wd - ok
08:44:05.0740 4240 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
08:44:05.0756 4240 Wdf01000 - ok
08:44:05.0772 4240 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
08:44:05.0787 4240 WdiServiceHost - ok
08:44:05.0787 4240 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
08:44:05.0803 4240 WdiSystemHost - ok
08:44:05.0818 4240 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
08:44:05.0850 4240 WebClient - ok
08:44:05.0881 4240 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
08:44:05.0912 4240 Wecsvc - ok
08:44:05.0928 4240 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
08:44:05.0959 4240 wercplsupport - ok
08:44:05.0974 4240 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
08:44:06.0006 4240 WerSvc - ok
08:44:06.0037 4240 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
08:44:06.0084 4240 WfpLwf - ok
08:44:06.0099 4240 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
08:44:06.0115 4240 WIMMount - ok
08:44:06.0115 4240 WinHttpAutoProxySvc - ok
08:44:06.0177 4240 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
08:44:06.0240 4240 Winmgmt - ok
08:44:06.0333 4240 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
08:44:06.0396 4240 WinRM - ok
08:44:06.0505 4240 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
08:44:06.0536 4240 WinUsb - ok
08:44:06.0598 4240 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
08:44:06.0630 4240 Wlansvc - ok
08:44:06.0723 4240 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:44:06.0739 4240 wlcrasvc - ok
08:44:06.0895 4240 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:44:06.0942 4240 wlidsvc - ok
08:44:07.0035 4240 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys
08:44:07.0066 4240 WmiAcpi - ok
08:44:07.0113 4240 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
08:44:07.0144 4240 wmiApSrv - ok
08:44:07.0207 4240 WMPNetworkSvc - ok
08:44:07.0222 4240 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
08:44:07.0254 4240 WPCSvc - ok
08:44:07.0285 4240 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
08:44:07.0300 4240 WPDBusEnum - ok
08:44:07.0332 4240 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
08:44:07.0363 4240 ws2ifsl - ok
08:44:07.0363 4240 WSearch - ok
08:44:07.0472 4240 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\windows\system32\wuaueng.dll
08:44:07.0534 4240 wuauserv - ok
08:44:07.0659 4240 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
08:44:07.0722 4240 WudfPf - ok
08:44:07.0753 4240 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
08:44:07.0784 4240 wudfsvc - ok
08:44:07.0800 4240 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
08:44:07.0815 4240 WwanSvc - ok
08:44:07.0846 4240 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
08:44:08.0798 4240 \Device\Harddisk0\DR0 - ok
08:44:08.0829 4240 Boot (0x1200) (8965e93a21cdad1cf5dbdd89c4699861) \Device\Harddisk0\DR0\Partition0
08:44:08.0829 4240 \Device\Harddisk0\DR0\Partition0 - ok
08:44:08.0829 4240 ============================================================
08:44:08.0829 4240 Scan finished
08:44:08.0829 4240 ============================================================
08:44:08.0845 3080 Detected object count: 1
08:44:08.0845 3080 Actual detected object count: 1
08:44:56.0262 3080 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
08:44:56.0263 3080 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:45:46.0196 2804 Deinitialize success

Thank you so much in advance. -Nicole.
Mark1956's Avatar
Malware Removal Specialist with 12,487 posts.
 
Join Date: May 2011
Location: Spain
Experience: Advanced
01-Jul-2012, 12:55 PM #6
Ok, TDSSKiller has come up clean but Malwarebytes has found the same infection you reported. We now need to go a little deeper.

Please tell me in your next reply if you have a flash drive/USB memory stick, we may need it.

STEP 1

NOTE: If you have already used Combofix please delete the icon from your desktop.
  • Please download DeFogger and save it to your desktop.
  • Once downloaded, double-click on the DeFogger icon to start the tool.
  • The application window will appear.
  • You should now click on the Disable button to disable your CD Emulation drivers.
  • When it prompts you whether or not you want to continue, please click on the Yes button to continue.
  • When the program has completed you will see a Finished! message. Click on the OK button to exit the program.
  • If CD Emulation programs are present and have been disabled, DeFogger will now ask you to reboot the machine. Please allow it to do so by clicking on the OK button.
STEP 2

Please download ComboFix from one of the locations below and save it to your Desktop. <-Important!!!Be sure to print out and follow these instructions: A guide and tutorial on using ComboFix

Vista/Windows 7 users can skip the Recovery Console instructions and use the Windows DVD to boot into the Vista Recovery Environment or Windows 7 System Recovery Options if something goes awry. If you do not have a Windows 7 DVD then please create a Windows 7 Repair Disc. XP users need to install the Recovery Console first.
  • Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". Click this link to see a list of such programs and how to disable them.
  • If ComboFix detects an older version of itself, you will be asked to update the program.
  • ComboFix will begin by showing a Disclaimer. Read it and click I Agree if you want to continue.
  • Follow the prompts and click on Yes to continue scanning for malware.
  • If using Windows 7 or Vista and you receive a UAC prompt asking if you want to continue running the program, you should press the Continue button.
  • When finished, please copy and paste the contents of C:\ComboFix.txt (which will open after reboot) in your next reply.
  • Be sure to re-enable your anti-virus and other security programs.
-- Do not touch your mouse/keyboard until the ComboFix scan has completed, as this may cause the process to stall or the computer to lock.
-- ComboFix will temporarily disable your desktop, and if interrupted may leave it disabled. If this occurs, please reboot to restore it.
-- ComboFix disables autorun of all CD, floppy and USB devices to assist with malware removal and increase security.
If you no longer have access to your Internet connection after running ComboFix, please reboot to restore it. If that does not restore the connection, then follow the instructions for Manually restoring the Internet connection provided in the "How to Guide" you printed out earlier.
Quote:
Do NOT use ComboFix unless you have been instructed to do so by a Malware Removal Expert. It is a powerful tool intended by its creator to be used under the guidance and supervision of an expert, NOT for general public or personal use. Using this tool incorrectly could lead to serious problems with your operating system such as preventing it from ever starting again. This site, sUBs and myself will not be responsible for any damage caused to your machine by misusing or running ComboFix on your own. Please read ComboFix's Disclaimer.
nicoles217's Avatar
nicoles217 nicoles217 is offline
Computer Specs
Member with 32 posts.
THREAD STARTER
 
Join Date: Jun 2012
Experience: Beginner
01-Jul-2012, 03:12 PM #7
I printed the combo fix instructions and disabled the real time protection, my windows firewall was already disabled, which I could not turn on the windows firewall (or anything related to it). As well as windows defender was not on. I do not know if this has something to do with the infection, or Avg possibly disables it?? or norton??

Anyways, I do not have a flash drive or usb at the moment, but I could get one if needed. Also, I have 5 discs that I created the day that I first turned on the computer, which I labeled toshiba recovery discs. Are these the discs needed in regards to the info in your posting about the recovery disc information?, because the computer did not come with a windows 7 disc, I guess because it is pre-installed...

I will now continue with the the steps in your posting, I just wanted to let you know about this information.
-Nicole

One more thing... If I am not using Norton, will I not have to disable script blocking?
nicoles217's Avatar
nicoles217 nicoles217 is offline
Computer Specs
Member with 32 posts.
THREAD STARTER
 
Join Date: Jun 2012
Experience: Beginner
01-Jul-2012, 04:43 PM #8
I downloaded combofix, which I then chose I agree at the disclaimer, when combofix gets to the point where it is preparing to run, (the box pops up stating preparing to run) but after that it just closes. It does not proceed to the next steps of creating a restore point or backing up the windows registry. It does not proceed to autoscan for infections. Is there a reason for this?
nicoles217's Avatar
nicoles217 nicoles217 is offline
Computer Specs
Member with 32 posts.
THREAD STARTER
 
Join Date: Jun 2012
Experience: Beginner
01-Jul-2012, 09:35 PM #9
I do not think the defogger disabled my cd emulation drivers... I don't know if that is the problem with combofix, but the defogger had a box pop up that said Finished, but it never had me restart my computer, and I can still use the cd drive.
Mark1956's Avatar
Malware Removal Specialist with 12,487 posts.
 
Join Date: May 2011
Location: Spain
Experience: Advanced
02-Jul-2012, 03:27 AM #10
Ok, we need to change direction a little. Please follow the instructions below and post the log.

Please download SystemLook for your operating system from one of the links below and save it to your Desktop.
  • Double-click SystemLook.exe to run it.
  • Vista/Windows 7 users right-click and select Run As Administrator.
  • Copy and paste everything in the codebox below into the main textfield:
    Code:
    :filefind
    services.exe
  • Click the Look button to start the scan.
  • When finished, a Notepad window will open SystemLook.txt with the results of the search and save a copy on your Desktop.
  • Please copy and paste the contents of that log in your next reply.
nicoles217's Avatar
nicoles217 nicoles217 is offline
Computer Specs
Member with 32 posts.
THREAD STARTER
 
Join Date: Jun 2012
Experience: Beginner
02-Jul-2012, 04:03 AM #11
Results of the scan:

SystemLook 30.07.11 by jpshortstuff
Log created at 01:01 on 02/07/2012 by Nicole
Administrator - Elevation successful
========== filefind ==========
Searching for "services.exe"
C:\Windows\System32\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 014A9CB92514E27C0107614DF764BC06
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\ser vices.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB
-= EOF =-
Mark1956's Avatar
Malware Removal Specialist with 12,487 posts.
 
Join Date: May 2011
Location: Spain
Experience: Advanced
02-Jul-2012, 05:41 AM #12
As suspected the services.exe file is infected so we need to run the following to replace it with a good copy, once done try and run Combofix again and post the log.

Download BlitzBlank and save it to your desktop.
Double click on Blitzblank.exe
Click OK at the warning.
Click the Script tab and copy/paste the following text there:
Code:
CopyFile:
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe C:
\Windows\System32\services.exe
Click Execute Now. Your computer will need to reboot in order to replace the file.
When done, post the report created by Blitzblank.
You can find it in the root of the drive, normally C:\
nicoles217's Avatar
nicoles217 nicoles217 is offline
Computer Specs
Member with 32 posts.
THREAD STARTER
 
Join Date: Jun 2012
Experience: Beginner
02-Jul-2012, 12:56 PM #13
When I click execute now I receive the following error:

Syntax error in line 3; Invalid file path.
Mark1956's Avatar
Malware Removal Specialist with 12,487 posts.
 
Join Date: May 2011
Location: Spain
Experience: Advanced
02-Jul-2012, 01:32 PM #14
That's odd, please check you are copying the entire contents of the code box from above.

Try this, it might have been due to the formatting. If this fails we can use another tool for the same job.

Code:
CopyFile:
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe C:\Windows\System32\services.exe
nicoles217's Avatar
nicoles217 nicoles217 is offline
Computer Specs
Member with 32 posts.
THREAD STARTER
 
Join Date: Jun 2012
Experience: Beginner
02-Jul-2012, 02:12 PM #15
log from c drive :


BlitzBlank 1.0.0.32
File/Registry Modification Engine native application
CopyFileOnReboot: sourceFile = "\??\c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\ser vices.exe", destinationFile = "\??\c:\windows\system32\services.exe"
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


Tags
c.mmi, generic, trojan horse dropper

(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑