Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

Need help removing a Trojan

 
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Spyware Warrior Forum Index -> Archived Spyware Removal Help Topics
View previous topic :: View next topic  
Author Message
nealod
Warrior


Joined: 24 Sep 2010
Last Visit: 02 Oct 2013
Posts: 52

PostPosted: Tue Apr 10, 2012 6:21 am    Post subject: Need help removing a Trojan Reply with quote

Two trojans were detected using microsoft security essentials

TrojanDownloader:Win32/troxen.rts
TrojanDownloader:Win32/Nistio.A

Both can't be removed and I get the error code 0x800700df

Thanks for any help, Neal.

DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Absolute at 9:58:35 on 2012-04-10
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3837.2147 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\atieclxx.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\IDrive\IDriveE Service.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
C:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe
C:\windows\system32\ThpSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
C:\IDrive\IDrivePlugin.exe
C:\windows\system32\conhost.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\LSI SoftModem\agr64svc.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\TOSHIBA\rselect\RSelSvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\windows\system32\conhost.exe
C:\Program Files\ltmoh\ltmoh.exe
C:\Windows\System32\ThpSrv.exe
C:\Program Files\TOSHIBA\TECO\TEco.exe
C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files (x86)\Brownie\BrStsW64.exe
C:\Program Files (x86)\AT&T\AT&T Communication Manager\attcm_AppStart.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\Intuit\QuickBooks 2012\QBW32.EXE
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe
C:\IDrive\IDriveETray.exe
C:\IDrive\IDriveEBackground.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\SysWOW64\cscript.exe
C:\windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
uSearch Bar = hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60347
mDefault_Page_URL = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = hxxp://www.crawler.com/search/ie.aspx?tb_id=60347
mCustomizeSearch = hxxp://dnl.crawler.com/support/sa_customize.aspx?TbId=60347
uURLSearchHooks: H - No File
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
uRun: [Google Update] "C:\Users\Absolute\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [TUSBSleepChargeSrv] "%ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun: [BrStsWnd] "C:\Program Files (x86)\Brownie\BrstsW64.exe" Autorun
mRun: [attcm_AppStart.exe] "C:\Program Files (x86)\AT&T\AT&T Communication Manager\attcm_AppStart.exe"
mRun: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
StartupFolder: C:\Users\Absolute\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\IDRIVE~1.LNK - C:\IDrive\IDriveEReg2ini.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INTUIT~1.LNK - C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files\Logitech\SetPoint\SetPoint.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~2.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBW32.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDDMST~1.LNK - C:\Program Files (x86)\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{47BA7EA8-DC0F-4CB4-886A-D8B8DF2B4734} : NameServer = 209.183.35.23 209.183.33.23
TCP: Interfaces\{64E59808-6755-4E52-B952-4EA5791182EB} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{64E59808-6755-4E52-B952-4EA5791182EB}\2516A61686 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{64E59808-6755-4E52-B952-4EA5791182EB}\3435C4F5E4564777F627B6 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{64E59808-6755-4E52-B952-4EA5791182EB}\458656022516A616 : DhcpNameServer = 68.87.68.166 68.87.74.166
TCP: Interfaces\{64E59808-6755-4E52-B952-4EA5791182EB}\74142454245434B4D20534F5E4564777F627B6 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{64E59808-6755-4E52-B952-4EA5791182EB}\C696E6B6379737 : DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{A8196699-009A-4664-BCDC-DA73B457BBFF} : DhcpNameServer = 192.168.1.254
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files (x86)\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\System32\mscoree.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
mRun-x64: [TUSBSleepChargeSrv] "%ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe"
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun-x64: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun-x64: [BrStsWnd] "C:\Program Files (x86)\Brownie\BrstsW64.exe" Autorun
mRun-x64: [attcm_AppStart.exe] "C:\Program Files (x86)\AT&T\AT&T Communication Manager\attcm_AppStart.exe"
mRun-x64: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Absolute\AppData\Roaming\Mozilla\Firefox\Profiles\lq95puu5.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&tbid=60347&qkw=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Absolute\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Users\Absolute\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
FF - plugin: C:\Users\Absolute\AppData\Roaming\Mozilla\Firefox\Profiles\lq95puu5.default\extensions\DeviceDetection@logitech.com\plugins\npLogitechDeviceDetection.dll
FF - plugin: C:\Users\Absolute\AppData\Roaming\Mozilla\Firefox\Profiles\lq95puu5.default\extensions\LogMeInClient@logmein.com\plugins\npLMI64.dll
FF - plugin: C:\Users\Absolute\AppData\Roaming\Mozilla\Firefox\Profiles\lq95puu5.default\extensions\LogMeInClient@logmein.com\plugins\npRACtrl.dll
FF - plugin: C:\Users\Absolute\AppData\Roaming\Mozilla\Firefox\Profiles\lq95puu5.default\extensions\support@graphon.com\plugins\npg4.dll
FF - plugin: C:\Users\Absolute\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Absolute\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\windows\system32\DRIVERS\thpdrv.sys --> C:\windows\system32\DRIVERS\thpdrv.sys [?]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\windows\system32\DRIVERS\Thpevm.SYS --> C:\windows\system32\DRIVERS\Thpevm.SYS [?]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\system32\DRIVERS\tos_sps64.sys --> C:\windows\system32\DRIVERS\tos_sps64.sys [?]
R1 MpFilter;Microsoft Malware Protection Driver;C:\windows\system32\DRIVERS\MpFilter.sys --> C:\windows\system32\DRIVERS\MpFilter.sys [?]
R1 PMCF;PMCF;\??\C:\windows\system32\drivers\PMCF.sys --> C:\windows\system32\drivers\PMCF.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\system32\atiesrxx.exe --> C:\windows\system32\atiesrxx.exe [?]
R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-8-10 248688]
R2 ConfigFree Gadget Service;ConfigFree Gadget Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-7-14 42368]
R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-3-10 46448]
R2 IDriveE Service;IDriveE Service;C:\IDrive\IDriveE Service.exe [2012-1-7 157128]
R2 QBVSS;QBIDPService;C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [2011-8-19 1248256]
R2 rimspci;rimspci;C:\windows\system32\DRIVERS\rimspe64.sys --> C:\windows\system32\DRIVERS\rimspe64.sys [?]
R2 risdpcie;risdpcie;C:\windows\system32\DRIVERS\risdpe64.sys --> C:\windows\system32\DRIVERS\risdpe64.sys [?]
R2 rixdpcie;rixdpcie;C:\windows\system32\DRIVERS\rixdpe64.sys --> C:\windows\system32\DRIVERS\rixdpe64.sys [?]
R2 RSELSVC;TOSHIBA Modem region select service;C:\Program Files\TOSHIBA\rselect\RSelSvc.exe [2009-7-7 65904]
R2 SwiCardDetectSvc;Sierra Wireless Card Detection Service;C:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe [2011-5-20 317296]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-8-27 251760]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\system32\DRIVERS\TVALZFL.sys --> C:\windows\system32\DRIVERS\TVALZFL.sys [?]
R2 WDDMService;WDDMService;C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2011-3-9 288768]
R2 WDFME;WD File Management Engine;C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe [2011-3-9 1066896]
R2 WDSC;WD File Management Shadow Engine;C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe [2011-3-9 491920]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\windows\system32\DRIVERS\MpNWMon.sys --> C:\windows\system32\DRIVERS\MpNWMon.sys [?]
R3 NisDrv;Microsoft Network Inspection System;C:\windows\system32\DRIVERS\NisDrvWFP.sys --> C:\windows\system32\DRIVERS\NisDrvWFP.sys [?]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys --> C:\windows\system32\DRIVERS\pgeffect.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\windows\system32\DRIVERS\rtl8192se.sys --> C:\windows\system32\DRIVERS\rtl8192se.sys [?]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-12-14 54136]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-9-17 137560]
R3 WSDPrintDevice;WSD Print Support via UMB;C:\windows\system32\DRIVERS\WSDPrint.sys --> C:\windows\system32\DRIVERS\WSDPrint.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-29 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-3-31 253600]
S3 fssfltr;fssfltr;C:\windows\system32\DRIVERS\fssfltr.sys --> C:\windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-29 135664]
S3 swg3kser00;Sierra Wireless QMI USB Device for Legacy Serial Communication;C:\windows\system32\DRIVERS\swg3kser00.sys --> C:\windows\system32\DRIVERS\swg3kser00.sys [?]
S3 swiwdmbx;Sierra Wireless USB Bus Service;C:\windows\system32\DRIVERS\swiwdmbx64.sys --> C:\windows\system32\DRIVERS\swiwdmbx64.sys [?]
S3 SWNC8UA3;Sierra Wireless MUX NDIS Driver (UMTSA3);C:\windows\system32\DRIVERS\swnc8ua3.sys --> C:\windows\system32\DRIVERS\swnc8ua3.sys [?]
S3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-8-4 826224]
S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\system32\Drivers\usbaapl64.sys --> C:\windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\windows\system32\DRIVERS\wdcsam64.sys --> C:\windows\system32\DRIVERS\wdcsam64.sys [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-04-10 13:33:16 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{30EFAEB7-EE75-4B1D-B0B1-E2C8094DCE68}\offreg.dll
2012-04-09 15:27:03 8669240 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{30EFAEB7-EE75-4B1D-B0B1-E2C8094DCE68}\mpengine.dll
2012-04-09 03:02:54 -------- d-----w- C:\ProgramData\Nuance
2012-04-09 03:02:33 -------- d-----w- C:\ProgramData\SQL Anywhere 11
2012-04-09 02:06:55 -------- d-----w- C:\windows\Intuit
2012-04-04 18:40:43 8669240 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-04-04 13:36:17 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8EB2878A-1CBC-40B5-A173-758BE5782CA5}\gapaengine.dll
2012-04-04 13:32:49 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2012-04-04 13:32:08 -------- d-----w- C:\Program Files\Microsoft Security Client
2012-04-03 12:46:43 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AFC948B6-EC6A-42EF-9D1F-F16371ECA31A}\mpengine.dll
2012-03-31 13:55:44 418464 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2012-03-24 00:22:44 -------- d-----w- C:\dsi
2012-03-19 21:02:10 592824 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
2012-03-19 21:02:10 44472 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
2012-03-14 16:17:19 5559152 ----a-w- C:\windows\System32\ntoskrnl.exe
2012-03-14 16:17:18 3968368 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2012-03-14 16:17:18 3913584 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2012-03-14 16:09:28 3145728 ----a-w- C:\windows\System32\win32k.sys
2012-03-14 16:09:24 1544192 ----a-w- C:\windows\System32\DWrite.dll
2012-03-14 16:09:24 1077248 ----a-w- C:\windows\SysWow64\DWrite.dll
2012-03-14 16:09:19 9216 ----a-w- C:\windows\System32\rdrmemptylst.exe
2012-03-14 16:09:19 77312 ----a-w- C:\windows\System32\rdpwsx.dll
2012-03-14 16:09:19 149504 ----a-w- C:\windows\System32\rdpcorekmts.dll
2012-03-14 16:08:26 826880 ----a-w- C:\windows\SysWow64\rdpcore.dll
2012-03-14 16:08:26 23552 ----a-w- C:\windows\System32\drivers\tdtcp.sys
2012-03-14 16:08:26 210944 ----a-w- C:\windows\System32\drivers\rdpwd.sys
2012-03-14 16:08:26 1031680 ----a-w- C:\windows\System32\rdpcore.dll
.
==================== Find3M ====================
.
2012-03-31 13:55:44 70304 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-31 12:44:20 279656 ------w- C:\windows\System32\MpSigStub.exe
.
============= FINISH: 9:59:16.93 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 1/29/2010 9:12:09 PM
System Uptime: 4/10/2012 9:28:35 AM (0 hours ago)
.
Motherboard: TOSHIBA | | To be filled by O.E.M.
Processor: AMD Turion(tm) II Dual-Core Mobile M520 | CPU 1 | 2300/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 455 GiB total, 379.638 GiB free.
D: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP321: 3/14/2012 12:10:54 PM - Windows Update
RP322: 3/23/2012 8:13:20 PM - Removed AVG 2012
RP323: 3/23/2012 8:18:06 PM - Removed AVG 2012
RP324: 3/24/2012 2:29:27 PM - Windows Update
RP325: 3/31/2012 10:00:15 AM - Windows Update
RP326: 4/4/2012 9:31:13 AM - Windows Update
RP327: 4/8/2012 10:16:53 PM - Windows Update
RP328: 4/8/2012 10:22:02 PM - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
7-Zip 4.65
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Media Player
Adobe Photoshop 7.0
Adobe Reader X (10.1.2)
Amazon Kindle For PC
Apple Application Support
Apple Software Update
ArcSoft Panorama Maker 4
AT&T Communication Manager
Avery Wizard 3.1
Bejeweled 2 Deluxe
Blackhawk Striker 2
Brother HL-2170W
Business Plan Pro 15th Anniversary Edition
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Compatibility Pack for the 2007 Office system
D3DX10
Direct DiscRecorder
dsi
DVD MovieFactory for TOSHIBA
erLT
Essilor Phi Tracer
Facebook Plug-In
Faerie Solitaire
FATE Undiscovered Realms
File Uploader
Free RAR Extract Frog
Google Talk Plugin
Google Toolbar for Internet Explorer
Google Update Helper
GoToMeeting 4.5.0.457
IDrive version 3.4.1 January 03, 2012
Java(TM) 6 Update 14
Junk Mail filter update
Logitech SetPoint
Malwarebytes Anti-Malware version 1.60.1.1000
Mesh Runtime
Messenger Companion
Microsoft Expression Web
Microsoft Expression Web MUI (English)
Microsoft Expression Web Service Pack 1 (SP1)
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft Works
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Monopoly
Mozilla Firefox 11.0 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 and SOAP Toolkit 3.0
MSXML 4.0 SP2 Parser and SDK
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB973685)
Mystery P.I. - The Vegas Heist
Nikon Transfer
Picture Control Utility
Polar Bowler
QuickBooks
Quickbooks Financial Center
QuickBooks Pro 2012
QuickTime
Realtek 8136 8168 8169 Ethernet Driver
Realtek High Definition Audio Driver
Realtek WLAN Driver
RICOH R5U230 Media Driver ver.2.06.03.02
Scrabble Plus
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Skype Launcher
SupportSoft Assisted Service
TOSHIBA Application Installer
TOSHIBA Assist
TOSHIBA Bulletin Board
TOSHIBA ConfigFree
TOSHIBA DVD PLAYER
TOSHIBA eco Utility
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Face Recognition
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
TOSHIBA Internal Modem Region Select Utility
TOSHIBA Media Controller
Toshiba Online Backup
TOSHIBA Quality Application
TOSHIBA ReelTime
TOSHIBA Service Station
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password
TOSHIBA USB Sleep and Charge Utility
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
ToshibaRegistration
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2597970) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
ViewNX
Virtual Families
Virtual Villagers - The Secret City
Visual Studio 2005 Tools for Office Second Edition Runtime
Visual Studio 2008 x64 Redistributables
VLC media player 1.0.3
WildTangent Games
WildTangent ORB Game Console
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Yahoo! Messenger
Yahoo! Search Protection
Yahoo! Software Update
.
==== Event Viewer Messages From Past Week ========
.
4/9/2012 8:52:59 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the WD File Management Shadow Engine service to connect.
4/9/2012 8:52:59 AM, Error: Service Control Manager [7000] - The WD File Management Shadow Engine service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/9/2012 4:58:48 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794 Name: HackTool:Win32/Keygen ID: 2147593794 Severity: Medium Category: Tool Path: containerfile:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar;file:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar->Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE\keygen.exe->(UPX) Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: Absolute-LT\Absolute Process Name: Unknown Action: Remove Action Status: No additional actions required Error Code: 0x800700df Error description: The file size exceeds the limit allowed and cannot be saved. Signature Version: AV: 1.123.1375.0, AS: 1.123.1375.0, NIS: 11.0.0.0 Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/9/2012 4:49:41 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDownloader:Win32/Nistio.A&threatid=2147647734 Name: TrojanDownloader:Win32/Nistio.A ID: 2147647734 Severity: Severe Category: Trojan Downloader Path: containerfile:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar;file:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar->Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE\Adobe Illustrator CS5\payloads\AdobeAIR1.5.3-mul\AdobeAIRInstaller.exe->(nsis-5-$(ENVVAR)\pnsetup.exe) Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: Absolute-LT\Absolute Process Name: Unknown Action: Remove Action Status: No additional actions required Error Code: 0x800700df Error description: The file size exceeds the limit allowed and cannot be saved. Signature Version: AV: 1.123.1375.0, AS: 1.123.1375.0, NIS: 11.0.0.0 Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/9/2012 4:49:41 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDownloader:Win32/Nistio.A&threatid=2147647734 Name: TrojanDownloader:Win32/Nistio.A ID: 2147647734 Severity: Severe Category: Trojan Downloader Path: containerfile:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar;file:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar->Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE\Adobe Illustrator CS5\payloads\AdobeAIR1.5.3-mul\AdobeAIRInstaller.exe->(nsis-5-$(ENVVAR)\pnsetup.exe) Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: Absolute-LT\Absolute Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800700df Error description: The file size exceeds the limit allowed and cannot be saved. Signature Version: AV: 1.123.1375.0, AS: 1.123.1375.0, NIS: 11.0.0.0 Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/9/2012 4:45:36 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDownloader:Win32/Troxen!rts&threatid=2147625309 Name: TrojanDownloader:Win32/Troxen!rts ID: 2147625309 Severity: High Category: Trojan Downloader Path: containerfile:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar;file:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar->Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE\Adobe Illustrator CS5\payloads\AdobeHelp\AIRInstallerRunner.exe Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: Absolute-LT\Absolute Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800700df Error description: The file size exceeds the limit allowed and cannot be saved. Signature Version: AV: 1.123.1375.0, AS: 1.123.1375.0, NIS: 11.0.0.0 Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/9/2012 4:35:48 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794 Name: HackTool:Win32/Keygen ID: 2147593794 Severity: Medium Category: Tool Path: containerfile:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar;file:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar->Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE\keygen.exe->(UPX) Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: Absolute-LT\Absolute Process Name: Unknown Action: Remove Action Status: No additional actions required Error Code: 0x800700df Error description: The file size exceeds the limit allowed and cannot be saved. Signature Version: AV: 1.123.1375.0, AS: 1.123.1375.0, NIS: 11.0.0.0 Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/9/2012 4:35:48 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794 Name: HackTool:Win32/Keygen ID: 2147593794 Severity: Medium Category: Tool Path: containerfile:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar;file:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar->Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE\keygen.exe->(UPX) Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: Absolute-LT\Absolute Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800700df Error description: The file size exceeds the limit allowed and cannot be saved. Signature Version: AV: 1.123.1375.0, AS: 1.123.1375.0, NIS: 11.0.0.0 Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/9/2012 4:28:27 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDownloader:Win32/Nistio.A&threatid=2147647734 Name: TrojanDownloader:Win32/Nistio.A ID: 2147647734 Severity: Severe Category: Trojan Downloader Path: containerfile:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar;file:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar->Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE\Adobe Illustrator CS5\payloads\AdobeAIR1.5.3-mul\AdobeAIRInstaller.exe->(nsis-5-$(ENVVAR)\pnsetup.exe) Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: Absolute-LT\Absolute Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800700df Error description: The file size exceeds the limit allowed and cannot be saved. Signature Version: AV: 1.123.1375.0, AS: 1.123.1375.0, NIS: 11.0.0.0 Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/9/2012 4:28:26 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDownloader:Win32/Nistio.A&threatid=2147647734 Name: TrojanDownloader:Win32/Nistio.A ID: 2147647734 Severity: Severe Category: Trojan Downloader Path: containerfile:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar;file:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar->Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE\Adobe Illustrator CS5\payloads\AdobeAIR1.5.3-mul\AdobeAIRInstaller.exe->(nsis-5-$(ENVVAR)\pnsetup.exe) Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: Absolute-LT\Absolute Process Name: Unknown Action: Remove Action Status: No additional actions required Error Code: 0x800700df Error description: The file size exceeds the limit allowed and cannot be saved. Signature Version: AV: 1.123.1375.0, AS: 1.123.1375.0, NIS: 11.0.0.0 Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/9/2012 4:26:02 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDownloader:Win32/Troxen!rts&threatid=2147625309 Name: TrojanDownloader:Win32/Troxen!rts ID: 2147625309 Severity: High Category: Trojan Downloader Path: containerfile:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar;file:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar->Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE\Adobe Illustrator CS5\payloads\AdobeHelp\AIRInstallerRunner.exe Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: Absolute-LT\Absolute Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800700df Error description: The file size exceeds the limit allowed and cannot be saved. Signature Version: AV: 1.123.1375.0, AS: 1.123.1375.0, NIS: 11.0.0.0 Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/9/2012 4:18:30 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794 Name: HackTool:Win32/Keygen ID: 2147593794 Severity: Medium Category: Tool Path: containerfile:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar;file:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar->Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE\keygen.exe->(UPX) Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: Absolute-LT\Absolute Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800700df Error description: The file size exceeds the limit allowed and cannot be saved. Signature Version: AV: 1.123.1375.0, AS: 1.123.1375.0, NIS: 11.0.0.0 Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/9/2012 4:14:21 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDownloader:Win32/Troxen!rts&threatid=2147625309 Name: TrojanDownloader:Win32/Troxen!rts ID: 2147625309 Severity: High Category: Trojan Downloader Path: containerfile:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar;file:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar->Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE\Adobe Illustrator CS5\payloads\AdobeHelp\AIRInstallerRunner.exe Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: Absolute-LT\Absolute Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800700df Error description: The file size exceeds the limit allowed and cannot be saved. Signature Version: AV: 1.123.1375.0, AS: 1.123.1375.0, NIS: 11.0.0.0 Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/9/2012 4:14:21 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDownloader:Win32/Nistio.A&threatid=2147647734 Name: TrojanDownloader:Win32/Nistio.A ID: 2147647734 Severity: Severe Category: Trojan Downloader Path: containerfile:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar;file:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar->Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE\Adobe Illustrator CS5\payloads\AdobeAIR1.5.3-mul\AdobeAIRInstaller.exe->(nsis-5-$(ENVVAR)\pnsetup.exe) Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: Absolute-LT\Absolute Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800700df Error description: The file size exceeds the limit allowed and cannot be saved. Signature Version: AV: 1.123.1375.0, AS: 1.123.1375.0, NIS: 11.0.0.0 Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/9/2012 3:58:42 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794 Name: HackTool:Win32/Keygen ID: 2147593794 Severity: Medium Category: Tool Path: containerfile:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar;file:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar->Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE\keygen.exe->(UPX) Detection Origin: Local machine Detection Type: Concrete Detection Source: User User: Absolute-LT\Absolute Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800700df Error description: The file size exceeds the limit allowed and cannot be saved. Signature Version: AV: 1.123.1375.0, AS: 1.123.1375.0, NIS: 11.0.0.0 Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/9/2012 3:52:38 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDownloader:Win32/Nistio.A&threatid=2147647734 Name: TrojanDownloader:Win32/Nistio.A ID: 2147647734 Severity: Severe Category: Trojan Downloader Path: containerfile:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar;file:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar->Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE\Adobe Illustrator CS5\payloads\AdobeAIR1.5.3-mul\AdobeAIRInstaller.exe->(nsis-5-$(ENVVAR)\pnsetup.exe) Detection Origin: Local machine Detection Type: Concrete Detection Source: User User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Remove Action Status: No additional actions required Error Code: 0x800700df Error description: The file size exceeds the limit allowed and cannot be saved. Signature Version: AV: 1.123.1375.0, AS: 1.123.1375.0, NIS: 11.0.0.0 Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/9/2012 3:49:07 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDownloader:Win32/Troxen!rts&threatid=2147625309 Name: TrojanDownloader:Win32/Troxen!rts ID: 2147625309 Severity: High Category: Trojan Downloader Path: containerfile:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar;file:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar->Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE\Adobe Illustrator CS5\payloads\AdobeHelp\AIRInstallerRunner.exe Detection Origin: Local machine Detection Type: Concrete Detection Source: User User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800700df Error description: The file size exceeds the limit allowed and cannot be saved. Signature Version: AV: 1.123.1375.0, AS: 1.123.1375.0, NIS: 11.0.0.0 Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/9/2012 11:23:08 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-1Cool from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
4/8/2012 11:06:49 PM, Error: Service Control Manager [7030] - The QBIDPService service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
4/7/2012 8:48:05 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
4/4/2012 2:08:38 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDownloader:Win32/Nistio.A&threatid=2147647734 Name: TrojanDownloader:Win32/Nistio.A ID: 2147647734 Severity: Severe Category: Trojan Downloader Path: containerfile:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar;file:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar->Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE\Adobe Illustrator CS5\payloads\AdobeAIR1.5.3-mul\AdobeAIRInstaller.exe->(nsis-5-$(ENVVAR)\pnsetup.exe) Detection Origin: Local machine Detection Type: Concrete Detection Source: User User: Absolute-LT\Absolute Process Name: Unknown Action: Remove Action Status: No additional actions required Error Code: 0x800700df Error description: The file size exceeds the limit allowed and cannot be saved. Signature Version: AV: 1.123.1060.0, AS: 1.123.1060.0, NIS: 11.0.0.0 Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/4/2012 2:04:26 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDownloader:Win32/Troxen!rts&threatid=2147625309 Name: TrojanDownloader:Win32/Troxen!rts ID: 2147625309 Severity: High Category: Trojan Downloader Path: containerfile:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar;file:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar->Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE\Adobe Illustrator CS5\payloads\AdobeHelp\AIRInstallerRunner.exe Detection Origin: Local machine Detection Type: Concrete Detection Source: User User: Absolute-LT\Absolute Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800700df Error description: The file size exceeds the limit allowed and cannot be saved. Signature Version: AV: 1.123.1060.0, AS: 1.123.1060.0, NIS: 11.0.0.0 Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/4/2012 2:04:26 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794 Name: HackTool:Win32/Keygen ID: 2147593794 Severity: Medium Category: Tool Path: containerfile:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar;file:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar->Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE\keygen.exe->(UPX) Detection Origin: Local machine Detection Type: Concrete Detection Source: User User: Absolute-LT\Absolute Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800700df Error description: The file size exceeds the limit allowed and cannot be saved. Signature Version: AV: 1.123.1060.0, AS: 1.123.1060.0, NIS: 11.0.0.0 Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/10/2012 9:49:02 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDownloader:Win32/Nistio.A&threatid=2147647734 Name: TrojanDownloader:Win32/Nistio.A ID: 2147647734 Severity: Severe Category: Trojan Downloader Path: containerfile:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar;file:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar->Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE\Adobe Illustrator CS5\payloads\AdobeAIR1.5.3-mul\AdobeAIRInstaller.exe->(nsis-5-$(ENVVAR)\pnsetup.exe) Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: Absolute-LT\Absolute Process Name: Unknown Action: Remove Action Status: No additional actions required Error Code: 0x800700df Error description: The file size exceeds the limit allowed and cannot be saved. Signature Version: AV: 1.123.1375.0, AS: 1.123.1375.0, NIS: 11.0.0.0 Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/10/2012 9:43:04 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDownloader:Win32/Troxen!rts&threatid=2147625309 Name: TrojanDownloader:Win32/Troxen!rts ID: 2147625309 Severity: High Category: Trojan Downloader Path: containerfile:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar;file:_C:\Users\Absolute\Downloads\Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE.rar->Adobe.Illustrator.CS5.v15.0.Incl.Keymaker-CORE\Adobe Illustrator CS5\payloads\AdobeHelp\AIRInstallerRunner.exe Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: Absolute-LT\Absolute Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x800700df Error description: The file size exceeds the limit allowed and cannot be saved. Signature Version: AV: 1.123.1375.0, AS: 1.123.1375.0, NIS: 11.0.0.0 Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/10/2012 9:28:56 AM, Error: atikmdag [52236] - CPLIB :: General - Invalid Parameter
4/10/2012 9:28:56 AM, Error: atikmdag [43029] - Display is not active
.
==== End Of File ===========================
Back to top
View user's profile Send private message
Cypher
Moderator


Joined: 05 Jul 2009
Last Visit: 22 Jul 2014
Posts: 4571
Location: Land Of The Leprechauns

PostPosted: Wed Apr 11, 2012 7:40 am    Post subject: Reply with quote

Hi and welcome back to Spyware Warrior Forum.
My name is Cypher, and I will be helping you with your malware problems.
This may or may not, solve other issues you have with your machine.
If you no longer require help i would be grateful if you would let me know.

Before we start please note the following important guidelines.
  • If you don't know or understand something, please don't hesitate to ask.
  • Only post your problem at One help site. Applying fixes from multiple help sites can cause problems.
  • Only reply to this thread do not start another, Please continue responding until I give you the "All Clean"
    Remember, absence of symptoms does not mean the infection is all gone.
  • Please DO NOT run any other tools or scans whilst I am helping you.
  • Please DO NOT install any other software (or hardware) during the cleaning process.
  • Print each set of instructions... if possible...your Internet connection will not be available during some fix processes.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  • Note: No Reply Within 3 Days Will Result In Your Topic Being Closed!
Note: If you haven't done so already, please read this topic Things to know before you post where the conditions for receiving help here are explained.
Quote:
Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start

Quote:
Microsoft Office Enterprise 2007

May i ask by what means you obtained this software?

  • Please download MGA Diagnostic Tool and save it to your Desktop.
  • Right click on MGADiag.exe and select Run As Administrator to run it.
  • Click Continue.
  • The program will run. It takes a while to finish the diagnosis, please be patient.
  • Once done, click on Copy.
  • Open Notepad and paste the contents in the window.
  • Save this file and copy/paste it in your next reply.

Next.

Run CKScanner
  • Please download CKScanner from Here
  • Important: - Save it to your desktop.
  • Right-click CKScanner.exe > select " Run as administrator " then click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify the file saved. Please Run the program only once.
  • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.


Logs/Information to Post in your Next Reply
  • By what means they obtained Microsoft Office Enterprise 2007?
  • MGADiag log.
  • CKFiles.txt.

_________________
Admin/Teacher at Malware Removal University
Member of...

Back to top
View user's profile Send private message
nealod
Warrior


Joined: 24 Sep 2010
Last Visit: 02 Oct 2013
Posts: 52

PostPosted: Wed Apr 11, 2012 8:18 am    Post subject: Reply with quote

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->

Validation Code: 0
Cached Online Validation Code: 0x0
Windows Product Key: *****-*****-4F8HK-M4P73-W8DQG
Windows Product Key Hash: Xs1iQgVeo0C+sObJxS7eu+FuBPQ=
Windows Product ID: 00359-OEM-8992687-00057
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.1.7601.2.00010300.1.0.003
ID: {07167FF0-09E8-4185-9D14-E6A62A9099EA}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Home Premium
Architecture: 0x00000009
Build lab: 7601.win7sp1_gdr.111118-2330
TTS Error:
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 100 Genuine
Microsoft Office Enterprise 2007 - 100 Genuine
Microsoft Office Home and Student 2007 - 100 Genuine
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 7E90FEE8-198-80004005_77F760FE-153-80070002_7E90FEE8-175-80070002_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005_B4D0AA8B-920-80070057

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{07167FF0-09E8-4185-9D14-E6A62A9099EA}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-W8DQG</PKey><PID>00359-OEM-8992687-00057</PID><PIDType>2</PIDType><SID>S-1-5-21-2629332192-361817875-3049080968</SID><SYSTEM><Manufacturer>TOSHIBA</Manufacturer><Model>Satellite M505D</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>V1.50</Version><SMBIOSVersion major="2" minor="5"/><Date>20100205000000.000000+000</Date></BIOS><HWID>783D3807018400F4</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>TOSASU</OEMID><OEMTableID>TOSASU00</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{90120000-0030-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>94436407C3F2586</Val><Hash>Nh+O7p+E5Ha5+8Lxn9JfFULj9GM=</Hash><Pid>89388-707-9845457-65770</Pid><PidType>14</PidType></Product><Product GUID="{91120000-002F-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Home and Student 2007</Name><Ver>12</Ver><PidType>19</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/><App Id="BA" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>

Spsys.log Content: 0x80070002

Licensing Data-->
Software licensing service version: 6.1.7601.17514

Name: Windows(R) 7, HomePremium edition
Description: Windows Operating System - Windows(R) 7, OEM_SLP channel
Activation ID: d2c04e90-c3dd-4260-b0f3-f845f5d27d64
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00359-00178-926-800057-02-1033-7600.0000-3362009
Installation ID: 020191334936172623720752801083326375792780208820263244
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
Partial Product Key: W8DQG
License Status: Licensed
Remaining Windows rearm count: 3
Trusted time: 4/11/2012 11:49:58 AM

Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: 0x00000000
HealthStatus: 0x0000000000000000
Event Time Stamp: 1:30:2012 10:07
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:


HWID Data-->
HWID Hash Current: OAAAAAEABwABAAEAAAABAAAAAgABAAEA6GGCWfoyVPkQM7JBpCeOrdKkjJ0IgNBf6qG6lF6/GHk=

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20001
OEMID and OEMTableID Consistent: yes
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC TOSASU APIC1024
FACP TOSASU TOSASU00
HPET TOSASU OEMHPET
MCFG TOSASU OEMMCFG
SLIC TOSASU TOSASU00
SSDT A M I POWERNOW

CKScanner - Additional Security Risks - These are not necessarily bad
c:\users\absolute\downloads\nitro pdf professional v6.2.0.44(x86 and x64)+keygen\slickinator.txt
c:\users\absolute\downloads\paloalto..15 businessplan.pro.15th.ed\keygen.exe
scanner sequence 3.LB.11.ANNATW
----- EOF -----

As far as the office 2007, I purchased this labtop from a student a few years ago and it was already loaded on it.
Back to top
View user's profile Send private message
Cypher
Moderator


Joined: 05 Jul 2009
Last Visit: 22 Jul 2014
Posts: 4571
Location: Land Of The Leprechauns

PostPosted: Wed Apr 11, 2012 9:03 am    Post subject: Reply with quote

Hi nealod,
Quote:
As far as the office 2007, I purchased this labtop from a student a few years ago and it was already loaded on it.

No problem thanks for clearing that up.

While going through your logs I found out that you have downloaded various keygen/cracked software and that you are actively using them.
Our forum policy Here says we will not help people who use cracked or pirated software.
You likely got infected by using cracked software or visiting crack sites.
Hence, i would like you to remove all the crack/keygen applications that are present on your system.
NOTE: If you give me advice that the software/Keygens have been removed & I find it has not (the tools we use can & will detect it) then I will have no choice but to closed this thread.


Please download TDSSKiller.exe and save it to your Desktop.
  • Right click on TDSSKiller.exe And select Run as administrator to run it.
  • Click on Start Scan, the scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • Now click on Report to open the log file created by TDSSKiller in your root directory C:\
  • To find the log go to Start > Computer > C:
  • Post the contents of that log in your next reply please.
  • DO NOT TRY TO FIX ANYTHING AT THIS POINT

Next.

Please download OTL by Old Timer and save it to your Desktop.
  • Right click on OTL.exe And select Run as administrator to run it.
  • Under Output, ensure that Standard Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
      Extra.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.


Logs/Information to Post in your Next Reply
  • TDSSKiller log.
  • OTL.txt and Extra.txt contents.

_________________
Admin/Teacher at Malware Removal University
Member of...

Back to top
View user's profile Send private message
nealod
Warrior


Joined: 24 Sep 2010
Last Visit: 02 Oct 2013
Posts: 52

PostPosted: Wed Apr 11, 2012 12:29 pm    Post subject: Reply with quote

14:56:36.0187 5212 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
14:56:36.0576 5212 ============================================================
14:56:36.0576 5212 Current date / time: 2012/04/11 14:56:36.0576
14:56:36.0576 5212 SystemInfo:
14:56:36.0576 5212
14:56:36.0576 5212 OS Version: 6.1.7601 ServicePack: 1.0
14:56:36.0576 5212 Product type: Workstation
14:56:36.0576 5212 ComputerName: ABSOLUTE-LT
14:56:36.0576 5212 UserName: Absolute
14:56:36.0576 5212 Windows directory: C:\windows
14:56:36.0576 5212 System windows directory: C:\windows
14:56:36.0577 5212 Running under WOW64
14:56:36.0577 5212 Processor architecture: Intel x64
14:56:36.0577 5212 Number of processors: 2
14:56:36.0577 5212 Page size: 0x1000
14:56:36.0577 5212 Boot type: Normal boot
14:56:36.0577 5212 ============================================================
14:56:37.0805 5212 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:56:37.0809 5212 \Device\Harddisk0\DR0:
14:56:37.0809 5212 MBR used
14:56:37.0809 5212 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38D3F800
14:56:37.0860 5212 Initialize success
14:56:37.0860 5212 ============================================================
14:56:46.0934 5808 ============================================================
14:56:46.0934 5808 Scan started
14:56:46.0934 5808 Mode: Manual;
14:56:46.0934 5808 ============================================================
14:56:48.0541 5808 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
14:56:48.0547 5808 1394ohci - ok
14:56:48.0591 5808 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
14:56:48.0599 5808 ACPI - ok
14:56:48.0805 5808 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
14:56:48.0807 5808 AcpiPmi - ok
14:56:48.0965 5808 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:56:48.0967 5808 AdobeARMservice - ok
14:56:49.0115 5808 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:56:49.0122 5808 AdobeFlashPlayerUpdateSvc - ok
14:56:49.0338 5808 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
14:56:49.0349 5808 adp94xx - ok
14:56:49.0532 5808 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
14:56:49.0541 5808 adpahci - ok
14:56:49.0580 5808 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
14:56:49.0583 5808 adpu320 - ok
14:56:49.0730 5808 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
14:56:49.0733 5808 AeLookupSvc - ok
14:56:49.0827 5808 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
14:56:49.0838 5808 AFD - ok
14:56:49.0916 5808 AgereModemAudio (b65f8dba54f251906bbe8611b5a0e7ab) C:\Program Files\LSI SoftModem\agr64svc.exe
14:56:49.0917 5808 AgereModemAudio - ok
14:56:50.0123 5808 AgereSoftModem (c98356d813b581e9c425b42a5d146ce0) C:\windows\system32\DRIVERS\agrsm64.sys
14:56:50.0142 5808 AgereSoftModem - ok
14:56:50.0328 5808 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
14:56:50.0331 5808 agp440 - ok
14:56:50.0380 5808 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
14:56:50.0383 5808 ALG - ok
14:56:50.0727 5808 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
14:56:50.0777 5808 aliide - ok
14:56:50.0980 5808 AMD External Events Utility (98a2774d3f18c107874c8c1163ebe484) C:\windows\system32\atiesrxx.exe
14:56:50.0986 5808 AMD External Events Utility - ok
14:56:51.0068 5808 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
14:56:51.0070 5808 amdide - ok
14:56:51.0221 5808 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
14:56:51.0224 5808 AmdK8 - ok
14:56:51.0296 5808 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
14:56:51.0299 5808 AmdPPM - ok
14:56:51.0467 5808 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
14:56:51.0471 5808 amdsata - ok
14:56:51.0544 5808 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
14:56:51.0549 5808 amdsbs - ok
14:56:51.0732 5808 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
14:56:51.0734 5808 amdxata - ok
14:56:51.0814 5808 ApfiltrService (1661f9c9e4b0049fa0a5e30264375a87) C:\windows\system32\DRIVERS\Apfiltr.sys
14:56:51.0821 5808 ApfiltrService - ok
14:56:52.0002 5808 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
14:56:52.0005 5808 AppID - ok
14:56:52.0075 5808 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
14:56:52.0077 5808 AppIDSvc - ok
14:56:52.0245 5808 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
14:56:52.0262 5808 Appinfo - ok
14:56:52.0357 5808 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:56:52.0361 5808 Apple Mobile Device - ok
14:56:52.0558 5808 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
14:56:52.0561 5808 arc - ok
14:56:52.0580 5808 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
14:56:52.0583 5808 arcsas - ok
14:56:52.0734 5808 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:56:52.0738 5808 aspnet_state - ok
14:56:52.0899 5808 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
14:56:52.0902 5808 AsyncMac - ok
14:56:52.0971 5808 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
14:56:52.0972 5808 atapi - ok
14:56:53.0044 5808 athr (e857eee6b92aaa473ebb3465add8f7e7) C:\windows\system32\DRIVERS\athrx.sys
14:56:53.0062 5808 athr - ok
14:56:53.0441 5808 atikmdag (173f4c05f87085e9bda3f7037bc9f40e) C:\windows\system32\DRIVERS\atikmdag.sys
14:56:53.0580 5808 atikmdag - ok
14:56:53.0772 5808 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\windows\system32\DRIVERS\AtiPcie.sys
14:56:53.0774 5808 AtiPcie - ok
14:56:53.0841 5808 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
14:56:53.0855 5808 AudioEndpointBuilder - ok
14:56:53.0867 5808 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
14:56:53.0872 5808 AudioSrv - ok
14:56:54.0094 5808 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
14:56:54.0098 5808 AxInstSV - ok
14:56:54.0189 5808 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
14:56:54.0200 5808 b06bdrv - ok
14:56:54.0401 5808 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
14:56:54.0408 5808 b57nd60a - ok
14:56:54.0500 5808 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
14:56:54.0504 5808 BDESVC - ok
14:56:54.0674 5808 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
14:56:54.0676 5808 Beep - ok
14:56:54.0783 5808 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
14:56:54.0798 5808 BFE - ok
14:56:54.0965 5808 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
14:56:54.0985 5808 BITS - ok
14:56:55.0186 5808 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
14:56:55.0189 5808 blbdrive - ok
14:56:55.0282 5808 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
14:56:55.0292 5808 Bonjour Service - ok
14:56:55.0489 5808 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
14:56:55.0492 5808 bowser - ok
14:56:55.0535 5808 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
14:56:55.0537 5808 BrFiltLo - ok
14:56:55.0701 5808 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
14:56:55.0703 5808 BrFiltUp - ok
14:56:55.0778 5808 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
14:56:55.0782 5808 Browser - ok
14:56:55.0813 5808 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
14:56:55.0818 5808 Brserid - ok
14:56:55.0849 5808 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
14:56:55.0851 5808 BrSerWdm - ok
14:56:56.0001 5808 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
14:56:56.0003 5808 BrUsbMdm - ok
14:56:56.0047 5808 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
14:56:56.0049 5808 BrUsbSer - ok
14:56:56.0084 5808 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
14:56:56.0087 5808 BTHMODEM - ok
14:56:56.0278 5808 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
14:56:56.0282 5808 bthserv - ok
14:56:56.0347 5808 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
14:56:56.0350 5808 cdfs - ok
14:56:56.0525 5808 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
14:56:56.0529 5808 cdrom - ok
14:56:56.0594 5808 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
14:56:56.0596 5808 CertPropSvc - ok
14:56:56.0687 5808 cfWiMAXService (837ff2d497880198c918e6954dbd170c) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
14:56:56.0693 5808 cfWiMAXService - ok
14:56:56.0881 5808 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
14:56:56.0884 5808 circlass - ok
14:56:56.0930 5808 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
14:56:56.0939 5808 CLFS - ok
14:56:57.0108 5808 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:56:57.0113 5808 clr_optimization_v2.0.50727_32 - ok
14:56:57.0151 5808 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:56:57.0154 5808 clr_optimization_v2.0.50727_64 - ok
14:56:57.0300 5808 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:56:57.0304 5808 clr_optimization_v4.0.30319_32 - ok
14:56:57.0374 5808 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:56:57.0379 5808 clr_optimization_v4.0.30319_64 - ok
14:56:57.0571 5808 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
14:56:57.0574 5808 CmBatt - ok
14:56:57.0622 5808 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
14:56:57.0624 5808 cmdide - ok
14:56:57.0839 5808 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
14:56:57.0849 5808 CNG - ok
14:56:58.0042 5808 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
14:56:58.0045 5808 Compbatt - ok
14:56:58.0099 5808 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
14:56:58.0101 5808 CompositeBus - ok
14:56:58.0240 5808 COMSysApp - ok
14:56:58.0327 5808 ConfigFree Gadget Service (d252c53bcdfc199bba55eeb10cdb266e) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
14:56:58.0329 5808 ConfigFree Gadget Service - ok
14:56:58.0364 5808 ConfigFree Service (cab0eeaf5295fc96ddd3e19dce27e131) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
14:56:58.0366 5808 ConfigFree Service - ok
14:56:58.0565 5808 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
14:56:58.0568 5808 crcdisk - ok
14:56:58.0637 5808 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\windows\system32\cryptsvc.dll
14:56:58.0642 5808 CryptSvc - ok
14:56:58.0817 5808 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
14:56:58.0831 5808 DcomLaunch - ok
14:56:58.0874 5808 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
14:56:58.0878 5808 defragsvc - ok
14:56:59.0222 5808 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
14:56:59.0226 5808 DfsC - ok
14:56:59.0392 5808 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
14:56:59.0401 5808 Dhcp - ok
14:56:59.0467 5808 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
14:56:59.0468 5808 discache - ok
14:56:59.0603 5808 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
14:56:59.0607 5808 Disk - ok
14:56:59.0651 5808 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
14:56:59.0654 5808 Dnscache - ok
14:56:59.0816 5808 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
14:56:59.0824 5808 dot3svc - ok
14:56:59.0868 5808 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
14:56:59.0873 5808 DPS - ok
14:57:00.0064 5808 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
14:57:00.0066 5808 drmkaud - ok
14:57:00.0132 5808 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
14:57:00.0152 5808 DXGKrnl - ok
14:57:00.0310 5808 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
14:57:00.0315 5808 EapHost - ok
14:57:00.0465 5808 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
14:57:00.0547 5808 ebdrv - ok
14:57:00.0690 5808 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
14:57:00.0702 5808 EFS - ok
14:57:00.0784 5808 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
14:57:00.0807 5808 ehRecvr - ok
14:57:00.0930 5808 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
14:57:00.0961 5808 ehSched - ok
14:57:01.0387 5808 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
14:57:01.0421 5808 elxstor - ok
14:57:01.0503 5808 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
14:57:01.0528 5808 ErrDev - ok
14:57:01.0647 5808 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
14:57:01.0657 5808 EventSystem - ok
14:57:01.0826 5808 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
14:57:01.0829 5808 exfat - ok
14:57:01.0883 5808 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
14:57:01.0886 5808 fastfat - ok
14:57:02.0052 5808 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
14:57:02.0069 5808 Fax - ok
14:57:02.0131 5808 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
14:57:02.0133 5808 fdc - ok
14:57:02.0294 5808 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
14:57:02.0297 5808 fdPHost - ok
14:57:02.0341 5808 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
14:57:02.0345 5808 FDResPub - ok
14:57:02.0504 5808 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
14:57:02.0507 5808 FileInfo - ok
14:57:02.0568 5808 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
14:57:02.0571 5808 Filetrace - ok
14:57:02.0601 5808 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
14:57:02.0602 5808 flpydisk - ok
14:57:02.0657 5808 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
14:57:02.0661 5808 FltMgr - ok
14:57:02.0831 5808 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
14:57:02.0848 5808 FontCache - ok
14:57:02.0928 5808 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:57:02.0931 5808 FontCache3.0.0.0 - ok
14:57:03.0092 5808 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
14:57:03.0094 5808 FsDepends - ok
14:57:03.0178 5808 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\windows\system32\DRIVERS\fssfltr.sys
14:57:03.0180 5808 fssfltr - ok
14:57:03.0283 5808 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
14:57:03.0315 5808 fsssvc - ok
14:57:03.0507 5808 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys
14:57:03.0510 5808 Fs_Rec - ok
14:57:03.0573 5808 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
14:57:03.0576 5808 fvevol - ok
14:57:03.0758 5808 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
14:57:03.0763 5808 gagp30kx - ok
14:57:03.0851 5808 GameConsoleService (4fbccbdd99a75c9efbc90392cf32af61) C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
14:57:03.0855 5808 GameConsoleService - ok
14:57:04.0046 5808 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
14:57:04.0047 5808 GEARAspiWDM - ok
14:57:04.0100 5808 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
14:57:04.0109 5808 gpsvc - ok
14:57:04.0220 5808 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:57:04.0224 5808 gupdate - ok
14:57:04.0266 5808 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:57:04.0267 5808 gupdatem - ok
14:57:04.0321 5808 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
14:57:04.0324 5808 gusvc - ok
14:57:04.0548 5808 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
14:57:04.0551 5808 hcw85cir - ok
14:57:04.0649 5808 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
14:57:04.0658 5808 HdAudAddService - ok
14:57:04.0957 5808 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
14:57:04.0961 5808 HDAudBus - ok
14:57:04.0994 5808 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
14:57:04.0997 5808 HidBatt - ok
14:57:05.0160 5808 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
14:57:05.0164 5808 HidBth - ok
14:57:05.0185 5808 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
14:57:05.0192 5808 HidIr - ok
14:57:05.0228 5808 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
14:57:05.0230 5808 hidserv - ok
14:57:05.0292 5808 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
14:57:05.0294 5808 HidUsb - ok
14:57:05.0453 5808 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
14:57:05.0458 5808 hkmsvc - ok
14:57:05.0593 5808 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
14:57:05.0598 5808 HomeGroupListener - ok
14:57:05.0746 5808 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
14:57:05.0750 5808 HomeGroupProvider - ok
14:57:05.0830 5808 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
14:57:05.0831 5808 HpSAMD - ok
14:57:06.0018 5808 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
14:57:06.0026 5808 HTTP - ok
14:57:06.0101 5808 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
14:57:06.0102 5808 hwpolicy - ok
14:57:06.0324 5808 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
14:57:06.0326 5808 i8042prt - ok
14:57:06.0416 5808 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
14:57:06.0423 5808 iaStorV - ok
14:57:06.0546 5808 IDriveE Service (4abaf0ee285bd49718a203d16972087a) C:\IDrive\IDriveE Service.exe
14:57:06.0614 5808 IDriveE Service - ok
14:57:06.0774 5808 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:57:06.0793 5808 IDriverT - ok
14:57:07.0023 5808 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:57:07.0043 5808 idsvc - ok
14:57:07.0219 5808 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
14:57:07.0222 5808 iirsp - ok
14:57:07.0293 5808 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
14:57:07.0306 5808 IKEEXT - ok
14:57:07.0540 5808 IntcAzAudAddService (b6e61b181884527cc5b68c2d79504b43) C:\windows\system32\drivers\RTKVHD64.sys
14:57:07.0568 5808 IntcAzAudAddService - ok
14:57:07.0759 5808 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
14:57:07.0761 5808 intelide - ok
14:57:07.0810 5808 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
14:57:07.0812 5808 intelppm - ok
14:57:07.0982 5808 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
14:57:07.0986 5808 IPBusEnum - ok
14:57:08.0072 5808 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
14:57:08.0076 5808 IpFilterDriver - ok
14:57:08.0133 5808 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
14:57:08.0141 5808 iphlpsvc - ok
14:57:08.0332 5808 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
14:57:08.0334 5808 IPMIDRV - ok
14:57:08.0382 5808 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
14:57:08.0386 5808 IPNAT - ok
14:57:08.0495 5808 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe
14:57:08.0515 5808 iPod Service - ok
14:57:08.0692 5808 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
14:57:08.0695 5808 IRENUM - ok
14:57:08.0737 5808 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
14:57:08.0738 5808 isapnp - ok
14:57:08.0911 5808 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
14:57:08.0916 5808 iScsiPrt - ok
14:57:08.0967 5808 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
14:57:08.0969 5808 kbdclass - ok
14:57:09.0249 5808 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
14:57:09.0250 5808 kbdhid - ok
14:57:09.0280 5808 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:57:09.0282 5808 KeyIso - ok
14:57:09.0316 5808 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
14:57:09.0318 5808 KSecDD - ok
14:57:09.0471 5808 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
14:57:09.0473 5808 KSecPkg - ok
14:57:09.0514 5808 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
14:57:09.0516 5808 ksthunk - ok
14:57:09.0565 5808 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
14:57:09.0571 5808 KtmRm - ok
14:57:09.0742 5808 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
14:57:09.0751 5808 LanmanServer - ok
14:57:09.0803 5808 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
14:57:09.0808 5808 LanmanWorkstation - ok
14:57:09.0916 5808 LBTServ (88e52495b47c67126b510af53fdb0bc7) C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
14:57:09.0920 5808 LBTServ - ok
14:57:10.0104 5808 LHidFilt (b6552d382ff070b4ed34cbd6737277c0) C:\windows\system32\DRIVERS\LHidFilt.Sys
14:57:10.0106 5808 LHidFilt - ok
14:57:10.0156 5808 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
14:57:10.0157 5808 lltdio - ok
14:57:10.0335 5808 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
14:57:10.0341 5808 lltdsvc - ok
14:57:10.0362 5808 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
14:57:10.0364 5808 lmhosts - ok
14:57:10.0441 5808 LMouFilt (73c1f563ab73d459dffe682d66476558) C:\windows\system32\DRIVERS\LMouFilt.Sys
14:57:10.0444 5808 LMouFilt - ok
14:57:10.0616 5808 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
14:57:10.0621 5808 LSI_FC - ok
14:57:10.0784 5808 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
14:57:10.0789 5808 LSI_SAS - ok
14:57:10.0826 5808 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
14:57:10.0828 5808 LSI_SAS2 - ok
14:57:10.0954 5808 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
14:57:10.0958 5808 LSI_SCSI - ok
14:57:11.0038 5808 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
14:57:11.0042 5808 luafv - ok
14:57:11.0201 5808 LUsbFilt (9d9714e78eac9e5368208649489c920e) C:\windows\system32\Drivers\LUsbFilt.Sys
14:57:11.0204 5808 LUsbFilt - ok
14:57:11.0263 5808 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
14:57:11.0266 5808 Mcx2Svc - ok
14:57:11.0338 5808 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
14:57:11.0340 5808 megasas - ok
14:57:11.0492 5808 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
14:57:11.0499 5808 MegaSR - ok
14:57:11.0594 5808 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
14:57:11.0598 5808 Microsoft Office Groove Audit Service - ok
14:57:11.0762 5808 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
14:57:11.0767 5808 MMCSS - ok
14:57:11.0839 5808 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
14:57:11.0840 5808 Modem - ok
14:57:11.0995 5808 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
14:57:12.0009 5808 monitor - ok
14:57:12.0093 5808 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
14:57:12.0095 5808 mouclass - ok
14:57:12.0248 5808 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
14:57:12.0251 5808 mouhid - ok
14:57:12.0336 5808 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
14:57:12.0338 5808 mountmgr - ok
14:57:12.0538 5808 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\windows\system32\DRIVERS\MpFilter.sys
14:57:12.0547 5808 MpFilter - ok
14:57:12.0616 5808 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
14:57:12.0619 5808 mpio - ok
14:57:12.0823 5808 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\windows\system32\DRIVERS\MpNWMon.sys
14:57:12.0826 5808 MpNWMon - ok
14:57:12.0917 5808 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
14:57:12.0919 5808 mpsdrv - ok
14:57:13.0032 5808 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
14:57:13.0047 5808 MpsSvc - ok
14:57:13.0257 5808 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
14:57:13.0259 5808 MRxDAV - ok
14:57:13.0307 5808 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
14:57:13.0310 5808 mrxsmb - ok
14:57:13.0503 5808 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
14:57:13.0509 5808 mrxsmb10 - ok
14:57:13.0567 5808 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
14:57:13.0569 5808 mrxsmb20 - ok
14:57:13.0754 5808 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
14:57:13.0755 5808 msahci - ok
14:57:13.0805 5808 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
14:57:13.0808 5808 msdsm - ok
14:57:13.0959 5808 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
14:57:13.0965 5808 MSDTC - ok
14:57:14.0048 5808 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
14:57:14.0049 5808 Msfs - ok
14:57:14.0182 5808 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
14:57:14.0183 5808 mshidkmdf - ok
14:57:14.0227 5808 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
14:57:14.0228 5808 msisadrv - ok
14:57:14.0274 5808 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
14:57:14.0277 5808 MSiSCSI - ok
14:57:14.0409 5808 msiserver - ok
14:57:14.0493 5808 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
14:57:14.0494 5808 MSKSSRV - ok
14:57:14.0588 5808 MsMpSvc (157e9e498206a3366baa7e4697bdd947) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
14:57:14.0588 5808 MsMpSvc - ok
14:57:14.0794 5808 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
14:57:14.0796 5808 MSPCLOCK - ok
14:57:14.0816 5808 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
14:57:14.0818 5808 MSPQM - ok
14:57:14.0877 5808 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
14:57:14.0882 5808 MsRPC - ok
14:57:15.0064 5808 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
14:57:15.0065 5808 mssmbios - ok
14:57:15.0115 5808 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
14:57:15.0116 5808 MSTEE - ok
14:57:15.0268 5808 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
14:57:15.0271 5808 MTConfig - ok
14:57:15.0303 5808 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
14:57:15.0305 5808 Mup - ok
14:57:15.0351 5808 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
14:57:15.0358 5808 napagent - ok
14:57:15.0582 5808 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
14:57:15.0586 5808 NativeWifiP - ok
14:57:15.0797 5808 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
14:57:15.0808 5808 NDIS - ok
14:57:16.0009 5808 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
14:57:16.0012 5808 NdisCap - ok
14:57:16.0052 5808 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
14:57:16.0056 5808 NdisTapi - ok
14:57:16.0238 5808 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
14:57:16.0241 5808 Ndisuio - ok
14:57:16.0284 5808 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
14:57:16.0287 5808 NdisWan - ok
14:57:16.0466 5808 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
14:57:16.0468 5808 NDProxy - ok
14:57:16.0519 5808 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
14:57:16.0522 5808 NetBIOS - ok
14:57:16.0771 5808 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
14:57:16.0774 5808 NetBT - ok
14:57:16.0847 5808 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:57:16.0850 5808 Netlogon - ok
14:57:17.0269 5808 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
14:57:17.0308 5808 Netman - ok
14:57:17.0451 5808 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:17.0455 5808 NetMsmqActivator - ok
14:57:17.0464 5808 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:17.0465 5808 NetPipeActivator - ok
14:57:17.0634 5808 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
14:57:17.0646 5808 netprofm - ok
14:57:17.0796 5808 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:17.0798 5808 NetTcpActivator - ok
14:57:17.0816 5808 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:17.0819 5808 NetTcpPortSharing - ok
14:57:17.0991 5808 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
14:57:17.0994 5808 nfrd960 - ok
14:57:18.0080 5808 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\windows\system32\DRIVERS\NisDrvWFP.sys
14:57:18.0083 5808 NisDrv - ok
14:57:18.0172 5808 NisSrv (566ddd5d82520da01d75f81428ac4c38) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
14:57:18.0177 5808 NisSrv - ok
14:57:18.0361 5808 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
14:57:18.0366 5808 NlaSvc - ok
14:57:18.0420 5808 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
14:57:18.0422 5808 Npfs - ok
14:57:18.0568 5808 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
14:57:18.0569 5808 nsi - ok
14:57:18.0588 5808 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
14:57:18.0589 5808 nsiproxy - ok
14:57:18.0692 5808 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
14:57:18.0713 5808 Ntfs - ok
14:57:18.0885 5808 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
14:57:18.0886 5808 Null - ok
14:57:18.0945 5808 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
14:57:18.0947 5808 nvraid - ok
14:57:19.0195 5808 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
14:57:19.0198 5808 nvstor - ok
14:57:19.0275 5808 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
14:57:19.0277 5808 nv_agp - ok
14:57:19.0392 5808 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:57:19.0399 5808 odserv - ok
14:57:19.0688 5808 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
14:57:19.0689 5808 ohci1394 - ok
14:57:19.0793 5808 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:57:19.0796 5808 ose - ok
14:57:20.0100 5808 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
14:57:20.0105 5808 p2pimsvc - ok
14:57:20.0152 5808 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
14:57:20.0159 5808 p2psvc - ok
14:57:20.0396 5808 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
14:57:20.0399 5808 Parport - ok
14:57:20.0475 5808 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\windows\system32\drivers\partmgr.sys
14:57:20.0477 5808 partmgr - ok
14:57:20.0689 5808 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
14:57:20.0693 5808 PcaSvc - ok
14:57:20.0785 5808 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
14:57:20.0788 5808 pci - ok
14:57:20.0821 5808 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
14:57:20.0837 5808 pciide - ok
14:57:21.0113 5808 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
14:57:21.0117 5808 pcmcia - ok
14:57:21.0198 5808 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
14:57:21.0215 5808 pcw - ok
14:57:21.0318 5808 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
14:57:21.0328 5808 PEAUTH - ok
14:57:21.0428 5808 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
14:57:21.0430 5808 PerfHost - ok
14:57:21.0706 5808 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys
14:57:21.0708 5808 PGEffect - ok
14:57:21.0969 5808 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
14:57:21.0999 5808 pla - ok
14:57:22.0152 5808 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
14:57:22.0160 5808 PlugPlay - ok
14:57:22.0262 5808 PMCF (60795ae1e34bcf4ff731f55a6cda9a86) C:\windows\system32\drivers\PMCF.sys
14:57:22.0264 5808 PMCF - ok
14:57:22.0410 5808 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
14:57:22.0415 5808 PNRPAutoReg - ok
14:57:22.0483 5808 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
14:57:22.0494 5808 PNRPsvc - ok
14:57:22.0715 5808 Point64 (b8d8ec78b0f9ed8e220506181274f3d3) C:\windows\system32\DRIVERS\point64.sys
14:57:22.0717 5808 Point64 - ok
14:57:22.0808 5808 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
14:57:22.0815 5808 PolicyAgent - ok
14:57:22.0874 5808 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
14:57:22.0878 5808 Power - ok
14:57:23.0059 5808 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
14:57:23.0062 5808 PptpMiniport - ok
14:57:23.0149 5808 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
14:57:23.0151 5808 Processor - ok
14:57:23.0254 5808 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\windows\system32\profsvc.dll
14:57:23.0258 5808 ProfSvc - ok
14:57:23.0415 5808 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:57:23.0417 5808 ProtectedStorage - ok
14:57:23.0574 5808 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
14:57:23.0576 5808 Psched - ok
14:57:23.0711 5808 QBCFMonitorService (933d92f0bd1d7a9835cd8a8b1235a11e) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
14:57:23.0734 5808 QBCFMonitorService - ok
14:57:23.0895 5808 QBFCService (6bee1814470dc12fa20c53dfc3c97ebb) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
14:57:23.0917 5808 QBFCService - ok
14:57:24.0218 5808 QBVSS (25fc19badf78b7fb1d835aac4b0b91a5) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
14:57:24.0356 5808 QBVSS - ok
14:57:24.0618 5808 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
14:57:24.0635 5808 ql2300 - ok
14:57:24.0837 5808 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
14:57:24.0861 5808 ql40xx - ok
14:57:24.0906 5808 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
14:57:24.0911 5808 QWAVE - ok
14:57:24.0983 5808 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
14:57:24.0984 5808 QWAVEdrv - ok
14:57:25.0208 5808 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
14:57:25.0213 5808 RasAcd - ok
14:57:25.0308 5808 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
14:57:25.0318 5808 RasAgileVpn - ok
14:57:25.0506 5808 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
14:57:25.0510 5808 RasAuto - ok
14:57:25.0593 5808 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
14:57:25.0595 5808 Rasl2tp - ok
14:57:25.0681 5808 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
14:57:25.0688 5808 RasMan - ok
14:57:25.0871 5808 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
14:57:25.0873 5808 RasPppoe - ok
14:57:25.0986 5808 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
14:57:25.0988 5808 RasSstp - ok
14:57:26.0063 5808 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
14:57:26.0067 5808 rdbss - ok
14:57:26.0235 5808 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
14:57:26.0257 5808 rdpbus - ok
14:57:26.0322 5808 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
14:57:26.0323 5808 RDPCDD - ok
14:57:26.0357 5808 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
14:57:26.0357 5808 RDPENCDD - ok
14:57:26.0513 5808 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
14:57:26.0513 5808 RDPREFMP - ok
14:57:26.0600 5808 RDPWD (6d76e6433574b058adcb0c50df834492) C:\windows\system32\drivers\RDPWD.sys
14:57:26.0603 5808 RDPWD - ok
14:57:26.0779 5808 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
14:57:26.0782 5808 rdyboost - ok
14:57:26.0957 5808 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
14:57:26.0963 5808 RemoteAccess - ok
14:57:27.0016 5808 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
14:57:27.0020 5808 RemoteRegistry - ok
14:57:27.0162 5808 rimspci (e20b1907fc72a3664ece21e3c20fc63d) C:\windows\system32\DRIVERS\rimspe64.sys
14:57:27.0164 5808 rimspci - ok
14:57:27.0320 5808 risdpcie (7dda2e5cf452dad24b1be704225c18ee) C:\windows\system32\DRIVERS\risdpe64.sys
14:57:27.0322 5808 risdpcie - ok
14:57:27.0388 5808 rixdpcie (6a1cd4674505e6791390a1ab71da1fbe) C:\windows\system32\DRIVERS\rixdpe64.sys
14:57:27.0390 5808 rixdpcie - ok
14:57:27.0557 5808 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
14:57:27.0559 5808 RpcEptMapper - ok
14:57:27.0589 5808 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
14:57:27.0591 5808 RpcLocator - ok
14:57:27.0638 5808 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
14:57:27.0643 5808 RpcSs - ok
14:57:27.0713 5808 RSELSVC - ok
14:57:27.0903 5808 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
14:57:27.0905 5808 rspndr - ok
14:57:27.0949 5808 RTL8167 (66f9f7161d147b6486a22feb9425930d) C:\windows\system32\DRIVERS\Rt64win7.sys
14:57:27.0953 5808 RTL8167 - ok
14:57:28.0148 5808 rtl8192se (03e0627c26943916a7276ac5306206c7) C:\windows\system32\DRIVERS\rtl8192se.sys
14:57:28.0161 5808 rtl8192se - ok
14:57:28.0315 5808 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:57:28.0317 5808 SamSs - ok
14:57:28.0382 5808 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
14:57:28.0384 5808 sbp2port - ok
14:57:28.0540 5808 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
14:57:28.0544 5808 SCardSvr - ok
14:57:28.0621 5808 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
14:57:28.0623 5808 scfilter - ok
14:57:28.0813 5808 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
14:57:28.0827 5808 Schedule - ok
14:57:28.0996 5808 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
14:57:28.0997 5808 SCPolicySvc - ok
14:57:29.0079 5808 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\windows\system32\drivers\sdbus.sys
14:57:29.0082 5808 sdbus - ok
14:57:29.0255 5808 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
14:57:29.0259 5808 SDRSVC - ok
14:57:29.0319 5808 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
14:57:29.0321 5808 secdrv - ok
14:57:29.0494 5808 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
14:57:29.0496 5808 seclogon - ok
14:57:29.0533 5808 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
14:57:29.0536 5808 SENS - ok
14:57:29.0791 5808 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
14:57:29.0802 5808 SensrSvc - ok
14:57:29.0908 5808 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
14:57:29.0909 5808 Serenum - ok
14:57:30.0064 5808 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
14:57:30.0068 5808 Serial - ok
14:57:30.0118 5808 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
14:57:30.0119 5808 sermouse - ok
14:57:30.0195 5808 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
14:57:30.0198 5808 SessionEnv - ok
14:57:30.0306 5808 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
14:57:30.0308 5808 sffdisk - ok
14:57:30.0475 5808 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
14:57:30.0477 5808 sffp_mmc - ok
14:57:30.0498 5808 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
14:57:30.0500 5808 sffp_sd - ok
14:57:30.0548 5808 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
14:57:30.0550 5808 sfloppy - ok
14:57:30.0638 5808 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
14:57:30.0644 5808 SharedAccess - ok
14:57:30.0692 5808 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
14:57:30.0698 5808 ShellHWDetection - ok
14:57:30.0882 5808 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
14:57:30.0884 5808 SiSRaid2 - ok
14:57:30.0895 5808 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
14:57:30.0901 5808 SiSRaid4 - ok
14:57:31.0090 5808 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
14:57:31.0094 5808 Smb - ok
14:57:31.0129 5808 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
14:57:31.0131 5808 SNMPTRAP - ok
14:57:31.0153 5808 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
14:57:31.0154 5808 spldr - ok
14:57:31.0359 5808 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
14:57:31.0374 5808 Spooler - ok
14:57:31.0503 5808 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
14:57:31.0603 5808 sppsvc - ok
14:57:31.0743 5808 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
14:57:31.0749 5808 sppuinotify - ok
14:57:31.0835 5808 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
14:57:31.0846 5808 srv - ok
14:57:32.0055 5808 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
14:57:32.0065 5808 srv2 - ok
14:57:32.0134 5808 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
14:57:32.0138 5808 srvnet - ok
14:57:32.0286 5808 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
14:57:32.0290 5808 SSDPSRV - ok
14:57:32.0323 5808 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
14:57:32.0325 5808 SstpSvc - ok
14:57:32.0390 5808 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
14:57:32.0393 5808 stexstor - ok
14:57:32.0569 5808 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
14:57:32.0586 5808 stisvc - ok
14:57:32.0671 5808 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
14:57:32.0672 5808 swenum - ok
14:57:32.0827 5808 swg3kser00 (9f0a0c3ee91fd7cb709f7d0d97207f7e) C:\windows\system32\DRIVERS\swg3kser00.sys
14:57:32.0836 5808 swg3kser00 - ok
14:57:32.0910 5808 SwiCardDetectSvc (7759bb08cf43b2dbf9e151bbf827add2) C:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe
14:57:33.0038 5808 SwiCardDetectSvc - ok
14:57:33.0269 5808 swiwdmbx (c6a7e54a31803e6f95e23d1b5d967d57) C:\windows\system32\DRIVERS\swiwdmbx64.sys
14:57:33.0273 5808 swiwdmbx - ok
14:57:33.0346 5808 SWNC8UA3 (dc345fc7ce9ba3005153062407263bb2) C:\windows\system32\DRIVERS\swnc8ua3.sys
14:57:33.0355 5808 SWNC8UA3 - ok
14:57:33.0520 5808 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
14:57:33.0535 5808 swprv - ok
14:57:33.0758 5808 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
14:57:33.0777 5808 SysMain - ok
14:57:33.0928 5808 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
14:57:33.0931 5808 TabletInputService - ok
14:57:33.0954 5808 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
14:57:33.0960 5808 TapiSrv - ok
14:57:34.0122 5808 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
14:57:34.0128 5808 TBS - ok
14:57:34.0258 5808 Tcpip (fc62769e7bff2896035aeed399108162) C:\windows\system32\drivers\tcpip.sys
14:57:34.0285 5808 Tcpip - ok
14:57:34.0599 5808 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\windows\system32\DRIVERS\tcpip.sys
14:57:34.0611 5808 TCPIP6 - ok
14:57:34.0798 5808 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
14:57:34.0801 5808 tcpipreg - ok
14:57:34.0863 5808 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
14:57:34.0866 5808 tdcmdpst - ok
14:57:35.0057 5808 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
14:57:35.0059 5808 TDPIPE - ok
14:57:35.0106 5808 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
14:57:35.0109 5808 TDTCP - ok
14:57:35.0297 5808 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
14:57:35.0301 5808 tdx - ok
14:57:35.0345 5808 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
14:57:35.0348 5808 TermDD - ok
14:57:35.0523 5808 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
14:57:35.0533 5808 TermService - ok
14:57:35.0681 5808 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
14:57:35.0687 5808 Themes - ok
14:57:35.0771 5808 Thpdrv (c013f6acaa9761f571bd28dada7c157d) C:\windows\system32\DRIVERS\thpdrv.sys
14:57:35.0773 5808 Thpdrv - ok
14:57:35.0918 5808 Thpevm (b4e609047434ed948af7bdef2fa66e38) C:\windows\system32\DRIVERS\Thpevm.SYS
14:57:35.0920 5808 Thpevm - ok
14:57:35.0981 5808 Thpsrv (6146eac71ae3c9da17b0e33632082b7b) C:\windows\system32\ThpSrv.exe
14:57:36.0019 5808 Thpsrv - ok
14:57:36.0319 5808 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
14:57:36.0323 5808 THREADORDER - ok
14:57:36.0422 5808 TMachInfo (f120967184a27e927052e8ddbb727851) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
14:57:36.0425 5808 TMachInfo - ok
14:57:36.0591 5808 TODDSrv (ed32035bdfeced1ad66d459fd9cc1140) C:\Windows\system32\TODDSrv.exe
14:57:36.0605 5808 TODDSrv - ok
14:57:36.0726 5808 TosCoSrv (06c61275adc64f1e36240a2287998a5e) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
14:57:36.0736 5808 TosCoSrv - ok
14:57:36.0803 5808 TOSHIBA eco Utility Service (707800855afbd7648375efb1519b8d6d) C:\Program Files\TOSHIBA\TECO\TecoService.exe
14:57:36.0807 5808 TOSHIBA eco Utility Service - ok
14:57:37.0107 5808 TOSHIBA HDD SSD Alert Service (eda12e9bc9a0f104c24101720eec4785) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
14:57:37.0200 5808 TOSHIBA HDD SSD Alert Service - ok
14:57:37.0425 5808 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\windows\system32\DRIVERS\tos_sps64.sys
14:57:37.0432 5808 tos_sps64 - ok
14:57:37.0542 5808 TPCHSrv (de64c52bd0671165cf2eebf2a728a3e2) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
14:57:37.0563 5808 TPCHSrv - ok
14:57:37.0815 5808 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
14:57:37.0818 5808 TrkWks - ok
14:57:37.0914 5808 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
14:57:37.0917 5808 TrustedInstaller - ok
14:57:38.0076 5808 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
14:57:38.0079 5808 tssecsrv - ok
14:57:38.0174 5808 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
14:57:38.0175 5808 TsUsbFlt - ok
14:57:38.0344 5808 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
14:57:38.0347 5808 tunnel - ok
14:57:38.0418 5808 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
14:57:38.0420 5808 TVALZ - ok
14:57:38.0576 5808 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys
14:57:38.0578 5808 TVALZFL - ok
14:57:38.0658 5808 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
14:57:38.0662 5808 uagp35 - ok
14:57:38.0713 5808 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
14:57:38.0719 5808 udfs - ok
14:57:38.0862 5808 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
14:57:38.0866 5808 UI0Detect - ok
14:57:38.0955 5808 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
14:57:38.0958 5808 uliagpkx - ok
14:57:39.0051 5808 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys
14:57:39.0062 5808 umbus - ok
14:57:39.0203 5808 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
14:57:39.0204 5808 UmPass - ok
14:57:39.0267 5808 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
14:57:39.0273 5808 upnphost - ok
14:57:39.0363 5808 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\windows\system32\Drivers\usbaapl64.sys
14:57:39.0398 5808 USBAAPL64 - ok
14:57:39.0542 5808 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
14:57:39.0546 5808 usbccgp - ok
14:57:39.0606 5808 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
14:57:39.0611 5808 usbcir - ok
14:57:39.0636 5808 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
14:57:39.0638 5808 usbehci - ok
14:57:39.0724 5808 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
14:57:39.0730 5808 usbhub - ok
14:57:39.0885 5808 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\DRIVERS\usbohci.sys
14:57:39.0888 5808 usbohci - ok
14:57:39.0944 5808 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
14:57:39.0947 5808 usbprint - ok
14:57:40.0104 5808 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
14:57:40.0133 5808 USBSTOR - ok
14:57:40.0179 5808 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
14:57:40.0181 5808 usbuhci - ok
14:57:40.0347 5808 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
14:57:40.0353 5808 usbvideo - ok
14:57:40.0406 5808 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
14:57:40.0413 5808 UxSms - ok
14:57:40.0538 5808 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:57:40.0542 5808 VaultSvc - ok
14:57:40.0689 5808 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
14:57:40.0693 5808 vdrvroot - ok
14:57:40.0750 5808 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
14:57:40.0761 5808 vds - ok
14:57:40.0945 5808 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
14:57:40.0947 5808 vga - ok
14:57:40.0984 5808 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
14:57:40.0985 5808 VgaSave - ok
14:57:41.0177 5808 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
14:57:41.0183 5808 vhdmp - ok
14:57:41.0214 5808 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
14:57:41.0216 5808 viaide - ok
14:57:41.0421 5808 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
14:57:41.0424 5808 volmgr - ok
14:57:41.0479 5808 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
14:57:41.0484 5808 volmgrx - ok
14:57:41.0684 5808 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
14:57:41.0688 5808 volsnap - ok
14:57:41.0733 5808 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
14:57:41.0736 5808 vsmraid - ok
14:57:41.0936 5808 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
14:57:41.0962 5808 VSS - ok
14:57:42.0027 5808 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
14:57:42.0028 5808 vwifibus - ok
14:57:42.0170 5808 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
14:57:42.0172 5808 vwififlt - ok
14:57:42.0214 5808 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
14:57:42.0221 5808 W32Time - ok
14:57:42.0414 5808 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
14:57:42.0416 5808 WacomPen - ok
14:57:42.0484 5808 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
14:57:42.0487 5808 WANARP - ok
14:57:42.0510 5808 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
14:57:42.0511 5808 Wanarpv6 - ok
14:57:42.0722 5808 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
14:57:42.0748 5808 WatAdminSvc - ok
14:57:42.0842 5808 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
14:57:42.0862 5808 wbengine - ok
14:57:43.0014 5808 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
14:57:43.0023 5808 WbioSrvc - ok
14:57:43.0080 5808 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
14:57:43.0092 5808 wcncsvc - ok
14:57:43.0243 5808 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
14:57:43.0249 5808 WcsPlugInService - ok
14:57:43.0318 5808 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
14:57:43.0320 5808 Wd - ok
14:57:43.0479 5808 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\windows\system32\DRIVERS\wdcsam64.sys
14:57:43.0482 5808 WDC_SAM - ok
14:57:43.0555 5808 WDDMService (e6050fe6b60fa91188b8abdb5b1e339f) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
14:57:43.0561 5808 WDDMService - ok
14:57:43.0761 5808 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
14:57:43.0775 5808 Wdf01000 - ok
14:57:43.0893 5808 WDFME (b83d5071b32a70bebdb3330bfa7acb80) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
14:57:43.0907 5808 WDFME - ok
14:57:44.0055 5808 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
14:57:44.0061 5808 WdiServiceHost - ok
14:57:44.0071 5808 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
14:57:44.0077 5808 WdiSystemHost - ok
14:57:44.0165 5808 WDSC (517de2c5568cba6b2a24a557ac60c30b) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
14:57:44.0207 5808 WDSC - ok
14:57:44.0377 5808 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
14:57:44.0388 5808 WebClient - ok
14:57:44.0431 5808 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
14:57:44.0436 5808 Wecsvc - ok
14:57:44.0572 5808 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
14:57:44.0578 5808 wercplsupport - ok
14:57:44.0616 5808 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
14:57:44.0620 5808 WerSvc - ok
14:57:44.0703 5808 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
14:57:44.0706 5808 WfpLwf - ok
14:57:44.0739 5808 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
14:57:44.0741 5808 WIMMount - ok
14:57:44.0788 5808 WinDefend - ok
14:57:44.0812 5808 WinHttpAutoProxySvc - ok
14:57:44.0990 5808 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
14:57:44.0996 5808 Winmgmt - ok
14:57:45.0097 5808 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
14:57:45.0128 5808 WinRM - ok
14:57:45.0340 5808 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
14:57:45.0343 5808 WinUsb - ok
14:57:45.0406 5808 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
14:57:45.0427 5808 Wlansvc - ok
14:57:45.0513 5808 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:57:45.0516 5808 wlcrasvc - ok
14:57:45.0704 5808 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:57:45.0732 5808 wlidsvc - ok
14:57:45.0908 5808 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
14:57:45.0910 5808 WmiAcpi - ok
14:57:45.0975 5808 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
14:57:45.0979 5808 wmiApSrv - ok
14:57:46.0029 5808 WMPNetworkSvc - ok
14:57:46.0190 5808 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
14:57:46.0196 5808 WPCSvc - ok
14:57:46.0250 5808 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
14:57:46.0255 5808 WPDBusEnum - ok
14:57:46.0323 5808 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
14:57:46.0325 5808 ws2ifsl - ok
14:57:46.0701 5808 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll
14:57:46.0727 5808 wscsvc - ok
14:57:46.0814 5808 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96
Back to top
View user's profile Send private message
Cypher
Moderator


Joined: 05 Jul 2009
Last Visit: 22 Jul 2014
Posts: 4571
Location: Land Of The Leprechauns

PostPosted: Thu Apr 12, 2012 1:39 am    Post subject: Reply with quote

Hi nealod,
The TDSSKiller log you posted is incomplete please post it again.
To find the log go to Start > Computer > C:

Please post both OTL logs also as requested.
_________________
Admin/Teacher at Malware Removal University
Member of...

Back to top
View user's profile Send private message
nealod
Warrior


Joined: 24 Sep 2010
Last Visit: 02 Oct 2013
Posts: 52

PostPosted: Thu Apr 12, 2012 4:11 am    Post subject: Reply with quote

14:56:36.0187 5212 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
14:56:36.0576 5212 ============================================================
14:56:36.0576 5212 Current date / time: 2012/04/11 14:56:36.0576
14:56:36.0576 5212 SystemInfo:
14:56:36.0576 5212
14:56:36.0576 5212 OS Version: 6.1.7601 ServicePack: 1.0
14:56:36.0576 5212 Product type: Workstation
14:56:36.0576 5212 ComputerName: ABSOLUTE-LT
14:56:36.0576 5212 UserName: Absolute
14:56:36.0576 5212 Windows directory: C:\windows
14:56:36.0576 5212 System windows directory: C:\windows
14:56:36.0577 5212 Running under WOW64
14:56:36.0577 5212 Processor architecture: Intel x64
14:56:36.0577 5212 Number of processors: 2
14:56:36.0577 5212 Page size: 0x1000
14:56:36.0577 5212 Boot type: Normal boot
14:56:36.0577 5212 ============================================================
14:56:37.0805 5212 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:56:37.0809 5212 \Device\Harddisk0\DR0:
14:56:37.0809 5212 MBR used
14:56:37.0809 5212 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38D3F800
14:56:37.0860 5212 Initialize success
14:56:37.0860 5212 ============================================================
14:56:46.0934 5808 ============================================================
14:56:46.0934 5808 Scan started
14:56:46.0934 5808 Mode: Manual;
14:56:46.0934 5808 ============================================================
14:56:48.0541 5808 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
14:56:48.0547 5808 1394ohci - ok
14:56:48.0591 5808 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
14:56:48.0599 5808 ACPI - ok
14:56:48.0805 5808 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
14:56:48.0807 5808 AcpiPmi - ok
14:56:48.0965 5808 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:56:48.0967 5808 AdobeARMservice - ok
14:56:49.0115 5808 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:56:49.0122 5808 AdobeFlashPlayerUpdateSvc - ok
14:56:49.0338 5808 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
14:56:49.0349 5808 adp94xx - ok
14:56:49.0532 5808 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
14:56:49.0541 5808 adpahci - ok
14:56:49.0580 5808 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
14:56:49.0583 5808 adpu320 - ok
14:56:49.0730 5808 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
14:56:49.0733 5808 AeLookupSvc - ok
14:56:49.0827 5808 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
14:56:49.0838 5808 AFD - ok
14:56:49.0916 5808 AgereModemAudio (b65f8dba54f251906bbe8611b5a0e7ab) C:\Program Files\LSI SoftModem\agr64svc.exe
14:56:49.0917 5808 AgereModemAudio - ok
14:56:50.0123 5808 AgereSoftModem (c98356d813b581e9c425b42a5d146ce0) C:\windows\system32\DRIVERS\agrsm64.sys
14:56:50.0142 5808 AgereSoftModem - ok
14:56:50.0328 5808 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
14:56:50.0331 5808 agp440 - ok
14:56:50.0380 5808 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
14:56:50.0383 5808 ALG - ok
14:56:50.0727 5808 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
14:56:50.0777 5808 aliide - ok
14:56:50.0980 5808 AMD External Events Utility (98a2774d3f18c107874c8c1163ebe484) C:\windows\system32\atiesrxx.exe
14:56:50.0986 5808 AMD External Events Utility - ok
14:56:51.0068 5808 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
14:56:51.0070 5808 amdide - ok
14:56:51.0221 5808 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
14:56:51.0224 5808 AmdK8 - ok
14:56:51.0296 5808 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
14:56:51.0299 5808 AmdPPM - ok
14:56:51.0467 5808 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
14:56:51.0471 5808 amdsata - ok
14:56:51.0544 5808 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
14:56:51.0549 5808 amdsbs - ok
14:56:51.0732 5808 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
14:56:51.0734 5808 amdxata - ok
14:56:51.0814 5808 ApfiltrService (1661f9c9e4b0049fa0a5e30264375a87) C:\windows\system32\DRIVERS\Apfiltr.sys
14:56:51.0821 5808 ApfiltrService - ok
14:56:52.0002 5808 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
14:56:52.0005 5808 AppID - ok
14:56:52.0075 5808 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
14:56:52.0077 5808 AppIDSvc - ok
14:56:52.0245 5808 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
14:56:52.0262 5808 Appinfo - ok
14:56:52.0357 5808 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:56:52.0361 5808 Apple Mobile Device - ok
14:56:52.0558 5808 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
14:56:52.0561 5808 arc - ok
14:56:52.0580 5808 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
14:56:52.0583 5808 arcsas - ok
14:56:52.0734 5808 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:56:52.0738 5808 aspnet_state - ok
14:56:52.0899 5808 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
14:56:52.0902 5808 AsyncMac - ok
14:56:52.0971 5808 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
14:56:52.0972 5808 atapi - ok
14:56:53.0044 5808 athr (e857eee6b92aaa473ebb3465add8f7e7) C:\windows\system32\DRIVERS\athrx.sys
14:56:53.0062 5808 athr - ok
14:56:53.0441 5808 atikmdag (173f4c05f87085e9bda3f7037bc9f40e) C:\windows\system32\DRIVERS\atikmdag.sys
14:56:53.0580 5808 atikmdag - ok
14:56:53.0772 5808 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\windows\system32\DRIVERS\AtiPcie.sys
14:56:53.0774 5808 AtiPcie - ok
14:56:53.0841 5808 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
14:56:53.0855 5808 AudioEndpointBuilder - ok
14:56:53.0867 5808 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
14:56:53.0872 5808 AudioSrv - ok
14:56:54.0094 5808 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
14:56:54.0098 5808 AxInstSV - ok
14:56:54.0189 5808 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
14:56:54.0200 5808 b06bdrv - ok
14:56:54.0401 5808 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
14:56:54.0408 5808 b57nd60a - ok
14:56:54.0500 5808 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
14:56:54.0504 5808 BDESVC - ok
14:56:54.0674 5808 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
14:56:54.0676 5808 Beep - ok
14:56:54.0783 5808 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
14:56:54.0798 5808 BFE - ok
14:56:54.0965 5808 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
14:56:54.0985 5808 BITS - ok
14:56:55.0186 5808 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
14:56:55.0189 5808 blbdrive - ok
14:56:55.0282 5808 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
14:56:55.0292 5808 Bonjour Service - ok
14:56:55.0489 5808 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
14:56:55.0492 5808 bowser - ok
14:56:55.0535 5808 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
14:56:55.0537 5808 BrFiltLo - ok
14:56:55.0701 5808 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
14:56:55.0703 5808 BrFiltUp - ok
14:56:55.0778 5808 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
14:56:55.0782 5808 Browser - ok
14:56:55.0813 5808 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
14:56:55.0818 5808 Brserid - ok
14:56:55.0849 5808 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
14:56:55.0851 5808 BrSerWdm - ok
14:56:56.0001 5808 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
14:56:56.0003 5808 BrUsbMdm - ok
14:56:56.0047 5808 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
14:56:56.0049 5808 BrUsbSer - ok
14:56:56.0084 5808 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
14:56:56.0087 5808 BTHMODEM - ok
14:56:56.0278 5808 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
14:56:56.0282 5808 bthserv - ok
14:56:56.0347 5808 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
14:56:56.0350 5808 cdfs - ok
14:56:56.0525 5808 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
14:56:56.0529 5808 cdrom - ok
14:56:56.0594 5808 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
14:56:56.0596 5808 CertPropSvc - ok
14:56:56.0687 5808 cfWiMAXService (837ff2d497880198c918e6954dbd170c) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
14:56:56.0693 5808 cfWiMAXService - ok
14:56:56.0881 5808 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
14:56:56.0884 5808 circlass - ok
14:56:56.0930 5808 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
14:56:56.0939 5808 CLFS - ok
14:56:57.0108 5808 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:56:57.0113 5808 clr_optimization_v2.0.50727_32 - ok
14:56:57.0151 5808 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:56:57.0154 5808 clr_optimization_v2.0.50727_64 - ok
14:56:57.0300 5808 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:56:57.0304 5808 clr_optimization_v4.0.30319_32 - ok
14:56:57.0374 5808 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:56:57.0379 5808 clr_optimization_v4.0.30319_64 - ok
14:56:57.0571 5808 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
14:56:57.0574 5808 CmBatt - ok
14:56:57.0622 5808 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
14:56:57.0624 5808 cmdide - ok
14:56:57.0839 5808 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
14:56:57.0849 5808 CNG - ok
14:56:58.0042 5808 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
14:56:58.0045 5808 Compbatt - ok
14:56:58.0099 5808 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
14:56:58.0101 5808 CompositeBus - ok
14:56:58.0240 5808 COMSysApp - ok
14:56:58.0327 5808 ConfigFree Gadget Service (d252c53bcdfc199bba55eeb10cdb266e) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
14:56:58.0329 5808 ConfigFree Gadget Service - ok
14:56:58.0364 5808 ConfigFree Service (cab0eeaf5295fc96ddd3e19dce27e131) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
14:56:58.0366 5808 ConfigFree Service - ok
14:56:58.0565 5808 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
14:56:58.0568 5808 crcdisk - ok
14:56:58.0637 5808 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\windows\system32\cryptsvc.dll
14:56:58.0642 5808 CryptSvc - ok
14:56:58.0817 5808 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
14:56:58.0831 5808 DcomLaunch - ok
14:56:58.0874 5808 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
14:56:58.0878 5808 defragsvc - ok
14:56:59.0222 5808 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
14:56:59.0226 5808 DfsC - ok
14:56:59.0392 5808 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
14:56:59.0401 5808 Dhcp - ok
14:56:59.0467 5808 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
14:56:59.0468 5808 discache - ok
14:56:59.0603 5808 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
14:56:59.0607 5808 Disk - ok
14:56:59.0651 5808 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
14:56:59.0654 5808 Dnscache - ok
14:56:59.0816 5808 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
14:56:59.0824 5808 dot3svc - ok
14:56:59.0868 5808 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
14:56:59.0873 5808 DPS - ok
14:57:00.0064 5808 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
14:57:00.0066 5808 drmkaud - ok
14:57:00.0132 5808 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
14:57:00.0152 5808 DXGKrnl - ok
14:57:00.0310 5808 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
14:57:00.0315 5808 EapHost - ok
14:57:00.0465 5808 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
14:57:00.0547 5808 ebdrv - ok
14:57:00.0690 5808 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
14:57:00.0702 5808 EFS - ok
14:57:00.0784 5808 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
14:57:00.0807 5808 ehRecvr - ok
14:57:00.0930 5808 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
14:57:00.0961 5808 ehSched - ok
14:57:01.0387 5808 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
14:57:01.0421 5808 elxstor - ok
14:57:01.0503 5808 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
14:57:01.0528 5808 ErrDev - ok
14:57:01.0647 5808 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
14:57:01.0657 5808 EventSystem - ok
14:57:01.0826 5808 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
14:57:01.0829 5808 exfat - ok
14:57:01.0883 5808 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
14:57:01.0886 5808 fastfat - ok
14:57:02.0052 5808 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
14:57:02.0069 5808 Fax - ok
14:57:02.0131 5808 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
14:57:02.0133 5808 fdc - ok
14:57:02.0294 5808 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
14:57:02.0297 5808 fdPHost - ok
14:57:02.0341 5808 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
14:57:02.0345 5808 FDResPub - ok
14:57:02.0504 5808 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
14:57:02.0507 5808 FileInfo - ok
14:57:02.0568 5808 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
14:57:02.0571 5808 Filetrace - ok
14:57:02.0601 5808 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
14:57:02.0602 5808 flpydisk - ok
14:57:02.0657 5808 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
14:57:02.0661 5808 FltMgr - ok
14:57:02.0831 5808 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
14:57:02.0848 5808 FontCache - ok
14:57:02.0928 5808 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:57:02.0931 5808 FontCache3.0.0.0 - ok
14:57:03.0092 5808 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
14:57:03.0094 5808 FsDepends - ok
14:57:03.0178 5808 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\windows\system32\DRIVERS\fssfltr.sys
14:57:03.0180 5808 fssfltr - ok
14:57:03.0283 5808 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
14:57:03.0315 5808 fsssvc - ok
14:57:03.0507 5808 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys
14:57:03.0510 5808 Fs_Rec - ok
14:57:03.0573 5808 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
14:57:03.0576 5808 fvevol - ok
14:57:03.0758 5808 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
14:57:03.0763 5808 gagp30kx - ok
14:57:03.0851 5808 GameConsoleService (4fbccbdd99a75c9efbc90392cf32af61) C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
14:57:03.0855 5808 GameConsoleService - ok
14:57:04.0046 5808 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
14:57:04.0047 5808 GEARAspiWDM - ok
14:57:04.0100 5808 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
14:57:04.0109 5808 gpsvc - ok
14:57:04.0220 5808 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:57:04.0224 5808 gupdate - ok
14:57:04.0266 5808 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:57:04.0267 5808 gupdatem - ok
14:57:04.0321 5808 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
14:57:04.0324 5808 gusvc - ok
14:57:04.0548 5808 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
14:57:04.0551 5808 hcw85cir - ok
14:57:04.0649 5808 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
14:57:04.0658 5808 HdAudAddService - ok
14:57:04.0957 5808 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
14:57:04.0961 5808 HDAudBus - ok
14:57:04.0994 5808 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
14:57:04.0997 5808 HidBatt - ok
14:57:05.0160 5808 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
14:57:05.0164 5808 HidBth - ok
14:57:05.0185 5808 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
14:57:05.0192 5808 HidIr - ok
14:57:05.0228 5808 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
14:57:05.0230 5808 hidserv - ok
14:57:05.0292 5808 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
14:57:05.0294 5808 HidUsb - ok
14:57:05.0453 5808 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
14:57:05.0458 5808 hkmsvc - ok
14:57:05.0593 5808 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
14:57:05.0598 5808 HomeGroupListener - ok
14:57:05.0746 5808 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
14:57:05.0750 5808 HomeGroupProvider - ok
14:57:05.0830 5808 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
14:57:05.0831 5808 HpSAMD - ok
14:57:06.0018 5808 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
14:57:06.0026 5808 HTTP - ok
14:57:06.0101 5808 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
14:57:06.0102 5808 hwpolicy - ok
14:57:06.0324 5808 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
14:57:06.0326 5808 i8042prt - ok
14:57:06.0416 5808 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
14:57:06.0423 5808 iaStorV - ok
14:57:06.0546 5808 IDriveE Service (4abaf0ee285bd49718a203d16972087a) C:\IDrive\IDriveE Service.exe
14:57:06.0614 5808 IDriveE Service - ok
14:57:06.0774 5808 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:57:06.0793 5808 IDriverT - ok
14:57:07.0023 5808 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:57:07.0043 5808 idsvc - ok
14:57:07.0219 5808 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
14:57:07.0222 5808 iirsp - ok
14:57:07.0293 5808 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
14:57:07.0306 5808 IKEEXT - ok
14:57:07.0540 5808 IntcAzAudAddService (b6e61b181884527cc5b68c2d79504b43) C:\windows\system32\drivers\RTKVHD64.sys
14:57:07.0568 5808 IntcAzAudAddService - ok
14:57:07.0759 5808 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
14:57:07.0761 5808 intelide - ok
14:57:07.0810 5808 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
14:57:07.0812 5808 intelppm - ok
14:57:07.0982 5808 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
14:57:07.0986 5808 IPBusEnum - ok
14:57:08.0072 5808 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
14:57:08.0076 5808 IpFilterDriver - ok
14:57:08.0133 5808 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
14:57:08.0141 5808 iphlpsvc - ok
14:57:08.0332 5808 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
14:57:08.0334 5808 IPMIDRV - ok
14:57:08.0382 5808 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
14:57:08.0386 5808 IPNAT - ok
14:57:08.0495 5808 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe
14:57:08.0515 5808 iPod Service - ok
14:57:08.0692 5808 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
14:57:08.0695 5808 IRENUM - ok
14:57:08.0737 5808 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
14:57:08.0738 5808 isapnp - ok
14:57:08.0911 5808 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
14:57:08.0916 5808 iScsiPrt - ok
14:57:08.0967 5808 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
14:57:08.0969 5808 kbdclass - ok
14:57:09.0249 5808 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
14:57:09.0250 5808 kbdhid - ok
14:57:09.0280 5808 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:57:09.0282 5808 KeyIso - ok
14:57:09.0316 5808 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
14:57:09.0318 5808 KSecDD - ok
14:57:09.0471 5808 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
14:57:09.0473 5808 KSecPkg - ok
14:57:09.0514 5808 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
14:57:09.0516 5808 ksthunk - ok
14:57:09.0565 5808 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
14:57:09.0571 5808 KtmRm - ok
14:57:09.0742 5808 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
14:57:09.0751 5808 LanmanServer - ok
14:57:09.0803 5808 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
14:57:09.0808 5808 LanmanWorkstation - ok
14:57:09.0916 5808 LBTServ (88e52495b47c67126b510af53fdb0bc7) C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
14:57:09.0920 5808 LBTServ - ok
14:57:10.0104 5808 LHidFilt (b6552d382ff070b4ed34cbd6737277c0) C:\windows\system32\DRIVERS\LHidFilt.Sys
14:57:10.0106 5808 LHidFilt - ok
14:57:10.0156 5808 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
14:57:10.0157 5808 lltdio - ok
14:57:10.0335 5808 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
14:57:10.0341 5808 lltdsvc - ok
14:57:10.0362 5808 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
14:57:10.0364 5808 lmhosts - ok
14:57:10.0441 5808 LMouFilt (73c1f563ab73d459dffe682d66476558) C:\windows\system32\DRIVERS\LMouFilt.Sys
14:57:10.0444 5808 LMouFilt - ok
14:57:10.0616 5808 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
14:57:10.0621 5808 LSI_FC - ok
14:57:10.0784 5808 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
14:57:10.0789 5808 LSI_SAS - ok
14:57:10.0826 5808 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
14:57:10.0828 5808 LSI_SAS2 - ok
14:57:10.0954 5808 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
14:57:10.0958 5808 LSI_SCSI - ok
14:57:11.0038 5808 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
14:57:11.0042 5808 luafv - ok
14:57:11.0201 5808 LUsbFilt (9d9714e78eac9e5368208649489c920e) C:\windows\system32\Drivers\LUsbFilt.Sys
14:57:11.0204 5808 LUsbFilt - ok
14:57:11.0263 5808 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
14:57:11.0266 5808 Mcx2Svc - ok
14:57:11.0338 5808 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
14:57:11.0340 5808 megasas - ok
14:57:11.0492 5808 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
14:57:11.0499 5808 MegaSR - ok
14:57:11.0594 5808 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
14:57:11.0598 5808 Microsoft Office Groove Audit Service - ok
14:57:11.0762 5808 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
14:57:11.0767 5808 MMCSS - ok
14:57:11.0839 5808 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
14:57:11.0840 5808 Modem - ok
14:57:11.0995 5808 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
14:57:12.0009 5808 monitor - ok
14:57:12.0093 5808 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
14:57:12.0095 5808 mouclass - ok
14:57:12.0248 5808 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
14:57:12.0251 5808 mouhid - ok
14:57:12.0336 5808 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
14:57:12.0338 5808 mountmgr - ok
14:57:12.0538 5808 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\windows\system32\DRIVERS\MpFilter.sys
14:57:12.0547 5808 MpFilter - ok
14:57:12.0616 5808 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
14:57:12.0619 5808 mpio - ok
14:57:12.0823 5808 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\windows\system32\DRIVERS\MpNWMon.sys
14:57:12.0826 5808 MpNWMon - ok
14:57:12.0917 5808 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
14:57:12.0919 5808 mpsdrv - ok
14:57:13.0032 5808 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
14:57:13.0047 5808 MpsSvc - ok
14:57:13.0257 5808 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
14:57:13.0259 5808 MRxDAV - ok
14:57:13.0307 5808 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
14:57:13.0310 5808 mrxsmb - ok
14:57:13.0503 5808 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
14:57:13.0509 5808 mrxsmb10 - ok
14:57:13.0567 5808 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
14:57:13.0569 5808 mrxsmb20 - ok
14:57:13.0754 5808 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
14:57:13.0755 5808 msahci - ok
14:57:13.0805 5808 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
14:57:13.0808 5808 msdsm - ok
14:57:13.0959 5808 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
14:57:13.0965 5808 MSDTC - ok
14:57:14.0048 5808 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
14:57:14.0049 5808 Msfs - ok
14:57:14.0182 5808 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
14:57:14.0183 5808 mshidkmdf - ok
14:57:14.0227 5808 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
14:57:14.0228 5808 msisadrv - ok
14:57:14.0274 5808 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
14:57:14.0277 5808 MSiSCSI - ok
14:57:14.0409 5808 msiserver - ok
14:57:14.0493 5808 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
14:57:14.0494 5808 MSKSSRV - ok
14:57:14.0588 5808 MsMpSvc (157e9e498206a3366baa7e4697bdd947) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
14:57:14.0588 5808 MsMpSvc - ok
14:57:14.0794 5808 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
14:57:14.0796 5808 MSPCLOCK - ok
14:57:14.0816 5808 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
14:57:14.0818 5808 MSPQM - ok
14:57:14.0877 5808 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
14:57:14.0882 5808 MsRPC - ok
14:57:15.0064 5808 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
14:57:15.0065 5808 mssmbios - ok
14:57:15.0115 5808 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
14:57:15.0116 5808 MSTEE - ok
14:57:15.0268 5808 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
14:57:15.0271 5808 MTConfig - ok
14:57:15.0303 5808 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
14:57:15.0305 5808 Mup - ok
14:57:15.0351 5808 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
14:57:15.0358 5808 napagent - ok
14:57:15.0582 5808 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
14:57:15.0586 5808 NativeWifiP - ok
14:57:15.0797 5808 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
14:57:15.0808 5808 NDIS - ok
14:57:16.0009 5808 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
14:57:16.0012 5808 NdisCap - ok
14:57:16.0052 5808 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
14:57:16.0056 5808 NdisTapi - ok
14:57:16.0238 5808 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
14:57:16.0241 5808 Ndisuio - ok
14:57:16.0284 5808 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
14:57:16.0287 5808 NdisWan - ok
14:57:16.0466 5808 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
14:57:16.0468 5808 NDProxy - ok
14:57:16.0519 5808 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
14:57:16.0522 5808 NetBIOS - ok
14:57:16.0771 5808 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
14:57:16.0774 5808 NetBT - ok
14:57:16.0847 5808 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:57:16.0850 5808 Netlogon - ok
14:57:17.0269 5808 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
14:57:17.0308 5808 Netman - ok
14:57:17.0451 5808 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:17.0455 5808 NetMsmqActivator - ok
14:57:17.0464 5808 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:17.0465 5808 NetPipeActivator - ok
14:57:17.0634 5808 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
14:57:17.0646 5808 netprofm - ok
14:57:17.0796 5808 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:17.0798 5808 NetTcpActivator - ok
14:57:17.0816 5808 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:17.0819 5808 NetTcpPortSharing - ok
14:57:17.0991 5808 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
14:57:17.0994 5808 nfrd960 - ok
14:57:18.0080 5808 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\windows\system32\DRIVERS\NisDrvWFP.sys
14:57:18.0083 5808 NisDrv - ok
14:57:18.0172 5808 NisSrv (566ddd5d82520da01d75f81428ac4c38) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
14:57:18.0177 5808 NisSrv - ok
14:57:18.0361 5808 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
14:57:18.0366 5808 NlaSvc - ok
14:57:18.0420 5808 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
14:57:18.0422 5808 Npfs - ok
14:57:18.0568 5808 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
14:57:18.0569 5808 nsi - ok
14:57:18.0588 5808 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
14:57:18.0589 5808 nsiproxy - ok
14:57:18.0692 5808 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
14:57:18.0713 5808 Ntfs - ok
14:57:18.0885 5808 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
14:57:18.0886 5808 Null - ok
14:57:18.0945 5808 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
14:57:18.0947 5808 nvraid - ok
14:57:19.0195 5808 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
14:57:19.0198 5808 nvstor - ok
14:57:19.0275 5808 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
14:57:19.0277 5808 nv_agp - ok
14:57:19.0392 5808 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:57:19.0399 5808 odserv - ok
14:57:19.0688 5808 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
14:57:19.0689 5808 ohci1394 - ok
14:57:19.0793 5808 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:57:19.0796 5808 ose - ok
14:57:20.0100 5808 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
14:57:20.0105 5808 p2pimsvc - ok
14:57:20.0152 5808 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
14:57:20.0159 5808 p2psvc - ok
14:57:20.0396 5808 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
14:57:20.0399 5808 Parport - ok
14:57:20.0475 5808 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\windows\system32\drivers\partmgr.sys
14:57:20.0477 5808 partmgr - ok
14:57:20.0689 5808 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
14:57:20.0693 5808 PcaSvc - ok
14:57:20.0785 5808 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
14:57:20.0788 5808 pci - ok
14:57:20.0821 5808 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
14:57:20.0837 5808 pciide - ok
14:57:21.0113 5808 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
14:57:21.0117 5808 pcmcia - ok
14:57:21.0198 5808 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
14:57:21.0215 5808 pcw - ok
14:57:21.0318 5808 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
14:57:21.0328 5808 PEAUTH - ok
14:57:21.0428 5808 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
14:57:21.0430 5808 PerfHost - ok
14:57:21.0706 5808 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys
14:57:21.0708 5808 PGEffect - ok
14:57:21.0969 5808 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
14:57:21.0999 5808 pla - ok
14:57:22.0152 5808 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
14:57:22.0160 5808 PlugPlay - ok
14:57:22.0262 5808 PMCF (60795ae1e34bcf4ff731f55a6cda9a86) C:\windows\system32\drivers\PMCF.sys
14:57:22.0264 5808 PMCF - ok
14:57:22.0410 5808 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
14:57:22.0415 5808 PNRPAutoReg - ok
14:57:22.0483 5808 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
14:57:22.0494 5808 PNRPsvc - ok
14:57:22.0715 5808 Point64 (b8d8ec78b0f9ed8e220506181274f3d3) C:\windows\system32\DRIVERS\point64.sys
14:57:22.0717 5808 Point64 - ok
14:57:22.0808 5808 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
14:57:22.0815 5808 PolicyAgent - ok
14:57:22.0874 5808 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
14:57:22.0878 5808 Power - ok
14:57:23.0059 5808 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
14:57:23.0062 5808 PptpMiniport - ok
14:57:23.0149 5808 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
14:57:23.0151 5808 Processor - ok
14:57:23.0254 5808 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\windows\system32\profsvc.dll
14:57:23.0258 5808 ProfSvc - ok
14:57:23.0415 5808 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:57:23.0417 5808 ProtectedStorage - ok
14:57:23.0574 5808 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
14:57:23.0576 5808 Psched - ok
14:57:23.0711 5808 QBCFMonitorService (933d92f0bd1d7a9835cd8a8b1235a11e) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
14:57:23.0734 5808 QBCFMonitorService - ok
14:57:23.0895 5808 QBFCService (6bee1814470dc12fa20c53dfc3c97ebb) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
14:57:23.0917 5808 QBFCService - ok
14:57:24.0218 5808 QBVSS (25fc19badf78b7fb1d835aac4b0b91a5) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
14:57:24.0356 5808 QBVSS - ok
14:57:24.0618 5808 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
14:57:24.0635 5808 ql2300 - ok
14:57:24.0837 5808 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
14:57:24.0861 5808 ql40xx - ok
14:57:24.0906 5808 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
14:57:24.0911 5808 QWAVE - ok
14:57:24.0983 5808 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
14:57:24.0984 5808 QWAVEdrv - ok
14:57:25.0208 5808 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
14:57:25.0213 5808 RasAcd - ok
14:57:25.0308 5808 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
14:57:25.0318 5808 RasAgileVpn - ok
14:57:25.0506 5808 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
14:57:25.0510 5808 RasAuto - ok
14:57:25.0593 5808 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
14:57:25.0595 5808 Rasl2tp - ok
14:57:25.0681 5808 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
14:57:25.0688 5808 RasMan - ok
14:57:25.0871 5808 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
14:57:25.0873 5808 RasPppoe - ok
14:57:25.0986 5808 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
14:57:25.0988 5808 RasSstp - ok
14:57:26.0063 5808 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
14:57:26.0067 5808 rdbss - ok
14:57:26.0235 5808 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
14:57:26.0257 5808 rdpbus - ok
14:57:26.0322 5808 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
14:57:26.0323 5808 RDPCDD - ok
14:57:26.0357 5808 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
14:57:26.0357 5808 RDPENCDD - ok
14:57:26.0513 5808 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
14:57:26.0513 5808 RDPREFMP - ok
14:57:26.0600 5808 RDPWD (6d76e6433574b058adcb0c50df834492) C:\windows\system32\drivers\RDPWD.sys
14:57:26.0603 5808 RDPWD - ok
14:57:26.0779 5808 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
14:57:26.0782 5808 rdyboost - ok
14:57:26.0957 5808 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
14:57:26.0963 5808 RemoteAccess - ok
14:57:27.0016 5808 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
14:57:27.0020 5808 RemoteRegistry - ok
14:57:27.0162 5808 rimspci (e20b1907fc72a3664ece21e3c20fc63d) C:\windows\system32\DRIVERS\rimspe64.sys
14:57:27.0164 5808 rimspci - ok
14:57:27.0320 5808 risdpcie (7dda2e5cf452dad24b1be704225c18ee) C:\windows\system32\DRIVERS\risdpe64.sys
14:57:27.0322 5808 risdpcie - ok
14:57:27.0388 5808 rixdpcie (6a1cd4674505e6791390a1ab71da1fbe) C:\windows\system32\DRIVERS\rixdpe64.sys
14:57:27.0390 5808 rixdpcie - ok
14:57:27.0557 5808 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
14:57:27.0559 5808 RpcEptMapper - ok
14:57:27.0589 5808 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
14:57:27.0591 5808 RpcLocator - ok
14:57:27.0638 5808 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
14:57:27.0643 5808 RpcSs - ok
14:57:27.0713 5808 RSELSVC - ok
14:57:27.0903 5808 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
14:57:27.0905 5808 rspndr - ok
14:57:27.0949 5808 RTL8167 (66f9f7161d147b6486a22feb9425930d) C:\windows\system32\DRIVERS\Rt64win7.sys
14:57:27.0953 5808 RTL8167 - ok
14:57:28.0148 5808 rtl8192se (03e0627c26943916a7276ac5306206c7) C:\windows\system32\DRIVERS\rtl8192se.sys
14:57:28.0161 5808 rtl8192se - ok
14:57:28.0315 5808 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:57:28.0317 5808 SamSs - ok
14:57:28.0382 5808 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
14:57:28.0384 5808 sbp2port - ok
14:57:28.0540 5808 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
14:57:28.0544 5808 SCardSvr - ok
14:57:28.0621 5808 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
14:57:28.0623 5808 scfilter - ok
14:57:28.0813 5808 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
14:57:28.0827 5808 Schedule - ok
14:57:28.0996 5808 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
14:57:28.0997 5808 SCPolicySvc - ok
14:57:29.0079 5808 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\windows\system32\drivers\sdbus.sys
14:57:29.0082 5808 sdbus - ok
14:57:29.0255 5808 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
14:57:29.0259 5808 SDRSVC - ok
14:57:29.0319 5808 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
14:57:29.0321 5808 secdrv - ok
14:57:29.0494 5808 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
14:57:29.0496 5808 seclogon - ok
14:57:29.0533 5808 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
14:57:29.0536 5808 SENS - ok
14:57:29.0791 5808 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
14:57:29.0802 5808 SensrSvc - ok
14:57:29.0908 5808 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
14:57:29.0909 5808 Serenum - ok
14:57:30.0064 5808 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
14:57:30.0068 5808 Serial - ok
14:57:30.0118 5808 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
14:57:30.0119 5808 sermouse - ok
14:57:30.0195 5808 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
14:57:30.0198 5808 SessionEnv - ok
14:57:30.0306 5808 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
14:57:30.0308 5808 sffdisk - ok
14:57:30.0475 5808 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
14:57:30.0477 5808 sffp_mmc - ok
14:57:30.0498 5808 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
14:57:30.0500 5808 sffp_sd - ok
14:57:30.0548 5808 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
14:57:30.0550 5808 sfloppy - ok
14:57:30.0638 5808 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
14:57:30.0644 5808 SharedAccess - ok
14:57:30.0692 5808 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
14:57:30.0698 5808 ShellHWDetection - ok
14:57:30.0882 5808 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
14:57:30.0884 5808 SiSRaid2 - ok
14:57:30.0895 5808 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
14:57:30.0901 5808 SiSRaid4 - ok
14:57:31.0090 5808 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
14:57:31.0094 5808 Smb - ok
14:57:31.0129 5808 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
14:57:31.0131 5808 SNMPTRAP - ok
14:57:31.0153 5808 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
14:57:31.0154 5808 spldr - ok
14:57:31.0359 5808 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
14:57:31.0374 5808 Spooler - ok
14:57:31.0503 5808 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
14:57:31.0603 5808 sppsvc - ok
14:57:31.0743 5808 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
14:57:31.0749 5808 sppuinotify - ok
14:57:31.0835 5808 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
14:57:31.0846 5808 srv - ok
14:57:32.0055 5808 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
14:57:32.0065 5808 srv2 - ok
14:57:32.0134 5808 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
14:57:32.0138 5808 srvnet - ok
14:57:32.0286 5808 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
14:57:32.0290 5808 SSDPSRV - ok
14:57:32.0323 5808 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
14:57:32.0325 5808 SstpSvc - ok
14:57:32.0390 5808 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
14:57:32.0393 5808 stexstor - ok
14:57:32.0569 5808 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
14:57:32.0586 5808 stisvc - ok
14:57:32.0671 5808 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
14:57:32.0672 5808 swenum - ok
14:57:32.0827 5808 swg3kser00 (9f0a0c3ee91fd7cb709f7d0d97207f7e) C:\windows\system32\DRIVERS\swg3kser00.sys
14:57:32.0836 5808 swg3kser00 - ok
14:57:32.0910 5808 SwiCardDetectSvc (7759bb08cf43b2dbf9e151bbf827add2) C:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe
14:57:33.0038 5808 SwiCardDetectSvc - ok
14:57:33.0269 5808 swiwdmbx (c6a7e54a31803e6f95e23d1b5d967d57) C:\windows\system32\DRIVERS\swiwdmbx64.sys
14:57:33.0273 5808 swiwdmbx - ok
14:57:33.0346 5808 SWNC8UA3 (dc345fc7ce9ba3005153062407263bb2) C:\windows\system32\DRIVERS\swnc8ua3.sys
14:57:33.0355 5808 SWNC8UA3 - ok
14:57:33.0520 5808 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
14:57:33.0535 5808 swprv - ok
14:57:33.0758 5808 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
14:57:33.0777 5808 SysMain - ok
14:57:33.0928 5808 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
14:57:33.0931 5808 TabletInputService - ok
14:57:33.0954 5808 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
14:57:33.0960 5808 TapiSrv - ok
14:57:34.0122 5808 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
14:57:34.0128 5808 TBS - ok
14:57:34.0258 5808 Tcpip (fc62769e7bff2896035aeed399108162) C:\windows\system32\drivers\tcpip.sys
14:57:34.0285 5808 Tcpip - ok
14:57:34.0599 5808 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\windows\system32\DRIVERS\tcpip.sys
14:57:34.0611 5808 TCPIP6 - ok
14:57:34.0798 5808 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
14:57:34.0801 5808 tcpipreg - ok
14:57:34.0863 5808 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
14:57:34.0866 5808 tdcmdpst - ok
14:57:35.0057 5808 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
14:57:35.0059 5808 TDPIPE - ok
14:57:35.0106 5808 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
14:57:35.0109 5808 TDTCP - ok
14:57:35.0297 5808 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
14:57:35.0301 5808 tdx - ok
14:57:35.0345 5808 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
14:57:35.0348 5808 TermDD - ok
14:57:35.0523 5808 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
14:57:35.0533 5808 TermService - ok
14:57:35.0681 5808 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
14:57:35.0687 5808 Themes - ok
14:57:35.0771 5808 Thpdrv (c013f6acaa9761f571bd28dada7c157d) C:\windows\system32\DRIVERS\thpdrv.sys
14:57:35.0773 5808 Thpdrv - ok
14:57:35.0918 5808 Thpevm (b4e609047434ed948af7bdef2fa66e38) C:\windows\system32\DRIVERS\Thpevm.SYS
14:57:35.0920 5808 Thpevm - ok
14:57:35.0981 5808 Thpsrv (6146eac71ae3c9da17b0e33632082b7b) C:\windows\system32\ThpSrv.exe
14:57:36.0019 5808 Thpsrv - ok
14:57:36.0319 5808 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
14:57:36.0323 5808 THREADORDER - ok
14:57:36.0422 5808 TMachInfo (f120967184a27e927052e8ddbb727851) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
14:57:36.0425 5808 TMachInfo - ok
14:57:36.0591 5808 TODDSrv (ed32035bdfeced1ad66d459fd9cc1140) C:\Windows\system32\TODDSrv.exe
14:57:36.0605 5808 TODDSrv - ok
14:57:36.0726 5808 TosCoSrv (06c61275adc64f1e36240a2287998a5e) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
14:57:36.0736 5808 TosCoSrv - ok
14:57:36.0803 5808 TOSHIBA eco Utility Service (707800855afbd7648375efb1519b8d6d) C:\Program Files\TOSHIBA\TECO\TecoService.exe
14:57:36.0807 5808 TOSHIBA eco Utility Service - ok
14:57:37.0107 5808 TOSHIBA HDD SSD Alert Service (eda12e9bc9a0f104c24101720eec4785) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
14:57:37.0200 5808 TOSHIBA HDD SSD Alert Service - ok
14:57:37.0425 5808 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\windows\system32\DRIVERS\tos_sps64.sys
14:57:37.0432 5808 tos_sps64 - ok
14:57:37.0542 5808 TPCHSrv (de64c52bd0671165cf2eebf2a728a3e2) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
14:57:37.0563 5808 TPCHSrv - ok
14:57:37.0815 5808 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
14:57:37.0818 5808 TrkWks - ok
14:57:37.0914 5808 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
14:57:37.0917 5808 TrustedInstaller - ok
14:57:38.0076 5808 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
14:57:38.0079 5808 tssecsrv - ok
14:57:38.0174 5808 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
14:57:38.0175 5808 TsUsbFlt - ok
14:57:38.0344 5808 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
14:57:38.0347 5808 tunnel - ok
14:57:38.0418 5808 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
14:57:38.0420 5808 TVALZ - ok
14:57:38.0576 5808 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys
14:57:38.0578 5808 TVALZFL - ok
14:57:38.0658 5808 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
14:57:38.0662 5808 uagp35 - ok
14:57:38.0713 5808 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
14:57:38.0719 5808 udfs - ok
14:57:38.0862 5808 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
14:57:38.0866 5808 UI0Detect - ok
14:57:38.0955 5808 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
14:57:38.0958 5808 uliagpkx - ok
14:57:39.0051 5808 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys
14:57:39.0062 5808 umbus - ok
14:57:39.0203 5808 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
14:57:39.0204 5808 UmPass - ok
14:57:39.0267 5808 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
14:57:39.0273 5808 upnphost - ok
14:57:39.0363 5808 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\windows\system32\Drivers\usbaapl64.sys
14:57:39.0398 5808 USBAAPL64 - ok
14:57:39.0542 5808 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
14:57:39.0546 5808 usbccgp - ok
14:57:39.0606 5808 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
14:57:39.0611 5808 usbcir - ok
14:57:39.0636 5808 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
14:57:39.0638 5808 usbehci - ok
14:57:39.0724 5808 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
14:57:39.0730 5808 usbhub - ok
14:57:39.0885 5808 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\DRIVERS\usbohci.sys
14:57:39.0888 5808 usbohci - ok
14:57:39.0944 5808 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
14:57:39.0947 5808 usbprint - ok
14:57:40.0104 5808 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
14:57:40.0133 5808 USBSTOR - ok
14:57:40.0179 5808 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
14:57:40.0181 5808 usbuhci - ok
14:57:40.0347 5808 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
14:57:40.0353 5808 usbvideo - ok
14:57:40.0406 5808 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
14:57:40.0413 5808 UxSms - ok
14:57:40.0538 5808 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:57:40.0542 5808 VaultSvc - ok
14:57:40.0689 5808 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
14:57:40.0693 5808 vdrvroot - ok
14:57:40.0750 5808 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
14:57:40.0761 5808 vds - ok
14:57:40.0945 5808 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
14:57:40.0947 5808 vga - ok
14:57:40.0984 5808 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
14:57:40.0985 5808 VgaSave - ok
14:57:41.0177 5808 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
14:57:41.0183 5808 vhdmp - ok
14:57:41.0214 5808 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
14:57:41.0216 5808 viaide - ok
14:57:41.0421 5808 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
14:57:41.0424 5808 volmgr - ok
14:57:41.0479 5808 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
14:57:41.0484 5808 volmgrx - ok
14:57:41.0684 5808 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
14:57:41.0688 5808 volsnap - ok
14:57:41.0733 5808 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
14:57:41.0736 5808 vsmraid - ok
14:57:41.0936 5808 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
14:57:41.0962 5808 VSS - ok
14:57:42.0027 5808 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
14:57:42.0028 5808 vwifibus - ok
14:57:42.0170 5808 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
14:57:42.0172 5808 vwififlt - ok
14:57:42.0214 5808 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
14:57:42.0221 5808 W32Time - ok
14:57:42.0414 5808 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
14:57:42.0416 5808 WacomPen - ok
14:57:42.0484 5808 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
14:57:42.0487 5808 WANARP - ok
14:57:42.0510 5808 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
14:57:42.0511 5808 Wanarpv6 - ok
14:57:42.0722 5808 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
14:57:42.0748 5808 WatAdminSvc - ok
14:57:42.0842 5808 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
14:57:42.0862 5808 wbengine - ok
14:57:43.0014 5808 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
14:57:43.0023 5808 WbioSrvc - ok
14:57:43.0080 5808 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
14:57:43.0092 5808 wcncsvc - ok
14:57:43.0243 5808 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
14:57:43.0249 5808 WcsPlugInService - ok
14:57:43.0318 5808 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
14:57:43.0320 5808 Wd - ok
14:57:43.0479 5808 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\windows\system32\DRIVERS\wdcsam64.sys
14:57:43.0482 5808 WDC_SAM - ok
14:57:43.0555 5808 WDDMService (e6050fe6b60fa91188b8abdb5b1e339f) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
14:57:43.0561 5808 WDDMService - ok
14:57:43.0761 5808 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
14:57:43.0775 5808 Wdf01000 - ok
14:57:43.0893 5808 WDFME (b83d5071b32a70bebdb3330bfa7acb80) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
14:57:43.0907 5808 WDFME - ok
14:57:44.0055 5808 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
14:57:44.0061 5808 WdiServiceHost - ok
14:57:44.0071 5808 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
14:57:44.0077 5808 WdiSystemHost - ok
14:57:44.0165 5808 WDSC (517de2c5568cba6b2a24a557ac60c30b) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
14:57:44.0207 5808 WDSC - ok
14:57:44.0377 5808 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
14:57:44.0388 5808 WebClient - ok
14:57:44.0431 5808 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
14:57:44.0436 5808 Wecsvc - ok
14:57:44.0572 5808 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
14:57:44.0578 5808 wercplsupport - ok
14:57:44.0616 5808 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
14:57:44.0620 5808 WerSvc - ok
14:57:44.0703 5808 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
14:57:44.0706 5808 WfpLwf - ok
14:57:44.0739 5808 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
14:57:44.0741 5808 WIMMount - ok
14:57:44.0788 5808 WinDefend - ok
14:57:44.0812 5808 WinHttpAutoProxySvc - ok
14:57:44.0990 5808 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
14:57:44.0996 5808 Winmgmt - ok
14:57:45.0097 5808 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
14:57:45.0128 5808 WinRM - ok
14:57:45.0340 5808 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
14:57:45.0343 5808 WinUsb - ok
14:57:45.0406 5808 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
14:57:45.0427 5808 Wlansvc - ok
14:57:45.0513 5808 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:57:45.0516 5808 wlcrasvc - ok
14:57:45.0704 5808 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:57:45.0732 5808 wlidsvc - ok
14:57:45.0908 5808 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
14:57:45.0910 5808 WmiAcpi - ok
14:57:45.0975 5808 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
14:57:45.0979 5808 wmiApSrv - ok
14:57:46.0029 5808 WMPNetworkSvc - ok
14:57:46.0190 5808 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
14:57:46.0196 5808 WPCSvc - ok
14:57:46.0250 5808 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
14:57:46.0255 5808 WPDBusEnum - ok
14:57:46.0323 5808 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
14:57:46.0325 5808 ws2ifsl - ok
14:57:46.0701 5808 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll
14:57:46.0727 5808 wscsvc - ok
14:57:46.0814 5808 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96
Back to top
View user's profile Send private message
nealod
Warrior


Joined: 24 Sep 2010
Last Visit: 02 Oct 2013
Posts: 52

PostPosted: Thu Apr 12, 2012 4:12 am    Post subject: Reply with quote

14:56:36.0187 5212 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
14:56:36.0576 5212 ============================================================
14:56:36.0576 5212 Current date / time: 2012/04/11 14:56:36.0576
14:56:36.0576 5212 SystemInfo:
14:56:36.0576 5212
14:56:36.0576 5212 OS Version: 6.1.7601 ServicePack: 1.0
14:56:36.0576 5212 Product type: Workstation
14:56:36.0576 5212 ComputerName: ABSOLUTE-LT
14:56:36.0576 5212 UserName: Absolute
14:56:36.0576 5212 Windows directory: C:\windows
14:56:36.0576 5212 System windows directory: C:\windows
14:56:36.0577 5212 Running under WOW64
14:56:36.0577 5212 Processor architecture: Intel x64
14:56:36.0577 5212 Number of processors: 2
14:56:36.0577 5212 Page size: 0x1000
14:56:36.0577 5212 Boot type: Normal boot
14:56:36.0577 5212 ============================================================
14:56:37.0805 5212 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:56:37.0809 5212 \Device\Harddisk0\DR0:
14:56:37.0809 5212 MBR used
14:56:37.0809 5212 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38D3F800
14:56:37.0860 5212 Initialize success
14:56:37.0860 5212 ============================================================
14:56:46.0934 5808 ============================================================
14:56:46.0934 5808 Scan started
14:56:46.0934 5808 Mode: Manual;
14:56:46.0934 5808 ============================================================
14:56:48.0541 5808 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
14:56:48.0547 5808 1394ohci - ok
14:56:48.0591 5808 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
14:56:48.0599 5808 ACPI - ok
14:56:48.0805 5808 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
14:56:48.0807 5808 AcpiPmi - ok
14:56:48.0965 5808 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:56:48.0967 5808 AdobeARMservice - ok
14:56:49.0115 5808 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:56:49.0122 5808 AdobeFlashPlayerUpdateSvc - ok
14:56:49.0338 5808 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
14:56:49.0349 5808 adp94xx - ok
14:56:49.0532 5808 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
14:56:49.0541 5808 adpahci - ok
14:56:49.0580 5808 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
14:56:49.0583 5808 adpu320 - ok
14:56:49.0730 5808 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
14:56:49.0733 5808 AeLookupSvc - ok
14:56:49.0827 5808 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
14:56:49.0838 5808 AFD - ok
14:56:49.0916 5808 AgereModemAudio (b65f8dba54f251906bbe8611b5a0e7ab) C:\Program Files\LSI SoftModem\agr64svc.exe
14:56:49.0917 5808 AgereModemAudio - ok
14:56:50.0123 5808 AgereSoftModem (c98356d813b581e9c425b42a5d146ce0) C:\windows\system32\DRIVERS\agrsm64.sys
14:56:50.0142 5808 AgereSoftModem - ok
14:56:50.0328 5808 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
14:56:50.0331 5808 agp440 - ok
14:56:50.0380 5808 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
14:56:50.0383 5808 ALG - ok
14:56:50.0727 5808 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
14:56:50.0777 5808 aliide - ok
14:56:50.0980 5808 AMD External Events Utility (98a2774d3f18c107874c8c1163ebe484) C:\windows\system32\atiesrxx.exe
14:56:50.0986 5808 AMD External Events Utility - ok
14:56:51.0068 5808 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
14:56:51.0070 5808 amdide - ok
14:56:51.0221 5808 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
14:56:51.0224 5808 AmdK8 - ok
14:56:51.0296 5808 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
14:56:51.0299 5808 AmdPPM - ok
14:56:51.0467 5808 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
14:56:51.0471 5808 amdsata - ok
14:56:51.0544 5808 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
14:56:51.0549 5808 amdsbs - ok
14:56:51.0732 5808 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
14:56:51.0734 5808 amdxata - ok
14:56:51.0814 5808 ApfiltrService (1661f9c9e4b0049fa0a5e30264375a87) C:\windows\system32\DRIVERS\Apfiltr.sys
14:56:51.0821 5808 ApfiltrService - ok
14:56:52.0002 5808 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
14:56:52.0005 5808 AppID - ok
14:56:52.0075 5808 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
14:56:52.0077 5808 AppIDSvc - ok
14:56:52.0245 5808 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
14:56:52.0262 5808 Appinfo - ok
14:56:52.0357 5808 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:56:52.0361 5808 Apple Mobile Device - ok
14:56:52.0558 5808 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
14:56:52.0561 5808 arc - ok
14:56:52.0580 5808 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
14:56:52.0583 5808 arcsas - ok
14:56:52.0734 5808 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:56:52.0738 5808 aspnet_state - ok
14:56:52.0899 5808 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
14:56:52.0902 5808 AsyncMac - ok
14:56:52.0971 5808 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
14:56:52.0972 5808 atapi - ok
14:56:53.0044 5808 athr (e857eee6b92aaa473ebb3465add8f7e7) C:\windows\system32\DRIVERS\athrx.sys
14:56:53.0062 5808 athr - ok
14:56:53.0441 5808 atikmdag (173f4c05f87085e9bda3f7037bc9f40e) C:\windows\system32\DRIVERS\atikmdag.sys
14:56:53.0580 5808 atikmdag - ok
14:56:53.0772 5808 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\windows\system32\DRIVERS\AtiPcie.sys
14:56:53.0774 5808 AtiPcie - ok
14:56:53.0841 5808 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
14:56:53.0855 5808 AudioEndpointBuilder - ok
14:56:53.0867 5808 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
14:56:53.0872 5808 AudioSrv - ok
14:56:54.0094 5808 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
14:56:54.0098 5808 AxInstSV - ok
14:56:54.0189 5808 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
14:56:54.0200 5808 b06bdrv - ok
14:56:54.0401 5808 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
14:56:54.0408 5808 b57nd60a - ok
14:56:54.0500 5808 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
14:56:54.0504 5808 BDESVC - ok
14:56:54.0674 5808 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
14:56:54.0676 5808 Beep - ok
14:56:54.0783 5808 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
14:56:54.0798 5808 BFE - ok
14:56:54.0965 5808 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
14:56:54.0985 5808 BITS - ok
14:56:55.0186 5808 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
14:56:55.0189 5808 blbdrive - ok
14:56:55.0282 5808 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
14:56:55.0292 5808 Bonjour Service - ok
14:56:55.0489 5808 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
14:56:55.0492 5808 bowser - ok
14:56:55.0535 5808 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
14:56:55.0537 5808 BrFiltLo - ok
14:56:55.0701 5808 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
14:56:55.0703 5808 BrFiltUp - ok
14:56:55.0778 5808 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
14:56:55.0782 5808 Browser - ok
14:56:55.0813 5808 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
14:56:55.0818 5808 Brserid - ok
14:56:55.0849 5808 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
14:56:55.0851 5808 BrSerWdm - ok
14:56:56.0001 5808 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
14:56:56.0003 5808 BrUsbMdm - ok
14:56:56.0047 5808 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
14:56:56.0049 5808 BrUsbSer - ok
14:56:56.0084 5808 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
14:56:56.0087 5808 BTHMODEM - ok
14:56:56.0278 5808 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
14:56:56.0282 5808 bthserv - ok
14:56:56.0347 5808 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
14:56:56.0350 5808 cdfs - ok
14:56:56.0525 5808 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
14:56:56.0529 5808 cdrom - ok
14:56:56.0594 5808 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
14:56:56.0596 5808 CertPropSvc - ok
14:56:56.0687 5808 cfWiMAXService (837ff2d497880198c918e6954dbd170c) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
14:56:56.0693 5808 cfWiMAXService - ok
14:56:56.0881 5808 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
14:56:56.0884 5808 circlass - ok
14:56:56.0930 5808 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
14:56:56.0939 5808 CLFS - ok
14:56:57.0108 5808 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:56:57.0113 5808 clr_optimization_v2.0.50727_32 - ok
14:56:57.0151 5808 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:56:57.0154 5808 clr_optimization_v2.0.50727_64 - ok
14:56:57.0300 5808 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:56:57.0304 5808 clr_optimization_v4.0.30319_32 - ok
14:56:57.0374 5808 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:56:57.0379 5808 clr_optimization_v4.0.30319_64 - ok
14:56:57.0571 5808 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
14:56:57.0574 5808 CmBatt - ok
14:56:57.0622 5808 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
14:56:57.0624 5808 cmdide - ok
14:56:57.0839 5808 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
14:56:57.0849 5808 CNG - ok
14:56:58.0042 5808 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
14:56:58.0045 5808 Compbatt - ok
14:56:58.0099 5808 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
14:56:58.0101 5808 CompositeBus - ok
14:56:58.0240 5808 COMSysApp - ok
14:56:58.0327 5808 ConfigFree Gadget Service (d252c53bcdfc199bba55eeb10cdb266e) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
14:56:58.0329 5808 ConfigFree Gadget Service - ok
14:56:58.0364 5808 ConfigFree Service (cab0eeaf5295fc96ddd3e19dce27e131) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
14:56:58.0366 5808 ConfigFree Service - ok
14:56:58.0565 5808 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
14:56:58.0568 5808 crcdisk - ok
14:56:58.0637 5808 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\windows\system32\cryptsvc.dll
14:56:58.0642 5808 CryptSvc - ok
14:56:58.0817 5808 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
14:56:58.0831 5808 DcomLaunch - ok
14:56:58.0874 5808 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
14:56:58.0878 5808 defragsvc - ok
14:56:59.0222 5808 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
14:56:59.0226 5808 DfsC - ok
14:56:59.0392 5808 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
14:56:59.0401 5808 Dhcp - ok
14:56:59.0467 5808 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
14:56:59.0468 5808 discache - ok
14:56:59.0603 5808 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
14:56:59.0607 5808 Disk - ok
14:56:59.0651 5808 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
14:56:59.0654 5808 Dnscache - ok
14:56:59.0816 5808 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
14:56:59.0824 5808 dot3svc - ok
14:56:59.0868 5808 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
14:56:59.0873 5808 DPS - ok
14:57:00.0064 5808 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
14:57:00.0066 5808 drmkaud - ok
14:57:00.0132 5808 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
14:57:00.0152 5808 DXGKrnl - ok
14:57:00.0310 5808 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
14:57:00.0315 5808 EapHost - ok
14:57:00.0465 5808 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
14:57:00.0547 5808 ebdrv - ok
14:57:00.0690 5808 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
14:57:00.0702 5808 EFS - ok
14:57:00.0784 5808 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
14:57:00.0807 5808 ehRecvr - ok
14:57:00.0930 5808 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
14:57:00.0961 5808 ehSched - ok
14:57:01.0387 5808 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
14:57:01.0421 5808 elxstor - ok
14:57:01.0503 5808 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
14:57:01.0528 5808 ErrDev - ok
14:57:01.0647 5808 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
14:57:01.0657 5808 EventSystem - ok
14:57:01.0826 5808 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
14:57:01.0829 5808 exfat - ok
14:57:01.0883 5808 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
14:57:01.0886 5808 fastfat - ok
14:57:02.0052 5808 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
14:57:02.0069 5808 Fax - ok
14:57:02.0131 5808 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
14:57:02.0133 5808 fdc - ok
14:57:02.0294 5808 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
14:57:02.0297 5808 fdPHost - ok
14:57:02.0341 5808 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
14:57:02.0345 5808 FDResPub - ok
14:57:02.0504 5808 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
14:57:02.0507 5808 FileInfo - ok
14:57:02.0568 5808 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
14:57:02.0571 5808 Filetrace - ok
14:57:02.0601 5808 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
14:57:02.0602 5808 flpydisk - ok
14:57:02.0657 5808 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
14:57:02.0661 5808 FltMgr - ok
14:57:02.0831 5808 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
14:57:02.0848 5808 FontCache - ok
14:57:02.0928 5808 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:57:02.0931 5808 FontCache3.0.0.0 - ok
14:57:03.0092 5808 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
14:57:03.0094 5808 FsDepends - ok
14:57:03.0178 5808 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\windows\system32\DRIVERS\fssfltr.sys
14:57:03.0180 5808 fssfltr - ok
14:57:03.0283 5808 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
14:57:03.0315 5808 fsssvc - ok
14:57:03.0507 5808 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys
14:57:03.0510 5808 Fs_Rec - ok
14:57:03.0573 5808 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
14:57:03.0576 5808 fvevol - ok
14:57:03.0758 5808 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
14:57:03.0763 5808 gagp30kx - ok
14:57:03.0851 5808 GameConsoleService (4fbccbdd99a75c9efbc90392cf32af61) C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
14:57:03.0855 5808 GameConsoleService - ok
14:57:04.0046 5808 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
14:57:04.0047 5808 GEARAspiWDM - ok
14:57:04.0100 5808 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
14:57:04.0109 5808 gpsvc - ok
14:57:04.0220 5808 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:57:04.0224 5808 gupdate - ok
14:57:04.0266 5808 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:57:04.0267 5808 gupdatem - ok
14:57:04.0321 5808 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
14:57:04.0324 5808 gusvc - ok
14:57:04.0548 5808 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
14:57:04.0551 5808 hcw85cir - ok
14:57:04.0649 5808 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
14:57:04.0658 5808 HdAudAddService - ok
14:57:04.0957 5808 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
14:57:04.0961 5808 HDAudBus - ok
14:57:04.0994 5808 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
14:57:04.0997 5808 HidBatt - ok
14:57:05.0160 5808 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
14:57:05.0164 5808 HidBth - ok
14:57:05.0185 5808 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
14:57:05.0192 5808 HidIr - ok
14:57:05.0228 5808 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
14:57:05.0230 5808 hidserv - ok
14:57:05.0292 5808 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
14:57:05.0294 5808 HidUsb - ok
14:57:05.0453 5808 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
14:57:05.0458 5808 hkmsvc - ok
14:57:05.0593 5808 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
14:57:05.0598 5808 HomeGroupListener - ok
14:57:05.0746 5808 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
14:57:05.0750 5808 HomeGroupProvider - ok
14:57:05.0830 5808 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
14:57:05.0831 5808 HpSAMD - ok
14:57:06.0018 5808 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
14:57:06.0026 5808 HTTP - ok
14:57:06.0101 5808 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
14:57:06.0102 5808 hwpolicy - ok
14:57:06.0324 5808 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
14:57:06.0326 5808 i8042prt - ok
14:57:06.0416 5808 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
14:57:06.0423 5808 iaStorV - ok
14:57:06.0546 5808 IDriveE Service (4abaf0ee285bd49718a203d16972087a) C:\IDrive\IDriveE Service.exe
14:57:06.0614 5808 IDriveE Service - ok
14:57:06.0774 5808 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:57:06.0793 5808 IDriverT - ok
14:57:07.0023 5808 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:57:07.0043 5808 idsvc - ok
14:57:07.0219 5808 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
14:57:07.0222 5808 iirsp - ok
14:57:07.0293 5808 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
14:57:07.0306 5808 IKEEXT - ok
14:57:07.0540 5808 IntcAzAudAddService (b6e61b181884527cc5b68c2d79504b43) C:\windows\system32\drivers\RTKVHD64.sys
14:57:07.0568 5808 IntcAzAudAddService - ok
14:57:07.0759 5808 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
14:57:07.0761 5808 intelide - ok
14:57:07.0810 5808 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
14:57:07.0812 5808 intelppm - ok
14:57:07.0982 5808 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
14:57:07.0986 5808 IPBusEnum - ok
14:57:08.0072 5808 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
14:57:08.0076 5808 IpFilterDriver - ok
14:57:08.0133 5808 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
14:57:08.0141 5808 iphlpsvc - ok
14:57:08.0332 5808 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
14:57:08.0334 5808 IPMIDRV - ok
14:57:08.0382 5808 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
14:57:08.0386 5808 IPNAT - ok
14:57:08.0495 5808 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe
14:57:08.0515 5808 iPod Service - ok
14:57:08.0692 5808 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
14:57:08.0695 5808 IRENUM - ok
14:57:08.0737 5808 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
14:57:08.0738 5808 isapnp - ok
14:57:08.0911 5808 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
14:57:08.0916 5808 iScsiPrt - ok
14:57:08.0967 5808 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
14:57:08.0969 5808 kbdclass - ok
14:57:09.0249 5808 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
14:57:09.0250 5808 kbdhid - ok
14:57:09.0280 5808 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:57:09.0282 5808 KeyIso - ok
14:57:09.0316 5808 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
14:57:09.0318 5808 KSecDD - ok
14:57:09.0471 5808 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
14:57:09.0473 5808 KSecPkg - ok
14:57:09.0514 5808 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
14:57:09.0516 5808 ksthunk - ok
14:57:09.0565 5808 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
14:57:09.0571 5808 KtmRm - ok
14:57:09.0742 5808 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
14:57:09.0751 5808 LanmanServer - ok
14:57:09.0803 5808 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
14:57:09.0808 5808 LanmanWorkstation - ok
14:57:09.0916 5808 LBTServ (88e52495b47c67126b510af53fdb0bc7) C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
14:57:09.0920 5808 LBTServ - ok
14:57:10.0104 5808 LHidFilt (b6552d382ff070b4ed34cbd6737277c0) C:\windows\system32\DRIVERS\LHidFilt.Sys
14:57:10.0106 5808 LHidFilt - ok
14:57:10.0156 5808 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
14:57:10.0157 5808 lltdio - ok
14:57:10.0335 5808 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
14:57:10.0341 5808 lltdsvc - ok
14:57:10.0362 5808 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
14:57:10.0364 5808 lmhosts - ok
14:57:10.0441 5808 LMouFilt (73c1f563ab73d459dffe682d66476558) C:\windows\system32\DRIVERS\LMouFilt.Sys
14:57:10.0444 5808 LMouFilt - ok
14:57:10.0616 5808 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
14:57:10.0621 5808 LSI_FC - ok
14:57:10.0784 5808 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
14:57:10.0789 5808 LSI_SAS - ok
14:57:10.0826 5808 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
14:57:10.0828 5808 LSI_SAS2 - ok
14:57:10.0954 5808 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
14:57:10.0958 5808 LSI_SCSI - ok
14:57:11.0038 5808 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
14:57:11.0042 5808 luafv - ok
14:57:11.0201 5808 LUsbFilt (9d9714e78eac9e5368208649489c920e) C:\windows\system32\Drivers\LUsbFilt.Sys
14:57:11.0204 5808 LUsbFilt - ok
14:57:11.0263 5808 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
14:57:11.0266 5808 Mcx2Svc - ok
14:57:11.0338 5808 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
14:57:11.0340 5808 megasas - ok
14:57:11.0492 5808 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
14:57:11.0499 5808 MegaSR - ok
14:57:11.0594 5808 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
14:57:11.0598 5808 Microsoft Office Groove Audit Service - ok
14:57:11.0762 5808 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
14:57:11.0767 5808 MMCSS - ok
14:57:11.0839 5808 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
14:57:11.0840 5808 Modem - ok
14:57:11.0995 5808 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
14:57:12.0009 5808 monitor - ok
14:57:12.0093 5808 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
14:57:12.0095 5808 mouclass - ok
14:57:12.0248 5808 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
14:57:12.0251 5808 mouhid - ok
14:57:12.0336 5808 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
14:57:12.0338 5808 mountmgr - ok
14:57:12.0538 5808 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\windows\system32\DRIVERS\MpFilter.sys
14:57:12.0547 5808 MpFilter - ok
14:57:12.0616 5808 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
14:57:12.0619 5808 mpio - ok
14:57:12.0823 5808 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\windows\system32\DRIVERS\MpNWMon.sys
14:57:12.0826 5808 MpNWMon - ok
14:57:12.0917 5808 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
14:57:12.0919 5808 mpsdrv - ok
14:57:13.0032 5808 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
14:57:13.0047 5808 MpsSvc - ok
14:57:13.0257 5808 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
14:57:13.0259 5808 MRxDAV - ok
14:57:13.0307 5808 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
14:57:13.0310 5808 mrxsmb - ok
14:57:13.0503 5808 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
14:57:13.0509 5808 mrxsmb10 - ok
14:57:13.0567 5808 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
14:57:13.0569 5808 mrxsmb20 - ok
14:57:13.0754 5808 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
14:57:13.0755 5808 msahci - ok
14:57:13.0805 5808 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
14:57:13.0808 5808 msdsm - ok
14:57:13.0959 5808 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
14:57:13.0965 5808 MSDTC - ok
14:57:14.0048 5808 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
14:57:14.0049 5808 Msfs - ok
14:57:14.0182 5808 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
14:57:14.0183 5808 mshidkmdf - ok
14:57:14.0227 5808 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
14:57:14.0228 5808 msisadrv - ok
14:57:14.0274 5808 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
14:57:14.0277 5808 MSiSCSI - ok
14:57:14.0409 5808 msiserver - ok
14:57:14.0493 5808 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
14:57:14.0494 5808 MSKSSRV - ok
14:57:14.0588 5808 MsMpSvc (157e9e498206a3366baa7e4697bdd947) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
14:57:14.0588 5808 MsMpSvc - ok
14:57:14.0794 5808 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
14:57:14.0796 5808 MSPCLOCK - ok
14:57:14.0816 5808 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
14:57:14.0818 5808 MSPQM - ok
14:57:14.0877 5808 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
14:57:14.0882 5808 MsRPC - ok
14:57:15.0064 5808 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
14:57:15.0065 5808 mssmbios - ok
14:57:15.0115 5808 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
14:57:15.0116 5808 MSTEE - ok
14:57:15.0268 5808 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
14:57:15.0271 5808 MTConfig - ok
14:57:15.0303 5808 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
14:57:15.0305 5808 Mup - ok
14:57:15.0351 5808 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
14:57:15.0358 5808 napagent - ok
14:57:15.0582 5808 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
14:57:15.0586 5808 NativeWifiP - ok
14:57:15.0797 5808 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
14:57:15.0808 5808 NDIS - ok
14:57:16.0009 5808 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
14:57:16.0012 5808 NdisCap - ok
14:57:16.0052 5808 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
14:57:16.0056 5808 NdisTapi - ok
14:57:16.0238 5808 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
14:57:16.0241 5808 Ndisuio - ok
14:57:16.0284 5808 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
14:57:16.0287 5808 NdisWan - ok
14:57:16.0466 5808 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
14:57:16.0468 5808 NDProxy - ok
14:57:16.0519 5808 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
14:57:16.0522 5808 NetBIOS - ok
14:57:16.0771 5808 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
14:57:16.0774 5808 NetBT - ok
14:57:16.0847 5808 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:57:16.0850 5808 Netlogon - ok
14:57:17.0269 5808 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
14:57:17.0308 5808 Netman - ok
14:57:17.0451 5808 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:17.0455 5808 NetMsmqActivator - ok
14:57:17.0464 5808 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:17.0465 5808 NetPipeActivator - ok
14:57:17.0634 5808 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
14:57:17.0646 5808 netprofm - ok
14:57:17.0796 5808 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:17.0798 5808 NetTcpActivator - ok
14:57:17.0816 5808 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:17.0819 5808 NetTcpPortSharing - ok
14:57:17.0991 5808 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
14:57:17.0994 5808 nfrd960 - ok
14:57:18.0080 5808 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\windows\system32\DRIVERS\NisDrvWFP.sys
14:57:18.0083 5808 NisDrv - ok
14:57:18.0172 5808 NisSrv (566ddd5d82520da01d75f81428ac4c38) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
14:57:18.0177 5808 NisSrv - ok
14:57:18.0361 5808 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
14:57:18.0366 5808 NlaSvc - ok
14:57:18.0420 5808 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
14:57:18.0422 5808 Npfs - ok
14:57:18.0568 5808 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
14:57:18.0569 5808 nsi - ok
14:57:18.0588 5808 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
14:57:18.0589 5808 nsiproxy - ok
14:57:18.0692 5808 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
14:57:18.0713 5808 Ntfs - ok
14:57:18.0885 5808 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
14:57:18.0886 5808 Null - ok
14:57:18.0945 5808 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
14:57:18.0947 5808 nvraid - ok
14:57:19.0195 5808 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
14:57:19.0198 5808 nvstor - ok
14:57:19.0275 5808 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
14:57:19.0277 5808 nv_agp - ok
14:57:19.0392 5808 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:57:19.0399 5808 odserv - ok
14:57:19.0688 5808 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
14:57:19.0689 5808 ohci1394 - ok
14:57:19.0793 5808 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:57:19.0796 5808 ose - ok
14:57:20.0100 5808 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
14:57:20.0105 5808 p2pimsvc - ok
14:57:20.0152 5808 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
14:57:20.0159 5808 p2psvc - ok
14:57:20.0396 5808 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
14:57:20.0399 5808 Parport - ok
14:57:20.0475 5808 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\windows\system32\drivers\partmgr.sys
14:57:20.0477 5808 partmgr - ok
14:57:20.0689 5808 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
14:57:20.0693 5808 PcaSvc - ok
14:57:20.0785 5808 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
14:57:20.0788 5808 pci - ok
14:57:20.0821 5808 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
14:57:20.0837 5808 pciide - ok
14:57:21.0113 5808 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
14:57:21.0117 5808 pcmcia - ok
14:57:21.0198 5808 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
14:57:21.0215 5808 pcw - ok
14:57:21.0318 5808 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
14:57:21.0328 5808 PEAUTH - ok
14:57:21.0428 5808 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
14:57:21.0430 5808 PerfHost - ok
14:57:21.0706 5808 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys
14:57:21.0708 5808 PGEffect - ok
14:57:21.0969 5808 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
14:57:21.0999 5808 pla - ok
14:57:22.0152 5808 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
14:57:22.0160 5808 PlugPlay - ok
14:57:22.0262 5808 PMCF (60795ae1e34bcf4ff731f55a6cda9a86) C:\windows\system32\drivers\PMCF.sys
14:57:22.0264 5808 PMCF - ok
14:57:22.0410 5808 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
14:57:22.0415 5808 PNRPAutoReg - ok
14:57:22.0483 5808 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
14:57:22.0494 5808 PNRPsvc - ok
14:57:22.0715 5808 Point64 (b8d8ec78b0f9ed8e220506181274f3d3) C:\windows\system32\DRIVERS\point64.sys
14:57:22.0717 5808 Point64 - ok
14:57:22.0808 5808 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
14:57:22.0815 5808 PolicyAgent - ok
14:57:22.0874 5808 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
14:57:22.0878 5808 Power - ok
14:57:23.0059 5808 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
14:57:23.0062 5808 PptpMiniport - ok
14:57:23.0149 5808 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
14:57:23.0151 5808 Processor - ok
14:57:23.0254 5808 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\windows\system32\profsvc.dll
14:57:23.0258 5808 ProfSvc - ok
14:57:23.0415 5808 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:57:23.0417 5808 ProtectedStorage - ok
14:57:23.0574 5808 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
14:57:23.0576 5808 Psched - ok
14:57:23.0711 5808 QBCFMonitorService (933d92f0bd1d7a9835cd8a8b1235a11e) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
14:57:23.0734 5808 QBCFMonitorService - ok
14:57:23.0895 5808 QBFCService (6bee1814470dc12fa20c53dfc3c97ebb) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
14:57:23.0917 5808 QBFCService - ok
14:57:24.0218 5808 QBVSS (25fc19badf78b7fb1d835aac4b0b91a5) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
14:57:24.0356 5808 QBVSS - ok
14:57:24.0618 5808 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
14:57:24.0635 5808 ql2300 - ok
14:57:24.0837 5808 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
14:57:24.0861 5808 ql40xx - ok
14:57:24.0906 5808 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
14:57:24.0911 5808 QWAVE - ok
14:57:24.0983 5808 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
14:57:24.0984 5808 QWAVEdrv - ok
14:57:25.0208 5808 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
14:57:25.0213 5808 RasAcd - ok
14:57:25.0308 5808 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
14:57:25.0318 5808 RasAgileVpn - ok
14:57:25.0506 5808 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
14:57:25.0510 5808 RasAuto - ok
14:57:25.0593 5808 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
14:57:25.0595 5808 Rasl2tp - ok
14:57:25.0681 5808 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
14:57:25.0688 5808 RasMan - ok
14:57:25.0871 5808 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
14:57:25.0873 5808 RasPppoe - ok
14:57:25.0986 5808 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
14:57:25.0988 5808 RasSstp - ok
14:57:26.0063 5808 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
14:57:26.0067 5808 rdbss - ok
14:57:26.0235 5808 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
14:57:26.0257 5808 rdpbus - ok
14:57:26.0322 5808 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
14:57:26.0323 5808 RDPCDD - ok
14:57:26.0357 5808 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
14:57:26.0357 5808 RDPENCDD - ok
14:57:26.0513 5808 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
14:57:26.0513 5808 RDPREFMP - ok
14:57:26.0600 5808 RDPWD (6d76e6433574b058adcb0c50df834492) C:\windows\system32\drivers\RDPWD.sys
14:57:26.0603 5808 RDPWD - ok
14:57:26.0779 5808 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
14:57:26.0782 5808 rdyboost - ok
14:57:26.0957 5808 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
14:57:26.0963 5808 RemoteAccess - ok
14:57:27.0016 5808 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
14:57:27.0020 5808 RemoteRegistry - ok
14:57:27.0162 5808 rimspci (e20b1907fc72a3664ece21e3c20fc63d) C:\windows\system32\DRIVERS\rimspe64.sys
14:57:27.0164 5808 rimspci - ok
14:57:27.0320 5808 risdpcie (7dda2e5cf452dad24b1be704225c18ee) C:\windows\system32\DRIVERS\risdpe64.sys
14:57:27.0322 5808 risdpcie - ok
14:57:27.0388 5808 rixdpcie (6a1cd4674505e6791390a1ab71da1fbe) C:\windows\system32\DRIVERS\rixdpe64.sys
14:57:27.0390 5808 rixdpcie - ok
14:57:27.0557 5808 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
14:57:27.0559 5808 RpcEptMapper - ok
14:57:27.0589 5808 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
14:57:27.0591 5808 RpcLocator - ok
14:57:27.0638 5808 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
14:57:27.0643 5808 RpcSs - ok
14:57:27.0713 5808 RSELSVC - ok
14:57:27.0903 5808 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
14:57:27.0905 5808 rspndr - ok
14:57:27.0949 5808 RTL8167 (66f9f7161d147b6486a22feb9425930d) C:\windows\system32\DRIVERS\Rt64win7.sys
14:57:27.0953 5808 RTL8167 - ok
14:57:28.0148 5808 rtl8192se (03e0627c26943916a7276ac5306206c7) C:\windows\system32\DRIVERS\rtl8192se.sys
14:57:28.0161 5808 rtl8192se - ok
14:57:28.0315 5808 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:57:28.0317 5808 SamSs - ok
14:57:28.0382 5808 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
14:57:28.0384 5808 sbp2port - ok
14:57:28.0540 5808 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
14:57:28.0544 5808 SCardSvr - ok
14:57:28.0621 5808 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
14:57:28.0623 5808 scfilter - ok
14:57:28.0813 5808 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
14:57:28.0827 5808 Schedule - ok
14:57:28.0996 5808 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
14:57:28.0997 5808 SCPolicySvc - ok
14:57:29.0079 5808 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\windows\system32\drivers\sdbus.sys
14:57:29.0082 5808 sdbus - ok
14:57:29.0255 5808 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
14:57:29.0259 5808 SDRSVC - ok
14:57:29.0319 5808 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
14:57:29.0321 5808 secdrv - ok
14:57:29.0494 5808 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
14:57:29.0496 5808 seclogon - ok
14:57:29.0533 5808 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
14:57:29.0536 5808 SENS - ok
14:57:29.0791 5808 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
14:57:29.0802 5808 SensrSvc - ok
14:57:29.0908 5808 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
14:57:29.0909 5808 Serenum - ok
14:57:30.0064 5808 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
14:57:30.0068 5808 Serial - ok
14:57:30.0118 5808 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
14:57:30.0119 5808 sermouse - ok
14:57:30.0195 5808 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
14:57:30.0198 5808 SessionEnv - ok
14:57:30.0306 5808 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
14:57:30.0308 5808 sffdisk - ok
14:57:30.0475 5808 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
14:57:30.0477 5808 sffp_mmc - ok
14:57:30.0498 5808 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
14:57:30.0500 5808 sffp_sd - ok
14:57:30.0548 5808 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
14:57:30.0550 5808 sfloppy - ok
14:57:30.0638 5808 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
14:57:30.0644 5808 SharedAccess - ok
14:57:30.0692 5808 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
14:57:30.0698 5808 ShellHWDetection - ok
14:57:30.0882 5808 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
14:57:30.0884 5808 SiSRaid2 - ok
14:57:30.0895 5808 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
14:57:30.0901 5808 SiSRaid4 - ok
14:57:31.0090 5808 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
14:57:31.0094 5808 Smb - ok
14:57:31.0129 5808 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
14:57:31.0131 5808 SNMPTRAP - ok
14:57:31.0153 5808 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
14:57:31.0154 5808 spldr - ok
14:57:31.0359 5808 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
14:57:31.0374 5808 Spooler - ok
14:57:31.0503 5808 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
14:57:31.0603 5808 sppsvc - ok
14:57:31.0743 5808 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
14:57:31.0749 5808 sppuinotify - ok
14:57:31.0835 5808 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
14:57:31.0846 5808 srv - ok
14:57:32.0055 5808 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
14:57:32.0065 5808 srv2 - ok
14:57:32.0134 5808 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
14:57:32.0138 5808 srvnet - ok
14:57:32.0286 5808 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
14:57:32.0290 5808 SSDPSRV - ok
14:57:32.0323 5808 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
14:57:32.0325 5808 SstpSvc - ok
14:57:32.0390 5808 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
14:57:32.0393 5808 stexstor - ok
14:57:32.0569 5808 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
14:57:32.0586 5808 stisvc - ok
14:57:32.0671 5808 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
14:57:32.0672 5808 swenum - ok
14:57:32.0827 5808 swg3kser00 (9f0a0c3ee91fd7cb709f7d0d97207f7e) C:\windows\system32\DRIVERS\swg3kser00.sys
14:57:32.0836 5808 swg3kser00 - ok
14:57:32.0910 5808 SwiCardDetectSvc (7759bb08cf43b2dbf9e151bbf827add2) C:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe
14:57:33.0038 5808 SwiCardDetectSvc - ok
14:57:33.0269 5808 swiwdmbx (c6a7e54a31803e6f95e23d1b5d967d57) C:\windows\system32\DRIVERS\swiwdmbx64.sys
14:57:33.0273 5808 swiwdmbx - ok
14:57:33.0346 5808 SWNC8UA3 (dc345fc7ce9ba3005153062407263bb2) C:\windows\system32\DRIVERS\swnc8ua3.sys
14:57:33.0355 5808 SWNC8UA3 - ok
14:57:33.0520 5808 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
14:57:33.0535 5808 swprv - ok
14:57:33.0758 5808 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
14:57:33.0777 5808 SysMain - ok
14:57:33.0928 5808 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
14:57:33.0931 5808 TabletInputService - ok
14:57:33.0954 5808 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
14:57:33.0960 5808 TapiSrv - ok
14:57:34.0122 5808 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
14:57:34.0128 5808 TBS - ok
14:57:34.0258 5808 Tcpip (fc62769e7bff2896035aeed399108162) C:\windows\system32\drivers\tcpip.sys
14:57:34.0285 5808 Tcpip - ok
14:57:34.0599 5808 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\windows\system32\DRIVERS\tcpip.sys
14:57:34.0611 5808 TCPIP6 - ok
14:57:34.0798 5808 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
14:57:34.0801 5808 tcpipreg - ok
14:57:34.0863 5808 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
14:57:34.0866 5808 tdcmdpst - ok
14:57:35.0057 5808 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
14:57:35.0059 5808 TDPIPE - ok
14:57:35.0106 5808 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
14:57:35.0109 5808 TDTCP - ok
14:57:35.0297 5808 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
14:57:35.0301 5808 tdx - ok
14:57:35.0345 5808 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
14:57:35.0348 5808 TermDD - ok
14:57:35.0523 5808 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
14:57:35.0533 5808 TermService - ok
14:57:35.0681 5808 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
14:57:35.0687 5808 Themes - ok
14:57:35.0771 5808 Thpdrv (c013f6acaa9761f571bd28dada7c157d) C:\windows\system32\DRIVERS\thpdrv.sys
14:57:35.0773 5808 Thpdrv - ok
14:57:35.0918 5808 Thpevm (b4e609047434ed948af7bdef2fa66e38) C:\windows\system32\DRIVERS\Thpevm.SYS
14:57:35.0920 5808 Thpevm - ok
14:57:35.0981 5808 Thpsrv (6146eac71ae3c9da17b0e33632082b7b) C:\windows\system32\ThpSrv.exe
14:57:36.0019 5808 Thpsrv - ok
14:57:36.0319 5808 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
14:57:36.0323 5808 THREADORDER - ok
14:57:36.0422 5808 TMachInfo (f120967184a27e927052e8ddbb727851) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
14:57:36.0425 5808 TMachInfo - ok
14:57:36.0591 5808 TODDSrv (ed32035bdfeced1ad66d459fd9cc1140) C:\Windows\system32\TODDSrv.exe
14:57:36.0605 5808 TODDSrv - ok
14:57:36.0726 5808 TosCoSrv (06c61275adc64f1e36240a2287998a5e) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
14:57:36.0736 5808 TosCoSrv - ok
14:57:36.0803 5808 TOSHIBA eco Utility Service (707800855afbd7648375efb1519b8d6d) C:\Program Files\TOSHIBA\TECO\TecoService.exe
14:57:36.0807 5808 TOSHIBA eco Utility Service - ok
14:57:37.0107 5808 TOSHIBA HDD SSD Alert Service (eda12e9bc9a0f104c24101720eec4785) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
14:57:37.0200 5808 TOSHIBA HDD SSD Alert Service - ok
14:57:37.0425 5808 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\windows\system32\DRIVERS\tos_sps64.sys
14:57:37.0432 5808 tos_sps64 - ok
14:57:37.0542 5808 TPCHSrv (de64c52bd0671165cf2eebf2a728a3e2) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
14:57:37.0563 5808 TPCHSrv - ok
14:57:37.0815 5808 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
14:57:37.0818 5808 TrkWks - ok
14:57:37.0914 5808 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
14:57:37.0917 5808 TrustedInstaller - ok
14:57:38.0076 5808 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
14:57:38.0079 5808 tssecsrv - ok
14:57:38.0174 5808 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
14:57:38.0175 5808 TsUsbFlt - ok
14:57:38.0344 5808 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
14:57:38.0347 5808 tunnel - ok
14:57:38.0418 5808 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
14:57:38.0420 5808 TVALZ - ok
14:57:38.0576 5808 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys
14:57:38.0578 5808 TVALZFL - ok
14:57:38.0658 5808 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
14:57:38.0662 5808 uagp35 - ok
14:57:38.0713 5808 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
14:57:38.0719 5808 udfs - ok
14:57:38.0862 5808 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
14:57:38.0866 5808 UI0Detect - ok
14:57:38.0955 5808 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
14:57:38.0958 5808 uliagpkx - ok
14:57:39.0051 5808 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys
14:57:39.0062 5808 umbus - ok
14:57:39.0203 5808 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
14:57:39.0204 5808 UmPass - ok
14:57:39.0267 5808 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
14:57:39.0273 5808 upnphost - ok
14:57:39.0363 5808 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\windows\system32\Drivers\usbaapl64.sys
14:57:39.0398 5808 USBAAPL64 - ok
14:57:39.0542 5808 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
14:57:39.0546 5808 usbccgp - ok
14:57:39.0606 5808 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
14:57:39.0611 5808 usbcir - ok
14:57:39.0636 5808 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
14:57:39.0638 5808 usbehci - ok
14:57:39.0724 5808 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
14:57:39.0730 5808 usbhub - ok
14:57:39.0885 5808 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\DRIVERS\usbohci.sys
14:57:39.0888 5808 usbohci - ok
14:57:39.0944 5808 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
14:57:39.0947 5808 usbprint - ok
14:57:40.0104 5808 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
14:57:40.0133 5808 USBSTOR - ok
14:57:40.0179 5808 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
14:57:40.0181 5808 usbuhci - ok
14:57:40.0347 5808 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
14:57:40.0353 5808 usbvideo - ok
14:57:40.0406 5808 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
14:57:40.0413 5808 UxSms - ok
14:57:40.0538 5808 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:57:40.0542 5808 VaultSvc - ok
14:57:40.0689 5808 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
14:57:40.0693 5808 vdrvroot - ok
14:57:40.0750 5808 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
14:57:40.0761 5808 vds - ok
14:57:40.0945 5808 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
14:57:40.0947 5808 vga - ok
14:57:40.0984 5808 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
14:57:40.0985 5808 VgaSave - ok
14:57:41.0177 5808 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
14:57:41.0183 5808 vhdmp - ok
14:57:41.0214 5808 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
14:57:41.0216 5808 viaide - ok
14:57:41.0421 5808 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
14:57:41.0424 5808 volmgr - ok
14:57:41.0479 5808 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
14:57:41.0484 5808 volmgrx - ok
14:57:41.0684 5808 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
14:57:41.0688 5808 volsnap - ok
14:57:41.0733 5808 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
14:57:41.0736 5808 vsmraid - ok
14:57:41.0936 5808 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
14:57:41.0962 5808 VSS - ok
14:57:42.0027 5808 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
14:57:42.0028 5808 vwifibus - ok
14:57:42.0170 5808 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
14:57:42.0172 5808 vwififlt - ok
14:57:42.0214 5808 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
14:57:42.0221 5808 W32Time - ok
14:57:42.0414 5808 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
14:57:42.0416 5808 WacomPen - ok
14:57:42.0484 5808 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
14:57:42.0487 5808 WANARP - ok
14:57:42.0510 5808 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
14:57:42.0511 5808 Wanarpv6 - ok
14:57:42.0722 5808 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
14:57:42.0748 5808 WatAdminSvc - ok
14:57:42.0842 5808 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
14:57:42.0862 5808 wbengine - ok
14:57:43.0014 5808 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
14:57:43.0023 5808 WbioSrvc - ok
14:57:43.0080 5808 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
14:57:43.0092 5808 wcncsvc - ok
14:57:43.0243 5808 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
14:57:43.0249 5808 WcsPlugInService - ok
14:57:43.0318 5808 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
14:57:43.0320 5808 Wd - ok
14:57:43.0479 5808 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\windows\system32\DRIVERS\wdcsam64.sys
14:57:43.0482 5808 WDC_SAM - ok
14:57:43.0555 5808 WDDMService (e6050fe6b60fa91188b8abdb5b1e339f) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
14:57:43.0561 5808 WDDMService - ok
14:57:43.0761 5808 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
14:57:43.0775 5808 Wdf01000 - ok
14:57:43.0893 5808 WDFME (b83d5071b32a70bebdb3330bfa7acb80) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
14:57:43.0907 5808 WDFME - ok
14:57:44.0055 5808 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
14:57:44.0061 5808 WdiServiceHost - ok
14:57:44.0071 5808 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
14:57:44.0077 5808 WdiSystemHost - ok
14:57:44.0165 5808 WDSC (517de2c5568cba6b2a24a557ac60c30b) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
14:57:44.0207 5808 WDSC - ok
14:57:44.0377 5808 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
14:57:44.0388 5808 WebClient - ok
14:57:44.0431 5808 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
14:57:44.0436 5808 Wecsvc - ok
14:57:44.0572 5808 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
14:57:44.0578 5808 wercplsupport - ok
14:57:44.0616 5808 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
14:57:44.0620 5808 WerSvc - ok
14:57:44.0703 5808 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
14:57:44.0706 5808 WfpLwf - ok
14:57:44.0739 5808 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
14:57:44.0741 5808 WIMMount - ok
14:57:44.0788 5808 WinDefend - ok
14:57:44.0812 5808 WinHttpAutoProxySvc - ok
14:57:44.0990 5808 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
14:57:44.0996 5808 Winmgmt - ok
14:57:45.0097 5808 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
14:57:45.0128 5808 WinRM - ok
14:57:45.0340 5808 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
14:57:45.0343 5808 WinUsb - ok
14:57:45.0406 5808 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
14:57:45.0427 5808 Wlansvc - ok
14:57:45.0513 5808 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:57:45.0516 5808 wlcrasvc - ok
14:57:45.0704 5808 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:57:45.0732 5808 wlidsvc - ok
14:57:45.0908 5808 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
14:57:45.0910 5808 WmiAcpi - ok
14:57:45.0975 5808 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
14:57:45.0979 5808 wmiApSrv - ok
14:57:46.0029 5808 WMPNetworkSvc - ok
14:57:46.0190 5808 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
14:57:46.0196 5808 WPCSvc - ok
14:57:46.0250 5808 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
14:57:46.0255 5808 WPDBusEnum - ok
14:57:46.0323 5808 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
14:57:46.0325 5808 ws2ifsl - ok
14:57:46.0701 5808 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll
14:57:46.0727 5808 wscsvc - ok
14:57:46.0814 5808 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96
Back to top
View user's profile Send private message
nealod
Warrior


Joined: 24 Sep 2010
Last Visit: 02 Oct 2013
Posts: 52

PostPosted: Thu Apr 12, 2012 4:15 am    Post subject: Reply with quote

I don't believe it posted everything at once. So I'll post each one separately. Sorry about that.

14:56:36.0187 5212 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
14:56:36.0576 5212 ============================================================
14:56:36.0576 5212 Current date / time: 2012/04/11 14:56:36.0576
14:56:36.0576 5212 SystemInfo:
14:56:36.0576 5212
14:56:36.0576 5212 OS Version: 6.1.7601 ServicePack: 1.0
14:56:36.0576 5212 Product type: Workstation
14:56:36.0576 5212 ComputerName: ABSOLUTE-LT
14:56:36.0576 5212 UserName: Absolute
14:56:36.0576 5212 Windows directory: C:\windows
14:56:36.0576 5212 System windows directory: C:\windows
14:56:36.0577 5212 Running under WOW64
14:56:36.0577 5212 Processor architecture: Intel x64
14:56:36.0577 5212 Number of processors: 2
14:56:36.0577 5212 Page size: 0x1000
14:56:36.0577 5212 Boot type: Normal boot
14:56:36.0577 5212 ============================================================
14:56:37.0805 5212 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:56:37.0809 5212 \Device\Harddisk0\DR0:
14:56:37.0809 5212 MBR used
14:56:37.0809 5212 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38D3F800
14:56:37.0860 5212 Initialize success
14:56:37.0860 5212 ============================================================
14:56:46.0934 5808 ============================================================
14:56:46.0934 5808 Scan started
14:56:46.0934 5808 Mode: Manual;
14:56:46.0934 5808 ============================================================
14:56:48.0541 5808 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
14:56:48.0547 5808 1394ohci - ok
14:56:48.0591 5808 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
14:56:48.0599 5808 ACPI - ok
14:56:48.0805 5808 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
14:56:48.0807 5808 AcpiPmi - ok
14:56:48.0965 5808 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:56:48.0967 5808 AdobeARMservice - ok
14:56:49.0115 5808 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:56:49.0122 5808 AdobeFlashPlayerUpdateSvc - ok
14:56:49.0338 5808 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
14:56:49.0349 5808 adp94xx - ok
14:56:49.0532 5808 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
14:56:49.0541 5808 adpahci - ok
14:56:49.0580 5808 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
14:56:49.0583 5808 adpu320 - ok
14:56:49.0730 5808 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
14:56:49.0733 5808 AeLookupSvc - ok
14:56:49.0827 5808 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
14:56:49.0838 5808 AFD - ok
14:56:49.0916 5808 AgereModemAudio (b65f8dba54f251906bbe8611b5a0e7ab) C:\Program Files\LSI SoftModem\agr64svc.exe
14:56:49.0917 5808 AgereModemAudio - ok
14:56:50.0123 5808 AgereSoftModem (c98356d813b581e9c425b42a5d146ce0) C:\windows\system32\DRIVERS\agrsm64.sys
14:56:50.0142 5808 AgereSoftModem - ok
14:56:50.0328 5808 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
14:56:50.0331 5808 agp440 - ok
14:56:50.0380 5808 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
14:56:50.0383 5808 ALG - ok
14:56:50.0727 5808 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
14:56:50.0777 5808 aliide - ok
14:56:50.0980 5808 AMD External Events Utility (98a2774d3f18c107874c8c1163ebe484) C:\windows\system32\atiesrxx.exe
14:56:50.0986 5808 AMD External Events Utility - ok
14:56:51.0068 5808 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
14:56:51.0070 5808 amdide - ok
14:56:51.0221 5808 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
14:56:51.0224 5808 AmdK8 - ok
14:56:51.0296 5808 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
14:56:51.0299 5808 AmdPPM - ok
14:56:51.0467 5808 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
14:56:51.0471 5808 amdsata - ok
14:56:51.0544 5808 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
14:56:51.0549 5808 amdsbs - ok
14:56:51.0732 5808 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
14:56:51.0734 5808 amdxata - ok
14:56:51.0814 5808 ApfiltrService (1661f9c9e4b0049fa0a5e30264375a87) C:\windows\system32\DRIVERS\Apfiltr.sys
14:56:51.0821 5808 ApfiltrService - ok
14:56:52.0002 5808 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
14:56:52.0005 5808 AppID - ok
14:56:52.0075 5808 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
14:56:52.0077 5808 AppIDSvc - ok
14:56:52.0245 5808 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
14:56:52.0262 5808 Appinfo - ok
14:56:52.0357 5808 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:56:52.0361 5808 Apple Mobile Device - ok
14:56:52.0558 5808 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
14:56:52.0561 5808 arc - ok
14:56:52.0580 5808 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
14:56:52.0583 5808 arcsas - ok
14:56:52.0734 5808 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:56:52.0738 5808 aspnet_state - ok
14:56:52.0899 5808 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
14:56:52.0902 5808 AsyncMac - ok
14:56:52.0971 5808 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
14:56:52.0972 5808 atapi - ok
14:56:53.0044 5808 athr (e857eee6b92aaa473ebb3465add8f7e7) C:\windows\system32\DRIVERS\athrx.sys
14:56:53.0062 5808 athr - ok
14:56:53.0441 5808 atikmdag (173f4c05f87085e9bda3f7037bc9f40e) C:\windows\system32\DRIVERS\atikmdag.sys
14:56:53.0580 5808 atikmdag - ok
14:56:53.0772 5808 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\windows\system32\DRIVERS\AtiPcie.sys
14:56:53.0774 5808 AtiPcie - ok
14:56:53.0841 5808 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
14:56:53.0855 5808 AudioEndpointBuilder - ok
14:56:53.0867 5808 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
14:56:53.0872 5808 AudioSrv - ok
14:56:54.0094 5808 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
14:56:54.0098 5808 AxInstSV - ok
14:56:54.0189 5808 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
14:56:54.0200 5808 b06bdrv - ok
14:56:54.0401 5808 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
14:56:54.0408 5808 b57nd60a - ok
14:56:54.0500 5808 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
14:56:54.0504 5808 BDESVC - ok
14:56:54.0674 5808 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
14:56:54.0676 5808 Beep - ok
14:56:54.0783 5808 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
14:56:54.0798 5808 BFE - ok
14:56:54.0965 5808 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
14:56:54.0985 5808 BITS - ok
14:56:55.0186 5808 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
14:56:55.0189 5808 blbdrive - ok
14:56:55.0282 5808 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
14:56:55.0292 5808 Bonjour Service - ok
14:56:55.0489 5808 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
14:56:55.0492 5808 bowser - ok
14:56:55.0535 5808 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
14:56:55.0537 5808 BrFiltLo - ok
14:56:55.0701 5808 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
14:56:55.0703 5808 BrFiltUp - ok
14:56:55.0778 5808 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
14:56:55.0782 5808 Browser - ok
14:56:55.0813 5808 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
14:56:55.0818 5808 Brserid - ok
14:56:55.0849 5808 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
14:56:55.0851 5808 BrSerWdm - ok
14:56:56.0001 5808 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
14:56:56.0003 5808 BrUsbMdm - ok
14:56:56.0047 5808 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
14:56:56.0049 5808 BrUsbSer - ok
14:56:56.0084 5808 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
14:56:56.0087 5808 BTHMODEM - ok
14:56:56.0278 5808 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
14:56:56.0282 5808 bthserv - ok
14:56:56.0347 5808 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
14:56:56.0350 5808 cdfs - ok
14:56:56.0525 5808 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
14:56:56.0529 5808 cdrom - ok
14:56:56.0594 5808 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
14:56:56.0596 5808 CertPropSvc - ok
14:56:56.0687 5808 cfWiMAXService (837ff2d497880198c918e6954dbd170c) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
14:56:56.0693 5808 cfWiMAXService - ok
14:56:56.0881 5808 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
14:56:56.0884 5808 circlass - ok
14:56:56.0930 5808 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
14:56:56.0939 5808 CLFS - ok
14:56:57.0108 5808 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:56:57.0113 5808 clr_optimization_v2.0.50727_32 - ok
14:56:57.0151 5808 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:56:57.0154 5808 clr_optimization_v2.0.50727_64 - ok
14:56:57.0300 5808 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:56:57.0304 5808 clr_optimization_v4.0.30319_32 - ok
14:56:57.0374 5808 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:56:57.0379 5808 clr_optimization_v4.0.30319_64 - ok
14:56:57.0571 5808 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
14:56:57.0574 5808 CmBatt - ok
14:56:57.0622 5808 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
14:56:57.0624 5808 cmdide - ok
14:56:57.0839 5808 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
14:56:57.0849 5808 CNG - ok
14:56:58.0042 5808 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
14:56:58.0045 5808 Compbatt - ok
14:56:58.0099 5808 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
14:56:58.0101 5808 CompositeBus - ok
14:56:58.0240 5808 COMSysApp - ok
14:56:58.0327 5808 ConfigFree Gadget Service (d252c53bcdfc199bba55eeb10cdb266e) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
14:56:58.0329 5808 ConfigFree Gadget Service - ok
14:56:58.0364 5808 ConfigFree Service (cab0eeaf5295fc96ddd3e19dce27e131) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
14:56:58.0366 5808 ConfigFree Service - ok
14:56:58.0565 5808 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
14:56:58.0568 5808 crcdisk - ok
14:56:58.0637 5808 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\windows\system32\cryptsvc.dll
14:56:58.0642 5808 CryptSvc - ok
14:56:58.0817 5808 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
14:56:58.0831 5808 DcomLaunch - ok
14:56:58.0874 5808 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
14:56:58.0878 5808 defragsvc - ok
14:56:59.0222 5808 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
14:56:59.0226 5808 DfsC - ok
14:56:59.0392 5808 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
14:56:59.0401 5808 Dhcp - ok
14:56:59.0467 5808 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
14:56:59.0468 5808 discache - ok
14:56:59.0603 5808 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
14:56:59.0607 5808 Disk - ok
14:56:59.0651 5808 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
14:56:59.0654 5808 Dnscache - ok
14:56:59.0816 5808 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
14:56:59.0824 5808 dot3svc - ok
14:56:59.0868 5808 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
14:56:59.0873 5808 DPS - ok
14:57:00.0064 5808 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
14:57:00.0066 5808 drmkaud - ok
14:57:00.0132 5808 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
14:57:00.0152 5808 DXGKrnl - ok
14:57:00.0310 5808 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
14:57:00.0315 5808 EapHost - ok
14:57:00.0465 5808 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
14:57:00.0547 5808 ebdrv - ok
14:57:00.0690 5808 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
14:57:00.0702 5808 EFS - ok
14:57:00.0784 5808 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
14:57:00.0807 5808 ehRecvr - ok
14:57:00.0930 5808 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
14:57:00.0961 5808 ehSched - ok
14:57:01.0387 5808 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
14:57:01.0421 5808 elxstor - ok
14:57:01.0503 5808 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
14:57:01.0528 5808 ErrDev - ok
14:57:01.0647 5808 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
14:57:01.0657 5808 EventSystem - ok
14:57:01.0826 5808 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
14:57:01.0829 5808 exfat - ok
14:57:01.0883 5808 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
14:57:01.0886 5808 fastfat - ok
14:57:02.0052 5808 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
14:57:02.0069 5808 Fax - ok
14:57:02.0131 5808 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
14:57:02.0133 5808 fdc - ok
14:57:02.0294 5808 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
14:57:02.0297 5808 fdPHost - ok
14:57:02.0341 5808 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
14:57:02.0345 5808 FDResPub - ok
14:57:02.0504 5808 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
14:57:02.0507 5808 FileInfo - ok
14:57:02.0568 5808 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
14:57:02.0571 5808 Filetrace - ok
14:57:02.0601 5808 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
14:57:02.0602 5808 flpydisk - ok
14:57:02.0657 5808 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
14:57:02.0661 5808 FltMgr - ok
14:57:02.0831 5808 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
14:57:02.0848 5808 FontCache - ok
14:57:02.0928 5808 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:57:02.0931 5808 FontCache3.0.0.0 - ok
14:57:03.0092 5808 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
14:57:03.0094 5808 FsDepends - ok
14:57:03.0178 5808 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\windows\system32\DRIVERS\fssfltr.sys
14:57:03.0180 5808 fssfltr - ok
14:57:03.0283 5808 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
14:57:03.0315 5808 fsssvc - ok
14:57:03.0507 5808 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys
14:57:03.0510 5808 Fs_Rec - ok
14:57:03.0573 5808 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
14:57:03.0576 5808 fvevol - ok
14:57:03.0758 5808 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
14:57:03.0763 5808 gagp30kx - ok
14:57:03.0851 5808 GameConsoleService (4fbccbdd99a75c9efbc90392cf32af61) C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
14:57:03.0855 5808 GameConsoleService - ok
14:57:04.0046 5808 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
14:57:04.0047 5808 GEARAspiWDM - ok
14:57:04.0100 5808 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
14:57:04.0109 5808 gpsvc - ok
14:57:04.0220 5808 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:57:04.0224 5808 gupdate - ok
14:57:04.0266 5808 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:57:04.0267 5808 gupdatem - ok
14:57:04.0321 5808 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
14:57:04.0324 5808 gusvc - ok
14:57:04.0548 5808 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
14:57:04.0551 5808 hcw85cir - ok
14:57:04.0649 5808 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
14:57:04.0658 5808 HdAudAddService - ok
14:57:04.0957 5808 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
14:57:04.0961 5808 HDAudBus - ok
14:57:04.0994 5808 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
14:57:04.0997 5808 HidBatt - ok
14:57:05.0160 5808 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
14:57:05.0164 5808 HidBth - ok
14:57:05.0185 5808 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
14:57:05.0192 5808 HidIr - ok
14:57:05.0228 5808 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
14:57:05.0230 5808 hidserv - ok
14:57:05.0292 5808 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
14:57:05.0294 5808 HidUsb - ok
14:57:05.0453 5808 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
14:57:05.0458 5808 hkmsvc - ok
14:57:05.0593 5808 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
14:57:05.0598 5808 HomeGroupListener - ok
14:57:05.0746 5808 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
14:57:05.0750 5808 HomeGroupProvider - ok
14:57:05.0830 5808 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
14:57:05.0831 5808 HpSAMD - ok
14:57:06.0018 5808 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
14:57:06.0026 5808 HTTP - ok
14:57:06.0101 5808 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
14:57:06.0102 5808 hwpolicy - ok
14:57:06.0324 5808 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
14:57:06.0326 5808 i8042prt - ok
14:57:06.0416 5808 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
14:57:06.0423 5808 iaStorV - ok
14:57:06.0546 5808 IDriveE Service (4abaf0ee285bd49718a203d16972087a) C:\IDrive\IDriveE Service.exe
14:57:06.0614 5808 IDriveE Service - ok
14:57:06.0774 5808 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:57:06.0793 5808 IDriverT - ok
14:57:07.0023 5808 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:57:07.0043 5808 idsvc - ok
14:57:07.0219 5808 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
14:57:07.0222 5808 iirsp - ok
14:57:07.0293 5808 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
14:57:07.0306 5808 IKEEXT - ok
14:57:07.0540 5808 IntcAzAudAddService (b6e61b181884527cc5b68c2d79504b43) C:\windows\system32\drivers\RTKVHD64.sys
14:57:07.0568 5808 IntcAzAudAddService - ok
14:57:07.0759 5808 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
14:57:07.0761 5808 intelide - ok
14:57:07.0810 5808 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
14:57:07.0812 5808 intelppm - ok
14:57:07.0982 5808 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
14:57:07.0986 5808 IPBusEnum - ok
14:57:08.0072 5808 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
14:57:08.0076 5808 IpFilterDriver - ok
14:57:08.0133 5808 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
14:57:08.0141 5808 iphlpsvc - ok
14:57:08.0332 5808 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
14:57:08.0334 5808 IPMIDRV - ok
14:57:08.0382 5808 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
14:57:08.0386 5808 IPNAT - ok
14:57:08.0495 5808 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe
14:57:08.0515 5808 iPod Service - ok
14:57:08.0692 5808 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
14:57:08.0695 5808 IRENUM - ok
14:57:08.0737 5808 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
14:57:08.0738 5808 isapnp - ok
14:57:08.0911 5808 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
14:57:08.0916 5808 iScsiPrt - ok
14:57:08.0967 5808 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
14:57:08.0969 5808 kbdclass - ok
14:57:09.0249 5808 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
14:57:09.0250 5808 kbdhid - ok
14:57:09.0280 5808 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:57:09.0282 5808 KeyIso - ok
14:57:09.0316 5808 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
14:57:09.0318 5808 KSecDD - ok
14:57:09.0471 5808 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
14:57:09.0473 5808 KSecPkg - ok
14:57:09.0514 5808 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
14:57:09.0516 5808 ksthunk - ok
14:57:09.0565 5808 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
14:57:09.0571 5808 KtmRm - ok
14:57:09.0742 5808 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
14:57:09.0751 5808 LanmanServer - ok
14:57:09.0803 5808 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
14:57:09.0808 5808 LanmanWorkstation - ok
14:57:09.0916 5808 LBTServ (88e52495b47c67126b510af53fdb0bc7) C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
14:57:09.0920 5808 LBTServ - ok
14:57:10.0104 5808 LHidFilt (b6552d382ff070b4ed34cbd6737277c0) C:\windows\system32\DRIVERS\LHidFilt.Sys
14:57:10.0106 5808 LHidFilt - ok
14:57:10.0156 5808 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
14:57:10.0157 5808 lltdio - ok
14:57:10.0335 5808 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
14:57:10.0341 5808 lltdsvc - ok
14:57:10.0362 5808 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
14:57:10.0364 5808 lmhosts - ok
14:57:10.0441 5808 LMouFilt (73c1f563ab73d459dffe682d66476558) C:\windows\system32\DRIVERS\LMouFilt.Sys
14:57:10.0444 5808 LMouFilt - ok
14:57:10.0616 5808 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
14:57:10.0621 5808 LSI_FC - ok
14:57:10.0784 5808 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
14:57:10.0789 5808 LSI_SAS - ok
14:57:10.0826 5808 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
14:57:10.0828 5808 LSI_SAS2 - ok
14:57:10.0954 5808 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
14:57:10.0958 5808 LSI_SCSI - ok
14:57:11.0038 5808 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
14:57:11.0042 5808 luafv - ok
14:57:11.0201 5808 LUsbFilt (9d9714e78eac9e5368208649489c920e) C:\windows\system32\Drivers\LUsbFilt.Sys
14:57:11.0204 5808 LUsbFilt - ok
14:57:11.0263 5808 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
14:57:11.0266 5808 Mcx2Svc - ok
14:57:11.0338 5808 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
14:57:11.0340 5808 megasas - ok
14:57:11.0492 5808 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
14:57:11.0499 5808 MegaSR - ok
14:57:11.0594 5808 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
14:57:11.0598 5808 Microsoft Office Groove Audit Service - ok
14:57:11.0762 5808 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
14:57:11.0767 5808 MMCSS - ok
14:57:11.0839 5808 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
14:57:11.0840 5808 Modem - ok
14:57:11.0995 5808 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
14:57:12.0009 5808 monitor - ok
14:57:12.0093 5808 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
14:57:12.0095 5808 mouclass - ok
14:57:12.0248 5808 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
14:57:12.0251 5808 mouhid - ok
14:57:12.0336 5808 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
14:57:12.0338 5808 mountmgr - ok
14:57:12.0538 5808 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\windows\system32\DRIVERS\MpFilter.sys
14:57:12.0547 5808 MpFilter - ok
14:57:12.0616 5808 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
14:57:12.0619 5808 mpio - ok
14:57:12.0823 5808 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\windows\system32\DRIVERS\MpNWMon.sys
14:57:12.0826 5808 MpNWMon - ok
14:57:12.0917 5808 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
14:57:12.0919 5808 mpsdrv - ok
14:57:13.0032 5808 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
14:57:13.0047 5808 MpsSvc - ok
14:57:13.0257 5808 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
14:57:13.0259 5808 MRxDAV - ok
14:57:13.0307 5808 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
14:57:13.0310 5808 mrxsmb - ok
14:57:13.0503 5808 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
14:57:13.0509 5808 mrxsmb10 - ok
14:57:13.0567 5808 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
14:57:13.0569 5808 mrxsmb20 - ok
14:57:13.0754 5808 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
14:57:13.0755 5808 msahci - ok
14:57:13.0805 5808 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
14:57:13.0808 5808 msdsm - ok
14:57:13.0959 5808 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
14:57:13.0965 5808 MSDTC - ok
14:57:14.0048 5808 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
14:57:14.0049 5808 Msfs - ok
14:57:14.0182 5808 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
14:57:14.0183 5808 mshidkmdf - ok
14:57:14.0227 5808 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
14:57:14.0228 5808 msisadrv - ok
14:57:14.0274 5808 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
14:57:14.0277 5808 MSiSCSI - ok
14:57:14.0409 5808 msiserver - ok
14:57:14.0493 5808 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
14:57:14.0494 5808 MSKSSRV - ok
14:57:14.0588 5808 MsMpSvc (157e9e498206a3366baa7e4697bdd947) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
14:57:14.0588 5808 MsMpSvc - ok
14:57:14.0794 5808 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
14:57:14.0796 5808 MSPCLOCK - ok
14:57:14.0816 5808 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
14:57:14.0818 5808 MSPQM - ok
14:57:14.0877 5808 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
14:57:14.0882 5808 MsRPC - ok
14:57:15.0064 5808 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
14:57:15.0065 5808 mssmbios - ok
14:57:15.0115 5808 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
14:57:15.0116 5808 MSTEE - ok
14:57:15.0268 5808 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
14:57:15.0271 5808 MTConfig - ok
14:57:15.0303 5808 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
14:57:15.0305 5808 Mup - ok
14:57:15.0351 5808 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
14:57:15.0358 5808 napagent - ok
14:57:15.0582 5808 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
14:57:15.0586 5808 NativeWifiP - ok
14:57:15.0797 5808 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
14:57:15.0808 5808 NDIS - ok
14:57:16.0009 5808 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
14:57:16.0012 5808 NdisCap - ok
14:57:16.0052 5808 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
14:57:16.0056 5808 NdisTapi - ok
14:57:16.0238 5808 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
14:57:16.0241 5808 Ndisuio - ok
14:57:16.0284 5808 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
14:57:16.0287 5808 NdisWan - ok
14:57:16.0466 5808 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
14:57:16.0468 5808 NDProxy - ok
14:57:16.0519 5808 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
14:57:16.0522 5808 NetBIOS - ok
14:57:16.0771 5808 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
14:57:16.0774 5808 NetBT - ok
14:57:16.0847 5808 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:57:16.0850 5808 Netlogon - ok
14:57:17.0269 5808 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
14:57:17.0308 5808 Netman - ok
14:57:17.0451 5808 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:17.0455 5808 NetMsmqActivator - ok
14:57:17.0464 5808 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:17.0465 5808 NetPipeActivator - ok
14:57:17.0634 5808 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
14:57:17.0646 5808 netprofm - ok
14:57:17.0796 5808 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:17.0798 5808 NetTcpActivator - ok
14:57:17.0816 5808 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:17.0819 5808 NetTcpPortSharing - ok
14:57:17.0991 5808 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
14:57:17.0994 5808 nfrd960 - ok
14:57:18.0080 5808 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\windows\system32\DRIVERS\NisDrvWFP.sys
14:57:18.0083 5808 NisDrv - ok
14:57:18.0172 5808 NisSrv (566ddd5d82520da01d75f81428ac4c38) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
14:57:18.0177 5808 NisSrv - ok
14:57:18.0361 5808 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
14:57:18.0366 5808 NlaSvc - ok
14:57:18.0420 5808 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
14:57:18.0422 5808 Npfs - ok
14:57:18.0568 5808 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
14:57:18.0569 5808 nsi - ok
14:57:18.0588 5808 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
14:57:18.0589 5808 nsiproxy - ok
14:57:18.0692 5808 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
14:57:18.0713 5808 Ntfs - ok
14:57:18.0885 5808 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
14:57:18.0886 5808 Null - ok
14:57:18.0945 5808 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
14:57:18.0947 5808 nvraid - ok
14:57:19.0195 5808 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
14:57:19.0198 5808 nvstor - ok
14:57:19.0275 5808 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
14:57:19.0277 5808 nv_agp - ok
14:57:19.0392 5808 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:57:19.0399 5808 odserv - ok
14:57:19.0688 5808 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
14:57:19.0689 5808 ohci1394 - ok
14:57:19.0793 5808 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:57:19.0796 5808 ose - ok
14:57:20.0100 5808 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
14:57:20.0105 5808 p2pimsvc - ok
14:57:20.0152 5808 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
14:57:20.0159 5808 p2psvc - ok
14:57:20.0396 5808 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
14:57:20.0399 5808 Parport - ok
14:57:20.0475 5808 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\windows\system32\drivers\partmgr.sys
14:57:20.0477 5808 partmgr - ok
14:57:20.0689 5808 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
14:57:20.0693 5808 PcaSvc - ok
14:57:20.0785 5808 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
14:57:20.0788 5808 pci - ok
14:57:20.0821 5808 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
14:57:20.0837 5808 pciide - ok
14:57:21.0113 5808 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
14:57:21.0117 5808 pcmcia - ok
14:57:21.0198 5808 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
14:57:21.0215 5808 pcw - ok
14:57:21.0318 5808 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
14:57:21.0328 5808 PEAUTH - ok
14:57:21.0428 5808 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
14:57:21.0430 5808 PerfHost - ok
14:57:21.0706 5808 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys
14:57:21.0708 5808 PGEffect - ok
14:57:21.0969 5808 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
14:57:21.0999 5808 pla - ok
14:57:22.0152 5808 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
14:57:22.0160 5808 PlugPlay - ok
14:57:22.0262 5808 PMCF (60795ae1e34bcf4ff731f55a6cda9a86) C:\windows\system32\drivers\PMCF.sys
14:57:22.0264 5808 PMCF - ok
14:57:22.0410 5808 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
14:57:22.0415 5808 PNRPAutoReg - ok
14:57:22.0483 5808 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
14:57:22.0494 5808 PNRPsvc - ok
14:57:22.0715 5808 Point64 (b8d8ec78b0f9ed8e220506181274f3d3) C:\windows\system32\DRIVERS\point64.sys
14:57:22.0717 5808 Point64 - ok
14:57:22.0808 5808 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
14:57:22.0815 5808 PolicyAgent - ok
14:57:22.0874 5808 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
14:57:22.0878 5808 Power - ok
14:57:23.0059 5808 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
14:57:23.0062 5808 PptpMiniport - ok
14:57:23.0149 5808 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
14:57:23.0151 5808 Processor - ok
14:57:23.0254 5808 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\windows\system32\profsvc.dll
14:57:23.0258 5808 ProfSvc - ok
14:57:23.0415 5808 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:57:23.0417 5808 ProtectedStorage - ok
14:57:23.0574 5808 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
14:57:23.0576 5808 Psched - ok
14:57:23.0711 5808 QBCFMonitorService (933d92f0bd1d7a9835cd8a8b1235a11e) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
14:57:23.0734 5808 QBCFMonitorService - ok
14:57:23.0895 5808 QBFCService (6bee1814470dc12fa20c53dfc3c97ebb) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
14:57:23.0917 5808 QBFCService - ok
14:57:24.0218 5808 QBVSS (25fc19badf78b7fb1d835aac4b0b91a5) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
14:57:24.0356 5808 QBVSS - ok
14:57:24.0618 5808 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
14:57:24.0635 5808 ql2300 - ok
14:57:24.0837 5808 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
14:57:24.0861 5808 ql40xx - ok
14:57:24.0906 5808 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
14:57:24.0911 5808 QWAVE - ok
14:57:24.0983 5808 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
14:57:24.0984 5808 QWAVEdrv - ok
14:57:25.0208 5808 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
14:57:25.0213 5808 RasAcd - ok
14:57:25.0308 5808 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
14:57:25.0318 5808 RasAgileVpn - ok
14:57:25.0506 5808 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
14:57:25.0510 5808 RasAuto - ok
14:57:25.0593 5808 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
14:57:25.0595 5808 Rasl2tp - ok
14:57:25.0681 5808 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
14:57:25.0688 5808 RasMan - ok
14:57:25.0871 5808 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
14:57:25.0873 5808 RasPppoe - ok
14:57:25.0986 5808 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
14:57:25.0988 5808 RasSstp - ok
14:57:26.0063 5808 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
14:57:26.0067 5808 rdbss - ok
14:57:26.0235 5808 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
14:57:26.0257 5808 rdpbus - ok
14:57:26.0322 5808 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
14:57:26.0323 5808 RDPCDD - ok
14:57:26.0357 5808 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
14:57:26.0357 5808 RDPENCDD - ok
14:57:26.0513 5808 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
14:57:26.0513 5808 RDPREFMP - ok
14:57:26.0600 5808 RDPWD (6d76e6433574b058adcb0c50df834492) C:\windows\system32\drivers\RDPWD.sys
14:57:26.0603 5808 RDPWD - ok
14:57:26.0779 5808 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
14:57:26.0782 5808 rdyboost - ok
14:57:26.0957 5808 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
14:57:26.0963 5808 RemoteAccess - ok
14:57:27.0016 5808 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
14:57:27.0020 5808 RemoteRegistry - ok
14:57:27.0162 5808 rimspci (e20b1907fc72a3664ece21e3c20fc63d) C:\windows\system32\DRIVERS\rimspe64.sys
14:57:27.0164 5808 rimspci - ok
14:57:27.0320 5808 risdpcie (7dda2e5cf452dad24b1be704225c18ee) C:\windows\system32\DRIVERS\risdpe64.sys
14:57:27.0322 5808 risdpcie - ok
14:57:27.0388 5808 rixdpcie (6a1cd4674505e6791390a1ab71da1fbe) C:\windows\system32\DRIVERS\rixdpe64.sys
14:57:27.0390 5808 rixdpcie - ok
14:57:27.0557 5808 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
14:57:27.0559 5808 RpcEptMapper - ok
14:57:27.0589 5808 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
14:57:27.0591 5808 RpcLocator - ok
14:57:27.0638 5808 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
14:57:27.0643 5808 RpcSs - ok
14:57:27.0713 5808 RSELSVC - ok
14:57:27.0903 5808 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
14:57:27.0905 5808 rspndr - ok
14:57:27.0949 5808 RTL8167 (66f9f7161d147b6486a22feb9425930d) C:\windows\system32\DRIVERS\Rt64win7.sys
14:57:27.0953 5808 RTL8167 - ok
14:57:28.0148 5808 rtl8192se (03e0627c26943916a7276ac5306206c7) C:\windows\system32\DRIVERS\rtl8192se.sys
14:57:28.0161 5808 rtl8192se - ok
14:57:28.0315 5808 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:57:28.0317 5808 SamSs - ok
14:57:28.0382 5808 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
14:57:28.0384 5808 sbp2port - ok
14:57:28.0540 5808 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
14:57:28.0544 5808 SCardSvr - ok
14:57:28.0621 5808 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
14:57:28.0623 5808 scfilter - ok
14:57:28.0813 5808 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
14:57:28.0827 5808 Schedule - ok
14:57:28.0996 5808 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
14:57:28.0997 5808 SCPolicySvc - ok
14:57:29.0079 5808 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\windows\system32\drivers\sdbus.sys
14:57:29.0082 5808 sdbus - ok
14:57:29.0255 5808 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
14:57:29.0259 5808 SDRSVC - ok
14:57:29.0319 5808 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
14:57:29.0321 5808 secdrv - ok
14:57:29.0494 5808 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
14:57:29.0496 5808 seclogon - ok
14:57:29.0533 5808 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
14:57:29.0536 5808 SENS - ok
14:57:29.0791 5808 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
14:57:29.0802 5808 SensrSvc - ok
14:57:29.0908 5808 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
14:57:29.0909 5808 Serenum - ok
14:57:30.0064 5808 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
14:57:30.0068 5808 Serial - ok
14:57:30.0118 5808 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
14:57:30.0119 5808 sermouse - ok
14:57:30.0195 5808 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
14:57:30.0198 5808 SessionEnv - ok
14:57:30.0306 5808 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
14:57:30.0308 5808 sffdisk - ok
14:57:30.0475 5808 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
14:57:30.0477 5808 sffp_mmc - ok
14:57:30.0498 5808 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
14:57:30.0500 5808 sffp_sd - ok
14:57:30.0548 5808 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
14:57:30.0550 5808 sfloppy - ok
14:57:30.0638 5808 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
14:57:30.0644 5808 SharedAccess - ok
14:57:30.0692 5808 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
14:57:30.0698 5808 ShellHWDetection - ok
14:57:30.0882 5808 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
14:57:30.0884 5808 SiSRaid2 - ok
14:57:30.0895 5808 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
14:57:30.0901 5808 SiSRaid4 - ok
14:57:31.0090 5808 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
14:57:31.0094 5808 Smb - ok
14:57:31.0129 5808 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
14:57:31.0131 5808 SNMPTRAP - ok
14:57:31.0153 5808 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
14:57:31.0154 5808 spldr - ok
14:57:31.0359 5808 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
14:57:31.0374 5808 Spooler - ok
14:57:31.0503 5808 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
14:57:31.0603 5808 sppsvc - ok
14:57:31.0743 5808 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
14:57:31.0749 5808 sppuinotify - ok
14:57:31.0835 5808 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
14:57:31.0846 5808 srv - ok
14:57:32.0055 5808 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
14:57:32.0065 5808 srv2 - ok
14:57:32.0134 5808 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
14:57:32.0138 5808 srvnet - ok
14:57:32.0286 5808 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
14:57:32.0290 5808 SSDPSRV - ok
14:57:32.0323 5808 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
14:57:32.0325 5808 SstpSvc - ok
14:57:32.0390 5808 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
14:57:32.0393 5808 stexstor - ok
14:57:32.0569 5808 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
14:57:32.0586 5808 stisvc - ok
14:57:32.0671 5808 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
14:57:32.0672 5808 swenum - ok
14:57:32.0827 5808 swg3kser00 (9f0a0c3ee91fd7cb709f7d0d97207f7e) C:\windows\system32\DRIVERS\swg3kser00.sys
14:57:32.0836 5808 swg3kser00 - ok
14:57:32.0910 5808 SwiCardDetectSvc (7759bb08cf43b2dbf9e151bbf827add2) C:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe
14:57:33.0038 5808 SwiCardDetectSvc - ok
14:57:33.0269 5808 swiwdmbx (c6a7e54a31803e6f95e23d1b5d967d57) C:\windows\system32\DRIVERS\swiwdmbx64.sys
14:57:33.0273 5808 swiwdmbx - ok
14:57:33.0346 5808 SWNC8UA3 (dc345fc7ce9ba3005153062407263bb2) C:\windows\system32\DRIVERS\swnc8ua3.sys
14:57:33.0355 5808 SWNC8UA3 - ok
14:57:33.0520 5808 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
14:57:33.0535 5808 swprv - ok
14:57:33.0758 5808 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
14:57:33.0777 5808 SysMain - ok
14:57:33.0928 5808 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
14:57:33.0931 5808 TabletInputService - ok
14:57:33.0954 5808 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
14:57:33.0960 5808 TapiSrv - ok
14:57:34.0122 5808 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
14:57:34.0128 5808 TBS - ok
14:57:34.0258 5808 Tcpip (fc62769e7bff2896035aeed399108162) C:\windows\system32\drivers\tcpip.sys
14:57:34.0285 5808 Tcpip - ok
14:57:34.0599 5808 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\windows\system32\DRIVERS\tcpip.sys
14:57:34.0611 5808 TCPIP6 - ok
14:57:34.0798 5808 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
14:57:34.0801 5808 tcpipreg - ok
14:57:34.0863 5808 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
14:57:34.0866 5808 tdcmdpst - ok
14:57:35.0057 5808 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
14:57:35.0059 5808 TDPIPE - ok
14:57:35.0106 5808 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
14:57:35.0109 5808 TDTCP - ok
14:57:35.0297 5808 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
14:57:35.0301 5808 tdx - ok
14:57:35.0345 5808 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
14:57:35.0348 5808 TermDD - ok
14:57:35.0523 5808 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
14:57:35.0533 5808 TermService - ok
14:57:35.0681 5808 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
14:57:35.0687 5808 Themes - ok
14:57:35.0771 5808 Thpdrv (c013f6acaa9761f571bd28dada7c157d) C:\windows\system32\DRIVERS\thpdrv.sys
14:57:35.0773 5808 Thpdrv - ok
14:57:35.0918 5808 Thpevm (b4e609047434ed948af7bdef2fa66e38) C:\windows\system32\DRIVERS\Thpevm.SYS
14:57:35.0920 5808 Thpevm - ok
14:57:35.0981 5808 Thpsrv (6146eac71ae3c9da17b0e33632082b7b) C:\windows\system32\ThpSrv.exe
14:57:36.0019 5808 Thpsrv - ok
14:57:36.0319 5808 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
14:57:36.0323 5808 THREADORDER - ok
14:57:36.0422 5808 TMachInfo (f120967184a27e927052e8ddbb727851) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
14:57:36.0425 5808 TMachInfo - ok
14:57:36.0591 5808 TODDSrv (ed32035bdfeced1ad66d459fd9cc1140) C:\Windows\system32\TODDSrv.exe
14:57:36.0605 5808 TODDSrv - ok
14:57:36.0726 5808 TosCoSrv (06c61275adc64f1e36240a2287998a5e) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
14:57:36.0736 5808 TosCoSrv - ok
14:57:36.0803 5808 TOSHIBA eco Utility Service (707800855afbd7648375efb1519b8d6d) C:\Program Files\TOSHIBA\TECO\TecoService.exe
14:57:36.0807 5808 TOSHIBA eco Utility Service - ok
14:57:37.0107 5808 TOSHIBA HDD SSD Alert Service (eda12e9bc9a0f104c24101720eec4785) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
14:57:37.0200 5808 TOSHIBA HDD SSD Alert Service - ok
14:57:37.0425 5808 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\windows\system32\DRIVERS\tos_sps64.sys
14:57:37.0432 5808 tos_sps64 - ok
14:57:37.0542 5808 TPCHSrv (de64c52bd0671165cf2eebf2a728a3e2) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
14:57:37.0563 5808 TPCHSrv - ok
14:57:37.0815 5808 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
14:57:37.0818 5808 TrkWks - ok
14:57:37.0914 5808 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
14:57:37.0917 5808 TrustedInstaller - ok
14:57:38.0076 5808 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
14:57:38.0079 5808 tssecsrv - ok
14:57:38.0174 5808 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
14:57:38.0175 5808 TsUsbFlt - ok
14:57:38.0344 5808 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
14:57:38.0347 5808 tunnel - ok
14:57:38.0418 5808 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
14:57:38.0420 5808 TVALZ - ok
14:57:38.0576 5808 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys
14:57:38.0578 5808 TVALZFL - ok
14:57:38.0658 5808 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
14:57:38.0662 5808 uagp35 - ok
14:57:38.0713 5808 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
14:57:38.0719 5808 udfs - ok
14:57:38.0862 5808 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
14:57:38.0866 5808 UI0Detect - ok
14:57:38.0955 5808 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
14:57:38.0958 5808 uliagpkx - ok
14:57:39.0051 5808 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys
14:57:39.0062 5808 umbus - ok
14:57:39.0203 5808 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
14:57:39.0204 5808 UmPass - ok
14:57:39.0267 5808 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
14:57:39.0273 5808 upnphost - ok
14:57:39.0363 5808 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\windows\system32\Drivers\usbaapl64.sys
14:57:39.0398 5808 USBAAPL64 - ok
14:57:39.0542 5808 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
14:57:39.0546 5808 usbccgp - ok
14:57:39.0606 5808 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
14:57:39.0611 5808 usbcir - ok
14:57:39.0636 5808 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
14:57:39.0638 5808 usbehci - ok
14:57:39.0724 5808 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
14:57:39.0730 5808 usbhub - ok
14:57:39.0885 5808 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\DRIVERS\usbohci.sys
14:57:39.0888 5808 usbohci - ok
14:57:39.0944 5808 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
14:57:39.0947 5808 usbprint - ok
14:57:40.0104 5808 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
14:57:40.0133 5808 USBSTOR - ok
14:57:40.0179 5808 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
14:57:40.0181 5808 usbuhci - ok
14:57:40.0347 5808 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
14:57:40.0353 5808 usbvideo - ok
14:57:40.0406 5808 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
14:57:40.0413 5808 UxSms - ok
14:57:40.0538 5808 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:57:40.0542 5808 VaultSvc - ok
14:57:40.0689 5808 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
14:57:40.0693 5808 vdrvroot - ok
14:57:40.0750 5808 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
14:57:40.0761 5808 vds - ok
14:57:40.0945 5808 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
14:57:40.0947 5808 vga - ok
14:57:40.0984 5808 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
14:57:40.0985 5808 VgaSave - ok
14:57:41.0177 5808 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
14:57:41.0183 5808 vhdmp - ok
14:57:41.0214 5808 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
14:57:41.0216 5808 viaide - ok
14:57:41.0421 5808 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
14:57:41.0424 5808 volmgr - ok
14:57:41.0479 5808 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
14:57:41.0484 5808 volmgrx - ok
14:57:41.0684 5808 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
14:57:41.0688 5808 volsnap - ok
14:57:41.0733 5808 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
14:57:41.0736 5808 vsmraid - ok
14:57:41.0936 5808 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
14:57:41.0962 5808 VSS - ok
14:57:42.0027 5808 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
14:57:42.0028 5808 vwifibus - ok
14:57:42.0170 5808 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
14:57:42.0172 5808 vwififlt - ok
14:57:42.0214 5808 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
14:57:42.0221 5808 W32Time - ok
14:57:42.0414 5808 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
14:57:42.0416 5808 WacomPen - ok
14:57:42.0484 5808 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
14:57:42.0487 5808 WANARP - ok
14:57:42.0510 5808 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
14:57:42.0511 5808 Wanarpv6 - ok
14:57:42.0722 5808 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
14:57:42.0748 5808 WatAdminSvc - ok
14:57:42.0842 5808 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
14:57:42.0862 5808 wbengine - ok
14:57:43.0014 5808 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
14:57:43.0023 5808 WbioSrvc - ok
14:57:43.0080 5808 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
14:57:43.0092 5808 wcncsvc - ok
14:57:43.0243 5808 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
14:57:43.0249 5808 WcsPlugInService - ok
14:57:43.0318 5808 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
14:57:43.0320 5808 Wd - ok
14:57:43.0479 5808 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\windows\system32\DRIVERS\wdcsam64.sys
14:57:43.0482 5808 WDC_SAM - ok
14:57:43.0555 5808 WDDMService (e6050fe6b60fa91188b8abdb5b1e339f) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
14:57:43.0561 5808 WDDMService - ok
14:57:43.0761 5808 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
14:57:43.0775 5808 Wdf01000 - ok
14:57:43.0893 5808 WDFME (b83d5071b32a70bebdb3330bfa7acb80) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
14:57:43.0907 5808 WDFME - ok
14:57:44.0055 5808 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
14:57:44.0061 5808 WdiServiceHost - ok
14:57:44.0071 5808 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
14:57:44.0077 5808 WdiSystemHost - ok
14:57:44.0165 5808 WDSC (517de2c5568cba6b2a24a557ac60c30b) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
14:57:44.0207 5808 WDSC - ok
14:57:44.0377 5808 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
14:57:44.0388 5808 WebClient - ok
14:57:44.0431 5808 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
14:57:44.0436 5808 Wecsvc - ok
14:57:44.0572 5808 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
14:57:44.0578 5808 wercplsupport - ok
14:57:44.0616 5808 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
14:57:44.0620 5808 WerSvc - ok
14:57:44.0703 5808 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
14:57:44.0706 5808 WfpLwf - ok
14:57:44.0739 5808 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
14:57:44.0741 5808 WIMMount - ok
14:57:44.0788 5808 WinDefend - ok
14:57:44.0812 5808 WinHttpAutoProxySvc - ok
14:57:44.0990 5808 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
14:57:44.0996 5808 Winmgmt - ok
14:57:45.0097 5808 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
14:57:45.0128 5808 WinRM - ok
14:57:45.0340 5808 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
14:57:45.0343 5808 WinUsb - ok
14:57:45.0406 5808 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
14:57:45.0427 5808 Wlansvc - ok
14:57:45.0513 5808 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:57:45.0516 5808 wlcrasvc - ok
14:57:45.0704 5808 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:57:45.0732 5808 wlidsvc - ok
14:57:45.0908 5808 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
14:57:45.0910 5808 WmiAcpi - ok
14:57:45.0975 5808 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
14:57:45.0979 5808 wmiApSrv - ok
14:57:46.0029 5808 WMPNetworkSvc - ok
14:57:46.0190 5808 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
14:57:46.0196 5808 WPCSvc - ok
14:57:46.0250 5808 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
14:57:46.0255 5808 WPDBusEnum - ok
14:57:46.0323 5808 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
14:57:46.0325 5808 ws2ifsl - ok
14:57:46.0701 5808 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.d
Back to top
View user's profile Send private message
nealod
Warrior


Joined: 24 Sep 2010
Last Visit: 02 Oct 2013
Posts: 52

PostPosted: Thu Apr 12, 2012 4:16 am    Post subject: Reply with quote

OTL logfile created on: 4/11/2012 4:20:40 PM - Run 2
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Absolute\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 2.05 Gb Available Physical Memory | 54.58% Memory free
7.49 Gb Paging File | 5.72 Gb Available in Paging File | 76.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 454.62 Gb Total Space | 380.25 Gb Free Space | 83.64% Space Free | Partition Type: NTFS

Computer Name: ABSOLUTE-LT | User Name: Absolute | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/04/11 14:59:38 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Absolute\Downloads\OTL.exe
PRC - [2012/03/19 17:02:10 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/03/14 12:14:52 | 001,175,912 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
PRC - [2012/03/14 12:13:30 | 001,178,984 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Intuit\QuickBooks 2012\QBW32.EXE
PRC - [2012/03/14 11:19:46 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2012/02/22 20:49:58 | 006,591,800 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/11/24 12:11:16 | 002,491,848 | ---- | M] (Pro Softnet Corp.) -- C:\IDrive\IDriveETray.exe
PRC - [2011/11/21 18:41:16 | 000,050,632 | ---- | M] (Pro-SoftNet Corp, U.S.A) -- C:\IDrive\IDriveEBackground.exe
PRC - [2011/11/21 18:40:46 | 000,157,128 | ---- | M] (Pro Softnet Corporation) -- C:\IDrive\IDriveE Service.exe
PRC - [2011/09/27 19:01:10 | 000,267,720 | ---- | M] ( ) -- C:\IDrive\IDrivePlugin.exe
PRC - [2011/08/19 21:31:14 | 001,248,256 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
PRC - [2011/08/04 13:15:30 | 000,210,568 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\attcm_AppStart.exe
PRC - [2011/03/09 11:41:08 | 001,066,896 | ---- | M] () -- C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe
PRC - [2009/11/21 11:52:16 | 002,454,840 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
PRC - [2009/07/29 00:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009/07/20 05:00:00 | 000,077,824 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
PRC - [2009/07/14 23:10:30 | 000,042,368 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
PRC - [2009/07/13 19:24:00 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2009/03/10 22:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2008/09/25 19:49:00 | 000,195,080 | ---- | M] (LSI Corp.) -- C:\Program Files\ltmoh\ltmoh.exe


========== Modules (No Company Name) ==========

MOD - [2012/03/31 09:55:44 | 008,797,344 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll
MOD - [2012/03/19 17:02:10 | 001,969,080 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/03/14 12:14:20 | 000,138,088 | ---- | M] () -- C:\Program Files (x86)\Intuit\QuickBooks 2012\QBMAPILibrary.dll
MOD - [2012/03/14 12:14:16 | 000,020,840 | ---- | M] () -- C:\Program Files (x86)\Intuit\QuickBooks 2012\QBCompressor.DLL
MOD - [2012/03/14 12:14:04 | 000,042,344 | ---- | M] () -- C:\Program Files (x86)\Intuit\QuickBooks 2012\mbpopup.dll
MOD - [2012/03/14 12:13:40 | 000,176,488 | ---- | M] () -- C:\Program Files (x86)\Intuit\QuickBooks 2012\boost_serialization-vc90-mt-p-1_33.dll
MOD - [2012/03/14 12:13:38 | 000,268,648 | ---- | M] () -- C:\Program Files (x86)\Intuit\QuickBooks 2012\boost_regex-vc90-mt-p-1_33.dll
MOD - [2012/03/14 12:13:36 | 000,380,264 | ---- | M] () -- C:\Program Files (x86)\Intuit\QuickBooks 2012\BackupLib.dll
MOD - [2012/02/22 20:49:56 | 000,921,600 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
MOD - [2012/02/22 20:49:38 | 000,078,336 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\pcre.dll
MOD - [2011/08/19 21:30:50 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Intuit\QuickBooks 2012\zlib1.dll
MOD - [2011/08/04 13:15:32 | 001,048,512 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\wxmsw28u_core_vc_custom.dll
MOD - [2011/08/04 13:15:32 | 000,033,280 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\ressources\plugins\DiscoveryGeneric.plugin
MOD - [2011/08/04 13:15:32 | 000,029,696 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\ressources\plugins\DiscoveryVPorts.plugin
MOD - [2011/08/04 13:15:32 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\ressources\plugins\DiscoveryMobileBroadband.plugin
MOD - [2011/08/04 13:15:32 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\ressources\plugins\DiscoveryNdis.plugin
MOD - [2011/08/04 13:15:32 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\ressources\plugins\ContextSwitcher.plugin
MOD - [2011/08/04 13:15:30 | 000,861,120 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\UIToolkit.dll
MOD - [2011/08/04 13:15:30 | 000,726,976 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\wxbase28u_vc_custom.dll
MOD - [2011/08/04 13:15:30 | 000,608,704 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\Toolkit.dll
MOD - [2011/08/04 13:15:30 | 000,393,664 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\WebClient.dll
MOD - [2011/08/04 13:15:30 | 000,368,576 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\Device.dll
MOD - [2011/08/04 13:15:30 | 000,247,744 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\DB.dll
MOD - [2011/08/04 13:15:30 | 000,210,568 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\attcm_AppStart.exe
MOD - [2011/08/04 13:15:30 | 000,147,904 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\pcre3.dll
MOD - [2011/08/04 13:15:30 | 000,132,032 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\Discovery.dll
MOD - [2011/08/04 13:15:30 | 000,099,776 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\System.dll
MOD - [2011/08/04 13:15:30 | 000,096,704 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\ComCore.dll
MOD - [2011/08/04 13:15:30 | 000,061,888 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\DriveDetector.dll
MOD - [2011/08/04 13:15:30 | 000,049,600 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\Preferences.dll
MOD - [2009/07/20 05:00:00 | 000,077,824 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/04/27 17:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011/04/27 17:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/03/09 11:10:40 | 000,288,768 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/09/17 16:41:36 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009/08/27 17:38:22 | 000,251,760 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2009/08/21 13:31:06 | 000,488,800 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2009/08/04 15:15:06 | 000,826,224 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2009/07/30 03:54:22 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/28 19:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2009/07/20 13:36:14 | 000,160,784 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/08 13:41:02 | 000,531,520 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)
SRV:64bit: - [2009/07/07 13:38:24 | 000,065,904 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\rselect\RSelSvc.exe -- (RSELSVC)
SRV:64bit: - [2009/03/27 22:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV - [2012/03/31 09:55:44 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/03/14 11:19:46 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/11/21 18:40:46 | 000,157,128 | ---- | M] (Pro Softnet Corporation) [Auto | Running] -- C:\IDrive\IDriveE Service.exe -- (IDriveE Service)
SRV - [2011/08/19 21:31:14 | 001,248,256 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe -- (QBVSS)
SRV - [2011/08/19 21:30:58 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2011/05/20 14:24:48 | 000,317,296 | ---- | M] (Sierra Wireless, Inc.) [Auto | Running] -- C:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe -- (SwiCardDetectSvc)
SRV - [2011/03/09 11:41:10 | 000,491,920 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe -- (WDSC)
SRV - [2011/03/09 11:41:08 | 001,066,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe -- (WDFME)
SRV - [2011/02/11 13:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/08/27 14:28:00 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/08/10 23:55:58 | 000,248,688 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2009/07/14 23:10:30 | 000,042,368 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe -- (ConfigFree Gadget Service)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/10 22:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/05/28 12:45:44 | 000,297,472 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\swnc8ua3.sys -- (SWNC8UA3) Sierra Wireless MUX NDIS Driver (UMTSA3)
DRV:64bit: - [2011/05/16 12:44:24 | 000,109,312 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\swiwdmbx64.sys -- (swiwdmbx)
DRV:64bit: - [2011/05/13 14:54:14 | 000,258,432 | ---- | M] (Sierra Wireless Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\swg3kser00.sys -- (swg3kser00)
DRV:64bit: - [2011/04/27 15:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/18 16:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 05:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/07/21 17:59:28 | 000,045,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2010/01/19 10:55:34 | 001,088,544 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se)
DRV:64bit: - [2009/12/19 10:11:40 | 000,314,400 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/31 00:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/30 16:07:12 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/07/28 22:24:12 | 000,081,408 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdpe64.sys -- (risdpcie)
DRV:64bit: - [2009/07/28 14:10:44 | 000,016,448 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\PMCF.sys -- (PMCF)
DRV:64bit: - [2009/07/24 19:57:08 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2009/07/21 18:03:34 | 001,208,320 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/07/14 19:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 20:36:22 | 000,253,488 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/07/04 23:27:02 | 000,055,808 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpe64.sys -- (rixdpcie)
DRV:64bit: - [2009/07/02 12:54:52 | 000,060,416 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspe64.sys -- (rimspci)
DRV:64bit: - [2009/06/29 20:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)
DRV:64bit: - [2009/06/29 14:25:22 | 000,034,880 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\thpdrv.sys -- (Thpdrv)
DRV:64bit: - [2009/06/22 21:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009/06/19 23:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/19 22:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/06/17 12:54:46 | 000,040,976 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2009/06/17 12:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009/06/17 12:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/05 04:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {DF59BFAC-1369-44A4-BBB6-DC833D2A959D}
IE:64bit: - HKLM\..\SearchScopes\{DF59BFAC-1369-44A4-BBB6-DC833D2A959D}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60347
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
IE - HKLM\..\SearchScopes,DefaultScope = {CE162467-B7A8-4B40-A5FB-F98421821144}
IE - HKLM\..\SearchScopes\{CE162467-B7A8-4B40-A5FB-F98421821144}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {CE162467-B7A8-4B40-A5FB-F98421821144}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {CE162467-B7A8-4B40-A5FB-F98421821144}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2629332192-361817875-3049080968-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
IE - HKU\S-1-5-21-2629332192-361817875-3049080968-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60347
IE - HKU\S-1-5-21-2629332192-361817875-3049080968-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2629332192-361817875-3049080968-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-2629332192-361817875-3049080968-1001\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKU\S-1-5-21-2629332192-361817875-3049080968-1001\..\SearchScopes,DefaultScope = {DECA3892-BA8F-44b8-A993-A466AD694AE4}
IE - HKU\S-1-5-21-2629332192-361817875-3049080968-1001\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=60347
IE - HKU\S-1-5-21-2629332192-361817875-3049080968-1001\..\SearchScopes\{88B84894-4054-41B8-8DA4-275C2E9C8B95}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA_enUS364
IE - HKU\S-1-5-21-2629332192-361817875-3049080968-1001\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={4511BD6A-A7C2-4C2B-93E0-7C431E254FE2}&mid=c56c72cc6cd547d18ca2318208d3d6f4-a0b4e6120310c07a5b94a56f7c3db2334aecd1a2&lang=en&ds=AVG&pr=fr&d=&v=&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-2629332192-361817875-3049080968-1001\..\SearchScopes\{CE162467-B7A8-4B40-A5FB-F98421821144}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
IE - HKU\S-1-5-21-2629332192-361817875-3049080968-1001\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo.com/search?p={searchTerms}
IE - HKU\S-1-5-21-2629332192-361817875-3049080968-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2629332192-361817875-3049080968-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Crawler Search"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?fr=ffsp1&p="
FF - prefs.js..browser.search.order.1: "Crawler Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: foxmarks@kei.com:3.9.7
FF - prefs.js..extensions.enabledItems: DeviceDetection@logitech.com:1.20.0.66
FF - prefs.js..extensions.enabledItems: LogMeInClient@logmein.com:1.0.0.608
FF - prefs.js..keyword.URL: "http://www.crawler.com/search/dispatcher.aspx?tp=aus&tbid=60347&qkw="


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_2_202_228.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Absolute\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Absolute\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Absolute\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Absolute\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Absolute\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/19 17:02:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/01/14 10:14:02 | 000,000,000 | ---D | M]

[2010/01/29 22:26:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Absolute\AppData\Roaming\Mozilla\Extensions
[2012/03/13 13:52:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Absolute\AppData\Roaming\Mozilla\Firefox\Profiles\lq95puu5.default\extensions
[2012/03/13 13:52:52 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Absolute\AppData\Roaming\Mozilla\Firefox\Profiles\lq95puu5.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/08/09 21:39:17 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Users\Absolute\AppData\Roaming\Mozilla\Firefox\Profiles\lq95puu5.default\extensions\DeviceDetection@logitech.com
[2012/02/06 12:26:06 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Users\Absolute\AppData\Roaming\Mozilla\Firefox\Profiles\lq95puu5.default\extensions\LogMeInClient@logmein.com
[2012/02/04 09:56:30 | 000,000,000 | ---D | M] (GraphOn GO-Global) -- C:\Users\Absolute\AppData\Roaming\Mozilla\Firefox\Profiles\lq95puu5.default\extensions\support@graphon.com
[2012/02/06 12:26:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Absolute\AppData\Roaming\Mozilla\Firefox\Profiles\lq95puu5.default\extensions\TRASH
[2011/03/23 22:02:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/03/19 08:29:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/03/19 17:02:10 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/01/09 10:32:05 | 000,003,739 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/03/19 17:02:07 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/03/19 17:02:07 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2011/01/16 23:09:45 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll File not found
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-2629332192-361817875-3049080968-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe (LSI Corp.)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [attcm_AppStart.exe] C:\Program Files (x86)\AT&T\AT&T Communication Manager\attcm_AppStart.exe ()
O4 - HKLM..\Run: [BrStsWnd] C:\Program Files (x86)\Brownie\BrstsW64.exe (brother)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TUSBSleepChargeSrv] "%ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe" File not found
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2629332192-361817875-3049080968-1001..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Absolute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IDrive Tray.lnk = C:\IDrive\IDriveEReg2ini.exe (Pro Softnet Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2629332192-361817875-3049080968-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{47BA7EA8-DC0F-4CB4-886A-D8B8DF2B4734}: NameServer = 209.183.35.23 209.183.33.23
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{64E59808-6755-4E52-B952-4EA5791182EB}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A8196699-009A-4664-BCDC-DA73B457BBFF}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\intu-help-qb5 - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\qbwc - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\intu-help-qb5 {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files (x86)\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{53d03ab9-e8fb-11de-8ced-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{53d03ab9-e8fb-11de-8ced-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe
O33 - MountPoints2\{f8e473f4-40b1-11e1-919f-0026b6a472ed}\Shell - "" = AutoRun
O33 - MountPoints2\{f8e473f4-40b1-11e1-919f-0026b6a472ed}\Shell\AutoRun\command - "" = E:\unlock.exe autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/04/11 11:50:28 | 000,000,000 | ---D | C] -- C:\MGADiagToolOutput
[2012/04/11 11:49:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2012/04/10 10:12:36 | 000,000,000 | ---D | C] -- C:\Users\Absolute\AppData\Roaming\Yahoo!
[2012/04/08 23:07:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickBooks
[2012/04/08 23:02:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Nuance
[2012/04/08 23:02:33 | 000,000,000 | ---D | C] -- C:\ProgramData\SQL Anywhere 11
[2012/04/08 22:06:55 | 000,000,000 | ---D | C] -- C:\windows\Intuit
[2012/04/04 09:32:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012/04/04 09:32:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/03/31 09:55:44 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2012/03/23 20:22:44 | 000,000,000 | ---D | C] -- C:\dsi
[2012/03/14 12:17:19 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2012/03/14 12:17:18 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2012/03/14 12:17:18 | 003,913,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2012/03/14 12:09:24 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2012/03/14 12:09:19 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorekmts.dll
[2012/03/14 12:09:19 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpwsx.dll
[2012/03/14 12:09:19 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdrmemptylst.exe
[2012/03/14 12:08:26 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcore.dll
[2012/03/14 12:08:26 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpcore.dll
[2012/03/13 13:52:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/04/11 16:22:03 | 000,000,898 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/11 16:10:55 | 000,018,736 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/11 16:10:55 | 000,018,736 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/11 16:01:04 | 000,000,228 | ---- | M] () -- C:\windows\Brownie.ini
[2012/04/11 16:00:27 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/11 16:00:03 | 000,000,382 | ---- | M] () -- C:\windows\tasks\At2.job
[2012/04/11 16:00:03 | 000,000,382 | ---- | M] () -- C:\windows\tasks\At1.job
[2012/04/11 15:58:32 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/04/11 15:58:21 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/04/11 15:58:18 | 3017,777,152 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/11 15:43:00 | 000,000,920 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2629332192-361817875-3049080968-1001UA.job
[2012/04/11 14:35:44 | 548,506,661 | ---- | M] () -- C:\windows\MEMORY.DMP
[2012/04/11 10:56:57 | 000,000,090 | ---- | M] () -- C:\windows\QBChanUtil_Trigger.ini
[2012/04/11 09:43:01 | 000,000,868 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2629332192-361817875-3049080968-1001Core.job
[2012/04/10 12:32:00 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/09 08:58:35 | 000,786,746 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/04/09 08:58:35 | 000,665,578 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/04/09 08:58:35 | 000,123,314 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/04/09 08:50:25 | 005,044,504 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/04/08 23:07:46 | 000,002,445 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
[2012/04/08 23:07:46 | 000,002,232 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk
[2012/04/08 23:07:46 | 000,002,041 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk
[2012/04/08 22:50:57 | 000,780,962 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2012/04/04 09:33:19 | 000,001,945 | ---- | M] () -- C:\windows\epplauncher.mif
[2012/03/31 09:55:44 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2012/03/31 09:55:44 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/03/19 17:02:13 | 000,002,055 | ---- | M] () -- C:\Users\Absolute\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/03/13 13:52:34 | 000,001,170 | ---- | M] () -- C:\Users\Absolute\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/04/11 14:35:44 | 548,506,661 | ---- | C] () -- C:\windows\MEMORY.DMP
[2012/04/08 23:07:46 | 000,002,445 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
[2012/04/08 23:07:46 | 000,002,232 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk
[2012/04/08 23:07:46 | 000,002,041 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk
[2012/04/04 09:33:19 | 000,001,945 | ---- | C] () -- C:\windows\epplauncher.mif
[2012/04/04 09:32:34 | 000,001,908 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/04/03 10:29:28 | 004,396,334 | ---- | C] () -- C:\Users\Absolute\Desktop\Absolute_logo.eps
[2012/03/31 09:56:16 | 000,000,830 | ---- | C] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/03/13 13:52:34 | 000,001,170 | ---- | C] () -- C:\Users\Absolute\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2012/01/07 09:49:56 | 000,026,032 | ---- | C] () -- C:\windows\SysWow64\IDriveEXceedCryReg.exe
[2011/11/22 16:04:24 | 000,000,000 | ---- | C] () -- C:\Users\Absolute\AppData\Local\{D6C4F7F6-167D-48F7-B70B-97736FFFAA34}
[2011/03/07 17:23:02 | 000,780,962 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2010/12/01 13:46:41 | 000,000,000 | ---- | C] () -- C:\windows\ViewNX.INI
[2010/12/01 13:30:37 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Filters
[2010/12/01 13:30:37 | 000,000,268 | RH-- | C] () -- C:\Users\Absolute\AppData\Roaming\External Build System
[2010/12/01 13:30:37 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdw.DAT
[2010/12/01 13:30:37 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Fonts
[2010/12/01 13:27:13 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Filesystems
[2010/12/01 13:27:13 | 000,000,268 | RH-- | C] () -- C:\Users\Absolute\AppData\Roaming\Examples
[2010/12/01 13:27:13 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2010/12/01 13:27:13 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Flowers

< End of report >
Back to top
View user's profile Send private message
nealod
Warrior


Joined: 24 Sep 2010
Last Visit: 02 Oct 2013
Posts: 52

PostPosted: Thu Apr 12, 2012 4:17 am    Post subject: Reply with quote

OTL Extras logfile created on: 4/11/2012 3:00:53 PM - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Absolute\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 1.97 Gb Available Physical Memory | 52.69% Memory free
7.49 Gb Paging File | 5.58 Gb Available in Paging File | 74.47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 454.62 Gb Total Space | 380.26 Gb Free Space | 83.64% Space Free | Partition Type: NTFS

Computer Name: ABSOLUTE-LT | User Name: Absolute | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Users\Absolute\AppData\Local\Temp\RarSFX0\SwiApiMuxX.exe" = C:\Users\Absolute\AppData\Local\Temp\RarSFX0\SwiApiMuxX.exe:*:Enabled:SwiApiMuxX
"C:\Users\Absolute\AppData\Local\Temp\RarSFX0\SwiApiMuxX.exe" = C:\Users\Absolute\AppData\Local\Temp\RarSFX0\SwiApiMuxX.exe:*:Enabled:SwiApiMuxX


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{07179D37-D5FE-4373-90D9-A25B992EFB3E}" = WD SmartWare
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{20387B45-18A4-4D48-ABD9-A23D2CBE42B3}" = Dolby Control Center
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{563F041C-DFDB-437B-A1E8-E141E0906076}" = Microsoft IntelliPoint 8.0
"{5BCC94A1-DEF1-4AB4-8046-BC13048E929A}" = TOSHIBA ReelTime
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5E11C972-1E76-45FE-8F92-14E0D1140B1B}" = iTunes
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{81F3BC27-141B-635F-5D6B-5DE08D3B5884}" = ccc-utility64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F7D66C-777D-473B-AA11-319C0F190EAC}" = TOSHIBA Internal Modem Region Select Utility
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{94A90C69-71C1-470A-88F5-AA47ECC96B40}" = TOSHIBA HDD Protection
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A0880F03-8480-482E-1606-BC91669B0882}" = ATI Catalyst Install Manager
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F64684A0-754B-4637-B7F9-6E8DAA8CD5CD}" = TOSHIBA Bulletin Board
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"LTMOH" = LSI V92 MOH Application
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"TOSHIBA Software Modem" = TOSHIBA Software Modem

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{022CBB38-CEF0-42BA-906A-A49BEFAE0BEE}" = RICOH R5U230 Media Driver ver.2.06.03.02
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DB8F853-899A-8628-E0D7-29FB190CF848}" = Catalyst Control Center Graphics Full Existing
"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver
"{117BCF94-6A1E-6741-39F5-09444381445E}" = CCC Help Italian
"{1211D6B0-B7B5-CB9A-99A2-066473FC35CA}" = CCC Help Swedish
"{14956199-1890-C3D4-F8B8-3C0C6FD82993}" = ccc-core-static
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = TOSHIBA Assist
"{1D210042-41EE-4472-2219-6A900366B9A3}" = CCC Help French
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{22057D8D-7CC8-46FF-AD8C-9BD24F9014F3}" = QuickBooks Pro 2012
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader
"{25E202D1-D8E7-46AF-B4B0-157D9993A93E}" = QuickBooks
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 14
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2ABB6396-785C-E2CB-579E-79BAF98E0527}" = Catalyst Control Center Graphics Previews Vista
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3B843B38-04B1-4CE6-8888-586273E0F289}" = Quickbooks Financial Center
"{3E1B8E31-9692-207B-77B7-A8339AF03795}" = Catalyst Control Center Graphics Full New
"{3E9E68FB-49FA-410A-8787-424F2A506E0F}" = Business Plan Pro 15th Anniversary Edition
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{50F68032-B5B7-4513-9116-C978DBD8F27A}" = DVD MovieFactory for TOSHIBA
"{58630658-9DF7-E873-9F5D-0EAF87D25DAA}" = CCC Help Norwegian
"{594A3C2C-19B3-E02E-359C-B8D134F6B939}" = CCC Help Korean
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration
"{5DBC79DA-87D2-376D-A65D-B14097C06C71}" = Google Talk Plugin
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{6055830B-40E4-C794-3F04-2D0CD8AF1AAC}" = CCC Help Russian
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6A8DF70B-B55F-4392-A970-8FE0947E25A5}" = Essilor Phi Tracer
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6E932CA6-FD17-7694-FD7C-14CE25770EA5}" = Catalyst Control Center Graphics Previews Common
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73710AC1-F0EB-4D14-AFAB-6E2C8A23F883}" = Brother HL-2170W
"{739A6E9D-5D7D-8A5D-EC8A-4BD11E5749AA}" = CCC Help Hungarian
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8C72927B-7410-131A-E641-B9C505F4973C}" = CCC Help Japanese
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_WebDesigner_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_WebDesigner_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}_WebDesigner_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-0026-0000-0000-0000000FF1CE}" = Microsoft Expression Web
"{90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{9037FDA8-8383-4B6F-859D-D49C3C625225}" = Microsoft Expression Web Service Pack 1 (SP1)
"{90120000-0026-0409-0000-0000000FF1CE}" = Microsoft Expression Web MUI (English)
"{90120000-0026-0409-0000-0000000FF1CE}_WebDesigner_{C00A9857-850C-4C68-A583-2EF4F24706F5}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_WebDesigner_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_WebDesigner_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}_WebDesigner_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}_WebDesigner_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_WebDesigner_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{911AB6CA-E04C-1E98-523D-8FCFAB4F456C}" = CCC Help Czech
"{9216C6A7-694A-4437-BD00-BD1CF58E1839}" = CCC Help Spanish
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92DE68CE-BC3E-7323-EA53-99490C8BD34D}" = Catalyst Control Center Graphics Light
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9668AE11-E05C-8169-F6D8-FBF7B507D7DB}" = CCC Help German
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application Installer
"{979587FD-F264-3C71-B0BE-6FC8DA993790}" = CCC Help Thai
"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller
"{999307CD-D57D-8C98-27ED-07F384ACFAA1}" = CCC Help Turkish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FE10246-A876-4979-B345-CADE6863BD8E}" = TOSHIBA Supervisor Password
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7594D38-0B7E-BCF7-A938-1AC03A6477FB}" = CCC Help English
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
"{AC7BE07B-14D3-6EB5-814A-EB0A63CBFB47}" = CCC Help Polish
"{B1CDB3C6-8DD8-4864-8589-BDFBDA033941}" = CCC Help Chinese Traditional
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B4E96960-5F6B-48B9-A5BD-6A5A9BB4F027}" = Avery Wizard 3.1
"{BDABF8CD-7436-EC6C-DD82-439225E22557}" = CCC Help Finnish
"{C4C2BFEC-EA45-4097-A0F5-EFA0DEE38B2E}" = AT&T Communication Manager
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Toshiba Online Backup
"{C5A15C68-0DF3-8A13-352E-E605491D7E3D}" = Catalyst Control Center InstallProxy
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFAE78A9-A7A4-537E-7CC0-5A794FFBF73F}" = Catalyst Control Center Core Implementation
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D19A1978-2FB2-B39A-5D30-C1EA38F788DD}" = CCC Help Danish
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D45E8C45-B601-4A80-AFD8-E16338744DE1}" = ArcSoft Panorama Maker 4
"{D5D8637D-FA1C-4CAD-91FC-4ADB1C284A21}" = TOSHIBA Hardware Setup
"{D8634D93-03DD-01F1-AC7D-EE468AA24F45}" = CCC Help Dutch
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA84ECBF-4B79-47F2-B34C-95C38484C058}" = Skype Launcher
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E151E679-4EC8-36F9-A691-C7600688A1CA}" = CCC Help Chinese Standard
"{E3D63B95-4B21-414A-A2C7-D6D6A6AC6D79}" = Catalyst Control Center - Branding
"{E487EE7D-EAAA-4E2A-9116-E3B477D8A74F}" = TOSHIBA USB Sleep and Charge Utility
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application
"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EBC6193C-ED23-E332-9A9C-D5CB83CDDE2B}" = Catalyst Control Center Localization All
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{F007CBCE-D714-4C0B-8CE9-9B0D78116468}" = ViewNX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F3529665-D75E-4D6D-98F0-745C78C68E9B}" = TOSHIBA ConfigFree
"{F544CA20-6810-E275-D288-F0D92CFADE4A}" = CCC Help Greek
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FEED29DD-7BF3-582C-3353-1F2634C2323D}" = CCC Help Portuguese
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"75D56182-DDD4-4FE4-AFF6-B0A0BF210C0D" = dsi
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Amazon Kindle For PC" = Amazon Kindle For PC
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free RAR Extract Frog" = Free RAR Extract Frog
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IDrive_is1" = IDrive version 3.4.1 January 03, 2012
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}" = DVD MovieFactory for TOSHIBA
"InstallShield_{5BCC94A1-DEF1-4AB4-8046-BC13048E929A}" = TOSHIBA ReelTime
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{89F7D66C-777D-473B-AA11-319C0F190EAC}" = TOSHIBA Internal Modem Region Select Utility
"InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder
"InstallShield_{F64684A0-754B-4637-B7F9-6E8DAA8CD5CD}" = TOSHIBA Bulletin Board
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"Mozilla Firefox 11.0 (x86 en-US)" = Mozilla Firefox 11.0 (x86 en-US)
"TOSHIBA Game Console" = WildTangent ORB Game Console
"VLC media player" = VLC media player 1.0.3
"WebDesigner" = Microsoft Expression Web
"WildTangent toshiba Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"WT078087" = Blackhawk Striker 2
"WT078109" = FATE Undiscovered Realms
"WT078123" = Monopoly
"WT078129" = Polar Bowler
"WT078130" = Virtual Families
"WT078308" = Bejeweled 2 Deluxe
"WT078349" = Mystery P.I. - The Vegas Heist
"WT078385" = Virtual Villagers - The Secret City
"WT078475" = Scrabble Plus
"WT078491" = Faerie Solitaire
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"GoToMeeting" = GoToMeeting 4.5.0.457

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/11/2012 11:56:10 AM | Computer Name = Absolute-LT | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks Pro 2012": DBConnPool::HandleConnectionError
errorCode:-6069, dbCode:-103 from file:'.\.\src\ConnPool.cpp' at line 1038 from
function:'DBMgr::DBConnPool::ini

Error - 4/11/2012 1:40:59 PM | Computer Name = Absolute-LT | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 4/11/2012 1:40:59 PM | Computer Name = Absolute-LT | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1123

Error - 4/11/2012 1:40:59 PM | Computer Name = Absolute-LT | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1123

Error - 4/11/2012 1:41:00 PM | Computer Name = Absolute-LT | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 4/11/2012 1:41:00 PM | Computer Name = Absolute-LT | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2184

Error - 4/11/2012 1:41:00 PM | Computer Name = Absolute-LT | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2184

Error - 4/11/2012 2:42:25 PM | Computer Name = Absolute-LT | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
Hand

Error - 4/11/2012 2:42:25 PM | Computer Name = Absolute-LT | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
Hand

Error - 4/11/2012 2:42:25 PM | Computer Name = Absolute-LT | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
Hand

[ System Events ]
Error - 4/11/2012 1:42:37 PM | Computer Name = Absolute-LT | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 4/11/2012 2:36:43 PM | Computer Name = Absolute-LT | Source = EventLog | ID = 6008
Description = The previous system shutdown at 2:29:05 PM on ?4/?11/?2012 was unexpected.

Error - 4/11/2012 2:36:54 PM | Computer Name = ABSOLUTE-LT | Source = BugCheck | ID = 1001
Description =

Error - 4/11/2012 2:36:26 PM | Computer Name = Absolute-LT | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 4/11/2012 2:36:26 PM | Computer Name = Absolute-LT | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 4/11/2012 2:38:19 PM | Computer Name = Absolute-LT | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the WD
File Management Shadow Engine service to connect.

Error - 4/11/2012 2:38:19 PM | Computer Name = Absolute-LT | Source = Service Control Manager | ID = 7000
Description = The WD File Management Shadow Engine service failed to start due to
the following error: %%1053

Error - 4/11/2012 2:38:45 PM | Computer Name = ABSOLUTE-LT | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.

Feature:
%%835 Error Code: 0x80004005 Error description: Unspecified error Reason: %%842

Error - 4/11/2012 2:40:15 PM | Computer Name = Absolute-LT | Source = DCOM | ID = 10016
Description =

Error - 4/11/2012 2:46:17 PM | Computer Name = Absolute-LT | Source = Service Control Manager | ID = 7022
Description = The Windows Update service hung on starting.


< End of report >
Back to top
View user's profile Send private message
nealod
Warrior


Joined: 24 Sep 2010
Last Visit: 02 Oct 2013
Posts: 52

PostPosted: Thu Apr 12, 2012 4:18 am    Post subject: Reply with quote

14:56:36.0187 5212 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
14:56:36.0576 5212 ============================================================
14:56:36.0576 5212 Current date / time: 2012/04/11 14:56:36.0576
14:56:36.0576 5212 SystemInfo:
14:56:36.0576 5212
14:56:36.0576 5212 OS Version: 6.1.7601 ServicePack: 1.0
14:56:36.0576 5212 Product type: Workstation
14:56:36.0576 5212 ComputerName: ABSOLUTE-LT
14:56:36.0576 5212 UserName: Absolute
14:56:36.0576 5212 Windows directory: C:\windows
14:56:36.0576 5212 System windows directory: C:\windows
14:56:36.0577 5212 Running under WOW64
14:56:36.0577 5212 Processor architecture: Intel x64
14:56:36.0577 5212 Number of processors: 2
14:56:36.0577 5212 Page size: 0x1000
14:56:36.0577 5212 Boot type: Normal boot
14:56:36.0577 5212 ============================================================
14:56:37.0805 5212 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:56:37.0809 5212 \Device\Harddisk0\DR0:
14:56:37.0809 5212 MBR used
14:56:37.0809 5212 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38D3F800
14:56:37.0860 5212 Initialize success
14:56:37.0860 5212 ============================================================
14:56:46.0934 5808 ============================================================
14:56:46.0934 5808 Scan started
14:56:46.0934 5808 Mode: Manual;
14:56:46.0934 5808 ============================================================
14:56:48.0541 5808 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
14:56:48.0547 5808 1394ohci - ok
14:56:48.0591 5808 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
14:56:48.0599 5808 ACPI - ok
14:56:48.0805 5808 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
14:56:48.0807 5808 AcpiPmi - ok
14:56:48.0965 5808 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:56:48.0967 5808 AdobeARMservice - ok
14:56:49.0115 5808 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:56:49.0122 5808 AdobeFlashPlayerUpdateSvc - ok
14:56:49.0338 5808 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
14:56:49.0349 5808 adp94xx - ok
14:56:49.0532 5808 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
14:56:49.0541 5808 adpahci - ok
14:56:49.0580 5808 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
14:56:49.0583 5808 adpu320 - ok
14:56:49.0730 5808 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
14:56:49.0733 5808 AeLookupSvc - ok
14:56:49.0827 5808 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
14:56:49.0838 5808 AFD - ok
14:56:49.0916 5808 AgereModemAudio (b65f8dba54f251906bbe8611b5a0e7ab) C:\Program Files\LSI SoftModem\agr64svc.exe
14:56:49.0917 5808 AgereModemAudio - ok
14:56:50.0123 5808 AgereSoftModem (c98356d813b581e9c425b42a5d146ce0) C:\windows\system32\DRIVERS\agrsm64.sys
14:56:50.0142 5808 AgereSoftModem - ok
14:56:50.0328 5808 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
14:56:50.0331 5808 agp440 - ok
14:56:50.0380 5808 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
14:56:50.0383 5808 ALG - ok
14:56:50.0727 5808 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
14:56:50.0777 5808 aliide - ok
14:56:50.0980 5808 AMD External Events Utility (98a2774d3f18c107874c8c1163ebe484) C:\windows\system32\atiesrxx.exe
14:56:50.0986 5808 AMD External Events Utility - ok
14:56:51.0068 5808 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
14:56:51.0070 5808 amdide - ok
14:56:51.0221 5808 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
14:56:51.0224 5808 AmdK8 - ok
14:56:51.0296 5808 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
14:56:51.0299 5808 AmdPPM - ok
14:56:51.0467 5808 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
14:56:51.0471 5808 amdsata - ok
14:56:51.0544 5808 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
14:56:51.0549 5808 amdsbs - ok
14:56:51.0732 5808 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
14:56:51.0734 5808 amdxata - ok
14:56:51.0814 5808 ApfiltrService (1661f9c9e4b0049fa0a5e30264375a87) C:\windows\system32\DRIVERS\Apfiltr.sys
14:56:51.0821 5808 ApfiltrService - ok
14:56:52.0002 5808 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
14:56:52.0005 5808 AppID - ok
14:56:52.0075 5808 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
14:56:52.0077 5808 AppIDSvc - ok
14:56:52.0245 5808 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
14:56:52.0262 5808 Appinfo - ok
14:56:52.0357 5808 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:56:52.0361 5808 Apple Mobile Device - ok
14:56:52.0558 5808 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
14:56:52.0561 5808 arc - ok
14:56:52.0580 5808 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
14:56:52.0583 5808 arcsas - ok
14:56:52.0734 5808 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:56:52.0738 5808 aspnet_state - ok
14:56:52.0899 5808 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
14:56:52.0902 5808 AsyncMac - ok
14:56:52.0971 5808 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
14:56:52.0972 5808 atapi - ok
14:56:53.0044 5808 athr (e857eee6b92aaa473ebb3465add8f7e7) C:\windows\system32\DRIVERS\athrx.sys
14:56:53.0062 5808 athr - ok
14:56:53.0441 5808 atikmdag (173f4c05f87085e9bda3f7037bc9f40e) C:\windows\system32\DRIVERS\atikmdag.sys
14:56:53.0580 5808 atikmdag - ok
14:56:53.0772 5808 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\windows\system32\DRIVERS\AtiPcie.sys
14:56:53.0774 5808 AtiPcie - ok
14:56:53.0841 5808 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
14:56:53.0855 5808 AudioEndpointBuilder - ok
14:56:53.0867 5808 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
14:56:53.0872 5808 AudioSrv - ok
14:56:54.0094 5808 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
14:56:54.0098 5808 AxInstSV - ok
14:56:54.0189 5808 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
14:56:54.0200 5808 b06bdrv - ok
14:56:54.0401 5808 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
14:56:54.0408 5808 b57nd60a - ok
14:56:54.0500 5808 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
14:56:54.0504 5808 BDESVC - ok
14:56:54.0674 5808 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
14:56:54.0676 5808 Beep - ok
14:56:54.0783 5808 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
14:56:54.0798 5808 BFE - ok
14:56:54.0965 5808 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
14:56:54.0985 5808 BITS - ok
14:56:55.0186 5808 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
14:56:55.0189 5808 blbdrive - ok
14:56:55.0282 5808 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
14:56:55.0292 5808 Bonjour Service - ok
14:56:55.0489 5808 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
14:56:55.0492 5808 bowser - ok
14:56:55.0535 5808 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
14:56:55.0537 5808 BrFiltLo - ok
14:56:55.0701 5808 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
14:56:55.0703 5808 BrFiltUp - ok
14:56:55.0778 5808 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
14:56:55.0782 5808 Browser - ok
14:56:55.0813 5808 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
14:56:55.0818 5808 Brserid - ok
14:56:55.0849 5808 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
14:56:55.0851 5808 BrSerWdm - ok
14:56:56.0001 5808 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
14:56:56.0003 5808 BrUsbMdm - ok
14:56:56.0047 5808 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
14:56:56.0049 5808 BrUsbSer - ok
14:56:56.0084 5808 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
14:56:56.0087 5808 BTHMODEM - ok
14:56:56.0278 5808 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
14:56:56.0282 5808 bthserv - ok
14:56:56.0347 5808 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
14:56:56.0350 5808 cdfs - ok
14:56:56.0525 5808 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
14:56:56.0529 5808 cdrom - ok
14:56:56.0594 5808 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
14:56:56.0596 5808 CertPropSvc - ok
14:56:56.0687 5808 cfWiMAXService (837ff2d497880198c918e6954dbd170c) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
14:56:56.0693 5808 cfWiMAXService - ok
14:56:56.0881 5808 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
14:56:56.0884 5808 circlass - ok
14:56:56.0930 5808 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
14:56:56.0939 5808 CLFS - ok
14:56:57.0108 5808 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:56:57.0113 5808 clr_optimization_v2.0.50727_32 - ok
14:56:57.0151 5808 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:56:57.0154 5808 clr_optimization_v2.0.50727_64 - ok
14:56:57.0300 5808 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:56:57.0304 5808 clr_optimization_v4.0.30319_32 - ok
14:56:57.0374 5808 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:56:57.0379 5808 clr_optimization_v4.0.30319_64 - ok
14:56:57.0571 5808 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
14:56:57.0574 5808 CmBatt - ok
14:56:57.0622 5808 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
14:56:57.0624 5808 cmdide - ok
14:56:57.0839 5808 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
14:56:57.0849 5808 CNG - ok
14:56:58.0042 5808 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
14:56:58.0045 5808 Compbatt - ok
14:56:58.0099 5808 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
14:56:58.0101 5808 CompositeBus - ok
14:56:58.0240 5808 COMSysApp - ok
14:56:58.0327 5808 ConfigFree Gadget Service (d252c53bcdfc199bba55eeb10cdb266e) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
14:56:58.0329 5808 ConfigFree Gadget Service - ok
14:56:58.0364 5808 ConfigFree Service (cab0eeaf5295fc96ddd3e19dce27e131) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
14:56:58.0366 5808 ConfigFree Service - ok
14:56:58.0565 5808 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
14:56:58.0568 5808 crcdisk - ok
14:56:58.0637 5808 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\windows\system32\cryptsvc.dll
14:56:58.0642 5808 CryptSvc - ok
14:56:58.0817 5808 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
14:56:58.0831 5808 DcomLaunch - ok
14:56:58.0874 5808 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
14:56:58.0878 5808 defragsvc - ok
14:56:59.0222 5808 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
14:56:59.0226 5808 DfsC - ok
14:56:59.0392 5808 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
14:56:59.0401 5808 Dhcp - ok
14:56:59.0467 5808 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
14:56:59.0468 5808 discache - ok
14:56:59.0603 5808 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
14:56:59.0607 5808 Disk - ok
14:56:59.0651 5808 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
14:56:59.0654 5808 Dnscache - ok
14:56:59.0816 5808 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
14:56:59.0824 5808 dot3svc - ok
14:56:59.0868 5808 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
14:56:59.0873 5808 DPS - ok
14:57:00.0064 5808 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
14:57:00.0066 5808 drmkaud - ok
14:57:00.0132 5808 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
14:57:00.0152 5808 DXGKrnl - ok
14:57:00.0310 5808 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
14:57:00.0315 5808 EapHost - ok
14:57:00.0465 5808 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
14:57:00.0547 5808 ebdrv - ok
14:57:00.0690 5808 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
14:57:00.0702 5808 EFS - ok
14:57:00.0784 5808 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
14:57:00.0807 5808 ehRecvr - ok
14:57:00.0930 5808 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
14:57:00.0961 5808 ehSched - ok
14:57:01.0387 5808 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
14:57:01.0421 5808 elxstor - ok
14:57:01.0503 5808 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
14:57:01.0528 5808 ErrDev - ok
14:57:01.0647 5808 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
14:57:01.0657 5808 EventSystem - ok
14:57:01.0826 5808 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
14:57:01.0829 5808 exfat - ok
14:57:01.0883 5808 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
14:57:01.0886 5808 fastfat - ok
14:57:02.0052 5808 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
14:57:02.0069 5808 Fax - ok
14:57:02.0131 5808 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
14:57:02.0133 5808 fdc - ok
14:57:02.0294 5808 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
14:57:02.0297 5808 fdPHost - ok
14:57:02.0341 5808 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
14:57:02.0345 5808 FDResPub - ok
14:57:02.0504 5808 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
14:57:02.0507 5808 FileInfo - ok
14:57:02.0568 5808 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
14:57:02.0571 5808 Filetrace - ok
14:57:02.0601 5808 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
14:57:02.0602 5808 flpydisk - ok
14:57:02.0657 5808 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
14:57:02.0661 5808 FltMgr - ok
14:57:02.0831 5808 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
14:57:02.0848 5808 FontCache - ok
14:57:02.0928 5808 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:57:02.0931 5808 FontCache3.0.0.0 - ok
14:57:03.0092 5808 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
14:57:03.0094 5808 FsDepends - ok
14:57:03.0178 5808 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\windows\system32\DRIVERS\fssfltr.sys
14:57:03.0180 5808 fssfltr - ok
14:57:03.0283 5808 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
14:57:03.0315 5808 fsssvc - ok
14:57:03.0507 5808 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys
14:57:03.0510 5808 Fs_Rec - ok
14:57:03.0573 5808 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
14:57:03.0576 5808 fvevol - ok
14:57:03.0758 5808 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
14:57:03.0763 5808 gagp30kx - ok
14:57:03.0851 5808 GameConsoleService (4fbccbdd99a75c9efbc90392cf32af61) C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
14:57:03.0855 5808 GameConsoleService - ok
14:57:04.0046 5808 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
14:57:04.0047 5808 GEARAspiWDM - ok
14:57:04.0100 5808 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
14:57:04.0109 5808 gpsvc - ok
14:57:04.0220 5808 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:57:04.0224 5808 gupdate - ok
14:57:04.0266 5808 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:57:04.0267 5808 gupdatem - ok
14:57:04.0321 5808 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
14:57:04.0324 5808 gusvc - ok
14:57:04.0548 5808 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
14:57:04.0551 5808 hcw85cir - ok
14:57:04.0649 5808 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
14:57:04.0658 5808 HdAudAddService - ok
14:57:04.0957 5808 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
14:57:04.0961 5808 HDAudBus - ok
14:57:04.0994 5808 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
14:57:04.0997 5808 HidBatt - ok
14:57:05.0160 5808 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
14:57:05.0164 5808 HidBth - ok
14:57:05.0185 5808 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
14:57:05.0192 5808 HidIr - ok
14:57:05.0228 5808 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
14:57:05.0230 5808 hidserv - ok
14:57:05.0292 5808 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
14:57:05.0294 5808 HidUsb - ok
14:57:05.0453 5808 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
14:57:05.0458 5808 hkmsvc - ok
14:57:05.0593 5808 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
14:57:05.0598 5808 HomeGroupListener - ok
14:57:05.0746 5808 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
14:57:05.0750 5808 HomeGroupProvider - ok
14:57:05.0830 5808 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
14:57:05.0831 5808 HpSAMD - ok
14:57:06.0018 5808 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
14:57:06.0026 5808 HTTP - ok
14:57:06.0101 5808 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
14:57:06.0102 5808 hwpolicy - ok
14:57:06.0324 5808 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
14:57:06.0326 5808 i8042prt - ok
14:57:06.0416 5808 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
14:57:06.0423 5808 iaStorV - ok
14:57:06.0546 5808 IDriveE Service (4abaf0ee285bd49718a203d16972087a) C:\IDrive\IDriveE Service.exe
14:57:06.0614 5808 IDriveE Service - ok
14:57:06.0774 5808 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:57:06.0793 5808 IDriverT - ok
14:57:07.0023 5808 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:57:07.0043 5808 idsvc - ok
14:57:07.0219 5808 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
14:57:07.0222 5808 iirsp - ok
14:57:07.0293 5808 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
14:57:07.0306 5808 IKEEXT - ok
14:57:07.0540 5808 IntcAzAudAddService (b6e61b181884527cc5b68c2d79504b43) C:\windows\system32\drivers\RTKVHD64.sys
14:57:07.0568 5808 IntcAzAudAddService - ok
14:57:07.0759 5808 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
14:57:07.0761 5808 intelide - ok
14:57:07.0810 5808 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
14:57:07.0812 5808 intelppm - ok
14:57:07.0982 5808 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
14:57:07.0986 5808 IPBusEnum - ok
14:57:08.0072 5808 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
14:57:08.0076 5808 IpFilterDriver - ok
14:57:08.0133 5808 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
14:57:08.0141 5808 iphlpsvc - ok
14:57:08.0332 5808 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
14:57:08.0334 5808 IPMIDRV - ok
14:57:08.0382 5808 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
14:57:08.0386 5808 IPNAT - ok
14:57:08.0495 5808 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe
14:57:08.0515 5808 iPod Service - ok
14:57:08.0692 5808 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
14:57:08.0695 5808 IRENUM - ok
14:57:08.0737 5808 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
14:57:08.0738 5808 isapnp - ok
14:57:08.0911 5808 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
14:57:08.0916 5808 iScsiPrt - ok
14:57:08.0967 5808 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
14:57:08.0969 5808 kbdclass - ok
14:57:09.0249 5808 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
14:57:09.0250 5808 kbdhid - ok
14:57:09.0280 5808 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:57:09.0282 5808 KeyIso - ok
14:57:09.0316 5808 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
14:57:09.0318 5808 KSecDD - ok
14:57:09.0471 5808 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
14:57:09.0473 5808 KSecPkg - ok
14:57:09.0514 5808 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
14:57:09.0516 5808 ksthunk - ok
14:57:09.0565 5808 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
14:57:09.0571 5808 KtmRm - ok
14:57:09.0742 5808 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
14:57:09.0751 5808 LanmanServer - ok
14:57:09.0803 5808 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
14:57:09.0808 5808 LanmanWorkstation - ok
14:57:09.0916 5808 LBTServ (88e52495b47c67126b510af53fdb0bc7) C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
14:57:09.0920 5808 LBTServ - ok
14:57:10.0104 5808 LHidFilt (b6552d382ff070b4ed34cbd6737277c0) C:\windows\system32\DRIVERS\LHidFilt.Sys
14:57:10.0106 5808 LHidFilt - ok
14:57:10.0156 5808 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
14:57:10.0157 5808 lltdio - ok
14:57:10.0335 5808 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
14:57:10.0341 5808 lltdsvc - ok
14:57:10.0362 5808 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
14:57:10.0364 5808 lmhosts - ok
14:57:10.0441 5808 LMouFilt (73c1f563ab73d459dffe682d66476558) C:\windows\system32\DRIVERS\LMouFilt.Sys
14:57:10.0444 5808 LMouFilt - ok
14:57:10.0616 5808 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
14:57:10.0621 5808 LSI_FC - ok
14:57:10.0784 5808 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
14:57:10.0789 5808 LSI_SAS - ok
14:57:10.0826 5808 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
14:57:10.0828 5808 LSI_SAS2 - ok
14:57:10.0954 5808 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
14:57:10.0958 5808 LSI_SCSI - ok
14:57:11.0038 5808 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
14:57:11.0042 5808 luafv - ok
14:57:11.0201 5808 LUsbFilt (9d9714e78eac9e5368208649489c920e) C:\windows\system32\Drivers\LUsbFilt.Sys
14:57:11.0204 5808 LUsbFilt - ok
14:57:11.0263 5808 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
14:57:11.0266 5808 Mcx2Svc - ok
14:57:11.0338 5808 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
14:57:11.0340 5808 megasas - ok
14:57:11.0492 5808 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
14:57:11.0499 5808 MegaSR - ok
14:57:11.0594 5808 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
14:57:11.0598 5808 Microsoft Office Groove Audit Service - ok
14:57:11.0762 5808 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
14:57:11.0767 5808 MMCSS - ok
14:57:11.0839 5808 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
14:57:11.0840 5808 Modem - ok
14:57:11.0995 5808 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
14:57:12.0009 5808 monitor - ok
14:57:12.0093 5808 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
14:57:12.0095 5808 mouclass - ok
14:57:12.0248 5808 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
14:57:12.0251 5808 mouhid - ok
14:57:12.0336 5808 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
14:57:12.0338 5808 mountmgr - ok
14:57:12.0538 5808 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\windows\system32\DRIVERS\MpFilter.sys
14:57:12.0547 5808 MpFilter - ok
14:57:12.0616 5808 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
14:57:12.0619 5808 mpio - ok
14:57:12.0823 5808 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\windows\system32\DRIVERS\MpNWMon.sys
14:57:12.0826 5808 MpNWMon - ok
14:57:12.0917 5808 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
14:57:12.0919 5808 mpsdrv - ok
14:57:13.0032 5808 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
14:57:13.0047 5808 MpsSvc - ok
14:57:13.0257 5808 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
14:57:13.0259 5808 MRxDAV - ok
14:57:13.0307 5808 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
14:57:13.0310 5808 mrxsmb - ok
14:57:13.0503 5808 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
14:57:13.0509 5808 mrxsmb10 - ok
14:57:13.0567 5808 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
14:57:13.0569 5808 mrxsmb20 - ok
14:57:13.0754 5808 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
14:57:13.0755 5808 msahci - ok
14:57:13.0805 5808 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
14:57:13.0808 5808 msdsm - ok
14:57:13.0959 5808 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
14:57:13.0965 5808 MSDTC - ok
14:57:14.0048 5808 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
14:57:14.0049 5808 Msfs - ok
14:57:14.0182 5808 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
14:57:14.0183 5808 mshidkmdf - ok
14:57:14.0227 5808 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
14:57:14.0228 5808 msisadrv - ok
14:57:14.0274 5808 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
14:57:14.0277 5808 MSiSCSI - ok
14:57:14.0409 5808 msiserver - ok
14:57:14.0493 5808 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
14:57:14.0494 5808 MSKSSRV - ok
14:57:14.0588 5808 MsMpSvc (157e9e498206a3366baa7e4697bdd947) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
14:57:14.0588 5808 MsMpSvc - ok
14:57:14.0794 5808 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
14:57:14.0796 5808 MSPCLOCK - ok
14:57:14.0816 5808 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
14:57:14.0818 5808 MSPQM - ok
14:57:14.0877 5808 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
14:57:14.0882 5808 MsRPC - ok
14:57:15.0064 5808 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
14:57:15.0065 5808 mssmbios - ok
14:57:15.0115 5808 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
14:57:15.0116 5808 MSTEE - ok
14:57:15.0268 5808 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
14:57:15.0271 5808 MTConfig - ok
14:57:15.0303 5808 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
14:57:15.0305 5808 Mup - ok
14:57:15.0351 5808 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
14:57:15.0358 5808 napagent - ok
14:57:15.0582 5808 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
14:57:15.0586 5808 NativeWifiP - ok
14:57:15.0797 5808 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
14:57:15.0808 5808 NDIS - ok
14:57:16.0009 5808 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
14:57:16.0012 5808 NdisCap - ok
14:57:16.0052 5808 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
14:57:16.0056 5808 NdisTapi - ok
14:57:16.0238 5808 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
14:57:16.0241 5808 Ndisuio - ok
14:57:16.0284 5808 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
14:57:16.0287 5808 NdisWan - ok
14:57:16.0466 5808 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
14:57:16.0468 5808 NDProxy - ok
14:57:16.0519 5808 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
14:57:16.0522 5808 NetBIOS - ok
14:57:16.0771 5808 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
14:57:16.0774 5808 NetBT - ok
14:57:16.0847 5808 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:57:16.0850 5808 Netlogon - ok
14:57:17.0269 5808 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
14:57:17.0308 5808 Netman - ok
14:57:17.0451 5808 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:17.0455 5808 NetMsmqActivator - ok
14:57:17.0464 5808 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:17.0465 5808 NetPipeActivator - ok
14:57:17.0634 5808 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
14:57:17.0646 5808 netprofm - ok
14:57:17.0796 5808 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:17.0798 5808 NetTcpActivator - ok
14:57:17.0816 5808 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:17.0819 5808 NetTcpPortSharing - ok
14:57:17.0991 5808 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
14:57:17.0994 5808 nfrd960 - ok
14:57:18.0080 5808 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\windows\system32\DRIVERS\NisDrvWFP.sys
14:57:18.0083 5808 NisDrv - ok
14:57:18.0172 5808 NisSrv (566ddd5d82520da01d75f81428ac4c38) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
14:57:18.0177 5808 NisSrv - ok
14:57:18.0361 5808 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
14:57:18.0366 5808 NlaSvc - ok
14:57:18.0420 5808 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
14:57:18.0422 5808 Npfs - ok
14:57:18.0568 5808 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
14:57:18.0569 5808 nsi - ok
14:57:18.0588 5808 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
14:57:18.0589 5808 nsiproxy - ok
14:57:18.0692 5808 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
14:57:18.0713 5808 Ntfs - ok
14:57:18.0885 5808 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
14:57:18.0886 5808 Null - ok
14:57:18.0945 5808 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
14:57:18.0947 5808 nvraid - ok
14:57:19.0195 5808 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
14:57:19.0198 5808 nvstor - ok
14:57:19.0275 5808 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
14:57:19.0277 5808 nv_agp - ok
14:57:19.0392 5808 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:57:19.0399 5808 odserv - ok
14:57:19.0688 5808 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
14:57:19.0689 5808 ohci1394 - ok
14:57:19.0793 5808 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:57:19.0796 5808 ose - ok
14:57:20.0100 5808 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
14:57:20.0105 5808 p2pimsvc - ok
14:57:20.0152 5808 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
14:57:20.0159 5808 p2psvc - ok
14:57:20.0396 5808 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
14:57:20.0399 5808 Parport - ok
14:57:20.0475 5808 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\windows\system32\drivers\partmgr.sys
14:57:20.0477 5808 partmgr - ok
14:57:20.0689 5808 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
14:57:20.0693 5808 PcaSvc - ok
14:57:20.0785 5808 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
14:57:20.0788 5808 pci - ok
14:57:20.0821 5808 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
14:57:20.0837 5808 pciide - ok
14:57:21.0113 5808 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
14:57:21.0117 5808 pcmcia - ok
14:57:21.0198 5808 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
14:57:21.0215 5808 pcw - ok
14:57:21.0318 5808 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
14:57:21.0328 5808 PEAUTH - ok
14:57:21.0428 5808 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
14:57:21.0430 5808 PerfHost - ok
14:57:21.0706 5808 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys
14:57:21.0708 5808 PGEffect - ok
14:57:21.0969 5808 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
14:57:21.0999 5808 pla - ok
14:57:22.0152 5808 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
14:57:22.0160 5808 PlugPlay - ok
14:57:22.0262 5808 PMCF (60795ae1e34bcf4ff731f55a6cda9a86) C:\windows\system32\drivers\PMCF.sys
14:57:22.0264 5808 PMCF - ok
14:57:22.0410 5808 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
14:57:22.0415 5808 PNRPAutoReg - ok
14:57:22.0483 5808 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
14:57:22.0494 5808 PNRPsvc - ok
14:57:22.0715 5808 Point64 (b8d8ec78b0f9ed8e220506181274f3d3) C:\windows\system32\DRIVERS\point64.sys
14:57:22.0717 5808 Point64 - ok
14:57:22.0808 5808 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
14:57:22.0815 5808 PolicyAgent - ok
14:57:22.0874 5808 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
14:57:22.0878 5808 Power - ok
14:57:23.0059 5808 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
14:57:23.0062 5808 PptpMiniport - ok
14:57:23.0149 5808 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
14:57:23.0151 5808 Processor - ok
14:57:23.0254 5808 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\windows\system32\profsvc.dll
14:57:23.0258 5808 ProfSvc - ok
14:57:23.0415 5808 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:57:23.0417 5808 ProtectedStorage - ok
14:57:23.0574 5808 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
14:57:23.0576 5808 Psched - ok
14:57:23.0711 5808 QBCFMonitorService (933d92f0bd1d7a9835cd8a8b1235a11e) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
14:57:23.0734 5808 QBCFMonitorService - ok
14:57:23.0895 5808 QBFCService (6bee1814470dc12fa20c53dfc3c97ebb) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
14:57:23.0917 5808 QBFCService - ok
14:57:24.0218 5808 QBVSS (25fc19badf78b7fb1d835aac4b0b91a5) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
14:57:24.0356 5808 QBVSS - ok
14:57:24.0618 5808 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
14:57:24.0635 5808 ql2300 - ok
14:57:24.0837 5808 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
14:57:24.0861 5808 ql40xx - ok
14:57:24.0906 5808 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
14:57:24.0911 5808 QWAVE - ok
14:57:24.0983 5808 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
14:57:24.0984 5808 QWAVEdrv - ok
14:57:25.0208 5808 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
14:57:25.0213 5808 RasAcd - ok
14:57:25.0308 5808 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
14:57:25.0318 5808 RasAgileVpn - ok
14:57:25.0506 5808 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
14:57:25.0510 5808 RasAuto - ok
14:57:25.0593 5808 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
14:57:25.0595 5808 Rasl2tp - ok
14:57:25.0681 5808 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
14:57:25.0688 5808 RasMan - ok
14:57:25.0871 5808 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
14:57:25.0873 5808 RasPppoe - ok
14:57:25.0986 5808 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
14:57:25.0988 5808 RasSstp - ok
14:57:26.0063 5808 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
14:57:26.0067 5808 rdbss - ok
14:57:26.0235 5808 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
14:57:26.0257 5808 rdpbus - ok
14:57:26.0322 5808 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
14:57:26.0323 5808 RDPCDD - ok
14:57:26.0357 5808 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
14:57:26.0357 5808 RDPENCDD - ok
14:57:26.0513 5808 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
14:57:26.0513 5808 RDPREFMP - ok
14:57:26.0600 5808 RDPWD (6d76e6433574b058adcb0c50df834492) C:\windows\system32\drivers\RDPWD.sys
14:57:26.0603 5808 RDPWD - ok
14:57:26.0779 5808 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
14:57:26.0782 5808 rdyboost - ok
14:57:26.0957 5808 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
14:57:26.0963 5808 RemoteAccess - ok
14:57:27.0016 5808 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
14:57:27.0020 5808 RemoteRegistry - ok
14:57:27.0162 5808 rimspci (e20b1907fc72a3664ece21e3c20fc63d) C:\windows\system32\DRIVERS\rimspe64.sys
14:57:27.0164 5808 rimspci - ok
14:57:27.0320 5808 risdpcie (7dda2e5cf452dad24b1be704225c18ee) C:\windows\system32\DRIVERS\risdpe64.sys
14:57:27.0322 5808 risdpcie - ok
14:57:27.0388 5808 rixdpcie (6a1cd4674505e6791390a1ab71da1fbe) C:\windows\system32\DRIVERS\rixdpe64.sys
14:57:27.0390 5808 rixdpcie - ok
14:57:27.0557 5808 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
14:57:27.0559 5808 RpcEptMapper - ok
14:57:27.0589 5808 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
14:57:27.0591 5808 RpcLocator - ok
14:57:27.0638 5808 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
14:57:27.0643 5808 RpcSs - ok
14:57:27.0713 5808 RSELSVC - ok
14:57:27.0903 5808 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
14:57:27.0905 5808 rspndr - ok
14:57:27.0949 5808 RTL8167 (66f9f7161d147b6486a22feb9425930d) C:\windows\system32\DRIVERS\Rt64win7.sys
14:57:27.0953 5808 RTL8167 - ok
14:57:28.0148 5808 rtl8192se (03e0627c26943916a7276ac5306206c7) C:\windows\system32\DRIVERS\rtl8192se.sys
14:57:28.0161 5808 rtl8192se - ok
14:57:28.0315 5808 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:57:28.0317 5808 SamSs - ok
14:57:28.0382 5808 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
14:57:28.0384 5808 sbp2port - ok
14:57:28.0540 5808 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
14:57:28.0544 5808 SCardSvr - ok
14:57:28.0621 5808 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
14:57:28.0623 5808 scfilter - ok
14:57:28.0813 5808 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
14:57:28.0827 5808 Schedule - ok
14:57:28.0996 5808 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
14:57:28.0997 5808 SCPolicySvc - ok
14:57:29.0079 5808 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\windows\system32\drivers\sdbus.sys
14:57:29.0082 5808 sdbus - ok
14:57:29.0255 5808 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
14:57:29.0259 5808 SDRSVC - ok
14:57:29.0319 5808 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
14:57:29.0321 5808 secdrv - ok
14:57:29.0494 5808 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
14:57:29.0496 5808 seclogon - ok
14:57:29.0533 5808 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
14:57:29.0536 5808 SENS - ok
14:57:29.0791 5808 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
14:57:29.0802 5808 SensrSvc - ok
14:57:29.0908 5808 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
14:57:29.0909 5808 Serenum - ok
14:57:30.0064 5808 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
14:57:30.0068 5808 Serial - ok
14:57:30.0118 5808 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
14:57:30.0119 5808 sermouse - ok
14:57:30.0195 5808 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
14:57:30.0198 5808 SessionEnv - ok
14:57:30.0306 5808 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
14:57:30.0308 5808 sffdisk - ok
14:57:30.0475 5808 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
14:57:30.0477 5808 sffp_mmc - ok
14:57:30.0498 5808 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
14:57:30.0500 5808 sffp_sd - ok
14:57:30.0548 5808 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
14:57:30.0550 5808 sfloppy - ok
14:57:30.0638 5808 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
14:57:30.0644 5808 SharedAccess - ok
14:57:30.0692 5808 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
14:57:30.0698 5808 ShellHWDetection - ok
14:57:30.0882 5808 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
14:57:30.0884 5808 SiSRaid2 - ok
14:57:30.0895 5808 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
14:57:30.0901 5808 SiSRaid4 - ok
14:57:31.0090 5808 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
14:57:31.0094 5808 Smb - ok
14:57:31.0129 5808 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
14:57:31.0131 5808 SNMPTRAP - ok
14:57:31.0153 5808 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
14:57:31.0154 5808 spldr - ok
14:57:31.0359 5808 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
14:57:31.0374 5808 Spooler - ok
14:57:31.0503 5808 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
14:57:31.0603 5808 sppsvc - ok
14:57:31.0743 5808 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
14:57:31.0749 5808 sppuinotify - ok
14:57:31.0835 5808 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
14:57:31.0846 5808 srv - ok
14:57:32.0055 5808 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
14:57:32.0065 5808 srv2 - ok
14:57:32.0134 5808 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
14:57:32.0138 5808 srvnet - ok
14:57:32.0286 5808 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
14:57:32.0290 5808 SSDPSRV - ok
14:57:32.0323 5808 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
14:57:32.0325 5808 SstpSvc - ok
14:57:32.0390 5808 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
14:57:32.0393 5808 stexstor - ok
14:57:32.0569 5808 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
14:57:32.0586 5808 stisvc - ok
14:57:32.0671 5808 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
14:57:32.0672 5808 swenum - ok
14:57:32.0827 5808 swg3kser00 (9f0a0c3ee91fd7cb709f7d0d97207f7e) C:\windows\system32\DRIVERS\swg3kser00.sys
14:57:32.0836 5808 swg3kser00 - ok
14:57:32.0910 5808 SwiCardDetectSvc (7759bb08cf43b2dbf9e151bbf827add2) C:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe
14:57:33.0038 5808 SwiCardDetectSvc - ok
14:57:33.0269 5808 swiwdmbx (c6a7e54a31803e6f95e23d1b5d967d57) C:\windows\system32\DRIVERS\swiwdmbx64.sys
14:57:33.0273 5808 swiwdmbx - ok
14:57:33.0346 5808 SWNC8UA3 (dc345fc7ce9ba3005153062407263bb2) C:\windows\system32\DRIVERS\swnc8ua3.sys
14:57:33.0355 5808 SWNC8UA3 - ok
14:57:33.0520 5808 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
14:57:33.0535 5808 swprv - ok
14:57:33.0758 5808 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
14:57:33.0777 5808 SysMain - ok
14:57:33.0928 5808 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
14:57:33.0931 5808 TabletInputService - ok
14:57:33.0954 5808 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
14:57:33.0960 5808 TapiSrv - ok
14:57:34.0122 5808 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
14:57:34.0128 5808 TBS - ok
14:57:34.0258 5808 Tcpip (fc62769e7bff2896035aeed399108162) C:\windows\system32\drivers\tcpip.sys
14:57:34.0285 5808 Tcpip - ok
14:57:34.0599 5808 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\windows\system32\DRIVERS\tcpip.sys
14:57:34.0611 5808 TCPIP6 - ok
14:57:34.0798 5808 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
14:57:34.0801 5808 tcpipreg - ok
14:57:34.0863 5808 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
14:57:34.0866 5808 tdcmdpst - ok
14:57:35.0057 5808 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
14:57:35.0059 5808 TDPIPE - ok
14:57:35.0106 5808 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
14:57:35.0109 5808 TDTCP - ok
14:57:35.0297 5808 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
14:57:35.0301 5808 tdx - ok
14:57:35.0345 5808 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
14:57:35.0348 5808 TermDD - ok
14:57:35.0523 5808 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
14:57:35.0533 5808 TermService - ok
14:57:35.0681 5808 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
14:57:35.0687 5808 Themes - ok
14:57:35.0771 5808 Thpdrv (c013f6acaa9761f571bd28dada7c157d) C:\windows\system32\DRIVERS\thpdrv.sys
14:57:35.0773 5808 Thpdrv - ok
14:57:35.0918 5808 Thpevm (b4e609047434ed948af7bdef2fa66e38) C:\windows\system32\DRIVERS\Thpevm.SYS
14:57:35.0920 5808 Thpevm - ok
14:57:35.0981 5808 Thpsrv (6146eac71ae3c9da17b0e33632082b7b) C:\windows\system32\ThpSrv.exe
14:57:36.0019 5808 Thpsrv - ok
14:57:36.0319 5808 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
14:57:36.0323 5808 THREADORDER - ok
14:57:36.0422 5808 TMachInfo (f120967184a27e927052e8ddbb727851) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
14:57:36.0425 5808 TMachInfo - ok
14:57:36.0591 5808 TODDSrv (ed32035bdfeced1ad66d459fd9cc1140) C:\Windows\system32\TODDSrv.exe
14:57:36.0605 5808 TODDSrv - ok
14:57:36.0726 5808 TosCoSrv (06c61275adc64f1e36240a2287998a5e) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
14:57:36.0736 5808 TosCoSrv - ok
14:57:36.0803 5808 TOSHIBA eco Utility Service (707800855afbd7648375efb1519b8d6d) C:\Program Files\TOSHIBA\TECO\TecoService.exe
14:57:36.0807 5808 TOSHIBA eco Utility Service - ok
14:57:37.0107 5808 TOSHIBA HDD SSD Alert Service (eda12e9bc9a0f104c24101720eec4785) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
14:57:37.0200 5808 TOSHIBA HDD SSD Alert Service - ok
14:57:37.0425 5808 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\windows\system32\DRIVERS\tos_sps64.sys
14:57:37.0432 5808 tos_sps64 - ok
14:57:37.0542 5808 TPCHSrv (de64c52bd0671165cf2eebf2a728a3e2) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
14:57:37.0563 5808 TPCHSrv - ok
14:57:37.0815 5808 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
14:57:37.0818 5808 TrkWks - ok
14:57:37.0914 5808 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
14:57:37.0917 5808 TrustedInstaller - ok
14:57:38.0076 5808 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
14:57:38.0079 5808 tssecsrv - ok
14:57:38.0174 5808 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
14:57:38.0175 5808 TsUsbFlt - ok
14:57:38.0344 5808 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
14:57:38.0347 5808 tunnel - ok
14:57:38.0418 5808 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
14:57:38.0420 5808 TVALZ - ok
14:57:38.0576 5808 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys
14:57:38.0578 5808 TVALZFL - ok
14:57:38.0658 5808 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
14:57:38.0662 5808 uagp35 - ok
14:57:38.0713 5808 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
14:57:38.0719 5808 udfs - ok
14:57:38.0862 5808 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
14:57:38.0866 5808 UI0Detect - ok
14:57:38.0955 5808 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
14:57:38.0958 5808 uliagpkx - ok
14:57:39.0051 5808 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys
14:57:39.0062 5808 umbus - ok
14:57:39.0203 5808 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
14:57:39.0204 5808 UmPass - ok
14:57:39.0267 5808 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
14:57:39.0273 5808 upnphost - ok
14:57:39.0363 5808 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\windows\system32\Drivers\usbaapl64.sys
14:57:39.0398 5808 USBAAPL64 - ok
14:57:39.0542 5808 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
14:57:39.0546 5808 usbccgp - ok
14:57:39.0606 5808 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
14:57:39.0611 5808 usbcir - ok
14:57:39.0636 5808 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
14:57:39.0638 5808 usbehci - ok
14:57:39.0724 5808 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
14:57:39.0730 5808 usbhub - ok
14:57:39.0885 5808 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\DRIVERS\usbohci.sys
14:57:39.0888 5808 usbohci - ok
14:57:39.0944 5808 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
14:57:39.0947 5808 usbprint - ok
14:57:40.0104 5808 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
14:57:40.0133 5808 USBSTOR - ok
14:57:40.0179 5808 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
14:57:40.0181 5808 usbuhci - ok
14:57:40.0347 5808 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
14:57:40.0353 5808 usbvideo - ok
14:57:40.0406 5808 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
14:57:40.0413 5808 UxSms - ok
14:57:40.0538 5808 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:57:40.0542 5808 VaultSvc - ok
14:57:40.0689 5808 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
14:57:40.0693 5808 vdrvroot - ok
14:57:40.0750 5808 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
14:57:40.0761 5808 vds - ok
14:57:40.0945 5808 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
14:57:40.0947 5808 vga - ok
14:57:40.0984 5808 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
14:57:40.0985 5808 VgaSave - ok
14:57:41.0177 5808 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
14:57:41.0183 5808 vhdmp - ok
14:57:41.0214 5808 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
14:57:41.0216 5808 viaide - ok
14:57:41.0421 5808 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
14:57:41.0424 5808 volmgr - ok
14:57:41.0479 5808 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
14:57:41.0484 5808 volmgrx - ok
14:57:41.0684 5808 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
14:57:41.0688 5808 volsnap - ok
14:57:41.0733 5808 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
14:57:41.0736 5808 vsmraid - ok
14:57:41.0936 5808 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
14:57:41.0962 5808 VSS - ok
14:57:42.0027 5808 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
14:57:42.0028 5808 vwifibus - ok
14:57:42.0170 5808 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
14:57:42.0172 5808 vwififlt - ok
14:57:42.0214 5808 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
14:57:42.0221 5808 W32Time - ok
14:57:42.0414 5808 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
14:57:42.0416 5808 WacomPen - ok
14:57:42.0484 5808 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
14:57:42.0487 5808 WANARP - ok
14:57:42.0510 5808 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
14:57:42.0511 5808 Wanarpv6 - ok
14:57:42.0722 5808 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
14:57:42.0748 5808 WatAdminSvc - ok
14:57:42.0842 5808 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
14:57:42.0862 5808 wbengine - ok
14:57:43.0014 5808 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
14:57:43.0023 5808 WbioSrvc - ok
14:57:43.0080 5808 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
14:57:43.0092 5808 wcncsvc - ok
14:57:43.0243 5808 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
14:57:43.0249 5808 WcsPlugInService - ok
14:57:43.0318 5808 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
14:57:43.0320 5808 Wd - ok
14:57:43.0479 5808 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\windows\system32\DRIVERS\wdcsam64.sys
14:57:43.0482 5808 WDC_SAM - ok
14:57:43.0555 5808 WDDMService (e6050fe6b60fa91188b8abdb5b1e339f) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
14:57:43.0561 5808 WDDMService - ok
14:57:43.0761 5808 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
14:57:43.0775 5808 Wdf01000 - ok
14:57:43.0893 5808 WDFME (b83d5071b32a70bebdb3330bfa7acb80) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
14:57:43.0907 5808 WDFME - ok
14:57:44.0055 5808 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
14:57:44.0061 5808 WdiServiceHost - ok
14:57:44.0071 5808 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
14:57:44.0077 5808 WdiSystemHost - ok
14:57:44.0165 5808 WDSC (517de2c5568cba6b2a24a557ac60c30b) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
14:57:44.0207 5808 WDSC - ok
14:57:44.0377 5808 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
14:57:44.0388 5808 WebClient - ok
14:57:44.0431 5808 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
14:57:44.0436 5808 Wecsvc - ok
14:57:44.0572 5808 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
14:57:44.0578 5808 wercplsupport - ok
14:57:44.0616 5808 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
14:57:44.0620 5808 WerSvc - ok
14:57:44.0703 5808 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
14:57:44.0706 5808 WfpLwf - ok
14:57:44.0739 5808 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
14:57:44.0741 5808 WIMMount - ok
14:57:44.0788 5808 WinDefend - ok
14:57:44.0812 5808 WinHttpAutoProxySvc - ok
14:57:44.0990 5808 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
14:57:44.0996 5808 Winmgmt - ok
14:57:45.0097 5808 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
14:57:45.0128 5808 WinRM - ok
14:57:45.0340 5808 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
14:57:45.0343 5808 WinUsb - ok
14:57:45.0406 5808 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
14:57:45.0427 5808 Wlansvc - ok
14:57:45.0513 5808 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:57:45.0516 5808 wlcrasvc - ok
14:57:45.0704 5808 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:57:45.0732 5808 wlidsvc - ok
14:57:45.0908 5808 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
14:57:45.0910 5808 WmiAcpi - ok
14:57:45.0975 5808 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
14:57:45.0979 5808 wmiApSrv - ok
14:57:46.0029 5808 WMPNetworkSvc - ok
14:57:46.0190 5808 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
14:57:46.0196 5808 WPCSvc - ok
14:57:46.0250 5808 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
14:57:46.0255 5808 WPDBusEnum - ok
14:57:46.0323 5808 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
14:57:46.0325 5808 ws2ifsl - ok
14:57:46.0701 5808 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll
14:57:46.0727 5808 wscsvc - ok
14:57:46.0814 5808 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96
Back to top
View user's profile Send private message
Cypher
Moderator


Joined: 05 Jul 2009
Last Visit: 22 Jul 2014
Posts: 4571
Location: Land Of The Leprechauns

PostPosted: Thu Apr 12, 2012 7:49 am    Post subject: Reply with quote

Hi nealod ,
The TDSSKiller log is still incomplete.
I need you to post the whole log, if you need to split it up into separate post.
_________________
Admin/Teacher at Malware Removal University
Member of...

Back to top
View user's profile Send private message
nealod
Warrior


Joined: 24 Sep 2010
Last Visit: 02 Oct 2013
Posts: 52

PostPosted: Thu Apr 12, 2012 8:07 am    Post subject: Reply with quote

14:56:36.0187 5212 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
14:56:36.0576 5212 ============================================================
14:56:36.0576 5212 Current date / time: 2012/04/11 14:56:36.0576
14:56:36.0576 5212 SystemInfo:
14:56:36.0576 5212
14:56:36.0576 5212 OS Version: 6.1.7601 ServicePack: 1.0
14:56:36.0576 5212 Product type: Workstation
14:56:36.0576 5212 ComputerName: ABSOLUTE-LT
14:56:36.0576 5212 UserName: Absolute
14:56:36.0576 5212 Windows directory: C:\windows
14:56:36.0576 5212 System windows directory: C:\windows
14:56:36.0577 5212 Running under WOW64
14:56:36.0577 5212 Processor architecture: Intel x64
14:56:36.0577 5212 Number of processors: 2
14:56:36.0577 5212 Page size: 0x1000
14:56:36.0577 5212 Boot type: Normal boot
14:56:36.0577 5212 ============================================================
14:56:37.0805 5212 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:56:37.0809 5212 \Device\Harddisk0\DR0:
14:56:37.0809 5212 MBR used
14:56:37.0809 5212 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38D3F800
14:56:37.0860 5212 Initialize success
14:56:37.0860 5212 ============================================================
14:56:46.0934 5808 ============================================================
14:56:46.0934 5808 Scan started
14:56:46.0934 5808 Mode: Manual;
14:56:46.0934 5808 ============================================================
14:56:48.0541 5808 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
14:56:48.0547 5808 1394ohci - ok
14:56:48.0591 5808 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
14:56:48.0599 5808 ACPI - ok
14:56:48.0805 5808 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
14:56:48.0807 5808 AcpiPmi - ok
14:56:48.0965 5808 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:56:48.0967 5808 AdobeARMservice - ok
14:56:49.0115 5808 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:56:49.0122 5808 AdobeFlashPlayerUpdateSvc - ok
14:56:49.0338 5808 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
14:56:49.0349 5808 adp94xx - ok
14:56:49.0532 5808 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
14:56:49.0541 5808 adpahci - ok
14:56:49.0580 5808 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
14:56:49.0583 5808 adpu320 - ok
14:56:49.0730 5808 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
14:56:49.0733 5808 AeLookupSvc - ok
14:56:49.0827 5808 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
14:56:49.0838 5808 AFD - ok
14:56:49.0916 5808 AgereModemAudio (b65f8dba54f251906bbe8611b5a0e7ab) C:\Program Files\LSI SoftModem\agr64svc.exe
14:56:49.0917 5808 AgereModemAudio - ok
14:56:50.0123 5808 AgereSoftModem (c98356d813b581e9c425b42a5d146ce0) C:\windows\system32\DRIVERS\agrsm64.sys
14:56:50.0142 5808 AgereSoftModem - ok
14:56:50.0328 5808 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
14:56:50.0331 5808 agp440 - ok
14:56:50.0380 5808 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
14:56:50.0383 5808 ALG - ok
14:56:50.0727 5808 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
14:56:50.0777 5808 aliide - ok
14:56:50.0980 5808 AMD External Events Utility (98a2774d3f18c107874c8c1163ebe484) C:\windows\system32\atiesrxx.exe
14:56:50.0986 5808 AMD External Events Utility - ok
14:56:51.0068 5808 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
14:56:51.0070 5808 amdide - ok
14:56:51.0221 5808 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
14:56:51.0224 5808 AmdK8 - ok
14:56:51.0296 5808 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
14:56:51.0299 5808 AmdPPM - ok
14:56:51.0467 5808 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
14:56:51.0471 5808 amdsata - ok
14:56:51.0544 5808 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
14:56:51.0549 5808 amdsbs - ok
14:56:51.0732 5808 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
14:56:51.0734 5808 amdxata - ok
14:56:51.0814 5808 ApfiltrService (1661f9c9e4b0049fa0a5e30264375a87) C:\windows\system32\DRIVERS\Apfiltr.sys
14:56:51.0821 5808 ApfiltrService - ok
14:56:52.0002 5808 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
14:56:52.0005 5808 AppID - ok
14:56:52.0075 5808 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
14:56:52.0077 5808 AppIDSvc - ok
14:56:52.0245 5808 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
14:56:52.0262 5808 Appinfo - ok
14:56:52.0357 5808 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:56:52.0361 5808 Apple Mobile Device - ok
14:56:52.0558 5808 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
14:56:52.0561 5808 arc - ok
14:56:52.0580 5808 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
14:56:52.0583 5808 arcsas - ok
14:56:52.0734 5808 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:56:52.0738 5808 aspnet_state - ok
14:56:52.0899 5808 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
14:56:52.0902 5808 AsyncMac - ok
14:56:52.0971 5808 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
14:56:52.0972 5808 atapi - ok
14:56:53.0044 5808 athr (e857eee6b92aaa473ebb3465add8f7e7) C:\windows\system32\DRIVERS\athrx.sys
14:56:53.0062 5808 athr - ok
14:56:53.0441 5808 atikmdag (173f4c05f87085e9bda3f7037bc9f40e) C:\windows\system32\DRIVERS\atikmdag.sys
14:56:53.0580 5808 atikmdag - ok
14:56:53.0772 5808 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\windows\system32\DRIVERS\AtiPcie.sys
14:56:53.0774 5808 AtiPcie - ok
14:56:53.0841 5808 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
14:56:53.0855 5808 AudioEndpointBuilder - ok
14:56:53.0867 5808 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
14:56:53.0872 5808 AudioSrv - ok
14:56:54.0094 5808 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
14:56:54.0098 5808 AxInstSV - ok
14:56:54.0189 5808 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
14:56:54.0200 5808 b06bdrv - ok
14:56:54.0401 5808 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
14:56:54.0408 5808 b57nd60a - ok
14:56:54.0500 5808 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
14:56:54.0504 5808 BDESVC - ok
14:56:54.0674 5808 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
14:56:54.0676 5808 Beep - ok
14:56:54.0783 5808 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
14:56:54.0798 5808 BFE - ok
14:56:54.0965 5808 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
14:56:54.0985 5808 BITS - ok
14:56:55.0186 5808 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
14:56:55.0189 5808 blbdrive - ok
14:56:55.0282 5808 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
14:56:55.0292 5808 Bonjour Service - ok
14:56:55.0489 5808 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
14:56:55.0492 5808 bowser - ok
14:56:55.0535 5808 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
14:56:55.0537 5808 BrFiltLo - ok
14:56:55.0701 5808 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
14:56:55.0703 5808 BrFiltUp - ok
14:56:55.0778 5808 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
14:56:55.0782 5808 Browser - ok
14:56:55.0813 5808 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
14:56:55.0818 5808 Brserid - ok
14:56:55.0849 5808 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
14:56:55.0851 5808 BrSerWdm - ok
14:56:56.0001 5808 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
14:56:56.0003 5808 BrUsbMdm - ok
14:56:56.0047 5808 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
14:56:56.0049 5808 BrUsbSer - ok
14:56:56.0084 5808 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
14:56:56.0087 5808 BTHMODEM - ok
14:56:56.0278 5808 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
14:56:56.0282 5808 bthserv - ok
14:56:56.0347 5808 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
14:56:56.0350 5808 cdfs - ok
14:56:56.0525 5808 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
14:56:56.0529 5808 cdrom - ok
14:56:56.0594 5808 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
14:56:56.0596 5808 CertPropSvc - ok
14:56:56.0687 5808 cfWiMAXService (837ff2d497880198c918e6954dbd170c) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
14:56:56.0693 5808 cfWiMAXService - ok
14:56:56.0881 5808 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
14:56:56.0884 5808 circlass - ok
14:56:56.0930 5808 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
14:56:56.0939 5808 CLFS - ok
14:56:57.0108 5808 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:56:57.0113 5808 clr_optimization_v2.0.50727_32 - ok
14:56:57.0151 5808 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:56:57.0154 5808 clr_optimization_v2.0.50727_64 - ok
14:56:57.0300 5808 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:56:57.0304 5808 clr_optimization_v4.0.30319_32 - ok
14:56:57.0374 5808 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:56:57.0379 5808 clr_optimization_v4.0.30319_64 - ok
14:56:57.0571 5808 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
14:56:57.0574 5808 CmBatt - ok
14:56:57.0622 5808 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
14:56:57.0624 5808 cmdide - ok
14:56:57.0839 5808 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
14:56:57.0849 5808 CNG - ok
14:56:58.0042 5808 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
14:56:58.0045 5808 Compbatt - ok
14:56:58.0099 5808 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
14:56:58.0101 5808 CompositeBus - ok
14:56:58.0240 5808 COMSysApp - ok
14:56:58.0327 5808 ConfigFree Gadget Service (d252c53bcdfc199bba55eeb10cdb266e) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
14:56:58.0329 5808 ConfigFree Gadget Service - ok
14:56:58.0364 5808 ConfigFree Service (cab0eeaf5295fc96ddd3e19dce27e131) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
14:56:58.0366 5808 ConfigFree Service - ok
14:56:58.0565 5808 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
14:56:58.0568 5808 crcdisk - ok
14:56:58.0637 5808 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\windows\system32\cryptsvc.dll
14:56:58.0642 5808 CryptSvc - ok
14:56:58.0817 5808 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
14:56:58.0831 5808 DcomLaunch - ok
14:56:58.0874 5808 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
14:56:58.0878 5808 defragsvc - ok
14:56:59.0222 5808 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
14:56:59.0226 5808 DfsC - ok
14:56:59.0392 5808 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
14:56:59.0401 5808 Dhcp - ok
14:56:59.0467 5808 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
14:56:59.0468 5808 discache - ok
14:56:59.0603 5808 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
14:56:59.0607 5808 Disk - ok
14:56:59.0651 5808 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
14:56:59.0654 5808 Dnscache - ok
14:56:59.0816 5808 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
14:56:59.0824 5808 dot3svc - ok
14:56:59.0868 5808 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
14:56:59.0873 5808 DPS - ok
14:57:00.0064 5808 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
14:57:00.0066 5808 drmkaud - ok
14:57:00.0132 5808 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
14:57:00.0152 5808 DXGKrnl - ok
14:57:00.0310 5808 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
14:57:00.0315 5808 EapHost - ok
14:57:00.0465 5808 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
14:57:00.0547 5808 ebdrv - ok
14:57:00.0690 5808 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
14:57:00.0702 5808 EFS - ok
14:57:00.0784 5808 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
14:57:00.0807 5808 ehRecvr - ok
14:57:00.0930 5808 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
14:57:00.0961 5808 ehSched - ok
14:57:01.0387 5808 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
14:57:01.0421 5808 elxstor - ok
14:57:01.0503 5808 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
14:57:01.0528 5808 ErrDev - ok
14:57:01.0647 5808 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
14:57:01.0657 5808 EventSystem - ok
14:57:01.0826 5808 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
14:57:01.0829 5808 exfat - ok
14:57:01.0883 5808 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
14:57:01.0886 5808 fastfat - ok
14:57:02.0052 5808 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
14:57:02.0069 5808 Fax - ok
14:57:02.0131 5808 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
14:57:02.0133 5808 fdc - ok
14:57:02.0294 5808 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
14:57:02.0297 5808 fdPHost - ok
14:57:02.0341 5808 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
14:57:02.0345 5808 FDResPub - ok
14:57:02.0504 5808 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
14:57:02.0507 5808 FileInfo - ok
14:57:02.0568 5808 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
14:57:02.0571 5808 Filetrace - ok
14:57:02.0601 5808 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
14:57:02.0602 5808 flpydisk - ok
14:57:02.0657 5808 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
14:57:02.0661 5808 FltMgr - ok
14:57:02.0831 5808 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
14:57:02.0848 5808 FontCache - ok
14:57:02.0928 5808 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:57:02.0931 5808 FontCache3.0.0.0 - ok
14:57:03.0092 5808 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
14:57:03.0094 5808 FsDepends - ok
14:57:03.0178 5808 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\windows\system32\DRIVERS\fssfltr.sys
14:57:03.0180 5808 fssfltr - ok
14:57:03.0283 5808 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
14:57:03.0315 5808 fsssvc - ok
14:57:03.0507 5808 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys
14:57:03.0510 5808 Fs_Rec - ok
14:57:03.0573 5808 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
14:57:03.0576 5808 fvevol - ok
14:57:03.0758 5808 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
14:57:03.0763 5808 gagp30kx - ok
14:57:03.0851 5808 GameConsoleService (4fbccbdd99a75c9efbc90392cf32af61) C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
14:57:03.0855 5808 GameConsoleService - ok
14:57:04.0046 5808 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
14:57:04.0047 5808 GEARAspiWDM - ok
14:57:04.0100 5808 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
14:57:04.0109 5808 gpsvc - ok
14:57:04.0220 5808 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:57:04.0224 5808 gupdate - ok
14:57:04.0266 5808 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:57:04.0267 5808 gupdatem - ok
14:57:04.0321 5808 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
14:57:04.0324 5808 gusvc - ok
14:57:04.0548 5808 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
14:57:04.0551 5808 hcw85cir - ok
14:57:04.0649 5808 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
14:57:04.0658 5808 HdAudAddService - ok
14:57:04.0957 5808 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
14:57:04.0961 5808 HDAudBus - ok
14:57:04.0994 5808 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
14:57:04.0997 5808 HidBatt - ok
14:57:05.0160 5808 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
14:57:05.0164 5808 HidBth - ok
14:57:05.0185 5808 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
14:57:05.0192 5808 HidIr - ok
14:57:05.0228 5808 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
14:57:05.0230 5808 hidserv - ok
14:57:05.0292 5808 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
14:57:05.0294 5808 HidUsb - ok
14:57:05.0453 5808 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
14:57:05.0458 5808 hkmsvc - ok
14:57:05.0593 5808 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
14:57:05.0598 5808 HomeGroupListener - ok
14:57:05.0746 5808 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
14:57:05.0750 5808 HomeGroupProvider - ok
14:57:05.0830 5808 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
14:57:05.0831 5808 HpSAMD - ok
14:57:06.0018 5808 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
14:57:06.0026 5808 HTTP - ok
14:57:06.0101 5808 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
14:57:06.0102 5808 hwpolicy - ok
14:57:06.0324 5808 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
14:57:06.0326 5808 i8042prt - ok
14:57:06.0416 5808 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
14:57:06.0423 5808 iaStorV - ok
14:57:06.0546 5808 IDriveE Service (4abaf0ee285bd49718a203d16972087a) C:\IDrive\IDriveE Service.exe
14:57:06.0614 5808 IDriveE Service - ok
14:57:06.0774 5808 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:57:06.0793 5808 IDriverT - ok
14:57:07.0023 5808 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:57:07.0043 5808 idsvc - ok
14:57:07.0219 5808 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
14:57:07.0222 5808 iirsp - ok
14:57:07.0293 5808 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
14:57:07.0306 5808 IKEEXT - ok
14:57:07.0540 5808 IntcAzAudAddService (b6e61b181884527cc5b68c2d79504b43) C:\windows\system32\drivers\RTKVHD64.sys
14:57:07.0568 5808 IntcAzAudAddService - ok
14:57:07.0759 5808 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
14:57:07.0761 5808 intelide - ok
14:57:07.0810 5808 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
14:57:07.0812 5808 intelppm - ok
14:57:07.0982 5808 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
14:57:07.0986 5808 IPBusEnum - ok
14:57:08.0072 5808 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
14:57:08.0076 5808 IpFilterDriver - ok
14:57:08.0133 5808 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
14:57:08.0141 5808 iphlpsvc - ok
14:57:08.0332 5808 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
14:57:08.0334 5808 IPMIDRV - ok
14:57:08.0382 5808 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
14:57:08.0386 5808 IPNAT - ok
14:57:08.0495 5808 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe
14:57:08.0515 5808 iPod Service - ok
14:57:08.0692 5808 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
14:57:08.0695 5808 IRENUM - ok
14:57:08.0737 5808 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
14:57:08.0738 5808 isapnp - ok
14:57:08.0911 5808 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
14:57:08.0916 5808 iScsiPrt - ok
14:57:08.0967 5808 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
14:57:08.0969 5808 kbdclass - ok
14:57:09.0249 5808 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
14:57:09.0250 5808 kbdhid - ok
14:57:09.0280 5808 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:57:09.0282 5808 KeyIso - ok
14:57:09.0316 5808 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
14:57:09.0318 5808 KSecDD - ok
14:57:09.0471 5808 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
14:57:09.0473 5808 KSecPkg - ok
14:57:09.0514 5808 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
14:57:09.0516 5808 ksthunk - ok
14:57:09.0565 5808 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
14:57:09.0571 5808 KtmRm - ok
14:57:09.0742 5808 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
14:57:09.0751 5808 LanmanServer - ok
14:57:09.0803 5808 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
14:57:09.0808 5808 LanmanWorkstation - ok
14:57:09.0916 5808 LBTServ (88e52495b47c67126b510af53fdb0bc7) C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
14:57:09.0920 5808 LBTServ - ok
14:57:10.0104 5808 LHidFilt (b6552d382ff070b4ed34cbd6737277c0) C:\windows\system32\DRIVERS\LHidFilt.Sys
14:57:10.0106 5808 LHidFilt - ok
14:57:10.0156 5808 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
14:57:10.0157 5808 lltdio - ok
14:57:10.0335 5808 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
14:57:10.0341 5808 lltdsvc - ok
14:57:10.0362 5808 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
14:57:10.0364 5808 lmhosts - ok
14:57:10.0441 5808 LMouFilt (73c1f563ab73d459dffe682d66476558) C:\windows\system32\DRIVERS\LMouFilt.Sys
14:57:10.0444 5808 LMouFilt - ok
14:57:10.0616 5808 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
14:57:10.0621 5808 LSI_FC - ok
14:57:10.0784 5808 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
14:57:10.0789 5808 LSI_SAS - ok
14:57:10.0826 5808 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
14:57:10.0828 5808 LSI_SAS2 - ok
14:57:10.0954 5808 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
14:57:10.0958 5808 LSI_SCSI - ok
14:57:11.0038 5808 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
14:57:11.0042 5808 luafv - ok
14:57:11.0201 5808 LUsbFilt (9d9714e78eac9e5368208649489c920e) C:\windows\system32\Drivers\LUsbFilt.Sys
14:57:11.0204 5808 LUsbFilt - ok
14:57:11.0263 5808 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
14:57:11.0266 5808 Mcx2Svc - ok
14:57:11.0338 5808 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
14:57:11.0340 5808 megasas - ok
14:57:11.0492 5808 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
14:57:11.0499 5808 MegaSR - ok
14:57:11.0594 5808 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
14:57:11.0598 5808 Microsoft Office Groove Audit Service - ok
14:57:11.0762 5808 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
14:57:11.0767 5808 MMCSS - ok
14:57:11.0839 5808 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
14:57:11.0840 5808 Modem - ok
14:57:11.0995 5808 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
14:57:12.0009 5808 monitor - ok
14:57:12.0093 5808 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
14:57:12.0095 5808 mouclass - ok
14:57:12.0248 5808 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
14:57:12.0251 5808 mouhid - ok
14:57:12.0336 5808 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
14:57:12.0338 5808 mountmgr - ok
14:57:12.0538 5808 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\windows\system32\DRIVERS\MpFilter.sys
14:57:12.0547 5808 MpFilter - ok
14:57:12.0616 5808 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
14:57:12.0619 5808 mpio - ok
14:57:12.0823 5808 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\windows\system32\DRIVERS\MpNWMon.sys
14:57:12.0826 5808 MpNWMon - ok
14:57:12.0917 5808 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
14:57:12.0919 5808 mpsdrv - ok
14:57:13.0032 5808 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
14:57:13.0047 5808 MpsSvc - ok
14:57:13.0257 5808 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
14:57:13.0259 5808 MRxDAV - ok
14:57:13.0307 5808 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
14:57:13.0310 5808 mrxsmb - ok
14:57:13.0503 5808 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
14:57:13.0509 5808 mrxsmb10 - ok
14:57:13.0567 5808 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
14:57:13.0569 5808 mrxsmb20 - ok
14:57:13.0754 5808 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
14:57:13.0755 5808 msahci - ok
14:57:13.0805 5808 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
14:57:13.0808 5808 msdsm - ok
14:57:13.0959 5808 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
14:57:13.0965 5808 MSDTC - ok
14:57:14.0048 5808 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
14:57:14.0049 5808 Msfs - ok
14:57:14.0182 5808 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
14:57:14.0183 5808 mshidkmdf - ok
14:57:14.0227 5808 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
14:57:14.0228 5808 msisadrv - ok
14:57:14.0274 5808 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
14:57:14.0277 5808 MSiSCSI - ok
14:57:14.0409 5808 msiserver - ok
14:57:14.0493 5808 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
14:57:14.0494 5808 MSKSSRV - ok
14:57:14.0588 5808 MsMpSvc (157e9e498206a3366baa7e4697bdd947) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
14:57:14.0588 5808 MsMpSvc - ok
14:57:14.0794 5808 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
14:57:14.0796 5808 MSPCLOCK - ok
14:57:14.0816 5808 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
14:57:14.0818 5808 MSPQM - ok
14:57:14.0877 5808 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
14:57:14.0882 5808 MsRPC - ok
14:57:15.0064 5808 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
14:57:15.0065 5808 mssmbios - ok
14:57:15.0115 5808 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
14:57:15.0116 5808 MSTEE - ok
14:57:15.0268 5808 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
14:57:15.0271 5808 MTConfig - ok
14:57:15.0303 5808 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
14:57:15.0305 5808 Mup - ok
14:57:15.0351 5808 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
14:57:15.0358 5808 napagent - ok
14:57:15.0582 5808 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
14:57:15.0586 5808 NativeWifiP - ok
14:57:15.0797 5808 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
14:57:15.0808 5808 NDIS - ok
14:57:16.0009 5808 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
14:57:16.0012 5808 NdisCap - ok
14:57:16.0052 5808 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
14:57:16.0056 5808 NdisTapi - ok
14:57:16.0238 5808 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
14:57:16.0241 5808 Ndisuio - ok
14:57:16.0284 5808 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
14:57:16.0287 5808 NdisWan - ok
14:57:16.0466 5808 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
14:57:16.0468 5808 NDProxy - ok
14:57:16.0519 5808 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
14:57:16.0522 5808 NetBIOS - ok
14:57:16.0771 5808 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
14:57:16.0774 5808 NetBT - ok
14:57:16.0847 5808 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:57:16.0850 5808 Netlogon - ok
14:57:17.0269 5808 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
14:57:17.0308 5808 Netman - ok
14:57:17.0451 5808 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:17.0455 5808 NetMsmqActivator - ok
14:57:17.0464 5808 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:17.0465 5808 NetPipeActivator - ok
14:57:17.0634 5808 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
14:57:17.0646 5808 netprofm - ok
14:57:17.0796 5808 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:17.0798 5808 NetTcpActivator - ok
14:57:17.0816 5808 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:17.0819 5808 NetTcpPortSharing - ok
14:57:17.0991 5808 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
14:57:17.0994 5808 nfrd960 - ok
14:57:18.0080 5808 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\windows\system32\DRIVERS\NisDrvWFP.sys
14:57:18.0083 5808 NisDrv - ok
14:57:18.0172 5808 NisSrv (566ddd5d82520da01d75f81428ac4c38) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
14:57:18.0177 5808 NisSrv - ok
14:57:18.0361 5808 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
14:57:18.0366 5808 NlaSvc - ok
14:57:18.0420 5808 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
14:57:18.0422 5808 Npfs - ok
14:57:18.0568 5808 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
14:57:18.0569 5808 nsi - ok
14:57:18.0588 5808 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
14:57:18.0589 5808 nsiproxy - ok
14:57:18.0692 5808 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
14:57:18.0713 5808 Ntfs - ok
14:57:18.0885 5808 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
14:57:18.0886 5808 Null - ok
14:57:18.0945 5808 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
14:57:18.0947 5808 nvraid - ok
14:57:19.0195 5808 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
14:57:19.0198 5808 nvstor - ok
14:57:19.0275 5808 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
14:57:19.0277 5808 nv_agp - ok
14:57:19.0392 5808 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:57:19.0399 5808 odserv - ok
14:57:19.0688 5808 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
14:57:19.0689 5808 ohci1394 - ok
14:57:19.0793 5808 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:57:19.0796 5808 ose - ok
14:57:20.0100 5808 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
14:57:20.0105 5808 p2pimsvc - ok
14:57:20.0152 5808 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
14:57:20.0159 5808 p2psvc - ok
14:57:20.0396 5808 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
14:57:20.0399 5808 Parport - ok
14:57:20.0475 5808 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\windows\system32\drivers\partmgr.sys
14:57:20.0477 5808 partmgr - ok
14:57:20.0689 5808 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
14:57:20.0693 5808 PcaSvc - ok
14:57:20.0785 5808 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
14:57:20.0788 5808 pci - ok
14:57:20.0821 5808 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
14:57:20.0837 5808 pciide - ok
14:57:21.0113 5808 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
14:57:21.0117 5808 pcmcia - ok
14:57:21.0198 5808 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
14:57:21.0215 5808 pcw - ok
14:57:21.0318 5808 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
14:57:21.0328 5808 PEAUTH - ok
14:57:21.0428 5808 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
14:57:21.0430 5808 PerfHost - ok
14:57:21.0706 5808 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys
14:57:21.0708 5808 PGEffect - ok
14:57:21.0969 5808 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
14:57:21.0999 5808 pla - ok
14:57:22.0152 5808 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
14:57:22.0160 5808 PlugPlay - ok
14:57:22.0262 5808 PMCF (60795ae1e34bcf4ff731f55a6cda9a86) C:\windows\system32\drivers\PMCF.sys
14:57:22.0264 5808 PMCF - ok
14:57:22.0410 5808 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
14:57:22.0415 5808 PNRPAutoReg - ok
14:57:22.0483 5808 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
14:57:22.0494 5808 PNRPsvc - ok
14:57:22.0715 5808 Point64 (b8d8ec78b0f9ed8e220506181274f3d3) C:\windows\system32\DRIVERS\point64.sys
14:57:22.0717 5808 Point64 - ok
14:57:22.0808 5808 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
14:57:22.0815 5808 PolicyAgent - ok
14:57:22.0874 5808 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
14:57:22.0878 5808 Power - ok
14:57:23.0059 5808 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
14:57:23.0062 5808 PptpMiniport - ok
14:57:23.0149 5808 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
14:57:23.0151 5808 Processor - ok
14:57:23.0254 5808 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\windows\system32\profsvc.dll
14:57:23.0258 5808 ProfSvc - ok
14:57:23.0415 5808 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:57:23.0417 5808 ProtectedStorage - ok
14:57:23.0574 5808 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
14:57:23.0576 5808 Psched - ok
14:57:23.0711 5808 QBCFMonitorService (933d92f0bd1d7a9835cd8a8b1235a11e) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
14:57:23.0734 5808 QBCFMonitorService - ok
14:57:23.0895 5808 QBFCService (6bee1814470dc12fa20c53dfc3c97ebb) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
14:57:23.0917 5808 QBFCService - ok
14:57:24.0218 5808 QBVSS (25fc19badf78b7fb1d835aac4b0b91a5) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
14:57:24.0356 5808 QBVSS - ok
14:57:24.0618 5808 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
14:57:24.0635 5808 ql2300 - ok
14:57:24.0837 5808 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
14:57:24.0861 5808 ql40xx - ok
14:57:24.0906 5808 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
14:57:24.0911 5808 QWAVE - ok
14:57:24.0983 5808 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
14:57:24.0984 5808 QWAVEdrv - ok
14:57:25.0208 5808 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
14:57:25.0213 5808 RasAcd - ok
14:57:25.0308 5808 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
14:57:25.0318 5808 RasAgileVpn - ok
14:57:25.0506 5808 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
14:57:25.0510 5808 RasAuto - ok
14:57:25.0593 5808 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
14:57:25.0595 5808 Rasl2tp - ok
14:57:25.0681 5808 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
14:57:25.0688 5808 RasMan - ok
14:57:25.0871 5808 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
14:57:25.0873 5808 RasPppoe - ok
14:57:25.0986 5808 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
14:57:25.0988 5808 RasSstp - ok
14:57:26.0063 5808 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
14:57:26.0067 5808 rdbss - ok
14:57:26.0235 5808 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
14:57:26.0257 5808 rdpbus - ok
14:57:26.0322 5808 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
14:57:26.0323 5808 RDPCDD - ok
14:57:26.0357 5808 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
14:57:26.0357 5808 RDPENCDD - ok
14:57:26.0513 5808 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
14:57:26.0513 5808 RDPREFMP - ok
14:57:26.0600 5808 RDPWD (6d76e6433574b058adcb0c50df834492) C:\windows\system32\drivers\RDPWD.sys
14:57:26.0603 5808 RDPWD - ok
14:57:26.0779 5808 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
14:57:26.0782 5808 rdyboost - ok
14:57:26.0957 5808 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
14:57:26.0963 5808 RemoteAccess - ok
14:57:27.0016 5808 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
14:57:27.0020 5808 RemoteRegistry - ok
14:57:27.0162 5808 rimspci (e20b1907fc72a3664ece21e3c20fc63d) C:\windows\system32\DRIVERS\rimspe64.sys
14:57:27.0164 5808 rimspci - ok
14:57:27.0320 5808 risdpcie (7dda2e5cf452dad24b1be704225c18ee) C:\windows\system32\DRIVERS\risdpe64.sys
14:57:27.0322 5808 risdpcie - ok
14:57:27.0388 5808 rixdpcie (6a1cd4674505e6791390a1ab71da1fbe) C:\windows\system32\DRIVERS\rixdpe64.sys
14:57:27.0390 5808 rixdpcie - ok
14:57:27.0557 5808 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
14:57:27.0559 5808 RpcEptMapper - ok
14:57:27.0589 5808 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
14:57:27.0591 5808 RpcLocator - ok
14:57:27.0638 5808 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
14:57:27.0643 5808 RpcSs - ok
14:57:27.0713 5808 RSELSVC - ok
14:57:27.0903 5808 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
14:57:27.0905 5808 rspndr - ok
14:57:27.0949 5808 RTL8167 (66f9f7161d147b6486a22feb9425930d) C:\windows\system32\DRIVERS\Rt64win7.sys
14:57:27.0953 5808 RTL8167 - ok
14:57:28.0148 5808 rtl8192se (03e0627c26943916a7276ac5306206c7) C:\windows\system32\DRIVERS\rtl8192se.sys
14:57:28.0161 5808 rtl8192se - ok
14:57:28.0315 5808 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:57:28.0317 5808 SamSs - ok
14:57:28.0382 5808 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
14:57:28.0384 5808 sbp2port - ok
14:57:28.0540 5808 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
14:57:28.0544 5808 SCardSvr - ok
14:57:28.0621 5808 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
14:57:28.0623 5808 scfilter - ok
14:57:28.0813 5808 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
14:57:28.0827 5808 Schedule - ok
14:57:28.0996 5808 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
14:57:28.0997 5808 SCPolicySvc - ok
14:57:29.0079 5808 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\windows\system32\drivers\sdbus.sys
14:57:29.0082 5808 sdbus - ok
14:57:29.0255 5808 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
14:57:29.0259 5808 SDRSVC - ok
14:57:29.0319 5808 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
14:57:29.0321 5808 secdrv - ok
14:57:29.0494 5808 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
14:57:29.0496 5808 seclogon - ok
14:57:29.0533 5808 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
14:57:29.0536 5808 SENS - ok
14:57:29.0791 5808 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
14:57:29.0802 5808 SensrSvc - ok
14:57:29.0908 5808 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
14:57:29.0909 5808 Serenum - ok
14:57:30.0064 5808 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
14:57:30.0068 5808 Serial - ok
14:57:30.0118 5808 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
14:57:30.0119 5808 sermouse - ok
14:57:30.0195 5808 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
14:57:30.0198 5808 SessionEnv - ok
14:57:30.0306 5808 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
14:57:30.0308 5808 sffdisk - ok
14:57:30.0475 5808 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
14:57:30.0477 5808 sffp_mmc - ok
14:57:30.0498 5808 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
14:57:30.0500 5808 sffp_sd - ok
14:57:30.0548 5808 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
14:57:30.0550 5808 sfloppy - ok
14:57:30.0638 5808 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
14:57:30.0644 5808 SharedAccess - ok
14:57:30.0692 5808 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
14:57:30.0698 5808 ShellHWDetection - ok
14:57:30.0882 5808 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
14:57:30.0884 5808 SiSRaid2 - ok
14:57:30.0895 5808 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
14:57:30.0901 5808 SiSRaid4 - ok
14:57:31.0090 5808 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
14:57:31.0094 5808 Smb - ok
14:57:31.0129 5808 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
14:57:31.0131 5808 SNMPTRAP - ok
14:57:31.0153 5808 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
14:57:31.0154 5808 spldr - ok
14:57:31.0359 5808 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
14:57:31.0374 5808 Spooler - ok
14:57:31.0503 5808 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
14:57:31.0603 5808 sppsvc - ok
14:57:31.0743 5808 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
14:57:31.0749 5808 sppuinotify - ok
14:57:31.0835 5808 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
14:57:31.0846 5808 srv - ok
14:57:32.0055 5808 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
14:57:32.0065 5808 srv2 - ok
14:57:32.0134 5808 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
14:57:32.0138 5808 srvnet - ok
14:57:32.0286 5808 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
14:57:32.0290 5808 SSDPSRV - ok
14:57:32.0323 5808 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
14:57:32.0325 5808 SstpSvc - ok
14:57:32.0390 5808 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
14:57:32.0393 5808 stexstor - ok
14:57:32.0569 5808 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
14:57:32.0586 5808 stisvc - ok
14:57:32.0671 5808 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
14:57:32.0672 5808 swenum - ok
14:57:32.0827 5808 swg3kser00 (9f0a0c3ee91fd7cb709f7d0d97207f7e) C:\windows\system32\DRIVERS\swg3kser00.sys
14:57:32.0836 5808 swg3kser00 - ok
14:57:32.0910 5808 SwiCardDetectSvc (7759bb08cf43b2dbf9e151bbf827add2) C:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe
14:57:33.0038 5808 SwiCardDetectSvc - ok
14:57:33.0269 5808 swiwdmbx (c6a7e54a31803e6f95e23d1b5d967d57) C:\windows\system32\DRIVERS\swiwdmbx64.sys
14:57:33.0273 5808 swiwdmbx - ok
14:57:33.0346 5808 SWNC8UA3 (dc345fc7ce9ba3005153062407263bb2) C:\windows\system32\DRIVERS\swnc8ua3.sys
14:57:33.0355 5808 SWNC8UA3 - ok
14:57:33.0520 5808 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
14:57:33.0535 5808 swprv - ok
14:57:33.0758 5808 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
14:57:33.0777 5808 SysMain - ok
14:57:33.0928 5808 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
14:57:33.0931 5808 TabletInputService - ok
14:57:33.0954 5808 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
14:57:33.0960 5808 TapiSrv - ok
14:57:34.0122 5808 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
14:57:34.0128 5808 TBS - ok
14:57:34.0258 5808 Tcpip (fc62769e7bff2896035aeed399108162) C:\windows\system32\drivers\tcpip.sys
14:57:34.0285 5808 Tcpip - ok
14:57:34.0599 5808 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\windows\system32\DRIVERS\tcpip.sys
14:57:34.0611 5808 TCPIP6 - ok
14:57:34.0798 5808 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
14:57:34.0801 5808 tcpipreg - ok
14:57:34.0863 5808 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
14:57:34.0866 5808 tdcmdpst - ok
14:57:35.0057 5808 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
14:57:35.0059 5808 TDPIPE - ok
14:57:35.0106 5808 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
14:57:35.0109 5808 TDTCP - ok
14:57:35.0297 5808 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
14:57:35.0301 5808 tdx - ok
14:57:35.0345 5808 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
14:57:35.0348 5808 TermDD - ok
14:57:35.0523 5808 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
14:57:35.0533 5808 TermService - ok
14:57:35.0681 5808 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
14:57:35.0687 5808 Themes - ok
14:57:35.0771 5808 Thpdrv (c013f6acaa9761f571bd28dada7c157d) C:\windows\system32\DRIVERS\thpdrv.sys
14:57:35.0773 5808 Thpdrv - ok
14:57:35.0918 5808 Thpevm (b4e609047434ed948af7bdef2fa66e38) C:\windows\system32\DRIVERS\Thpevm.SYS
14:57:35.0920 5808 Thpevm - ok
14:57:35.0981 5808 Thpsrv (6146eac71ae3c9da17b0e33632082b7b) C:\windows\system32\ThpSrv.exe
14:57:36.0019 5808 Thpsrv - ok
14:57:36.0319 5808 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
14:57:36.0323 5808 THREADORDER - ok
14:57:36.0422 5808 TMachInfo (f120967184a27e927052e8ddbb727851) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
14:57:36.0425 5808 TMachInfo - ok
14:57:36.0591 5808 TODDSrv (ed32035bdfeced1ad66d459fd9cc1140) C:\Windows\system32\TODDSrv.exe
14:57:36.0605 5808 TODDSrv - ok
14:57:36.0726 5808 TosCoSrv (06c61275adc64f1e36240a2287998a5e) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
14:57:36.0736 5808 TosCoSrv - ok
14:57:36.0803 5808 TOSHIBA eco Utility Service (707800855afbd7648375efb1519b8d6d) C:\Program Files\TOSHIBA\TECO\TecoService.exe
14:57:36.0807 5808 TOSHIBA eco Utility Service - ok
14:57:37.0107 5808 TOSHIBA HDD SSD Alert Service (eda12e9bc9a0f104c24101720eec4785) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
14:57:37.0200 5808 TOSHIBA HDD SSD Alert Service - ok
14:57:37.0425 5808 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\windows\system32\DRIVERS\tos_sps64.sys
14:57:37.0432 5808 tos_sps64 - ok
14:57:37.0542 5808 TPCHSrv (de64c52bd0671165cf2eebf2a728a3e2) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
14:57:37.0563 5808 TPCHSrv - ok
14:57:37.0815 5808 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
14:57:37.0818 5808 TrkWks - ok
14:57:37.0914 5808 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
14:57:37.0917 5808 TrustedInstaller - ok
14:57:38.0076 5808 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
14:57:38.0079 5808 tssecsrv - ok
14:57:38.0174 5808 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
14:57:38.0175 5808 TsUsbFlt - ok
14:57:38.0344 5808 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
14:57:38.0347 5808 tunnel - ok
14:57:38.0418 5808 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
14:57:38.0420 5808 TVALZ - ok
14:57:38.0576 5808 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys
14:57:38.0578 5808 TVALZFL - ok
14:57:38.0658 5808 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
14:57:38.0662 5808 uagp35 - ok
14:57:38.0713 5808 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
14:57:38.0719 5808 udfs - ok
14:57:38.0862 5808 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
14:57:38.0866 5808 UI0Detect - ok
14:57:38.0955 5808 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
14:57:38.0958 5808 uliagpkx - ok
14:57:39.0051 5808 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys
14:57:39.0062 5808 umbus - ok
14:57:39.0203 5808 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
14:57:39.0204 5808 UmPass - ok
14:57:39.0267 5808 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
14:57:39.0273 5808 upnphost - ok
14:57:39.0363 5808 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\windows\system32\Drivers\usbaapl64.sys
14:57:39.0398 5808 USBAAPL64 - ok
14:57:39.0542 5808 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
14:57:39.0546 5808 usbccgp - ok
14:57:39.0606 5808 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
14:57:39.0611 5808 usbcir - ok
14:57:39.0636 5808 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
14:57:39.0638 5808 usbehci - ok
14:57:39.0724 5808 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
14:57:39.0730 5808 usbhub - ok
14:57:39.0885 5808 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\DRIVERS\usbohci.sys
14:57:39.0888 5808 usbohci - ok
14:57:39.0944 5808 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
14:57:39.0947 5808 usbprint - ok
14:57:40.0104 5808 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
14:57:40.0133 5808 USBSTOR - ok
14:57:40.0179 5808 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
14:57:40.0181 5808 usbuhci - ok
14:57:40.0347 5808 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
14:57:40.0353 5808 usbvideo - ok
14:57:40.0406 5808 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
14:57:40.0413 5808 UxSms - ok
14:57:40.0538 5808 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:57:40.0542 5808 VaultSvc - ok
14:57:40.0689 5808 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
14:57:40.0693 5808 vdrvroot - ok
14:57:40.0750 5808 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
14:57:40.0761 5808 vds - ok
14:57:40.0945 5808 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
14:57:40.0947 5808 vga - ok
14:57:40.0984 5808 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
14:57:40.0985 5808 VgaSave - ok
14:57:41.0177 5808 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
14:57:41.0183 5808 vhdmp - ok
14:57:41.0214 5808 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
14:57:41.0216 5808 viaide - ok
14:57:41.0421 5808 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
14:57:41.0424 5808 volmgr - ok
14:57:41.0479 5808 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
14:57:41.0484 5808 volmgrx - ok
14:57:41.0684 5808 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
14:57:41.0688 5808 volsnap - ok
14:57:41.0733 5808 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
14:57:41.0736 5808 vsmraid - ok
14:57:41.0936 5808 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
14:57:41.0962 5808 VSS - ok
14:57:42.0027 5808 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
14:57:42.0028 5808 vwifibus - ok
14:57:42.0170 5808 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
14:57:42.0172 5808 vwififlt - ok
14:57:42.0214 5808 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
14:57:42.0221 5808 W32Time - ok
14:57:42.0414 5808 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
14:57:42.0416 5808 WacomPen - ok
14:57:42.0484 5808 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
14:57:42.0487 5808 WANARP - ok
14:57:42.0510 5808 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
14:57:42.0511 5808 Wanarpv6 - ok
14:57:42.0722 5808 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
14:57:42.0748 5808 WatAdminSvc - ok
14:57:42.0842 5808 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
14:57:42.0862 5808 wbengine - ok
14:57:43.0014 5808 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
14:57:43.0023 5808 WbioSrvc - ok
14:57:43.0080 5808 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
14:57:43.0092 5808 wcncsvc - ok
14:57:43.0243 5808 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
14:57:43.0249 5808 WcsPlugInService - ok
14:57:43.0318 5808 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
14:57:43.0320 5808 Wd - ok
14:57:43.0479 5808 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\windows\system32\DRIVERS\wdcsam64.sys
14:57:43.0482 5808 WDC_SAM - ok
14:57:43.0555 5808 WDDMService (e6050fe6b60fa91188b8abdb5b1e339f) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
14:57:43.0561 5808 WDDMService - ok
14:57:43.0761 5808 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
14:57:43.0775 5808 Wdf01000 - ok
14:57:43.0893 5808 WDFME (b83d5071b32a70bebdb3330bfa7acb80) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
14:57:43.0907 5808 WDFME - ok
14:57:44.0055 5808 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
14:57:44.0061 5808 WdiServiceHost - ok
14:57:44.0071 5808 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
14:57:44.0077 5808 WdiSystemHost - ok
14:57:44.0165 5808 WDSC (517de2c5568cba6b2a24a557ac60c30b) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
14:57:44.0207 5808 WDSC - ok
14:57:44.0377 5808 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
14:57:44.0388 5808 WebClient - ok
14:57:44.0431 5808 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
14:57:44.0436 5808 Wecsvc - ok
14:57:44.0572 5808 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
14:57:44.0578 5808 wercplsupport - ok
14:57:44.0616 5808 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
14:57:44.0620 5808 WerSvc - ok
14:57:44.0703 5808 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
14:57:44.0706 5808 WfpLwf - ok
14:57:44.0739 5808 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
14:57:44.0741 5808 WIMMount - ok
14:57:44.0788 5808 WinDefend - ok
14:57:44.0812 5808 WinHttpAutoProxySvc - ok
14:57:44.0990 5808 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
14:57:44.0996 5808 Winmgmt - ok
14:57:45.0097 5808 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
14:57:45.0128 5808 WinRM - ok
14:57:45.0340 5808 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
14:57:45.0343 5808 WinUsb - ok
14:57:45.0406 5808 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
14:57:45.0427 5808 Wlansvc - ok
14:57:45.0513 5808 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:57:45.0516 5808 wlcrasvc - ok
14:57:45.0704 5808 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:57:45.0732 5808 wlidsvc - ok
14:57:45.0908 5808 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
14:57:45.0910 5808 WmiAcpi - ok
14:57:45.0975 5808 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
14:57:45.0979 5808 wmiApSrv - ok
14:57:46.0029 5808 WMPNetworkSvc - ok
14:57:46.0190 5808 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
14:57:46.0196 5808 WPCSvc - ok
14:57:46.0250 5808 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
14:57:46.0255 5808 WPDBusEnum - ok
14:57:46.0323 5808 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
14:57:46.0325 5808 ws2ifsl - ok
14:57:46.0701 5808 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll
14:57:46.0727 5808 wscsvc - ok
14:57:46.0814 5808 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96
Back to top
View user's profile Send private message
nealod
Warrior


Joined: 24 Sep 2010
Last Visit: 02 Oct 2013
Posts: 52

PostPosted: Thu Apr 12, 2012 8:08 am    Post subject: Reply with quote

14:57:46.0727 5808 wscsvc - ok
14:57:46.0814 5808 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\windows\system32\DRIVERS\WSDPrint.sys
14:57:46.0815 5808 WSDPrintDevice - ok
14:57:46.0936 5808 WSearch - ok
14:57:47.0030 5808 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\windows\system32\wuaueng.dll
14:57:47.0084 5808 wuauserv - ok
14:57:47.0277 5808 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
14:57:47.0281 5808 WudfPf - ok
14:57:47.0330 5808 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
14:57:47.0332 5808 WUDFRd - ok
14:57:47.0491 5808 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
14:57:47.0499 5808 wudfsvc - ok
14:57:47.0542 5808 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
14:57:47.0552 5808 WwanSvc - ok
14:57:47.0656 5808 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
14:57:47.0669 5808 YahooAUService - ok
14:57:47.0721 5808 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
14:57:47.0789 5808 \Device\Harddisk0\DR0 - ok
14:57:47.0809 5808 Boot (0x1200) (886ea158e70e2d43c884370e05025bd2) \Device\Harddisk0\DR0\Partition0
14:57:47.0812 5808 \Device\Harddisk0\DR0\Partition0 - ok
14:57:47.0814 5808 ============================================================
14:57:47.0814 5808 Scan finished
14:57:47.0814 5808 ============================================================
14:57:47.0848 4740 Detected object count: 0
14:57:47.0848 4740 Actual detected object count: 0
Back to top
View user's profile Send private message
Cypher
Moderator


Joined: 05 Jul 2009
Last Visit: 22 Jul 2014
Posts: 4571
Location: Land Of The Leprechauns

PostPosted: Thu Apr 12, 2012 9:02 am    Post subject: Reply with quote

Hi nealod ,
Excellent thank you.
Do the following then let me know how you computer is performing.

We need to run an OTL Fix
  • Right-click OTL.exe and select " Run as administrator " to run it.
  • Copy and Paste the following code into the textbox. Do not include the word Code
    Code:

    :processes
    killallprocesses

    :otl
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {DF59BFAC-1369-44A4-BBB6-DC833D2A959D}
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60347
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
    IE - HKLM\..\SearchScopes,DefaultScope = {CE162467-B7A8-4B40-A5FB-F98421821144}
    IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {CE162467-B7A8-4B40-A5FB-F98421821144}
    IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {CE162467-B7A8-4B40-A5FB-F98421821144}
    IE - HKU\S-1-5-21-2629332192-361817875-3049080968-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60347
    IE - HKU\S-1-5-21-2629332192-361817875-3049080968-1001\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
    IE - HKU\S-1-5-21-2629332192-361817875-3049080968-1001\..\SearchScopes,DefaultScope = {DECA3892-BA8F-44b8-A993-A466AD694AE4}
    IE - HKU\S-1-5-21-2629332192-361817875-3049080968-1001\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=60347
    FF - prefs.js..browser.search.defaultenginename: "Crawler Search"
    FF - prefs.js..browser.search.order.1: "Crawler Search"
    FF - prefs.js..keyword.URL: "http://www.crawler.com/search/dispatcher.aspx?tp=aus&tbid=60347&qkw="
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll File not found
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
    O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)

    :files
    C:\windows\tasks\At2.job
    C:\windows\tasks\At1.job
    c:\users\absolute\downloads\nitro pdf professional v6.2.0.44
    c:\users\absolute\downloads\paloalto..15 businessplan.pro.15th.ed
    ipconfig /flushdns /c

    :commands
    [emptyflash]
    [emptytemp]
    [emptyjava]]
    [clearallrestorepoints]
    [REBOOT]

  • Then click the Run Fix button at the top.
  • Click .
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.


Logs/Information to Post in your Next Reply
  • OTL fix log.

_________________
Admin/Teacher at Malware Removal University
Member of...

Back to top
View user's profile Send private message
nealod
Warrior


Joined: 24 Sep 2010
Last Visit: 02 Oct 2013
Posts: 52

PostPosted: Thu Apr 12, 2012 9:41 am    Post subject: Reply with quote

All processes killed
========== PROCESSES ==========
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKU\S-1-5-21-2629332192-361817875-3049080968-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-2629332192-361817875-3049080968-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}\ not found.
HKEY_USERS\S-1-5-21-2629332192-361817875-3049080968-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2629332192-361817875-3049080968-1001\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ not found.
Prefs.js: "Crawler Search" removed from browser.search.defaultenginename
Prefs.js: "Crawler Search" removed from browser.search.order.1
Prefs.js: "http://www.crawler.com/search/dispatcher.aspx?tp=aus&tbid=60347&qkw=" removed from keyword.URL
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
========== FILES ==========
C:\windows\tasks\At2.job moved successfully.
C:\windows\tasks\At1.job moved successfully.
File\Folder c:\users\absolute\downloads\nitro pdf professional v6.2.0.44 not found.
c:\users\absolute\downloads\PaloAlto..15 BusinessPlan.Pro.15th.Ed folder moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Absolute\Downloads\cmd.bat deleted successfully.
C:\Users\Absolute\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: Absolute
->Flash cache emptied: 4395 bytes

User: All Users

User: Default
->Flash cache emptied: 41620 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


[EMPTYTEMP]

User: Absolute
->Temp folder emptied: 102255133 bytes
->Temporary Internet Files folder emptied: 8191156 bytes
->Java cache emptied: 868321 bytes
->FireFox cache emptied: 89189993 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33184 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 193916494 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50333 bytes
RecycleBin emptied: 6325930946 bytes

Total Files Cleaned = 6,409.00 mb

Error: Unable to interpret <[emptyjava]]> in the current context!
Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.39.2 log created on 04122012_132910

Files\Folders moved on Reboot...
C:\Users\Absolute\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\windows\temp\TMP000000018A6ED3EFE4F553B8 not found!
File\Folder C:\windows\temp\TMP000000041F4DF9E5926567BA not found!
File\Folder C:\windows\temp\TMP0000000D7C73EDA42CD288FE not found!

Registry entries deleted on Reboot...
Back to top
View user's profile Send private message
Cypher
Moderator


Joined: 05 Jul 2009
Last Visit: 22 Jul 2014
Posts: 4571
Location: Land Of The Leprechauns

PostPosted: Thu Apr 12, 2012 9:57 am    Post subject: Reply with quote

Hi nealod,
How is your computer running now, any problems?

ESET online scannner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Note: If you are using Windows Vista or Windows 7, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
  • First please Disable any Antivirus you have active, as shown in This topic.
  • Note: Don't forget to re-enable it after the scan.
  • Next hold down Control then click on the following link to open a new window to ESET online scannner
  • Select the option YES, I accept the Terms of Use then click on Start.
    Quote:
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on Start.
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on Finish.
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

_________________
Admin/Teacher at Malware Removal University
Member of...

Back to top
View user's profile Send private message
nealod
Warrior


Joined: 24 Sep 2010
Last Visit: 02 Oct 2013
Posts: 52

PostPosted: Thu Apr 12, 2012 6:21 pm    Post subject: Reply with quote

ESETSmartInstaller@High as downloader log:
all ok

C:\Users\Absolute\Downloads\FLVPlayer_Setup.exe a variant of Win32/SweetIM.A application
Back to top
View user's profile Send private message
Cypher
Moderator


Joined: 05 Jul 2009
Last Visit: 22 Jul 2014
Posts: 4571
Location: Land Of The Leprechauns

PostPosted: Fri Apr 13, 2012 1:56 am    Post subject: Reply with quote

Hi nealod,
Quote:
all ok

If you are having no further problems you should be good to go.
Please delete the below file.
Quote:
C:\Users\Absolute\Downloads\FLVPlayer_Setup.exe


Your latest set of logs appear to be clean!
This is my general post for when your logs show no more signs of malware.

Clean up with OTL
  • Right click on OTL.exe And select Run as administrator to run it.
  • This will remove all the tools we used to clean your pc.
  • Close all other programs apart from OTL as this step will require a reboot
  • On the OTL main screen, press the CleanUp! button
  • Say Yes to the prompt and then allow the program to reboot your computer.

You can now delete any tools/logs we used if they remain on your Desktop.

Protection Programs
Don't forget to re-enable any protection programs we disabled during your fix.

Update your Antivirus programs and other security products regularly to avoid new threats that could infect your system.
You can use one of these sites to check if any updates are needed for your pc.
Secunia Software Inspector
F-secure Health Check

Microsoft Windows Update
Microsoft releases patches for Windows and Office products regularly to patch up Windows and Office products loopholes and fix any bugs found. Install the updates immediately if they are found.
To update Windows
Go to Start > All Programs > Windows Update > Check for updates.
To update Office
Open up any Office program.
Go to Help > Check for Updates

I would be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can be closed.

Safe surfing!
_________________
Admin/Teacher at Malware Removal University
Member of...

Back to top
View user's profile Send private message
nealod
Warrior


Joined: 24 Sep 2010
Last Visit: 02 Oct 2013
Posts: 52

PostPosted: Fri Apr 13, 2012 3:12 am    Post subject: Reply with quote

Thank you, I really appreciated the help. One question I do have is, it takes about a good 7 minutes before I can open mozilla on start up. Is this normal? or is there anything I can do to speed up my computer? Thanks again.
Back to top
View user's profile Send private message
Cypher
Moderator


Joined: 05 Jul 2009
Last Visit: 22 Jul 2014
Posts: 4571
Location: Land Of The Leprechauns

PostPosted: Fri Apr 13, 2012 3:22 am    Post subject: Reply with quote

Hi nealod,
Quote:
Thank you, I really appreciated the help.

You're most welcome.
Quote:
it takes about a good 7 minutes before I can open mozilla on start up. Is this normal? or is there anything I can do to speed up my computer?

No that's not normal, Please see the link below you may find some of the tips useful.

What to do if your Computer is running slowly

Any other questions?
_________________
Admin/Teacher at Malware Removal University
Member of...

Back to top
View user's profile Send private message
Cypher
Moderator


Joined: 05 Jul 2009
Last Visit: 22 Jul 2014
Posts: 4571
Location: Land Of The Leprechauns

PostPosted: Sat Apr 14, 2012 3:00 am    Post subject: Reply with quote

Quote:
As your issues appear to be resolved, this topic is now closed.

If you have been helped and wish to donate to help with the costs of this volunteer site, please read Spyware Warrior Donations

_________________
Admin/Teacher at Malware Removal University
Member of...

Back to top
View user's profile Send private message
Display posts from previous:   
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Spyware Warrior Forum Index -> Archived Spyware Removal Help Topics All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group