Inactive Computer crashing

D

di229

Posts: 75   +0
[FONT=Calibri]Hello, my computer seems to have some bad viruses, malware and or Trojan, I have downloaded Rkill and run the full scan, and found C:\windows\sysWOW64\grpcov.exe. I have also downloaded Malwarebytes Anti-Malware and it did fine over 200 + like PUP.My Web Search; Adware Game Play; PUP Cross Fire.Gen, went through the steps to remove them. However the computer is still crashing. Pulse I do not seem to be able to fix the Windows\sysWOW64\grpcov.exe. Could you please help?[/FONT]
 
Welcome aboard
yahooo.gif


Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running tools or applying updates other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
 
First Thank you, I have printed out all instruction and will be getting back with the information you have asked for.
 
Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org
Database version: v2012.05.22.03
Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
DI :: DI-PC [administrator]
Protection: Enabled
5/22/2012 1:39:18 PM
mbam-log-2012-05-22 (13-39-18).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 211607
Time elapsed: 3 minute(s), 56 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
 
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by DI at 14:54:06 on 2012-05-22
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.4093.2267 [GMT -6:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AGI\core\4.2.0.10754\AGCoreService.exe
C:\Windows\system32\agr64svc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Macrium\Reflect\ReflectService.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\Windows\system32\taskeng.exe
c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files (x86)\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\AVG\AVG PC Tuneup\BoostSpeed.exe
C:\Windows\Explorer.EXE
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\ltmoh\ltmoh.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TSS.exe
C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Secunia\PSI\sua.exe
C:\Windows\splwow64.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\mobsync.exe
C:\Program Files (x86)\AVG\AVG2012\avgcfgex.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.dogpile.com/
uDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart
mDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: agihelper.AGUtils: {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe,
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: agihelper.AGUtils: {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll
TB: {364ea597-e728-4ce4-bb4a-ed846ef47970} - No File
uRun: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
mRun: [NDSTray.exe] NDSTray.exe
mRun: [cfFncEnabler.exe] cfFncEnabler.exe
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TSS.exe" /hide
mRun: [PCMAgent] "C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe"
mRun: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe"
mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [ContentTransferWMDetector.exe] C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
StartupFolder: C:\Users\DI\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Webshots.lnk - C:\Program Files (x86)\Webshots\3.1.5.7619\Launcher.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{12ECCC2B-9BAD-46F2-8D86-BE24BBED550F} : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{E2D6C87D-EA0E-45B1-8478-444099EA34F7} : DhcpNameServer = 192.168.2.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-X64: 0x1 - No File
BHO-X64: agihelper.AGUtils: {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO-X64: AVG Do Not Track - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll
TB-X64: {364ea597-e728-4ce4-bb4a-ed846ef47970} - No File
mRun-x64: [NDSTray.exe] NDSTray.exe
mRun-x64: [cfFncEnabler.exe] cfFncEnabler.exe
mRun-x64: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TSS.exe" /hide
mRun-x64: [PCMAgent] "C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe"
mRun-x64: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [CLMLServer] "C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe"
mRun-x64: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [ContentTransferWMDetector.exe] C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\system32\DRIVERS\avgidsha.sys --> C:\Windows\system32\DRIVERS\avgidsha.sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\Windows\system32\DRIVERS\tos_sps64.sys --> C:\Windows\system32\DRIVERS\tos_sps64.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AGCoreService;AG Core Services;C:\Program Files (x86)\AGI\core\4.2.0.10754\AGCoreService.exe [2011-12-13 20480]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]
R2 ConfigFree Gadget Service;ConfigFree Gadget Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFProcSRVC.exe [2008-6-27 36864]
R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe [2008-7-10 40960]
R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-5-13 654408]
R2 ReflectService.exe;Macrium Reflect Image Mounting Service;C:\Program Files\Macrium\Reflect\ReflectService.exe [2012-4-26 301720]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-10-6 1153368]
R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2012-3-30 1295416]
R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2012-3-30 681016]
R2 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2008-8-14 46392]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-3 175104]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdrivera.sys --> C:\Windows\system32\DRIVERS\avgidsdrivera.sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\avgidsfiltera.sys --> C:\Windows\system32\DRIVERS\avgidsfiltera.sys [?]
R3 FwLnk;FwLnk Driver;C:\Windows\system32\DRIVERS\FwLnk.sys --> C:\Windows\system32\DRIVERS\FwLnk.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 NETw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\NETw5v64.sys --> C:\Windows\system32\DRIVERS\NETw5v64.sys [?]
R3 PSI;PSI;C:\Windows\system32\DRIVERS\psi_mf.sys --> C:\Windows\system32\DRIVERS\psi_mf.sys [?]
R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv;C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe [2008-4-24 84992]
S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-4-30 5106744]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-15 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-3-6 257696]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 PSMounter;Macrium Reflect Image Explorer Service;\??\C:\Windows\system32\drivers\psmounter.sys --> C:\Windows\system32\drivers\psmounter.sys [?]
S3 SWDUMon;SWDUMon;C:\Windows\system32\DRIVERS\SWDUMon.sys --> C:\Windows\system32\DRIVERS\SWDUMon.sys [?]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service;C:\Program Files\Zune\WMZuneComm.exe [2011-8-5 306400]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2011-10-17 89920]
S4 KR10I64;KR10I64;C:\Windows\system32\drivers\kr10i64.sys --> C:\Windows\system32\drivers\kr10i64.sys [?]
S4 KR10N64;KR10N64;C:\Windows\system32\drivers\kr10n64.sys --> C:\Windows\system32\drivers\kr10n64.sys [?]
.
=============== File Associations ===============
.
JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2012-05-22 00:00:59 -------- d-----w- C:\Windows\7AE5C77687424874B53B941190171E6D.TMP
2012-05-21 23:21:43 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2012-05-21 20:20:50 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared
2012-05-21 00:34:28 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
2012-05-21 00:32:35 -------- d-----w- C:\Windows\System32\drivers\AVG
2012-05-15 03:09:03 -------- d-----w- C:\Users\DI\AppData\Local\Secunia PSI (BETA)
2012-05-15 03:08:46 -------- d-----w- C:\Program Files (x86)\Secunia
2012-05-14 21:37:27 -------- d-sh--w- C:\Windows\SysWow64\AI_RecycleBin
2012-05-13 23:07:05 -------- d-----w- C:\7aba611563357b4421a651
2012-05-13 17:54:35 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-05-13 17:54:35 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-05-13 16:31:40 1423744 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-05-13 14:43:34 4699520 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-13 14:43:32 2766848 ----a-w- C:\Windows\System32\win32k.sys
2012-05-13 12:49:05 -------- d-----w- C:\Users\DI\AppData\Roaming\Malwarebytes
2012-05-13 12:48:59 -------- d-----w- C:\ProgramData\Malwarebytes
2012-05-13 12:48:59 -------- d-----w- C:\Malwarebytes' Anti-Malware
2012-05-12 09:26:13 -------- d-----w- C:\d7dab029906388acfc022f2ab0bad73d
2012-05-08 11:42:27 -------- d-----w- C:\Program Files\iPod
2012-05-08 11:42:25 -------- d-----w- C:\Program Files\iTunes
2012-05-08 11:42:25 -------- d-----w- C:\Program Files (x86)\iTunes
2012-05-03 01:58:31 78848 ----a-w- C:\Windows\System32\imagehlp.dll
2012-05-03 01:58:31 5632 ----a-w- C:\Windows\System32\wmi.dll
2012-05-03 01:58:31 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-05-03 01:58:31 219136 ----a-w- C:\Windows\System32\wintrust.dll
2012-05-03 01:58:31 172032 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-05-03 01:58:31 16384 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-05-03 01:58:31 157696 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-05-02 11:53:17 2409784 ----a-w- C:\Program Files\Windows Mail\OESpamFilter.dat
2012-05-02 11:53:17 2409784 ----a-w- C:\Program Files (x86)\Windows Mail\OESpamFilter.dat
2012-05-02 04:09:12 -------- d-----w- C:\Windows\Microsoft Antimalware
2012-05-02 04:09:08 -------- d-----w- C:\Windows\Windows Defender Offline
2012-05-02 01:12:25 -------- d-----w- C:\sh4ldr
2012-05-02 01:12:25 -------- d-----w- C:\Program Files\Enigma Software Group
2012-04-30 23:57:01 -------- d-----w- C:\Users\DI\AppData\Local\IAC
2012-04-30 20:13:47 -------- d-----w- C:\Program Files (x86)\AML Products
2012-04-30 19:25:07 -------- d-----w- C:\Users\DI\AppData\Local\DictionaryBoss
2012-04-30 19:14:20 -------- d-----w- C:\Program Files (x86)\DictionaryBoss
2012-04-30 12:24:52 -------- d-----w- C:\Program Files\Macrium(640)
2012-04-28 19:11:19 -------- d-----w- C:\Program Files (x86)\WormBlaster Software ™
2012-04-28 13:14:40 -------- d-----w- C:\Users\DI\AppData\Roaming\CompuClever
2012-04-27 23:28:34 -------- d-----w- C:\Program Files (x86)\Auslogics(41)
2012-04-26 20:31:32 57496 ----a-w- C:\Windows\System32\drivers\psmounter.sys
2012-04-26 20:31:32 13464 ----a-w- C:\Windows\System32\drivers\PSVolAcc.sys
.
==================== Find3M ====================
.
2012-05-22 16:29:05 15672 ----a-w- C:\Windows\System32\drivers\SWDUMon.sys
2012-05-06 12:18:44 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-05-06 12:18:43 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-06 12:18:38 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-04-19 10:50:26 28480 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2012-03-20 23:34:30 72576 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-03-19 11:17:26 383808 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2012-03-06 21:10:04 525792 ----a-w- C:\Windows\DIFxAPI.dll
2012-03-01 15:39:45 327680 ----a-w- C:\Windows\System32\d3d10_1core.dll
2012-03-01 15:39:45 196096 ----a-w- C:\Windows\System32\d3d10_1.dll
2012-03-01 14:46:01 219648 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2012-03-01 14:46:01 160768 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2012-02-29 14:40:31 2002944 ----a-w- C:\Windows\System32\d3d10warp.dll
2012-02-29 14:09:35 834048 ----a-w- C:\Windows\System32\d2d1.dll
2012-02-29 14:08:47 1172480 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2012-02-29 14:06:08 1556480 ----a-w- C:\Windows\System32\DWrite.dll
2012-02-29 13:44:50 683008 ----a-w- C:\Windows\SysWow64\d2d1.dll
2012-02-29 13:41:40 1069056 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll
2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll
2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 14:55:22.61 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 10/6/2011 12:22:45 PM
System Uptime: 5/22/2012 12:38:06 PM (2 hours ago)
.
Motherboard: TOSHIBA | | Portable PC
Processor: Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz | CPU | 1200/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 286 GiB total, 175.002 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e967-e325-11ce-bfc1-08002be10318}
Description: Disk drive
Device ID: RIXDPTSK\DISK&VEN_RICOH&PROD_XDSTORAGE&REV_1.00\XD0001
Manufacturer: (Standard disk drives)
Name: Ricoh xD-Picture Card Disk Device
PNP Device ID: RIXDPTSK\DISK&VEN_RICOH&PROD_XDSTORAGE&REV_1.00\XD0001
Service: disk
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
2007 Microsoft Office system
Adobe AIR
Adobe Reader X (10.1.3)
Adobe Shockwave Player 11.6
Apple Application Support
Apple Software Update
Auslogics Disk Defrag
AVG PC Tuneup
BufferChm
Camera Assistant Software for Toshiba
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CD/DVD Drive Acoustic Silencer
Content Transfer
Crystal Reports Basic for Visual Studio 2008
CustomerResearchQFolder
CyberLink PowerCinema for TOSHIBA
Destinations
DeviceManagementQFolder
dj6980
Download Updater (AOL LLC)
DVD MovieFactory for TOSHIBA
eSupportQFolder
FileHippo.com Update Checker
Hewlett-Packard ACLM.NET v1.1.0.0
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB971091)
Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB973674)
HP Photosmart Essential
HP Product Assistant
HP Product Detection
HP Update
HPProductAssistant
iExplorer 2.2.1.3
iLivid
IncrediMail
IncrediMail 2.0
Java Auto Updater
Java(TM) 7 Update 3
JavaFX 2.0.3
Legacy 7.5
Lexmark 7300 Series
LG USB Modem driver
LP6980_Help
LP6980Trb
Malwarebytes Anti-Malware version 1.61.0.1400
MarketResearch
Microsoft .NET Compact Framework 2.0 SP2
Microsoft .NET Compact Framework 3.5
Microsoft Document Explorer 2008
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Hybrid 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
Microsoft Office Suite Activation Assistant
Microsoft Office Visio 2007 Service Pack 3 (SP3)
Microsoft Office Visio MUI (English) 2007
Microsoft Office Visio Professional 2007
Microsoft Office Visual Web Developer 2007
Microsoft Office Visual Web Developer MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
Microsoft SQL Server 2005 Tools Express Edition
Microsoft SQL Server Compact 3.5 Design Tools ENU
Microsoft SQL Server Compact 3.5 ENU
Microsoft SQL Server Compact 3.5 for Devices ENU
Microsoft SQL Server Database Publishing Wizard 1.2
Microsoft SQL Server Setup Support Files (English)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft Visual Studio 2008 Professional Edition - ENU
Microsoft Visual Studio Web Authoring Component
Microsoft XML Parser
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Photo Notifier and Animation Creator
Protection Center
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek 8169 8168 8101E 8102E Ethernet Driver
RealUpgrade 1.1
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.02
Secunia PSI (3.0.0.0006)
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Security Update for Windows Media Encoder (KB2447961)
SF_CDB_ProductContext
SF_CDB_Software
Skins
Skype Click to Call
Skype™ 5.8
SlimDrivers
SolutionCenter
Spybot - Search & Destroy
SpywareBlaster 4.6
Status
Stellarium 0.11.1
Toolbox
Toshiba Assist
TOSHIBA ConfigFree
TOSHIBA Desktop Links
TOSHIBA DVD PLAYER
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Face Recognition
TOSHIBA Hardware Setup
TOSHIBA PowerCinema Helper
Toshiba Registration
TOSHIBA Service Station
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
TrayApp
Unity Web Player
UnloadSupport
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2598290) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Visio 2007 Help (KB963666)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB972221)
Update Installer for WildTangent Games App
VC Runtimes MSI
Visual Studio 2005 Tools for Office Second Edition Runtime
Visual Studio 2008 x64 Redistributables
Visual Studio Tools for the Office system 3.0 Runtime
WebReg
Webshots Desktop
WildTangent Games App (Toshiba Games)
Winamp
Winamp Detector Plug-in
Windows Media Encoder 9 Series
Windows Mobile 5.0 SDK R2 for Pocket PC
Windows Mobile 5.0 SDK R2 for Smartphone
Yahoo! Software Update
.
==== Event Viewer Messages From Past Week ========
.
5/22/2012 9:56:07 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the TOSHIBA Navi Support Service service to connect.
5/22/2012 9:56:07 AM, Error: Service Control Manager [7000] - The TOSHIBA Navi Support Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/22/2012 10:28:27 AM, Error: EventLog [6008] - The previous system shutdown at 10:25:57 AM on 5/22/2012 was unexpected.
5/22/2012 10:10:55 AM, Error: EventLog [6008] - The previous system shutdown at 10:07:02 AM on 5/22/2012 was unexpected.
5/21/2012 6:01:28 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
5/21/2012 5:55:07 PM, Error: EventLog [6008] - The previous system shutdown at 5:50:03 PM on 5/21/2012 was unexpected.
5/21/2012 5:44:33 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Avgldx64 Avgmfx64 Avgtdia DfsC NetBIOS netbt nsiproxy PSched RasAcd rdbss Smb spldr tdx Wanarpv6
5/21/2012 5:44:33 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
5/21/2012 5:44:33 PM, Error: Service Control Manager [7001] - The WebDav Client Redirector Driver service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
5/21/2012 5:44:33 PM, Error: Service Control Manager [7001] - The WebClient service depends on the WebDav Client Redirector Driver service which failed to start because of the following error: The dependency service or group failed to start.
5/21/2012 5:44:33 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
5/21/2012 5:44:33 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
5/21/2012 5:44:33 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
5/21/2012 5:44:33 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
5/21/2012 5:44:33 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service service which failed to start because of the following error: A device attached to the system is not functioning.
5/21/2012 5:44:33 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
5/21/2012 5:44:33 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
5/21/2012 5:44:33 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
5/21/2012 5:44:33 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
5/21/2012 5:44:33 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
5/21/2012 5:44:33 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
5/21/2012 5:44:21 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
5/21/2012 5:43:47 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
5/21/2012 5:43:47 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
5/21/2012 5:43:47 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
5/21/2012 5:43:41 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
5/21/2012 5:43:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
5/21/2012 5:43:25 PM, Error: EventLog [6008] - The previous system shutdown at 5:34:57 PM on 5/21/2012 was unexpected.
5/21/2012 5:20:37 PM, Error: Service Control Manager [7034] - The hpqcxs08 service terminated unexpectedly. It has done this 1 time(s).
5/21/2012 5:20:37 PM, Error: Service Control Manager [7034] - The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 1 time(s).
5/21/2012 3:01:51 PM, Error: EventLog [6008] - The previous system shutdown at 2:23:38 PM on 5/21/2012 was unexpected.
5/21/2012 1:06:26 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.
5/20/2012 6:49:10 PM, Error: EventLog [6008] - The previous system shutdown at 6:42:50 PM on 5/20/2012 was unexpected.
5/20/2012 5:11:01 PM, Error: Microsoft-Windows-Dhcp-Client [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 0022FAA9642C. The following error occurred: The wait operation timed out.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
5/15/2012 6:10:04 PM, Error: Microsoft-Windows-Service Pack Installer [8] - Service Pack installation failed with error code 0x800f0a03.
5/15/2012 4:56:52 AM, Error: EventLog [6008] - The previous system shutdown at 9:39:38 PM on 5/14/2012 was unexpected.
5/15/2012 3:02:29 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Skype Updater service to connect.
5/15/2012 3:02:29 PM, Error: Service Control Manager [7000] - The Skype Updater service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
 
Download Bootkit Remover to your desktop.

  • Unzip downloaded file to your Desktop.
  • Double-click on boot_cleaner.exe to run the program (Vista/7 users,right click on boot_cleaner.exe and click Run As Administrator).
  • It will show a Black screen with some data on it.
  • Right click on the screen and click Select All.
  • Press CTRL+C
  • Open a Notepad and press CTRL+V
  • Post the output back here.

=======================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.
 
I downloaded Bootkit Remover to my desktop and posted the output as you stated what did I not do right? As I thought I was going but your instruction. I'm sorry if I miss something. I will wait for your replay.
 
You posted Attach.txt part of DDS not Bootkit Remover log.
Re-read my instructions.
 
aswMbr was scanning and "avast! Antirootkit has stopped working" A problem caused the program to stop working correctly. Windows will close the program and notify you if a solution is acailable.
I will wait for your instructions
 
sorry I will re-try again also I still have this message with the aswMBr were is stopped scanning at C;\Users\DI\Documents\AUI\Data Applications\ITP400_IP1_Di
 
I hope this is right!!
Bootkit Remover
(c) 2009 Esage Lab
www.esagelab.com
Program version: 1.2.0.1
OS Version: Microsoft Windows Vista Home Premium Edition Service Pack 2 (build 6
002), 64-bit
System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`5dd00000
Boot sector MD5 is: 0ec6b2481fc707d1e901dc2a875f2826
Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 OK (DOS/Win32 Boot code found)

Done;
Press any key to quit...
 
ListParts by Farbar Version: 12-03-2012 03
Ran by DI (administrator) on 22-05-2012 at 18:03:14
Windows Vista (X64)
Running From: C:\Users\DI\Desktop
Language: 0409
************************************************************
========================= Memory info ======================
Percentage of memory in use: 54%
Total physical RAM: 4093.06 MB
Available physical RAM: 1857.51 MB
Total Pagefile: 8373.39 MB
Available Pagefile: 5652.62 MB
Total Virtual: 4095.88 MB
Available Virtual: 4012.15 MB
======================= Partitions =========================
1 Drive c: (SQ004830V03) (Fixed) (Total:286.12 GB) (Free:174.87 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Disk ### Status Size Free Dyn Gpt
-------- ---------- ------- ------- --- ---
Disk 0 Online 298 GB 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 1500 MB 1024 KB
Partition 2 Primary 286 GB 1501 MB
Partition 3 Primary 11 GB 288 GB
======================================================================================================
Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: No
There is no volume associated with this partition.
======================================================================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C SQ004830V03 NTFS Partition 286 GB Healthy System (partition with boot components)
======================================================================================================
Disk: 0
Partition 3
Type : 17 (Suspicious Type)
Hidden: Yes
Active: No
There is no volume associated with this partition.
======================================================================================================
****** End Of Log ******


ListParts by Farbar Version: 12-03-2012 03
Ran by DI (administrator) on 22-05-2012 at 18:00:40
Windows Vista (X64)
Running From: C:\Users\DI\Desktop
Language: 0409
************************************************************
========================= Memory info ======================
Percentage of memory in use: 55%
Total physical RAM: 4093.06 MB
Available physical RAM: 1823.4 MB
Total Pagefile: 8373.39 MB
Available Pagefile: 5629.84 MB
Total Virtual: 4095.88 MB
Available Virtual: 4012.15 MB
======================= Partitions =========================
1 Drive c: (SQ004830V03) (Fixed) (Total:286.12 GB) (Free:174.87 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Disk ### Status Size Free Dyn Gpt
-------- ---------- ------- ------- --- ---
Disk 0 Online 298 GB 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 1500 MB 1024 KB
Partition 2 Primary 286 GB 1501 MB
Partition 3 Primary 11 GB 288 GB
======================================================================================================
Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: No
There is no volume associated with this partition.
======================================================================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C SQ004830V03 NTFS Partition 286 GB Healthy System (partition with boot components)
======================================================================================================
Disk: 0
Partition 3
Type : 17 (Suspicious Type)
Hidden: Yes
Active: No
There is no volume associated with this partition.
======================================================================================================
****** End Of Log ******
 
Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
 
9:16:42.0488 4048 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
19:16:43.0939 4048 ============================================================
19:16:43.0939 4048 Current date / time: 2012/05/22 19:16:43.0939
19:16:43.0939 4048 SystemInfo:
19:16:43.0939 4048
19:16:43.0939 4048 OS Version: 6.0.6002 ServicePack: 2.0
19:16:43.0939 4048 Product type: Workstation
19:16:43.0939 4048 ComputerName: DI-PC
19:16:43.0939 4048 UserName: DI
19:16:43.0939 4048 Windows directory: C:\Windows
19:16:43.0939 4048 System windows directory: C:\Windows
19:16:43.0939 4048 Running under WOW64
19:16:43.0939 4048 Processor architecture: Intel x64
19:16:43.0939 4048 Number of processors: 2
19:16:43.0939 4048 Page size: 0x1000
19:16:43.0939 4048 Boot type: Normal boot
19:16:43.0939 4048 ============================================================
19:16:44.0688 4048 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:16:44.0719 4048 ============================================================
19:16:44.0719 4048 \Device\Harddisk0\DR0:
19:16:44.0734 4048 MBR partitions:
19:16:44.0734 4048 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x23C3D800
19:16:44.0734 4048 ============================================================
19:16:44.0797 4048 C: <-> \Device\Harddisk0\DR0\Partition0
19:16:44.0797 4048 ============================================================
19:16:44.0797 4048 Initialize success
19:16:44.0797 4048 ============================================================
19:16:49.0867 5868 ============================================================
19:16:49.0867 5868 Scan started
19:16:49.0867 5868 Mode: Manual;
19:16:49.0867 5868 ============================================================
19:16:51.0115 5868 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
19:16:51.0130 5868 ACPI - ok
19:16:51.0286 5868 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:16:51.0286 5868 AdobeARMservice - ok
19:16:51.0505 5868 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:16:51.0520 5868 AdobeFlashPlayerUpdateSvc - ok
19:16:51.0645 5868 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
19:16:51.0645 5868 adp94xx - ok
19:16:51.0708 5868 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
19:16:51.0708 5868 adpahci - ok
19:16:51.0754 5868 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
19:16:51.0754 5868 adpu160m - ok
19:16:51.0801 5868 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
19:16:51.0801 5868 adpu320 - ok
19:16:51.0879 5868 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll
19:16:51.0895 5868 AeLookupSvc - ok
19:16:51.0988 5868 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
19:16:52.0004 5868 AFD - ok
19:16:52.0113 5868 AGCoreService (ead9c3ab25a3159abd7b05dcac607a61) C:\Program Files (x86)\AGI\core\4.2.0.10754\AGCoreService.exe
19:16:52.0113 5868 AGCoreService - ok
19:16:52.0176 5868 AgereModemAudio (8fe65709982f2cb7d291f6c9b2c60805) C:\Windows\system32\agr64svc.exe
19:16:52.0176 5868 AgereModemAudio - ok
19:16:52.0394 5868 AgereSoftModem (55fcdb10e31c22eb67454aaef42b6725) C:\Windows\system32\DRIVERS\agrsm64.sys
19:16:52.0456 5868 AgereSoftModem - ok
19:16:52.0534 5868 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
19:16:52.0534 5868 agp440 - ok
19:16:52.0566 5868 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
19:16:52.0566 5868 aic78xx - ok
19:16:52.0612 5868 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe
19:16:52.0612 5868 ALG - ok
19:16:52.0675 5868 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
19:16:52.0675 5868 aliide - ok
19:16:52.0768 5868 AMD External Events Utility (9a5495edebe7d6b3f7e9a86ebe5ea248) C:\Windows\system32\atiesrxx.exe
19:16:52.0768 5868 AMD External Events Utility - ok
19:16:52.0831 5868 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
19:16:52.0831 5868 amdide - ok
19:16:52.0878 5868 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
19:16:52.0878 5868 AmdK8 - ok
19:16:52.0956 5868 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll
19:16:52.0956 5868 Appinfo - ok
19:16:53.0096 5868 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:16:53.0096 5868 Apple Mobile Device - ok
19:16:53.0127 5868 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
19:16:53.0127 5868 arc - ok
19:16:53.0174 5868 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
19:16:53.0190 5868 arcsas - ok
19:16:53.0330 5868 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:16:53.0330 5868 aspnet_state - ok
19:16:53.0377 5868 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
19:16:53.0377 5868 AsyncMac - ok
19:16:53.0424 5868 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
19:16:53.0424 5868 atapi - ok
19:16:54.0079 5868 atikmdag (a08339ae90972e268b9622c668f450e8) C:\Windows\system32\DRIVERS\atikmdag.sys
19:16:54.0235 5868 atikmdag - ok
19:16:54.0453 5868 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
19:16:54.0453 5868 AudioEndpointBuilder - ok
19:16:54.0469 5868 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
19:16:54.0469 5868 AudioSrv - ok
19:16:55.0062 5868 AVGIDSAgent (ba60fd7a64b9759a14c0fba4a9ed4c7b) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
19:16:55.0186 5868 AVGIDSAgent - ok
19:16:55.0405 5868 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys
19:16:55.0405 5868 AVGIDSDriver - ok
19:16:55.0420 5868 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys
19:16:55.0420 5868 AVGIDSFilter - ok
19:16:55.0436 5868 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys
19:16:55.0436 5868 AVGIDSHA - ok
19:16:55.0498 5868 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys
19:16:55.0498 5868 Avgldx64 - ok
19:16:55.0561 5868 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys
19:16:55.0561 5868 Avgmfx64 - ok
19:16:55.0608 5868 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys
19:16:55.0623 5868 Avgrkx64 - ok
19:16:55.0670 5868 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys
19:16:55.0686 5868 Avgtdia - ok
19:16:55.0795 5868 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
19:16:55.0795 5868 avgwd - ok
19:16:55.0873 5868 BFE (ffb96c2589ffa60473ead78b39fbde29) C:\Windows\System32\bfe.dll
19:16:55.0873 5868 BFE - ok
19:16:56.0044 5868 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\System32\qmgr.dll
19:16:56.0060 5868 BITS - ok
19:16:56.0122 5868 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
19:16:56.0122 5868 blbdrive - ok
19:16:56.0232 5868 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
19:16:56.0247 5868 Bonjour Service - ok
19:16:56.0278 5868 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
19:16:56.0294 5868 bowser - ok
19:16:56.0341 5868 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
19:16:56.0356 5868 BrFiltLo - ok
19:16:56.0356 5868 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
19:16:56.0372 5868 BrFiltUp - ok
19:16:56.0434 5868 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll
19:16:56.0434 5868 Browser - ok
19:16:56.0481 5868 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
19:16:56.0481 5868 Brserid - ok
19:16:56.0528 5868 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
19:16:56.0528 5868 BrSerWdm - ok
19:16:56.0559 5868 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
19:16:56.0559 5868 BrUsbMdm - ok
19:16:56.0575 5868 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
19:16:56.0575 5868 BrUsbSer - ok
19:16:56.0637 5868 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
19:16:56.0637 5868 BTHMODEM - ok
19:16:56.0700 5868 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
19:16:56.0700 5868 cdfs - ok
19:16:56.0762 5868 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
19:16:56.0762 5868 cdrom - ok
19:16:56.0824 5868 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
19:16:56.0824 5868 CertPropSvc - ok
19:16:56.0871 5868 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
19:16:56.0871 5868 circlass - ok
19:16:56.0934 5868 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
19:16:56.0934 5868 CLFS - ok
19:16:57.0074 5868 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:16:57.0090 5868 clr_optimization_v2.0.50727_32 - ok
19:16:57.0121 5868 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:16:57.0136 5868 clr_optimization_v2.0.50727_64 - ok
19:16:57.0246 5868 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:16:57.0246 5868 clr_optimization_v4.0.30319_32 - ok
19:16:57.0292 5868 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:16:57.0308 5868 clr_optimization_v4.0.30319_64 - ok
19:16:57.0370 5868 CmBatt (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys
19:16:57.0370 5868 CmBatt - ok
19:16:57.0386 5868 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
19:16:57.0386 5868 cmdide - ok
19:16:57.0417 5868 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys
19:16:57.0417 5868 Compbatt - ok
19:16:57.0417 5868 COMSysApp - ok
19:16:57.0526 5868 ConfigFree Gadget Service (b9d3d216c66e0cd37478f5e5778aa35b) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
19:16:57.0526 5868 ConfigFree Gadget Service - ok
19:16:57.0542 5868 ConfigFree Service (c508b28b9da7563634a2a2b2eef4395d) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
19:16:57.0542 5868 ConfigFree Service - ok
19:16:57.0573 5868 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
19:16:57.0573 5868 crcdisk - ok
19:16:57.0651 5868 CryptSvc (18918613e63f387cde4d95ca7d49dcf7) C:\Windows\system32\cryptsvc.dll
19:16:57.0651 5868 CryptSvc - ok
19:16:57.0776 5868 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
19:16:57.0792 5868 DcomLaunch - ok
19:16:57.0838 5868 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
19:16:57.0838 5868 DfsC - ok
19:16:58.0306 5868 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe
19:16:58.0384 5868 DFSR - ok
19:16:58.0650 5868 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll
19:16:58.0650 5868 Dhcp - ok
19:16:58.0728 5868 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
19:16:58.0728 5868 disk - ok
19:16:58.0790 5868 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll
19:16:58.0790 5868 Dnscache - ok
19:16:58.0837 5868 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll
19:16:58.0837 5868 dot3svc - ok
19:16:58.0946 5868 Dot4 (74c02b1717740c3b8039539e23e4b53f) C:\Windows\system32\DRIVERS\Dot4.sys
19:16:58.0946 5868 Dot4 - ok
19:16:58.0993 5868 Dot4Print (08321d1860235bf42cf2854234337aea) C:\Windows\system32\DRIVERS\Dot4Prt.sys
19:16:58.0993 5868 Dot4Print - ok
19:16:59.0024 5868 dot4usb (4adccf0124f2b6911d3786a5d0e779e5) C:\Windows\system32\DRIVERS\dot4usb.sys
19:16:59.0040 5868 dot4usb - ok
19:16:59.0102 5868 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll
19:16:59.0118 5868 DPS - ok
19:16:59.0164 5868 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
19:16:59.0164 5868 drmkaud - ok
19:16:59.0274 5868 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
19:16:59.0289 5868 DXGKrnl - ok
19:16:59.0352 5868 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
19:16:59.0352 5868 E1G60 - ok
19:16:59.0398 5868 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll
19:16:59.0398 5868 EapHost - ok
19:16:59.0445 5868 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
19:16:59.0445 5868 Ecache - ok
19:16:59.0554 5868 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe
19:16:59.0570 5868 ehRecvr - ok
19:16:59.0586 5868 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe
19:16:59.0586 5868 ehSched - ok
19:16:59.0648 5868 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll
19:16:59.0648 5868 ehstart - ok
19:16:59.0726 5868 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
19:16:59.0742 5868 elxstor - ok
19:16:59.0804 5868 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll
19:16:59.0804 5868 EMDMgmt - ok
19:16:59.0851 5868 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
19:16:59.0851 5868 ErrDev - ok
19:16:59.0960 5868 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll
19:16:59.0960 5868 EventSystem - ok
19:17:00.0397 5868 EvtEng (7cd2f2c63693ef90b73f5362a52cae26) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
19:17:00.0444 5868 EvtEng - ok
19:17:00.0693 5868 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
19:17:00.0709 5868 exfat - ok
19:17:00.0787 5868 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
19:17:00.0802 5868 fastfat - ok
19:17:00.0896 5868 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
19:17:00.0896 5868 fdc - ok
19:17:00.0943 5868 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll
19:17:00.0943 5868 fdPHost - ok
19:17:00.0958 5868 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll
19:17:00.0974 5868 FDResPub - ok
19:17:01.0021 5868 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
19:17:01.0021 5868 FileInfo - ok
19:17:01.0052 5868 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
19:17:01.0052 5868 Filetrace - ok
19:17:01.0083 5868 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
19:17:01.0083 5868 flpydisk - ok
19:17:01.0130 5868 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
19:17:01.0130 5868 FltMgr - ok
19:17:01.0395 5868 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll
19:17:01.0442 5868 FontCache - ok
19:17:01.0551 5868 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:17:01.0567 5868 FontCache3.0.0.0 - ok
19:17:01.0660 5868 Fs_Rec (5779b86cd8b32519fbecb136394d946a) C:\Windows\system32\drivers\Fs_Rec.sys
19:17:01.0660 5868 Fs_Rec - ok
19:17:01.0723 5868 FwLnk (6d06b5eebba23c16789efc820ee1f253) C:\Windows\system32\DRIVERS\FwLnk.sys
19:17:01.0754 5868 FwLnk - ok
19:17:01.0785 5868 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
19:17:01.0785 5868 gagp30kx - ok
19:17:01.0941 5868 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
19:17:01.0957 5868 GamesAppService - ok
19:17:02.0004 5868 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:17:02.0035 5868 GEARAspiWDM - ok
19:17:02.0160 5868 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll
19:17:02.0175 5868 gpsvc - ok
19:17:02.0284 5868 HdAudAddService (68e732382b32417ff61fd663259b4b09) C:\Windows\system32\drivers\HdAudio.sys
19:17:02.0300 5868 HdAudAddService - ok
19:17:02.0394 5868 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:17:02.0409 5868 HDAudBus - ok
19:17:02.0440 5868 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
19:17:02.0440 5868 HidBth - ok
19:17:02.0503 5868 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
19:17:02.0503 5868 HidIr - ok
19:17:02.0550 5868 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\system32\hidserv.dll
19:17:02.0550 5868 hidserv - ok
19:17:02.0581 5868 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
19:17:02.0581 5868 HidUsb - ok
19:17:02.0643 5868 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll
19:17:02.0643 5868 hkmsvc - ok
19:17:02.0706 5868 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
19:17:02.0721 5868 HpCISSs - ok
19:17:02.0877 5868 hpqcxs08 (fcb563b0a23643e5f80b6ff1e60f610f) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
19:17:02.0893 5868 hpqcxs08 - ok
19:17:02.0908 5868 hpqddsvc (25e443e27165c652723a92d9bdfd4649) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
19:17:02.0908 5868 hpqddsvc - ok
19:17:03.0018 5868 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
19:17:03.0033 5868 HTTP - ok
19:17:03.0064 5868 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
19:17:03.0064 5868 i2omp - ok
19:17:03.0111 5868 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
19:17:03.0127 5868 i8042prt - ok
19:17:03.0205 5868 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
19:17:03.0205 5868 iaStor - ok
19:17:03.0252 5868 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
19:17:03.0252 5868 iaStorV - ok
19:17:03.0392 5868 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
19:17:03.0408 5868 IDriverT - ok
19:17:03.0610 5868 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:17:03.0626 5868 idsvc - ok
19:17:03.0766 5868 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
19:17:03.0766 5868 iirsp - ok
19:17:03.0844 5868 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll
19:17:03.0860 5868 IKEEXT - ok
19:17:03.0891 5868 IntcAzAudAddService - ok
19:17:03.0922 5868 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
19:17:03.0922 5868 intelide - ok
19:17:03.0954 5868 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
19:17:03.0954 5868 intelppm - ok
19:17:04.0016 5868 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll
19:17:04.0016 5868 IPBusEnum - ok
19:17:04.0047 5868 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:17:04.0063 5868 IpFilterDriver - ok
19:17:04.0110 5868 iphlpsvc (bf0dbfa9792c5c14fa00f61c75116c1b) C:\Windows\System32\iphlpsvc.dll
19:17:04.0125 5868 iphlpsvc - ok
19:17:04.0125 5868 IpInIp - ok
19:17:04.0172 5868 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
19:17:04.0172 5868 IPMIDRV - ok
19:17:04.0172 5868 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
19:17:04.0188 5868 IPNAT - ok
19:17:04.0359 5868 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
19:17:04.0375 5868 iPod Service - ok
19:17:04.0390 5868 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
19:17:04.0390 5868 IRENUM - ok
19:17:04.0453 5868 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
19:17:04.0453 5868 isapnp - ok
19:17:04.0515 5868 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
19:17:04.0515 5868 iScsiPrt - ok
19:17:04.0531 5868 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
19:17:04.0546 5868 iteatapi - ok
19:17:04.0562 5868 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
19:17:04.0562 5868 iteraid - ok
19:17:04.0593 5868 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
19:17:04.0593 5868 kbdclass - ok
19:17:04.0609 5868 kbdhid (bf8783a5066cfecf45095459e8010fa7) C:\Windows\system32\DRIVERS\kbdhid.sys
19:17:04.0609 5868 kbdhid - ok
19:17:04.0656 5868 KeyIso (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
19:17:04.0656 5868 KeyIso - ok
19:17:04.0687 5868 KR10I64 (7c999f96b239e214154db3c808e6736a) C:\Windows\system32\drivers\kr10i64.sys
19:17:04.0702 5868 KR10I64 - ok
19:17:04.0734 5868 KR10N64 (8cb9a9164d4e789424f943fa718fa3f2) C:\Windows\system32\drivers\kr10n64.sys
19:17:04.0734 5868 KR10N64 - ok
19:17:04.0812 5868 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys
19:17:04.0827 5868 KSecDD - ok
19:17:04.0858 5868 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
19:17:04.0858 5868 ksthunk - ok
19:17:04.0936 5868 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll
19:17:04.0952 5868 KtmRm - ok
19:17:05.0014 5868 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\system32\srvsvc.dll
19:17:05.0014 5868 LanmanServer - ok
19:17:05.0092 5868 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll
19:17:05.0108 5868 LanmanWorkstation - ok
19:17:05.0124 5868 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
19:17:05.0124 5868 lltdio - ok
19:17:05.0170 5868 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll
19:17:05.0186 5868 lltdsvc - ok
19:17:05.0202 5868 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll
19:17:05.0202 5868 lmhosts - ok
19:17:05.0248 5868 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
19:17:05.0248 5868 LSI_FC - ok
19:17:05.0295 5868 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
19:17:05.0295 5868 LSI_SAS - ok
19:17:05.0311 5868 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
19:17:05.0311 5868 LSI_SCSI - ok
19:17:05.0326 5868 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
19:17:05.0342 5868 luafv - ok
19:17:05.0389 5868 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
19:17:05.0389 5868 MBAMProtector - ok
19:17:05.0514 5868 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-
 
19:17:05.0514 5868 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:17:05.0514 5868 MBAMService - ok
19:17:05.0560 5868 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll
19:17:05.0560 5868 Mcx2Svc - ok
19:17:05.0623 5868 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
19:17:05.0638 5868 megasas - ok
19:17:05.0716 5868 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
19:17:05.0732 5868 MegaSR - ok
19:17:05.0763 5868 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
19:17:05.0763 5868 MMCSS - ok
19:17:05.0779 5868 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
19:17:05.0779 5868 Modem - ok
19:17:05.0826 5868 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
19:17:05.0826 5868 monitor - ok
19:17:05.0841 5868 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
19:17:05.0841 5868 mouclass - ok
19:17:05.0888 5868 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
19:17:05.0888 5868 mouhid - ok
19:17:05.0919 5868 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
19:17:05.0919 5868 MountMgr - ok
19:17:05.0966 5868 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
19:17:05.0982 5868 mpio - ok
19:17:06.0013 5868 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
19:17:06.0013 5868 mpsdrv - ok
19:17:06.0106 5868 MpsSvc (897e3baf68ba406a61682ae39c83900c) C:\Windows\system32\mpssvc.dll
19:17:06.0122 5868 MpsSvc - ok
19:17:06.0138 5868 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
19:17:06.0138 5868 Mraid35x - ok
19:17:06.0184 5868 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
19:17:06.0184 5868 MRxDAV - ok
19:17:06.0247 5868 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:17:06.0247 5868 mrxsmb - ok
19:17:06.0278 5868 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:17:06.0294 5868 mrxsmb10 - ok
19:17:06.0294 5868 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:17:06.0309 5868 mrxsmb20 - ok
19:17:06.0325 5868 msahci (730b784962d22d2c6481eae2370e7c8c) C:\Windows\system32\drivers\msahci.sys
19:17:06.0325 5868 msahci - ok
19:17:06.0356 5868 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
19:17:06.0372 5868 msdsm - ok
19:17:06.0418 5868 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe
19:17:06.0418 5868 MSDTC - ok
19:17:06.0450 5868 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
19:17:06.0450 5868 Msfs - ok
19:17:06.0512 5868 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
19:17:06.0512 5868 msisadrv - ok
19:17:06.0559 5868 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll
19:17:06.0559 5868 MSiSCSI - ok
19:17:06.0559 5868 msiserver - ok
19:17:06.0606 5868 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
19:17:06.0606 5868 MSKSSRV - ok
19:17:06.0637 5868 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
19:17:06.0637 5868 MSPCLOCK - ok
19:17:06.0637 5868 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
19:17:06.0637 5868 MSPQM - ok
19:17:06.0715 5868 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
19:17:06.0715 5868 MsRPC - ok
19:17:06.0730 5868 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
19:17:06.0746 5868 mssmbios - ok
19:17:06.0840 5868 MSSQL$SQLEXPRESS - ok
19:17:06.0855 5868 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
19:17:06.0855 5868 MSSQLServerADHelper - ok
19:17:06.0886 5868 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
19:17:06.0886 5868 MSTEE - ok
19:17:07.0417 5868 msvsmon90 (0f4dd44765a7d23e0cd9965ee900558f) C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe
19:17:07.0510 5868 msvsmon90 - ok
19:17:07.0729 5868 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
19:17:07.0729 5868 Mup - ok
19:17:07.0791 5868 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll
19:17:07.0807 5868 napagent - ok
19:17:07.0869 5868 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
19:17:07.0885 5868 NativeWifiP - ok
19:17:08.0041 5868 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
19:17:08.0056 5868 NDIS - ok
19:17:08.0103 5868 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
19:17:08.0103 5868 NdisTapi - ok
19:17:08.0150 5868 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
19:17:08.0166 5868 Ndisuio - ok
19:17:08.0228 5868 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
19:17:08.0228 5868 NdisWan - ok
19:17:08.0259 5868 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
19:17:08.0275 5868 NDProxy - ok
19:17:08.0337 5868 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
19:17:08.0353 5868 Net Driver HPZ12 - ok
19:17:08.0384 5868 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
19:17:08.0400 5868 NetBIOS - ok
19:17:08.0462 5868 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
19:17:08.0478 5868 netbt - ok
19:17:08.0493 5868 Netlogon (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
19:17:08.0509 5868 Netlogon - ok
19:17:08.0556 5868 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll
19:17:08.0571 5868 Netman - ok
19:17:08.0696 5868 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:17:08.0696 5868 NetMsmqActivator - ok
19:17:08.0712 5868 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:17:08.0712 5868 NetPipeActivator - ok
19:17:08.0758 5868 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll
19:17:08.0774 5868 netprofm - ok
19:17:08.0774 5868 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:17:08.0774 5868 NetTcpActivator - ok
19:17:08.0790 5868 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:17:08.0790 5868 NetTcpPortSharing - ok
19:17:09.0351 5868 NETw5v64 (263796d4f50df61c0c7ca86f746b5767) C:\Windows\system32\DRIVERS\NETw5v64.sys
19:17:09.0507 5868 NETw5v64 - ok
19:17:09.0679 5868 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
19:17:09.0679 5868 nfrd960 - ok
19:17:09.0741 5868 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll
19:17:09.0741 5868 NlaSvc - ok
19:17:09.0788 5868 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
19:17:09.0788 5868 Npfs - ok
19:17:09.0804 5868 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll
19:17:09.0804 5868 nsi - ok
19:17:09.0819 5868 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
19:17:09.0819 5868 nsiproxy - ok
19:17:09.0991 5868 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
19:17:10.0022 5868 Ntfs - ok
19:17:10.0194 5868 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
19:17:10.0209 5868 Null - ok
19:17:10.0240 5868 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
19:17:10.0240 5868 nvraid - ok
19:17:10.0256 5868 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
19:17:10.0256 5868 nvstor - ok
19:17:10.0287 5868 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
19:17:10.0287 5868 nv_agp - ok
19:17:10.0287 5868 NwlnkFlt - ok
19:17:10.0303 5868 NwlnkFwd - ok
19:17:10.0474 5868 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:17:10.0474 5868 odserv - ok
19:17:10.0537 5868 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
19:17:10.0552 5868 ohci1394 - ok
19:17:10.0615 5868 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:17:10.0630 5868 ose - ok
19:17:10.0755 5868 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
19:17:10.0771 5868 p2pimsvc - ok
19:17:10.0786 5868 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
19:17:10.0802 5868 p2psvc - ok
19:17:10.0849 5868 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
19:17:10.0849 5868 Parport - ok
19:17:10.0880 5868 partmgr (b43751085e2abe389da466bc62a4b987) C:\Windows\system32\drivers\partmgr.sys
19:17:10.0880 5868 partmgr - ok
19:17:10.0927 5868 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll
19:17:10.0927 5868 PcaSvc - ok
19:17:10.0974 5868 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
19:17:10.0974 5868 pci - ok
19:17:11.0005 5868 pciide (8d618c829034479985a9ed56106cc732) C:\Windows\system32\DRIVERS\pciide.sys
19:17:11.0020 5868 pciide - ok
19:17:11.0067 5868 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
19:17:11.0083 5868 pcmcia - ok
19:17:11.0161 5868 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
19:17:11.0176 5868 PEAUTH - ok
19:17:11.0254 5868 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe
19:17:11.0270 5868 PerfHost - ok
19:17:11.0457 5868 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll
19:17:11.0488 5868 pla - ok
19:17:11.0551 5868 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll
19:17:11.0551 5868 PlugPlay - ok
19:17:11.0613 5868 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
19:17:11.0613 5868 Pml Driver HPZ12 - ok
19:17:11.0769 5868 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
19:17:11.0785 5868 PNRPAutoReg - ok
19:17:11.0785 5868 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
19:17:11.0800 5868 PNRPsvc - ok
19:17:11.0878 5868 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll
19:17:11.0894 5868 PolicyAgent - ok
19:17:11.0972 5868 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
19:17:11.0972 5868 PptpMiniport - ok
19:17:12.0019 5868 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
19:17:12.0019 5868 Processor - ok
19:17:12.0066 5868 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll
19:17:12.0066 5868 ProfSvc - ok
19:17:12.0112 5868 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
19:17:12.0112 5868 ProtectedStorage - ok
19:17:12.0159 5868 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
19:17:12.0159 5868 PSched - ok
19:17:12.0222 5868 PSI (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys
19:17:12.0222 5868 PSI - ok
19:17:12.0268 5868 PSMounter (0d05974c497cd7ed3eae687fcd23def4) C:\Windows\system32\drivers\psmounter.sys
19:17:12.0268 5868 PSMounter - ok
19:17:12.0409 5868 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
19:17:12.0424 5868 ql2300 - ok
19:17:12.0471 5868 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
19:17:12.0471 5868 ql40xx - ok
19:17:12.0534 5868 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll
 
19:17:12.0534 5868 QWAVE - ok
19:17:12.0549 5868 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
19:17:12.0549 5868 QWAVEdrv - ok
19:17:12.0596 5868 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
19:17:12.0596 5868 RasAcd - ok
19:17:12.0658 5868 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll
19:17:12.0658 5868 RasAuto - ok
19:17:12.0705 5868 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:17:12.0705 5868 Rasl2tp - ok
19:17:12.0768 5868 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll
19:17:12.0783 5868 RasMan - ok
19:17:12.0814 5868 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
19:17:12.0814 5868 RasPppoe - ok
19:17:12.0861 5868 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
19:17:12.0861 5868 RasSstp - ok
19:17:12.0924 5868 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
19:17:12.0924 5868 rdbss - ok
19:17:12.0955 5868 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:17:12.0955 5868 RDPCDD - ok
19:17:13.0002 5868 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
19:17:13.0017 5868 rdpdr - ok
19:17:13.0017 5868 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
19:17:13.0017 5868 RDPENCDD - ok
19:17:13.0064 5868 RDPWD (5c141fc457f1ac833664789235aca673) C:\Windows\system32\drivers\RDPWD.sys
19:17:13.0080 5868 RDPWD - ok
19:17:13.0204 5868 ReflectService.exe (52428feadfd814dfd224227c6f9b7529) C:\Program Files\Macrium\Reflect\ReflectService.exe
19:17:13.0220 5868 ReflectService.exe - ok
19:17:13.0329 5868 RegSrvc (7a917120a62bcf2883fdd5c352447556) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
19:17:13.0360 5868 RegSrvc - ok
19:17:13.0485 5868 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll
19:17:13.0485 5868 RemoteAccess - ok
19:17:13.0548 5868 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll
19:17:13.0548 5868 RemoteRegistry - ok
19:17:13.0657 5868 rimmptsk (d13d70fac45fc1df69f88559b1f72f0a) C:\Windows\system32\DRIVERS\rimmpx64.sys
19:17:13.0657 5868 rimmptsk - ok
19:17:13.0657 5868 rimsptsk (bb9edc55b0b8cb4fcd713428820e0776) C:\Windows\system32\DRIVERS\rimspx64.sys
19:17:13.0657 5868 rimsptsk - ok
19:17:13.0672 5868 rismxdp (481c3fdeacaae04b74c58288dbc91df9) C:\Windows\system32\DRIVERS\rixdpx64.sys
19:17:13.0688 5868 rismxdp - ok
19:17:13.0688 5868 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe
19:17:13.0688 5868 RpcLocator - ok
19:17:13.0797 5868 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
19:17:13.0797 5868 RpcSs - ok
19:17:13.0828 5868 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
19:17:13.0828 5868 rspndr - ok
19:17:13.0860 5868 RTHDMIAzAudService - ok
19:17:13.0938 5868 RTL8169 (b263b3aebcde2210d1cc25756601b8ea) C:\Windows\system32\DRIVERS\Rtlh64.sys
19:17:13.0938 5868 RTL8169 - ok
19:17:13.0984 5868 SamSs (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
19:17:13.0984 5868 SamSs - ok
19:17:14.0016 5868 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
19:17:14.0016 5868 sbp2port - ok
19:17:14.0234 5868 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
19:17:14.0234 5868 SBSDWSCService - ok
19:17:14.0281 5868 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll
19:17:14.0281 5868 SCardSvr - ok
19:17:14.0406 5868 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll
19:17:14.0437 5868 Schedule - ok
19:17:14.0468 5868 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
19:17:14.0468 5868 SCPolicySvc - ok
19:17:14.0546 5868 sdbus (be100bc2be2513314c717bb2c4cfff10) C:\Windows\system32\DRIVERS\sdbus.sys
19:17:14.0562 5868 sdbus - ok
19:17:14.0593 5868 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll
19:17:14.0593 5868 SDRSVC - ok
19:17:14.0624 5868 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:17:14.0624 5868 secdrv - ok
19:17:14.0655 5868 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll
19:17:14.0655 5868 seclogon - ok
19:17:14.0952 5868 Secunia PSI Agent (64d9cac9c60ee8c2d7aeb33d6503d8bc) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
19:17:14.0967 5868 Secunia PSI Agent - ok
19:17:15.0108 5868 Secunia Update Agent (791729c12f58d65489645624bef6e5f5) C:\Program Files (x86)\Secunia\PSI\sua.exe
19:17:15.0123 5868 Secunia Update Agent - ok
19:17:15.0264 5868 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\System32\sens.dll
19:17:15.0264 5868 SENS - ok
19:17:15.0342 5868 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
19:17:15.0342 5868 Serenum - ok
19:17:15.0373 5868 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
19:17:15.0373 5868 Serial - ok
19:17:15.0404 5868 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
19:17:15.0404 5868 sermouse - ok
19:17:15.0451 5868 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll
19:17:15.0451 5868 SessionEnv - ok
19:17:15.0466 5868 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
19:17:15.0466 5868 sffdisk - ok
19:17:15.0482 5868 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
19:17:15.0482 5868 sffp_mmc - ok
19:17:15.0498 5868 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
19:17:15.0513 5868 sffp_sd - ok
19:17:15.0513 5868 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
19:17:15.0513 5868 sfloppy - ok
19:17:15.0560 5868 SharedAccess (4c5aee179da7e1ee9a9ccb9da289af34) C:\Windows\System32\ipnathlp.dll
19:17:15.0576 5868 SharedAccess - ok
19:17:15.0654 5868 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll
19:17:15.0669 5868 ShellHWDetection - ok
19:17:15.0716 5868 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
19:17:15.0716 5868 SiSRaid2 - ok
19:17:15.0747 5868 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
19:17:15.0747 5868 SiSRaid4 - ok
19:17:15.0872 5868 SkypeUpdate (db0405d9aad62f0762e0876ac142b7e1) C:\Program Files (x86)\Skype\Updater\Updater.exe
19:17:15.0872 5868 SkypeUpdate - ok
19:17:16.0168 5868 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe
19:17:16.0215 5868 slsvc - ok
19:17:16.0371 5868 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll
19:17:16.0371 5868 SLUINotify - ok
19:17:16.0480 5868 SmartFaceVWatchSrv (79ed2d6dec26e0fefb93ea21f09e6a51) C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
19:17:16.0480 5868 SmartFaceVWatchSrv - ok
19:17:16.0558 5868 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
19:17:16.0558 5868 Smb - ok
19:17:16.0590 5868 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe
19:17:16.0590 5868 SNMPTRAP - ok
19:17:16.0636 5868 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
19:17:16.0636 5868 spldr - ok
19:17:16.0699 5868 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe
19:17:16.0714 5868 Spooler - ok
19:17:16.0855 5868 SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
19:17:16.0870 5868 SQLBrowser - ok
19:17:16.0933 5868 SQLWriter (3c432a96363097870995e2a3c8b66abd) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:17:16.0948 5868 SQLWriter - ok
19:17:17.0011 5868 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
19:17:17.0026 5868 srv - ok
19:17:17.0058 5868 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
19:17:17.0058 5868 srv2 - ok
19:17:17.0073 5868 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
19:17:17.0089 5868 srvnet - ok
19:17:17.0136 5868 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll
19:17:17.0136 5868 SSDPSRV - ok
19:17:17.0198 5868 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll
19:17:17.0198 5868 SstpSvc - ok
19:17:17.0307 5868 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll
19:17:17.0323 5868 stisvc - ok
19:17:17.0338 5868 SWDUMon (399b848e5bd5f1bf16636b836319e5c5) C:\Windows\system32\DRIVERS\SWDUMon.sys
19:17:17.0338 5868 SWDUMon - ok
19:17:17.0370 5868 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
19:17:17.0370 5868 swenum - ok
19:17:17.0432 5868 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll
19:17:17.0448 5868 swprv - ok
19:17:17.0479 5868 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
19:17:17.0479 5868 Symc8xx - ok
19:17:17.0494 5868 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
19:17:17.0494 5868 Sym_hi - ok
19:17:17.0526 5868 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
19:17:17.0526 5868 Sym_u3 - ok
19:17:17.0619 5868 SynTP (d8edb37f6e235a47e12f1eafd85c2b6f) C:\Windows\system32\DRIVERS\SynTP.sys
19:17:17.0619 5868 SynTP - ok
19:17:17.0760 5868 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll
19:17:17.0775 5868 SysMain - ok
19:17:17.0822 5868 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll
19:17:17.0822 5868 TabletInputService - ok
19:17:17.0884 5868 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll
19:17:17.0900 5868 TapiSrv - ok
19:17:17.0916 5868 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll
19:17:17.0916 5868 TBS - ok
19:17:18.0181 5868 Tcpip (46d448e9117464e4d3bbf36d7e3fa48e) C:\Windows\system32\drivers\tcpip.sys
19:17:18.0196 5868 Tcpip - ok
19:17:18.0493 5868 Tcpip6 (46d448e9117464e4d3bbf36d7e3fa48e) C:\Windows\system32\DRIVERS\tcpip.sys
19:17:18.0508 5868 Tcpip6 - ok
19:17:18.0664 5868 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
19:17:18.0664 5868 tcpipreg - ok
19:17:18.0696 5868 tdcmdpst (d45586a9facb2c9708b10e491ef748a6) C:\Windows\system32\DRIVERS\tdcmdpst.sys
19:17:18.0696 5868 tdcmdpst - ok
19:17:18.0742 5868 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
19:17:18.0742 5868 TDPIPE - ok
19:17:18.0742 5868 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
19:17:18.0742 5868 TDTCP - ok
19:17:18.0820 5868 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
19:17:18.0820 5868 tdx - ok
19:17:18.0852 5868 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
19:17:18.0852 5868 TermDD - ok
19:17:18.0945 5868 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll
19:17:18.0961 5868 TermService - ok
19:17:19.0039 5868 Themes (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll
19:17:19.0039 5868 Themes - ok
19:17:19.0070 5868 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
19:17:19.0070 5868 THREADORDER - ok
19:17:19.0164 5868 TMachInfo (e09caafb2b323a6ff120cefb96da0a44) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
19:17:19.0164 5868 TMachInfo - ok
19:17:19.0242 5868 TNaviSrv (89f74c86523f5e334628dbce66e6d165) C:\Program Files (x86)\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
19:17:19.0242 5868 TNaviSrv - ok
19:17:19.0320 5868 TODDSrv (19af3434564e973bc232bbd629ec2bf6) C:\Windows\system32\TODDSrv.exe
19:17:19.0320 5868 TODDSrv - ok
19:17:19.0413 5868 TosCoSrv (e17a81e6ad0e89630a3b0f2ed5cbbdf5) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
19:17:19.0413 5868 TosCoSrv - ok
19:17:19.0491 5868 TOSHIBA Bluetooth Service (4e5a8546709591d31ba086ca2a69cecd) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
19:17:19.0507 5868 TOSHIBA Bluetooth Service - ok
19:17:19.0554 5868 TOSHIBA SMART Log Service (19d979b9f6373a7cb17ebb7594feb819) C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
19:17:19.0569 5868 TOSHIBA SMART Log Service - ok
19:17:19.0647 5868 Tosrfcom - ok
19:17:19.0663 5868 tosrfec (9fb4aa68d4e833c795994513bc9e3aca) C:\Windows\system32\DRIVERS\tosrfec.sys
19:17:19.0663 5868 tosrfec - ok
19:17:19.0741 5868 tos_sps64 (dd50a5df5f7b29fdb6b5fea728c43dc3) C:\Windows\system32\DRIVERS\tos_sps64.sys
19:17:19.0741 5868 tos_sps64 - ok
19:17:19.0803 5868 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll
19:17:19.0803 5868 TrkWks - ok
19:17:19.0866 5868 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe
19:17:19.0866 5868 TrustedInstaller - ok
19:17:19.0881 5868 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:17:19.0897 5868 tssecsrv - ok
19:17:19.0928 5868 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
19:17:19.0944 5868 tunmp - ok
19:17:19.0975 5868 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
19:17:19.0975 5868 tunnel - ok
19:17:20.0022 5868 TVALZ (9a744cc3d804ec38a6c2c65bc3c6fcd8) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
19:17:20.0022 5868 TVALZ - ok
19:17:20.0053 5868 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
19:17:20.0053 5868 uagp35 - ok
19:17:20.0115 5868 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
19:17:20.0115 5868 udfs - ok
19:17:20.0178 5868 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe
19:17:20.0178 5868 UI0Detect - ok
19:17:20.0349 5868 UleadBurningHelper (332d341d92b933600d41953b08360dfb) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
19:17:20.0349 5868 UleadBurningHelper - ok
19:17:20.0380 5868 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
19:17:20.0380 5868 uliagpkx - ok
19:17:20.0427 5868 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
19:17:20.0427 5868 uliahci - ok
19:17:20.0474 5868 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
19:17:20.0474 5868 UlSata - ok
19:17:20.0505 5868 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
19:17:20.0521 5868 ulsata2 - ok
19:17:20.0536 5868 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
19:17:20.0536 5868 umbus - ok
19:17:20.0583 5868 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll
19:17:20.0599 5868 upnphost - ok
19:17:20.0646 5868 usbbus (5fcc71487888589a9244af54cfefab29) C:\Windows\system32\DRIVERS\lgx64bus.sys
19:17:20.0646 5868 usbbus - ok
19:17:20.0708 5868 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
19:17:20.0708 5868 usbccgp - ok
19:17:20.0755 5868 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
19:17:20.0755 5868 usbcir - ok
19:17:20.0833 5868 UsbDiag (3fb6e423f7567c92c32ea786f5fd0c69) C:\Windows\system32\DRIVERS\lgx64diag.sys
19:17:20.0833 5868 UsbDiag - ok
19:17:20.0880 5868 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
19:17:20.0880 5868 usbehci - ok
19:17:20.0926 5868 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
19:17:20.0926 5868 usbhub - ok
19:17:20.0942 5868 USBModem (78d551f5b93488b4666f5fc8dd4815f3) C:\Windows\system32\DRIVERS\lgx64modem.sys
19:17:20.0942 5868 USBModem - ok
19:17:20.0989 5868 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
19:17:20.0989 5868 usbohci - ok
19:17:21.0020 5868 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
19:17:21.0036 5868 usbprint - ok
19:17:21.0098 5868 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
19:17:21.0098 5868 usbscan - ok
19:17:21.0129 5868 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:17:21.0129 5868 USBSTOR - ok
19:17:21.0160 5868 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
19:17:21.0160 5868 usbuhci - ok
19:17:21.0238 5868 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
19:17:21.0238 5868 usbvideo - ok
19:17:21.0270 5868 UVCFTR (56ed086f1300ecb1e6f67ac43955e5e9) C:\Windows\system32\Drivers\UVCFTR_S.SYS
19:17:21.0270 5868 UVCFTR - ok
19:17:21.0316 5868 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll
19:17:21.0316 5868 UxSms - ok
19:17:21.0394 5868 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe
19:17:21.0410 5868 vds - ok
19:17:21.0426 5868 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
19:17:21.0426 5868 vga - ok
19:17:21.0441 5868 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
19:17:21.0441 5868 VgaSave - ok
19:17:21.0441 5868 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
19:17:21.0457 5868 viaide - ok
19:17:21.0488 5868 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
19:17:21.0488 5868 volmgr - ok
19:17:21.0566 5868 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
19:17:21.0566 5868 volmgrx - ok
19:17:21.0644 5868 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
19:17:21.0644 5868 volsnap - ok
19:17:21.0706 5868 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
19:17:21.0706 5868 vsmraid - ok
19:17:21.0894 5868 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe
19:17:21.0925 5868 VSS - ok
19:17:22.0096 5868 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll
19:17:22.0112 5868 W32Time - ok
19:17:22.0190 5868 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
19:17:22.0190 5868 WacomPen - ok
19:17:22.0268 5868 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
19:17:22.0268 5868 Wanarp - ok
19:17:22.0268 5868 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
19:17:22.0268 5868 Wanarpv6 - ok
19:17:22.0362 5868 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll
19:17:22.0377 5868 wcncsvc - ok
19:17:22.0408 5868 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll
19:17:22.0408 5868 WcsPlugInService - ok
19:17:22.0440 5868 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
19:17:22.0440 5868 Wd - ok
19:17:22.0564 5868 Wdf01000 (8d6811e168f047b674d6aa2daccfa180) C:\Windows\system32\drivers\Wdf01000.sys
19:17:22.0564 5868 Wdf01000 - ok
19:17:22.0611 5868 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
19:17:22.0611 5868 WdiServiceHost - ok
19:17:22.0611 5868 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
19:17:22.0611 5868 WdiSystemHost - ok
19:17:22.0674 5868 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll
19:17:22.0674 5868 WebClient - ok
19:17:22.0752 5868 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll
19:17:22.0752 5868 Wecsvc - ok
19:17:22.0767 5868 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll
19:17:22.0767 5868 wercplsupport - ok
19:17:22.0814 5868 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll
19:17:22.0814 5868 WerSvc - ok
19:17:22.0861 5868 WinDefend - ok
19:17:22.0876 5868 WinHttpAutoProxySvc - ok
19:17:22.0954 5868 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll
19:17:22.0970 5868 Winmgmt - ok
19:17:23.0204 5868 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll
19:17:23.0251 5868 WinRM - ok
19:17:23.0454 5868 WinUSB (7f2f9e48566b2087f2aaad258cb2a8d4) C:\Windows\system32\DRIVERS\WinUSB.sys
19:17:23.0469 5868 WinUSB - ok
19:17:23.0563 5868 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll
19:17:23.0578 5868 Wlansvc - ok
19:17:23.0594 5868 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys
19:17:23.0610 5868 WmiAcpi - ok
19:17:23.0688 5868 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe
19:17:23.0688 5868 wmiApSrv - ok
19:17:23.0734 5868 WMPNetworkSvc - ok
19:17:23.0844 5868 WMZuneComm (83b6ca03c846fcd47f9883d77d1eb27b) c:\Program Files\Zune\WMZuneComm.exe
19:17:23.0859 5868 WMZuneComm - ok
19:17:23.0890 5868 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll
19:17:23.0906 5868 WPCSvc - ok
19:17:23.0953 5868 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll
19:17:23.0953 5868 WPDBusEnum - ok
19:17:23.0984 5868 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
19:17:24.0000 5868 WpdUsb - ok
19:17:24.0218 5868 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:17:24.0234 5868 WPFFontCache_v0400 - ok
19:17:24.0280 5868 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
19:17:24.0280 5868 ws2ifsl - ok
19:17:24.0327 5868 wscsvc (9ea3e6d0ef7a5c2b9181961052a4b01a) C:\Windows\System32\wscsvc.dll
19:17:24.0343 5868 wscsvc - ok
19:17:24.0343 5868 WSearch - ok
19:17:24.0624 5868 wuauserv (fb3796754fe00f0bdc87a36f164a5f4d) C:\Windows\system32\wuaueng.dll
19:17:24.0670 5868 wuauserv - ok
19:17:24.0873 5868 WudfPf (ebd12de99c553f41f6a3b29d89978ac8) C:\Windows\system32\drivers\WudfPf.sys
19:17:24.0873 5868 WudfPf - ok
19:17:24.0967 5868 WUDFRd (85e41d1fb0e40a0ab06e5039d70268d4) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:17:24.0967 5868 WUDFRd - ok
19:17:24.0982 5868 wudfsvc (ade1f9afab86d966747629309d59d51a) C:\Windows\System32\WUDFSvc.dll
19:17:24.0982 5868 wudfsvc - ok
19:17:25.0123 5868 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
19:17:25.0138 5868 YahooAUService - ok
19:17:26.0028 5868 ZuneNetworkSvc (67b787c34fb2888d01b130ae007042d8) c:\Program Files\Zune\ZuneNss.exe
19:17:26.0246 5868 ZuneNetworkSvc - ok
19:17:26.0371 5868 ZuneWlanCfgSvc (4d89fc1c20cf655739efac5da81a67bc) c:\Program Files\Zune\ZuneWlanCfgSvc.exe
19:17:26.0386 5868 ZuneWlanCfgSvc - ok
19:17:26.0418 5868 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
19:17:27.0042 5868 \Device\Harddisk0\DR0 - ok
19:17:27.0042 5868 Boot (0x1200) (b6defcfca5c910474d589ea02c040259) \Device\Harddisk0\DR0\Partition0
19:17:27.0042 5868 \Device\Harddisk0\DR0\Partition0 - ok
19:17:27.0057 5868 ============================================================
19:17:27.0057 5868 Scan finished
19:17:27.0057 5868 ============================================================
19:17:27.0073 7204 Detected object count: 0
19:17:27.0073 7204 Actual detected object count: 0
 
That looks good.

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  • Never rename Combofix unless instructed.
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  • Double click on combofix.exe & follow the prompts.

  • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt"
**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode.

2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.
There are 4 different versions. If one of them won't run then download and try to run the other one.
Vista and Win7 users need to right click Rkill and choose Run as Administrator
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

* Rkill.com
* Rkill.scr
* Rkill.exe
  • Double-click on the Rkill icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.
Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
 
You must log in or register to reply here.

Similar threads

M
Virus warning popup
Replies
1
Views
561
Mark Fuller
M
D
Three malicious VPN extensions on the Chrome Web Store infected 1.5 million devices before...
Replies
11
Views
390
Nestea
N
A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A

Latest posts

Back