Solved My Windows\System32\services Is Infected Win64/patched.a

Status
Not open for further replies.
S

sr51463

Posts: 55   +0
I have an infection in my windows services. As stated, it is a Patched A virus. I really could use some help as I am totally lost on how to get rid of it.
 
Hello, and welcome to TechSpot.


rulesx.png
Please see here for the board rules and other FAQ.

Please feel free to introduce yourself, after you follow the steps below to get started.

Information
  • From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by a malware removal helper.
  • Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
  • If you have already asked for help somewhere, please post the link to the topic you were helped.
  • We try our best to reply quickly, but for any reason we do not reply in two days, please reply to this topic with the word BUMP!
  • Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.
Please review the 5-Step removal instructions and post the logs back here for my review.

If Windows will not stay active, let me know.
 
I'm having some trouble with Step 3: GMER.

It says that it has not found anything. Also it did not preform the automatic quick scan when it first ran. So I just clicked the scan button and let it scan. It came up with nothing. Should I just go to the next step?
 
Now it looks like I have an even bigger problem. I had to restart my computer and after te welcome screen there is nothing but black. The only thing there is my mouse cursor. However, I was able to start it up in safety mode. What should I do? How can I fix this?
 
Farbar Recovery Scan Tool

Download Farbar Recovery Scan Tool and save it to a flash drive.


Depending on your type of system, you will have to select 32-bit or 64-bit accordingly. How do I tell?

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
On the System Recovery Options menu you will get the following options:
    • Startup Repair
      System Restore
      Windows Complete PC Restore
      Windows Memory Diagnostic Tool
      Command Prompt
  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to the disclaimer.
  • Place a check next to List Drivers MD5 as well as the default check marks that are already there
  • Press Scan button. It will do its scan and save a log on your flash drive.
  • Close out of the message after that, then type in the text services.exe in to the "Search:" text box. Then, press the Search file(s) button, just as below:
    frst2.jpg

    When done searching, FRST makes a log, Search.txt, on the C:\ drive or on your flash drive.
  • Type exit in the Command Prompt window and reboot the computer normally
  • FRST will make a log (FRST.txt) on the flash drive and also the search.txt logfile, please copy and paste the logs in your reply.
 
Can result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-11-2012
Ran by SYSTEM at 09-11-2012 18:05:09
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [] [x]
HKLM\...\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [x]
HKLM\...\Run: [TosWaitSrv] %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe [x]
HKLM\...\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2009-08-03] (TOSHIBA Corporation)
HKLM\...\Run: [ThpSrv] C:\windows\system32\thpsrv /logon [x]
HKLM\...\Run: [Teco] "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r [x]
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [x]
HKLM\...\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe [x]
HKLM\...\Run: [SmartFaceVWatcher] %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [x]
HKLM\...\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe [x]
HKLM\...\Run: [HDMICtrlMan] %ProgramFiles%\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [x]
HKLM\...\Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [503864 2009-07-20] (Conexant Systems, Inc.)
HKLM\...\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe [x]
HKLM\...\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2328944 2011-01-07] (Microsoft Corporation)
HKLM-x32\...\Run: [TUSBSleepChargeSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe [x]
HKLM-x32\...\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 [1294136 2009-08-17] (TOSHIBA Corporation)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED [529256 2009-07-16] (Toshiba)
HKLM-x32\...\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" [74752 2011-07-11] (Nullsoft, Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2010-11-29] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [1259376 2011-07-28] ()
HKLM-x32\...\Run: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui [73728 2011-11-03] ()
HKLM-x32\...\Run: [ROC_ROC_NT] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [1111432 2012-10-16] (Spigot, Inc.)
HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4297136 2012-10-30] (AVAST Software)
HKU\KIyle\...\Run: [AdobeBridge] [x]
HKLM-x32\...\Runonce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-unins...kAVQBCAFUAUgAtADcAVABHAFYAUwAtADQARgBTAFUANgA"&"inst=NwA2AC0ANgA5ADMANwAwADQAMgAwADAALQBUAEIAOQArADIALQBGAEwAKwA5AC0AWABPADMANgArADEALQBGADkATQA3AEMAKwA1AC0ARgA5AE0AMQAwAEIAKwAxAC0AUABMACsAOQAtAE4AMQBEACsAMQA"&"prod=92"&"ver=9.0.872 [x]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

==================== Services (Whitelisted) ===================

2 AdvancedSystemCareService; C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [353168 2011-05-28] (IObit)
2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [44808 2012-10-30] (AVAST Software)
2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [821080 2011-06-01] (IObit)
2 libusbd; C:\Windows\SysWow64\libusbd-nt.exe [18944 2005-03-09] (http://libusb-win32.sourceforge.net)
2 MBAMScheduler; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" [399432 2012-09-29] (Malwarebytes Corporation)
2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [676936 2012-09-29] (Malwarebytes Corporation)
2 Updater Service for StartNow Toolbar; C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe [265952 2012-06-22] ()

==================== Drivers (Whitelisted) =====================

2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [25232 2012-10-30] (AVAST Software)
2 aswMonFlt; C:\Windows\System32\Drivers\aswMonFlt.sys [71600 2012-10-30] (AVAST Software)
1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [54072 2012-10-15] (AVAST Software)
1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [984144 2012-10-30] (AVAST Software)
1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [370288 2012-10-30] (AVAST Software)
1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [59728 2012-10-30] (AVAST Software)
3 FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [20336 2011-04-27] ()
3 hid7906; C:\Windows\SysWow64\Drivers\hid7906.sys [34963 2007-12-12] (Compuware Corporation)
3 hid8101; C:\Windows\SysWow64\Drivers\hid8101.sys [37024 2007-12-03] (Compuware Corporation)
3 hid8103; C:\Windows\SysWow64\Drivers\hid8103.sys [34587 2007-11-28] (Compuware Corporation)
3 libusb0; C:\Windows\SysWow64\Drivers\libusb0.sys [33792 2005-03-09] ()
3 MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [25928 2012-09-29] (Malwarebytes Corporation)
3 O2SDGRDR; C:\Windows\System32\DRIVERS\o2sdgx64.sys [49568 2009-08-18] (O2Micro )
3 RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [33184 2011-03-22] (IObit.com)
0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [18232 2011-02-23] ()
3 UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [21328 2011-03-22] (IObit.com)

==================== NetSvcs (Whitelisted) ====================


==================== One Month Created Files and Folders ========

2012-11-08 14:07 - 2012-11-08 14:07 - 00302592 ____A C:\Users\KIyle\Desktop\k3giddnq.exe
2012-11-08 13:48 - 2012-11-08 13:48 - 00001084 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-11-08 13:48 - 2012-11-08 13:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-11-08 13:48 - 2012-09-29 17:54 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-11-08 13:47 - 2012-11-08 13:47 - 10669952 ____A (Malwarebytes Corporation ) C:\Users\KIyle\Downloads\mbam-setup-1.65.1.1000(1).exe
2012-11-08 06:47 - 2012-11-08 06:47 - 00002264 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2012-11-08 06:46 - 2012-11-08 19:08 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-11-08 06:45 - 2012-11-09 15:24 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-11-08 06:45 - 2012-11-08 06:45 - 00001969 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2012-11-08 06:45 - 2012-10-30 15:51 - 00370288 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2012-11-08 06:45 - 2012-10-30 15:51 - 00059728 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2012-11-08 06:45 - 2012-10-30 15:51 - 00025232 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2012-11-08 06:45 - 2012-10-15 08:59 - 00054072 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2012-11-08 06:44 - 2012-11-08 06:44 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2012-11-08 06:44 - 2012-10-30 15:51 - 00984144 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2012-11-08 06:44 - 2012-10-30 15:51 - 00071600 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2012-11-08 06:44 - 2012-10-30 15:50 - 00285328 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
2012-11-08 06:43 - 2012-10-30 15:51 - 00041224 ____A (AVAST Software) C:\Windows\avastSS.scr
2012-11-08 06:43 - 2012-10-30 15:50 - 00227648 ____A (AVAST Software) C:\Windows\SysWOW64\aswBoot.exe
2012-11-08 06:41 - 2012-11-08 06:43 - 00000000 ____D C:\Users\All Users\AVAST Software
2012-11-08 06:41 - 2012-11-08 06:43 - 00000000 ____D C:\Program Files\AVAST Software
2012-11-08 06:39 - 2012-11-08 06:40 - 97495576 ____A C:\Users\KIyle\Downloads\avast_free_antivirus_setup.exe
2012-11-08 03:03 - 2012-11-08 03:03 - 04418880 ____A (AVG Technologies) C:\Users\KIyle\Downloads\avg_free_stb_all_2013_2742_cnet(1).exe
2012-11-08 03:01 - 2012-11-08 03:01 - 04418880 ____A (AVG Technologies) C:\Users\KIyle\Downloads\avg_free_stb_all_2013_2742_cnet.exe
2012-11-08 02:13 - 2012-11-08 02:13 - 00012207 ____A C:\Users\KIyle\Desktop\hijackthis.log
2012-11-08 02:07 - 2012-11-08 02:08 - 10669952 ____A (Malwarebytes Corporation ) C:\Users\KIyle\Downloads\mbam-setup-1.65.1.1000.exe
2012-11-08 01:52 - 2012-11-08 01:52 - 00000000 ____D C:\Users\KIyle\Downloads\backups
2012-11-08 01:48 - 2012-11-08 01:48 - 00388608 ____A (Trend Micro Inc.) C:\Users\KIyle\Desktop\HijackThis.exe
2012-11-08 01:21 - 2012-11-08 01:21 - 04411432 ____A (AVG Technologies) C:\Users\KIyle\Downloads\avg_isct_stb_all_2013_2667_cm5.exe
2012-11-08 00:59 - 2012-11-08 00:59 - 04418880 ____A (AVG Technologies) C:\Users\KIyle\Downloads\avg_isct_stb_all_2013_2742.exe
2012-11-07 23:53 - 2012-11-08 14:01 - 00003304 ____A C:\Windows\PFRO.log
2012-11-07 23:43 - 2012-11-07 23:43 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2012-11-07 23:40 - 2012-11-07 23:40 - 00000000 ____D C:\Users\KIyle\AppData\Local\Avg2013
2012-11-07 23:18 - 2012-11-07 23:18 - 00027699 ____A C:\Users\KIyle\Desktop\dds.txt
2012-11-07 23:18 - 2012-11-07 23:18 - 00012402 ____A C:\Users\KIyle\Desktop\attach.txt
2012-11-07 23:16 - 2012-11-07 23:16 - 00688901 ____R (Swearware) C:\Users\KIyle\Downloads\dds.com
2012-11-07 22:32 - 2012-11-09 15:24 - 00001008 ____A C:\Windows\setupact.log
2012-11-07 22:32 - 2012-11-07 22:32 - 00000000 ____A C:\Windows\setuperr.log
2012-11-06 12:56 - 2012-11-06 12:57 - 133040281 ____A C:\Users\KIyle\Desktop\Resident Seavil 4_ Degeneration (of the story).mp4
2012-11-06 12:56 - 2012-11-06 12:56 - 28613177 ____A C:\Users\KIyle\Desktop\Q_ Where Am I_ A_ Nowhere Interesting.mp4
2012-10-28 22:00 - 2012-10-28 22:01 - 21557797 ____A C:\Users\KIyle\Desktop\I'M GUNNA SHOOT SOMEBODY.mp4
2012-10-28 21:48 - 2012-10-28 21:49 - 45209582 ____A C:\Users\KIyle\Desktop\GOD I THINK I JUST SHITTED ON MYSELF (I'M GUNNA SHOOT SOMEBODY TOO).mp4
2012-10-21 22:39 - 2012-11-08 00:13 - 00000000 ____D C:\Program Files (x86)\YTD Toolbar
2012-10-21 22:39 - 2012-10-21 22:39 - 00000000 ____D C:\Program Files (x86)\Application Updater
2012-10-11 13:32 - 2012-10-11 13:32 - 01031895 ____A C:\Users\KIyle\Downloads\RiceVideoSetup(1).exe
2012-10-11 12:40 - 2012-10-11 12:40 - 01031895 ____A C:\Users\KIyle\Downloads\RiceVideoSetup.exe
2012-10-11 12:26 - 2012-10-11 12:27 - 65679872 ____A C:\Users\KIyle\Downloads\VizzedRgrPlugin-v1.91.msi
2012-10-11 06:49 - 2012-10-11 06:51 - 00000000 ____D C:\Users\KIyle\Documents\Watched Threads
2012-10-11 06:47 - 2012-10-11 06:51 - 00000000 ____D C:\Users\KIyle\AppData\Roaming\Chan Thread Watch
2012-10-10 14:51 - 2012-08-31 10:02 - 01656688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2012-10-10 14:51 - 2012-08-30 10:11 - 05505904 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-10-10 14:51 - 2012-08-30 09:18 - 03958128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-10-10 14:51 - 2012-08-30 09:18 - 03902832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-10-10 14:50 - 2012-09-14 11:23 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-10-10 14:50 - 2012-09-14 10:30 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-10-10 14:50 - 2012-08-24 10:05 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-10-10 14:50 - 2012-08-24 09:10 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-10-10 14:50 - 2012-08-18 07:43 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2012-10-10 14:50 - 2012-08-18 07:43 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2012-10-10 14:50 - 2012-08-18 07:43 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2012-10-10 14:50 - 2012-08-18 07:42 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2012-10-10 14:50 - 2012-08-18 07:40 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2012-10-10 14:50 - 2012-08-18 07:37 - 01162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-10-10 14:50 - 2012-08-18 07:37 - 00425984 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2012-10-10 14:50 - 2012-08-18 07:34 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2012-10-10 14:50 - 2012-08-18 07:22 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 07:22 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 07:22 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 07:22 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 07:22 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 07:22 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 07:22 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 07:22 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 07:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 07:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 07:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 07:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 07:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 07:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 07:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 03:22 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2012-10-10 14:50 - 2012-08-18 03:19 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2012-10-10 14:50 - 2012-08-18 03:17 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2012-10-10 14:50 - 2012-08-18 03:17 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2012-10-10 14:50 - 2012-08-18 03:17 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2012-10-10 14:50 - 2012-08-18 03:09 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 03:09 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 03:09 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 03:09 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 03:09 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 03:09 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 03:09 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 03:09 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 03:09 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 03:09 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 03:09 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 03:09 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 03:09 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 01:12 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2012-10-10 14:50 - 2012-08-18 01:12 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2012-10-10 14:50 - 2012-08-18 01:07 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 01:07 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 01:07 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-10 14:50 - 2012-08-18 01:07 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2012-10-10 14:50 - 2012-08-10 16:53 - 00714752 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2012-10-10 14:50 - 2012-08-10 15:54 - 00541184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2012-10-10 14:49 - 2012-06-01 21:25 - 01462784 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-10-10 14:49 - 2012-06-01 21:25 - 00182272 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-10-10 14:49 - 2012-06-01 21:25 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-10-10 14:49 - 2012-06-01 20:45 - 01157632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-10-10 14:49 - 2012-06-01 20:45 - 00139264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-10-10 14:49 - 2012-06-01 20:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll


==================== One Month Modified Files and Folders =======

2012-11-09 18:04 - 2012-11-09 18:04 - 00000000 ____D C:\FRST
2012-11-09 15:24 - 2012-11-08 06:45 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-11-09 15:24 - 2012-11-07 22:32 - 00001008 ____A C:\Windows\setupact.log
2012-11-09 15:24 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-11-08 21:37 - 2012-04-06 22:20 - 00000000 ____D C:\Users\KIyle\Desktop\business man
2012-11-08 21:28 - 2009-07-13 21:13 - 00811698 ____A C:\Windows\System32\PerfStringBackup.INI
2012-11-08 19:15 - 2009-07-13 20:45 - 00015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-11-08 19:15 - 2009-07-13 20:45 - 00015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-11-08 19:12 - 2012-05-03 18:43 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-11-08 19:08 - 2012-11-08 06:46 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-11-08 14:07 - 2012-11-08 14:07 - 00302592 ____A C:\Users\KIyle\Desktop\k3giddnq.exe
2012-11-08 14:01 - 2012-11-07 23:53 - 00003304 ____A C:\Windows\PFRO.log
2012-11-08 13:48 - 2012-11-08 13:48 - 00001084 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-11-08 13:48 - 2012-11-08 13:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-11-08 13:47 - 2012-11-08 13:47 - 10669952 ____A (Malwarebytes Corporation ) C:\Users\KIyle\Downloads\mbam-setup-1.65.1.1000(1).exe
2012-11-08 06:50 - 2009-12-14 09:55 - 00000000 ____D C:\Users\KIyle\AppData\Local\Google
2012-11-08 06:47 - 2012-11-08 06:47 - 00002264 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2012-11-08 06:47 - 2009-09-02 18:25 - 00000000 ____D C:\Program Files (x86)\Google
2012-11-08 06:45 - 2012-11-08 06:45 - 00001969 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2012-11-08 06:44 - 2012-11-08 06:44 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2012-11-08 06:43 - 2012-11-08 06:41 - 00000000 ____D C:\Users\All Users\AVAST Software
2012-11-08 06:43 - 2012-11-08 06:41 - 00000000 ____D C:\Program Files\AVAST Software
2012-11-08 06:40 - 2012-11-08 06:39 - 97495576 ____A C:\Users\KIyle\Downloads\avast_free_antivirus_setup.exe
2012-11-08 04:05 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2012-11-08 03:04 - 2012-08-13 03:16 - 00000000 ____D C:\Users\All Users\MFAData
2012-11-08 03:03 - 2012-11-08 03:03 - 04418880 ____A (AVG Technologies) C:\Users\KIyle\Downloads\avg_free_stb_all_2013_2742_cnet(1).exe
2012-11-08 03:01 - 2012-11-08 03:01 - 04418880 ____A (AVG Technologies) C:\Users\KIyle\Downloads\avg_free_stb_all_2013_2742_cnet.exe
2012-11-08 02:13 - 2012-11-08 02:13 - 00012207 ____A C:\Users\KIyle\Desktop\hijackthis.log
2012-11-08 02:08 - 2012-11-08 02:07 - 10669952 ____A (Malwarebytes Corporation ) C:\Users\KIyle\Downloads\mbam-setup-1.65.1.1000.exe
2012-11-08 01:52 - 2012-11-08 01:52 - 00000000 ____D C:\Users\KIyle\Downloads\backups
2012-11-08 01:49 - 2010-02-24 15:45 - 00000000 ____D C:\Users\KIyle\AppData\Roaming\BitTorrent
2012-11-08 01:48 - 2012-11-08 01:48 - 00388608 ____A (Trend Micro Inc.) C:\Users\KIyle\Desktop\HijackThis.exe
2012-11-08 01:27 - 2009-12-14 09:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-11-08 01:21 - 2012-11-08 01:21 - 04411432 ____A (AVG Technologies) C:\Users\KIyle\Downloads\avg_isct_stb_all_2013_2667_cm5.exe
2012-11-08 00:59 - 2012-11-08 00:59 - 04418880 ____A (AVG Technologies) C:\Users\KIyle\Downloads\avg_isct_stb_all_2013_2742.exe
2012-11-08 00:13 - 2012-10-21 22:39 - 00000000 ____D C:\Program Files (x86)\YTD Toolbar
2012-11-08 00:13 - 2012-05-12 02:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2012-11-08 00:13 - 2011-03-09 12:11 - 00000000 ____D C:\Users\KIyle\AppData\Roaming\vlc
2012-11-08 00:13 - 2010-08-18 11:38 - 00000000 ____D C:\Users\KIyle\AppData\Roaming\Winamp
2012-11-08 00:13 - 2010-02-24 15:45 - 00000000 ____D C:\Program Files (x86)\BitTorrent
2012-11-08 00:13 - 2009-12-14 09:54 - 00000000 ____D C:\Users\KIyle\AppData\Local\Toshiba
2012-11-08 00:13 - 2009-10-28 00:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2012-11-08 00:13 - 2009-09-02 18:25 - 00000000 ____D C:\Users\All Users\Toshiba
2012-11-08 00:12 - 2009-12-14 09:51 - 00000000 ____D C:\users\KIyle
2012-11-08 00:12 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2012-11-07 23:58 - 2011-05-17 20:50 - 01114727 ____A C:\Windows\WindowsUpdate.log
2012-11-07 23:43 - 2012-11-07 23:43 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2012-11-07 23:40 - 2012-11-07 23:40 - 00000000 ____D C:\Users\KIyle\AppData\Local\Avg2013
2012-11-07 23:18 - 2012-11-07 23:18 - 00027699 ____A C:\Users\KIyle\Desktop\dds.txt
2012-11-07 23:18 - 2012-11-07 23:18 - 00012402 ____A C:\Users\KIyle\Desktop\attach.txt
2012-11-07 23:16 - 2012-11-07 23:16 - 00688901 ____R (Swearware) C:\Users\KIyle\Downloads\dds.com
2012-11-07 22:32 - 2012-11-07 22:32 - 00000000 ____A C:\Windows\setuperr.log
2012-11-07 22:29 - 2009-09-02 18:23 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2012-11-07 10:08 - 2011-01-14 00:24 - 00000000 ___RD C:\Users\KIyle\Desktop\Adobe Photoshop
2012-11-06 12:57 - 2012-11-06 12:56 - 133040281 ____A C:\Users\KIyle\Desktop\Resident Seavil 4_ Degeneration (of the story).mp4
2012-11-06 12:56 - 2012-11-06 12:56 - 28613177 ____A C:\Users\KIyle\Desktop\Q_ Where Am I_ A_ Nowhere Interesting.mp4
2012-11-05 16:39 - 2010-12-17 03:55 - 00054024 ____A C:\Users\KIyle\Desktop\playlist.m3u
2012-11-05 16:34 - 2010-11-29 02:55 - 00000000 ____D C:\Users\KIyle\Desktop\New folder
2012-11-03 17:58 - 2010-02-08 15:14 - 00000000 ____D C:\Users\KIyle\Desktop\yeah
2012-10-30 15:51 - 2012-11-08 06:45 - 00370288 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2012-10-30 15:51 - 2012-11-08 06:45 - 00059728 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2012-10-30 15:51 - 2012-11-08 06:45 - 00025232 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2012-10-30 15:51 - 2012-11-08 06:44 - 00984144 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2012-10-30 15:51 - 2012-11-08 06:44 - 00071600 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2012-10-30 15:51 - 2012-11-08 06:43 - 00041224 ____A (AVAST Software) C:\Windows\avastSS.scr
2012-10-30 15:50 - 2012-11-08 06:44 - 00285328 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
2012-10-30 15:50 - 2012-11-08 06:43 - 00227648 ____A (AVAST Software) C:\Windows\SysWOW64\aswBoot.exe
2012-10-28 22:01 - 2012-10-28 22:00 - 21557797 ____A C:\Users\KIyle\Desktop\I'M GUNNA SHOOT SOMEBODY.mp4
2012-10-28 21:49 - 2012-10-28 21:48 - 45209582 ____A C:\Users\KIyle\Desktop\GOD I THINK I JUST SHITTED ON MYSELF (I'M GUNNA SHOOT SOMEBODY TOO).mp4
2012-10-26 12:40 - 2012-08-05 03:35 - 00000000 ____D C:\Users\KIyle\Desktop\Retsupurae
2012-10-21 22:39 - 2012-10-21 22:39 - 00000000 ____D C:\Program Files (x86)\Application Updater
2012-10-15 08:59 - 2012-11-08 06:45 - 00054072 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2012-10-13 07:42 - 2009-09-02 18:24 - 00000000 ____D C:\Users\All Users\Adobe
2012-10-11 13:32 - 2012-10-11 13:32 - 01031895 ____A C:\Users\KIyle\Downloads\RiceVideoSetup(1).exe
2012-10-11 12:40 - 2012-10-11 12:40 - 01031895 ____A C:\Users\KIyle\Downloads\RiceVideoSetup.exe
2012-10-11 12:27 - 2012-10-11 12:26 - 65679872 ____A C:\Users\KIyle\Downloads\VizzedRgrPlugin-v1.91.msi
2012-10-11 06:51 - 2012-10-11 06:49 - 00000000 ____D C:\Users\KIyle\Documents\Watched Threads
2012-10-11 06:51 - 2012-10-11 06:47 - 00000000 ____D C:\Users\KIyle\AppData\Roaming\Chan Thread Watch
2012-10-11 06:47 - 2010-03-12 20:30 - 65309168 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-10-11 06:46 - 2009-10-28 01:02 - 00000000 ____D C:\Users\All Users\Microsoft Help


ZeroAccess:
C:\Windows\Installer\{04ffdf68-d6e8-7b51-8374-b315779545c7}
C:\Windows\Installer\{04ffdf68-d6e8-7b51-8374-b315779545c7}\@
C:\Windows\Installer\{04ffdf68-d6e8-7b51-8374-b315779545c7}\L
C:\Windows\Installer\{04ffdf68-d6e8-7b51-8374-b315779545c7}\U
C:\Windows\Installer\{04ffdf68-d6e8-7b51-8374-b315779545c7}\L\00000004.@
C:\Windows\Installer\{04ffdf68-d6e8-7b51-8374-b315779545c7}\L\201d3dde
C:\Windows\Installer\{04ffdf68-d6e8-7b51-8374-b315779545c7}\U\00000004.@
C:\Windows\Installer\{04ffdf68-d6e8-7b51-8374-b315779545c7}\U\00000008.@
C:\Windows\Installer\{04ffdf68-d6e8-7b51-8374-b315779545c7}\U\000000cb.@
C:\Windows\Installer\{04ffdf68-d6e8-7b51-8374-b315779545c7}\U\80000000.@
C:\Windows\Installer\{04ffdf68-d6e8-7b51-8374-b315779545c7}\U\80000032.@
C:\Windows\Installer\{04ffdf68-d6e8-7b51-8374-b315779545c7}\U\80000064.@

ZeroAccess:
C:\Windows\assembly\GAC_32\Desktop.ini

ZeroAccess:
C:\Windows\assembly\GAC_64\Desktop.ini

==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe 50BEA589F7D7958BDD2528A8F69D05CC ZeroAccess <==== ATTENTION!.
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2012-10-11 12:28:24
Restore point made on: 2012-11-07 22:12:12
Restore point made on: 2012-11-07 23:30:49
Restore point made on: 2012-11-07 23:41:05
Restore point made on: 2012-11-07 23:46:03
Restore point made on: 2012-11-08 00:01:56
Restore point made on: 2012-11-08 03:05:56
Restore point made on: 2012-11-08 06:41:38
Restore point made on: 2012-11-08 06:43:15
Restore point made on: 2012-11-08 06:44:51

==================== Memory info ===========================

Percentage of memory in use: 10%
Total physical RAM: 5980.94 MB
Available physical RAM: 5335.49 MB
Total Pagefile: 5979.09 MB
Available Pagefile: 5326.67 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Partitions =============================

1 Drive c: (TI102692W0G) (Fixed) (Total:453.35 GB) (Free:216.38 GB) NTFS ==>[System with boot components (obtained from reading drive)]
2 Drive d: (System) (Fixed) (Total:1.46 GB) (Free:1.26 GB) NTFS ==>[System with boot components (obtained from reading drive)]
4 Drive f: (HP v125w) (Removable) (Total:3.75 GB) (Free:3.64 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B
Disk 1 Online 3850 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Recovery 1500 MB 1024 KB
Partition 2 Primary 453 GB 1501 MB
Partition 3 Primary 10 GB 454 GB

==================================================================================

Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 D System NTFS Partition 1500 MB Healthy Hidden

=========================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C TI102692W0G NTFS Partition 453 GB Healthy

=========================================================

Disk: 0
Partition 3
Type : 17 (Suspicious Type)
Hidden: Yes
Active: No

There is no volume associated with this partition.

=========================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3846 MB 4032 KB

==================================================================================

Disk: 1
Partition 1
Type : 0C
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 F HP v125w FAT32 Removable 3846 MB Healthy

=========================================================

Last Boot: 2012-11-08 03:53

==================== End Of Log =============================
 
Farbar Recovery Scan Tool (x64) Version: 09-11-2012
Ran by SYSTEM at 2012-11-09 18:17:58
Running from F:\

================== Search: "services.exe" ===================

C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

C:\Windows\System32\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0329216 ____A (Microsoft Corporation) 50BEA589F7D7958BDD2528A8F69D05CC

====== End Of Search ======
 
FRST Fixlist

Please download attached fixlist.txt below, and save it to your flash drive in the same location as FRST.exe. Make sure it maintains the same name, otherwise the fix will fail.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system

Now, please enter System Recovery Options then select Command Prompt.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Now restart, let it boot normally and tell me how it went.
 

Attachments

  • fixlist.txt
    906 bytes · Views: 2
I am still getting the black screen. Here is my fixlog.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-11-2012
Ran by SYSTEM at 2012-11-10 11:41:43 Run:1
Running from F:\

==============================================

C:\Users\KIyle\Desktop\k3giddnq.exe moved successfully.
C:\Program Files (x86)\YTD Toolbar moved successfully.
C:\Program Files (x86)\Application Updater moved successfully.
C:\Users\KIyle\Downloads\RiceVideoSetup(1).exe moved successfully.
C:\Users\KIyle\Downloads\RiceVideoSetup.exe moved successfully.
C:\Users\KIyle\Downloads\VizzedRgrPlugin-v1.91.msi moved successfully.
C:\Windows\Installer\{04ffdf68-d6e8-7b51-8374-b315779545c7} moved successfully.
C:\Windows\assembly\GAC_32\Desktop.ini moved successfully.
C:\Windows\assembly\GAC_64\Desktop.ini moved successfully.
C:\Windows\System32\services.exe moved successfully.
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe copied successfully to C:\Windows\System32\services.exe

==== End of Fixlog ====
 
I'm having a problem with my sleep mode. Sometimes it works and my computer wakes up. But other times it will not wake up.
 
ComboFix scan

Please download ComboFix
combofix.gif
by sUBs
From BleepingComputer.com

Please save the file to your Desktop.

Important information about ComboFix


After the download:
  • Close any open browsers.
  • Very Important: Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". Please visit here if you don't know how.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until ComboFix has completely finished.
  • If there is no Internet connection after running ComboFix, then restart your computer to restore back your connection.
Running ComboFix:
  • Double click on ComboFix.exe & follow the prompts.
  • When ComboFix finishes, it will produce a report for you.
  • Please post the report, which will launch or be found at "C:\Combo-Fix.txt" in your next reply.
Troubleshooting ComboFix

Safe Mode:

If you still cannot get ComboFix to run, try booting into Safe Mode, and run it there.

(To boot into Safe Mode, tap F8 after BIOS, and just before the Windows
logo appears. A list of options will appear, select "Safe Mode.")

Re-downloading:

If this doesn't work either, try the same method (above method), but try to download it again, except name
ComboFix.exe to iexplore.exe, explorer.exe, or winlogon.exe.

Malware is known for blocking all "user" processes, except for its whitelist of system important processes such as iexplore.exe, explorer.exe, winlogon.exe.

NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.
 
It says that I have AVG running but it has been deleted. I searched my computer and I think I have some leftover avg files. Should I delete them?
 
I used the tool to remove AVG and it worked. Here is the ComboFix Log

ComboFix 12-11-10.02 - KIyle 11/12/2012 9:22.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.5981.4614 [GMT -6:00]
Running from: c:\users\KIyle\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\StartNow Toolbar
c:\program files (x86)\StartNow Toolbar\Reactivate.exe
c:\program files (x86)\StartNow Toolbar\ReactivateFF.exe
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_images.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_maps.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_news.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_videos.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_web.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_amazon.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_ebay.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_facebook.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_games.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_msn.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_shopping.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_travel.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_twitter.png
c:\program files (x86)\StartNow Toolbar\Resources\images\startnow_logo.png
c:\program files (x86)\StartNow Toolbar\Resources\installer.xml
c:\program files (x86)\StartNow Toolbar\Resources\skin\chevron_button.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_button_hover.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_button_normal.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_dropdown_button_normal.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_input_background.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_input_left.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_input_middle.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\separator.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\splitter.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ff_hover_c.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_c.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_l.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_r.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_c.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_l.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_r.png
c:\program files (x86)\StartNow Toolbar\Resources\toolbar.xml
c:\program files (x86)\StartNow Toolbar\Resources\update.xml
c:\program files (x86)\StartNow Toolbar\search_protect.exe
c:\program files (x86)\StartNow Toolbar\StartNowToolbarUninstall.exe
c:\program files (x86)\StartNow Toolbar\Toolbar32.dll
c:\program files (x86)\StartNow Toolbar\ToolbarBroker.exe
c:\program files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe
c:\program files (x86)\StartNow Toolbar\uninstall.dat
c:\program files (x86)\StartNow Toolbar\XBrowser.dll
c:\windows\iun6002.exe
c:\windows\SysWow64\system
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Updater Service for StartNow Toolbar
-------\Service_Updater Service for StartNow Toolbar
.
.
((((((((((((((((((((((((( Files Created from 2012-10-12 to 2012-11-12 )))))))))))))))))))))))))))))))
.
.
2012-11-12 15:40 . 2012-11-12 15:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-11 23:11 . 2012-11-11 23:11 96224 ----a-w- c:\program files (x86)\Mozilla Firefox\webapprt-stub.exe
2012-11-11 23:11 . 2012-11-11 23:11 157272 ----a-w- c:\program files (x86)\Mozilla Firefox\webapp-uninstaller.exe
2012-11-10 02:04 . 2012-11-10 02:04 -------- d-----w- C:\FRST
2012-11-08 21:48 . 2012-11-08 21:48 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-11-08 21:48 . 2012-09-30 01:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-08 14:45 . 2012-10-30 23:51 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-11-08 14:45 . 2012-10-30 23:51 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-11-08 14:45 . 2012-10-30 23:51 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-11-08 14:45 . 2012-10-15 16:59 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-11-08 14:44 . 2012-10-30 23:51 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-11-08 14:44 . 2012-10-30 23:51 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-11-08 14:44 . 2012-10-30 23:50 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-11-08 14:43 . 2012-10-30 23:51 41224 ----a-w- c:\windows\avastSS.scr
2012-11-08 14:43 . 2012-10-30 23:50 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-11-08 14:41 . 2012-11-08 14:43 -------- d-----w- c:\programdata\AVAST Software
2012-11-08 14:41 . 2012-11-08 14:43 -------- d-----w- c:\program files\AVAST Software
2012-11-08 07:43 . 2012-11-08 07:43 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2012-11-08 07:40 . 2012-11-08 07:40 -------- d-----w- c:\users\KIyle\AppData\Local\Avg2013
2012-10-22 06:39 . 2012-10-22 06:39 -------- d-----w- c:\program files (x86)\Common Files\Spigot
2012-10-16 20:38 . 2012-11-11 23:11 18912 ----a-w- c:\program files (x86)\Mozilla Firefox\AccessibleMarshal.dll
2012-10-16 20:38 . 2012-10-16 20:38 2106216 ----a-w- c:\program files (x86)\Mozilla Firefox\D3DCompiler_43.dll
2012-10-16 20:38 . 2012-11-11 23:11 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-11 14:47 . 2010-03-13 04:30 65309168 ----a-w- c:\windows\system32\MRT.exe
2012-10-08 21:12 . 2012-05-04 02:43 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-08 21:12 . 2011-05-25 03:18 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-05 18:02 . 2012-10-05 18:03 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-10-05 18:02 . 2010-10-16 00:19 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-09-19 05:58 . 2012-10-05 15:51 9308616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D5D1DDF5-7CC2-4277-97BA-689D875E7D55}\mpengine.dll
2012-09-14 19:23 . 2012-10-10 22:50 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:30 . 2012-10-10 22:50 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-08-31 18:02 . 2012-10-10 22:51 1656688 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 18:11 . 2012-10-10 22:51 5505904 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-30 17:18 . 2012-10-10 22:51 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:18 . 2012-10-10 22:51 3902832 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-08-24 18:05 . 2012-10-10 22:50 220160 ----a-w- c:\windows\system32\wintrust.dll
2012-08-24 17:10 . 2012-10-10 22:50 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-08-24 11:15 . 2012-09-23 14:54 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-23 14:54 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-23 14:54 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-23 14:54 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-23 14:54 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-23 14:54 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-23 14:54 237056 ----a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-23 14:54 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-23 14:54 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-23 14:54 816640 ----a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-23 14:54 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-23 14:54 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-23 14:54 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-23 14:54 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-23 14:54 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-23 14:54 248320 ----a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-23 14:54 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-23 14:54 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-23 14:54 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-23 14:54 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-23 14:54 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-23 14:54 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-08-18 15:43 . 2012-10-10 22:50 243200 ----a-w- c:\windows\system32\wow64.dll
2012-08-18 15:43 . 2012-10-10 22:50 362496 ----a-w- c:\windows\system32\wow64win.dll
2012-08-18 15:43 . 2012-10-10 22:50 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2012-08-18 15:42 . 2012-10-10 22:50 215040 ----a-w- c:\windows\system32\winsrv.dll
2012-08-18 15:40 . 2012-10-10 22:50 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2012-08-18 15:37 . 2012-10-10 22:50 425984 ----a-w- c:\windows\system32\KernelBase.dll
2012-08-18 15:37 . 2012-10-10 22:50 1162240 ----a-w- c:\windows\system32\kernel32.dll
2012-08-18 15:34 . 2012-10-10 22:50 338432 ----a-w- c:\windows\system32\conhost.exe
2012-08-18 15:22 . 2012-10-10 22:50 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-18 15:22 . 2012-10-10 22:50 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-08-18 15:22 . 2012-10-10 22:50 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-18 15:22 . 2012-10-10 22:50 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-18 15:22 . 2012-10-10 22:50 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-08-18 15:22 . 2012-10-10 22:50 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-18 15:22 . 2012-10-10 22:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-18 15:22 . 2012-10-10 22:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-18 15:22 . 2012-10-10 22:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-08-18 15:22 . 2012-10-10 22:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-08-18 15:22 . 2012-10-10 22:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-08-18 15:22 . 2012-10-10 22:50 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-18 15:22 . 2012-10-10 22:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-18 15:22 . 2012-10-10 22:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-18 15:22 . 2012-10-10 22:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-08-18 15:22 . 2012-10-10 22:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-08-18 15:22 . 2012-10-10 22:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-08-18 15:22 . 2012-10-10 22:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-18 15:22 . 2012-10-10 22:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-08-18 15:22 . 2012-10-10 22:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-08-18 15:22 . 2012-10-10 22:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-18 15:22 . 2012-10-10 22:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-08-18 15:22 . 2012-10-10 22:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-18 15:22 . 2012-10-10 22:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-08-18 15:22 . 2012-10-10 22:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-08-18 15:22 . 2012-10-10 22:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-08-18 15:22 . 2012-10-10 22:50 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-08-18 15:22 . 2012-10-10 22:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-08-18 11:22 . 2012-10-10 22:50 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2012-08-18 11:19 . 2012-10-10 22:50 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-08-18 11:19 . 2012-10-10 22:50 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2012-08-18 11:17 . 2012-10-10 22:50 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2012-08-18 11:17 . 2012-10-10 22:50 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2012-08-18 11:09 . 2012-10-10 22:50 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-18 11:09 . 2012-10-10 22:50 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-18 11:09 . 2012-10-10 22:50 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-08-18 11:09 . 2012-10-10 22:50 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-08-18 11:09 . 2012-10-10 22:50 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-18 11:09 . 2012-10-10 22:50 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-08-18 11:09 . 2012-10-10 22:50 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-18 11:09 . 2012-10-10 22:50 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-18 11:09 . 2012-10-10 22:50 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2012-08-18 11:09 . 2012-10-10 22:50 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-18 11:09 . 2012-10-10 22:50 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2012-08-18 11:09 . 2012-10-10 22:50 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-18 11:09 . 2012-10-10 22:50 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2012-08-18 11:09 . 2012-10-10 22:50 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2012-08-18 11:09 . 2012-10-10 22:50 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-18 11:09 . 2012-10-10 22:50 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2012-08-18 11:09 . 2012-10-10 22:50 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2012-08-18 11:09 . 2012-10-10 22:50 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2012-08-18 11:09 . 2012-10-10 22:50 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2012-08-18 11:09 . 2012-10-10 22:50 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-18 11:09 . 2012-10-10 22:50 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2012-08-18 11:09 . 2012-10-10 22:50 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2012-08-18 11:09 . 2012-10-10 22:50 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-08-17 1294136]
"NortonOnlineBackupReminder"="c:\program files (x86)\Toshiba\Toshiba Online Backup\Activation\TobuActivation.exe" [2009-07-16 529256]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-07-11 74752]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-30 421888]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"Seagate Dashboard"="c:\program files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe" [2011-11-03 73728]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"SearchSettings"="c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [2012-10-16 1111432]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http://www.avg.com/ww.special-unins...BMACsAOQAtAE4AMQBEACsAMQA&prod=92&ver=9.0.872" [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;c:\windows\system32\libusbd-nt.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-30 676936]
R3 hid7906;hid7906;c:\windows\system32\drivers\hid7906.sys [x]
R3 hid8101;hid8101;c:\windows\system32\drivers\hid8101.sys [x]
R3 hid8103;hid8103;c:\windows\system32\drivers\hid8103.sys [x]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys [2011-04-06 97040]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-01-07 45408]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-17 51512]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-04 826224]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-02 1255736]
S0 O2MDGRDR;O2MDGRDR;c:\windows\system32\DRIVERS\o2mdgx64.sys [2010-11-16 77032]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2011-02-23 18232]
S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys [2009-06-29 34880]
S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS [2009-06-29 14784]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [2009-07-24 482384]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-11 248688]
S2 ConfigFree Gadget Service;ConfigFree Gadget Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-15 42368]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-11 46448]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-30 399432]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 14112]
S2 SeagateDashboardService;Seagate Dashboard Service;c:\program files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-11-03 8704]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2009-08-11 252272]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-20 14472]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-07-10 139264]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-07-27 58880]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-30 25928]
S3 O2SDGRDR;O2SDGRDR;c:\windows\system32\DRIVERS\o2sdgx64.sys [2009-08-19 49568]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2009-06-23 35008]
S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys [2009-06-15 12800]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2010-01-29 1089056]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-04 137560]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{01250B8F-D947-4F8A-9408-FE8E3EE2EC92}]
2009-08-06 16:15 264048 ----a-w- c:\program files (x86)\Toshiba\My Toshiba\MyToshiba.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-04 21:12]
.
2012-11-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-08 14:45]
.
2012-11-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-08 14:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 23:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"="c:\windows\system32\thpsrv" [X]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2009-08-04 709976]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 365592]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 387608]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2009-07-20 503864]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-01-07 2328944]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\KIyle\AppData\Roaming\Mozilla\Firefox\Profiles\rnb5n8r5.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
FF - prefs.js: network.proxy.type - 1
FF - ExtSQL: 2012-09-25 15:23; wtxpcom@mybrowserbar.com; c:\program files (x86)\Common Files\Spigot\wtxpcom
FF - ExtSQL: 2012-10-05 13:03; {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}; c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF - ExtSQL: 2012-11-08 01:13; {73a6fe31-595d-460b-a920-fcc0f8843232}; c:\users\KIyle\AppData\Roaming\Mozilla\Firefox\Profiles\rnb5n8r5.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF - ExtSQL: 2012-11-08 08:51; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: !HIDDEN! 2011-08-31 20:13; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - user.js: browser.sessionstore.resume_from_crash - false
FF - user.js: yahoo.homepage.dontask - true
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{F3FEE66E-E034-436a-86E4-9690573BEE8A} - c:\program files (x86)\YTD Toolbar\IE\6.5\ytdToolbarIE.dll
BHO-{6E13D095-45C3-4271-9475-F3B48227DD9F} - c:\program files (x86)\StartNow Toolbar\Toolbar32.dll
BHO-{F3FEE66E-E034-436a-86E4-9690573BEE8A} - c:\program files (x86)\YTD Toolbar\IE\6.5\ytdToolbarIE.dll
Toolbar-Locked - (no file)
Toolbar-{5911488E-9D1E-40ec-8CBB-06B231CC153F} - c:\program files (x86)\StartNow Toolbar\Toolbar32.dll
Toolbar-10 - (no file)
Toolbar-{F3FEE66E-E034-436a-86E4-9690573BEE8A} - c:\program files (x86)\YTD Toolbar\IE\6.5\ytdToolbarIE.dll
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-TUSBSleepChargeSrv - %ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe
Wow6432Node-HKLM-Run-ROC_ROC_NT - c:\program files (x86)\AVG Secure Search\ROC_ROC_NT.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe
HKLM-Run-HDMICtrlMan - c:\program files (x86)\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-Cassini_Sega_Saturn_Emulator_2.0 - c:\windows\iun6002.exe
AddRemove-StartNow Toolbar - c:\program files (x86)\StartNow Toolbar\StartNowToolbarUninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DbgagD\1*]
"value"="?\05\05\04\03\078?"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\windows\system32\DRIVERS\o2flash.exe
c:\program files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe
c:\program files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
.
**************************************************************************
.
Completion time: 2012-11-12 10:03:16 - machine was rebooted
ComboFix-quarantined-files.txt 2012-11-12 16:03
.
Pre-Run: 238,369,136,640 bytes free
Post-Run: 238,181,101,568 bytes free
.
- - End Of File - - 4B8B41D8899CE29D3738441BD5A50291
 
TDSSKiller Scan

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

tdss_1.jpg


-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

tdss_2.jpg


------------------------

Click the Start Scan button.

tdss_3.jpg


-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue


tdss_4.jpg


----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.


tdss_5.jpg



--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.


avast! aswMBR

Please download aswMBR from here
  • Save aswMBR.exe to your Desktop
  • Double click aswMBR.exe to run it
  • Uncheck "Trace disk IO calls".
  • Click the Scan button to start the scan as illustrated below
aswMBR_Scan.jpg

Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives.
  • Once the scan finishes click Save log to save the log to your Desktop
    aswMBR_SaveLog.png
  • Copy and paste the contents of aswMBR.txt back here for review
  • Please also find MBR.dat on your Desktop, and rename it to MBRscan.txt. Upload that as well. Do not copy and paste MBR.dat/txt, it needs to be uploaded.
 
Here is the TDSSKiller log

16:37:37.0112 4864 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:37:37.0752 4864 ============================================================
16:37:37.0752 4864 Current date / time: 2012/11/12 16:37:37.0752
16:37:37.0752 4864 SystemInfo:
16:37:37.0752 4864
16:37:37.0752 4864 OS Version: 6.1.7600 ServicePack: 0.0
16:37:37.0752 4864 Product type: Workstation
16:37:37.0752 4864 ComputerName: KIYLE-PC
16:37:37.0767 4864 UserName: KIyle
16:37:37.0767 4864 Windows directory: C:\windows
16:37:37.0767 4864 System windows directory: C:\windows
16:37:37.0767 4864 Running under WOW64
16:37:37.0767 4864 Processor architecture: Intel x64
16:37:37.0767 4864 Number of processors: 2
16:37:37.0767 4864 Page size: 0x1000
16:37:37.0767 4864 Boot type: Normal boot
16:37:37.0767 4864 ============================================================
16:37:39.0093 4864 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:37:39.0109 4864 ============================================================
16:37:39.0109 4864 \Device\Harddisk0\DR0:
16:37:39.0109 4864 MBR partitions:
16:37:39.0109 4864 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38AB4800
16:37:39.0109 4864 ============================================================
16:37:39.0156 4864 C: <-> \Device\Harddisk0\DR0\Partition1
16:37:39.0156 4864 ============================================================
16:37:39.0156 4864 Initialize success
16:37:39.0156 4864 ============================================================
16:39:11.0477 4532 ============================================================
16:39:11.0477 4532 Scan started
16:39:11.0477 4532 Mode: Manual; SigCheck; TDLFS;
16:39:11.0477 4532 ============================================================
16:39:16.0625 4532 ================ Scan services =============================
16:39:17.0077 4532 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\windows\system32\DRIVERS\1394ohci.sys
16:39:17.0186 4532 1394ohci - ok
16:39:17.0233 4532 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\windows\system32\DRIVERS\ACPI.sys
16:39:17.0249 4532 ACPI - ok
16:39:17.0280 4532 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\windows\system32\DRIVERS\acpipmi.sys
16:39:17.0311 4532 AcpiPmi - ok
16:39:17.0373 4532 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\windows\system32\drivers\adfs.sys
16:39:17.0436 4532 adfs - ok
16:39:17.0561 4532 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:39:17.0592 4532 AdobeARMservice - ok
16:39:17.0779 4532 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:39:17.0810 4532 AdobeFlashPlayerUpdateSvc - ok
16:39:17.0857 4532 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
16:39:17.0904 4532 adp94xx - ok
16:39:17.0919 4532 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
16:39:17.0935 4532 adpahci - ok
16:39:17.0951 4532 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
16:39:17.0966 4532 adpu320 - ok
16:39:17.0997 4532 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
16:39:18.0060 4532 AeLookupSvc - ok
16:39:18.0512 4532 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\windows\system32\drivers\afd.sys
16:39:18.0559 4532 AFD - ok
16:39:18.0606 4532 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\DRIVERS\agp440.sys
16:39:18.0621 4532 agp440 - ok
16:39:18.0653 4532 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
16:39:18.0668 4532 ALG - ok
16:39:18.0715 4532 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\DRIVERS\aliide.sys
16:39:18.0731 4532 aliide - ok
16:39:18.0731 4532 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\DRIVERS\amdide.sys
16:39:18.0746 4532 amdide - ok
16:39:18.0762 4532 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
16:39:18.0809 4532 AmdK8 - ok
16:39:18.0809 4532 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
16:39:18.0840 4532 AmdPPM - ok
16:39:19.0292 4532 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\windows\system32\drivers\amdsata.sys
16:39:19.0323 4532 amdsata - ok
16:39:19.0370 4532 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
16:39:19.0386 4532 amdsbs - ok
16:39:19.0417 4532 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\windows\system32\drivers\amdxata.sys
16:39:19.0448 4532 amdxata - ok
16:39:19.0526 4532 [ 03FBB7C5EA4EF153F10282614B9771CB ] AppHostSvc C:\windows\system32\inetsrv\apphostsvc.dll
16:39:19.0573 4532 AppHostSvc - ok
16:39:19.0635 4532 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\windows\system32\drivers\appid.sys
16:39:19.0698 4532 AppID - ok
16:39:19.0713 4532 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
16:39:19.0776 4532 AppIDSvc - ok
16:39:19.0823 4532 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\windows\System32\appinfo.dll
16:39:19.0854 4532 Appinfo - ok
16:39:19.0901 4532 Application Updater - ok
16:39:19.0979 4532 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
16:39:19.0994 4532 arc - ok
16:39:20.0010 4532 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
16:39:20.0025 4532 arcsas - ok
16:39:20.0072 4532 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
16:39:20.0088 4532 aswFsBlk - ok
16:39:20.0150 4532 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
16:39:20.0181 4532 aswMonFlt - ok
16:39:20.0213 4532 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\windows\System32\Drivers\aswrdr2.sys
16:39:20.0228 4532 aswRdr - ok
16:39:20.0306 4532 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\windows\system32\drivers\aswSnx.sys
16:39:20.0337 4532 aswSnx - ok
16:39:20.0369 4532 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\windows\system32\drivers\aswSP.sys
16:39:20.0384 4532 aswSP - ok
16:39:20.0431 4532 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\windows\system32\drivers\aswTdi.sys
16:39:20.0447 4532 aswTdi - ok
16:39:20.0712 4532 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
16:39:20.0774 4532 AsyncMac - ok
16:39:20.0946 4532 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\DRIVERS\atapi.sys
16:39:20.0977 4532 atapi - ok
16:39:21.0055 4532 [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr C:\windows\system32\DRIVERS\athrx.sys
16:39:21.0117 4532 athr - ok
16:39:21.0258 4532 [ 3EFD964D52221360AF0673CD61C2F4F5 ] atikmdag C:\windows\system32\DRIVERS\atikmdag.sys
16:39:21.0429 4532 atikmdag - ok
16:39:21.0819 4532 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
16:39:21.0913 4532 AudioEndpointBuilder - ok
16:39:21.0929 4532 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\windows\System32\Audiosrv.dll
16:39:21.0975 4532 AudioSrv - ok
16:39:22.0116 4532 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:39:22.0131 4532 avast! Antivirus - ok
16:39:22.0194 4532 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\windows\System32\AxInstSV.dll
16:39:22.0241 4532 AxInstSV - ok
16:39:22.0303 4532 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
16:39:22.0350 4532 b06bdrv - ok
16:39:22.0397 4532 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
16:39:22.0443 4532 b57nd60a - ok
16:39:22.0490 4532 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
16:39:22.0537 4532 BDESVC - ok
16:39:22.0584 4532 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
16:39:22.0615 4532 Beep - ok
16:39:22.0677 4532 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\windows\System32\bfe.dll
16:39:22.0724 4532 BFE - ok
16:39:22.0802 4532 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\windows\system32\qmgr.dll
16:39:22.0865 4532 BITS - ok
16:39:22.0896 4532 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
16:39:22.0927 4532 blbdrive - ok
16:39:23.0192 4532 [ 19D20159708E152267E53B66677A4995 ] bowser C:\windows\system32\DRIVERS\bowser.sys
16:39:23.0473 4532 bowser - ok
16:39:23.0520 4532 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
16:39:23.0551 4532 BrFiltLo - ok
16:39:23.0567 4532 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
16:39:23.0582 4532 BrFiltUp - ok
16:39:23.0598 4532 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
16:39:23.0645 4532 BridgeMP - ok
16:39:23.0676 4532 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\windows\System32\browser.dll
16:39:23.0691 4532 Browser - ok
16:39:23.0738 4532 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
16:39:23.0785 4532 Brserid - ok
16:39:23.0785 4532 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
16:39:23.0816 4532 BrSerWdm - ok
16:39:24.0269 4532 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
16:39:24.0331 4532 BrUsbMdm - ok
16:39:24.0331 4532 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
16:39:24.0393 4532 BrUsbSer - ok
16:39:24.0409 4532 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
16:39:24.0440 4532 BTHMODEM - ok
16:39:24.0503 4532 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
16:39:24.0565 4532 bthserv - ok
16:39:24.0596 4532 catchme - ok
16:39:24.0643 4532 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
16:39:24.0721 4532 cdfs - ok
16:39:24.0752 4532 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
16:39:24.0783 4532 cdrom - ok
16:39:24.0830 4532 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\windows\System32\certprop.dll
16:39:24.0908 4532 CertPropSvc - ok
16:39:25.0033 4532 [ 837FF2D497880198C918E6954DBD170C ] cfWiMAXService C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
16:39:25.0064 4532 cfWiMAXService - ok
16:39:25.0111 4532 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
16:39:25.0158 4532 circlass - ok
16:39:25.0189 4532 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
16:39:25.0205 4532 CLFS - ok
16:39:25.0283 4532 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:39:25.0314 4532 clr_optimization_v2.0.50727_32 - ok
16:39:25.0345 4532 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:39:25.0361 4532 clr_optimization_v2.0.50727_64 - ok
16:39:25.0423 4532 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:39:25.0454 4532 clr_optimization_v4.0.30319_32 - ok
16:39:25.0922 4532 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:39:25.0938 4532 clr_optimization_v4.0.30319_64 - ok
16:39:25.0969 4532 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
16:39:26.0000 4532 CmBatt - ok
16:39:26.0047 4532 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\DRIVERS\cmdide.sys
16:39:26.0063 4532 cmdide - ok
16:39:26.0109 4532 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\windows\system32\Drivers\cng.sys
16:39:26.0141 4532 CNG - ok
16:39:26.0187 4532 [ 3CB10294F7A59FD22501F4BAD915F250 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
16:39:26.0234 4532 CnxtHdAudService - ok
16:39:26.0484 4532 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
16:39:26.0499 4532 Compbatt - ok
16:39:26.0718 4532 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
16:39:26.0765 4532 CompositeBus - ok
16:39:26.0796 4532 COMSysApp - ok
16:39:26.0827 4532 [ D252C53BCDFC199BBA55EEB10CDB266E ] ConfigFree Gadget Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
16:39:26.0843 4532 ConfigFree Gadget Service - ok
16:39:26.0874 4532 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
16:39:26.0889 4532 ConfigFree Service - ok
16:39:26.0921 4532 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
16:39:26.0936 4532 crcdisk - ok
16:39:26.0983 4532 [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc C:\windows\system32\cryptsvc.dll
16:39:27.0045 4532 CryptSvc - ok
16:39:27.0108 4532 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\windows\system32\rpcss.dll
16:39:27.0170 4532 DcomLaunch - ok
16:39:27.0201 4532 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
16:39:27.0248 4532 defragsvc - ok
16:39:27.0295 4532 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\windows\system32\Drivers\dfsc.sys
16:39:27.0326 4532 DfsC - ok
16:39:27.0389 4532 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\windows\system32\dhcpcore.dll
16:39:27.0451 4532 Dhcp - ok
16:39:27.0482 4532 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
16:39:27.0545 4532 discache - ok
16:39:27.0591 4532 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
16:39:27.0607 4532 Disk - ok
16:39:27.0654 4532 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\windows\System32\dnsrslvr.dll
16:39:27.0685 4532 Dnscache - ok
16:39:27.0716 4532 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\windows\System32\dot3svc.dll
16:39:27.0779 4532 dot3svc - ok
16:39:27.0810 4532 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\windows\system32\dps.dll
16:39:27.0872 4532 DPS - ok
16:39:27.0919 4532 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
16:39:28.0153 4532 drmkaud - ok
16:39:28.0387 4532 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
16:39:28.0434 4532 DXGKrnl - ok
16:39:28.0465 4532 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
16:39:28.0527 4532 EapHost - ok
16:39:28.0637 4532 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
16:39:28.0964 4532 ebdrv - ok
16:39:29.0198 4532 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\windows\System32\lsass.exe
16:39:29.0229 4532 EFS - ok
16:39:29.0323 4532 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\windows\ehome\ehRecvr.exe
16:39:29.0385 4532 ehRecvr - ok
16:39:29.0432 4532 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
16:39:29.0479 4532 ehSched - ok
16:39:29.0541 4532 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
16:39:29.0573 4532 elxstor - ok
16:39:29.0588 4532 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\DRIVERS\errdev.sys
16:39:29.0635 4532 ErrDev - ok
16:39:29.0682 4532 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
16:39:29.0729 4532 EventSystem - ok
16:39:29.0744 4532 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
16:39:29.0822 4532 exfat - ok
16:39:29.0853 4532 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
16:39:29.0900 4532 fastfat - ok
16:39:29.0931 4532 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\windows\system32\fxssvc.exe
16:39:29.0978 4532 Fax - ok
16:39:30.0009 4532 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
16:39:30.0072 4532 fdc - ok
16:39:30.0119 4532 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
16:39:30.0165 4532 fdPHost - ok
16:39:30.0181 4532 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
16:39:30.0243 4532 FDResPub - ok
16:39:30.0275 4532 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
16:39:30.0290 4532 FileInfo - ok
16:39:30.0306 4532 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
16:39:30.0399 4532 Filetrace - ok
16:39:30.0805 4532 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
16:39:30.0852 4532 flpydisk - ok
16:39:30.0899 4532 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
16:39:30.0914 4532 FltMgr - ok
16:39:30.0992 4532 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\windows\system32\FntCache.dll
16:39:31.0023 4532 FontCache - ok
16:39:31.0070 4532 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:39:31.0086 4532 FontCache3.0.0.0 - ok
16:39:31.0101 4532 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
16:39:31.0117 4532 FsDepends - ok
16:39:31.0164 4532 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
16:39:31.0179 4532 Fs_Rec - ok
16:39:31.0663 4532 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
16:39:31.0710 4532 fvevol - ok
16:39:31.0741 4532 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
16:39:31.0757 4532 gagp30kx - ok
16:39:31.0835 4532 [ C44D560E441F091EA3B72F778EC60DE2 ] GameConsoleService C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
16:39:31.0866 4532 GameConsoleService - ok
16:39:31.0897 4532 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\windows\System32\gpsvc.dll
16:39:31.0959 4532 gpsvc - ok
16:39:32.0069 4532 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:39:32.0084 4532 gupdate - ok
16:39:32.0100 4532 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:39:32.0115 4532 gupdatem - ok
16:39:32.0147 4532 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:39:32.0162 4532 gusvc - ok
16:39:32.0209 4532 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
16:39:32.0225 4532 hcw85cir - ok
16:39:32.0271 4532 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
16:39:32.0334 4532 HdAudAddService - ok
16:39:32.0349 4532 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
16:39:32.0396 4532 HDAudBus - ok
16:39:32.0427 4532 hid7906 - ok
16:39:32.0443 4532 hid8101 - ok
16:39:32.0443 4532 hid8103 - ok
16:39:32.0474 4532 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
16:39:32.0490 4532 HidBatt - ok
16:39:32.0490 4532 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
16:39:32.0537 4532 HidBth - ok
16:39:32.0537 4532 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
16:39:32.0568 4532 HidIr - ok
16:39:32.0615 4532 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
16:39:32.0677 4532 hidserv - ok
16:39:32.0739 4532 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
16:39:32.0771 4532 HidUsb - ok
16:39:32.0786 4532 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\windows\system32\kmsvc.dll
16:39:32.0849 4532 hkmsvc - ok
16:39:33.0067 4532 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\windows\system32\ListSvc.dll
16:39:33.0395 4532 HomeGroupListener - ok
16:39:33.0441 4532 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\windows\system32\provsvc.dll
16:39:33.0473 4532 HomeGroupProvider - ok
16:39:33.0597 4532 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
16:39:33.0629 4532 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
16:39:33.0629 4532 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
16:39:33.0863 4532 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
16:39:34.0081 4532 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
16:39:34.0081 4532 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
16:39:34.0128 4532 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\windows\system32\DRIVERS\HpSAMD.sys
16:39:34.0143 4532 HpSAMD - ok
16:39:34.0253 4532 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
16:39:34.0299 4532 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
16:39:34.0299 4532 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
16:39:34.0331 4532 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\windows\system32\drivers\HTTP.sys
16:39:34.0409 4532 HTTP - ok
16:39:34.0440 4532 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
16:39:34.0440 4532 hwpolicy - ok
16:39:34.0471 4532 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
16:39:34.0487 4532 i8042prt - ok
16:39:34.0533 4532 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
16:39:34.0565 4532 iaStor - ok
16:39:34.0627 4532 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\windows\system32\drivers\iaStorV.sys
16:39:34.0658 4532 iaStorV - ok
16:39:34.0736 4532 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:39:34.0783 4532 IDriverT ( UnsignedFile.Multi.Generic ) - warning
16:39:34.0783 4532 IDriverT - detected UnsignedFile.Multi.Generic (1)
16:39:34.0845 4532 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:39:34.0877 4532 idsvc - ok
16:39:35.0064 4532 [ 3C3F27002ABC69C5AFE29CBE6CF7ADDF ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
16:39:35.0282 4532 igfx - ok
16:39:35.0532 4532 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
16:39:35.0781 4532 iirsp - ok
16:39:35.0828 4532 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\windows\System32\ikeext.dll
16:39:35.0906 4532 IKEEXT - ok
16:39:35.0953 4532 [ 88A20FA54C73DED4E8DAC764E9130AE9 ] IntcHdmiAddService C:\windows\system32\drivers\IntcHdmi.sys
16:39:36.0000 4532 IntcHdmiAddService - ok
16:39:36.0031 4532 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\DRIVERS\intelide.sys
16:39:36.0047 4532 intelide - ok
16:39:36.0093 4532 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
16:39:36.0125 4532 intelppm - ok
16:39:36.0577 4532 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
16:39:36.0624 4532 IPBusEnum - ok
16:39:36.0671 4532 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
16:39:36.0702 4532 IpFilterDriver - ok
16:39:36.0749 4532 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
16:39:36.0795 4532 iphlpsvc - ok
16:39:36.0827 4532 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\windows\system32\DRIVERS\IPMIDrv.sys
16:39:36.0858 4532 IPMIDRV - ok
16:39:36.0873 4532 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
16:39:36.0936 4532 IPNAT - ok
16:39:36.0983 4532 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
16:39:37.0014 4532 IRENUM - ok
16:39:37.0029 4532 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\DRIVERS\isapnp.sys
16:39:37.0045 4532 isapnp - ok
16:39:37.0061 4532 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\windows\system32\DRIVERS\msiscsi.sys
16:39:37.0092 4532 iScsiPrt - ok
16:39:37.0123 4532 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
16:39:37.0139 4532 IviRegMgr - ok
16:39:37.0154 4532 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
16:39:37.0170 4532 kbdclass - ok
16:39:37.0201 4532 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
16:39:37.0232 4532 kbdhid - ok
16:39:37.0248 4532 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\windows\system32\lsass.exe
16:39:37.0263 4532 KeyIso - ok
16:39:37.0295 4532 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
16:39:37.0326 4532 KSecDD - ok
16:39:37.0357 4532 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
16:39:37.0373 4532 KSecPkg - ok
16:39:37.0404 4532 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
16:39:37.0482 4532 ksthunk - ok
16:39:37.0544 4532 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
16:39:37.0638 4532 KtmRm - ok
16:39:37.0669 4532 [ 2377EC4CC3E356655B996F39B43486B6 ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
16:39:37.0685 4532 L1C - ok
16:39:37.0731 4532 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\windows\System32\srvsvc.dll
16:39:37.0778 4532 LanmanServer - ok
16:39:38.0215 4532 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
16:39:38.0293 4532 LanmanWorkstation - ok
16:39:38.0355 4532 libusb0 - ok
16:39:38.0371 4532 libusbd - ok
16:39:38.0402 4532 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
16:39:38.0465 4532 lltdio - ok
16:39:38.0527 4532 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
16:39:38.0589 4532 lltdsvc - ok
16:39:38.0792 4532 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
16:39:39.0057 4532 lmhosts - ok
16:39:39.0089 4532 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
16:39:39.0104 4532 LSI_FC - ok
16:39:39.0120 4532 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
16:39:39.0135 4532 LSI_SAS - ok
16:39:39.0135 4532 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
16:39:39.0151 4532 LSI_SAS2 - ok
16:39:39.0151 4532 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
16:39:39.0167 4532 LSI_SCSI - ok
16:39:39.0198 4532 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
16:39:39.0276 4532 luafv - ok
16:39:39.0323 4532 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\windows\system32\drivers\mbam.sys
16:39:39.0338 4532 MBAMProtector - ok
16:39:39.0401 4532 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:39:39.0432 4532 MBAMScheduler - ok
16:39:39.0463 4532 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:39:39.0479 4532 MBAMService - ok
16:39:39.0557 4532 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
16:39:39.0603 4532 Mcx2Svc - ok
16:39:39.0635 4532 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
16:39:39.0650 4532 megasas - ok
16:39:39.0666 4532 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
16:39:39.0681 4532 MegaSR - ok
16:39:39.0697 4532 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
16:39:39.0759 4532 MMCSS - ok
16:39:39.0791 4532 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
16:39:39.0869 4532 Modem - ok
16:39:39.0915 4532 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
16:39:39.0962 4532 monitor - ok
16:39:40.0040 4532 [ FC44AD48746FFA5FD640EF1260AB5EC2 ] MotioninJoyXFilter C:\windows\system32\DRIVERS\MijXfilt.sys
16:39:40.0071 4532 MotioninJoyXFilter - ok
16:39:40.0118 4532 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
16:39:40.0134 4532 mouclass - ok
16:39:40.0149 4532 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
16:39:40.0196 4532 mouhid - ok
16:39:40.0227 4532 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
16:39:40.0461 4532 mountmgr - ok
16:39:40.0711 4532 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:39:40.0742 4532 MozillaMaintenance - ok
16:39:40.0773 4532 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\windows\system32\DRIVERS\mpio.sys
16:39:40.0789 4532 mpio - ok
16:39:40.0805 4532 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
16:39:40.0836 4532 mpsdrv - ok
16:39:40.0898 4532 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\windows\system32\mpssvc.dll
16:39:40.0976 4532 MpsSvc - ok
16:39:41.0007 4532 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
16:39:41.0070 4532 MRxDAV - ok
16:39:41.0491 4532 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
16:39:41.0569 4532 mrxsmb - ok
16:39:41.0616 4532 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
16:39:41.0663 4532 mrxsmb10 - ok
16:39:41.0694 4532 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
16:39:41.0725 4532 mrxsmb20 - ok
16:39:41.0756 4532 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\windows\system32\DRIVERS\msahci.sys
16:39:41.0787 4532 msahci - ok
16:39:41.0803 4532 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\windows\system32\DRIVERS\msdsm.sys
16:39:41.0819 4532 msdsm - ok
16:39:41.0850 4532 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
16:39:41.0865 4532 MSDTC - ok
16:39:41.0897 4532 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
16:39:41.0928 4532 Msfs - ok
16:39:41.0959 4532 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
16:39:42.0021 4532 mshidkmdf - ok
16:39:42.0037 4532 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\DRIVERS\msisadrv.sys
16:39:42.0053 4532 msisadrv - ok
16:39:42.0099 4532 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
16:39:42.0162 4532 MSiSCSI - ok
16:39:42.0177 4532 msiserver - ok
 
16:39:42.0209 4532 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
16:39:42.0255 4532 MSKSSRV - ok
16:39:42.0271 4532 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
16:39:42.0302 4532 MSPCLOCK - ok
16:39:42.0333 4532 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
16:39:42.0380 4532 MSPQM - ok
16:39:42.0427 4532 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
16:39:42.0443 4532 MsRPC - ok
16:39:42.0458 4532 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
16:39:42.0474 4532 mssmbios - ok
16:39:42.0505 4532 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
16:39:42.0552 4532 MSTEE - ok
16:39:42.0583 4532 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
16:39:42.0614 4532 MTConfig - ok
16:39:42.0661 4532 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
16:39:42.0677 4532 Mup - ok
16:39:43.0113 4532 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\windows\system32\qagentRT.dll
16:39:43.0191 4532 napagent - ok
16:39:43.0238 4532 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
16:39:43.0301 4532 NativeWifiP - ok
16:39:43.0347 4532 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\windows\system32\drivers\ndis.sys
16:39:43.0379 4532 NDIS - ok
16:39:43.0394 4532 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
16:39:43.0457 4532 NdisCap - ok
16:39:43.0503 4532 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
16:39:43.0769 4532 NdisTapi - ok
16:39:43.0956 4532 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
16:39:44.0034 4532 Ndisuio - ok
16:39:44.0081 4532 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
16:39:44.0127 4532 NdisWan - ok
16:39:44.0143 4532 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\windows\system32\drivers\NDProxy.sys
16:39:44.0221 4532 NDProxy - ok
16:39:44.0268 4532 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
16:39:44.0299 4532 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:39:44.0299 4532 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:39:44.0361 4532 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
16:39:44.0424 4532 NetBIOS - ok
16:39:44.0455 4532 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\windows\system32\DRIVERS\netbt.sys
16:39:44.0517 4532 NetBT - ok
16:39:44.0533 4532 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\windows\system32\lsass.exe
16:39:44.0564 4532 Netlogon - ok
16:39:44.0580 4532 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
16:39:44.0627 4532 Netman - ok
16:39:44.0642 4532 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
16:39:44.0720 4532 netprofm - ok
16:39:44.0767 4532 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:39:44.0783 4532 NetTcpPortSharing - ok
16:39:44.0798 4532 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
16:39:44.0814 4532 nfrd960 - ok
16:39:44.0861 4532 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\windows\System32\nlasvc.dll
16:39:44.0923 4532 NlaSvc - ok
16:39:44.0970 4532 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
16:39:45.0001 4532 Npfs - ok
16:39:45.0032 4532 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
16:39:45.0095 4532 nsi - ok
16:39:45.0110 4532 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
16:39:45.0391 4532 nsiproxy - ok
16:39:45.0641 4532 [ 184C189D4FC416978550FC599BB4EDDA ] Ntfs C:\windows\system32\drivers\Ntfs.sys
16:39:45.0687 4532 Ntfs - ok
16:39:45.0719 4532 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
16:39:45.0765 4532 Null - ok
16:39:45.0812 4532 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\windows\system32\drivers\nvraid.sys
16:39:45.0828 4532 nvraid - ok
16:39:45.0859 4532 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\windows\system32\drivers\nvstor.sys
16:39:45.0875 4532 nvstor - ok
16:39:45.0906 4532 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\DRIVERS\nv_agp.sys
16:39:45.0921 4532 nv_agp - ok
16:39:45.0968 4532 [ D955D5DE998DB2476BF0892BE3A96C26 ] O2FLASH C:\windows\system32\DRIVERS\o2flash.exe
16:39:46.0202 4532 O2FLASH - ok
16:39:46.0436 4532 [ 3840F61D55DBF32F4B88FA15FB03C461 ] O2MDGRDR C:\windows\system32\DRIVERS\o2mdgx64.sys
16:39:46.0452 4532 O2MDGRDR - ok
16:39:46.0483 4532 [ FA1EED3A10992EBA9A39172B50346434 ] O2SDGRDR C:\windows\system32\DRIVERS\o2sdgx64.sys
16:39:46.0483 4532 O2SDGRDR - ok
16:39:46.0592 4532 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:39:46.0639 4532 odserv - ok
16:39:46.0655 4532 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\DRIVERS\ohci1394.sys
16:39:46.0701 4532 ohci1394 - ok
16:39:46.0764 4532 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:39:46.0795 4532 ose - ok
16:39:46.0826 4532 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
16:39:46.0873 4532 p2pimsvc - ok
16:39:46.0904 4532 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
16:39:46.0920 4532 p2psvc - ok
16:39:46.0951 4532 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
16:39:46.0982 4532 Parport - ok
16:39:47.0029 4532 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\windows\system32\drivers\partmgr.sys
16:39:47.0045 4532 partmgr - ok
16:39:47.0091 4532 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
16:39:47.0138 4532 PcaSvc - ok
16:39:47.0185 4532 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\windows\system32\DRIVERS\pci.sys
16:39:47.0201 4532 pci - ok
16:39:47.0216 4532 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
16:39:47.0232 4532 pciide - ok
16:39:47.0263 4532 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
16:39:47.0279 4532 pcmcia - ok
16:39:47.0294 4532 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
16:39:47.0310 4532 pcw - ok
16:39:47.0357 4532 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
16:39:47.0403 4532 PEAUTH - ok
16:39:47.0497 4532 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
16:39:47.0528 4532 PerfHost - ok
16:39:47.0559 4532 [ 663962900E7FEA522126BA287715BB4A ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
16:39:47.0575 4532 PGEffect - ok
16:39:48.0059 4532 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\windows\system32\pla.dll
16:39:48.0183 4532 pla - ok
16:39:48.0246 4532 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\windows\system32\umpnpmgr.dll
16:39:48.0293 4532 PlugPlay - ok
16:39:48.0371 4532 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
16:39:48.0402 4532 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:39:48.0402 4532 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:39:48.0651 4532 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
16:39:48.0901 4532 PNRPAutoReg - ok
16:39:48.0932 4532 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
16:39:48.0963 4532 PNRPsvc - ok
16:39:49.0010 4532 [ B23F79E41E30ED500586151A9EF27D8F ] Point64 C:\windows\system32\DRIVERS\point64.sys
16:39:49.0026 4532 Point64 - ok
16:39:49.0057 4532 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
16:39:49.0135 4532 PolicyAgent - ok
16:39:49.0182 4532 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
16:39:49.0291 4532 Power - ok
16:39:49.0338 4532 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
16:39:49.0385 4532 PptpMiniport - ok
16:39:49.0400 4532 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
16:39:49.0447 4532 Processor - ok
16:39:49.0478 4532 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\windows\system32\profsvc.dll
16:39:49.0509 4532 ProfSvc - ok
16:39:49.0525 4532 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\windows\system32\lsass.exe
16:39:49.0541 4532 ProtectedStorage - ok
16:39:49.0603 4532 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\windows\system32\DRIVERS\pacer.sys
16:39:49.0665 4532 Psched - ok
16:39:49.0712 4532 [ C8FCB4899F8B70CC34E0D9876A80963C ] QIOMem C:\windows\system32\DRIVERS\QIOMem.sys
16:39:49.0728 4532 QIOMem - ok
16:39:49.0790 4532 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
16:39:49.0837 4532 ql2300 - ok
16:39:49.0868 4532 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
16:39:49.0884 4532 ql40xx - ok
16:39:49.0899 4532 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
16:39:49.0931 4532 QWAVE - ok
16:39:49.0946 4532 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
16:39:49.0962 4532 QWAVEdrv - ok
16:39:49.0977 4532 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
16:39:50.0024 4532 RasAcd - ok
16:39:50.0055 4532 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
16:39:50.0305 4532 RasAgileVpn - ok
16:39:50.0508 4532 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
16:39:50.0586 4532 RasAuto - ok
16:39:50.0633 4532 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
16:39:50.0679 4532 Rasl2tp - ok
16:39:50.0711 4532 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\windows\System32\rasmans.dll
16:39:50.0773 4532 RasMan - ok
16:39:50.0804 4532 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
16:39:50.0882 4532 RasPppoe - ok
16:39:51.0116 4532 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
16:39:51.0397 4532 RasSstp - ok
16:39:51.0428 4532 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
16:39:51.0475 4532 rdbss - ok
16:39:51.0506 4532 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
16:39:51.0537 4532 rdpbus - ok
16:39:51.0569 4532 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
16:39:51.0600 4532 RDPCDD - ok
16:39:51.0631 4532 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
16:39:51.0693 4532 RDPENCDD - ok
16:39:51.0709 4532 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
16:39:51.0740 4532 RDPREFMP - ok
16:39:51.0787 4532 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
16:39:51.0818 4532 RDPWD - ok
16:39:51.0865 4532 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\windows\system32\drivers\rdyboost.sys
16:39:51.0881 4532 rdyboost - ok
16:39:51.0927 4532 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi C:\windows\system32\drivers\regi.sys
16:39:51.0943 4532 regi - ok
16:39:51.0959 4532 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
16:39:52.0021 4532 RemoteAccess - ok
16:39:52.0068 4532 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
16:39:52.0115 4532 RemoteRegistry - ok
16:39:52.0130 4532 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
16:39:52.0208 4532 RpcEptMapper - ok
16:39:52.0239 4532 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
16:39:52.0271 4532 RpcLocator - ok
16:39:52.0302 4532 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\windows\system32\rpcss.dll
16:39:52.0349 4532 RpcSs - ok
16:39:52.0395 4532 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
16:39:52.0442 4532 rspndr - ok
16:39:52.0957 4532 [ 9D2A069A116289A5C0776488007F62BE ] rtl8192se C:\windows\system32\DRIVERS\rtl8192se.sys
16:39:52.0988 4532 rtl8192se - ok
16:39:53.0004 4532 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\windows\system32\lsass.exe
16:39:53.0019 4532 SamSs - ok
16:39:53.0035 4532 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\windows\system32\DRIVERS\sbp2port.sys
16:39:53.0051 4532 sbp2port - ok
16:39:53.0082 4532 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
16:39:53.0160 4532 SCardSvr - ok
16:39:53.0191 4532 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
16:39:53.0253 4532 scfilter - ok
16:39:53.0316 4532 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\windows\system32\schedsvc.dll
16:39:53.0363 4532 Schedule - ok
16:39:53.0768 4532 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\windows\System32\certprop.dll
16:39:53.0815 4532 SCPolicySvc - ok
16:39:53.0846 4532 [ 54E47AD086782D3AE9417C155CDCEB9B ] sdbus C:\windows\system32\DRIVERS\sdbus.sys
16:39:53.0862 4532 sdbus - ok
16:39:53.0909 4532 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\windows\System32\SDRSVC.dll
16:39:53.0940 4532 SDRSVC - ok
16:39:54.0033 4532 [ A1A26E8EC51E199D873D85F3E2B6FC65 ] SeagateDashboardService C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
16:39:54.0065 4532 SeagateDashboardService ( UnsignedFile.Multi.Generic ) - warning
16:39:54.0065 4532 SeagateDashboardService - detected UnsignedFile.Multi.Generic (1)
16:39:54.0111 4532 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\windows\system32\seclogon.dll
16:39:54.0189 4532 seclogon - ok
16:39:54.0205 4532 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
16:39:54.0283 4532 SENS - ok
16:39:54.0330 4532 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
16:39:54.0361 4532 SensrSvc - ok
16:39:54.0392 4532 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
16:39:54.0439 4532 Serenum - ok
16:39:54.0439 4532 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
16:39:54.0470 4532 Serial - ok
16:39:54.0501 4532 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
16:39:54.0517 4532 sermouse - ok
16:39:54.0548 4532 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\windows\system32\sessenv.dll
16:39:54.0595 4532 SessionEnv - ok
16:39:54.0611 4532 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\DRIVERS\sffdisk.sys
16:39:54.0657 4532 sffdisk - ok
16:39:54.0689 4532 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\DRIVERS\sffp_mmc.sys
16:39:54.0720 4532 sffp_mmc - ok
16:39:54.0735 4532 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\windows\system32\DRIVERS\sffp_sd.sys
16:39:54.0751 4532 sffp_sd - ok
16:39:54.0751 4532 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
16:39:54.0767 4532 sfloppy - ok
16:39:54.0829 4532 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
16:39:54.0860 4532 SharedAccess - ok
16:39:54.0907 4532 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\windows\System32\shsvcs.dll
16:39:54.0923 4532 ShellHWDetection - ok
16:39:54.0954 4532 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
16:39:54.0969 4532 SiSRaid2 - ok
16:39:55.0391 4532 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
16:39:55.0406 4532 SiSRaid4 - ok
16:39:55.0469 4532 [ 94CE7845AF6A2065B829E0126CD56236 ] SmartDefragDriver C:\windows\system32\Drivers\SmartDefragDriver.sys
16:39:55.0484 4532 SmartDefragDriver - ok
16:39:55.0500 4532 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
16:39:55.0547 4532 Smb - ok
16:39:55.0593 4532 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
16:39:55.0640 4532 SNMPTRAP - ok
16:39:55.0671 4532 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
16:39:55.0687 4532 spldr - ok
16:39:55.0734 4532 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\windows\System32\spoolsv.exe
16:39:55.0781 4532 Spooler - ok
16:39:56.0342 4532 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\windows\system32\sppsvc.exe
16:39:56.0529 4532 sppsvc - ok
16:39:56.0545 4532 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
16:39:56.0607 4532 sppuinotify - ok
16:39:56.0654 4532 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\windows\system32\DRIVERS\srv.sys
16:39:56.0717 4532 srv - ok
16:39:56.0748 4532 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
16:39:56.0779 4532 srv2 - ok
16:39:56.0810 4532 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
16:39:56.0857 4532 srvnet - ok
16:39:56.0904 4532 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
16:39:56.0966 4532 SSDPSRV - ok
16:39:56.0982 4532 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
16:39:57.0029 4532 SstpSvc - ok
16:39:57.0060 4532 Steam Client Service - ok
16:39:57.0091 4532 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
16:39:57.0107 4532 stexstor - ok
16:39:57.0153 4532 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\windows\system32\DRIVERS\serscan.sys
16:39:57.0200 4532 StillCam - ok
16:39:57.0247 4532 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\windows\System32\wiaservc.dll
16:39:57.0309 4532 stisvc - ok
16:39:57.0356 4532 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
16:39:57.0372 4532 swenum - ok
16:39:57.0621 4532 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
16:39:57.0965 4532 swprv - ok
16:39:58.0011 4532 [ 12A35E44D8647985FCDB8D298A590134 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
16:39:58.0027 4532 SynTP - ok
16:39:58.0089 4532 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\windows\system32\sysmain.dll
16:39:58.0167 4532 SysMain - ok
16:39:58.0199 4532 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\windows\System32\TabSvc.dll
16:39:58.0214 4532 TabletInputService - ok
16:39:58.0245 4532 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\windows\System32\tapisrv.dll
16:39:58.0292 4532 TapiSrv - ok
16:39:58.0713 4532 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
16:39:58.0776 4532 TBS - ok
16:39:58.0885 4532 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\windows\system32\drivers\tcpip.sys
16:39:58.0932 4532 Tcpip - ok
16:39:59.0025 4532 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
16:39:59.0072 4532 TCPIP6 - ok
16:39:59.0119 4532 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
16:39:59.0150 4532 tcpipreg - ok
16:39:59.0181 4532 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
16:39:59.0197 4532 tdcmdpst - ok
16:39:59.0213 4532 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
16:39:59.0228 4532 TDPIPE - ok
16:39:59.0259 4532 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
16:39:59.0306 4532 TDTCP - ok
16:39:59.0337 4532 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\windows\system32\DRIVERS\tdx.sys
16:39:59.0369 4532 tdx - ok
16:39:59.0384 4532 [ C448651339196C0E869A355171875522 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
16:39:59.0400 4532 TermDD - ok
16:39:59.0431 4532 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\windows\System32\termsrv.dll
16:39:59.0494 4532 TermService - ok
16:39:59.0509 4532 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
16:39:59.0540 4532 Themes - ok
16:39:59.0572 4532 [ C013F6ACAA9761F571BD28DADA7C157D ] Thpdrv C:\windows\system32\DRIVERS\thpdrv.sys
16:39:59.0587 4532 Thpdrv - ok
16:39:59.0603 4532 [ B4E609047434ED948AF7BDEF2FA66E38 ] Thpevm C:\windows\system32\DRIVERS\Thpevm.SYS
16:39:59.0603 4532 Thpevm - ok
16:39:59.0650 4532 [ 6146EAC71AE3C9DA17B0E33632082B7B ] Thpsrv C:\windows\system32\ThpSrv.exe
16:39:59.0681 4532 Thpsrv - ok
16:39:59.0696 4532 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
16:39:59.0728 4532 THREADORDER - ok
16:39:59.0821 4532 [ 32577B987AE5401038451BB392CB8D89 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
16:39:59.0837 4532 TMachInfo - ok
16:40:00.0086 4532 [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv C:\Windows\system32\TODDSrv.exe
16:40:00.0102 4532 TODDSrv - ok
16:40:00.0367 4532 [ 06C61275ADC64F1E36240A2287998A5E ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
16:40:00.0398 4532 TosCoSrv - ok
16:40:00.0461 4532 [ 32FF64D06A91DAA0331C624AFF442679 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
16:40:00.0476 4532 TOSHIBA eco Utility Service - ok
16:40:00.0554 4532 [ DD58E1250F604CBBADDA04575E5E2376 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
16:40:00.0586 4532 TOSHIBA HDD SSD Alert Service - ok
16:40:00.0632 4532 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys
16:40:00.0664 4532 tos_sps64 - ok
16:40:00.0726 4532 [ DE64C52BD0671165CF2EEBF2A728A3E2 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
16:40:00.0773 4532 TPCHSrv - ok
16:40:01.0163 4532 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
16:40:01.0241 4532 TrkWks - ok
16:40:01.0319 4532 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
16:40:01.0366 4532 TrustedInstaller - ok
16:40:01.0397 4532 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
16:40:01.0444 4532 tssecsrv - ok
16:40:01.0490 4532 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
16:40:01.0537 4532 tunnel - ok
16:40:01.0553 4532 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
16:40:01.0568 4532 TVALZ - ok
16:40:01.0615 4532 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
16:40:01.0615 4532 TVALZFL - ok
16:40:01.0646 4532 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
16:40:01.0662 4532 uagp35 - ok
16:40:01.0693 4532 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\windows\system32\DRIVERS\udfs.sys
16:40:01.0724 4532 udfs - ok
16:40:01.0771 4532 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
16:40:01.0802 4532 UI0Detect - ok
16:40:01.0818 4532 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\DRIVERS\uliagpkx.sys
16:40:01.0834 4532 uliagpkx - ok
16:40:01.0880 4532 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\windows\system32\DRIVERS\umbus.sys
16:40:01.0927 4532 umbus - ok
16:40:01.0974 4532 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
16:40:02.0021 4532 UmPass - ok
16:40:02.0068 4532 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
16:40:02.0161 4532 upnphost - ok
16:40:02.0224 4532 [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio C:\windows\system32\drivers\usbaudio.sys
16:40:02.0255 4532 usbaudio - ok
16:40:02.0302 4532 [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
16:40:02.0785 4532 usbccgp - ok
16:40:02.0832 4532 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\DRIVERS\usbcir.sys
16:40:02.0879 4532 usbcir - ok
16:40:02.0926 4532 [ 92969BA5AC44E229C55A332864F79677 ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
16:40:02.0957 4532 usbehci - ok
16:40:03.0004 4532 [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
16:40:03.0050 4532 usbhub - ok
16:40:03.0082 4532 [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci C:\windows\system32\drivers\usbohci.sys
16:40:03.0128 4532 usbohci - ok
16:40:03.0160 4532 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
16:40:03.0222 4532 usbprint - ok
16:40:03.0643 4532 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\windows\system32\drivers\USBSTOR.SYS
16:40:03.0690 4532 USBSTOR - ok
16:40:03.0721 4532 [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci C:\windows\system32\DRIVERS\usbuhci.sys
16:40:03.0737 4532 usbuhci - ok
16:40:03.0799 4532 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
16:40:03.0846 4532 usbvideo - ok
16:40:03.0877 4532 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
16:40:03.0955 4532 UxSms - ok
16:40:03.0971 4532 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\windows\system32\lsass.exe
16:40:03.0986 4532 VaultSvc - ok
16:40:04.0033 4532 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\DRIVERS\vdrvroot.sys
16:40:04.0049 4532 vdrvroot - ok
16:40:04.0080 4532 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\windows\System32\vds.exe
16:40:04.0142 4532 vds - ok
16:40:04.0174 4532 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
16:40:04.0205 4532 vga - ok
16:40:04.0236 4532 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
16:40:04.0283 4532 VgaSave - ok
16:40:04.0330 4532 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\windows\system32\DRIVERS\vhdmp.sys
16:40:04.0361 4532 vhdmp - ok
16:40:04.0361 4532 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\DRIVERS\viaide.sys
16:40:04.0376 4532 viaide - ok
16:40:04.0408 4532 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\windows\system32\DRIVERS\volmgr.sys
16:40:04.0423 4532 volmgr - ok
16:40:04.0439 4532 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\windows\system32\drivers\volmgrx.sys
16:40:04.0470 4532 volmgrx - ok
16:40:04.0486 4532 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\windows\system32\DRIVERS\volsnap.sys
16:40:04.0501 4532 volsnap - ok
16:40:04.0532 4532 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
16:40:04.0548 4532 vsmraid - ok
16:40:04.0610 4532 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\windows\system32\vssvc.exe
16:40:04.0673 4532 VSS - ok
16:40:04.0688 4532 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
16:40:04.0735 4532 vwifibus - ok
16:40:04.0969 4532 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
16:40:05.0234 4532 vwififlt - ok
16:40:05.0250 4532 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
16:40:05.0266 4532 vwifimp - ok
16:40:05.0297 4532 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
16:40:05.0344 4532 W32Time - ok
16:40:05.0375 4532 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
16:40:05.0422 4532 WacomPen - ok
16:40:05.0468 4532 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
16:40:05.0546 4532 WANARP - ok
16:40:05.0546 4532 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
16:40:05.0578 4532 Wanarpv6 - ok
16:40:06.0155 4532 [ 06D2B9BC146BB0F45F45FF7A296D50C4 ] WAS C:\windows\system32\inetsrv\iisw3adm.dll
16:40:06.0248 4532 WAS - ok
16:40:06.0342 4532 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
16:40:06.0389 4532 WatAdminSvc - ok
16:40:06.0436 4532 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\windows\system32\wbengine.exe
16:40:06.0514 4532 wbengine - ok
16:40:06.0514 4532 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
16:40:06.0545 4532 WbioSrvc - ok
16:40:06.0592 4532 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\windows\System32\wcncsvc.dll
16:40:06.0607 4532 wcncsvc - ok
16:40:06.0638 4532 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
16:40:06.0685 4532 WcsPlugInService - ok
16:40:06.0732 4532 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
16:40:06.0748 4532 Wd - ok
16:40:06.0779 4532 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
16:40:06.0810 4532 Wdf01000 - ok
16:40:06.0826 4532 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
16:40:06.0857 4532 WdiServiceHost - ok
16:40:06.0872 4532 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
16:40:06.0888 4532 WdiSystemHost - ok
16:40:06.0919 4532 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\windows\System32\webclnt.dll
16:40:06.0935 4532 WebClient - ok
16:40:06.0982 4532 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
16:40:07.0028 4532 Wecsvc - ok
16:40:07.0044 4532 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
16:40:07.0075 4532 wercplsupport - ok
16:40:07.0122 4532 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
16:40:07.0169 4532 WerSvc - ok
16:40:07.0200 4532 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
16:40:07.0231 4532 WfpLwf - ok
16:40:07.0418 4532 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
16:40:07.0668 4532 WIMMount - ok
16:40:07.0715 4532 WinDefend - ok
16:40:07.0730 4532 WinHttpAutoProxySvc - ok
16:40:07.0793 4532 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
16:40:07.0840 4532 Winmgmt - ok
16:40:07.0902 4532 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\windows\system32\WsmSvc.dll
16:40:07.0980 4532 WinRM - ok
16:40:08.0089 4532 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
16:40:08.0136 4532 WinUsb - ok
16:40:08.0620 4532 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
16:40:08.0698 4532 Wlansvc - ok
16:40:08.0885 4532 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:40:08.0947 4532 wlidsvc - ok
16:40:08.0978 4532 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
16:40:08.0994 4532 WmiAcpi - ok
16:40:09.0041 4532 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
16:40:09.0072 4532 wmiApSrv - ok
16:40:09.0134 4532 WMPNetworkSvc - ok
16:40:09.0166 4532 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
16:40:09.0197 4532 WPCSvc - ok
16:40:09.0212 4532 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
16:40:09.0275 4532 WPDBusEnum - ok
16:40:09.0306 4532 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
16:40:09.0337 4532 ws2ifsl - ok
16:40:09.0400 4532 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\windows\system32\wscsvc.dll
16:40:09.0431 4532 wscsvc - ok
16:40:09.0462 4532 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\windows\system32\DRIVERS\WSDPrint.sys
16:40:09.0509 4532 WSDPrintDevice - ok
16:40:09.0509 4532 WSearch - ok
16:40:09.0649 4532 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
16:40:09.0712 4532 wuauserv - ok
16:40:09.0883 4532 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
16:40:10.0180 4532 WudfPf - ok
16:40:10.0226 4532 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
16:40:10.0273 4532 WUDFRd - ok
16:40:10.0289 4532 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\windows\System32\WUDFSvc.dll
16:40:10.0351 4532 wudfsvc - ok
16:40:10.0382 4532 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
16:40:10.0429 4532 WwanSvc - ok
16:40:10.0507 4532 [ 9176C0822FAA649E45121875BE32F5D2 ] xusb21 C:\windows\system32\DRIVERS\xusb21.sys
16:40:10.0523 4532 xusb21 - ok
 
16:40:10.0570 4532 ================ Scan global ===============================
16:40:10.0585 4532 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
16:40:10.0882 4532 [ 79CDA06F75AD5373DD447F57575C4400 ] C:\windows\system32\winsrv.dll
16:40:11.0100 4532 [ 79CDA06F75AD5373DD447F57575C4400 ] C:\windows\system32\winsrv.dll
16:40:11.0147 4532 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
16:40:11.0194 4532 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
16:40:11.0194 4532 [Global] - ok
16:40:11.0209 4532 ================ Scan MBR ==================================
16:40:11.0225 4532 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
16:40:11.0974 4532 \Device\Harddisk0\DR0 - ok
16:40:11.0974 4532 ================ Scan VBR ==================================
16:40:12.0005 4532 [ CAF17B346F7167D02FB7D51453CBB98C ] \Device\Harddisk0\DR0\Partition1
16:40:12.0005 4532 \Device\Harddisk0\DR0\Partition1 - ok
16:40:12.0005 4532 ============================================================
16:40:12.0005 4532 Scan finished
16:40:12.0005 4532 ============================================================
16:40:12.0020 3048 Detected object count: 7
16:40:12.0020 3048 Actual detected object count: 7
16:41:07.0291 3048 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
16:41:07.0291 3048 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:41:07.0291 3048 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:41:07.0291 3048 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:41:07.0291 3048 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
16:41:07.0291 3048 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:41:07.0291 3048 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
16:41:07.0291 3048 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:41:07.0307 3048 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:41:07.0307 3048 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:41:07.0307 3048 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:41:07.0307 3048 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:41:07.0307 3048 SeagateDashboardService ( UnsignedFile.Multi.Generic ) - skipped by user
16:41:07.0307 3048 SeagateDashboardService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:41:16.0433 4300 ============================================================
16:41:16.0433 4300 Scan started
16:41:16.0433 4300 Mode: Manual; SigCheck; TDLFS;
16:41:16.0433 4300 ============================================================
16:41:17.0182 4300 ================ Scan services =============================
16:41:17.0306 4300 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\windows\system32\DRIVERS\1394ohci.sys
16:41:17.0353 4300 1394ohci - ok
16:41:17.0369 4300 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\windows\system32\DRIVERS\ACPI.sys
16:41:17.0400 4300 ACPI - ok
16:41:17.0416 4300 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\windows\system32\DRIVERS\acpipmi.sys
16:41:17.0431 4300 AcpiPmi - ok
16:41:17.0462 4300 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\windows\system32\drivers\adfs.sys
16:41:17.0494 4300 adfs - ok
16:41:17.0618 4300 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:41:17.0634 4300 AdobeARMservice - ok
16:41:17.0774 4300 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:41:17.0790 4300 AdobeFlashPlayerUpdateSvc - ok
16:41:17.0837 4300 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
16:41:17.0868 4300 adp94xx - ok
16:41:17.0868 4300 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
16:41:17.0899 4300 adpahci - ok
16:41:17.0899 4300 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
16:41:17.0915 4300 adpu320 - ok
16:41:17.0946 4300 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
16:41:18.0008 4300 AeLookupSvc - ok
16:41:18.0492 4300 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\windows\system32\drivers\afd.sys
16:41:18.0523 4300 AFD - ok
16:41:18.0554 4300 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\DRIVERS\agp440.sys
16:41:18.0570 4300 agp440 - ok
16:41:18.0601 4300 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
16:41:18.0632 4300 ALG - ok
16:41:18.0632 4300 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\DRIVERS\aliide.sys
16:41:18.0648 4300 aliide - ok
16:41:18.0648 4300 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\DRIVERS\amdide.sys
16:41:18.0664 4300 amdide - ok
16:41:18.0679 4300 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
16:41:18.0695 4300 AmdK8 - ok
16:41:18.0695 4300 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
16:41:18.0710 4300 AmdPPM - ok
16:41:18.0757 4300 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\windows\system32\drivers\amdsata.sys
16:41:18.0773 4300 amdsata - ok
16:41:18.0804 4300 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
16:41:18.0820 4300 amdsbs - ok
16:41:18.0835 4300 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\windows\system32\drivers\amdxata.sys
16:41:18.0851 4300 amdxata - ok
16:41:18.0913 4300 [ 03FBB7C5EA4EF153F10282614B9771CB ] AppHostSvc C:\windows\system32\inetsrv\apphostsvc.dll
16:41:18.0944 4300 AppHostSvc - ok
16:41:18.0960 4300 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\windows\system32\drivers\appid.sys
16:41:18.0991 4300 AppID - ok
16:41:19.0007 4300 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
16:41:19.0054 4300 AppIDSvc - ok
16:41:19.0069 4300 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\windows\System32\appinfo.dll
16:41:19.0085 4300 Appinfo - ok
16:41:19.0085 4300 Application Updater - ok
16:41:19.0116 4300 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
16:41:19.0132 4300 arc - ok
16:41:19.0147 4300 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
16:41:19.0163 4300 arcsas - ok
16:41:19.0210 4300 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
16:41:19.0225 4300 aswFsBlk - ok
16:41:19.0475 4300 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
16:41:19.0490 4300 aswMonFlt - ok
16:41:19.0756 4300 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\windows\System32\Drivers\aswrdr2.sys
16:41:19.0787 4300 aswRdr - ok
16:41:19.0849 4300 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\windows\system32\drivers\aswSnx.sys
16:41:19.0896 4300 aswSnx - ok
16:41:19.0927 4300 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\windows\system32\drivers\aswSP.sys
16:41:19.0943 4300 aswSP - ok
16:41:19.0990 4300 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\windows\system32\drivers\aswTdi.sys
16:41:20.0005 4300 aswTdi - ok
16:41:20.0036 4300 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
16:41:20.0099 4300 AsyncMac - ok
16:41:20.0114 4300 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\DRIVERS\atapi.sys
16:41:20.0130 4300 atapi - ok
16:41:20.0177 4300 [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr C:\windows\system32\DRIVERS\athrx.sys
16:41:20.0224 4300 athr - ok
16:41:20.0348 4300 [ 3EFD964D52221360AF0673CD61C2F4F5 ] atikmdag C:\windows\system32\DRIVERS\atikmdag.sys
16:41:20.0426 4300 atikmdag - ok
16:41:20.0473 4300 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
16:41:20.0520 4300 AudioEndpointBuilder - ok
16:41:20.0957 4300 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\windows\System32\Audiosrv.dll
16:41:21.0019 4300 AudioSrv - ok
16:41:21.0144 4300 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:41:21.0175 4300 avast! Antivirus - ok
16:41:21.0222 4300 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\windows\System32\AxInstSV.dll
16:41:21.0253 4300 AxInstSV - ok
16:41:21.0300 4300 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
16:41:21.0316 4300 b06bdrv - ok
16:41:21.0331 4300 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
16:41:21.0347 4300 b57nd60a - ok
16:41:21.0394 4300 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
16:41:21.0409 4300 BDESVC - ok
16:41:21.0425 4300 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
16:41:21.0472 4300 Beep - ok
16:41:21.0487 4300 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\windows\System32\bfe.dll
16:41:21.0534 4300 BFE - ok
16:41:21.0581 4300 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\windows\system32\qmgr.dll
16:41:21.0628 4300 BITS - ok
16:41:21.0659 4300 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
16:41:21.0674 4300 blbdrive - ok
16:41:21.0706 4300 [ 19D20159708E152267E53B66677A4995 ] bowser C:\windows\system32\DRIVERS\bowser.sys
16:41:21.0721 4300 bowser - ok
16:41:21.0955 4300 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
16:41:21.0986 4300 BrFiltLo - ok
16:41:22.0189 4300 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
16:41:22.0220 4300 BrFiltUp - ok
16:41:22.0236 4300 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
16:41:22.0283 4300 BridgeMP - ok
16:41:22.0314 4300 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\windows\System32\browser.dll
16:41:22.0330 4300 Browser - ok
16:41:22.0361 4300 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
16:41:22.0376 4300 Brserid - ok
16:41:22.0376 4300 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
16:41:22.0408 4300 BrSerWdm - ok
16:41:22.0423 4300 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
16:41:22.0439 4300 BrUsbMdm - ok
16:41:22.0439 4300 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
16:41:22.0454 4300 BrUsbSer - ok
16:41:22.0470 4300 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
16:41:22.0486 4300 BTHMODEM - ok
16:41:22.0517 4300 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
16:41:22.0548 4300 bthserv - ok
16:41:22.0548 4300 catchme - ok
16:41:22.0579 4300 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
16:41:22.0610 4300 cdfs - ok
16:41:22.0642 4300 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
16:41:22.0657 4300 cdrom - ok
16:41:22.0673 4300 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\windows\System32\certprop.dll
16:41:22.0720 4300 CertPropSvc - ok
16:41:22.0782 4300 [ 837FF2D497880198C918E6954DBD170C ] cfWiMAXService C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
16:41:22.0813 4300 cfWiMAXService - ok
16:41:22.0844 4300 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
16:41:22.0860 4300 circlass - ok
16:41:22.0907 4300 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
16:41:22.0938 4300 CLFS - ok
16:41:23.0453 4300 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:41:23.0468 4300 clr_optimization_v2.0.50727_32 - ok
16:41:23.0500 4300 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:41:23.0531 4300 clr_optimization_v2.0.50727_64 - ok
16:41:23.0578 4300 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:41:23.0609 4300 clr_optimization_v4.0.30319_32 - ok
16:41:23.0640 4300 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:41:23.0656 4300 clr_optimization_v4.0.30319_64 - ok
16:41:23.0671 4300 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
16:41:23.0687 4300 CmBatt - ok
16:41:23.0718 4300 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\DRIVERS\cmdide.sys
16:41:23.0734 4300 cmdide - ok
16:41:23.0780 4300 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\windows\system32\Drivers\cng.sys
16:41:23.0812 4300 CNG - ok
16:41:23.0858 4300 [ 3CB10294F7A59FD22501F4BAD915F250 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
16:41:23.0874 4300 CnxtHdAudService - ok
16:41:23.0905 4300 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
16:41:23.0921 4300 Compbatt - ok
16:41:23.0921 4300 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
16:41:23.0936 4300 CompositeBus - ok
16:41:23.0936 4300 COMSysApp - ok
16:41:23.0968 4300 [ D252C53BCDFC199BBA55EEB10CDB266E ] ConfigFree Gadget Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
16:41:23.0983 4300 ConfigFree Gadget Service - ok
16:41:24.0014 4300 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
16:41:24.0030 4300 ConfigFree Service - ok
16:41:24.0046 4300 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
16:41:24.0061 4300 crcdisk - ok
16:41:24.0108 4300 [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc C:\windows\system32\cryptsvc.dll
16:41:24.0139 4300 CryptSvc - ok
16:41:24.0186 4300 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\windows\system32\rpcss.dll
16:41:24.0233 4300 DcomLaunch - ok
16:41:24.0623 4300 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
16:41:24.0670 4300 defragsvc - ok
16:41:24.0716 4300 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\windows\system32\Drivers\dfsc.sys
16:41:24.0732 4300 DfsC - ok
16:41:24.0763 4300 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\windows\system32\dhcpcore.dll
16:41:24.0794 4300 Dhcp - ok
16:41:24.0810 4300 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
16:41:24.0841 4300 discache - ok
16:41:24.0857 4300 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
16:41:24.0872 4300 Disk - ok
16:41:24.0919 4300 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\windows\System32\dnsrslvr.dll
16:41:24.0935 4300 Dnscache - ok
16:41:24.0966 4300 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\windows\System32\dot3svc.dll
16:41:24.0997 4300 dot3svc - ok
16:41:25.0013 4300 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\windows\system32\dps.dll
16:41:25.0060 4300 DPS - ok
16:41:25.0091 4300 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
16:41:25.0106 4300 drmkaud - ok
16:41:25.0153 4300 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
16:41:25.0216 4300 DXGKrnl - ok
16:41:25.0247 4300 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
16:41:25.0278 4300 EapHost - ok
16:41:25.0356 4300 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
16:41:25.0418 4300 ebdrv - ok
16:41:25.0855 4300 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\windows\System32\lsass.exe
16:41:25.0886 4300 EFS - ok
16:41:25.0964 4300 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\windows\ehome\ehRecvr.exe
16:41:25.0996 4300 ehRecvr - ok
16:41:26.0027 4300 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
16:41:26.0042 4300 ehSched - ok
16:41:26.0089 4300 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
16:41:26.0120 4300 elxstor - ok
16:41:26.0136 4300 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\DRIVERS\errdev.sys
16:41:26.0152 4300 ErrDev - ok
16:41:26.0198 4300 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
16:41:26.0230 4300 EventSystem - ok
16:41:26.0261 4300 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
16:41:26.0308 4300 exfat - ok
16:41:26.0339 4300 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
16:41:26.0370 4300 fastfat - ok
16:41:26.0401 4300 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\windows\system32\fxssvc.exe
16:41:26.0432 4300 Fax - ok
16:41:26.0448 4300 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
16:41:26.0464 4300 fdc - ok
16:41:26.0479 4300 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
16:41:26.0510 4300 fdPHost - ok
16:41:26.0542 4300 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
16:41:26.0573 4300 FDResPub - ok
16:41:26.0604 4300 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
16:41:26.0620 4300 FileInfo - ok
16:41:26.0620 4300 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
16:41:26.0666 4300 Filetrace - ok
16:41:26.0854 4300 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
16:41:26.0869 4300 flpydisk - ok
16:41:27.0103 4300 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
16:41:27.0134 4300 FltMgr - ok
16:41:27.0181 4300 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\windows\system32\FntCache.dll
16:41:27.0212 4300 FontCache - ok
16:41:27.0259 4300 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:41:27.0275 4300 FontCache3.0.0.0 - ok
16:41:27.0290 4300 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
16:41:27.0306 4300 FsDepends - ok
16:41:27.0353 4300 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
16:41:27.0368 4300 Fs_Rec - ok
16:41:27.0415 4300 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
16:41:27.0446 4300 fvevol - ok
16:41:27.0478 4300 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
16:41:27.0493 4300 gagp30kx - ok
16:41:27.0540 4300 [ C44D560E441F091EA3B72F778EC60DE2 ] GameConsoleService C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
16:41:27.0571 4300 GameConsoleService - ok
16:41:27.0618 4300 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\windows\System32\gpsvc.dll
16:41:27.0649 4300 gpsvc - ok
16:41:27.0743 4300 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:41:27.0758 4300 gupdate - ok
16:41:27.0774 4300 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:41:27.0774 4300 gupdatem - ok
16:41:27.0836 4300 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:41:27.0852 4300 gusvc - ok
16:41:27.0899 4300 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
16:41:27.0914 4300 hcw85cir - ok
16:41:28.0351 4300 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
16:41:28.0382 4300 HdAudAddService - ok
16:41:28.0398 4300 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
16:41:28.0414 4300 HDAudBus - ok
16:41:28.0429 4300 hid7906 - ok
16:41:28.0429 4300 hid8101 - ok
16:41:28.0429 4300 hid8103 - ok
16:41:28.0476 4300 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
16:41:28.0492 4300 HidBatt - ok
16:41:28.0492 4300 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
16:41:28.0507 4300 HidBth - ok
16:41:28.0523 4300 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
16:41:28.0538 4300 HidIr - ok
16:41:28.0570 4300 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
16:41:28.0632 4300 hidserv - ok
16:41:28.0663 4300 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
16:41:28.0679 4300 HidUsb - ok
16:41:28.0710 4300 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\windows\system32\kmsvc.dll
16:41:28.0741 4300 hkmsvc - ok
16:41:28.0757 4300 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\windows\system32\ListSvc.dll
16:41:28.0772 4300 HomeGroupListener - ok
16:41:28.0819 4300 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\windows\system32\provsvc.dll
16:41:28.0835 4300 HomeGroupProvider - ok
16:41:28.0944 4300 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
16:41:28.0960 4300 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
16:41:28.0960 4300 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
16:41:28.0975 4300 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
16:41:28.0991 4300 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
16:41:28.0991 4300 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
16:41:29.0006 4300 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\windows\system32\DRIVERS\HpSAMD.sys
16:41:29.0022 4300 HpSAMD - ok
16:41:29.0069 4300 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
16:41:29.0084 4300 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
16:41:29.0100 4300 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
16:41:29.0568 4300 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\windows\system32\drivers\HTTP.sys
16:41:29.0630 4300 HTTP - ok
16:41:29.0646 4300 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
16:41:29.0662 4300 hwpolicy - ok
16:41:29.0693 4300 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
16:41:29.0708 4300 i8042prt - ok
16:41:29.0740 4300 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
16:41:29.0771 4300 iaStor - ok
16:41:29.0818 4300 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\windows\system32\drivers\iaStorV.sys
16:41:29.0864 4300 iaStorV - ok
16:41:29.0927 4300 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:41:29.0942 4300 IDriverT ( UnsignedFile.Multi.Generic ) - warning
16:41:29.0942 4300 IDriverT - detected UnsignedFile.Multi.Generic (1)
16:41:30.0005 4300 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:41:30.0036 4300 idsvc - ok
16:41:30.0254 4300 [ 3C3F27002ABC69C5AFE29CBE6CF7ADDF ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
16:41:30.0348 4300 igfx - ok
16:41:30.0800 4300 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
16:41:30.0816 4300 iirsp - ok
16:41:30.0878 4300 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\windows\System32\ikeext.dll
16:41:30.0925 4300 IKEEXT - ok
16:41:30.0956 4300 [ 88A20FA54C73DED4E8DAC764E9130AE9 ] IntcHdmiAddService C:\windows\system32\drivers\IntcHdmi.sys
16:41:30.0972 4300 IntcHdmiAddService - ok
16:41:31.0003 4300 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\DRIVERS\intelide.sys
16:41:31.0019 4300 intelide - ok
16:41:31.0034 4300 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
16:41:31.0050 4300 intelppm - ok
16:41:31.0097 4300 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
16:41:31.0128 4300 IPBusEnum - ok
16:41:31.0159 4300 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
16:41:31.0206 4300 IpFilterDriver - ok
16:41:31.0222 4300 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
16:41:31.0268 4300 iphlpsvc - ok
16:41:31.0268 4300 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\windows\system32\DRIVERS\IPMIDrv.sys
16:41:31.0284 4300 IPMIDRV - ok
16:41:31.0300 4300 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
16:41:31.0331 4300 IPNAT - ok
16:41:31.0346 4300 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
16:41:31.0362 4300 IRENUM - ok
16:41:31.0393 4300 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\DRIVERS\isapnp.sys
16:41:31.0409 4300 isapnp - ok
16:41:31.0424 4300 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\windows\system32\DRIVERS\msiscsi.sys
16:41:31.0440 4300 iScsiPrt - ok
16:41:31.0471 4300 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
16:41:31.0487 4300 IviRegMgr - ok
16:41:31.0502 4300 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
16:41:31.0518 4300 kbdclass - ok
16:41:31.0549 4300 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
16:41:31.0565 4300 kbdhid - ok
16:41:31.0580 4300 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\windows\system32\lsass.exe
16:41:31.0596 4300 KeyIso - ok
16:41:32.0017 4300 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
16:41:32.0048 4300 KSecDD - ok
16:41:32.0080 4300 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
16:41:32.0095 4300 KSecPkg - ok
16:41:32.0142 4300 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
16:41:32.0173 4300 ksthunk - ok
16:41:32.0220 4300 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
16:41:32.0251 4300 KtmRm - ok
16:41:32.0282 4300 [ 2377EC4CC3E356655B996F39B43486B6 ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
16:41:32.0298 4300 L1C - ok
16:41:32.0345 4300 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\windows\System32\srvsvc.dll
16:41:32.0360 4300 LanmanServer - ok
16:41:32.0392 4300 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
16:41:32.0438 4300 LanmanWorkstation - ok
16:41:32.0438 4300 libusb0 - ok
16:41:32.0454 4300 libusbd - ok
16:41:32.0470 4300 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
16:41:32.0516 4300 lltdio - ok
16:41:32.0548 4300 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
16:41:32.0594 4300 lltdsvc - ok
16:41:32.0626 4300 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
16:41:32.0657 4300 lmhosts - ok
16:41:32.0688 4300 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
16:41:32.0704 4300 LSI_FC - ok
16:41:32.0704 4300 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
16:41:32.0719 4300 LSI_SAS - ok
16:41:32.0735 4300 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
16:41:32.0750 4300 LSI_SAS2 - ok
16:41:32.0750 4300 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
16:41:32.0766 4300 LSI_SCSI - ok
16:41:32.0797 4300 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
16:41:32.0828 4300 luafv - ok
16:41:33.0265 4300 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\windows\system32\drivers\mbam.sys
16:41:33.0281 4300 MBAMProtector - ok
16:41:33.0374 4300 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:41:33.0406 4300 MBAMScheduler - ok
16:41:33.0437 4300 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:41:33.0468 4300 MBAMService - ok
16:41:33.0499 4300 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
16:41:33.0515 4300 Mcx2Svc - ok
16:41:33.0530 4300 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
16:41:33.0546 4300 megasas - ok
16:41:33.0562 4300 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
16:41:33.0577 4300 MegaSR - ok
16:41:33.0593 4300 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
16:41:33.0640 4300 MMCSS - ok
16:41:33.0640 4300 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
16:41:33.0686 4300 Modem - ok
16:41:33.0702 4300 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
16:41:33.0718 4300 monitor - ok
16:41:33.0749 4300 [ FC44AD48746FFA5FD640EF1260AB5EC2 ] MotioninJoyXFilter C:\windows\system32\DRIVERS\MijXfilt.sys
16:41:33.0764 4300 MotioninJoyXFilter - ok
16:41:33.0780 4300 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
16:41:33.0796 4300 mouclass - ok
16:41:33.0811 4300 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
16:41:33.0827 4300 mouhid - ok
16:41:33.0842 4300 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
16:41:33.0858 4300 mountmgr - ok
16:41:33.0920 4300 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:41:33.0936 4300 MozillaMaintenance - ok
16:41:33.0967 4300 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\windows\system32\DRIVERS\mpio.sys
16:41:33.0983 4300 mpio - ok
16:41:33.0998 4300 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
16:41:34.0045 4300 mpsdrv - ok
16:41:34.0513 4300 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\windows\system32\mpssvc.dll
16:41:34.0576 4300 MpsSvc - ok
 
16:41:34.0607 4300 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
16:41:34.0622 4300 MRxDAV - ok
16:41:34.0654 4300 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
16:41:34.0685 4300 mrxsmb - ok
16:41:34.0732 4300 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
16:41:34.0747 4300 mrxsmb10 - ok
16:41:34.0763 4300 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
16:41:34.0778 4300 mrxsmb20 - ok
16:41:34.0810 4300 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\windows\system32\DRIVERS\msahci.sys
16:41:34.0825 4300 msahci - ok
16:41:34.0856 4300 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\windows\system32\DRIVERS\msdsm.sys
16:41:34.0872 4300 msdsm - ok
16:41:34.0888 4300 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
16:41:34.0903 4300 MSDTC - ok
16:41:34.0919 4300 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
16:41:34.0966 4300 Msfs - ok
16:41:34.0997 4300 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
16:41:35.0028 4300 mshidkmdf - ok
16:41:35.0059 4300 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\DRIVERS\msisadrv.sys
16:41:35.0075 4300 msisadrv - ok
16:41:35.0090 4300 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
16:41:35.0137 4300 MSiSCSI - ok
16:41:35.0137 4300 msiserver - ok
16:41:35.0153 4300 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
16:41:35.0200 4300 MSKSSRV - ok
16:41:35.0200 4300 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
16:41:35.0246 4300 MSPCLOCK - ok
16:41:35.0262 4300 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
16:41:35.0293 4300 MSPQM - ok
16:41:35.0714 4300 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
16:41:35.0746 4300 MsRPC - ok
16:41:35.0777 4300 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
16:41:35.0777 4300 mssmbios - ok
16:41:35.0808 4300 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
16:41:35.0855 4300 MSTEE - ok
16:41:35.0870 4300 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
16:41:35.0886 4300 MTConfig - ok
16:41:35.0902 4300 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
16:41:35.0917 4300 Mup - ok
16:41:35.0964 4300 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\windows\system32\qagentRT.dll
16:41:36.0011 4300 napagent - ok
16:41:36.0042 4300 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
16:41:36.0073 4300 NativeWifiP - ok
16:41:36.0104 4300 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\windows\system32\drivers\ndis.sys
16:41:36.0136 4300 NDIS - ok
16:41:36.0151 4300 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
16:41:36.0182 4300 NdisCap - ok
16:41:36.0198 4300 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
16:41:36.0245 4300 NdisTapi - ok
16:41:36.0260 4300 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
16:41:36.0292 4300 Ndisuio - ok
16:41:36.0307 4300 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
16:41:36.0338 4300 NdisWan - ok
16:41:36.0354 4300 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\windows\system32\drivers\NDProxy.sys
16:41:36.0385 4300 NDProxy - ok
16:41:36.0432 4300 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
16:41:36.0448 4300 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:41:36.0448 4300 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:41:36.0479 4300 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
16:41:36.0510 4300 NetBIOS - ok
16:41:36.0947 4300 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\windows\system32\DRIVERS\netbt.sys
16:41:36.0994 4300 NetBT - ok
16:41:37.0025 4300 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\windows\system32\lsass.exe
16:41:37.0040 4300 Netlogon - ok
16:41:37.0072 4300 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
16:41:37.0103 4300 Netman - ok
16:41:37.0118 4300 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
16:41:37.0165 4300 netprofm - ok
16:41:37.0196 4300 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:41:37.0212 4300 NetTcpPortSharing - ok
16:41:37.0228 4300 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
16:41:37.0243 4300 nfrd960 - ok
16:41:37.0274 4300 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\windows\System32\nlasvc.dll
16:41:37.0321 4300 NlaSvc - ok
16:41:37.0337 4300 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
16:41:37.0384 4300 Npfs - ok
16:41:37.0384 4300 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
16:41:37.0430 4300 nsi - ok
16:41:37.0446 4300 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
16:41:37.0477 4300 nsiproxy - ok
16:41:37.0586 4300 [ 184C189D4FC416978550FC599BB4EDDA ] Ntfs C:\windows\system32\drivers\Ntfs.sys
16:41:37.0618 4300 Ntfs - ok
16:41:37.0649 4300 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
16:41:37.0696 4300 Null - ok
16:41:37.0945 4300 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\windows\system32\drivers\nvraid.sys
16:41:37.0976 4300 nvraid - ok
16:41:38.0195 4300 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\windows\system32\drivers\nvstor.sys
16:41:38.0226 4300 nvstor - ok
16:41:38.0257 4300 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\DRIVERS\nv_agp.sys
16:41:38.0273 4300 nv_agp - ok
16:41:38.0304 4300 [ D955D5DE998DB2476BF0892BE3A96C26 ] O2FLASH C:\windows\system32\DRIVERS\o2flash.exe
16:41:38.0304 4300 O2FLASH - ok
16:41:38.0351 4300 [ 3840F61D55DBF32F4B88FA15FB03C461 ] O2MDGRDR C:\windows\system32\DRIVERS\o2mdgx64.sys
16:41:38.0351 4300 O2MDGRDR - ok
16:41:38.0382 4300 [ FA1EED3A10992EBA9A39172B50346434 ] O2SDGRDR C:\windows\system32\DRIVERS\o2sdgx64.sys
16:41:38.0382 4300 O2SDGRDR - ok
16:41:38.0491 4300 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:41:38.0522 4300 odserv - ok
16:41:38.0538 4300 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\DRIVERS\ohci1394.sys
16:41:38.0554 4300 ohci1394 - ok
16:41:38.0585 4300 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:41:38.0600 4300 ose - ok
16:41:38.0632 4300 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
16:41:38.0647 4300 p2pimsvc - ok
16:41:38.0678 4300 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
16:41:38.0694 4300 p2psvc - ok
16:41:38.0725 4300 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
16:41:38.0741 4300 Parport - ok
16:41:38.0772 4300 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\windows\system32\drivers\partmgr.sys
16:41:38.0788 4300 partmgr - ok
16:41:38.0834 4300 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
16:41:38.0850 4300 PcaSvc - ok
16:41:38.0881 4300 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\windows\system32\DRIVERS\pci.sys
16:41:38.0912 4300 pci - ok
16:41:38.0928 4300 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
16:41:38.0944 4300 pciide - ok
16:41:39.0178 4300 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
16:41:39.0209 4300 pcmcia - ok
16:41:39.0396 4300 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
16:41:39.0427 4300 pcw - ok
16:41:39.0474 4300 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
16:41:39.0521 4300 PEAUTH - ok
16:41:39.0614 4300 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
16:41:39.0646 4300 PerfHost - ok
16:41:39.0677 4300 [ 663962900E7FEA522126BA287715BB4A ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
16:41:39.0677 4300 PGEffect - ok
16:41:39.0739 4300 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\windows\system32\pla.dll
16:41:39.0786 4300 pla - ok
16:41:39.0833 4300 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\windows\system32\umpnpmgr.dll
16:41:39.0864 4300 PlugPlay - ok
16:41:39.0911 4300 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
16:41:39.0911 4300 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:41:39.0911 4300 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:41:39.0942 4300 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
16:41:39.0958 4300 PNRPAutoReg - ok
16:41:39.0989 4300 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
16:41:40.0004 4300 PNRPsvc - ok
16:41:40.0051 4300 [ B23F79E41E30ED500586151A9EF27D8F ] Point64 C:\windows\system32\DRIVERS\point64.sys
16:41:40.0067 4300 Point64 - ok
16:41:40.0114 4300 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
16:41:40.0145 4300 PolicyAgent - ok
16:41:40.0410 4300 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
16:41:40.0457 4300 Power - ok
16:41:40.0628 4300 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
16:41:40.0675 4300 PptpMiniport - ok
16:41:40.0691 4300 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
16:41:40.0706 4300 Processor - ok
16:41:40.0738 4300 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\windows\system32\profsvc.dll
16:41:40.0753 4300 ProfSvc - ok
16:41:40.0769 4300 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\windows\system32\lsass.exe
16:41:40.0784 4300 ProtectedStorage - ok
16:41:40.0800 4300 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\windows\system32\DRIVERS\pacer.sys
16:41:40.0847 4300 Psched - ok
16:41:40.0862 4300 [ C8FCB4899F8B70CC34E0D9876A80963C ] QIOMem C:\windows\system32\DRIVERS\QIOMem.sys
16:41:40.0878 4300 QIOMem - ok
16:41:40.0925 4300 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
16:41:40.0972 4300 ql2300 - ok
16:41:40.0987 4300 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
16:41:41.0003 4300 ql40xx - ok
16:41:41.0018 4300 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
16:41:41.0050 4300 QWAVE - ok
16:41:41.0065 4300 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
16:41:41.0096 4300 QWAVEdrv - ok
16:41:41.0096 4300 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
16:41:41.0143 4300 RasAcd - ok
16:41:41.0159 4300 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
16:41:41.0206 4300 RasAgileVpn - ok
16:41:41.0237 4300 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
16:41:41.0284 4300 RasAuto - ok
16:41:41.0299 4300 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
16:41:41.0346 4300 Rasl2tp - ok
16:41:41.0362 4300 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\windows\System32\rasmans.dll
16:41:41.0408 4300 RasMan - ok
16:41:41.0424 4300 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
16:41:41.0471 4300 RasPppoe - ok
16:41:41.0627 4300 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
16:41:41.0689 4300 RasSstp - ok
16:41:41.0861 4300 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
16:41:41.0908 4300 rdbss - ok
16:41:41.0939 4300 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
16:41:41.0954 4300 rdpbus - ok
16:41:41.0970 4300 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
16:41:42.0017 4300 RDPCDD - ok
16:41:42.0032 4300 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
16:41:42.0079 4300 RDPENCDD - ok
16:41:42.0095 4300 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
16:41:42.0142 4300 RDPREFMP - ok
16:41:42.0188 4300 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
16:41:42.0204 4300 RDPWD - ok
16:41:42.0235 4300 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\windows\system32\drivers\rdyboost.sys
16:41:42.0251 4300 rdyboost - ok
16:41:42.0282 4300 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi C:\windows\system32\drivers\regi.sys
16:41:42.0298 4300 regi - ok
16:41:42.0313 4300 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
16:41:42.0344 4300 RemoteAccess - ok
16:41:42.0391 4300 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
16:41:42.0422 4300 RemoteRegistry - ok
16:41:42.0438 4300 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
16:41:42.0485 4300 RpcEptMapper - ok
16:41:42.0516 4300 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
16:41:42.0532 4300 RpcLocator - ok
16:41:42.0578 4300 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\windows\system32\rpcss.dll
16:41:42.0625 4300 RpcSs - ok
16:41:42.0859 4300 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
16:41:42.0906 4300 rspndr - ok
16:41:43.0124 4300 [ 9D2A069A116289A5C0776488007F62BE ] rtl8192se C:\windows\system32\DRIVERS\rtl8192se.sys
16:41:43.0171 4300 rtl8192se - ok
16:41:43.0171 4300 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\windows\system32\lsass.exe
16:41:43.0187 4300 SamSs - ok
16:41:43.0202 4300 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\windows\system32\DRIVERS\sbp2port.sys
16:41:43.0218 4300 sbp2port - ok
16:41:43.0249 4300 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
16:41:43.0296 4300 SCardSvr - ok
16:41:43.0327 4300 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
16:41:43.0374 4300 scfilter - ok
16:41:43.0436 4300 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\windows\system32\schedsvc.dll
16:41:43.0468 4300 Schedule - ok
16:41:43.0499 4300 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\windows\System32\certprop.dll
16:41:43.0561 4300 SCPolicySvc - ok
16:41:43.0592 4300 [ 54E47AD086782D3AE9417C155CDCEB9B ] sdbus C:\windows\system32\DRIVERS\sdbus.sys
16:41:43.0608 4300 sdbus - ok
16:41:43.0655 4300 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\windows\System32\SDRSVC.dll
16:41:43.0670 4300 SDRSVC - ok
16:41:43.0733 4300 [ A1A26E8EC51E199D873D85F3E2B6FC65 ] SeagateDashboardService C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
16:41:43.0733 4300 SeagateDashboardService ( UnsignedFile.Multi.Generic ) - warning
16:41:43.0733 4300 SeagateDashboardService - detected UnsignedFile.Multi.Generic (1)
16:41:43.0764 4300 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\windows\system32\seclogon.dll
16:41:43.0826 4300 seclogon - ok
16:41:43.0842 4300 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
16:41:43.0889 4300 SENS - ok
16:41:44.0092 4300 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
16:41:44.0123 4300 SensrSvc - ok
16:41:44.0357 4300 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
16:41:44.0388 4300 Serenum - ok
16:41:44.0404 4300 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
16:41:44.0419 4300 Serial - ok
16:41:44.0435 4300 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
16:41:44.0450 4300 sermouse - ok
16:41:44.0482 4300 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\windows\system32\sessenv.dll
16:41:44.0528 4300 SessionEnv - ok
16:41:44.0544 4300 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\DRIVERS\sffdisk.sys
16:41:44.0560 4300 sffdisk - ok
16:41:44.0591 4300 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\DRIVERS\sffp_mmc.sys
16:41:44.0606 4300 sffp_mmc - ok
16:41:44.0622 4300 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\windows\system32\DRIVERS\sffp_sd.sys
16:41:44.0638 4300 sffp_sd - ok
16:41:44.0638 4300 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
16:41:44.0653 4300 sfloppy - ok
16:41:44.0684 4300 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
16:41:44.0716 4300 SharedAccess - ok
16:41:44.0762 4300 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\windows\System32\shsvcs.dll
16:41:44.0778 4300 ShellHWDetection - ok
16:41:44.0809 4300 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
16:41:44.0809 4300 SiSRaid2 - ok
16:41:44.0840 4300 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
16:41:44.0856 4300 SiSRaid4 - ok
16:41:44.0903 4300 [ 94CE7845AF6A2065B829E0126CD56236 ] SmartDefragDriver C:\windows\system32\Drivers\SmartDefragDriver.sys
16:41:44.0903 4300 SmartDefragDriver - ok
16:41:44.0934 4300 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
16:41:44.0965 4300 Smb - ok
16:41:44.0996 4300 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
16:41:45.0012 4300 SNMPTRAP - ok
16:41:45.0043 4300 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
16:41:45.0059 4300 spldr - ok
16:41:45.0106 4300 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\windows\System32\spoolsv.exe
16:41:45.0137 4300 Spooler - ok
16:41:45.0620 4300 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\windows\system32\sppsvc.exe
16:41:45.0667 4300 sppsvc - ok
16:41:45.0698 4300 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
16:41:45.0730 4300 sppuinotify - ok
16:41:45.0776 4300 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\windows\system32\DRIVERS\srv.sys
16:41:45.0792 4300 srv - ok
16:41:45.0823 4300 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
16:41:45.0839 4300 srv2 - ok
16:41:45.0886 4300 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
16:41:45.0917 4300 srvnet - ok
16:41:45.0948 4300 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
16:41:45.0995 4300 SSDPSRV - ok
16:41:45.0995 4300 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
16:41:46.0042 4300 SstpSvc - ok
16:41:46.0057 4300 Steam Client Service - ok
16:41:46.0088 4300 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
16:41:46.0104 4300 stexstor - ok
16:41:46.0151 4300 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\windows\system32\DRIVERS\serscan.sys
16:41:46.0182 4300 StillCam - ok
16:41:46.0213 4300 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\windows\System32\wiaservc.dll
16:41:46.0244 4300 stisvc - ok
16:41:46.0276 4300 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
16:41:46.0291 4300 swenum - ok
16:41:46.0322 4300 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
16:41:46.0369 4300 swprv - ok
16:41:46.0759 4300 [ 12A35E44D8647985FCDB8D298A590134 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
16:41:46.0790 4300 SynTP - ok
16:41:46.0853 4300 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\windows\system32\sysmain.dll
16:41:46.0900 4300 SysMain - ok
16:41:46.0931 4300 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\windows\System32\TabSvc.dll
16:41:46.0946 4300 TabletInputService - ok
16:41:46.0978 4300 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\windows\System32\tapisrv.dll
16:41:47.0024 4300 TapiSrv - ok
16:41:47.0024 4300 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
16:41:47.0071 4300 TBS - ok
16:41:47.0180 4300 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\windows\system32\drivers\tcpip.sys
16:41:47.0227 4300 Tcpip - ok
16:41:47.0258 4300 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
16:41:47.0290 4300 TCPIP6 - ok
16:41:47.0336 4300 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
16:41:47.0368 4300 tcpipreg - ok
16:41:47.0399 4300 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
16:41:47.0414 4300 tdcmdpst - ok
16:41:47.0430 4300 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
16:41:47.0446 4300 TDPIPE - ok
16:41:47.0477 4300 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
16:41:47.0492 4300 TDTCP - ok
16:41:47.0508 4300 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\windows\system32\DRIVERS\tdx.sys
16:41:47.0555 4300 tdx - ok
16:41:47.0570 4300 [ C448651339196C0E869A355171875522 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
16:41:47.0586 4300 TermDD - ok
16:41:48.0023 4300 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\windows\System32\termsrv.dll
16:41:48.0085 4300 TermService - ok
16:41:48.0116 4300 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
16:41:48.0132 4300 Themes - ok
16:41:48.0163 4300 [ C013F6ACAA9761F571BD28DADA7C157D ] Thpdrv C:\windows\system32\DRIVERS\thpdrv.sys
16:41:48.0179 4300 Thpdrv - ok
16:41:48.0179 4300 [ B4E609047434ED948AF7BDEF2FA66E38 ] Thpevm C:\windows\system32\DRIVERS\Thpevm.SYS
16:41:48.0194 4300 Thpevm - ok
16:41:48.0226 4300 [ 6146EAC71AE3C9DA17B0E33632082B7B ] Thpsrv C:\windows\system32\ThpSrv.exe
16:41:48.0257 4300 Thpsrv - ok
16:41:48.0272 4300 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
16:41:48.0304 4300 THREADORDER - ok
16:41:48.0366 4300 [ 32577B987AE5401038451BB392CB8D89 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
16:41:48.0382 4300 TMachInfo - ok
16:41:48.0397 4300 [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv C:\Windows\system32\TODDSrv.exe
16:41:48.0413 4300 TODDSrv - ok
16:41:48.0506 4300 [ 06C61275ADC64F1E36240A2287998A5E ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
16:41:48.0522 4300 TosCoSrv - ok
16:41:48.0584 4300 [ 32FF64D06A91DAA0331C624AFF442679 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
16:41:48.0600 4300 TOSHIBA eco Utility Service - ok
16:41:48.0662 4300 [ DD58E1250F604CBBADDA04575E5E2376 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
16:41:48.0678 4300 TOSHIBA HDD SSD Alert Service - ok
16:41:48.0709 4300 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys
16:41:48.0725 4300 tos_sps64 - ok
16:41:48.0772 4300 [ DE64C52BD0671165CF2EEBF2A728A3E2 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
16:41:48.0803 4300 TPCHSrv - ok
16:41:49.0224 4300 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
16:41:49.0271 4300 TrkWks - ok
16:41:49.0318 4300 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
16:41:49.0349 4300 TrustedInstaller - ok
16:41:49.0364 4300 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
16:41:49.0411 4300 tssecsrv - ok
16:41:49.0427 4300 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
16:41:49.0474 4300 tunnel - ok
16:41:49.0505 4300 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
16:41:49.0505 4300 TVALZ - ok
16:41:49.0536 4300 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
16:41:49.0536 4300 TVALZFL - ok
16:41:49.0567 4300 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
16:41:49.0583 4300 uagp35 - ok
16:41:49.0614 4300 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\windows\system32\DRIVERS\udfs.sys
16:41:49.0645 4300 udfs - ok
16:41:49.0676 4300 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
16:41:49.0708 4300 UI0Detect - ok
16:41:49.0723 4300 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\DRIVERS\uliagpkx.sys
16:41:49.0739 4300 uliagpkx - ok
16:41:49.0770 4300 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\windows\system32\DRIVERS\umbus.sys
16:41:49.0786 4300 umbus - ok
16:41:49.0801 4300 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
16:41:49.0817 4300 UmPass - ok
16:41:49.0848 4300 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
16:41:49.0895 4300 upnphost - ok
16:41:49.0942 4300 [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio C:\windows\system32\drivers\usbaudio.sys
16:41:49.0973 4300 usbaudio - ok
16:41:50.0004 4300 [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
16:41:50.0020 4300 usbccgp - ok
16:41:50.0254 4300 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\DRIVERS\usbcir.sys
16:41:50.0269 4300 usbcir - ok
16:41:50.0503 4300 [ 92969BA5AC44E229C55A332864F79677 ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
16:41:50.0534 4300 usbehci - ok
16:41:50.0566 4300 [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
16:41:50.0581 4300 usbhub - ok
16:41:50.0628 4300 [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci C:\windows\system32\drivers\usbohci.sys
16:41:50.0644 4300 usbohci - ok
16:41:50.0675 4300 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
16:41:50.0690 4300 usbprint - ok
16:41:50.0722 4300 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\windows\system32\drivers\USBSTOR.SYS
16:41:50.0737 4300 USBSTOR - ok
16:41:50.0784 4300 [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci C:\windows\system32\DRIVERS\usbuhci.sys
16:41:50.0800 4300 usbuhci - ok
16:41:50.0831 4300 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
16:41:50.0846 4300 usbvideo - ok
16:41:50.0878 4300 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
16:41:50.0924 4300 UxSms - ok
16:41:50.0940 4300 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\windows\system32\lsass.exe
16:41:50.0956 4300 VaultSvc - ok
16:41:50.0987 4300 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\DRIVERS\vdrvroot.sys
16:41:51.0002 4300 vdrvroot - ok
16:41:51.0034 4300 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\windows\System32\vds.exe
16:41:51.0080 4300 vds - ok
16:41:51.0096 4300 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
16:41:51.0112 4300 vga - ok
16:41:51.0143 4300 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
16:41:51.0174 4300 VgaSave - ok
16:41:51.0205 4300 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\windows\system32\DRIVERS\vhdmp.sys
16:41:51.0221 4300 vhdmp - ok
16:41:51.0221 4300 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\DRIVERS\viaide.sys
16:41:51.0236 4300 viaide - ok
16:41:51.0673 4300 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\windows\system32\DRIVERS\volmgr.sys
16:41:51.0704 4300 volmgr - ok
16:41:51.0736 4300 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\windows\system32\drivers\volmgrx.sys
16:41:51.0751 4300 volmgrx - ok
16:41:51.0782 4300 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\windows\system32\DRIVERS\volsnap.sys
16:41:51.0798 4300 volsnap - ok
16:41:51.0829 4300 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
16:41:51.0845 4300 vsmraid - ok
16:41:51.0923 4300 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\windows\system32\vssvc.exe
16:41:51.0970 4300 VSS - ok
16:41:51.0985 4300 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
16:41:52.0016 4300 vwifibus - ok
16:41:52.0032 4300 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
16:41:52.0048 4300 vwififlt - ok
16:41:52.0063 4300 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
16:41:52.0079 4300 vwifimp - ok
16:41:52.0126 4300 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
16:41:52.0172 4300 W32Time - ok
16:41:52.0204 4300 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
16:41:52.0219 4300 WacomPen - ok
16:41:52.0250 4300 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
16:41:52.0282 4300 WANARP - ok
16:41:52.0297 4300 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
16:41:52.0328 4300 Wanarpv6 - ok
16:41:52.0453 4300 [ 06D2B9BC146BB0F45F45FF7A296D50C4 ] WAS C:\windows\system32\inetsrv\iisw3adm.dll
16:41:52.0484 4300 WAS - ok
16:41:52.0968 4300 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
16:41:53.0015 4300 WatAdminSvc - ok
16:41:53.0062 4300 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\windows\system32\wbengine.exe
16:41:53.0108 4300 wbengine - ok
16:41:53.0108 4300 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
16:41:53.0140 4300 WbioSrvc - ok
16:41:53.0186 4300 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\windows\System32\wcncsvc.dll
16:41:53.0202 4300 wcncsvc - ok
16:41:53.0233 4300 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
16:41:53.0264 4300 WcsPlugInService - ok
16:41:53.0296 4300 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
16:41:53.0296 4300 Wd - ok
16:41:53.0327 4300 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
16:41:53.0358 4300 Wdf01000 - ok
16:41:53.0374 4300 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
16:41:53.0405 4300 WdiServiceHost - ok
16:41:53.0405 4300 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
16:41:53.0421 4300 WdiSystemHost - ok
16:41:53.0467 4300 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\windows\System32\webclnt.dll
16:41:53.0483 4300 WebClient - ok
16:41:53.0514 4300 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
16:41:53.0561 4300 Wecsvc - ok
16:41:53.0577 4300 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
16:41:53.0623 4300 wercplsupport - ok
16:41:53.0639 4300 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
16:41:53.0686 4300 WerSvc - ok
16:41:53.0701 4300 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
16:41:53.0733 4300 WfpLwf - ok
16:41:53.0920 4300 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
16:41:53.0935 4300 WIMMount - ok
16:41:54.0154 4300 WinDefend - ok
16:41:54.0154 4300 WinHttpAutoProxySvc - ok
16:41:54.0216 4300 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
16:41:54.0279 4300 Winmgmt - ok
16:41:54.0341 4300 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\windows\system32\WsmSvc.dll
16:41:54.0419 4300 WinRM - ok
16:41:54.0466 4300 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
16:41:54.0497 4300 WinUsb - ok
16:41:54.0528 4300 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
16:41:54.0559 4300 Wlansvc - ok
16:41:54.0700 4300 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:41:54.0762 4300 wlidsvc - ok
16:41:54.0778 4300 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
16:41:54.0793 4300 WmiAcpi - ok
16:41:54.0825 4300 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
16:41:54.0840 4300 wmiApSrv - ok
16:41:54.0887 4300 WMPNetworkSvc - ok
16:41:54.0903 4300 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
16:41:54.0934 4300 WPCSvc - ok
16:41:54.0949 4300 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
16:41:54.0965 4300 WPDBusEnum - ok
16:41:55.0402 4300 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
16:41:55.0449 4300 ws2ifsl - ok
16:41:55.0495 4300 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\windows\system32\wscsvc.dll
16:41:55.0527 4300 wscsvc - ok
16:41:55.0558 4300 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\windows\system32\DRIVERS\WSDPrint.sys
16:41:55.0573 4300 WSDPrintDevice - ok
16:41:55.0573 4300 WSearch - ok
16:41:55.0683 4300 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
16:41:55.0745 4300 wuauserv - ok
16:41:55.0761 4300 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
16:41:55.0807 4300 WudfPf - ok
16:41:55.0823 4300 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
16:41:55.0870 4300 WUDFRd - ok
16:41:55.0885 4300 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\windows\System32\WUDFSvc.dll
16:41:55.0932 4300 wudfsvc - ok
16:41:55.0963 4300 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
16:41:55.0979 4300 WwanSvc - ok
16:41:56.0010 4300 [ 9176C0822FAA649E45121875BE32F5D2 ] xusb21 C:\windows\system32\DRIVERS\xusb21.sys
16:41:56.0041 4300 xusb21 - ok
16:41:56.0057 4300 ================ Scan global ===============================
16:41:56.0088 4300 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
16:41:56.0135 4300 [ 79CDA06F75AD5373DD447F57575C4400 ] C:\windows\system32\winsrv.dll
16:41:56.0151 4300 [ 79CDA06F75AD5373DD447F57575C4400 ] C:\windows\system32\winsrv.dll
16:41:56.0385 4300 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
16:41:56.0634 4300 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
16:41:56.0650 4300 [Global] - ok
16:41:56.0650 4300 ================ Scan MBR ==================================
16:41:56.0665 4300 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
16:41:57.0913 4300 \Device\Harddisk0\DR0 - ok
16:41:57.0913 4300 ================ Scan VBR ==================================
16:41:57.0945 4300 [ CAF17B346F7167D02FB7D51453CBB98C ] \Device\Harddisk0\DR0\Partition1
16:41:57.0960 4300 \Device\Harddisk0\DR0\Partition1 - ok
16:41:57.0960 4300 ============================================================
16:41:57.0960 4300 Scan finished
16:41:57.0960 4300 ============================================================
16:41:57.0960 4248 Detected object count: 7
16:41:57.0960 4248 Actual detected object count: 7
16:43:32.0699 4248 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
16:43:32.0715 4248 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:43:32.0715 4248 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:43:32.0715 4248 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:43:32.0715 4248 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
16:43:32.0715 4248 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:43:32.0715 4248 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
16:43:32.0715 4248 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:43:32.0715 4248 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:43:32.0715 4248 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:43:32.0715 4248 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:43:32.0715 4248 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:43:32.0715 4248 SeagateDashboardService ( UnsignedFile.Multi.Generic ) - skipped by user
16:43:32.0715 4248 SeagateDashboardService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:44:57.0969 3136 Deinitialize success
 
Looks like I spoke too soon. It just needed time to finish. Here is the log.

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-12 18:16:51
-----------------------------
18:16:51.854 OS Version: Windows x64 6.1.7600
18:16:51.854 Number of processors: 2 586 0x170A
18:16:51.854 ComputerName: KIYLE-PC UserName: KIyle
18:16:58.546 Initialze error C000010E - driver not loaded
18:16:58.624 AVAST engine defs: 12111201
18:17:09.248 Service scanning
18:18:14.161 Modules scanning
18:18:16.657 AVAST engine scan C:\windows
18:18:23.068 AVAST engine scan C:\windows\system32
18:22:13.137 AVAST engine scan C:\windows\system32\drivers
18:22:30.984 AVAST engine scan C:\Users\KIyle
22:43:05.009 File: C:\Users\KIyle\Desktop\Autoboard 5\fscommand\SAVEPOP.exe **INFECTED** Win32:Malware-gen
22:43:05.133 File: C:\Users\KIyle\Desktop\Autoboard 5\fscommand\SAVEWARNINGS.exe **INFECTED** Win32:Malware-gen
00:05:01.989 AVAST engine scan C:\ProgramData
00:09:22.279 Scan finished successfully
00:21:39.555 The log file has been saved successfully to "C:\Users\KIyle\Desktop\aswMBR.txt"
 
ESET Online Scan

Please run a free online scan with the ESET Online Scanner
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install, or it will ask to download an installer. Please do so an install it.
  • Click Start or wait for the scanner to load.
  • Make sure that the options Remove found threats and the option Scan unwanted applications are checked.
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, there are a couple of things to keep in mind:
  • 1. If NO threats were found, allow the scanner to Uninstall on close and then close the Window.
  • 2. If threats WERE detected, click on List of Threats Found, Export to Text File...save it as ESET-Scan-Log.txt. Click the back button/link, put a checkmark to Uninstall Application on Close and then close the window.
  • Open the logfile from wherever you saved it
  • Copy and paste the contents in your next reply.


Any more issues?

We need to know any other issues that are plaguing your computer. Kindly give a summary so we know how to continue from here.

Many of the things to note for us would be:

  • Slow computer
  • Error messages
  • Fake antivirus alerts or the icon in the system tray
  • svchost.exe running at 100%
  • System crashes or blue screen of death
 
The only issue I have is that occasionally my firefox browser will redirect me to scorecardsearch.com

I'll post the ESET scan log when it finishes.
 
Status
Not open for further replies.

Similar threads

E
I have been taken over by a software called Astanda using XML to Log everything and roaming to an SQL server.
Replies
0
Views
465
eriksnyman1
E
M
Virus warning popup
Replies
1
Views
531
Mark Fuller
M
A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A

Latest posts

Back