Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - dee_can

Pages: 1 [2] 3 4
16
Analysis and Malware Removal / Re: Spyware (Zbot.OUT) found
« on: August 18, 2012, 11:52:21 AM »
 :police:  :wink: I did more searching on the internet last night for the Security Alert that I'm getting. I typed the exact wording into google, and came up with the following. It's a genuine Windows alert, for one thing. I'm imagining it became enabled after downloading either MSE or Spywareblaster. The fix is to go to Internet Explorer/Tools/Internet Options/Advanced/Security, and way down the list is "Warn if changing between secure and not secure mode". It was checked, so I unchecked it. I also restarted the computer to see if it would go back to being checked, but it stayed unchecked. Apparently some people have problems with it being enabled again (against their will, and probably under the influence of some computer protection program they've downloaded). So far so good, but if it keeps coming back on I'm going to have to figure out the program that is causing it to be checked under my IE security settings.

Re: the CBS logs, will that repeated error cause some sort of problem with my computer, do you know? If you think so, I'll follow you to the forum you mentioned. Thanks, Corrine.

17
Analysis and Malware Removal / Re: Spyware (Zbot.OUT) found
« on: August 17, 2012, 10:53:30 PM »
I spoke too soon. At least I haven't gotten the Security Alert pop-up the last two times I've logged in here at these forums; but I wanted to test it, and tried logging into Photobucket, and I got the Security Alert pop-up. So, I think I'll try the IE reset.

If this new Security Alert message started because of downloading either the Spywareblaster or MSE, maybe I could try uninstalling Spywareblaster to see if it disappears, and if not, uninstall MSE (and download a different antivirus program) and see what happens? I won't do everything all at once, though (ie. the IE reset and uninstalling the programs). Just throwing this out there. I like MSE but I have it scheduled to do a quick scan every morning at 8, and it still hasn't done it automatically. I've had to manually do the updates and scans each day so far.

18
Analysis and Malware Removal / Re: Spyware (Zbot.OUT) found
« on: August 17, 2012, 10:37:52 PM »

Did you shutdown/restart and run System File Checker again after receiving this message?

 :grin: Oops. No, I didn't. So... I did that today - ran the System File Checker and then restarted/ran again 3 times after the first time. I got the same corrupt files message each time. Not sure whether that means it keeps fixing the same corrupt files; and if so, why would it keep fixing the same corrupt files over and over again if they've already been fixed?

Here's the whole scannow text:

Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation.  All rights reserved.

C:\Windows\system32>sfc /SCANNOW

Beginning system scan.  This process will take some time.

Beginning verification phase of system scan.
Verification 100% complete.

Windows Resource Protection found corrupt files and successfully repaired
them. Details are included in the CBS.Log windir\Logs\CBS\CBS.log. For
example C:\Windows\Logs\CBS\CBS.log

C:\Windows\system32>

I'll try resetting my IE settings and let you know how it goes. On second thought, I'm able to log in from my own computer tonight, and I haven't had problems with the 'Security Alert' stopping me (with logging on, or previewing my post), so maybe I'll wait a day and see if it's actually resolved itself. Knock on wood, I'll see what happens when I click on 'post'... Thanks. D. *Adding on, I'm modifying my post just so I can tell you that I was able to post w/o the Security Alert blocking me.*  :D

19
Analysis and Malware Removal / Re: Spyware (Zbot.OUT) found
« on: August 16, 2012, 09:35:23 PM »
Correction of my last sentence, I meant 'repairing the files (not 'logs') didn't get rid of the Security Alert. Just to clarify.

20
Analysis and Malware Removal / Re: Spyware (Zbot.OUT) found
« on: August 16, 2012, 09:19:19 PM »
Part II of my response: The scannow log says: "Windows Resource Protection found corrupt files and successfully repaired them. Details in CBS.Logs, (etc)." I did find the CBS logs but my access was denied. I could see the option to change who can view them, but I didn't want to mess anything up. I'm not even sure if this is important. I will say that repairing the logs didn't get rid of the Security Alert, however.

21
Analysis and Malware Removal / Re: Spyware (Zbot.OUT) found
« on: August 16, 2012, 09:05:58 PM »
Hi Corrine,


I don't understand what you mean when you wrote:

Quote
I was finally able to email it after closing all windows with task manager and then sending it from my desktop


It's hard to describe but when I tried to email my response to my other computer so that I could post it (since the fake Security Alert pop-up basically froze my screen), I couldn't use the email while that was happening so I used Task Manager and had to email the file from my desktop. iow, I couldn't email anything with the windows open. I hope that makes sense.

Currently, the 'Security Alert' pop-up is still freezing up my ability to use my computer. I wanted to post some pictures via photobucket, but when I try to log-on to my photobucket page, the fake Security Alert pop-up opens and I can't go any further, ie. I can't log-on, therefore use, photobucket. I tried changing my password, but the Security Alert still popped up. It's frustrating the... heck out of me.

What I had to do was, once again, send all the images to my other computer, and now post them from here (I'm not at my troubled PC right now). I've been utilizing the snipping tool (very cool, thanks for telling me about it  :embarrassed:). Here's the actual dreaded Security Alert (like I'm sure you need to see it for the 3rd time - ha):



I also ran the scannow. I was going to post a 'snipped photo' of the screen with the results, but it's not very clear. I'll have to recheck my other computer, and then tell you what it found. (It did find a corrupt file, but I'll be more specific and post it.)

Also, I went ahead and downloaded Superantispyware. It found a trojan (I seem to have one at least every few days, or else they are hiding really well and only certain programs find them). I copied the log for you to have a look at:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 08/16/2012 at 11:53 AM

Application Version : 5.5.1012

Core Rules Database Version : 9068
Trace Rules Database Version: 6880

Scan type       : Complete Scan
Total Scan Time : 01:05:41

Operating System Information
Windows Vista Home Premium 64-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User

Memory items scanned      : 712
Memory threats detected   : 0
Registry items scanned    : 66786
Registry threats detected : 0
File items scanned        : 60009
File threats detected     : 16

Adware.Tracking Cookie
   C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\270KQTDF.txt [ Cookie:owner@kontera.com/ ]
   C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZZV4KBHP.txt [ Cookie:owner@dmtracker.com/ ]
   C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\XLLMHE9F.txt [ Cookie:owner@mm.chitika.net/ ]
   C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\9MHJACJS.txt [ Cookie:owner@adserver.adtechus.com/ ]
   C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\owner@richmedia.yahoo[2].txt [ Cookie:owner@richmedia.yahoo.com/ ]
   C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\BTSMSPHK.txt [ Cookie:owner@revsci.net/ ]
   C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\63DS506G.txt [ Cookie:owner@collective-media.net/ ]
   C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\J2IJDAJP.txt [ Cookie:owner@casalemedia.com/ ]
   C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\GJLQZ690.txt [ Cookie:owner@invitemedia.com/ ]
   C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\owner@www.corusmedia[1].txt [ Cookie:owner@www.corusmedia.com/ ]
   C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\owner@caloriecount.about[2].txt [ Cookie:owner@caloriecount.about.com/ ]
   C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\QEOA0MC9.txt [ Cookie:owner@support.google.com/accounts/ ]
   C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\OEEK7T8J.txt [ Cookie:owner@softwaretracker.blogspot.com/ ]
   C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\Low\D7CETTOF.txt [ Cookie:owner@accounts.google.com/ ]

Trojan.Agent/Gen-Malintent
   C:\WINDOWS\SETUP\SCRIPTS\UNIVERSAL\TCL_FRN\ASKTOSHIBA\ASKTOSHIBA-042908-FR.EXE
   C:\WINDOWS\SETUP\SCRIPTS\UNIVERSAL\TCL_FRN\TOSHIBATRIALOFFERS\TOSHIBATRIALOFFERS-FR-061208.EXE

Do you have any idea what I can do to get rid of the Security Alert pop-up? It's really hindering my ability to use my computer. Do you think a system restore, if all else fails, is an option? (Because I think it may have something to do with what ComboFix deleted/or fixed, will system restore undo the effects of ComboFix?) Like I said before, I can't say for sure it's because of ComboFix, but it started after I did that scan. I think this is the only issue of concern right now, except for finding trojans kind of frequently. I'm thinking of downloading WinPatrol tomorrow.  Thanks, D.

22
Analysis and Malware Removal / Re: Spyware (Zbot.OUT) found
« on: August 15, 2012, 09:49:28 AM »
Thanks for the tip, Corrine. I'll reschedule my scans. So you don't think the MPTelemetry, MSOE-DLL 'stuff' is anything to worry about, but just something to do with MSE scanning/updates?

Here is a copy of the ComboFix quarantine log (is 'Install.exe.vir' a virus?):

 2012-08-11 15:38:33 . 2012-08-11 15:38:33               80 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-HDMICtrlMan.reg.dat
2012-08-11 15:38:33 . 2012-08-11 15:38:33               80 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-00TCrdMain.reg.dat
2012-08-11 15:38:33 . 2012-08-11 15:38:33               80 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-SmoothView.reg.dat
2012-08-11 15:38:33 . 2012-08-11 15:38:33               80 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-HSON.reg.dat
2012-08-11 15:38:33 . 2012-08-11 15:38:33               80 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-TPwrMain.reg.dat
2012-08-11 15:38:21 . 2012-08-11 15:38:21               80 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-Windows Defender.reg.dat
2012-08-11 15:37:24 . 2012-08-11 15:37:24              131 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-HKLM-Run-cfFncEnabler.exe.reg.dat
2012-08-11 15:37:21 . 2012-08-11 15:37:21              106 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-HKCU-Run-TOSCDSPD.reg.dat
2012-08-11 15:20:53 . 2012-08-11 15:20:53            5,466 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2012-08-11 15:14:39 . 2012-08-11 15:14:39               51 ----a-w-  C:\Qoobox\Quarantine\catchme.log
2007-11-07 11:03:18 . 2007-11-07 11:03:18          562,688 ----a-w-  C:\Qoobox\Quarantine\C\Install.exe.vir

23
Analysis and Malware Removal / Re: Spyware (Zbot.OUT) found
« on: August 14, 2012, 09:24:51 PM »
Hi Corrine,

I was able to bring up the reply box, so that's why I thought I was logged on. I don't think I can respond without logging on, that's what I thought was different about it.

No, I've never had the Security Alert message ever, at any website. And, it only started after the ComboFix. Not blaming the ComboFix, necessarily, but that's just when it started.

I always turn my computer off every night.

I have the MSE scheduled to scan every Sunday at 5:00 pm. Since I turn my PC off every night, I scheduled it to come on a bit earlier. I think the 'MPTelemetry' has something to do with MSE; and also the email problem (MSEO DLL)? I've never had that message before either. : /

24
Analysis and Malware Removal / Re: Spyware (Zbot.OUT) found
« on: August 14, 2012, 10:53:13 AM »
Corrine, I'm sorry, I didn't realize that the log was cut off, and I should have checked before I posted it. Here's the rest:

18:43:58.0459 5696   Wanarp          (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
18:43:58.0459 5696   Wanarp - ok
18:43:58.0459 5696   Wanarpv6        (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
18:43:58.0459 5696   Wanarpv6 - ok
18:43:58.0537 5696   wcncsvc         (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll
18:43:58.0552 5696   wcncsvc - ok
18:43:58.0584 5696   WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll
18:43:58.0584 5696   WcsPlugInService - ok
18:43:58.0599 5696   Wd              (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
18:43:58.0599 5696   Wd - ok
18:43:58.0677 5696   Wdf01000        (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
18:43:58.0708 5696   Wdf01000 - ok
18:43:58.0724 5696   WdiServiceHost  (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
18:43:58.0724 5696   WdiServiceHost - ok
18:43:58.0724 5696   WdiSystemHost   (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
18:43:58.0724 5696   WdiSystemHost - ok
18:43:58.0771 5696   WebClient       (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll
18:43:58.0771 5696   WebClient - ok
18:43:58.0818 5696   Wecsvc          (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll
18:43:58.0833 5696   Wecsvc - ok
18:43:58.0880 5696   wercplsupport   (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll
18:43:58.0896 5696   wercplsupport - ok
18:43:58.0911 5696   WerSvc          (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll
18:43:58.0911 5696   WerSvc - ok
18:43:59.0005 5696   WinDefend - ok
18:43:59.0005 5696   WinHttpAutoProxySvc - ok
18:43:59.0067 5696   Winmgmt         (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll
18:43:59.0114 5696   Winmgmt - ok
18:43:59.0270 5696   WinRM           (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll
18:43:59.0317 5696   WinRM - ok
18:43:59.0504 5696   Wlansvc         (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll
18:43:59.0535 5696   Wlansvc - ok
18:43:59.0598 5696   WmiAcpi         (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys
18:43:59.0598 5696   WmiAcpi - ok
18:43:59.0644 5696   wmiApSrv        (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe
18:43:59.0644 5696   wmiApSrv - ok
18:43:59.0738 5696   WMPNetworkSvc - ok
18:43:59.0816 5696   WPCSvc          (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll
18:43:59.0816 5696   WPCSvc - ok
18:43:59.0847 5696   WPDBusEnum      (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll
18:43:59.0863 5696   WPDBusEnum - ok
18:43:59.0878 5696   WpdUsb          (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
18:43:59.0878 5696   WpdUsb - ok
18:44:00.0034 5696   WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:44:00.0050 5696   WPFFontCache_v0400 - ok
18:44:00.0066 5696   ws2ifsl         (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
18:44:00.0066 5696   ws2ifsl - ok
18:44:00.0097 5696   wscsvc          (9ea3e6d0ef7a5c2b9181961052a4b01a) C:\Windows\system32\wscsvc.dll
18:44:00.0097 5696   wscsvc - ok
18:44:00.0112 5696   WSearch - ok
18:44:00.0331 5696   wuauserv        (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
18:44:00.0393 5696   wuauserv - ok
18:44:00.0471 5696   wudfsvc         (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll
18:44:00.0471 5696   wudfsvc - ok
18:44:00.0534 5696   MBR (0x1B8)     (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
18:44:01.0017 5696   \Device\Harddisk0\DR0 - ok
18:44:01.0017 5696   Boot (0x1200)   (dbdf804960690f887d5e0007cb363bd6) \Device\Harddisk0\DR0\Partition0
18:44:01.0033 5696   \Device\Harddisk0\DR0\Partition0 - ok
18:44:01.0064 5696   Boot (0x1200)   (dbc46ea75a99a2de285546c0f0fcd608) \Device\Harddisk0\DR0\Partition1
18:44:01.0064 5696   \Device\Harddisk0\DR0\Partition1 - ok
18:44:01.0064 5696   ============================================================
18:44:01.0064 5696   Scan finished
18:44:01.0064 5696   ============================================================
18:44:01.0080 1260   Detected object count: 0
18:44:01.0080 1260   Actual detected object count: 0
19:08:49.0614 5964   Deinitialize success


No, I didn't change my security settings in IE9 or add the site to the Restricted Sites. I've never changed the settings or added sites at any time.

I don't really understand about removing the website in the steps 1 through 7. I followed your instructions but Landsdown is not in any of my restricted sites or intranet.

Also, something weird just happened again. I turned on my computer this morning (I had started the above response last night and saved it until this morning to post), and I opened up 'Report Problems and Solutions' that was signalling me (for lack of a better description) down on my task bar. I clicked on 'Check for solutions to these problems', and this was one of them: Product: Antimalware Service Executable, Problem: MP Telemetry, Date: 13/08/2012. I opened up the report (as follows):

Product
Antimalware Service Executable

Problem
MpTelemetry

Date
13/08/2012 11:10 AM

Status
Not Reported

Problem signature
Problem Event Name:   MpTelemetry
Problem Signature 01:   2152759308
Problem Signature 02:   unspecified
Problem Signature 03:   ScanFile
Problem Signature 04:   4.0.1526.0
Problem Signature 05:   Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
Problem Signature 06:   unspecified
Problem Signature 07:   unspecified
OS Version:   6.0.6002.2.2.0.768.3
Locale ID:   4105

Files that help describe the problem
client_manifest.txt

It also had the option to open the file, but it warned me that if it was a virus it could harm my computer. I didn't open it. Here's another weird thing, I seemed to stay 'logged on' at LzD all night (allowing me to type in the reply box this morning), but when I try to post my reply it says my session has timed out (but my screen is frozen because of the Security Alert). So I copy/pasted my response and tried to email it to my other computer and my email won't work, it says, "Windows mail could not be started because MSEO.DLL could not be loaded". I was finally able to email it after closing all windows with task manager and then sending it from my desktop. Thanks (again), D.

 

25
Analysis and Malware Removal / Re: Spyware (Zbot.OUT) found
« on: August 13, 2012, 09:18:58 PM »
Corrine, Unfortunately clearing the history/cache/cookies didn't stop that Security Alert pop-up msg. lol, I'm running around like a chicken with my head cut off, I was trying to post that I had found the TDDSKiller.txt on my vista computer, but the Security Alert msg buggered up my ability to post it from my PC, so I had to send the txt to my other computer and run to it to post it here before you saw my last message.  :lol:

26
Analysis and Malware Removal / Re: Spyware (Zbot.OUT) found
« on: August 13, 2012, 09:15:17 PM »
My apologies Corrine, I found it:

18:43:19.0256 4596 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
18:43:19.0662 4596 ============================================================
18:43:19.0662 4596 Current date / time: 2012/08/13 18:43:19.0662
18:43:19.0662 4596 SystemInfo:
18:43:19.0662 4596
18:43:19.0662 4596 OS Version: 6.0.6002 ServicePack: 2.0
18:43:19.0662 4596 Product type: Workstation
18:43:19.0662 4596 ComputerName: OWNER-PC
18:43:19.0662 4596 UserName: Owner
18:43:19.0662 4596 Windows directory: C:\Windows
18:43:19.0662 4596 System windows directory: C:\Windows
18:43:19.0662 4596 Running under WOW64
18:43:19.0662 4596 Processor architecture: Intel x64
18:43:19.0662 4596 Number of processors: 2
18:43:19.0662 4596 Page size: 0x1000
18:43:19.0662 4596 Boot type: Normal boot
18:43:19.0662 4596 ============================================================
18:43:20.0863 4596 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:43:20.0863 4596 ============================================================
18:43:20.0863 4596 \Device\Harddisk0\DR0:
18:43:20.0863 4596 MBR partitions:
18:43:20.0863 4596 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x2355A000
18:43:20.0863 4596 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x23848800, BlocksNum 0xE5B800
18:43:20.0863 4596 ============================================================
18:43:20.0894 4596 C: <-> \Device\Harddisk0\DR0\Partition0
18:43:20.0941 4596 D: <-> \Device\Harddisk0\DR0\Partition1
18:43:20.0941 4596 ============================================================
18:43:20.0941 4596 Initialize success
18:43:20.0941 4596 ============================================================
18:43:36.0915 5696 ============================================================
18:43:36.0915 5696 Scan started
18:43:36.0915 5696 Mode: Manual;
18:43:36.0915 5696 ============================================================
18:43:37.0305 5696 ACPI            (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
18:43:37.0305 5696 ACPI - ok
18:43:37.0477 5696 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:43:37.0477 5696 AdobeARMservice - ok
18:43:37.0633 5696 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:43:37.0633 5696 AdobeFlashPlayerUpdateSvc - ok
18:43:37.0695 5696 adp94xx         (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
18:43:37.0711 5696 adp94xx - ok
18:43:38.0007 5696 adpahci         (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
18:43:38.0038 5696 adpahci - ok
18:43:38.0070 5696 adpu160m        (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
18:43:38.0070 5696 adpu160m - ok
18:43:38.0132 5696 adpu320         (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
18:43:38.0132 5696 adpu320 - ok
18:43:38.0194 5696 AeLookupSvc     (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll
18:43:38.0210 5696 AeLookupSvc - ok
18:43:38.0272 5696 AFD             (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
18:43:38.0288 5696 AFD - ok
18:43:38.0319 5696 AgereModemAudio (8b0d8b5bafd4c9d57b41426bc68b32f9) C:\Windows\system32\agr64svc.exe
18:43:38.0319 5696 AgereModemAudio - ok
18:43:38.0444 5696 AgereSoftModem  (3627a62b10284ffbf862bfd49928edf4) C:\Windows\system32\DRIVERS\agrsm64.sys
18:43:38.0491 5696 AgereSoftModem - ok
18:43:38.0538 5696 agp440          (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
18:43:38.0538 5696 agp440 - ok
18:43:38.0584 5696 aic78xx         (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
18:43:38.0584 5696 aic78xx - ok
18:43:38.0616 5696 ALG             (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe
18:43:38.0616 5696 ALG - ok
18:43:38.0662 5696 aliide          (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
18:43:38.0662 5696 aliide - ok
18:43:38.0662 5696 amdide          (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
18:43:38.0678 5696 amdide - ok
18:43:38.0694 5696 AmdK8           (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
18:43:38.0694 5696 AmdK8 - ok
18:43:38.0725 5696 Appinfo         (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll
18:43:38.0725 5696 Appinfo - ok
18:43:38.0896 5696 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:43:38.0896 5696 Apple Mobile Device - ok
18:43:38.0974 5696 arc             (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
18:43:38.0974 5696 arc - ok
18:43:39.0021 5696 arcsas          (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
18:43:39.0021 5696 arcsas - ok
18:43:39.0068 5696 AsyncMac        (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
18:43:39.0068 5696 AsyncMac - ok
18:43:39.0084 5696 atapi           (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
18:43:39.0084 5696 atapi - ok
18:43:39.0177 5696 Ati External Event Utility (673d134d1ef8b163e181939f5611bbd4) C:\Windows\system32\Ati2evxx.exe
18:43:39.0208 5696 Ati External Event Utility - ok
18:43:39.0505 5696 atikmdag        (d51496a88a183b5363ac6651ea703434) C:\Windows\system32\DRIVERS\atikmdag.sys
18:43:39.0598 5696 atikmdag - ok
18:43:39.0723 5696 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
18:43:39.0739 5696 AudioEndpointBuilder - ok
18:43:39.0739 5696 AudioSrv        (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
18:43:39.0739 5696 AudioSrv - ok
18:43:39.0770 5696 Beep - ok
18:43:39.0817 5696 BFE             (ffb96c2589ffa60473ead78b39fbde29) C:\Windows\System32\bfe.dll
18:43:39.0832 5696 BFE - ok
18:43:39.0910 5696 BITS            (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\system32\qmgr.dll
18:43:39.0942 5696 BITS - ok
18:43:39.0973 5696 blbdrive        (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
18:43:39.0988 5696 blbdrive - ok
18:43:40.0129 5696 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
18:43:40.0129 5696 Bonjour Service - ok
18:43:40.0207 5696 bowser          (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
18:43:40.0207 5696 bowser - ok
18:43:40.0222 5696 BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
18:43:40.0222 5696 BrFiltLo - ok
18:43:40.0238 5696 BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
18:43:40.0238 5696 BrFiltUp - ok
18:43:40.0269 5696 Browser         (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll
18:43:40.0285 5696 Browser - ok
18:43:40.0347 5696 Brserid         (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
18:43:40.0347 5696 Brserid - ok
18:43:40.0363 5696 BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
18:43:40.0378 5696 BrSerWdm - ok
18:43:40.0394 5696 BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
18:43:40.0394 5696 BrUsbMdm - ok
18:43:40.0410 5696 BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
18:43:40.0410 5696 BrUsbSer - ok
18:43:40.0425 5696 BTHMODEM        (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
18:43:40.0425 5696 BTHMODEM - ok
18:43:40.0441 5696 catchme - ok
18:43:40.0456 5696 cdfs            (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
18:43:40.0456 5696 cdfs - ok
18:43:40.0488 5696 cdrom           (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
18:43:40.0488 5696 cdrom - ok
18:43:40.0519 5696 CertPropSvc     (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
18:43:40.0519 5696 CertPropSvc - ok
18:43:40.0534 5696 circlass        (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
18:43:40.0534 5696 circlass - ok
18:43:40.0581 5696 CLFS            (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
18:43:40.0581 5696 CLFS - ok
18:43:40.0644 5696 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:43:40.0659 5696 clr_optimization_v2.0.50727_32 - ok
18:43:40.0690 5696 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:43:40.0690 5696 clr_optimization_v2.0.50727_64 - ok
18:43:40.0800 5696 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:43:40.0800 5696 clr_optimization_v4.0.30319_32 - ok
18:43:40.0846 5696 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:43:40.0846 5696 clr_optimization_v4.0.30319_64 - ok
18:43:40.0878 5696 CmBatt          (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys
18:43:40.0878 5696 CmBatt - ok
18:43:40.0893 5696 cmdide          (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
18:43:40.0893 5696 cmdide - ok
18:43:40.0909 5696 Compbatt        (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys
18:43:40.0909 5696 Compbatt - ok
18:43:40.0940 5696 COMSysApp - ok
18:43:41.0049 5696 ConfigFree Gadget Service (5ac8a997e8d9c131b5f90b4f3ccfae34) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
18:43:41.0049 5696 ConfigFree Gadget Service - ok
18:43:41.0065 5696 ConfigFree Service (d10d01b2dfcd8d2f32a32ed29e8da1c2) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
18:43:41.0065 5696 ConfigFree Service - ok
18:43:41.0065 5696 crcdisk         (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
18:43:41.0065 5696 crcdisk - ok
18:43:41.0112 5696 CryptSvc        (62740b9d2a137e8ced41a9e4239a7a31) C:\Windows\system32\cryptsvc.dll
18:43:41.0112 5696 CryptSvc - ok
18:43:41.0174 5696 DcomLaunch      (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
18:43:41.0205 5696 DcomLaunch - ok
18:43:41.0221 5696 DfsC            (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
18:43:41.0236 5696 DfsC - ok
18:43:41.0517 5696 DFSR            (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe
18:43:41.0642 5696 DFSR - ok
18:43:41.0767 5696 Dhcp            (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll
18:43:41.0782 5696 Dhcp - ok
18:43:41.0814 5696 disk            (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
18:43:41.0829 5696 disk - ok
18:43:41.0860 5696 Dnscache        (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll
18:43:41.0860 5696 Dnscache - ok
18:43:41.0938 5696 dot3svc         (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll
18:43:41.0938 5696 dot3svc - ok
18:43:41.0954 5696 Dot4            (74c02b1717740c3b8039539e23e4b53f) C:\Windows\system32\DRIVERS\Dot4.sys
18:43:41.0970 5696 Dot4 - ok
18:43:41.0985 5696 Dot4Print       (08321d1860235bf42cf2854234337aea) C:\Windows\system32\DRIVERS\Dot4Prt.sys
18:43:41.0985 5696 Dot4Print - ok
18:43:42.0001 5696 dot4usb         (4adccf0124f2b6911d3786a5d0e779e5) C:\Windows\system32\DRIVERS\dot4usb.sys
18:43:42.0001 5696 dot4usb - ok
18:43:42.0032 5696 DPS             (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll
18:43:42.0032 5696 DPS - ok
18:43:42.0048 5696 drmkaud         (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
18:43:42.0063 5696 drmkaud - ok
18:43:42.0141 5696 DXGKrnl         (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
18:43:42.0172 5696 DXGKrnl - ok
18:43:42.0188 5696 E1G60           (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
18:43:42.0188 5696 E1G60 - ok
18:43:42.0204 5696 EapHost         (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll
18:43:42.0219 5696 EapHost - ok
18:43:42.0250 5696 Ecache          (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
18:43:42.0250 5696 Ecache - ok
18:43:42.0313 5696 ehRecvr         (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe
18:43:42.0313 5696 ehRecvr - ok
18:43:42.0344 5696 ehSched         (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe
18:43:42.0344 5696 ehSched - ok
18:43:42.0360 5696 ehstart         (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll
18:43:42.0360 5696 ehstart - ok
18:43:42.0406 5696 elxstor         (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
18:43:42.0422 5696 elxstor - ok
18:43:42.0500 5696 EMDMgmt         (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll
18:43:42.0516 5696 EMDMgmt - ok
18:43:42.0547 5696 ErrDev          (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
18:43:42.0547 5696 ErrDev - ok
18:43:42.0625 5696 EventSystem     (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll
18:43:42.0640 5696 EventSystem - ok
18:43:42.0687 5696 exfat           (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
18:43:42.0687 5696 exfat - ok
18:43:42.0750 5696 fastfat         (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
18:43:42.0750 5696 fastfat - ok
18:43:42.0796 5696 fdc             (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
18:43:42.0796 5696 fdc - ok
18:43:42.0828 5696 fdPHost         (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll
18:43:42.0828 5696 fdPHost - ok
18:43:42.0843 5696 FDResPub        (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll
18:43:42.0843 5696 FDResPub - ok
18:43:42.0859 5696 FileInfo        (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
18:43:42.0859 5696 FileInfo - ok
18:43:42.0921 5696 Filetrace       (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
18:43:42.0921 5696 Filetrace - ok
18:43:42.0952 5696 flpydisk        (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
18:43:42.0952 5696 flpydisk - ok
18:43:42.0999 5696 FltMgr          (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
18:43:42.0999 5696 FltMgr - ok
18:43:43.0155 5696 FontCache       (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll
18:43:43.0202 5696 FontCache - ok
18:43:43.0264 5696 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:43:43.0264 5696 FontCache3.0.0.0 - ok
18:43:43.0311 5696 Fs_Rec          (5779b86cd8b32519fbecb136394d946a) C:\Windows\system32\drivers\Fs_Rec.sys
18:43:43.0311 5696 Fs_Rec - ok
18:43:43.0342 5696 FwLnk           (6d06b5eebba23c16789efc820ee1f253) C:\Windows\system32\DRIVERS\FwLnk.sys
18:43:43.0342 5696 FwLnk - ok
18:43:43.0374 5696 gagp30kx        (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
18:43:43.0374 5696 gagp30kx - ok
18:43:43.0420 5696 GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\Drivers\GEARAspiWDM.sys
18:43:43.0436 5696 GEARAspiWDM - ok
18:43:43.0545 5696 gpsvc           (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll
18:43:43.0576 5696 gpsvc - ok
18:43:43.0623 5696 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys
18:43:43.0639 5696 HdAudAddService - ok
18:43:43.0764 5696 HDAudBus        (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
18:43:43.0795 5696 HDAudBus - ok
18:43:43.0826 5696 HidBth          (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
18:43:43.0826 5696 HidBth - ok
18:43:43.0842 5696 HidIr           (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
18:43:43.0842 5696 HidIr - ok
18:43:43.0857 5696 hidserv         (59361d38a297755d46a540e450202b2a) C:\Windows\System32\hidserv.dll
18:43:43.0857 5696 hidserv - ok
18:43:43.0888 5696 HidUsb          (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
18:43:43.0888 5696 HidUsb - ok
18:43:43.0920 5696 hkmsvc          (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll
18:43:43.0920 5696 hkmsvc - ok
18:43:43.0951 5696 HpCISSs         (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
18:43:43.0951 5696 HpCISSs - ok
18:43:44.0029 5696 HTTP            (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
18:43:44.0060 5696 HTTP - ok
18:43:44.0076 5696 i2omp           (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
18:43:44.0076 5696 i2omp - ok
18:43:44.0091 5696 i8042prt        (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
18:43:44.0091 5696 i8042prt - ok
18:43:44.0169 5696 iaStor          (8d58627fef3f8767665d9f4dc91cbd97) C:\Windows\system32\DRIVERS\iaStor.sys
18:43:44.0169 5696 iaStor - ok
18:43:44.0388 5696 iaStorV         (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
18:43:44.0403 5696 iaStorV - ok
18:43:44.0606 5696 idsvc           (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:43:44.0622 5696 idsvc - ok
18:43:44.0653 5696 iirsp           (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
18:43:44.0668 5696 iirsp - ok
18:43:44.0715 5696 IKEEXT          (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll
18:43:44.0731 5696 IKEEXT - ok
18:43:44.0824 5696 IntcAzAudAddService (1835b384d2d66752ed1460e9085230bd) C:\Windows\system32\drivers\RTKVHD64.sys
18:43:44.0856 5696 IntcAzAudAddService - ok
18:43:44.0871 5696 intelide        (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
18:43:44.0871 5696 intelide - ok
18:43:44.0902 5696 intelppm        (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
18:43:44.0902 5696 intelppm - ok
18:43:44.0918 5696 IPBusEnum       (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll
18:43:44.0918 5696 IPBusEnum - ok
18:43:44.0949 5696 IpFilterDriver  (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:43:44.0949 5696 IpFilterDriver - ok
18:43:45.0027 5696 iphlpsvc        (bf0dbfa9792c5c14fa00f61c75116c1b) C:\Windows\System32\iphlpsvc.dll
18:43:45.0043 5696 iphlpsvc - ok
18:43:45.0043 5696 IpInIp - ok
18:43:45.0074 5696 IPMIDRV         (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
18:43:45.0090 5696 IPMIDRV - ok
18:43:45.0105 5696 IPNAT           (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
18:43:45.0121 5696 IPNAT - ok
18:43:45.0246 5696 iPod Service    (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
18:43:45.0246 5696 iPod Service - ok
18:43:45.0261 5696 IRENUM          (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
18:43:45.0261 5696 IRENUM - ok
18:43:45.0277 5696 isapnp          (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
18:43:45.0277 5696 isapnp - ok
18:43:45.0324 5696 iScsiPrt        (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
18:43:45.0324 5696 iScsiPrt - ok
18:43:45.0355 5696 iteatapi        (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
18:43:45.0355 5696 iteatapi - ok
18:43:45.0370 5696 iteraid         (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
18:43:45.0370 5696 iteraid - ok
18:43:45.0386 5696 kbdclass        (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
18:43:45.0386 5696 kbdclass - ok
18:43:45.0402 5696 kbdhid          (bf8783a5066cfecf45095459e8010fa7) C:\Windows\system32\DRIVERS\kbdhid.sys
18:43:45.0402 5696 kbdhid - ok
18:43:45.0417 5696 KeyIso          (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
18:43:45.0417 5696 KeyIso - ok
18:43:45.0480 5696 KSecDD          (88956ad9fa510848ad176777a6c6c1f5) C:\Windows\system32\Drivers\ksecdd.sys
18:43:45.0495 5696 KSecDD - ok
18:43:45.0526 5696 ksthunk         (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
18:43:45.0526 5696 ksthunk - ok
18:43:45.0604 5696 KtmRm           (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll
18:43:45.0620 5696 KtmRm - ok
18:43:45.0667 5696 LanmanServer    (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\System32\srvsvc.dll
18:43:45.0667 5696 LanmanServer - ok
18:43:45.0714 5696 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll
18:43:45.0714 5696 LanmanWorkstation - ok
18:43:45.0776 5696 libusb0         (acec35f181075b20a5ef4a71958b13df) C:\Windows\system32\DRIVERS\libusb0.sys
18:43:45.0792 5696 libusb0 - ok
18:43:45.0823 5696 lltdio          (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
18:43:45.0823 5696 lltdio - ok
18:43:45.0870 5696 lltdsvc         (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll
18:43:45.0870 5696 lltdsvc - ok
18:43:45.0885 5696 lmhosts         (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll
18:43:45.0885 5696 lmhosts - ok
18:43:45.0916 5696 LSI_FC          (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
18:43:45.0932 5696 LSI_FC - ok
18:43:45.0963 5696 LSI_SAS         (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
18:43:45.0963 5696 LSI_SAS - ok
18:43:45.0979 5696 LSI_SCSI        (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
18:43:45.0994 5696 LSI_SCSI - ok
18:43:46.0010 5696 luafv           (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
18:43:46.0010 5696 luafv - ok
18:43:46.0057 5696 lxdfCATSCustConnectService (06407e13684e4b1ad56c62893e718248) C:\Windows\system32\spool\DRIVERS\x64\3\\lxdfserv.exe
18:43:46.0057 5696 lxdfCATSCustConnectService - ok
18:43:46.0072 5696 lxdf_device - ok
18:43:46.0088 5696 Mcx2Svc         (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll
18:43:46.0088 5696 Mcx2Svc - ok
18:43:46.0119 5696 megasas         (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
18:43:46.0119 5696 megasas - ok
18:43:46.0166 5696 MegaSR          (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
18:43:46.0182 5696 MegaSR - ok
18:43:46.0197 5696 MMCSS           (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
18:43:46.0197 5696 MMCSS - ok
18:43:46.0213 5696 Modem           (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
18:43:46.0213 5696 Modem - ok
18:43:46.0244 5696 monitor         (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
18:43:46.0244 5696 monitor - ok
18:43:46.0244 5696 mouclass        (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
18:43:46.0244 5696 mouclass - ok
18:43:46.0260 5696 mouhid          (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
18:43:46.0260 5696 mouhid - ok
18:43:46.0275 5696 MountMgr        (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
18:43:46.0275 5696 MountMgr - ok
18:43:46.0353 5696 MpFilter        (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
18:43:46.0353 5696 MpFilter - ok
18:43:46.0384 5696 mpio            (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
18:43:46.0384 5696 mpio - ok
18:43:46.0400 5696 mpsdrv          (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
18:43:46.0400 5696 mpsdrv - ok
18:43:46.0509 5696 MpsSvc          (897e3baf68ba406a61682ae39c83900c) C:\Windows\system32\mpssvc.dll
18:43:46.0525 5696 MpsSvc - ok
18:43:46.0540 5696 Mraid35x        (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
18:43:46.0556 5696 Mraid35x - ok
18:43:46.0572 5696 MRxDAV          (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
18:43:46.0587 5696 MRxDAV - ok
18:43:46.0618 5696 mrxsmb          (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:43:46.0618 5696 mrxsmb - ok
18:43:46.0665 5696 mrxsmb10        (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:43:46.0665 5696 mrxsmb10 - ok
18:43:46.0681 5696 mrxsmb20        (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:43:46.0696 5696 mrxsmb20 - ok
18:43:46.0712 5696 msahci          (730b784962d22d2c6481eae2370e7c8c) C:\Windows\system32\drivers\msahci.sys
18:43:46.0712 5696 msahci - ok
18:43:46.0743 5696 msdsm           (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
18:43:46.0743 5696 msdsm - ok
18:43:46.0790 5696 MSDTC           (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe
18:43:46.0790 5696 MSDTC - ok
18:43:46.0821 5696 Msfs            (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
18:43:46.0837 5696 Msfs - ok
18:43:46.0852 5696 msisadrv        (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
18:43:46.0852 5696 msisadrv - ok
18:43:46.0915 5696 MSiSCSI         (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll
18:43:46.0915 5696 MSiSCSI - ok
18:43:46.0930 5696 msiserver - ok
18:43:46.0962 5696 MSKSSRV         (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
18:43:46.0962 5696 MSKSSRV - ok
18:43:47.0086 5696 MsMpSvc         (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
18:43:47.0086 5696 MsMpSvc - ok
18:43:47.0102 5696 MSPCLOCK        (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
18:43:47.0102 5696 MSPCLOCK - ok
18:43:47.0118 5696 MSPQM           (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
18:43:47.0118 5696 MSPQM - ok
18:43:47.0196 5696 MsRPC           (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
18:43:47.0196 5696 MsRPC - ok
18:43:47.0227 5696 mssmbios        (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
18:43:47.0227 5696 mssmbios - ok
18:43:47.0242 5696 MSTEE           (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
18:43:47.0242 5696 MSTEE - ok
18:43:47.0274 5696 Mup             (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
18:43:47.0274 5696 Mup - ok
18:43:47.0320 5696 napagent        (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll
18:43:47.0336 5696 napagent - ok
18:43:47.0367 5696 NativeWifiP     (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
18:43:47.0367 5696 NativeWifiP - ok
18:43:47.0445 5696 NDIS            (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
18:43:47.0461 5696 NDIS - ok
18:43:47.0476 5696 NdisTapi        (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
18:43:47.0476 5696 NdisTapi - ok
18:43:47.0492 5696 Ndisuio         (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
18:43:47.0492 5696 Ndisuio - ok
18:43:47.0523 5696 NdisWan         (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
18:43:47.0523 5696 NdisWan - ok
18:43:47.0554 5696 NDProxy         (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
18:43:47.0554 5696 NDProxy - ok
18:43:47.0632 5696 Net Driver HPZ12 (59267d2f0328599aa3b5408c2e06126f) C:\Windows\system32\HPZinw12.dll
18:43:47.0632 5696 Net Driver HPZ12 - ok
18:43:47.0648 5696 NetBIOS         (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
18:43:47.0648 5696 NetBIOS - ok
18:43:47.0679 5696 netbt           (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
18:43:47.0695 5696 netbt - ok
18:43:47.0710 5696 Netlogon        (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
18:43:47.0710 5696 Netlogon - ok
18:43:47.0757 5696 Netman          (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll
18:43:47.0773 5696 Netman - ok
18:43:47.0804 5696 netprofm        (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll
18:43:47.0835 5696 netprofm - ok
18:43:47.0898 5696 NetTcpPortSharing (74751dda198165947fd7454d83f49825) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:43:47.0898 5696 NetTcpPortSharing - ok
18:43:48.0241 5696 NETw5v64        (93915c41a0dbbd121a0fad2835e43776) C:\Windows\system32\DRIVERS\NETw5v64.sys
18:43:48.0350 5696 NETw5v64 - ok
18:43:48.0459 5696 nfrd960         (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
18:43:48.0475 5696 nfrd960 - ok
18:43:48.0568 5696 NisDrv          (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:43:48.0568 5696 NisDrv - ok
18:43:48.0709 5696 NisSrv          (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
18:43:48.0740 5696 NisSrv - ok
18:43:48.0787 5696 NlaSvc          (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll
18:43:48.0802 5696 NlaSvc - ok
18:43:48.0818 5696 Npfs            (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
18:43:48.0834 5696 Npfs - ok
18:43:48.0849 5696 nsi             (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll
18:43:48.0849 5696 nsi - ok
18:43:48.0880 5696 nsiproxy        (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
18:43:48.0880 5696 nsiproxy - ok
18:43:49.0052 5696 Ntfs            (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
18:43:49.0130 5696 Ntfs - ok
18:43:49.0224 5696 Null            (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
18:43:49.0224 5696 Null - ok
18:43:49.0270 5696 nvraid          (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
18:43:49.0286 5696 nvraid - ok
18:43:49.0302 5696 nvstor          (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
18:43:49.0317 5696 nvstor - ok
18:43:49.0348 5696 nv_agp          (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
18:43:49.0364 5696 nv_agp - ok
18:43:49.0364 5696 NwlnkFlt - ok
18:43:49.0380 5696 NwlnkFwd - ok
18:43:49.0551 5696 odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:43:49.0567 5696 odserv - ok
18:43:49.0598 5696 ohci1394        (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
18:43:49.0598 5696 ohci1394 - ok
18:43:49.0645 5696 ose             (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:43:49.0645 5696 ose - ok
18:43:49.0770 5696 p2pimsvc        (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
18:43:49.0816 5696 p2pimsvc - ok
18:43:49.0832 5696 p2psvc          (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
18:43:49.0848 5696 p2psvc - ok
18:43:49.0863 5696 Parport         (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
18:43:49.0879 5696 Parport - ok
18:43:49.0910 5696 partmgr         (b43751085e2abe389da466bc62a4b987) C:\Windows\system32\drivers\partmgr.sys
18:43:49.0910 5696 partmgr - ok
18:43:49.0957 5696 PcaSvc          (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll
18:43:49.0957 5696 PcaSvc - ok
18:43:50.0004 5696 pci             (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
18:43:50.0004 5696 pci - ok
18:43:50.0019 5696 pciide          (8d618c829034479985a9ed56106cc732) C:\Windows\system32\DRIVERS\pciide.sys
18:43:50.0019 5696 pciide - ok
18:43:50.0050 5696 pcmcia          (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
18:43:50.0050 5696 pcmcia - ok
18:43:50.0128 5696 PEAUTH          (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
18:43:50.0160 5696 PEAUTH - ok
18:43:50.0238 5696 PerfHost        (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe
18:43:50.0238 5696 PerfHost - ok
18:43:50.0378 5696 pla             (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll
18:43:50.0409 5696 pla - ok
18:43:50.0456 5696 PlugPlay        (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll
18:43:50.0487 5696 PlugPlay - ok
18:43:50.0518 5696 Pml Driver HPZ12 (5261a2fd55183ac6993145ab6662cddf) C:\Windows\system32\HPZipm12.dll
18:43:50.0518 5696 Pml Driver HPZ12 - ok
18:43:50.0596 5696 PNRPAutoReg     (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
18:43:50.0612 5696 PNRPAutoReg - ok
18:43:50.0612 5696 PNRPsvc         (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
18:43:50.0628 5696 PNRPsvc - ok
18:43:50.0690 5696 PolicyAgent     (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll
18:43:50.0706 5696 PolicyAgent - ok
18:43:50.0784 5696 PptpMiniport    (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
18:43:50.0784 5696 PptpMiniport - ok
18:43:50.0815 5696 Processor       (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
18:43:50.0815 5696 Processor - ok
18:43:50.0862 5696 ProfSvc         (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll
18:43:50.0862 5696 ProfSvc - ok
18:43:50.0893 5696 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
18:43:50.0893 5696 ProtectedStorage - ok
18:43:50.0908 5696 PSched          (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
18:43:50.0908 5696 PSched - ok
18:43:50.0940 5696 PSI             (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys
18:43:50.0940 5696 PSI - ok
18:43:51.0064 5696 ql2300          (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
18:43:51.0096 5696 ql2300 - ok
18:43:51.0127 5696 ql40xx          (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
18:43:51.0127 5696 ql40xx - ok
18:43:51.0189 5696 QWAVE           (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll
18:43:51.0205 5696 QWAVE - ok
18:43:51.0220 5696 QWAVEdrv        (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
18:43:51.0220 5696 QWAVEdrv - ok
18:43:51.0252 5696 RasAcd          (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
18:43:51.0252 5696 RasAcd - ok
18:43:51.0267 5696 RasAuto         (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll
18:43:51.0267 5696 RasAuto - ok
18:43:51.0330 5696 Rasl2tp         (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:43:51.0330 5696 Rasl2tp - ok
18:43:51.0423 5696 RasMan          (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll
18:43:51.0439 5696 RasMan - ok
18:43:51.0486 5696 RasPppoe        (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
18:43:51.0486 5696 RasPppoe - ok
18:43:51.0564 5696 RasSstp         (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
18:43:51.0564 5696 RasSstp - ok
18:43:51.0610 5696 rdbss           (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
18:43:51.0610 5696 rdbss - ok
18:43:51.0626 5696 RDPCDD          (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:43:51.0626 5696 RDPCDD - ok
18:43:51.0673 5696 rdpdr           (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
18:43:51.0673 5696 rdpdr - ok
18:43:51.0688 5696 RDPENCDD        (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
18:43:51.0688 5696 RDPENCDD - ok
18:43:51.0782 5696 RDPWD           (ae4bd9e1c33d351d8e607fc81f15160c) C:\Windows\system32\drivers\RDPWD.sys
18:43:51.0782 5696 RDPWD - ok
18:43:51.0798 5696 RemoteAccess    (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll
18:43:51.0813 5696 RemoteAccess - ok
18:43:51.0844 5696 RemoteRegistry  (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll
18:43:51.0844 5696 RemoteRegistry - ok
18:43:51.0876 5696 rimmptsk        (d13d70fac45fc1df69f88559b1f72f0a) C:\Windows\system32\DRIVERS\rimmpx64.sys
18:43:51.0876 5696 rimmptsk - ok
18:43:51.0891 5696 rimsptsk        (bb9edc55b0b8cb4fcd713428820e0776) C:\Windows\system32\DRIVERS\rimspx64.sys
18:43:51.0891 5696 rimsptsk - ok
18:43:51.0907 5696 rismxdp         (481c3fdeacaae04b74c58288dbc91df9) C:\Windows\system32\DRIVERS\rixdpx64.sys
18:43:51.0907 5696 rismxdp - ok
18:43:51.0922 5696 RpcLocator      (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe
18:43:51.0922 5696 RpcLocator - ok
18:43:52.0000 5696 RpcSs           (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\System32\rpcss.dll
18:43:52.0000 5696 RpcSs - ok
18:43:52.0063 5696 rspndr          (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
18:43:52.0063 5696 rspndr - ok
18:43:52.0094 5696 RTHDMIAzAudService (0328ffdf9d805723d0e420018136fa7b) C:\Windows\system32\drivers\RtHDMIVX.sys
18:43:52.0094 5696 RTHDMIAzAudService - ok
18:43:52.0125 5696 RTL8169         (f83784d67311059fc14d2503a7beb3ed) C:\Windows\system32\DRIVERS\Rtlh64.sys
18:43:52.0141 5696 RTL8169 - ok
18:43:52.0156 5696 SamSs           (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
18:43:52.0156 5696 SamSs - ok
18:43:52.0203 5696 sbp2port        (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
18:43:52.0203 5696 sbp2port - ok
18:43:52.0297 5696 SCardSvr        (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll
18:43:52.0297 5696 SCardSvr - ok
18:43:52.0390 5696 Schedule        (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll
18:43:52.0422 5696 Schedule - ok
18:43:52.0437 5696 SCPolicySvc     (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
18:43:52.0437 5696 SCPolicySvc - ok
18:43:52.0468 5696 sdbus           (be100bc2be2513314c717bb2c4cfff10) C:\Windows\system32\DRIVERS\sdbus.sys
18:43:52.0468 5696 sdbus - ok
18:43:52.0500 5696 SDRSVC          (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll
18:43:52.0500 5696 SDRSVC - ok
18:43:52.0531 5696 secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:43:52.0531 5696 secdrv - ok
18:43:52.0562 5696 seclogon        (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll
18:43:52.0562 5696 seclogon - ok
18:43:52.0812 5696 Secunia PSI Agent (9044795e9d1a912d5f1b8df6211850fd) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
18:43:52.0812 5696 Secunia PSI Agent - ok
18:43:52.0843 5696 SENS            (90973a64b96cd647ff81c79443618eed) C:\Windows\system32\sens.dll
18:43:52.0843 5696 SENS - ok
18:43:52.0890 5696 Serenum         (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
18:43:52.0890 5696 Serenum - ok
18:43:52.0921 5696 Serial          (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
18:43:52.0921 5696 Serial - ok
18:43:52.0968 5696 sermouse        (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
18:43:52.0968 5696 sermouse - ok
18:43:53.0014 5696 SessionEnv      (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll
18:43:53.0014 5696 SessionEnv - ok
18:43:53.0046 5696 sffdisk         (3a19c899bcf0ea24cfec2038e6a489db) C:\Windows\system32\DRIVERS\sffdisk.sys
18:43:53.0046 5696 sffdisk - ok
18:43:53.0046 5696 sffp_mmc        (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
18:43:53.0046 5696 sffp_mmc - ok
18:43:53.0061 5696 sffp_sd         (fdca63a2eee528585eb66ceac183ec22) C:\Windows\system32\DRIVERS\sffp_sd.sys
18:43:53.0061 5696 sffp_sd - ok
18:43:53.0108 5696 sfloppy         (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
18:43:53.0108 5696 sfloppy - ok
18:43:53.0264 5696 SgtSch2Svc      (092d5e1c070ad9bd6c1c7540361c49c2) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
18:43:53.0264 5696 SgtSch2Svc - ok
18:43:53.0326 5696 SharedAccess    (4c5aee179da7e1ee9a9ccb9da289af34) C:\Windows\System32\ipnathlp.dll
18:43:53.0342 5696 SharedAccess - ok
18:43:53.0389 5696 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll
18:43:53.0420 5696 ShellHWDetection - ok
18:43:53.0467 5696 SiSRaid2        (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
18:43:53.0482 5696 SiSRaid2 - ok
18:43:53.0514 5696 SiSRaid4        (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
18:43:53.0514 5696 SiSRaid4 - ok
18:43:53.0732 5696 slsvc           (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe
18:43:53.0794 5696 slsvc - ok
18:43:53.0888 5696 SLUINotify      (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll
18:43:53.0888 5696 SLUINotify - ok
18:43:53.0950 5696 SmartFaceVWatchSrv (79ed2d6dec26e0fefb93ea21f09e6a51) C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
18:43:53.0950 5696 SmartFaceVWatchSrv - ok
18:43:54.0028 5696 Smb             (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
18:43:54.0028 5696 Smb - ok
18:43:54.0075 5696 snapman         (8ac15211eb4bf019aab0022781cc8ad0) C:\Windows\system32\DRIVERS\snapman.sys
18:43:54.0091 5696 snapman - ok
18:43:54.0122 5696 SNMPTRAP        (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe
18:43:54.0138 5696 SNMPTRAP - ok
18:43:54.0153 5696 spldr           (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
18:43:54.0153 5696 spldr - ok
18:43:54.0200 5696 Spooler         (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe
18:43:54.0200 5696 Spooler - ok
18:43:54.0262 5696 srv             (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
18:43:54.0278 5696 srv - ok
18:43:54.0309 5696 srv2            (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
18:43:54.0325 5696 srv2 - ok
18:43:54.0340 5696 srvnet          (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
18:43:54.0340 5696 srvnet - ok
18:43:54.0403 5696 SSDPSRV         (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll
18:43:54.0403 5696 SSDPSRV - ok
18:43:54.0418 5696 SstpSvc         (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll
18:43:54.0434 5696 SstpSvc - ok
18:43:54.0496 5696 stisvc          (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll
18:43:54.0512 5696 stisvc - ok
18:43:54.0559 5696 swenum          (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
18:43:54.0574 5696 swenum - ok
18:43:54.0621 5696 swprv           (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll
18:43:54.0652 5696 swprv - ok
18:43:54.0668 5696 Symc8xx         (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
18:43:54.0668 5696 Symc8xx - ok
18:43:54.0684 5696 Sym_hi          (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
18:43:54.0684 5696 Sym_hi - ok
18:43:54.0699 5696 Sym_u3          (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
18:43:54.0699 5696 Sym_u3 - ok
18:43:54.0746 5696 SynTP           (d8edb37f6e235a47e12f1eafd85c2b6f) C:\Windows\system32\DRIVERS\SynTP.sys
18:43:54.0746 5696 SynTP - ok
18:43:54.0840 5696 SysMain         (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll
18:43:54.0855 5696 SysMain - ok
18:43:54.0886 5696 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll
18:43:54.0902 5696 TabletInputService - ok
18:43:54.0933 5696 TapiSrv         (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll
18:43:54.0949 5696 TapiSrv - ok
18:43:55.0011 5696 TBS             (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll
18:43:55.0011 5696 TBS - ok
18:43:55.0167 5696 Tcpip           (ac8d5728e6ad6a7c4819d9a67008337a) C:\Windows\system32\drivers\tcpip.sys
18:43:55.0198 5696 Tcpip - ok
18:43:55.0230 5696 Tcpip6          (ac8d5728e6ad6a7c4819d9a67008337a) C:\Windows\system32\DRIVERS\tcpip.sys
18:43:55.0230 5696 Tcpip6 - ok
18:43:55.0276 5696 tcpipreg        (fd8fde859e38e40a20085ebb0c22b416) C:\Windows\system32\drivers\tcpipreg.sys
18:43:55.0276 5696 tcpipreg - ok
18:43:55.0323 5696 tdcmdpst        (d45586a9facb2c9708b10e491ef748a6) C:\Windows\system32\DRIVERS\tdcmdpst.sys
18:43:55.0323 5696 tdcmdpst - ok
18:43:55.0339 5696 TDPIPE          (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
18:43:55.0354 5696 TDPIPE - ok
18:43:55.0417 5696 tdrpman         (ac1fc18d04b92bac16cbd85de2a08a0b) C:\Windows\system32\DRIVERS\tdrpman.sys
18:43:55.0432 5696 tdrpman - ok
18:43:55.0479 5696 TDTCP           (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
18:43:55.0479 5696 TDTCP - ok
18:43:55.0510 5696 tdx             (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
18:43:55.0510 5696 tdx - ok
18:43:55.0557 5696 TermDD          (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
18:43:55.0557 5696 TermDD - ok
18:43:55.0651 5696 TermService     (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll
18:43:55.0666 5696 TermService - ok
18:43:55.0713 5696 Themes          (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll
18:43:55.0713 5696 Themes - ok
18:43:55.0744 5696 THREADORDER     (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
18:43:55.0744 5696 THREADORDER - ok
18:43:55.0776 5696 tifsfilter      (3e24b7fe52bc455da8d6e2cc2b4ca23f) C:\Windows\system32\DRIVERS\tifsfilt.sys
18:43:55.0776 5696 tifsfilter - ok
18:43:55.0838 5696 timounter       (ec4fd4d147985a97e881729e808e6f34) C:\Windows\system32\DRIVERS\timntr.sys
18:43:55.0869 5696 timounter - ok
18:43:55.0978 5696 TNaviSrv        (6badbb0b16b25643075a6ffafc489940) C:\Program Files (x86)\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
18:43:55.0978 5696 TNaviSrv - ok
18:43:56.0025 5696 TODDSrv         (19af3434564e973bc232bbd629ec2bf6) C:\Windows\system32\TODDSrv.exe
18:43:56.0025 5696 TODDSrv - ok
18:43:56.0134 5696 TosCoSrv        (e17a81e6ad0e89630a3b0f2ed5cbbdf5) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
18:43:56.0150 5696 TosCoSrv - ok
18:43:56.0212 5696 TOSHIBA Bluetooth Service (4e5a8546709591d31ba086ca2a69cecd) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
18:43:56.0212 5696 TOSHIBA Bluetooth Service - ok
18:43:56.0228 5696 TOSHIBA SMART Log Service (19d979b9f6373a7cb17ebb7594feb819) C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
18:43:56.0228 5696 TOSHIBA SMART Log Service - ok
18:43:56.0337 5696 tosrfbd         (829f72ee6977b13969803a82359c56a0) C:\Windows\system32\DRIVERS\tosrfbd.sys
18:43:56.0337 5696 tosrfbd - ok
18:43:56.0353 5696 Tosrfcom - ok
18:43:56.0384 5696 tosrfec         (9fb4aa68d4e833c795994513bc9e3aca) C:\Windows\system32\DRIVERS\tosrfec.sys
18:43:56.0384 5696 tosrfec - ok
18:43:56.0415 5696 Tosrfhid        (f3c57806b7ecd2101387b9af39059ff3) C:\Windows\system32\DRIVERS\Tosrfhid.sys
18:43:56.0415 5696 Tosrfhid - ok
18:43:56.0431 5696 Tosrfusb        (cbd52e5df13fab87a0206e031eef42a4) C:\Windows\system32\DRIVERS\tosrfusb.sys
18:43:56.0431 5696 Tosrfusb - ok
18:43:56.0524 5696 tos_sps64       (dd50a5df5f7b29fdb6b5fea728c43dc3) C:\Windows\system32\DRIVERS\tos_sps64.sys
18:43:56.0556 5696 tos_sps64 - ok
18:43:56.0587 5696 TrkWks          (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll
18:43:56.0602 5696 TrkWks - ok
18:43:56.0649 5696 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe
18:43:56.0649 5696 TrustedInstaller - ok
18:43:56.0680 5696 tssecsrv        (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:43:56.0680 5696 tssecsrv - ok
18:43:56.0696 5696 tunmp           (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
18:43:56.0712 5696 tunmp - ok
18:43:56.0727 5696 tunnel          (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
18:43:56.0727 5696 tunnel - ok
18:43:56.0758 5696 TVALZ           (9a744cc3d804ec38a6c2c65bc3c6fcd8) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
18:43:56.0758 5696 TVALZ - ok
18:43:56.0805 5696 uagp35          (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
18:43:56.0805 5696 uagp35 - ok
18:43:56.0883 5696 udfs            (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
18:43:56.0899 5696 udfs - ok
18:43:56.0946 5696 UI0Detect       (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe
18:43:56.0946 5696 UI0Detect - ok
18:43:57.0039 5696 UleadBurningHelper (332d341d92b933600d41953b08360dfb) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
18:43:57.0039 5696 UleadBurningHelper - ok
18:43:57.0086 5696 uliagpkx        (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
18:43:57.0086 5696 uliagpkx - ok
18:43:57.0117 5696 uliahci         (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
18:43:57.0148 5696 uliahci - ok
18:43:57.0180 5696 UlSata          (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
18:43:57.0180 5696 UlSata - ok
18:43:57.0242 5696 ulsata2         (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
18:43:57.0242 5696 ulsata2 - ok
18:43:57.0258 5696 umbus           (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
18:43:57.0258 5696 umbus - ok
18:43:57.0289 5696 upnphost        (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll
18:43:57.0320 5696 upnphost - ok
18:43:57.0336 5696 USBAAPL64       (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
18:43:57.0336 5696 USBAAPL64 - ok
18:43:57.0382 5696 usbaudio        (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys
18:43:57.0382 5696 usbaudio - ok
18:43:57.0414 5696 usbccgp         (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
18:43:57.0414 5696 usbccgp - ok
18:43:57.0460 5696 usbcir          (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
18:43:57.0460 5696 usbcir - ok
18:43:57.0507 5696 usbehci         (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
18:43:57.0507 5696 usbehci - ok
18:43:57.0538 5696 usbhub          (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
18:43:57.0538 5696 usbhub - ok
18:43:57.0554 5696 usbohci         (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
18:43:57.0554 5696 usbohci - ok
18:43:57.0601 5696 usbprint        (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
18:43:57.0601 5696 usbprint - ok
18:43:57.0616 5696 usbscan         (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
18:43:57.0616 5696 usbscan - ok
18:43:57.0632 5696 USBSTOR         (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:43:57.0648 5696 USBSTOR - ok
18:43:57.0663 5696 usbuhci         (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
18:43:57.0663 5696 usbuhci - ok
18:43:57.0679 5696 usbvideo        (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
18:43:57.0679 5696 usbvideo - ok
18:43:57.0710 5696 UVCFTR          (060b7863943625e0193a3575c0c59e52) C:\Windows\system32\Drivers\UVCFTR_S.SYS
18:43:57.0710 5696 UVCFTR - ok
18:43:57.0772 5696 UxSms           (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll
18:43:57.0772 5696 UxSms - ok
18:43:57.0835 5696 vds             (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe
18:43:57.0850 5696 vds - ok
18:43:57.0866 5696 vga             (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
18:43:57.0882 5696 vga - ok
18:43:57.0897 5696 VgaSave         (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
18:43:57.0897 5696 VgaSave - ok
18:43:57.0913 5696 viaide          (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
18:43:57.0913 5696 viaide - ok
18:43:57.0928 5696 volmgr          (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
18:43:57.0928 5696 volmgr - ok
18:43:57.0975 5696 volmgrx         (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
18:43:57.0991 5696 volmgrx - ok
18:43:58.0038 5696 volsnap         (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
18:43:58.0053 5696 volsnap - ok
18:43:58.0069 5696 vsmraid         (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
18:43:58.0069 5696 vsmraid - ok
18:43:58.0194 5696 VSS             (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe
18:43:58.0256 5696 VSS - ok
18:43:58.0303 5696 W32Time         (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll
18:43:58.0334 5696 W32Time - ok
18:43:58.0412 5696 WacomPen        (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
18:43:58.0412 5696 WacomPen - ok
18:43:58.0459 5696 Wanarp          (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
18:43:58.0459 5696 Wanarp - ok
18:43:58.0459 5696 W

27
Analysis and Malware Removal / Re: Spyware (Zbot.OUT) found
« on: August 13, 2012, 08:56:26 PM »
Thank you for the tip about screen shots on Vista, Corrine. I wish I could use it right now because I ran the TDSSKiller scan, and have the report on my Vista desktop, but can't figure out how to copy it.  I can't right click select all/copy/paste on the report, so what do I do? Thanks again... D. (I cleared my history, cache and cookies first, btw.) (And, btw again, the TDSSKiller didn't find anything, so this is good.)

28
Analysis and Malware Removal / Re: Spyware (Zbot.OUT) found
« on: August 13, 2012, 12:44:49 PM »
Hi Corrine,

I took another photo, and it's grainy again but you can see it a little better. It says, "You are about to view pages under a secure connection. Any information you exchange with this site cannot be viewed by anyone else over the web." Then it says, "In the future do not show this warning". Then gives the option to click 'OK' or 'More Info', and also the option to close. I'm still getting this 'Security Alert' whenever I try to open the LzD forum on my computer. I have to 'end task' via ctrl/alt/delete. So, I'm using the other computer to post now. (More below underneath photo.)



Also, I did a malwarebytes update/full scan last night, and 0 objects were detected. I did another update/full scan this morning, and again 0 objects were detected.

I haven't followed your other instructions yet for the ComboFix. Not that I'm not going to do it, but I'm a little nervous about ComboFix since I saw it deleted a file that it instructed me to re-install. BUT, the message didn't stay open for more than 10 or so seconds which didn't even allow me to note the file I had to reinstall. (?) Also, I am wondering about the Install.exe it deleted. Was this a good thing or a bad thing? I'm guessing 'good'? My computer seems to be running alright, except for that strange Security Alert that is now popping up after doing ComboFix, which makes me wonder if I still have malware/spyware on my PC.

Thanks, D.

29
Analysis and Malware Removal / Re: Spyware (Zbot.OUT) found
« on: August 11, 2012, 06:03:50 PM »
Hi Corrine, I have a little bit more of a problem where I can't really do anything at the LzD forum anymore. I definitely can't access my posts anymore. I tried to print the screen to show you that the page is stalled for me whenever I try to open anything. I couldn't even read your next instructions on my computer, so I'm at my other computer right now.

I took a photo of my screen where it shows that Security Alert box that I'm getting at the forums now. I'm going to try to figure out how to post the photo here. I'm not sure how I'm going to run the instructions that you just posted. Looks like it worked, the photo quality is bad, and despite the flash I think you can see the 'Security Alert' box that keeps popping up. Thanks, D.


30
I didn't start getting the msg until after using ComboFix. It's the same sort of msg box you get from Windows when you are, for instance, installing a program, etc. The boxes with the 'ok' button option and the 'more info' button at the bottom that you can click on. It also had the 'x' box in the upper right corner to close the msg. None of the options worked so I ctrl/alt/deleted/ended task to get out. Then when I tried to read another topic, the same box popped up so I couldn't read the posts in the thread, and the only way to get off of the page was ctrl/alt/delete/end task. Strange, so I thought I would check to see if this was 'normal'. Thanks Corrine.

Pages: 1 [2] 3 4