Page 3 of 3 FirstFirst 123
Results 21 to 26 of 26

Thread: Particularly nasty Smitfraud-c.gp infection

  1. 2012-05-04, 16:35 #21
    oldman960
    oldman960 is offline
    Senior Member
    Join Date
    Sep 2010
    Posts
    631

    Default

    Hi spetrarca

    You posted the combofix log from 2012-04-25 twice. There should be a combofix log from 2012-04-27. You can find it at c:\combofix.txt

    Please post it's contents.
    Member of UNITE and ASAP
  2. 2012-05-08, 19:33 #22
    spetrarca
    spetrarca is offline
    Junior Member
    Join Date
    Apr 2012
    Posts
    14

    Default

    11:46:06.0803 4508 TDSS rootkit removing tool 2.7.32.0 Apr 23 2012 19:12:34
    11:46:06.0865 4508 ============================================================
    11:46:06.0881 4508 Current date / time: 2012/04/27 11:46:06.0865
    11:46:06.0881 4508 SystemInfo:
    11:46:06.0881 4508
    11:46:06.0881 4508 OS Version: 6.1.7601 ServicePack: 1.0
    11:46:06.0881 4508 Product type: Workstation
    11:46:06.0881 4508 ComputerName: ROB-PC
    11:46:06.0881 4508 UserName: Rob
    11:46:06.0881 4508 Windows directory: C:\windows
    11:46:06.0881 4508 System windows directory: C:\windows
    11:46:06.0881 4508 Running under WOW64
    11:46:06.0881 4508 Processor architecture: Intel x64
    11:46:06.0881 4508 Number of processors: 2
    11:46:06.0881 4508 Page size: 0x1000
    11:46:06.0881 4508 Boot type: Normal boot
    11:46:06.0881 4508 ============================================================
    11:46:08.0534 4508 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    11:46:08.0550 4508 ============================================================
    11:46:08.0550 4508 \Device\Harddisk0\DR0:
    11:46:08.0550 4508 MBR partitions:
    11:46:08.0550 4508 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x23A94800
    11:46:08.0550 4508 ============================================================
    11:46:08.0581 4508 C: <-> \Device\Harddisk0\DR0\Partition0
    11:46:08.0581 4508 ============================================================
    11:46:08.0581 4508 Initialize success
    11:46:08.0581 4508 ============================================================
    11:50:29.0227 3940 ============================================================
    11:50:29.0227 3940 Scan started
    11:50:29.0227 3940 Mode: Manual; SigCheck; TDLFS;
    11:50:29.0227 3940 ============================================================
    11:50:29.0773 3940 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
    11:50:29.0914 3940 1394ohci - ok
    11:50:29.0976 3940 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
    11:50:30.0007 3940 ACPI - ok
    11:50:30.0070 3940 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
    11:50:30.0116 3940 AcpiPmi - ok
    11:50:30.0335 3940 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    11:50:30.0366 3940 AdobeARMservice - ok
    11:50:30.0460 3940 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\drivers\adp94xx.sys
    11:50:30.0506 3940 adp94xx - ok
    11:50:30.0569 3940 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\drivers\adpahci.sys
    11:50:30.0616 3940 adpahci - ok
    11:50:30.0709 3940 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\drivers\adpu320.sys
    11:50:30.0740 3940 adpu320 - ok
    11:50:30.0787 3940 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
    11:50:30.0850 3940 AeLookupSvc - ok
    11:50:30.0959 3940 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
    11:50:31.0006 3940 AFD - ok
    11:50:31.0068 3940 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
    11:50:31.0099 3940 agp440 - ok
    11:50:31.0162 3940 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
    11:50:31.0193 3940 ALG - ok
    11:50:31.0255 3940 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
    11:50:31.0271 3940 aliide - ok
    11:50:31.0349 3940 AMD External Events Utility (a8b81d750556fb9a9266ec65bfab63af) C:\windows\system32\atiesrxx.exe
    11:50:31.0396 3940 AMD External Events Utility - ok
    11:50:31.0442 3940 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
    11:50:31.0458 3940 amdide - ok
    11:50:31.0520 3940 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\drivers\amdk8.sys
    11:50:31.0552 3940 AmdK8 - ok
    11:50:32.0378 3940 amdkmdag (7a1ac757f3a2a3126a806b7319cab21b) C:\windows\system32\DRIVERS\atikmdag.sys
    11:50:32.0566 3940 amdkmdag - ok
    11:50:32.0784 3940 amdkmdap (eef6f806eedfd1c746071f1fd684870e) C:\windows\system32\DRIVERS\atikmpag.sys
    11:50:32.0831 3940 amdkmdap - ok
    11:50:32.0909 3940 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
    11:50:32.0956 3940 AmdPPM - ok
    11:50:33.0018 3940 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
    11:50:33.0049 3940 amdsata - ok
    11:50:33.0096 3940 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\drivers\amdsbs.sys
    11:50:33.0127 3940 amdsbs - ok
    11:50:33.0158 3940 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
    11:50:33.0190 3940 amdxata - ok
    11:50:33.0221 3940 amd_sata (caee7c1afc9f1c9ee8dd11acd18d22e7) C:\windows\system32\DRIVERS\amd_sata.sys
    11:50:33.0283 3940 amd_sata - ok
    11:50:33.0330 3940 amd_xata (23726116b4fbcc84fc45b95157c08f5f) C:\windows\system32\DRIVERS\amd_xata.sys
    11:50:33.0377 3940 amd_xata - ok
    11:50:33.0439 3940 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
    11:50:33.0517 3940 AppID - ok
    11:50:33.0533 3940 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
    11:50:33.0611 3940 AppIDSvc - ok
    11:50:33.0673 3940 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
    11:50:33.0736 3940 Appinfo - ok
    11:50:33.0892 3940 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    11:50:33.0923 3940 Apple Mobile Device - ok
    11:50:34.0001 3940 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\drivers\arc.sys
    11:50:34.0032 3940 arc - ok
    11:50:34.0048 3940 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\drivers\arcsas.sys
    11:50:34.0063 3940 arcsas - ok
    11:50:34.0094 3940 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
    11:50:34.0172 3940 AsyncMac - ok
    11:50:34.0204 3940 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
    11:50:34.0235 3940 atapi - ok
    11:50:34.0360 3940 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
    11:50:34.0453 3940 AudioEndpointBuilder - ok
    11:50:34.0469 3940 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
    11:50:34.0547 3940 AudioSrv - ok
    11:50:34.0625 3940 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
    11:50:34.0672 3940 AxInstSV - ok
    11:50:34.0765 3940 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\drivers\bxvbda.sys
    11:50:34.0812 3940 b06bdrv - ok
    11:50:34.0890 3940 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
    11:50:34.0937 3940 b57nd60a - ok
    11:50:34.0999 3940 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
    11:50:35.0030 3940 BDESVC - ok
    11:50:35.0062 3940 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
    11:50:35.0124 3940 Beep - ok
    11:50:35.0249 3940 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
    11:50:35.0342 3940 BFE - ok
    11:50:35.0732 3940 BHDrvx64 (5b1fe9d351c284701c8051da2aa81df6) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20120413.001\BHDrvx64.sys
    11:50:35.0810 3940 BHDrvx64 - ok
    11:50:36.0044 3940 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\system32\qmgr.dll
    11:50:36.0138 3940 BITS - ok
    11:50:36.0216 3940 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
    11:50:36.0247 3940 blbdrive - ok
    11:50:36.0434 3940 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
    11:50:36.0466 3940 Bonjour Service - ok
    11:50:36.0512 3940 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
    11:50:36.0544 3940 bowser - ok
    11:50:36.0590 3940 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\drivers\BrFiltLo.sys
    11:50:36.0622 3940 BrFiltLo - ok
    11:50:36.0653 3940 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\drivers\BrFiltUp.sys
    11:50:36.0684 3940 BrFiltUp - ok
    11:50:36.0715 3940 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\windows\system32\DRIVERS\bridge.sys
    11:50:36.0793 3940 BridgeMP - ok
    11:50:36.0856 3940 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
    11:50:36.0918 3940 Browser - ok
    11:50:36.0980 3940 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
    11:50:37.0012 3940 Brserid - ok
    11:50:37.0043 3940 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
    11:50:37.0074 3940 BrSerWdm - ok
    11:50:37.0074 3940 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
    11:50:37.0121 3940 BrUsbMdm - ok
    11:50:37.0121 3940 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
    11:50:37.0152 3940 BrUsbSer - ok
    11:50:37.0168 3940 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\drivers\bthmodem.sys
    11:50:37.0214 3940 BTHMODEM - ok
    11:50:37.0261 3940 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
    11:50:37.0339 3940 bthserv - ok
    11:50:37.0370 3940 catchme - ok
    11:50:37.0480 3940 ccHP (37f1baec39b505b3b51893a35c8337ea) C:\windows\system32\drivers\N360x64\0404000.00C\ccHPx64.sys
    11:50:37.0542 3940 ccHP - ok
    11:50:37.0589 3940 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
    11:50:37.0651 3940 cdfs - ok
    11:50:37.0714 3940 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
    11:50:37.0745 3940 cdrom - ok
    11:50:37.0823 3940 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
    11:50:37.0885 3940 CertPropSvc - ok
    11:50:37.0963 3940 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\drivers\circlass.sys
    11:50:37.0994 3940 circlass - ok
    11:50:38.0104 3940 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
    11:50:38.0135 3940 CLFS - ok
    11:50:38.0244 3940 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    11:50:38.0275 3940 clr_optimization_v2.0.50727_32 - ok
    11:50:38.0369 3940 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    11:50:38.0400 3940 clr_optimization_v2.0.50727_64 - ok
    11:50:38.0509 3940 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    11:50:38.0540 3940 clr_optimization_v4.0.30319_32 - ok
    11:50:38.0650 3940 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    11:50:38.0681 3940 clr_optimization_v4.0.30319_64 - ok
    11:50:38.0743 3940 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
    11:50:38.0759 3940 CmBatt - ok
    11:50:38.0790 3940 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
    11:50:38.0806 3940 cmdide - ok
    11:50:38.0915 3940 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
    11:50:38.0962 3940 CNG - ok
    11:50:39.0180 3940 CnxtHdAudService (99b1b888b793de320c5479b3c953781f) C:\windows\system32\drivers\CHDRT64.sys
    11:50:39.0258 3940 CnxtHdAudService - ok
    11:50:39.0461 3940 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\drivers\compbatt.sys
    11:50:39.0508 3940 Compbatt - ok
    11:50:39.0554 3940 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\DRIVERS\CompositeBus.sys
    11:50:39.0586 3940 CompositeBus - ok
    11:50:39.0617 3940 COMSysApp - ok
    11:50:39.0648 3940 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\drivers\crcdisk.sys
    11:50:39.0679 3940 crcdisk - ok
    11:50:39.0757 3940 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\windows\system32\cryptsvc.dll
    11:50:39.0835 3940 CryptSvc - ok
    11:50:39.0944 3940 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
    11:50:40.0038 3940 DcomLaunch - ok
    11:50:40.0100 3940 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
    11:50:40.0178 3940 defragsvc - ok
    11:50:40.0241 3940 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
    11:50:40.0303 3940 DfsC - ok
    11:50:40.0381 3940 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
    11:50:40.0459 3940 Dhcp - ok
    11:50:40.0522 3940 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
    11:50:40.0600 3940 discache - ok
    11:50:40.0646 3940 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\drivers\disk.sys
    11:50:40.0678 3940 Disk - ok
    11:50:40.0724 3940 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
    11:50:40.0787 3940 Dnscache - ok
    11:50:40.0849 3940 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
    11:50:40.0912 3940 dot3svc - ok
    11:50:40.0958 3940 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
    11:50:41.0021 3940 DPS - ok
    11:50:41.0099 3940 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
    11:50:41.0130 3940 drmkaud - ok
    11:50:41.0239 3940 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
    11:50:41.0302 3940 DXGKrnl - ok
    11:50:41.0364 3940 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
    11:50:41.0442 3940 EapHost - ok
    11:50:41.0738 3940 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\drivers\evbda.sys
    11:50:41.0863 3940 ebdrv - ok
    11:50:42.0066 3940 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
    11:50:42.0128 3940 eeCtrl - ok
    11:50:42.0300 3940 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
    11:50:42.0347 3940 EFS - ok
    11:50:42.0472 3940 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
    11:50:42.0518 3940 ehRecvr - ok
    11:50:42.0550 3940 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
    11:50:42.0581 3940 ehSched - ok
    11:50:42.0737 3940 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\drivers\elxstor.sys
    11:50:42.0784 3940 elxstor - ok
    11:50:42.0940 3940 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
    11:50:42.0986 3940 EraserUtilRebootDrv - ok
    11:50:43.0033 3940 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
    11:50:43.0064 3940 ErrDev - ok
    11:50:43.0142 3940 ETD (5d82d501d2fee413b1f45f0302b5802c) C:\windows\system32\DRIVERS\ETD.sys
    11:50:43.0189 3940 ETD - ok
    11:50:43.0252 3940 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
    11:50:43.0345 3940 EventSystem - ok
    11:50:43.0408 3940 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
    11:50:43.0486 3940 exfat - ok
    11:50:43.0532 3940 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
    11:50:43.0595 3940 fastfat - ok
    11:50:43.0735 3940 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
    11:50:43.0782 3940 Fax - ok
    11:50:43.0829 3940 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\drivers\fdc.sys
    11:50:43.0860 3940 fdc - ok
    11:50:43.0907 3940 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
    11:50:43.0985 3940 fdPHost - ok
    11:50:44.0000 3940 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
    11:50:44.0063 3940 FDResPub - ok
    11:50:44.0125 3940 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
    11:50:44.0156 3940 FileInfo - ok
    11:50:44.0172 3940 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
    11:50:44.0250 3940 Filetrace - ok
    11:50:44.0297 3940 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\drivers\flpydisk.sys
    11:50:44.0328 3940 flpydisk - ok
    11:50:44.0375 3940 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
    11:50:44.0406 3940 FltMgr - ok
    11:50:44.0546 3940 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
    11:50:44.0609 3940 FontCache - ok
    11:50:44.0687 3940 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    11:50:44.0702 3940 FontCache3.0.0.0 - ok
    11:50:44.0765 3940 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
    11:50:44.0796 3940 FsDepends - ok
    11:50:44.0843 3940 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys
    11:50:44.0858 3940 Fs_Rec - ok
    11:50:44.0921 3940 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
    11:50:44.0952 3940 fvevol - ok
    11:50:45.0030 3940 FwLnk (60acb128e64c35c2b4e4aab1b0a5c293) C:\windows\system32\DRIVERS\FwLnk.sys
    11:50:45.0061 3940 FwLnk - ok
    11:50:45.0124 3940 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\drivers\gagp30kx.sys
    11:50:45.0155 3940 gagp30kx - ok
    11:50:45.0186 3940 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
    11:50:45.0202 3940 GEARAspiWDM - ok
    11:50:45.0342 3940 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
    11:50:45.0436 3940 gpsvc - ok
    11:50:45.0592 3940 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    11:50:45.0623 3940 gupdate - ok
    11:50:45.0654 3940 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    11:50:45.0670 3940 gupdatem - ok
    11:50:45.0732 3940 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    11:50:45.0748 3940 gusvc - ok
    11:50:45.0810 3940 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
    11:50:45.0841 3940 hcw85cir - ok
    11:50:45.0904 3940 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
    11:50:45.0950 3940 HdAudAddService - ok
    11:50:46.0013 3940 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\DRIVERS\HDAudBus.sys
    11:50:46.0044 3940 HDAudBus - ok
    11:50:46.0075 3940 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\drivers\HidBatt.sys
    11:50:46.0106 3940 HidBatt - ok
    11:50:46.0153 3940 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\drivers\hidbth.sys
    11:50:46.0184 3940 HidBth - ok
    11:50:46.0231 3940 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\drivers\hidir.sys
    11:50:46.0262 3940 HidIr - ok
    11:50:46.0309 3940 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\System32\hidserv.dll
    11:50:46.0372 3940 hidserv - ok
    11:50:46.0450 3940 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\drivers\hidusb.sys
    11:50:46.0481 3940 HidUsb - ok
    11:50:46.0543 3940 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
    11:50:46.0621 3940 hkmsvc - ok
    11:50:46.0668 3940 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
    11:50:46.0715 3940 HomeGroupListener - ok
    11:50:46.0762 3940 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
    11:50:46.0793 3940 HomeGroupProvider - ok
    11:50:46.0855 3940 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
    11:50:46.0886 3940 HpSAMD - ok
    11:50:47.0011 3940 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
    11:50:47.0089 3940 HTTP - ok
    11:50:47.0120 3940 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
    11:50:47.0136 3940 hwpolicy - ok
    11:50:47.0214 3940 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
    11:50:47.0245 3940 i8042prt - ok
    11:50:47.0354 3940 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
    11:50:47.0386 3940 iaStorV - ok
    11:50:47.0542 3940 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    11:50:47.0588 3940 idsvc - ok
    11:50:47.0838 3940 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20120418.001\IDSvia64.sys
    11:50:47.0900 3940 IDSVia64 - ok
    11:50:48.0041 3940 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\drivers\iirsp.sys
    11:50:48.0072 3940 iirsp - ok
    11:50:48.0181 3940 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
    11:50:48.0275 3940 IKEEXT - ok
    11:50:48.0322 3940 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
    11:50:48.0337 3940 intelide - ok
    11:50:48.0415 3940 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\drivers\intelppm.sys
    11:50:48.0446 3940 intelppm - ok
    11:50:48.0524 3940 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
    11:50:48.0587 3940 IPBusEnum - ok
    11:50:48.0618 3940 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
    11:50:48.0696 3940 IpFilterDriver - ok
    11:50:48.0790 3940 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
    11:50:48.0883 3940 iphlpsvc - ok
    11:50:48.0914 3940 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
    11:50:48.0946 3940 IPMIDRV - ok
    11:50:48.0977 3940 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
    11:50:49.0055 3940 IPNAT - ok
    11:50:49.0289 3940 iPod Service (4472c8825b5e41d8697d5962f47ab1c9) C:\Program Files\iPod\bin\iPodService.exe
    11:50:49.0336 3940 iPod Service - ok
    11:50:49.0382 3940 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
    11:50:49.0414 3940 IRENUM - ok
    11:50:49.0445 3940 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
    11:50:49.0476 3940 isapnp - ok
    11:50:49.0523 3940 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
    11:50:49.0554 3940 iScsiPrt - ok
    11:50:49.0601 3940 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
    11:50:49.0648 3940 kbdclass - ok
    11:50:49.0710 3940 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
    11:50:49.0741 3940 kbdhid - ok
    11:50:49.0772 3940 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
    11:50:49.0804 3940 KeyIso - ok
    11:50:49.0819 3940 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
    11:50:49.0850 3940 KSecDD - ok
    11:50:49.0882 3940 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
    11:50:49.0913 3940 KSecPkg - ok
    11:50:49.0975 3940 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
    11:50:50.0053 3940 ksthunk - ok
    11:50:50.0116 3940 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
    11:50:50.0194 3940 KtmRm - ok
    11:50:50.0256 3940 L1C (0e154da6ca9105354a07d0c576804037) C:\windows\system32\DRIVERS\L1C62x64.sys
    11:50:50.0287 3940 L1C - ok
    11:50:50.0381 3940 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\System32\srvsvc.dll
    11:50:50.0459 3940 LanmanServer - ok
    11:50:50.0490 3940 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
    11:50:50.0568 3940 LanmanWorkstation - ok
    11:50:50.0630 3940 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
    11:50:50.0693 3940 lltdio - ok
    11:50:50.0755 3940 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
    11:50:50.0833 3940 lltdsvc - ok
    11:50:50.0880 3940 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
    11:50:50.0958 3940 lmhosts - ok
    11:50:51.0005 3940 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\drivers\lsi_fc.sys
    11:50:51.0036 3940 LSI_FC - ok
    11:50:51.0052 3940 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\drivers\lsi_sas.sys
    11:50:51.0083 3940 LSI_SAS - ok
    11:50:51.0114 3940 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\drivers\lsi_sas2.sys
    11:50:51.0130 3940 LSI_SAS2 - ok
    11:50:51.0192 3940 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\drivers\lsi_scsi.sys
    11:50:51.0223 3940 LSI_SCSI - ok
    11:50:51.0270 3940 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
    11:50:51.0348 3940 luafv - ok
    11:50:51.0426 3940 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\windows\system32\drivers\mbam.sys
    11:50:51.0488 3940 MBAMProtector - ok
    11:50:51.0660 3940 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    11:50:51.0707 3940 MBAMService - ok
    11:50:51.0769 3940 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
    11:50:51.0800 3940 Mcx2Svc - ok
    11:50:51.0832 3940 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\drivers\megasas.sys
    11:50:51.0863 3940 megasas - ok
    11:50:51.0956 3940 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\drivers\MegaSR.sys
    11:50:51.0988 3940 MegaSR - ok
    11:50:52.0034 3940 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
    11:50:52.0112 3940 MMCSS - ok
    11:50:52.0128 3940 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
    11:50:52.0206 3940 Modem - ok
    11:50:52.0268 3940 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
    11:50:52.0300 3940 monitor - ok
    11:50:52.0346 3940 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
    11:50:52.0378 3940 mouclass - ok
    11:50:52.0440 3940 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\drivers\mouhid.sys
    11:50:52.0456 3940 mouhid - ok
    11:50:52.0518 3940 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
    11:50:52.0549 3940 mountmgr - ok
    11:50:52.0596 3940 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
    11:50:52.0627 3940 mpio - ok
    11:50:52.0643 3940 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
    11:50:52.0721 3940 mpsdrv - ok
    11:50:52.0814 3940 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
    11:50:52.0892 3940 MpsSvc - ok
    11:50:52.0924 3940 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
    11:50:52.0970 3940 MRxDAV - ok
    11:50:53.0017 3940 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
    11:50:53.0064 3940 mrxsmb - ok
    11:50:53.0111 3940 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
    11:50:53.0142 3940 mrxsmb10 - ok
    11:50:53.0173 3940 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
    11:50:53.0204 3940 mrxsmb20 - ok
    11:50:53.0251 3940 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\DRIVERS\msahci.sys
    11:50:53.0267 3940 msahci - ok
    11:50:53.0298 3940 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
    11:50:53.0329 3940 msdsm - ok
    11:50:53.0376 3940 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
    11:50:53.0407 3940 MSDTC - ok
    11:50:53.0454 3940 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
    11:50:53.0516 3940 Msfs - ok
    11:50:53.0563 3940 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
    11:50:53.0641 3940 mshidkmdf - ok
    11:50:53.0672 3940 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
    11:50:53.0688 3940 msisadrv - ok
    11:50:53.0735 3940 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
    11:50:53.0813 3940 MSiSCSI - ok
    11:50:53.0813 3940 msiserver - ok
    11:50:53.0891 3940 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
    11:50:53.0953 3940 MSKSSRV - ok
    11:50:53.0969 3940 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
    11:50:54.0031 3940 MSPCLOCK - ok
    11:50:54.0047 3940 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
    11:50:54.0125 3940 MSPQM - ok
    11:50:54.0172 3940 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
    11:50:54.0203 3940 MsRPC - ok
    11:50:54.0218 3940 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
    11:50:54.0234 3940 mssmbios - ok
    11:50:54.0296 3940 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
    11:50:54.0359 3940 MSTEE - ok
    11:50:54.0390 3940 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\drivers\MTConfig.sys
    11:50:54.0406 3940 MTConfig - ok
    11:50:54.0437 3940 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
    11:50:54.0468 3940 Mup - ok
    11:50:54.0624 3940 N360 (b4187346f54e362daffe647b25a58d50) C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccSvcHst.exe
    11:50:54.0655 3940 N360 - ok
    11:50:54.0749 3940 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
    11:50:54.0842 3940 napagent - ok
    11:50:54.0936 3940 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
    11:50:54.0983 3940 NativeWifiP - ok
    11:50:55.0201 3940 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20120419.002\ENG64.SYS
    11:50:55.0248 3940 NAVENG - ok
    11:50:55.0498 3940 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20120419.002\EX64.SYS
    11:50:55.0607 3940 NAVEX15 - ok
    11:50:55.0903 3940 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
    11:50:55.0950 3940 NDIS - ok
    11:50:55.0997 3940 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
    11:50:56.0075 3940 NdisCap - ok
    11:50:56.0137 3940 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
    11:50:56.0200 3940 NdisTapi - ok
    11:50:56.0262 3940 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
    11:50:56.0324 3940 Ndisuio - ok
    11:50:56.0356 3940 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
    11:50:56.0434 3940 NdisWan - ok
    11:50:56.0465 3940 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
    11:50:56.0527 3940 NDProxy - ok
    11:50:56.0590 3940 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
    11:50:56.0668 3940 NetBIOS - ok
    11:50:56.0746 3940 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
    11:50:56.0824 3940 NetBT - ok
    11:50:56.0886 3940 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
    11:50:56.0917 3940 Netlogon - ok
    11:50:56.0995 3940 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
    11:50:57.0089 3940 Netman - ok
    11:50:57.0151 3940 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
    11:50:57.0245 3940 netprofm - ok
    11:50:57.0338 3940 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
    11:50:57.0370 3940 NetTcpPortSharing - ok
    11:50:57.0416 3940 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\drivers\nfrd960.sys
    11:50:57.0448 3940 nfrd960 - ok
    11:50:57.0526 3940 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
    11:50:57.0619 3940 NlaSvc - ok
    11:50:57.0635 3940 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
    11:50:57.0713 3940 Npfs - ok
    11:50:57.0728 3940 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
    11:50:57.0806 3940 nsi - ok
    11:50:57.0838 3940 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
    11:50:57.0916 3940 nsiproxy - ok
    11:50:58.0118 3940 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
    11:50:58.0181 3940 Ntfs - ok
    11:50:58.0337 3940 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
    11:50:58.0415 3940 Null - ok
    11:50:58.0446 3940 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
    11:50:58.0477 3940 nvraid - ok
    11:50:58.0508 3940 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
    11:50:58.0540 3940 nvstor - ok
    11:50:58.0618 3940 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
    11:50:58.0633 3940 nv_agp - ok
    11:50:58.0649 3940 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
    11:50:58.0680 3940 ohci1394 - ok
    11:50:58.0742 3940 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
    11:50:58.0789 3940 p2pimsvc - ok
    11:50:58.0852 3940 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
    11:50:58.0883 3940 p2psvc - ok
    11:50:58.0930 3940 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\drivers\parport.sys
    11:50:58.0961 3940 Parport - ok
    11:50:58.0992 3940 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\windows\system32\drivers\partmgr.sys
    11:50:59.0008 3940 partmgr - ok
    11:50:59.0070 3940 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
    11:50:59.0101 3940 PcaSvc - ok
    11:50:59.0148 3940 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
    11:50:59.0164 3940 pci - ok
    11:50:59.0226 3940 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys
    11:50:59.0242 3940 pciide - ok
    11:50:59.0304 3940 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\drivers\pcmcia.sys
    11:50:59.0320 3940 pcmcia - ok
    11:50:59.0351 3940 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
    11:50:59.0366 3940 pcw - ok
    11:50:59.0444 3940 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
    11:50:59.0538 3940 PEAUTH - ok
    11:50:59.0694 3940 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
    11:50:59.0741 3940 PerfHost - ok
    11:50:59.0912 3940 PGEffect (91111cebbde8015e822c46120ed9537c) C:\windows\system32\DRIVERS\pgeffect.sys
    11:50:59.0959 3940 PGEffect - ok
    11:51:00.0131 3940 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
    11:51:00.0224 3940 pla - ok
    11:51:00.0318 3940 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
    11:51:00.0349 3940 PlugPlay - ok
    11:51:00.0380 3940 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
    11:51:00.0412 3940 PNRPAutoReg - ok
    11:51:00.0458 3940 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
    11:51:00.0490 3940 PNRPsvc - ok
    11:51:00.0568 3940 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
    11:51:00.0661 3940 PolicyAgent - ok
    11:51:00.0708 3940 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
    11:51:00.0786 3940 Power - ok
    11:51:00.0880 3940 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
    11:51:00.0958 3940 PptpMiniport - ok
    11:51:00.0989 3940 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\drivers\processr.sys
    11:51:01.0020 3940 Processor - ok
    11:51:01.0067 3940 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\windows\system32\profsvc.dll
    11:51:01.0145 3940 ProfSvc - ok
    11:51:01.0160 3940 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
    11:51:01.0192 3940 ProtectedStorage - ok
    11:51:01.0223 3940 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
    11:51:01.0301 3940 Psched - ok
    11:51:01.0457 3940 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\drivers\ql2300.sys
    11:51:01.0535 3940 ql2300 - ok
    11:51:01.0706 3940 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\drivers\ql40xx.sys
    11:51:01.0738 3940 ql40xx - ok
    11:51:01.0785 3940 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
    11:51:01.0831 3940 QWAVE - ok
    11:51:01.0863 3940 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
    11:51:01.0909 3940 QWAVEdrv - ok
    11:51:01.0941 3940 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
    11:51:02.0003 3940 RasAcd - ok
    11:51:02.0065 3940 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
    11:51:02.0128 3940 RasAgileVpn - ok
    11:51:02.0175 3940 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
    11:51:02.0253 3940 RasAuto - ok
    11:51:02.0331 3940 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
    11:51:02.0409 3940 Rasl2tp - ok
    11:51:02.0471 3940 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
    11:51:02.0549 3940 RasMan - ok
    11:51:02.0596 3940 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
    11:51:02.0674 3940 RasPppoe - ok
    11:51:02.0721 3940 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
    11:51:02.0799 3940 RasSstp - ok
    11:51:02.0845 3940 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
    11:51:02.0923 3940 rdbss - ok
    11:51:02.0955 3940 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\drivers\rdpbus.sys
    11:51:03.0001 3940 rdpbus - ok
    11:51:03.0048 3940 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
    11:51:03.0111 3940 RDPCDD - ok
    11:51:03.0126 3940 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
    11:51:03.0189 3940 RDPENCDD - ok
    11:51:03.0220 3940 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
    11:51:03.0282 3940 RDPREFMP - ok
    11:51:03.0345 3940 RDPWD (6d76e6433574b058adcb0c50df834492) C:\windows\system32\drivers\RDPWD.sys
    11:51:03.0391 3940 RDPWD - ok
    11:51:03.0454 3940 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
    11:51:03.0485 3940 rdyboost - ok
    11:51:03.0516 3940 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
    11:51:03.0594 3940 RemoteAccess - ok
    11:51:03.0641 3940 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
    11:51:03.0719 3940 RemoteRegistry - ok
    11:51:03.0735 3940 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
    11:51:03.0813 3940 RpcEptMapper - ok
    11:51:03.0859 3940 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
    11:51:03.0875 3940 RpcLocator - ok
    11:51:03.0953 3940 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
    11:51:04.0047 3940 RpcSs - ok
    11:51:04.0109 3940 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
    11:51:04.0187 3940 rspndr - ok
    11:51:04.0265 3940 RSUSBSTOR (0e3dcf76f11dc431b088a2dfd7265cda) C:\windows\system32\Drivers\RtsUStor.sys
    11:51:04.0312 3940 RSUSBSTOR - ok
    11:51:04.0499 3940 RTL8192Ce (64fdf4fe366ca42da2b7d9d424b6e39b) C:\windows\system32\DRIVERS\rtl8192Ce.sys
    11:51:04.0561 3940 RTL8192Ce - ok
    11:51:04.0593 3940 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
    11:51:04.0624 3940 SamSs - ok
    11:51:04.0655 3940 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
    11:51:04.0686 3940 sbp2port - ok
    11:51:04.0905 3940 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    11:51:04.0967 3940 SBSDWSCService - ok
    11:51:05.0014 3940 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
    11:51:05.0092 3940 SCardSvr - ok
    11:51:05.0154 3940 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
    11:51:05.0232 3940 scfilter - ok
    11:51:05.0357 3940 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
    11:51:05.0466 3940 Schedule - ok
    11:51:05.0513 3940 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
    11:51:05.0575 3940 SCPolicySvc - ok
    11:51:05.0638 3940 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
    11:51:05.0669 3940 SDRSVC - ok
    11:51:05.0763 3940 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
    11:51:05.0841 3940 secdrv - ok
    11:51:05.0872 3940 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
    11:51:05.0950 3940 seclogon - ok
    11:51:05.0965 3940 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\system32\sens.dll
    11:51:06.0043 3940 SENS - ok
    11:51:06.0106 3940 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
    11:51:06.0153 3940 SensrSvc - ok
    11:51:06.0199 3940 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\drivers\serenum.sys
    11:51:06.0231 3940 Serenum - ok
    11:51:06.0277 3940 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\drivers\serial.sys
    11:51:06.0324 3940 Serial - ok
    11:51:06.0340 3940 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\drivers\sermouse.sys
    11:51:06.0355 3940 sermouse - ok
    11:51:06.0418 3940 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
    11:51:06.0496 3940 SessionEnv - ok
    11:51:06.0511 3940 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
    11:51:06.0543 3940 sffdisk - ok
    11:51:06.0558 3940 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
    11:51:06.0589 3940 sffp_mmc - ok
    11:51:06.0621 3940 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
    11:51:06.0652 3940 sffp_sd - ok
    11:51:06.0683 3940 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\drivers\sfloppy.sys
    11:51:06.0714 3940 sfloppy - ok
    11:51:06.0792 3940 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
    11:51:06.0870 3940 SharedAccess - ok
    11:51:06.0933 3940 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
    11:51:07.0026 3940 ShellHWDetection - ok
    11:51:07.0073 3940 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\drivers\SiSRaid2.sys
    11:51:07.0104 3940 SiSRaid2 - ok
    11:51:07.0120 3940 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\drivers\sisraid4.sys
    11:51:07.0135 3940 SiSRaid4 - ok
    11:51:07.0167 3940 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
    11:51:07.0245 3940 Smb - ok
    11:51:07.0323 3940 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
    11:51:07.0354 3940 SNMPTRAP - ok
    11:51:07.0385 3940 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
    11:51:07.0401 3940 spldr - ok
    11:51:07.0479 3940 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
    11:51:07.0572 3940 Spooler - ok
    11:51:07.0962 3940 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
    11:51:08.0165 3940 sppsvc - ok
    11:51:08.0321 3940 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
    11:51:08.0399 3940 sppuinotify - ok
    11:51:08.0539 3940 SRTSP (96babc4906ecdb1c69d1176f8647ad8e) C:\windows\System32\Drivers\N360x64\0404000.00C\SRTSP64.SYS
    11:51:08.0602 3940 SRTSP - ok
    11:51:08.0617 3940 SRTSPX (c7f491a290e0e4222f5cdcd50eeb8167) C:\windows\system32\drivers\N360x64\0404000.00C\SRTSPX64.SYS
    11:51:08.0649 3940 SRTSPX - ok
    11:51:08.0727 3940 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
    11:51:08.0789 3940 srv - ok
    11:51:08.0851 3940 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
    11:51:08.0883 3940 srv2 - ok
    11:51:08.0929 3940 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
    11:51:08.0961 3940 srvnet - ok
    11:51:09.0023 3940 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
    11:51:09.0101 3940 SSDPSRV - ok
    11:51:09.0132 3940 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
    11:51:09.0210 3940 SstpSvc - ok
    11:51:09.0241 3940 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\drivers\stexstor.sys
    11:51:09.0273 3940 stexstor - ok
    11:51:09.0382 3940 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
    11:51:09.0429 3940 stisvc - ok
    11:51:09.0475 3940 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
    11:51:09.0522 3940 swenum - ok
    11:51:09.0678 3940 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
    11:51:09.0756 3940 swprv - ok
    11:51:09.0897 3940 SymDS (659b227a72b76115975a6a9491b2fe1f) C:\windows\system32\drivers\N360x64\0404000.00C\SYMDS64.SYS
    11:51:09.0943 3940 SymDS - ok
    11:51:10.0021 3940 SymEFA (9f5783a4a03d0091cdbdaa858b566926) C:\windows\system32\drivers\N360x64\0404000.00C\SYMEFA64.SYS
    11:51:10.0068 3940 SymEFA - ok
    11:51:10.0146 3940 SymEvent (3f9d5fe52585e2653e59fdbfdf09a94c) C:\windows\system32\Drivers\SYMEVENT64x86.SYS
    11:51:10.0193 3940 SymEvent - ok
    11:51:10.0255 3940 SymIRON (f57588546e738db1583981d8f44e9bc2) C:\windows\system32\drivers\N360x64\0404000.00C\Ironx64.SYS
    11:51:10.0318 3940 SymIRON - ok
    11:51:10.0411 3940 SYMTDIv (3adfb72f0797ae3832509fe030755e21) C:\windows\System32\Drivers\N360x64\0404000.00C\SYMTDIV.SYS
    11:51:10.0474 3940 SYMTDIv - ok
    11:51:10.0661 3940 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
    11:51:10.0755 3940 SysMain - ok
    11:51:10.0926 3940 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
    11:51:10.0973 3940 TabletInputService - ok
    11:51:11.0020 3940 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
    11:51:11.0098 3940 TapiSrv - ok
    11:51:11.0129 3940 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
    11:51:11.0207 3940 TBS - ok
    11:51:11.0488 3940 Tcpip (fc62769e7bff2896035aeed399108162) C:\windows\system32\drivers\tcpip.sys
    11:51:11.0566 3940 Tcpip - ok
    11:51:11.0940 3940 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\windows\system32\DRIVERS\tcpip.sys
    11:51:12.0003 3940 TCPIP6 - ok
    11:51:12.0190 3940 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
    11:51:12.0268 3940 tcpipreg - ok
    11:51:12.0330 3940 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
    11:51:12.0377 3940 tdcmdpst - ok
    11:51:12.0424 3940 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
    11:51:12.0439 3940 TDPIPE - ok
    11:51:12.0486 3940 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
    11:51:12.0517 3940 TDTCP - ok
    11:51:12.0549 3940 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
    11:51:12.0627 3940 tdx - ok
    11:51:12.0673 3940 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\DRIVERS\termdd.sys
    11:51:12.0705 3940 TermDD - ok
    11:51:12.0798 3940 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
    11:51:12.0892 3940 TermService - ok
    11:51:12.0923 3940 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
    11:51:12.0970 3940 Themes - ok
    11:51:13.0001 3940 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
    11:51:13.0079 3940 THREADORDER - ok
    11:51:13.0266 3940 TMachInfo (dfe9ba871b9f3dbb591bd113611cbcc0) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
    11:51:13.0297 3940 TMachInfo - ok
    11:51:13.0344 3940 TODDSrv (8e2c799d3476eac32c3ba0df7ce6af19) C:\windows\system32\TODDSrv.exe
    11:51:13.0375 3940 TODDSrv - ok
    11:51:13.0578 3940 TosCoSrv (db9719688c08f42705feb3f6a0c98b91) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    11:51:13.0609 3940 TosCoSrv - ok
    11:51:13.0719 3940 TOSHIBA HDD SSD Alert Service (74c2fa8c3765ee71a9c22182ec108457) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
    11:51:13.0750 3940 TOSHIBA HDD SSD Alert Service - ok
    11:51:13.0781 3940 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
    11:51:13.0859 3940 TrkWks - ok
    11:51:13.0937 3940 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
    11:51:14.0015 3940 TrustedInstaller - ok
    11:51:14.0077 3940 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
    11:51:14.0155 3940 tssecsrv - ok
    11:51:14.0202 3940 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
    11:51:14.0249 3940 TsUsbFlt - ok
    11:51:14.0265 3940 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\windows\system32\drivers\TsUsbGD.sys
    11:51:14.0280 3940 TsUsbGD - ok
    11:51:14.0374 3940 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
    11:51:14.0436 3940 tunnel - ok
    11:51:14.0514 3940 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
    11:51:14.0545 3940 TVALZ - ok
    11:51:14.0577 3940 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\drivers\uagp35.sys
    11:51:14.0592 3940 uagp35 - ok
    11:51:14.0670 3940 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
    11:51:14.0748 3940 udfs - ok
    11:51:14.0779 3940 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
    11:51:14.0811 3940 UI0Detect - ok
    11:51:14.0857 3940 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
    11:51:14.0889 3940 uliagpkx - ok
    11:51:14.0935 3940 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys
    11:51:14.0967 3940 umbus - ok
    11:51:15.0029 3940 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\drivers\umpass.sys
    11:51:15.0060 3940 UmPass - ok
    11:51:15.0107 3940 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
    11:51:15.0201 3940 upnphost - ok
    11:51:15.0263 3940 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\windows\system32\Drivers\usbaapl64.sys
    11:51:15.0294 3940 USBAAPL64 - ok
    11:51:15.0325 3940 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
    11:51:15.0372 3940 usbccgp - ok
    11:51:15.0435 3940 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
    11:51:15.0481 3940 usbcir - ok
    11:51:15.0513 3940 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
    11:51:15.0544 3940 usbehci - ok
    11:51:15.0622 3940 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
    11:51:15.0669 3940 usbhub - ok
    11:51:15.0700 3940 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\DRIVERS\usbohci.sys
    11:51:15.0731 3940 usbohci - ok
    11:51:15.0762 3940 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\drivers\usbprint.sys
    11:51:15.0793 3940 usbprint - ok
    11:51:15.0825 3940 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
    11:51:15.0856 3940 USBSTOR - ok
    11:51:15.0871 3940 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
    11:51:15.0903 3940 usbuhci - ok
    11:51:15.0965 3940 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\system32\Drivers\usbvideo.sys
    11:51:16.0012 3940 usbvideo - ok
    11:51:16.0043 3940 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
    11:51:16.0121 3940 UxSms - ok
    11:51:16.0152 3940 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
    11:51:16.0183 3940 VaultSvc - ok
    11:51:16.0230 3940 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
    11:51:16.0246 3940 vdrvroot - ok
    11:51:16.0339 3940 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
    11:51:16.0417 3940 vds - ok
    11:51:16.0480 3940 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
    11:51:16.0511 3940 vga - ok
    11:51:16.0527 3940 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
    11:51:16.0605 3940 VgaSave - ok
    11:51:16.0636 3940 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
    11:51:16.0651 3940 vhdmp - ok
    11:51:16.0683 3940 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
    11:51:16.0714 3940 viaide - ok
    11:51:16.0745 3940 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
    11:51:16.0776 3940 volmgr - ok
    11:51:16.0839 3940 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
    11:51:16.0870 3940 volmgrx - ok
    11:51:16.0901 3940 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
    11:51:16.0932 3940 volsnap - ok
    11:51:17.0010 3940 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\drivers\vsmraid.sys
    11:51:17.0026 3940 vsmraid - ok
    11:51:17.0213 3940 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
    11:51:17.0322 3940 VSS - ok
    11:51:17.0494 3940 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
    11:51:17.0525 3940 vwifibus - ok
    11:51:17.0587 3940 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
    11:51:17.0619 3940 vwififlt - ok
    11:51:17.0728 3940 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
    11:51:17.0821 3940 W32Time - ok
    11:51:17.0868 3940 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\drivers\wacompen.sys
    11:51:17.0899 3940 WacomPen - ok
    11:51:17.0962 3940 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
    11:51:18.0055 3940 WANARP - ok
    11:51:18.0071 3940 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
    11:51:18.0133 3940 Wanarpv6 - ok
    11:51:18.0352 3940 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
    11:51:18.0414 3940 WatAdminSvc - ok
    11:51:18.0586 3940 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
    11:51:18.0648 3940 wbengine - ok
    11:51:18.0835 3940 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
    11:51:18.0882 3940 WbioSrvc - ok
    11:51:18.0945 3940 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
    11:51:18.0991 3940 wcncsvc - ok
    11:51:19.0007 3940 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
    11:51:19.0038 3940 WcsPlugInService - ok
    11:51:19.0116 3940 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\drivers\wd.sys
    11:51:19.0147 3940 Wd - ok
    11:51:19.0225 3940 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
    11:51:19.0272 3940 Wdf01000 - ok
    11:51:19.0288 3940 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
    11:51:19.0335 3940 WdiServiceHost - ok
    11:51:19.0335 3940 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
    11:51:19.0381 3940 WdiSystemHost - ok
    11:51:19.0444 3940 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
    11:51:19.0491 3940 WebClient - ok
    11:51:19.0537 3940 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
    11:51:19.0615 3940 Wecsvc - ok
    11:51:19.0662 3940 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
    11:51:19.0725 3940 wercplsupport - ok
    11:51:19.0787 3940 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
    11:51:19.0865 3940 WerSvc - ok
    11:51:19.0959 3940 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
    11:51:20.0021 3940 WfpLwf - ok
    11:51:20.0052 3940 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
    11:51:20.0068 3940 WIMMount - ok
    11:51:20.0161 3940 WinDefend - ok
    11:51:20.0177 3940 WinHttpAutoProxySvc - ok
    11:51:20.0271 3940 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
    11:51:20.0349 3940 Winmgmt - ok
    11:51:20.0583 3940 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
    11:51:20.0707 3940 WinRM - ok
    11:51:20.0926 3940 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
    11:51:20.0973 3940 WinUsb - ok
    11:51:21.0082 3940 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
    11:51:21.0144 3940 Wlansvc - ok
    11:51:21.0285 3940 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
    11:51:21.0316 3940 wlcrasvc - ok
    11:51:21.0643 3940 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    11:51:21.0737 3940 wlidsvc - ok
    11:51:21.0909 3940 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
    11:51:21.0940 3940 WmiAcpi - ok
    11:51:22.0033 3940 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
    11:51:22.0080 3940 wmiApSrv - ok
    11:51:22.0174 3940 WMPNetworkSvc - ok
    11:51:22.0236 3940 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
    11:51:22.0283 3940 WPCSvc - ok
    11:51:22.0314 3940 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
    11:51:22.0345 3940 WPDBusEnum - ok
    11:51:22.0377 3940 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
    11:51:22.0455 3940 ws2ifsl - ok
    11:51:22.0486 3940 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\system32\wscsvc.dll
    11:51:22.0517 3940 wscsvc - ok
    11:51:22.0533 3940 WSearch - ok
    11:51:22.0782 3940 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\windows\system32\wuaueng.dll
    11:51:22.0923 3940 wuauserv - ok
    11:51:23.0110 3940 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
    11:51:23.0188 3940 WudfPf - ok
    11:51:23.0250 3940 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
    11:51:23.0313 3940 WUDFRd - ok
    11:51:23.0344 3940 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
    11:51:23.0422 3940 wudfsvc - ok
    11:51:23.0469 3940 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
    11:51:23.0515 3940 WwanSvc - ok
    11:51:23.0578 3940 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
    11:51:23.0703 3940 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
    11:51:23.0703 3940 \Device\Harddisk0\DR0 - detected TDSS File System (1)
    11:51:23.0749 3940 Boot (0x1200) (80ff801dbe2bbb8d72c04df77d231689) \Device\Harddisk0\DR0\Partition0
    11:51:23.0749 3940 \Device\Harddisk0\DR0\Partition0 - ok
    11:51:23.0749 3940 ============================================================
    11:51:23.0749 3940 Scan finished
    11:51:23.0749 3940 ============================================================
    11:51:23.0781 4864 Detected object count: 1
    11:51:23.0781 4864 Actual detected object count: 1
    11:52:54.0417 4864 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
    11:52:54.0432 4864 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
    11:52:54.0432 4864 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
    11:52:54.0448 4864 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
    11:52:54.0479 4864 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
    11:52:54.0510 4864 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
    11:52:54.0510 4864 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
    11:52:54.0526 4864 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
    11:52:54.0526 4864 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
    11:52:54.0526 4864 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
    11:52:54.0541 4864 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
    11:52:54.0541 4864 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
    11:52:54.0541 4864 \Device\Harddisk0\DR0\TDLFS - deleted
    11:52:54.0541 4864 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
    11:53:11.0046 4148 Deinitialize success
  3. 2012-05-08, 19:34 #23
    spetrarca
    spetrarca is offline
    Junior Member
    Join Date
    Apr 2012
    Posts
    14

    Default

    Crud, I can't edit my posts. Correct log incoming shortly...
  4. 2012-05-08, 19:38 #24
    spetrarca
    spetrarca is offline
    Junior Member
    Join Date
    Apr 2012
    Posts
    14

    Default

    Well that's no good, I don't seem to have a log from the 27th - it does appear however that the svchost.exe file is no longer running in the Processes tab of the Task Manager - would running CF without the script generate the log you need?

    Thanks
  5. 2012-05-09, 00:06 #25
    oldman960
    oldman960 is offline
    Senior Member
    Join Date
    Sep 2010
    Posts
    631

    Default

    Hi spetrarca,

    Get a new copy of combofix first. Just right click and delete the one you have now.
    Member of UNITE and ASAP
  6. 2012-05-23, 03:57 #26
    oldman960
    oldman960 is offline
    Senior Member
    Join Date
    Sep 2010
    Posts
    631

    Default

    Due to inactivity, this thread will now be closed.

    Note:If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh DDS log and a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.
    Member of UNITE and ASAP
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules