Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How to remove: Click.livesearch.com Redirect


  • Please log in to reply
7 replies to this topic

#1 SoundsOfSand

SoundsOfSand

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:34 AM

Posted 12 January 2013 - 02:05 PM

Hello. My name is Adam. I know computer basics, but I'd not advanced or very knowledgeable about the inner workings of a computer and folders with icons and all of that.

When I do a google search, I am redirected to Click.livesearch.com I know this is a computer virus of some type, and I have looked up ways to get rid of it, but haven't had any luck, because each one I found either wanted me to pay a bunch of money or was too advanced for me to comprehend.

Someone please help me rid my computer of Click.livesearch.com! Thanks!

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:34 AM

Posted 12 January 2013 - 02:41 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 SoundsOfSand

SoundsOfSand
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:34 AM

Posted 12 January 2013 - 08:15 PM

TDSSkiller RESULTS:
14:39:53.0246 1640 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:39:53.0729 1640 ============================================================
14:39:53.0729 1640 Current date / time: 2013/01/12 14:39:53.0729
14:39:53.0729 1640 SystemInfo:
14:39:53.0729 1640
14:39:53.0745 1640 OS Version: 6.0.6002 ServicePack: 2.0
14:39:53.0745 1640 Product type: Workstation
14:39:53.0745 1640 ComputerName: ADAM-PC
14:39:53.0745 1640 UserName: Adam
14:39:53.0745 1640 Windows directory: C:\Windows
14:39:53.0745 1640 System windows directory: C:\Windows
14:39:53.0745 1640 Running under WOW64
14:39:53.0745 1640 Processor architecture: Intel x64
14:39:53.0745 1640 Number of processors: 2
14:39:53.0745 1640 Page size: 0x1000
14:39:53.0745 1640 Boot type: Normal boot
14:39:53.0745 1640 ============================================================
14:39:54.0322 1640 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:39:54.0338 1640 ============================================================
14:39:54.0338 1640 \Device\Harddisk0\DR0:
14:39:54.0338 1640 MBR partitions:
14:39:54.0338 1640 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x23CC4000
14:39:54.0338 1640 ============================================================
14:39:54.0353 1640 C: <-> \Device\Harddisk0\DR0\Partition1
14:39:54.0353 1640 ============================================================
14:39:54.0353 1640 Initialize success
14:39:54.0353 1640 ============================================================
14:40:14.0836 4244 ============================================================
14:40:14.0852 4244 Scan started
14:40:14.0852 4244 Mode: Manual; TDLFS;
14:40:14.0852 4244 ============================================================
14:40:15.0055 4244 ================ Scan system memory ========================
14:40:15.0055 4244 System memory - ok
14:40:15.0055 4244 ================ Scan services =============================
14:40:15.0195 4244 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
14:40:15.0211 4244 ACPI - ok
14:40:15.0273 4244 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:40:15.0289 4244 adp94xx - ok
14:40:15.0320 4244 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:40:15.0320 4244 adpahci - ok
14:40:15.0335 4244 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
14:40:15.0335 4244 adpu160m - ok
14:40:15.0367 4244 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:40:15.0367 4244 adpu320 - ok
14:40:15.0413 4244 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:40:15.0413 4244 AeLookupSvc - ok
14:40:15.0460 4244 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
14:40:15.0476 4244 AFD - ok
14:40:15.0507 4244 [ 8FE65709982F2CB7D291F6C9B2C60805 ] AgereModemAudio C:\Windows\system32\agr64svc.exe
14:40:15.0507 4244 AgereModemAudio - ok
14:40:15.0554 4244 [ 55FCDB10E31C22EB67454AAEF42B6725 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
14:40:15.0554 4244 AgereSoftModem - ok
14:40:15.0585 4244 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:40:15.0601 4244 agp440 - ok
14:40:15.0616 4244 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
14:40:15.0616 4244 aic78xx - ok
14:40:15.0632 4244 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
14:40:15.0632 4244 ALG - ok
14:40:15.0663 4244 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys
14:40:15.0663 4244 aliide - ok
14:40:15.0679 4244 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
14:40:15.0679 4244 amdide - ok
14:40:15.0710 4244 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:40:15.0710 4244 AmdK8 - ok
14:40:15.0725 4244 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
14:40:15.0725 4244 Appinfo - ok
14:40:15.0819 4244 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:40:15.0819 4244 Apple Mobile Device - ok
14:40:15.0850 4244 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
14:40:15.0850 4244 arc - ok
14:40:15.0897 4244 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:40:15.0897 4244 arcsas - ok
14:40:15.0928 4244 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:40:15.0928 4244 AsyncMac - ok
14:40:15.0944 4244 [ B388797CAAB36D523840347CC6A39B96 ] atapi C:\Windows\system32\drivers\atapi.sys
14:40:15.0944 4244 atapi - ok
14:40:15.0991 4244 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:40:15.0991 4244 AudioEndpointBuilder - ok
14:40:16.0006 4244 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:40:16.0022 4244 AudioSrv - ok
14:40:16.0225 4244 [ ED97ADAF00A61F57A2CCBBB1CE58C600 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20130107.001\BHDrvx64.sys
14:40:16.0240 4244 BHDrvx64 - ok
14:40:16.0318 4244 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\System32\qmgr.dll
14:40:16.0334 4244 BITS - ok
14:40:16.0365 4244 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
14:40:16.0365 4244 blbdrive - ok
14:40:16.0443 4244 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:40:16.0459 4244 Bonjour Service - ok
14:40:16.0490 4244 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:40:16.0490 4244 bowser - ok
14:40:16.0521 4244 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
14:40:16.0521 4244 BrFiltLo - ok
14:40:16.0537 4244 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
14:40:16.0537 4244 BrFiltUp - ok
14:40:16.0552 4244 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
14:40:16.0552 4244 Browser - ok
14:40:16.0583 4244 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
14:40:16.0583 4244 Brserid - ok
14:40:16.0615 4244 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
14:40:16.0615 4244 BrSerWdm - ok
14:40:16.0646 4244 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
14:40:16.0646 4244 BrUsbMdm - ok
14:40:16.0677 4244 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
14:40:16.0677 4244 BrUsbSer - ok
14:40:16.0693 4244 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:40:16.0693 4244 BTHMODEM - ok
14:40:16.0739 4244 [ F1140ED3A1E1D6824A63F27AFD9EEF32 ] camsvc C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe
14:40:16.0739 4244 camsvc - ok
14:40:16.0817 4244 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\0604000.009\ccSetx64.sys
14:40:16.0817 4244 ccSet_N360 - ok
14:40:16.0849 4244 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:40:16.0849 4244 cdfs - ok
14:40:16.0895 4244 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:40:16.0895 4244 cdrom - ok
14:40:16.0942 4244 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
14:40:16.0942 4244 CertPropSvc - ok
14:40:16.0973 4244 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\drivers\circlass.sys
14:40:16.0973 4244 circlass - ok
14:40:17.0020 4244 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
14:40:17.0036 4244 CLFS - ok
14:40:17.0114 4244 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:40:17.0114 4244 clr_optimization_v2.0.50727_32 - ok
14:40:17.0161 4244 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:40:17.0161 4244 clr_optimization_v2.0.50727_64 - ok
14:40:17.0223 4244 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:40:17.0239 4244 clr_optimization_v4.0.30319_32 - ok
14:40:17.0270 4244 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:40:17.0270 4244 clr_optimization_v4.0.30319_64 - ok
14:40:17.0301 4244 [ B52D9A14CE4101577900A364BA86F3DF ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:40:17.0301 4244 CmBatt - ok
14:40:17.0317 4244 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:40:17.0317 4244 cmdide - ok
14:40:17.0348 4244 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:40:17.0348 4244 Compbatt - ok
14:40:17.0363 4244 COMSysApp - ok
14:40:17.0395 4244 [ BCF2C3177E4777E3793310BAC0244C1A ] ConfigFree Gadget Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
14:40:17.0410 4244 ConfigFree Gadget Service - ok
14:40:17.0426 4244 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
14:40:17.0426 4244 ConfigFree Service - ok
14:40:17.0426 4244 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:40:17.0426 4244 crcdisk - ok
14:40:17.0473 4244 [ 62740B9D2A137E8CED41A9E4239A7A31 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:40:17.0473 4244 CryptSvc - ok
14:40:17.0519 4244 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
14:40:17.0535 4244 DcomLaunch - ok
14:40:17.0566 4244 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:40:17.0566 4244 DfsC - ok
14:40:17.0707 4244 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
14:40:17.0738 4244 DFSR - ok
14:40:17.0816 4244 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
14:40:17.0816 4244 Dhcp - ok
14:40:17.0863 4244 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
14:40:17.0863 4244 disk - ok
14:40:17.0909 4244 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:40:17.0909 4244 Dnscache - ok
14:40:17.0925 4244 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
14:40:17.0925 4244 dot3svc - ok
14:40:17.0987 4244 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
14:40:17.0987 4244 DPS - ok
14:40:18.0019 4244 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:40:18.0019 4244 drmkaud - ok
14:40:18.0081 4244 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:40:18.0081 4244 DXGKrnl - ok
14:40:18.0112 4244 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
14:40:18.0112 4244 E1G60 - ok
14:40:18.0143 4244 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
14:40:18.0143 4244 EapHost - ok
14:40:18.0159 4244 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
14:40:18.0159 4244 Ecache - ok
14:40:18.0237 4244 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
14:40:18.0237 4244 eeCtrl - ok
14:40:18.0299 4244 [ 33510BE001CCDB5A01FCC88F4DD8DFC7 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:40:18.0299 4244 ehRecvr - ok
14:40:18.0331 4244 [ 1ABC6436B0EDAA3D496D9C827F92820D ] ehSched C:\Windows\ehome\ehsched.exe
14:40:18.0331 4244 ehSched - ok
14:40:18.0346 4244 [ 08F48CB2CD4019AFB0456869B49CD76F ] ehstart C:\Windows\ehome\ehstart.dll
14:40:18.0346 4244 ehstart - ok
14:40:18.0409 4244 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:40:18.0409 4244 elxstor - ok
14:40:18.0455 4244 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
14:40:18.0455 4244 EMDMgmt - ok
14:40:18.0502 4244 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
14:40:18.0502 4244 EraserUtilRebootDrv - ok
14:40:18.0533 4244 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:40:18.0533 4244 ErrDev - ok
14:40:18.0596 4244 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
14:40:18.0596 4244 EventSystem - ok
14:40:18.0674 4244 [ B43896E1DE42639BA7AD4FD7988C01E5 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
14:40:18.0689 4244 EvtEng - ok
14:40:18.0721 4244 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
14:40:18.0721 4244 exfat - ok
14:40:18.0752 4244 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:40:18.0752 4244 fastfat - ok
14:40:18.0800 4244 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:40:18.0800 4244 fdc - ok
14:40:18.0831 4244 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
14:40:18.0846 4244 fdPHost - ok
14:40:18.0846 4244 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
14:40:18.0846 4244 FDResPub - ok
14:40:18.0862 4244 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:40:18.0862 4244 FileInfo - ok
14:40:18.0878 4244 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:40:18.0878 4244 Filetrace - ok
14:40:18.0909 4244 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:40:18.0909 4244 flpydisk - ok
14:40:18.0987 4244 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:40:18.0987 4244 FltMgr - ok
14:40:19.0065 4244 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
14:40:19.0080 4244 FontCache - ok
14:40:19.0143 4244 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:40:19.0143 4244 FontCache3.0.0.0 - ok
14:40:19.0174 4244 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:40:19.0174 4244 Fs_Rec - ok
14:40:19.0190 4244 [ 6D06B5EEBBA23C16789EFC820EE1F253 ] FwLnk C:\Windows\system32\DRIVERS\FwLnk.sys
14:40:19.0190 4244 FwLnk - ok
14:40:19.0221 4244 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:40:19.0221 4244 gagp30kx - ok
14:40:19.0252 4244 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:40:19.0268 4244 GEARAspiWDM - ok
14:40:19.0314 4244 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
14:40:19.0330 4244 gpsvc - ok
14:40:19.0392 4244 [ 626A24ED1228580B9518C01930936DF9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:40:19.0392 4244 gupdate - ok
14:40:19.0392 4244 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:40:19.0392 4244 gupdatem - ok
14:40:19.0424 4244 [ DF45F8142DC6DF9D18C39B3EFFBD0409 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:40:19.0424 4244 HdAudAddService - ok
14:40:19.0486 4244 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:40:19.0502 4244 HDAudBus - ok
14:40:19.0517 4244 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:40:19.0517 4244 HidBth - ok
14:40:19.0548 4244 [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr C:\Windows\system32\drivers\hidir.sys
14:40:19.0548 4244 HidIr - ok
14:40:19.0595 4244 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
14:40:19.0595 4244 hidserv - ok
14:40:19.0626 4244 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:40:19.0626 4244 HidUsb - ok
14:40:19.0658 4244 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
14:40:19.0658 4244 hkmsvc - ok
14:40:19.0689 4244 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
14:40:19.0689 4244 HpCISSs - ok
14:40:19.0736 4244 [ 57BA73B5B321291E5114CB21350E1EA0 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL6.SYS
14:40:19.0736 4244 HSFHWAZL - ok
14:40:19.0799 4244 [ E6CD7F641916484B0141D191A390D866 ] HSF_DPV C:\Windows\system32\DRIVERS\VSTDPV6.SYS
14:40:19.0815 4244 HSF_DPV - ok
14:40:19.0877 4244 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:40:19.0877 4244 HTTP - ok
14:40:19.0908 4244 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
14:40:19.0908 4244 i2omp - ok
14:40:19.0939 4244 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:40:19.0939 4244 i8042prt - ok
14:40:20.0017 4244 [ 1ADAA4F16073FD0C7270F451FD024E97 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
14:40:20.0017 4244 iaStor - ok
14:40:20.0049 4244 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
14:40:20.0049 4244 iaStorV - ok
14:40:20.0111 4244 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
14:40:20.0111 4244 IDriverT - ok
14:40:20.0189 4244 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:40:20.0189 4244 idsvc - ok
14:40:20.0298 4244 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20130111.002\IDSvia64.sys
14:40:20.0298 4244 IDSVia64 - ok
14:40:20.0532 4244 [ 8B7DE1EA805335B1361D459ACB4ECE18 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
14:40:20.0595 4244 igfx - ok
14:40:20.0719 4244 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:40:20.0719 4244 iirsp - ok
14:40:20.0766 4244 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
14:40:20.0766 4244 IKEEXT - ok
14:40:20.0845 4244 [ CE57D1A91272A35989837B868C8366DF ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:40:20.0861 4244 IntcAzAudAddService - ok
14:40:20.0892 4244 [ BE1CB000C655396C9DEF09AEE3EA2D67 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
14:40:20.0908 4244 IntcHdmiAddService - ok
14:40:20.0923 4244 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
14:40:20.0923 4244 intelide - ok
14:40:20.0939 4244 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:40:20.0939 4244 intelppm - ok
14:40:20.0970 4244 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:40:20.0970 4244 IPBusEnum - ok
14:40:21.0001 4244 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:40:21.0001 4244 IpFilterDriver - ok
14:40:21.0017 4244 IpInIp - ok
14:40:21.0032 4244 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
14:40:21.0032 4244 IPMIDRV - ok
14:40:21.0079 4244 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
14:40:21.0079 4244 IPNAT - ok
14:40:21.0142 4244 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:40:21.0142 4244 iPod Service - ok
14:40:21.0173 4244 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:40:21.0173 4244 IRENUM - ok
14:40:21.0188 4244 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:40:21.0188 4244 isapnp - ok
14:40:21.0235 4244 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
14:40:21.0251 4244 iScsiPrt - ok
14:40:21.0266 4244 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
14:40:21.0266 4244 iteatapi - ok
14:40:21.0298 4244 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
14:40:21.0298 4244 iteraid - ok
14:40:21.0313 4244 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:40:21.0313 4244 kbdclass - ok
14:40:21.0344 4244 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:40:21.0344 4244 kbdhid - ok
14:40:21.0376 4244 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
14:40:21.0376 4244 KeyIso - ok
14:40:21.0422 4244 [ 2758D174604F597BBC8A217FF667913D ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:40:21.0422 4244 KSecDD - ok
14:40:21.0438 4244 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:40:21.0438 4244 ksthunk - ok
14:40:21.0485 4244 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
14:40:21.0485 4244 KtmRm - ok
14:40:21.0532 4244 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:40:21.0547 4244 LanmanServer - ok
14:40:21.0578 4244 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:40:21.0578 4244 LanmanWorkstation - ok
14:40:21.0641 4244 [ 6E5DAC168D1FF9843E84A59D51D31107 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
14:40:21.0641 4244 LightScribeService - ok
14:40:21.0641 4244 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:40:21.0641 4244 lltdio - ok
14:40:21.0703 4244 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:40:21.0703 4244 lltdsvc - ok
14:40:21.0719 4244 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:40:21.0734 4244 lmhosts - ok
14:40:21.0781 4244 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:40:21.0781 4244 LSI_FC - ok
14:40:21.0798 4244 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:40:21.0798 4244 LSI_SAS - ok
14:40:21.0845 4244 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:40:21.0845 4244 LSI_SCSI - ok
14:40:21.0876 4244 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
14:40:21.0876 4244 luafv - ok
14:40:21.0891 4244 [ 922CBAC7B992B9614CAB7122F4BF9406 ] ManyCam C:\Windows\system32\DRIVERS\mcvidrv_x64.sys
14:40:21.0891 4244 ManyCam - ok
14:40:21.0938 4244 [ 34A42DD7CF525D0D2C5232916496E4B8 ] mcaudrv_simple C:\Windows\system32\drivers\mcaudrv_x64.sys
14:40:21.0938 4244 mcaudrv_simple - ok
14:40:21.0969 4244 [ 6DA30C0DE0CC8525E89D612C5063CAC1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:40:21.0969 4244 Mcx2Svc - ok
14:40:22.0001 4244 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
14:40:22.0001 4244 megasas - ok
14:40:22.0032 4244 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
14:40:22.0032 4244 MegaSR - ok
14:40:22.0079 4244 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
14:40:22.0094 4244 MMCSS - ok
14:40:22.0110 4244 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
14:40:22.0110 4244 Modem - ok
14:40:22.0125 4244 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:40:22.0125 4244 monitor - ok
14:40:22.0157 4244 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:40:22.0157 4244 mouclass - ok
14:40:22.0172 4244 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:40:22.0188 4244 mouhid - ok
14:40:22.0188 4244 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
14:40:22.0203 4244 MountMgr - ok
14:40:22.0219 4244 [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:40:22.0219 4244 MozillaMaintenance - ok
14:40:22.0235 4244 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
14:40:22.0250 4244 mpio - ok
14:40:22.0266 4244 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:40:22.0266 4244 mpsdrv - ok
14:40:22.0297 4244 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
14:40:22.0297 4244 Mraid35x - ok
14:40:22.0328 4244 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:40:22.0328 4244 MRxDAV - ok
14:40:22.0375 4244 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:40:22.0375 4244 mrxsmb - ok
14:40:22.0406 4244 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:40:22.0422 4244 mrxsmb10 - ok
14:40:22.0437 4244 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:40:22.0437 4244 mrxsmb20 - ok
14:40:22.0453 4244 [ E7E3E515D1D33A2A372D7FCE2BBEF5D9 ] msahci C:\Windows\system32\drivers\msahci.sys
14:40:22.0453 4244 msahci - ok
14:40:22.0500 4244 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:40:22.0500 4244 msdsm - ok
14:40:22.0531 4244 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
14:40:22.0531 4244 MSDTC - ok
14:40:22.0562 4244 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:40:22.0562 4244 Msfs - ok
14:40:22.0593 4244 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:40:22.0593 4244 msisadrv - ok
14:40:22.0640 4244 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:40:22.0640 4244 MSiSCSI - ok
14:40:22.0640 4244 msiserver - ok
14:40:22.0671 4244 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:40:22.0671 4244 MSKSSRV - ok
14:40:22.0703 4244 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:40:22.0703 4244 MSPCLOCK - ok
14:40:22.0718 4244 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:40:22.0718 4244 MSPQM - ok
14:40:22.0765 4244 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:40:22.0765 4244 MsRPC - ok
14:40:22.0781 4244 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:40:22.0781 4244 mssmbios - ok
14:40:22.0827 4244 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:40:22.0827 4244 MSTEE - ok
14:40:22.0843 4244 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
14:40:22.0843 4244 Mup - ok
14:40:22.0921 4244 [ F2840DBFE9322F35557219AE82CC4597 ] N360 C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\ccSvcHst.exe
14:40:22.0937 4244 N360 - ok
14:40:22.0983 4244 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
14:40:22.0983 4244 napagent - ok
14:40:23.0046 4244 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:40:23.0046 4244 NativeWifiP - ok
14:40:23.0124 4244 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130111.037\ENG64.SYS
14:40:23.0124 4244 NAVENG - ok
14:40:23.0233 4244 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130111.037\EX64.SYS
14:40:23.0264 4244 NAVEX15 - ok
14:40:23.0327 4244 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:40:23.0327 4244 NDIS - ok
14:40:23.0373 4244 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:40:23.0373 4244 NdisTapi - ok
14:40:23.0389 4244 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:40:23.0389 4244 Ndisuio - ok
14:40:23.0436 4244 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:40:23.0436 4244 NdisWan - ok
14:40:23.0467 4244 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:40:23.0467 4244 NDProxy - ok
14:40:23.0498 4244 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:40:23.0498 4244 NetBIOS - ok
14:40:23.0545 4244 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
14:40:23.0561 4244 netbt - ok
14:40:23.0576 4244 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
14:40:23.0576 4244 Netlogon - ok
14:40:23.0607 4244 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
14:40:23.0607 4244 Netman - ok
14:40:23.0639 4244 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
14:40:23.0639 4244 netprofm - ok
14:40:23.0685 4244 [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:40:23.0685 4244 NetTcpPortSharing - ok
14:40:23.0826 4244 [ 2BDCB7B7917380794C9D87AC2153CE33 ] NETw5v64 C:\Windows\system32\DRIVERS\NETw5v64.sys
14:40:23.0873 4244 NETw5v64 - ok
14:40:23.0904 4244 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:40:23.0904 4244 nfrd960 - ok
14:40:23.0935 4244 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
14:40:23.0951 4244 NlaSvc - ok
14:40:23.0982 4244 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:40:23.0982 4244 Npfs - ok
14:40:23.0997 4244 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
14:40:23.0997 4244 nsi - ok
14:40:24.0029 4244 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:40:24.0029 4244 nsiproxy - ok
14:40:24.0122 4244 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:40:24.0138 4244 Ntfs - ok
14:40:24.0169 4244 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
14:40:24.0169 4244 Null - ok
14:40:24.0185 4244 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:40:24.0185 4244 nvraid - ok
14:40:24.0216 4244 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:40:24.0216 4244 nvstor - ok
14:40:24.0247 4244 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:40:24.0247 4244 nv_agp - ok
14:40:24.0263 4244 NwlnkFlt - ok
14:40:24.0263 4244 NwlnkFwd - ok
14:40:24.0356 4244 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:40:24.0356 4244 odserv - ok
14:40:24.0387 4244 [ 7B58953E2F263421FDBB09A192712A85 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:40:24.0387 4244 ohci1394 - ok
14:40:24.0419 4244 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:40:24.0419 4244 ose - ok
14:40:24.0465 4244 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
14:40:24.0481 4244 p2pimsvc - ok
14:40:24.0528 4244 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
14:40:24.0528 4244 p2psvc - ok
14:40:24.0559 4244 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
14:40:24.0559 4244 Parport - ok
14:40:24.0621 4244 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:40:24.0621 4244 partmgr - ok
14:40:24.0637 4244 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
14:40:24.0653 4244 PcaSvc - ok
14:40:24.0668 4244 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
14:40:24.0668 4244 pci - ok
14:40:24.0684 4244 [ 8D618C829034479985A9ED56106CC732 ] pciide C:\Windows\system32\DRIVERS\pciide.sys
14:40:24.0684 4244 pciide - ok
14:40:24.0715 4244 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:40:24.0715 4244 pcmcia - ok
14:40:24.0746 4244 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:40:24.0762 4244 PEAUTH - ok
14:40:24.0855 4244 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:40:24.0855 4244 PerfHost - ok
14:40:24.0918 4244 [ 2C3BA65F8CA712730050C29104E093F9 ] PGEffect C:\Windows\system32\DRIVERS\pgeffect.sys
14:40:24.0933 4244 PGEffect - ok
14:40:24.0996 4244 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
14:40:25.0011 4244 pla - ok
14:40:25.0058 4244 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:40:25.0058 4244 PlugPlay - ok
14:40:25.0089 4244 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
14:40:25.0105 4244 PNRPAutoReg - ok
14:40:25.0136 4244 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
14:40:25.0152 4244 PNRPsvc - ok
14:40:25.0199 4244 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:40:25.0199 4244 PolicyAgent - ok
14:40:25.0245 4244 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:40:25.0245 4244 PptpMiniport - ok
14:40:25.0277 4244 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
14:40:25.0277 4244 Processor - ok
14:40:25.0308 4244 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
14:40:25.0323 4244 ProfSvc - ok
14:40:25.0339 4244 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
14:40:25.0339 4244 ProtectedStorage - ok
14:40:25.0370 4244 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
14:40:25.0370 4244 PSched - ok
14:40:25.0433 4244 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:40:25.0448 4244 ql2300 - ok
14:40:25.0464 4244 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:40:25.0464 4244 ql40xx - ok
14:40:25.0511 4244 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
14:40:25.0511 4244 QWAVE - ok
14:40:25.0526 4244 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:40:25.0526 4244 QWAVEdrv - ok
14:40:25.0542 4244 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:40:25.0542 4244 RasAcd - ok
14:40:25.0557 4244 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
14:40:25.0557 4244 RasAuto - ok
14:40:25.0604 4244 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:40:25.0604 4244 Rasl2tp - ok
14:40:25.0620 4244 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
14:40:25.0635 4244 RasMan - ok
14:40:25.0667 4244 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:40:25.0667 4244 RasPppoe - ok
14:40:25.0698 4244 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:40:25.0698 4244 RasSstp - ok
14:40:25.0745 4244 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:40:25.0745 4244 rdbss - ok
14:40:25.0776 4244 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:40:25.0776 4244 RDPCDD - ok
14:40:25.0807 4244 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
14:40:25.0807 4244 rdpdr - ok
14:40:25.0823 4244 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:40:25.0823 4244 RDPENCDD - ok
14:40:25.0869 4244 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:40:25.0869 4244 RDPWD - ok
14:40:25.0932 4244 [ 02B918C898D017B428536AE77BCAAB25 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
14:40:25.0947 4244 RegSrvc - ok
14:40:25.0979 4244 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:40:25.0979 4244 RemoteAccess - ok
14:40:26.0010 4244 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:40:26.0025 4244 RemoteRegistry - ok
14:40:26.0057 4244 [ ABF0D2EAE54A7F071A54BD2828C982CA ] rimspci C:\Windows\system32\DRIVERS\rimspe64.sys
14:40:26.0057 4244 rimspci - ok
14:40:26.0072 4244 [ E8ED37D472EB5211C0A34FD63A3971E9 ] rixdpcie C:\Windows\system32\DRIVERS\rixdpe64.sys
14:40:26.0072 4244 rixdpcie - ok
14:40:26.0103 4244 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
14:40:26.0103 4244 RpcLocator - ok
14:40:26.0150 4244 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
14:40:26.0166 4244 RpcSs - ok
14:40:26.0213 4244 RSELSVC - ok
14:40:26.0244 4244 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:40:26.0244 4244 rspndr - ok
14:40:26.0244 4244 [ 3E800D0DD24C5CFE61A1D71A3F6FEAB9 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys
14:40:26.0244 4244 RTL8169 - ok
14:40:26.0275 4244 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
14:40:26.0275 4244 SamSs - ok
14:40:26.0306 4244 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:40:26.0306 4244 sbp2port - ok
14:40:26.0353 4244 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:40:26.0369 4244 SCardSvr - ok
14:40:26.0415 4244 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
14:40:26.0431 4244 Schedule - ok
14:40:26.0478 4244 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:40:26.0478 4244 SCPolicySvc - ok
14:40:26.0509 4244 [ BE100BC2BE2513314C717BB2C4CFFF10 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
14:40:26.0509 4244 sdbus - ok
14:40:26.0540 4244 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:40:26.0540 4244 SDRSVC - ok
14:40:26.0556 4244 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:40:26.0556 4244 secdrv - ok
14:40:26.0587 4244 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
14:40:26.0587 4244 seclogon - ok
14:40:26.0603 4244 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
14:40:26.0603 4244 SENS - ok
14:40:26.0618 4244 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
14:40:26.0618 4244 Serenum - ok
14:40:26.0634 4244 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
14:40:26.0634 4244 Serial - ok
14:40:26.0649 4244 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:40:26.0665 4244 sermouse - ok
14:40:26.0696 4244 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
14:40:26.0712 4244 SessionEnv - ok
14:40:26.0727 4244 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:40:26.0727 4244 sffdisk - ok
14:40:26.0743 4244 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:40:26.0743 4244 sffp_mmc - ok
14:40:26.0759 4244 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:40:26.0759 4244 sffp_sd - ok
14:40:26.0790 4244 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:40:26.0790 4244 sfloppy - ok
14:40:26.0852 4244 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:40:26.0868 4244 ShellHWDetection - ok
14:40:26.0899 4244 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
14:40:26.0899 4244 SiSRaid2 - ok
14:40:26.0915 4244 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:40:26.0915 4244 SiSRaid4 - ok
14:40:26.0993 4244 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:40:26.0993 4244 SkypeUpdate - ok
14:40:27.0086 4244 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
14:40:27.0117 4244 slsvc - ok
14:40:27.0149 4244 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
14:40:27.0164 4244 SLUINotify - ok
14:40:27.0195 4244 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:40:27.0195 4244 Smb - ok
14:40:27.0227 4244 [ 27F71F20E87FBF177C82AE924F9317F7 ] SMR250 C:\Windows\system32\drivers\SMR250.SYS
14:40:27.0227 4244 SMR250 - ok
14:40:27.0289 4244 [ D48F87803F3965EE04D9BCB318791AAB ] SMR311 C:\Windows\system32\drivers\SMR311.SYS
14:40:27.0289 4244 SMR311 - ok
14:40:27.0336 4244 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:40:27.0336 4244 SNMPTRAP - ok
14:40:27.0367 4244 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
14:40:27.0367 4244 spldr - ok
14:40:27.0414 4244 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
14:40:27.0414 4244 Spooler - ok
14:40:27.0476 4244 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\N360x64\0604000.009\SRTSP64.SYS
14:40:27.0492 4244 SRTSP - ok
14:40:27.0507 4244 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\N360x64\0604000.009\SRTSPX64.SYS
14:40:27.0507 4244 SRTSPX - ok
14:40:27.0554 4244 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
14:40:27.0554 4244 srv - ok
14:40:27.0617 4244 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:40:27.0617 4244 srv2 - ok
14:40:27.0632 4244 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:40:27.0632 4244 srvnet - ok
14:40:27.0679 4244 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:40:27.0679 4244 SSDPSRV - ok
14:40:27.0695 4244 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:40:27.0710 4244 SstpSvc - ok
14:40:27.0757 4244 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
14:40:27.0757 4244 stisvc - ok
14:40:27.0804 4244 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:40:27.0804 4244 swenum - ok
14:40:27.0851 4244 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
14:40:27.0851 4244 swprv - ok
14:40:27.0897 4244 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
14:40:27.0897 4244 Symc8xx - ok
14:40:27.0944 4244 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\N360x64\0604000.009\SYMDS64.SYS
14:40:27.0960 4244 SymDS - ok
14:40:28.0022 4244 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\N360x64\0604000.009\SYMEFA64.SYS
14:40:28.0022 4244 SymEFA - ok
14:40:28.0085 4244 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
14:40:28.0085 4244 SymEvent - ok
14:40:28.0116 4244 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\N360x64\0604000.009\Ironx64.SYS
14:40:28.0116 4244 SymIRON - ok
14:40:28.0163 4244 [ A25FEE245C78804601D83431386A0BEE ] SYMTDIv C:\Windows\System32\Drivers\N360x64\0604000.009\SYMTDIV.SYS
14:40:28.0163 4244 SYMTDIv - ok
14:40:28.0194 4244 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
14:40:28.0194 4244 Sym_hi - ok
14:40:28.0209 4244 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
14:40:28.0209 4244 Sym_u3 - ok
14:40:28.0256 4244 [ 6DE6D25CC1D1CB694A1CC3E4604DB644 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
14:40:28.0256 4244 SynTP - ok
14:40:28.0303 4244 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
14:40:28.0319 4244 SysMain - ok
14:40:28.0365 4244 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:40:28.0365 4244 TabletInputService - ok
14:40:28.0412 4244 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:40:28.0412 4244 TapiSrv - ok
14:40:28.0428 4244 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
14:40:28.0428 4244 TBS - ok
14:40:28.0506 4244 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:40:28.0521 4244 Tcpip - ok
14:40:28.0568 4244 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
14:40:28.0584 4244 Tcpip6 - ok
14:40:28.0631 4244 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:40:28.0631 4244 tcpipreg - ok
14:40:28.0662 4244 [ D45586A9FACB2C9708B10E491EF748A6 ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys
14:40:28.0662 4244 tdcmdpst - ok
14:40:28.0693 4244 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:40:28.0693 4244 TDPIPE - ok
14:40:28.0709 4244 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:40:28.0709 4244 TDTCP - ok
14:40:28.0755 4244 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:40:28.0755 4244 tdx - ok
14:40:28.0787 4244 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:40:28.0787 4244 TermDD - ok
14:40:28.0833 4244 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
14:40:28.0833 4244 TermService - ok
14:40:28.0865 4244 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
14:40:28.0880 4244 Themes - ok
14:40:28.0896 4244 [ E29A0C5C97615BFFAB138ABE308733B4 ] Thpdrv C:\Windows\system32\DRIVERS\thpdrv.sys
14:40:28.0896 4244 Thpdrv - ok
14:40:28.0943 4244 [ D6704940A79831B4FA271D7A73D291D8 ] Thpevm C:\Windows\system32\DRIVERS\Thpevm.SYS
14:40:28.0943 4244 Thpevm - ok
14:40:28.0974 4244 [ 8F0D1A0C9C25CC61E193C0C22422A9EA ] Thpsrv C:\Windows\system32\ThpSrv.exe
14:40:28.0974 4244 Thpsrv - ok
14:40:28.0989 4244 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
14:40:28.0989 4244 THREADORDER - ok
14:40:29.0052 4244 [ 22BC804EFE155F54252F389B0781D7F2 ] TNaviSrv C:\Program Files (x86)\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
14:40:29.0067 4244 TNaviSrv - ok
14:40:29.0099 4244 [ 19AF3434564E973BC232BBD629EC2BF6 ] TODDSrv C:\Windows\system32\TODDSrv.exe
14:40:29.0099 4244 TODDSrv - ok
14:40:29.0145 4244 [ 7810E3A97E004CD2641FD3FC5D2A62CD ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
14:40:29.0161 4244 TosCoSrv - ok
14:40:29.0192 4244 [ 947B552AF9371BB52AB1E8C184D1A3D0 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
14:40:29.0192 4244 TOSHIBA eco Utility Service - ok
14:40:29.0223 4244 [ B67C69E2982769355D9FF76DD3B2A0FD ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
14:40:29.0223 4244 TOSHIBA HDD SSD Alert Service - ok
14:40:29.0255 4244 [ DD50A5DF5F7B29FDB6B5FEA728C43DC3 ] tos_sps64 C:\Windows\system32\DRIVERS\tos_sps64.sys
14:40:29.0270 4244 tos_sps64 - ok
14:40:29.0286 4244 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
14:40:29.0286 4244 TrkWks - ok
14:40:29.0348 4244 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:40:29.0348 4244 TrustedInstaller - ok
14:40:29.0379 4244 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:40:29.0379 4244 tssecsrv - ok
14:40:29.0395 4244 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
14:40:29.0395 4244 tunmp - ok
14:40:29.0442 4244 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:40:29.0442 4244 tunnel - ok
14:40:29.0489 4244 [ 9A744CC3D804EC38A6C2C65BC3C6FCD8 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
14:40:29.0489 4244 TVALZ - ok
14:40:29.0504 4244 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:40:29.0504 4244 uagp35 - ok
14:40:29.0551 4244 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:40:29.0551 4244 udfs - ok
14:40:29.0613 4244 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:40:29.0613 4244 UI0Detect - ok
14:40:29.0629 4244 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:40:29.0629 4244 uliagpkx - ok
14:40:29.0660 4244 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
14:40:29.0660 4244 uliahci - ok
14:40:29.0676 4244 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
14:40:29.0676 4244 UlSata - ok
14:40:29.0707 4244 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
14:40:29.0707 4244 ulsata2 - ok
14:40:29.0723 4244 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:40:29.0723 4244 umbus - ok
14:40:29.0769 4244 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
14:40:29.0769 4244 upnphost - ok
14:40:29.0816 4244 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
14:40:29.0816 4244 USBAAPL64 - ok
14:40:29.0863 4244 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:40:29.0863 4244 usbccgp - ok
14:40:29.0894 4244 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:40:29.0894 4244 usbcir - ok
14:40:29.0910 4244 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:40:29.0910 4244 usbehci - ok
14:40:29.0941 4244 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:40:29.0941 4244 usbhub - ok
14:40:29.0972 4244 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:40:29.0972 4244 usbohci - ok
14:40:30.0003 4244 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:40:30.0003 4244 usbprint - ok
14:40:30.0019 4244 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:40:30.0019 4244 USBSTOR - ok
14:40:30.0035 4244 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
14:40:30.0035 4244 usbuhci - ok
14:40:30.0066 4244 [ FC33099877790D51B0927B7039059855 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
14:40:30.0066 4244 usbvideo - ok
14:40:30.0113 4244 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
14:40:30.0113 4244 UxSms - ok
14:40:30.0159 4244 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
14:40:30.0175 4244 vds - ok
14:40:30.0206 4244 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:40:30.0206 4244 vga - ok
14:40:30.0222 4244 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:40:30.0222 4244 VgaSave - ok
14:40:30.0253 4244 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
14:40:30.0253 4244 viaide - ok
14:40:30.0315 4244 [ 5F974FDE801C73952770736BECDE11E7 ] Viewpoint Manager Service C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe
14:40:30.0315 4244 Viewpoint Manager Service - ok
14:40:30.0347 4244 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:40:30.0362 4244 volmgr - ok
14:40:30.0409 4244 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:40:30.0409 4244 volmgrx - ok
14:40:30.0425 4244 [ 5280AADA24AB36B01A84A6424C475C8D ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:40:30.0440 4244 volsnap - ok
14:40:30.0456 4244 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:40:30.0456 4244 vsmraid - ok
14:40:30.0534 4244 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
14:40:30.0549 4244 VSS - ok
14:40:30.0596 4244 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
14:40:30.0596 4244 W32Time - ok
14:40:30.0643 4244 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:40:30.0643 4244 WacomPen - ok
14:40:30.0674 4244 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
14:40:30.0674 4244 Wanarp - ok
14:40:30.0674 4244 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:40:30.0690 4244 Wanarpv6 - ok
14:40:30.0705 4244 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:40:30.0721 4244 wcncsvc - ok
14:40:30.0752 4244 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:40:30.0752 4244 WcsPlugInService - ok
14:40:30.0783 4244 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
14:40:30.0783 4244 Wd - ok
14:40:30.0830 4244 [ D02E7E4567DA1E7582FBF6A91144B0DF ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:40:30.0846 4244 Wdf01000 - ok
14:40:30.0861 4244 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:40:30.0861 4244 WdiServiceHost - ok
14:40:30.0877 4244 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:40:30.0893 4244 WdiSystemHost - ok
14:40:30.0908 4244 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
14:40:30.0908 4244 WebClient - ok
14:40:30.0955 4244 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:40:30.0955 4244 Wecsvc - ok
14:40:30.0971 4244 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:40:30.0986 4244 wercplsupport - ok
14:40:31.0002 4244 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
14:40:31.0002 4244 WerSvc - ok
14:40:31.0049 4244 [ B5C348B265178FB9EE55ADDB3929485D ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
14:40:31.0064 4244 winachsf - ok
14:40:31.0080 4244 WinHttpAutoProxySvc - ok
14:40:31.0158 4244 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:40:31.0158 4244 Winmgmt - ok
14:40:31.0236 4244 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
14:40:31.0267 4244 WinRM - ok
14:40:31.0345 4244 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:40:31.0361 4244 Wlansvc - ok
14:40:31.0392 4244 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:40:31.0407 4244 WmiAcpi - ok
14:40:31.0454 4244 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:40:31.0454 4244 wmiApSrv - ok
14:40:31.0470 4244 WMPNetworkSvc - ok
14:40:31.0501 4244 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:40:31.0501 4244 WPCSvc - ok
14:40:31.0532 4244 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:40:31.0532 4244 WPDBusEnum - ok
14:40:31.0579 4244 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
14:40:31.0579 4244 WpdUsb - ok
14:40:31.0704 4244 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:40:31.0704 4244 WPFFontCache_v0400 - ok
14:40:31.0735 4244 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:40:31.0735 4244 ws2ifsl - ok
14:40:31.0751 4244 WSearch - ok
14:40:31.0844 4244 [ FB3796754FE00F0BDC87A36F164A5F4D ] wuauserv C:\Windows\system32\wuaueng.dll
14:40:31.0875 4244 wuauserv - ok
14:40:31.0891 4244 [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:40:31.0891 4244 WUDFRd - ok
14:40:31.0922 4244 [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:40:31.0922 4244 wudfsvc - ok
14:40:31.0969 4244 ================ Scan global ===============================
14:40:32.0031 4244 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
14:40:32.0078 4244 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
14:40:32.0094 4244 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
14:40:32.0141 4244 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
14:40:32.0156 4244 [Global] - ok
14:40:32.0156 4244 ================ Scan MBR ==================================
14:40:32.0172 4244 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
14:40:32.0577 4244 \Device\Harddisk0\DR0 - ok
14:40:32.0577 4244 ================ Scan VBR ==================================
14:40:32.0593 4244 [ 65CE09C4A9AD15C295A24D27DEABE678 ] \Device\Harddisk0\DR0\Partition1
14:40:32.0593 4244 \Device\Harddisk0\DR0\Partition1 - ok
14:40:32.0593 4244 ============================================================
14:40:32.0593 4244 Scan finished
14:40:32.0593 4244 ============================================================
14:40:32.0624 4052 Detected object count: 0
14:40:32.0624 4052 Actual detected object count: 0
14:42:19.0988 4956 ============================================================
14:42:19.0988 4956 Scan started
14:42:19.0988 4956 Mode: Manual; TDLFS;
14:42:19.0988 4956 ============================================================
14:42:20.0207 4956 ================ Scan system memory ========================
14:42:20.0207 4956 System memory - ok
14:42:20.0207 4956 ================ Scan services =============================
14:42:20.0347 4956 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
14:42:20.0347 4956 ACPI - ok
14:42:20.0394 4956 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:42:20.0394 4956 adp94xx - ok
14:42:20.0441 4956 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:42:20.0441 4956 adpahci - ok
14:42:20.0472 4956 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
14:42:20.0472 4956 adpu160m - ok
14:42:20.0503 4956 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:42:20.0519 4956 adpu320 - ok
14:42:20.0566 4956 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:42:20.0566 4956 AeLookupSvc - ok
14:42:20.0612 4956 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
14:42:20.0612 4956 AFD - ok
14:42:20.0612 4956 [ 8FE65709982F2CB7D291F6C9B2C60805 ] AgereModemAudio C:\Windows\system32\agr64svc.exe
14:42:20.0628 4956 AgereModemAudio - ok
14:42:20.0675 4956 [ 55FCDB10E31C22EB67454AAEF42B6725 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
14:42:20.0675 4956 AgereSoftModem - ok
14:42:20.0706 4956 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:42:20.0706 4956 agp440 - ok
14:42:20.0737 4956 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
14:42:20.0737 4956 aic78xx - ok
14:42:20.0753 4956 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
14:42:20.0753 4956 ALG - ok
14:42:20.0800 4956 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys
14:42:20.0800 4956 aliide - ok
14:42:20.0815 4956 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
14:42:20.0831 4956 amdide - ok
14:42:20.0846 4956 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:42:20.0846 4956 AmdK8 - ok
14:42:20.0862 4956 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
14:42:20.0862 4956 Appinfo - ok
14:42:20.0971 4956 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:42:20.0971 4956 Apple Mobile Device - ok
14:42:21.0002 4956 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
14:42:21.0002 4956 arc - ok
14:42:21.0034 4956 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:42:21.0034 4956 arcsas - ok
14:42:21.0080 4956 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:42:21.0080 4956 AsyncMac - ok
14:42:21.0096 4956 [ B388797CAAB36D523840347CC6A39B96 ] atapi C:\Windows\system32\drivers\atapi.sys
14:42:21.0096 4956 atapi - ok
14:42:21.0143 4956 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:42:21.0143 4956 AudioEndpointBuilder - ok
14:42:21.0158 4956 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:42:21.0174 4956 AudioSrv - ok
14:42:21.0330 4956 [ ED97ADAF00A61F57A2CCBBB1CE58C600 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20130107.001\BHDrvx64.sys
14:42:21.0330 4956 BHDrvx64 - ok
14:42:21.0392 4956 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\System32\qmgr.dll
14:42:21.0392 4956 BITS - ok
14:42:21.0439 4956 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
14:42:21.0439 4956 blbdrive - ok
14:42:21.0517 4956 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:42:21.0517 4956 Bonjour Service - ok
14:42:21.0548 4956 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:42:21.0548 4956 bowser - ok
14:42:21.0580 4956 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
14:42:21.0580 4956 BrFiltLo - ok
14:42:21.0595 4956 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
14:42:21.0595 4956 BrFiltUp - ok
14:42:21.0611 4956 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
14:42:21.0611 4956 Browser - ok
14:42:21.0642 4956 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
14:42:21.0642 4956 Brserid - ok
14:42:21.0673 4956 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
14:42:21.0673 4956 BrSerWdm - ok
14:42:21.0704 4956 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
14:42:21.0704 4956 BrUsbMdm - ok
14:42:21.0720 4956 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
14:42:21.0720 4956 BrUsbSer - ok
14:42:21.0751 4956 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:42:21.0751 4956 BTHMODEM - ok
14:42:21.0782 4956 [ F1140ED3A1E1D6824A63F27AFD9EEF32 ] camsvc C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe
14:42:21.0782 4956 camsvc - ok
14:42:21.0860 4956 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\0604000.009\ccSetx64.sys
14:42:21.0860 4956 ccSet_N360 - ok
14:42:21.0876 4956 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:42:21.0876 4956 cdfs - ok
14:42:21.0907 4956 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:42:21.0907 4956 cdrom - ok
14:42:21.0954 4956 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
14:42:21.0954 4956 CertPropSvc - ok
14:42:22.0001 4956 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\drivers\circlass.sys
14:42:22.0001 4956 circlass - ok
14:42:22.0048 4956 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
14:42:22.0063 4956 CLFS - ok
14:42:22.0110 4956 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:42:22.0126 4956 clr_optimization_v2.0.50727_32 - ok
14:42:22.0157 4956 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:42:22.0157 4956 clr_optimization_v2.0.50727_64 - ok
14:42:22.0250 4956 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:42:22.0266 4956 clr_optimization_v4.0.30319_32 - ok
14:42:22.0297 4956 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:42:22.0297 4956 clr_optimization_v4.0.30319_64 - ok
14:42:22.0313 4956 [ B52D9A14CE4101577900A364BA86F3DF ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:42:22.0313 4956 CmBatt - ok
14:42:22.0344 4956 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:42:22.0344 4956 cmdide - ok
14:42:22.0360 4956 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:42:22.0360 4956 Compbatt - ok
14:42:22.0360 4956 COMSysApp - ok
14:42:22.0422 4956 [ BCF2C3177E4777E3793310BAC0244C1A ] ConfigFree Gadget Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
14:42:22.0422 4956 ConfigFree Gadget Service - ok
14:42:22.0438 4956 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
14:42:22.0438 4956 ConfigFree Service - ok
14:42:22.0453 4956 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:42:22.0453 4956 crcdisk - ok
14:42:22.0516 4956 [ 62740B9D2A137E8CED41A9E4239A7A31 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:42:22.0516 4956 CryptSvc - ok
14:42:22.0594 4956 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
14:42:22.0609 4956 DcomLaunch - ok
14:42:22.0672 4956 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:42:22.0672 4956 DfsC - ok
14:42:22.0781 4956 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
14:42:22.0812 4956 DFSR - ok
14:42:22.0874 4956 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
14:42:22.0874 4956 Dhcp - ok
14:42:22.0921 4956 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
14:42:22.0921 4956 disk - ok
14:42:22.0968 4956 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:42:22.0968 4956 Dnscache - ok
14:42:22.0984 4956 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
14:42:22.0999 4956 dot3svc - ok
14:42:23.0015 4956 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
14:42:23.0030 4956 DPS - ok
14:42:23.0062 4956 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:42:23.0062 4956 drmkaud - ok
14:42:23.0108 4956 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:42:23.0124 4956 DXGKrnl - ok
14:42:23.0155 4956 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
14:42:23.0155 4956 E1G60 - ok
14:42:23.0171 4956 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
14:42:23.0171 4956 EapHost - ok
14:42:23.0186 4956 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
14:42:23.0186 4956 Ecache - ok
14:42:23.0249 4956 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
14:42:23.0249 4956 eeCtrl - ok
14:42:23.0311 4956 [ 33510BE001CCDB5A01FCC88F4DD8DFC7 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:42:23.0327 4956 ehRecvr - ok
14:42:23.0342 4956 [ 1ABC6436B0EDAA3D496D9C827F92820D ] ehSched C:\Windows\ehome\ehsched.exe
14:42:23.0342 4956 ehSched - ok
14:42:23.0358 4956 [ 08F48CB2CD4019AFB0456869B49CD76F ] ehstart C:\Windows\ehome\ehstart.dll
14:42:23.0358 4956 ehstart - ok
14:42:23.0405 4956 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:42:23.0405 4956 elxstor - ok
14:42:23.0467 4956 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
14:42:23.0483 4956 EMDMgmt - ok
14:42:23.0514 4956 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
14:42:23.0514 4956 EraserUtilRebootDrv - ok
14:42:23.0531 4956 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:42:23.0531 4956 ErrDev - ok
14:42:23.0609 4956 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
14:42:23.0609 4956 EventSystem - ok
14:42:23.0702 4956 [ B43896E1DE42639BA7AD4FD7988C01E5 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
14:42:23.0718 4956 EvtEng - ok
14:42:23.0749 4956 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
14:42:23.0749 4956 exfat - ok
14:42:23.0780 4956 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:42:23.0780 4956 fastfat - ok
14:42:23.0811 4956 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:42:23.0811 4956 fdc - ok
14:42:23.0858 4956 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
14:42:23.0858 4956 fdPHost - ok
14:42:23.0874 4956 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
14:42:23.0874 4956 FDResPub - ok
14:42:23.0889 4956 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:42:23.0889 4956 FileInfo - ok
14:42:23.0905 4956 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:42:23.0905 4956 Filetrace - ok
14:42:23.0936 4956 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:42:23.0936 4956 flpydisk - ok
14:42:23.0983 4956 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:42:23.0983 4956 FltMgr - ok
14:42:24.0045 4956 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
14:42:24.0061 4956 FontCache - ok
14:42:24.0123 4956 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:42:24.0123 4956 FontCache3.0.0.0 - ok
14:42:24.0170 4956 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:42:24.0170 4956 Fs_Rec - ok
14:42:24.0170 4956 [ 6D06B5EEBBA23C16789EFC820EE1F253 ] FwLnk C:\Windows\system32\DRIVERS\FwLnk.sys
14:42:24.0170 4956 FwLnk - ok
14:42:24.0201 4956 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:42:24.0201 4956 gagp30kx - ok
14:42:24.0233 4956 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:42:24.0233 4956 GEARAspiWDM - ok
14:42:24.0295 4956 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
14:42:24.0295 4956 gpsvc - ok
14:42:24.0357 4956 [ 626A24ED1228580B9518C01930936DF9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:42:24.0357 4956 gupdate - ok
14:42:24.0373 4956 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:42:24.0373 4956 gupdatem - ok
14:42:24.0389 4956 [ DF45F8142DC6DF9D18C39B3EFFBD0409 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:42:24.0389 4956 HdAudAddService - ok
14:42:24.0451 4956 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:42:24.0451 4956 HDAudBus - ok
14:42:24.0482 4956 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:42:24.0482 4956 HidBth - ok
14:42:24.0513 4956 [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr C:\Windows\system32\drivers\hidir.sys
14:42:24.0513 4956 HidIr - ok
14:42:24.0545 4956 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
14:42:24.0560 4956 hidserv - ok
14:42:24.0576 4956 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:42:24.0576 4956 HidUsb - ok
14:42:24.0623 4956 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
14:42:24.0623 4956 hkmsvc - ok
14:42:24.0654 4956 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
14:42:24.0654 4956 HpCISSs - ok
14:42:24.0701 4956 [ 57BA73B5B321291E5114CB21350E1EA0 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL6.SYS
14:42:24.0716 4956 HSFHWAZL - ok
14:42:24.0779 4956 [ E6CD7F641916484B0141D191A390D866 ] HSF_DPV C:\Windows\system32\DRIVERS\VSTDPV6.SYS
14:42:24.0794 4956 HSF_DPV - ok
14:42:24.0857 4956 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:42:24.0872 4956 HTTP - ok
14:42:24.0888 4956 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
14:42:24.0888 4956 i2omp - ok
14:42:24.0919 4956 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:42:24.0919 4956 i8042prt - ok
14:42:24.0966 4956 [ 1ADAA4F16073FD0C7270F451FD024E97 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
14:42:24.0966 4956 iaStor - ok
14:42:24.0997 4956 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
14:42:24.0997 4956 iaStorV - ok
14:42:25.0059 4956 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
14:42:25.0059 4956 IDriverT - ok
14:42:25.0137 4956 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:42:25.0137 4956 idsvc - ok
14:42:25.0262 4956 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20130111.002\IDSvia64.sys
14:42:25.0262 4956 IDSVia64 - ok
14:42:25.0481 4956 [ 8B7DE1EA805335B1361D459ACB4ECE18 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
14:42:25.0559 4956 igfx - ok
14:42:25.0621 4956 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:42:25.0637 4956 iirsp - ok
14:42:25.0683 4956 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
14:42:25.0683 4956 IKEEXT - ok
14:42:25.0761 4956 [ CE57D1A91272A35989837B868C8366DF ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:42:25.0777 4956 IntcAzAudAddService - ok
14:42:25.0808 4956 [ BE1CB000C655396C9DEF09AEE3EA2D67 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
14:42:25.0808 4956 IntcHdmiAddService - ok
14:42:25.0839 4956 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
14:42:25.0839 4956 intelide - ok
14:42:25.0855 4956 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:42:25.0855 4956 intelppm - ok
14:42:25.0886 4956 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:42:25.0886 4956 IPBusEnum - ok
14:42:25.0917 4956 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:42:25.0933 4956 IpFilterDriver - ok
14:42:25.0933 4956 IpInIp - ok
14:42:25.0964 4956 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
14:42:25.0964 4956 IPMIDRV - ok
14:42:26.0027 4956 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
14:42:26.0027 4956 IPNAT - ok
14:42:26.0089 4956 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:42:26.0105 4956 iPod Service - ok
14:42:26.0120 4956 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:42:26.0120 4956 IRENUM - ok
14:42:26.0167 4956 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:42:26.0167 4956 isapnp - ok
14:42:26.0214 4956 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
14:42:26.0214 4956 iScsiPrt - ok
14:42:26.0229 4956 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
14:42:26.0229 4956 iteatapi - ok
14:42:26.0261 4956 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
14:42:26.0261 4956 iteraid - ok
14:42:26.0276 4956 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:42:26.0276 4956 kbdclass - ok
14:42:26.0307 4956 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:42:26.0307 4956 kbdhid - ok
14:42:26.0354 4956 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
14:42:26.0354 4956 KeyIso - ok
14:42:26.0401 4956 [ 2758D174604F597BBC8A217FF667913D ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:42:26.0401 4956 KSecDD - ok
14:42:26.0417 4956 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:42:26.0417 4956 ksthunk - ok
14:42:26.0448 4956 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
14:42:26.0463 4956 KtmRm - ok
14:42:26.0510 4956 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:42:26.0510 4956 LanmanServer - ok
14:42:26.0557 4956 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:42:26.0557 4956 LanmanWorkstation - ok
14:42:26.0604 4956 [ 6E5DAC168D1FF9843E84A59D51D31107 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
14:42:26.0604 4956 LightScribeService - ok
14:42:26.0619 4956 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:42:26.0619 4956 lltdio - ok
14:42:26.0666 4956 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:42:26.0666 4956 lltdsvc - ok
14:42:26.0682 4956 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:42:26.0682 4956 lmhosts - ok
14:42:26.0744 4956 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:42:26.0744 4956 LSI_FC - ok
14:42:26.0775 4956 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:42:26.0775 4956 LSI_SAS - ok
14:42:26.0807 4956 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:42:26.0807 4956 LSI_SCSI - ok
14:42:26.0838 4956 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
14:42:26.0838 4956 luafv - ok
14:42:26.0853 4956 [ 922CBAC7B992B9614CAB7122F4BF9406 ] ManyCam C:\Windows\system32\DRIVERS\mcvidrv_x64.sys
14:42:26.0853 4956 ManyCam - ok
14:42:26.0885 4956 [ 34A42DD7CF525D0D2C5232916496E4B8 ] mcaudrv_simple C:\Windows\system32\drivers\mcaudrv_x64.sys
14:42:26.0885 4956 mcaudrv_simple - ok
14:42:26.0916 4956 [ 6DA30C0DE0CC8525E89D612C5063CAC1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:42:26.0916 4956 Mcx2Svc - ok
14:42:26.0947 4956 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
14:42:26.0947 4956 megasas - ok
14:42:26.0978 4956 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
14:42:26.0978 4956 MegaSR - ok
14:42:27.0009 4956 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
14:42:27.0009 4956 MMCSS - ok
14:42:27.0025 4956 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
14:42:27.0025 4956 Modem - ok
14:42:27.0041 4956 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:42:27.0041 4956 monitor - ok
14:42:27.0056 4956 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:42:27.0056 4956 mouclass - ok
14:42:27.0072 4956 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:42:27.0072 4956 mouhid - ok
14:42:27.0087 4956 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
14:42:27.0087 4956 MountMgr - ok
14:42:27.0119 4956 [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:42:27.0119 4956 MozillaMaintenance - ok
14:42:27.0134 4956 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
14:42:27.0134 4956 mpio - ok
14:42:27.0181 4956 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:42:27.0181 4956 mpsdrv - ok
14:42:27.0197 4956 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
14:42:27.0197 4956 Mraid35x - ok
14:42:27.0243 4956 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:42:27.0243 4956 MRxDAV - ok
14:42:27.0275 4956 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:42:27.0275 4956 mrxsmb - ok
14:42:27.0321 4956 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:42:27.0321 4956 mrxsmb10 - ok
14:42:27.0337 4956 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:42:27.0337 4956 mrxsmb20 - ok
14:42:27.0368 4956 [ E7E3E515D1D33A2A372D7FCE2BBEF5D9 ] msahci C:\Windows\system32\drivers\msahci.sys
14:42:27.0368 4956 msahci - ok
14:42:27.0384 4956 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:42:27.0384 4956 msdsm - ok
14:42:27.0431 4956 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
14:42:27.0431 4956 MSDTC - ok
14:42:27.0446 4956 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:42:27.0462 4956 Msfs - ok
14:42:27.0493 4956 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:42:27.0493 4956 msisadrv - ok
14:42:27.0524 4956 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:42:27.0540 4956 MSiSCSI - ok
14:42:27.0540 4956 msiserver - ok
14:42:27.0555 4956 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:42:27.0555 4956 MSKSSRV - ok
14:42:27.0587 4956 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:42:27.0587 4956 MSPCLOCK - ok
14:42:27.0602 4956 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:42:27.0602 4956 MSPQM - ok
14:42:27.0633 4956 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:42:27.0649 4956 MsRPC - ok
14:42:27.0665 4956 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:42:27.0665 4956 mssmbios - ok
14:42:27.0696 4956 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:42:27.0696 4956 MSTEE - ok
14:42:27.0711 4956 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
14:42:27.0711 4956 Mup - ok
14:42:27.0805 4956 [ F2840DBFE9322F35557219AE82CC4597 ] N360 C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\ccSvcHst.exe
14:42:27.0805 4956 N360 - ok
14:42:27.0867 4956 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
14:42:27.0867 4956 napagent - ok
14:42:27.0914 4956 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:42:27.0914 4956 NativeWifiP - ok
14:42:27.0992 4956 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130111.037\ENG64.SYS
14:42:27.0992 4956 NAVENG - ok
14:42:28.0086 4956 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130111.037\EX64.SYS
14:42:28.0101 4956 NAVEX15 - ok
14:42:28.0148 4956 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:42:28.0164 4956 NDIS - ok
14:42:28.0195 4956 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:42:28.0195 4956 NdisTapi - ok
14:42:28.0211 4956 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:42:28.0211 4956 Ndisuio - ok
14:42:28.0257 4956 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:42:28.0257 4956 NdisWan - ok
14:42:28.0273 4956 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:42:28.0273 4956 NDProxy - ok
14:42:28.0289 4956 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:42:28.0289 4956 NetBIOS - ok
14:42:28.0351 4956 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
14:42:28.0351 4956 netbt - ok
14:42:28.0351 4956 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
14:42:28.0351 4956 Netlogon - ok
14:42:28.0398 4956 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
14:42:28.0398 4956 Netman - ok
14:42:28.0429 4956 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
14:42:28.0429 4956 netprofm - ok
14:42:28.0445 4956 [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:42:28.0445 4956 NetTcpPortSharing - ok
14:42:28.0585 4956 [ 2BDCB7B7917380794C9D87AC2153CE33 ] NETw5v64 C:\Windows\system32\DRIVERS\NETw5v64.sys
14:42:28.0632 4956 NETw5v64 - ok
14:42:28.0663 4956 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:42:28.0679 4956 nfrd960 - ok
14:42:28.0710 4956 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
14:42:28.0710 4956 NlaSvc - ok
14:42:28.0757 4956 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:42:28.0757 4956 Npfs - ok
14:42:28.0772 4956 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
14:42:28.0772 4956 nsi - ok
14:42:28.0803 4956 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:42:28.0803 4956 nsiproxy - ok
14:42:28.0881 4956 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:42:28.0897 4956 Ntfs - ok
14:42:28.0913 4956 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
14:42:28.0913 4956 Null - ok
14:42:28.0944 4956 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:42:28.0944 4956 nvraid - ok
14:42:28.0975 4956 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:42:28.0975 4956 nvstor - ok
14:42:28.0991 4956 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:42:29.0006 4956 nv_agp - ok
14:42:29.0006 4956 NwlnkFlt - ok
14:42:29.0022 4956 NwlnkFwd - ok
14:42:29.0115 4956 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:42:29.0115 4956 odserv - ok
14:42:29.0147 4956 [ 7B58953E2F263421FDBB09A192712A85 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:42:29.0147 4956 ohci1394 - ok
14:42:29.0178 4956 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:42:29.0178 4956 ose - ok
14:42:29.0240 4956 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
14:42:29.0240 4956 p2pimsvc - ok
14:42:29.0271 4956 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
14:42:29.0287 4956 p2psvc - ok
14:42:29.0318 4956 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
14:42:29.0318 4956 Parport - ok
14:42:29.0365 4956 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:42:29.0365 4956 partmgr - ok
14:42:29.0396 4956 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
14:42:29.0396 4956 PcaSvc - ok
14:42:29.0412 4956 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
14:42:29.0412 4956 pci - ok
14:42:29.0443 4956 [ 8D618C829034479985A9ED56106CC732 ] pciide C:\Windows\system32\DRIVERS\pciide.sys
14:42:29.0443 4956 pciide - ok
14:42:29.0459 4956 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:42:29.0459 4956 pcmcia - ok
14:42:29.0505 4956 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:42:29.0505 4956 PEAUTH - ok
14:42:29.0599 4956 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:42:29.0599 4956 PerfHost - ok
14:42:29.0646 4956 [ 2C3BA65F8CA712730050C29104E093F9 ] PGEffect C:\Windows\system32\DRIVERS\pgeffect.sys
14:42:29.0661 4956 PGEffect - ok
14:42:29.0724 4956 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
14:42:29.0739 4956 pla - ok
14:42:29.0771 4956 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:42:29.0786 4956 PlugPlay - ok
14:42:29.0817 4956 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
14:42:29.0833 4956 PNRPAutoReg - ok
14:42:29.0864 4956 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
14:42:29.0880 4956 PNRPsvc - ok
14:42:29.0927 4956 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:42:29.0942 4956 PolicyAgent - ok
14:42:29.0973 4956 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:42:29.0973 4956 PptpMiniport - ok
14:42:30.0005 4956 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
14:42:30.0020 4956 Processor - ok
14:42:30.0051 4956 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
14:42:30.0051 4956 ProfSvc - ok
14:42:30.0067 4956 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
14:42:30.0083 4956 ProtectedStorage - ok
14:42:30.0114 4956 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
14:42:30.0114 4956 PSched - ok
14:42:30.0176 4956 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:42:30.0192 4956 ql2300 - ok
14:42:30.0223 4956 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:42:30.0223 4956 ql40xx - ok
14:42:30.0270 4956 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
14:42:30.0270 4956 QWAVE - ok
14:42:30.0270 4956 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:42:30.0270 4956 QWAVEdrv - ok
14:42:30.0285 4956 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:42:30.0285 4956 RasAcd - ok
14:42:30.0301 4956 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
14:42:30.0317 4956 RasAuto - ok
14:42:30.0348 4956 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:42:30.0348 4956 Rasl2tp - ok
14:42:30.0379 4956 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
14:42:30.0379 4956 RasMan - ok
14:42:30.0395 4956 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:42:30.0395 4956 RasPppoe - ok
14:42:30.0441 4956 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:42:30.0441 4956 RasSstp - ok
14:42:30.0488 4956 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:42:30.0488 4956 rdbss - ok
14:42:30.0504 4956 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:42:30.0504 4956 RDPCDD - ok
14:42:30.0519 4956 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
14:42:30.0519 4956 rdpdr - ok
14:42:30.0551 4956 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:42:30.0551 4956 RDPENCDD - ok
14:42:30.0582 4956 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:42:30.0582 4956 RDPWD - ok
14:42:30.0644 4956 [ 02B918C898D017B428536AE77BCAAB25 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
14:42:30.0660 4956 RegSrvc - ok
14:42:30.0691 4956 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:42:30.0691 4956 RemoteAccess - ok
14:42:30.0722 4956 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:42:30.0722 4956 RemoteRegistry - ok
14:42:30.0769 4956 [ ABF0D2EAE54A7F071A54BD2828C982CA ] rimspci C:\Windows\system32\DRIVERS\rimspe64.sys
14:42:30.0769 4956 rimspci - ok
14:42:30.0785 4956 [ E8ED37D472EB5211C0A34FD63A3971E9 ] rixdpcie C:\Windows\system32\DRIVERS\rixdpe64.sys
14:42:30.0785 4956 rixdpcie - ok
14:42:30.0800 4956 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
14:42:30.0800 4956 RpcLocator - ok
14:42:30.0863 4956 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
14:42:30.0863 4956 RpcSs - ok
14:42:30.0909 4956 RSELSVC - ok
14:42:30.0941 4956 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:42:30.0941 4956 rspndr - ok
14:42:30.0956 4956 [ 3E800D0DD24C5CFE61A1D71A3F6FEAB9 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys
14:42:30.0972 4956 RTL8169 - ok
14:42:30.0972 4956 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
14:42:30.0972 4956 SamSs - ok
14:42:31.0019 4956 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:42:31.0019 4956 sbp2port - ok
14:42:31.0065 4956 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:42:31.0065 4956 SCardSvr - ok
14:42:31.0128 4956 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
14:42:31.0128 4956 Schedule - ok
14:42:31.0206 4956 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:42:31.0206 4956 SCPolicySvc - ok
14:42:31.0237 4956 [ BE100BC2BE2513314C717BB2C4CFFF10 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
14:42:31.0237 4956 sdbus - ok
14:42:31.0268 4956 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:42:31.0268 4956 SDRSVC - ok
14:42:31.0299 4956 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:42:31.0299 4956 secdrv - ok
14:42:31.0315 4956 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
14:42:31.0315 4956 seclogon - ok
14:42:31.0346 4956 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
14:42:31.0346 4956 SENS - ok
14:42:31.0377 4956 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
14:42:31.0377 4956 Serenum - ok
14:42:31.0393 4956 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
14:42:31.0393 4956 Serial - ok
14:42:31.0409 4956 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:42:31.0409 4956 sermouse - ok
14:42:31.0440 4956 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
14:42:31.0440 4956 SessionEnv - ok
14:42:31.0471 4956 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:42:31.0471 4956 sffdisk - ok
14:42:31.0487 4956 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:42:31.0487 4956 sffp_mmc - ok
14:42:31.0518 4956 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:42:31.0518 4956 sffp_sd - ok
14:42:31.0533 4956 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:42:31.0533 4956 sfloppy - ok
14:42:31.0580 4956 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:42:31.0596 4956 ShellHWDetection - ok
14:42:31.0611 4956 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
14:42:31.0627 4956 SiSRaid2 - ok
14:42:31.0643 4956 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:42:31.0643 4956 SiSRaid4 - ok
14:42:31.0721 4956 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:42:31.0721 4956 SkypeUpdate - ok
14:42:31.0814 4956 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
14:42:31.0845 4956 slsvc - ok
14:42:31.0877 4956 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
14:42:31.0892 4956 SLUINotify - ok
14:42:31.0923 4956 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:42:31.0923 4956 Smb - ok
14:42:31.0970 4956 [ 27F71F20E87FBF177C82AE924F9317F7 ] SMR250 C:\Windows\system32\drivers\SMR250.SYS
14:42:31.0970 4956 SMR250 - ok
14:42:32.0017 4956 [ D48F87803F3965EE04D9BCB318791AAB ] SMR311 C:\Windows\system32\drivers\SMR311.SYS
14:42:32.0017 4956 SMR311 - ok
14:42:32.0064 4956 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:42:32.0064 4956 SNMPTRAP - ok
14:42:32.0095 4956 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
14:42:32.0095 4956 spldr - ok
14:42:32.0142 4956 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
14:42:32.0142 4956 Spooler - ok
14:42:32.0204 4956 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\N360x64\0604000.009\SRTSP64.SYS
14:42:32.0204 4956 SRTSP - ok
14:42:32.0235 4956 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\N360x64\0604000.009\SRTSPX64.SYS
14:42:32.0235 4956 SRTSPX - ok
14:42:32.0267 4956 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
14:42:32.0282 4956 srv - ok
14:42:32.0313 4956 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:42:32.0313 4956 srv2 - ok
14:42:32.0345 4956 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:42:32.0345 4956 srvnet - ok
14:42:32.0376 4956 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:42:32.0376 4956 SSDPSRV - ok
14:42:32.0391 4956 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:42:32.0391 4956 SstpSvc - ok
14:42:32.0454 4956 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
14:42:32.0454 4956 stisvc - ok
14:42:32.0485 4956 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:42:32.0485 4956 swenum - ok
14:42:32.0532 4956 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
14:42:32.0547 4956 swprv - ok
14:42:32.0579 4956 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
14:42:32.0579 4956 Symc8xx - ok
14:42:32.0641 4956 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\N360x64\0604000.009\SYMDS64.SYS
14:42:32.0641 4956 SymDS - ok
14:42:32.0719 4956 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\N360x64\0604000.009\SYMEFA64.SYS
14:42:32.0719 4956 SymEFA - ok
14:42:32.0766 4956 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
14:42:32.0781 4956 SymEvent - ok
14:42:32.0813 4956 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\N360x64\0604000.009\Ironx64.SYS
14:42:32.0813 4956 SymIRON - ok
14:42:32.0859 4956 [ A25FEE245C78804601D83431386A0BEE ] SYMTDIv C:\Windows\System32\Drivers\N360x64\0604000.009\SYMTDIV.SYS
14:42:32.0859 4956 SYMTDIv - ok
14:42:32.0875 4956 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
14:42:32.0891 4956 Sym_hi - ok
14:42:32.0906 4956 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
14:42:32.0906 4956 Sym_u3 - ok
14:42:32.0953 4956 [ 6DE6D25CC1D1CB694A1CC3E4604DB644 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
14:42:32.0969 4956 SynTP - ok
14:42:33.0031 4956 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
14:42:33.0031 4956 SysMain - ok
14:42:33.0062 4956 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:42:33.0078 4956 TabletInputService - ok
14:42:33.0109 4956 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:42:33.0125 4956 TapiSrv - ok
14:42:33.0140 4956 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
14:42:33.0140 4956 TBS - ok
14:42:33.0203 4956 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:42:33.0218 4956 Tcpip - ok
14:42:33.0296 4956 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
14:42:33.0312 4956 Tcpip6 - ok
14:42:33.0359 4956 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:42:33.0359 4956 tcpipreg - ok
14:42:33.0390 4956 [ D45586A9FACB2C9708B10E491EF748A6 ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys
14:42:33.0390 4956 tdcmdpst - ok
14:42:33.0421 4956 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:42:33.0421 4956 TDPIPE - ok
14:42:33.0437 4956 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:42:33.0437 4956 TDTCP - ok
14:42:33.0483 4956 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:42:33.0483 4956 tdx - ok
14:42:33.0499 4956 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:42:33.0499 4956 TermDD - ok
14:42:33.0546 4956 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
14:42:33.0561 4956 TermService - ok
14:42:33.0593 4956 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
14:42:33.0608 4956 Themes - ok
14:42:33.0639 4956 [ E29A0C5C97615BFFAB138ABE308733B4 ] Thpdrv C:\Windows\system32\DRIVERS\thpdrv.sys
14:42:33.0639 4956 Thpdrv - ok
14:42:33.0639 4956 [ D6704940A79831B4FA271D7A73D291D8 ] Thpevm C:\Windows\system32\DRIVERS\Thpevm.SYS
14:42:33.0639 4956 Thpevm - ok
14:42:33.0687 4956 [ 8F0D1A0C9C25CC61E193C0C22422A9EA ] Thpsrv C:\Windows\system32\ThpSrv.exe
14:42:33.0687 4956 Thpsrv - ok
14:42:33.0687 4956 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
14:42:33.0703 4956 THREADORDER - ok
14:42:33.0781 4956 [ 22BC804EFE155F54252F389B0781D7F2 ] TNaviSrv C:\Program Files (x86)\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
14:42:33.0781 4956 TNaviSrv - ok
14:42:33.0812 4956 [ 19AF3434564E973BC232BBD629EC2BF6 ] TODDSrv C:\Windows\system32\TODDSrv.exe
14:42:33.0812 4956 TODDSrv - ok
14:42:33.0874 4956 [ 7810E3A97E004CD2641FD3FC5D2A62CD ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
14:42:33.0890 4956 TosCoSrv - ok
14:42:33.0921 4956 [ 947B552AF9371BB52AB1E8C184D1A3D0 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
14:42:33.0921 4956 TOSHIBA eco Utility Service - ok
14:42:33.0952 4956 [ B67C69E2982769355D9FF76DD3B2A0FD ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
14:42:33.0952 4956 TOSHIBA HDD SSD Alert Service - ok
14:42:33.0984 4956 [ DD50A5DF5F7B29FDB6B5FEA728C43DC3 ] tos_sps64 C:\Windows\system32\DRIVERS\tos_sps64.sys
14:42:33.0984 4956 tos_sps64 - ok
14:42:34.0015 4956 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
14:42:34.0015 4956 TrkWks - ok
14:42:34.0108 4956 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:42:34.0108 4956 TrustedInstaller - ok
14:42:34.0171 4956 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:42:34.0186 4956 tssecsrv - ok
14:42:34.0186 4956 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
14:42:34.0186 4956 tunmp - ok
14:42:34.0249 4956 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:42:34.0249 4956 tunnel - ok
14:42:34.0280 4956 [ 9A744CC3D804EC38A6C2C65BC3C6FCD8 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
14:42:34.0296 4956 TVALZ - ok
14:42:34.0311 4956 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:42:34.0311 4956 uagp35 - ok
14:42:34.0374 4956 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:42:34.0374 4956 udfs - ok
14:42:34.0436 4956 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:42:34.0436 4956 UI0Detect - ok
14:42:34.0452 4956 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:42:34.0452 4956 uliagpkx - ok
14:42:34.0467 4956 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
14:42:34.0467 4956 uliahci - ok
14:42:34.0498 4956 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
14:42:34.0498 4956 UlSata - ok
14:42:34.0514 4956 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
14:42:34.0514 4956 ulsata2 - ok
14:42:34.0545 4956 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:42:34.0545 4956 umbus - ok
14:42:34.0576 4956 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
14:42:34.0592 4956 upnphost - ok
14:42:34.0623 4956 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
14:42:34.0623 4956 USBAAPL64 - ok
14:42:34.0654 4956 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:42:34.0654 4956 usbccgp - ok
14:42:34.0670 4956 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:42:34.0670 4956 usbcir - ok
14:42:34.0686 4956 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:42:34.0686 4956 usbehci - ok
14:42:34.0717 4956 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:42:34.0717 4956 usbhub - ok
14:42:34.0732 4956 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:42:34.0748 4956 usbohci - ok
14:42:34.0779 4956 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:42:34.0779 4956 usbprint - ok
14:42:34.0795 4956 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:42:34.0795 4956 USBSTOR - ok
14:42:34.0810 4956 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
14:42:34.0810 4956 usbuhci - ok
14:42:34.0842 4956 [ FC33099877790D51B0927B7039059855 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
14:42:34.0842 4956 usbvideo - ok
14:42:34.0888 4956 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
14:42:34.0904 4956 UxSms - ok
14:42:34.0951 4956 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
14:42:34.0966 4956 vds - ok
14:42:34.0998 4956 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:42:34.0998 4956 vga - ok
14:42:35.0013 4956 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:42:35.0013 4956 VgaSave - ok
14:42:35.0029 4956 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
14:42:35.0029 4956 viaide - ok
14:42:35.0107 4956 [ 5F974FDE801C73952770736BECDE11E7 ] Viewpoint Manager Service C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe
14:42:35.0107 4956 Viewpoint Manager Service - ok
14:42:35.0154 4956 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:42:35.0154 4956 volmgr - ok
14:42:35.0200 4956 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:42:35.0200 4956 volmgrx - ok
14:42:35.0232 4956 [ 5280AADA24AB36B01A84A6424C475C8D ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:42:35.0232 4956 volsnap - ok
14:42:35.0247 4956 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:42:35.0247 4956 vsmraid - ok
14:42:35.0310 4956 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
14:42:35.0325 4956 VSS - ok
14:42:35.0372 4956 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
14:42:35.0388 4956 W32Time - ok
14:42:35.0403 4956 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:42:35.0403 4956 WacomPen - ok
14:42:35.0450 4956 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
14:42:35.0450 4956 Wanarp - ok
14:42:35.0450 4956 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:42:35.0450 4956 Wanarpv6 - ok
14:42:35.0481 4956 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:42:35.0497 4956 wcncsvc - ok
14:42:35.0528 4956 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:42:35.0528 4956 WcsPlugInService - ok
14:42:35.0544 4956 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
14:42:35.0544 4956 Wd - ok
14:42:35.0575 4956 [ D02E7E4567DA1E7582FBF6A91144B0DF ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:42:35.0590 4956 Wdf01000 - ok
14:42:35.0606 4956 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:42:35.0622 4956 WdiServiceHost - ok
14:42:35.0622 4956 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:42:35.0637 4956 WdiSystemHost - ok
14:42:35.0653 4956 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
14:42:35.0653 4956 WebClient - ok
14:42:35.0700 4956 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:42:35.0700 4956 Wecsvc - ok
14:42:35.0715 4956 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:42:35.0715 4956 wercplsupport - ok
14:42:35.0731 4956 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
14:42:35.0731 4956 WerSvc - ok
14:42:35.0778 4956 [ B5C348B265178FB9EE55ADDB3929485D ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
14:42:35.0778 4956 winachsf - ok
14:42:35.0793 4956 WinHttpAutoProxySvc - ok
14:42:35.0871 4956 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:42:35.0871 4956 Winmgmt - ok
14:42:35.0949 4956 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
14:42:35.0980 4956 WinRM - ok
14:42:36.0027 4956 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:42:36.0043 4956 Wlansvc - ok
14:42:36.0074 4956 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:42:36.0074 4956 WmiAcpi - ok
14:42:36.0105 4956 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:42:36.0105 4956 wmiApSrv - ok
14:42:36.0152 4956 WMPNetworkSvc - ok
14:42:36.0183 4956 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:42:36.0183 4956 WPCSvc - ok
14:42:36.0214 4956 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:42:36.0214 4956 WPDBusEnum - ok
14:42:36.0261 4956 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
14:42:36.0261 4956 WpdUsb - ok
14:42:36.0370 4956 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:42:36.0370 4956 WPFFontCache_v0400 - ok
14:42:36.0402 4956 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:42:36.0402 4956 ws2ifsl - ok
14:42:36.0402 4956 WSearch - ok
14:42:36.0511 4956 [ FB3796754FE00F0BDC87A36F164A5F4D ] wuauserv C:\Windows\system32\wuaueng.dll
14:42:36.0526 4956 wuauserv - ok
14:42:36.0542 4956 [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:42:36.0542 4956 WUDFRd - ok
14:42:36.0573 4956 [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:42:36.0573 4956 wudfsvc - ok
14:42:36.0589 4956 ================ Scan global ===============================
14:42:36.0620 4956 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
14:42:36.0667 4956 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
14:42:36.0682 4956 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
14:42:36.0729 4956 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
14:42:36.0729 4956 [Global] - ok
14:42:36.0729 4956 ================ Scan MBR ==================================
14:42:36.0745 4956 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
14:42:37.0135 4956 \Device\Harddisk0\DR0 - ok
14:42:37.0135 4956 ================ Scan VBR ==================================
14:42:37.0135 4956 [ 65CE09C4A9AD15C295A24D27DEABE678 ] \Device\Harddisk0\DR0\Partition1
14:42:37.0135 4956 \Device\Harddisk0\DR0\Partition1 - ok
14:42:37.0150 4956 ============================================================
14:42:37.0150 4956 Scan finished
14:42:37.0150 4956 ============================================================
14:42:37.0150 6104 Detected object count: 0
14:42:37.0150 6104 Actual detected object count: 0
14:42:39.0802 5220 Deinitialize success


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





aswMBR RESULTS:
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-12 15:45:04
-----------------------------
15:45:04.799 OS Version: Windows x64 6.0.6002 Service Pack 2
15:45:04.799 Number of processors: 2 586 0x170A
15:45:04.799 ComputerName: ADAM-PC UserName: Adam
15:45:06.327 Initialize success
15:45:53.346 AVAST engine defs: 13011201
15:46:45.793 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:46:45.793 Disk 0 Vendor: WDC_WD32 12.0 Size: 305245MB BusType: 3
15:46:45.809 Disk 0 MBR read successfully
15:46:45.809 Disk 0 MBR scan
15:46:45.824 Disk 0 Windows VISTA default MBR code
15:46:45.824 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
15:46:45.840 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 293256 MB offset 3074048
15:46:45.871 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 10488 MB offset 603662336
15:46:45.918 Disk 0 scanning C:\Windows\system32\drivers
15:46:56.557 Service scanning
15:47:18.849 Modules scanning
15:47:18.849 Disk 0 trace - called modules:
15:47:18.896 ntoskrnl.exe CLASSPNP.SYS disk.sys thpdrv.sys iaStor.sys hal.dll
15:47:18.896 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004d2a060]
15:47:18.896 3 CLASSPNP.SYS[fffffa6000fcac33] -> nt!IofCallDriver -> \Device\THPDRV1[0xfffffa8004d28060]
15:47:18.896 5 thpdrv.sys[fffffa60013d1c8d] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004c11050]
15:47:21.127 AVAST engine scan C:\Windows
15:47:24.887 AVAST engine scan C:\Windows\system32
15:51:27.529 AVAST engine scan C:\Windows\system32\drivers
15:51:46.592 AVAST engine scan C:\Users\Adam
16:03:49.262 Disk 0 MBR has been saved successfully to "C:\Users\Adam\Desktop\MBR.dat"
16:03:49.278 The log file has been saved successfully to "C:\Users\Adam\Desktop\aswMBR.txt"

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-12 19:00:38
-----------------------------
19:00:38.924 OS Version: Windows x64 6.0.6002 Service Pack 2
19:00:38.924 Number of processors: 2 586 0x170A
19:00:38.924 ComputerName: ADAM-PC UserName: Adam
19:00:41.377 Initialize success
19:00:56.934 AVAST engine defs: 13011201
19:00:58.943 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:00:58.959 Disk 0 Vendor: WDC_WD32 12.0 Size: 305245MB BusType: 3
19:00:58.990 Disk 0 MBR read successfully
19:00:58.990 Disk 0 MBR scan
19:00:58.990 Disk 0 Windows VISTA default MBR code
19:00:59.006 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
19:00:59.037 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 293256 MB offset 3074048
19:00:59.068 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 10488 MB offset 603662336
19:00:59.130 Disk 0 scanning C:\Windows\system32\drivers
19:01:19.985 Service scanning
19:01:42.753 Modules scanning
19:01:42.753 Disk 0 trace - called modules:
19:01:42.793 ntoskrnl.exe CLASSPNP.SYS disk.sys thpdrv.sys iaStor.sys hal.dll
19:01:42.793 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004d2a060]
19:01:42.793 3 CLASSPNP.SYS[fffffa6000fcac33] -> nt!IofCallDriver -> \Device\THPDRV1[0xfffffa8004d28060]
19:01:42.793 5 thpdrv.sys[fffffa60013d1c8d] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004c11050]
19:01:45.920 AVAST engine scan C:\Windows
19:02:15.228 AVAST engine scan C:\Windows\system32
19:09:27.199 AVAST engine scan C:\Windows\system32\drivers
19:10:32.344 AVAST engine scan C:\Users\Adam
19:12:11.170 Disk 0 MBR has been saved successfully to "C:\Users\Adam\Desktop\MBR.dat"
19:12:11.170 The log file has been saved successfully to "C:\Users\Adam\Desktop\aswMBR.txt"

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





ESET RESULTS:
C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Default\aadcdbdjgegbdbdegbdbggdedededcdd\background.html Win32/BHO.OEI trojan cleaned by deleting - quarantined
C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Default\aadcdbdjgegbdbdegbdbggdedededcdd\ContentScript.js Win32/BHO.OEI trojan cleaned by deleting - quarantined
C:\Users\Adam\AppData\Local\{B1D845FE-FBCC-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:34 AM

Posted 12 January 2013 - 09:10 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#5 SoundsOfSand

SoundsOfSand
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:34 AM

Posted 13 January 2013 - 05:48 PM

Malwarebytes RESULTS:
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.13.07

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 8.0.6001.19272
Adam :: ADAM-PC [administrator]

1/13/2013 12:57:02 PM
mbam-log-2013-01-13 (12-57-02).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 521586
Time elapsed: 2 hour(s), 37 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCU\Software\AppDataLow\Software\MyWebSearch (PUP.MyWebsearch) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 4
C:\Program Files (x86)\TOSHIBA\Amazon\MP3.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Program Files (x86)\TOSHIBA\Amazon\Shopping.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Program Files (x86)\TOSHIBA\Amazon\ShoppingD.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Program Files (x86)\TOSHIBA\Amazon\VOD.exe (Trojan.Clicker) -> Quarantined and deleted successfully.

(end)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

mini toolbox RESULTS:
MiniToolBox by Farbar Version:10-01-2013
Ran by Adam (administrator) on 13-01-2013 at 15:42:12
Running from "C:\Users\Adam\Documents\ComputerCheck"
Windows Vista ™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® WiFi Link 5100 AGN = Wireless Network Connection (Connected)
Realtek RTL8102/8103 Family PCI-E FE NIC = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Adam-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® WiFi Link 5100 AGN
Physical Address. . . . . . . . . : 00-22-FA-E8-6A-EA
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::2c0a:25fc:6c0:c87d%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.9(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, January 13, 2013 10:16:31 AM
Lease Expires . . . . . . . . . . : Monday, January 14, 2013 12:30:36 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 234889978
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-B6-D2-ED-00-1E-33-BE-0C-B4
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : globalsuite.net
Description . . . . . . . . . . . : Realtek RTL8102/8103 Family PCI-E FE NIC
Physical Address. . . . . . . . . : 00-1E-33-C6-2E-1C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.globalsuite.net
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.Belkin
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.Belkin
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.1

DNS request timed out.
timeout was 2 seconds.
Name: google.com
Address: 2607:f8b0:4002:c03::8b


Pinging google.com [74.125.134.101] with 32 bytes of data:
Reply from 74.125.134.101: bytes=32 time=134ms TTL=48
Reply from 74.125.134.101: bytes=32 time=101ms TTL=48

Ping statistics for 74.125.134.101:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 101ms, Maximum = 134ms, Average = 117ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.138.253.109
72.30.38.140
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=485ms TTL=48
Reply from 98.139.183.24: bytes=32 time=515ms TTL=50

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 485ms, Maximum = 515ms, Average = 500ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11 ...00 22 fa e8 6a ea ...... Intel® WiFi Link 5100 AGN
10 ...00 1e 33 c6 2e 1c ...... Realtek RTL8102/8103 Family PCI-E FE NIC
1 ........................... Software Loopback Interface 1
15 ...00 00 00 00 00 00 00 e0 isatap.globalsuite.net
14 ...00 00 00 00 00 00 00 e0 isatap.Belkin
12 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
13 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
16 ...00 00 00 00 00 00 00 e0 isatap.Belkin
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.9 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.9 281
192.168.1.9 255.255.255.255 On-link 192.168.1.9 281
192.168.1.255 255.255.255.255 On-link 192.168.1.9 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.9 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.9 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 281 fe80::/64 On-link
11 281 fe80::2c0a:25fc:6c0:c87d/128
On-link
1 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [61440] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/13/2013 00:30:38 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4476948

Error: (01/13/2013 00:30:38 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4476948

Error: (01/13/2013 00:30:38 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/13/2013 10:16:37 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/12/2013 11:01:19 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/12/2013 11:01:14 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (01/12/2013 06:57:37 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (01/12/2013 03:32:54 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/12/2013 03:32:33 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (01/12/2013 03:16:32 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (01/13/2013 10:17:12 AM) (Source: DCOM) (User: )
Description: {7F6316B4-4D69-4765-B0A3-B2598F2FA80A}

Error: (01/13/2013 10:17:05 AM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070424

Error: (01/13/2013 10:16:37 AM) (Source: Service Control Manager) (User: )
Description: IPsec Policy AgentBFE

Error: (01/13/2013 10:16:37 AM) (Source: Service Control Manager) (User: )
Description: IKE and AuthIP IPsec Keying ModulesBFE

Error: (01/13/2013 10:16:37 AM) (Source: Service Control Manager) (User: )
Description: Computer Browser%%1060

Error: (01/13/2013 10:16:28 AM) (Source: Microsoft-Windows-ResourcePublication) (User: NT AUTHORITY)
Description: Provider\Microsoft.Base.Publication/Publication/Computer

Error: (01/12/2013 11:02:01 PM) (Source: DCOM) (User: )
Description: {7F6316B4-4D69-4765-B0A3-B2598F2FA80A}

Error: (01/12/2013 11:01:45 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070424

Error: (01/12/2013 11:01:19 PM) (Source: Service Control Manager) (User: )
Description: IPsec Policy AgentBFE

Error: (01/12/2013 11:01:19 PM) (Source: Service Control Manager) (User: )
Description: IKE and AuthIP IPsec Keying ModulesBFE


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2013-01-13 14:59:12.855
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-13 14:59:12.673
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-13 14:59:11.753
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-13 14:59:11.550
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-13 14:59:11.347
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-13 14:59:11.145
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-13 14:59:10.640
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-13 14:59:10.456
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-13 14:59:09.744
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-13 14:59:09.529
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Apple Mobile Device Support (Version: 6.0.1.3)
Bonjour (Version: 3.0.0.10)
Dolby Control Center (Version: 2.2.1)
EasyBits GO
Facebook Plug-In
Intel PROSet Wireless
Intel® Graphics Media Accelerator Driver
Intel® PROSet/Wireless WiFi Software (Version: 12.04.0000)
IntelŪ Matrix Storage Manager
iTunes (Version: 11.0.1.12)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
PlayReady PC runtime (Version: 1)
Synaptics Pointing Device Driver (Version: 12.2.10.0)
TOSHIBA Disc Creator (Version: 2.0.1.3 for x64)
TOSHIBA eco Utility (Version: 1.0.2.64)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00)
TOSHIBA HDD Protection (Version: 2.1.2.9)
TOSHIBA HDD/SSD Alert (Version: 3.0.64.0)
TOSHIBA Internal Modem Region Select Utility (Version: 2.3.0.00)
TOSHIBA Recovery Disc Creator (Version: 2.0.0.2 for x64)
TOSHIBA SD Memory Utilities (Version: 1.9.1.12)
TOSHIBA Software Modem
TOSHIBA Value Added Package (Version: 1.2.8.64)
Unity Web Player (Version: )
Windows Driver Package - TOSHIBA (FwLnk) System (11/19/2006 1.0.0.3) (Version: 11/19/2006 1.0.0.3)

========================= Memory info: ===================================

Percentage of memory in use: 79%
Total physical RAM: 3963.05 MB
Available physical RAM: 828.01 MB
Total Pagefile: 8117.31 MB
Available Pagefile: 4817.05 MB
Total Virtual: 4095.88 MB
Available Virtual: 3992.26 MB

========================= Partitions: =====================================

1 Drive c: (TI100343V0F) (Fixed) (Total:286.38 GB) (Free:11.72 GB) NTFS

========================= Users: ========================================

User accounts for \\ADAM-PC

Adam Administrator Guest

========================= Restore Points ==================================

10-01-2013 18:48:26 Scheduled Checkpoint
11-01-2013 17:27:59 Scheduled Checkpoint

**** End of log ****

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Farbar service scanner RESULTS:
Farbar Service Scanner Version: 05-01-2013
Ran by Adam (administrator) on 13-01-2013 at 15:45:45
Running from "C:\Users\Adam\Documents\ComputerCheck"
Windows Vista ™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking LEGACY_MpsSvc: ATTENTION!=====> Unable to open LEGACY_MpsSvc\0000 registry key. The key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking LEGACY_bfe: ATTENTION!=====> Unable to open LEGACY_bfe\0000 registry key. The key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking LEGACY_wscsvc: ATTENTION!=====> Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.
Checking Start type of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ImagePath of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ServiceDll of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcsvc.dll
[2009-12-03 12:00] - [2009-04-11 01:11] - 0268288 ____A (Microsoft Corporation) 3ED0321127CE70ACDAABBF77E157C2A7

C:\Windows\System32\drivers\afd.sys
[2012-02-15 09:49] - [2012-01-03 08:25] - 0404992 ____A (Microsoft Corporation) C4F6CE6087760AD70960C9EB130E7943

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-05-09 05:41] - [2012-03-30 06:45] - 1423744 ____A (Microsoft Corporation) 46D448E9117464E4D3BBF36D7E3FA48E

C:\Windows\System32\dnsrslvr.dll
[2011-04-13 13:47] - [2011-03-02 10:12] - 0117760 ____A (Microsoft Corporation) 06230F1B721494A6DF8D47FD395BB1B0

C:\Windows\System32\mpssvc.dll
[2009-12-03 12:00] - [2009-04-11 01:11] - 0603136 ____A (Microsoft Corporation) 897E3BAF68BA406A61682AE39C83900C

C:\Windows\System32\bfe.dll
[2009-12-03 11:59] - [2009-04-11 01:11] - 0458240 ____A (Microsoft Corporation) FFB96C2589FFA60473EAD78B39FBDE29

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe
[2009-12-03 12:01] - [2009-04-11 01:11] - 1433600 ____A (Microsoft Corporation) B75232DAD33BFD95BF6F0A3E6BFF51E1

C:\Windows\System32\wscsvc.dll
[2009-12-03 11:59] - [2009-04-11 01:11] - 0074752 ____A (Microsoft Corporation) 9EA3E6D0EF7A5C2B9181961052A4B01A

C:\Windows\System32\wbem\WMIsvc.dll
[2009-12-03 12:00] - [2009-04-11 01:11] - 0221696 ____A (Microsoft Corporation) D2E7296ED1BD26D8DB2799770C077A02

C:\Windows\System32\wuaueng.dll
[2009-10-30 06:34] - [2009-08-06 20:24] - 2424024 ____A (Microsoft Corporation) FB3796754FE00F0BDC87A36F164A5F4D

C:\Windows\System32\qmgr.dll
[2009-12-03 12:01] - [2009-04-11 01:11] - 1081856 ____A (Microsoft Corporation) 6D316F4859634071CC25C4FD4589AD2C

C:\Windows\System32\es.dll
[2009-12-03 12:00] - [2009-04-11 01:11] - 0361984 ____A (Microsoft Corporation) E12F22B73F153DECE721CD45EC05B4AF

C:\Windows\System32\cryptsvc.dll
[2012-06-13 10:47] - [2012-04-23 10:25] - 0174592 ____A (Microsoft Corporation) 62740B9D2A137E8CED41A9E4239A7A31

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2009-12-03 12:01] - [2009-04-11 01:11] - 0719872 ____A (Microsoft Corporation) CF8B9A3A5E7DC57724A89D0C3E8CF9EF



**** End of log ****

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Adware Cleaner:
# AdwCleaner v2.105 - Logfile created 01/13/2013 at 15:47:38
# Updated 08/01/2013 by Xplode
# Operating system : Windows ™ Vista Home Premium Service Pack 2 (64 bits)
# User : Adam - ADAM-PC
# Boot Mode : Normal
# Running from : C:\Users\Adam\Documents\ComputerCheck\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Viewpoint Manager Service

***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\Common Files\Software Update Utility
Deleted on reboot : C:\Program Files (x86)\Viewpoint
Deleted on reboot : C:\ProgramData\Ask
Deleted on reboot : C:\ProgramData\Viewpoint
Deleted on reboot : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Deleted on reboot : C:\Users\Adam\AppData\Local\SanctionedMedia
Deleted on reboot : C:\Users\Adam\AppData\LocalLow\AskToolbar
Deleted on reboot : C:\Users\Adam\AppData\LocalLow\FunWebProducts
Deleted on reboot : C:\Users\Adam\AppData\LocalLow\MyWebSearch
Deleted on reboot : C:\Users\Adam\AppData\LocalLow\Toolbar4
Deleted on reboot : C:\Users\Adam\AppData\LocalLow\Viewpoint
Deleted on reboot : C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\ribk84us.default\extensions\toolbar@ask.com
Deleted on reboot : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.xpt

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{474597C5-AB09-49D6-A4D5-2E8D7341384E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{474597C5-AB09-49D6-A4D5-2E8D7341384E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\TBSB00808.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\TBSB00808.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\TBSB00808.TBSB00808
Key Deleted : HKLM\SOFTWARE\Classes\TBSB00808.TBSB00808.3
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB00808
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB00808.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\Software\Viewpoint
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Software
Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CA3EB689-8F09-4026-AA10-B9534C691CE0}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.19272

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0 (en-US)

File : C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\ribk84us.default\prefs.js

Deleted : user_pref("aol_toolbar.surf.date", "41");
Deleted : user_pref("aol_toolbar.surf.lastDate", "29");
Deleted : user_pref("aol_toolbar.surf.lastMonth", "0");
Deleted : user_pref("aol_toolbar.surf.lastYear", "2012");
Deleted : user_pref("aol_toolbar.surf.mURL", "");
Deleted : user_pref("aol_toolbar.surf.mURLh", "0");
Deleted : user_pref("aol_toolbar.surf.mURLw", "0");
Deleted : user_pref("aol_toolbar.surf.mURLx", "0");
Deleted : user_pref("aol_toolbar.surf.mURLy", "0");
Deleted : user_pref("aol_toolbar.surf.milestone", "-1");
Deleted : user_pref("aol_toolbar.surf.month", "9115");
Deleted : user_pref("aol_toolbar.surf.prevMonth", "6612");
Deleted : user_pref("aol_toolbar.surf.total", "376563");
Deleted : user_pref("aol_toolbar.surf.week", "41");
Deleted : user_pref("aol_toolbar.surf.year", "9115");
Deleted : user_pref("browser.search.defaulturl", "hxxp://aim.search.aol.com/aol/search?query={searchTerms}&inv[...]
Deleted : user_pref("browser.search.order.1", "iMesh Web Search");
Deleted : user_pref("extensions.toolbar@ask.com.install-event-fired", true);
Deleted : user_pref("id_playboostgamebar.storder_files.307f0fee5ebaa2debe8f90548e28a5f5", "%3C%3Fxml%20version[...]

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.57] : search_url = "hxxp://search.imesh.com/web?src=crb&q={searchTerms}",
Deleted [l.393] : homepage = "hxxp://search.imesh.com/",

*************************

AdwCleaner[S1].txt - [15696 octets] - [13/01/2013 15:47:38]

########## EOF - C:\AdwCleaner[S1].txt - [15757 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Junkware removal tool RESULTS:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.4.2 (01.08.2013:1)
OS: Windows ™ Vista Home Premium x64
Ran by Adam on Sun 01/13/2013 at 16:00:04.27
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\\{6b34accf-1b63-4e1a-8633-461917c75544}
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{6b34accf-1b63-4e1a-8633-461917c75544}
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_classes_root\clsid\{6b34accf-1b63-4e1a-8633-461917c75544}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{9bb47c17-9c68-4bb3-b188-dd9af0fd2a59}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{9bb47c17-9c68-4bb3-b188-dd9af0fd2a59}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{abb49b3b-ab7d-4ed0-9135-93fd5aa4f69f}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Adam\appdata\locallow\imeshmediabartb"



~~~ FireFox

Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\imeshwebsearch.xml"
Successfully deleted: [File] C:\Users\Adam\AppData\Roaming\mozilla\firefox\profiles\ribk84us.default\extensions\gtqkqeueqz@gtqkqeueqz.org.xpi [Tracur]
Successfully deleted: [Folder] C:\Users\Adam\AppData\Roaming\mozilla\firefox\profiles\ribk84us.default\extensions\youtubedownloader@peterolayev.com
Successfully deleted: [Folder] C:\Users\Adam\AppData\Roaming\mozilla\firefox\profiles\ribk84us.default\extensions\{a79d8b60-1ff0-47f0-8e79-8cde1fecb0fd}
Successfully deleted the following from C:\Users\Adam\AppData\Roaming\mozilla\firefox\profiles\ribk84us.default\prefs.js

user_pref("aim_toolbar.search.searchtype", "web");
user_pref("extensions.enabledItems", "blogtv@toolbar:1.1.1,firebug@software.joehewitt.com:1.7.3,toolbar@ask.com:3.14.0.100009,{20a82645-c095-46ed-80e3-08825760534b}:1.2.1,{28D
Emptied folder: C:\Users\Adam\AppData\Roaming\mozilla\firefox\profiles\ribk84us.default\minidumps [101 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 01/13/2013 at 16:10:59.22
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

RKill Results:
Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/13/2013 04:12:06 PM in x64 mode.
Windows Version: Windows Vista ™ Home Premium Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\system32\TODDSrv.exe (PID: 2724) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Adam\Desktop\rkill\rkill-01-13-2013-04-12-12.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* ALERT: ZEROACCESS rootkit symptoms found!

* HKEY_CLASSES_ROOT\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32 [ZA Reg Hijack]
* HKEY_CLASSES_ROOT\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 [ZA Reg Hijack]
* C:\$Recycle.Bin\S-1-5-18\$c75d2e208295c66ce7dbdd1ad177b5eb\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-18\$c75d2e208295c66ce7dbdd1ad177b5eb\@ [ZA File]
* C:\$Recycle.Bin\S-1-5-18\$c75d2e208295c66ce7dbdd1ad177b5eb\L\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-18\$c75d2e208295c66ce7dbdd1ad177b5eb\U\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-21-232412378-3118420049-1387226345-1000\$c75d2e208295c66ce7dbdd1ad177b5eb\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-21-232412378-3118420049-1387226345-1000\$c75d2e208295c66ce7dbdd1ad177b5eb\@ [ZA File]
* C:\$Recycle.Bin\S-1-5-21-232412378-3118420049-1387226345-1000\$c75d2e208295c66ce7dbdd1ad177b5eb\L\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-21-232412378-3118420049-1387226345-1000\$c75d2e208295c66ce7dbdd1ad177b5eb\n [ZA File]
* C:\$Recycle.Bin\S-1-5-21-232412378-3118420049-1387226345-1000\$c75d2e208295c66ce7dbdd1ad177b5eb\U\ [ZA Dir]

Checking Windows Service Integrity:

* Windows Firewall Authorization Driver (mpsdrv) is not Running.
Startup Type set to: Manual

* BFE [Missing Service]
* iphlpsvc [Missing Service]
* MpsSvc [Missing Service]
* WinDefend [Missing Service]
* wscsvc [Missing Service]

* SharedAccess [Missing ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost
::1 localhost

Program finished at: 01/13/2013 04:12:27 PM
Execution time: 0 hours(s), 0 minute(s), and 21 seconds(s)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Autoruns RESULTS:
"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "00TCrdMain" "TOSHIBA Flash Cards" "TOSHIBA Corporation" "c:\program files\toshiba\flashcards\tcrdmain.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "HSON" "HotStartOn" "TOSHIBA Corporation" "c:\program files\toshiba\tbs\hson.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "RtHDVCpl" "HD Audio Control Panel" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
+ "Skytel" "Realtek Voice Manager" "Realtek Semiconductor Corp." "c:\program files\realtek\audio\hda\skytel.exe"
+ "SmoothView" "SmoothView" "TOSHIBA Corporation" "c:\program files\toshiba\smoothview\smoothview.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
+ "Teco" "TOSHIBA eco Utility" "TOSHIBA Corporation" "c:\program files\toshiba\teco\teco.exe"
+ "ThpSrv" "TOSHIBA HDD Protection Service" "TOSHIBA Corporation" "c:\windows\system32\thpsrv.exe"
+ "TosSENotify" "TosSENotify.exe.mui" "TOSHIBA Corporation" "c:\program files\toshiba\toshiba hdd ssd alert\tossenotify.exe"
+ "TPwrMain" "TOSHIBA Power Saver" "TOSHIBA Corporation" "c:\program files\toshiba\power saver\tpwrmain.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "cfFncEnabler.exe" "cfFncEnabler" "Toshiba Corporation" "c:\program files (x86)\toshiba\configfree\cffncenabler.exe"
+ "CLMLServer" "CyberLink MediaLibray Service" "CyberLink" "c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\clml\clmlsvc.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "NDSTray.exe" "ConfigFree Task Tray Menu" "TOSHIBA CORPORATION" "c:\program files (x86)\toshiba\configfree\ndstray.exe"
+ "PCMAgent" "CyberLink PowerCinema Resident Program" "CyberLink Corp." "c:\program files (x86)\cyberlink\powercinema for toshiba\pcmagent.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "TANU" "" "TOSHIBA Corporation" "c:\program files (x86)\toshiba\tanu\tanu.exe"
+ "TUSBSleepChargeSrv" "TOSHIBA USB Sleep and Charge Service" "TOSHIBA" "c:\program files (x86)\toshiba\toshiba usb sleep and charge utility\tusbsleepchargesrv.exe"
+ "TWebCamera" "" "TOSHIBA" "c:\program files (x86)\toshiba\toshiba web camera application\twebcamera.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows Mail 7" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows Mail 7" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "conhost" "" "" "File not found: C:\Users\Adam\AppData\Roaming\Microsoft\conhost.exe"
+ "Google Update" "Google Installer" "Google Inc." "c:\users\adam\appdata\local\google\update\googleupdate.exe"
+ "Skype" "Skype " "Skype Technologies S.A." "c:\program files (x86)\skype\phone\skype.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "BUContextMenu" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\6.4.0.9\bushell.dll"
+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\6.4.0.9\navshext.dll"
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers" "" "" ""
+ "BuPropertySheet" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\6.4.0.9\bushell.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "BUContextMenu" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\6.4.0.9\bushell.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\6.4.0.9\navshext.dll"
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "OverlayExcluded" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\6.4.0.9\bushell.dll"
+ "OverlayPending" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\6.4.0.9\bushell.dll"
+ "OverlayProtected" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\6.4.0.9\bushell.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Google Gears Helper" "These are the Gears that power the tubes! :-)" "Google Inc." "c:\program files (x86)\google\google gears\internet explorer\0.5.36.0\gears.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Norton Identity Protection" "coIEPlugIn" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine\6.4.0.9\coieplg.dll"
+ "Norton Vulnerability Protection" "IPS Browser Helper DLL" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine\6.4.0.9\ips\ipsbho.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Norton Toolbar" "coIEPlugIn" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine\6.4.0.9\coieplg.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Gears Settings" "These are the Gears that power the tubes! :-)" "Google Inc." "c:\program files (x86)\google\google gears\internet explorer\0.5.36.0\gears.dll"
+ "S&end to OneNote" "Microsoft Office OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\onbttnie.dll"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\At1" "" "" "File not found: C:\Users\Adam\AppData\Roaming\WINWORD.EXE"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-232412378-3118420049-1387226345-1000Core" "Google Installer" "Google Inc." "c:\users\adam\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-232412378-3118420049-1387226345-1000UA" "Google Installer" "Google Inc." "c:\users\adam\appdata\local\google\update\googleupdate.exe"
+ "\Microsoft\Windows\WindowsCalendar\Reminders - Adam" "Windows Calendar" "Microsoft Corporation" "c:\program files\windows calendar\wincal.exe"
+ "\Microsoft\Windows\Wired\GatherWiredInfo" "" "" "c:\windows\system32\gatherwiredinfo.vbs"
+ "\Microsoft\Windows\Wireless\GatherWirelessInfo" "" "" "c:\windows\system32\gatherwirelessinfo.vbs"
+ "\Norton Security Suite\Norton Error Analyzer" "Symantec Error Reporting" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine\6.4.0.9\symerr.exe"
+ "\Norton Security Suite\Norton Error Processor" "Symantec Error Reporting" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine\6.4.0.9\symerr.exe"
+ "\Norton WSC Integration" "WSCStub" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine\6.4.0.9\wscstub.exe"
+ "\RealUpgradeLogonTaskS-1-5-21-232412378-3118420049-1387226345-1000" "" "" "File not found: C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe"
+ "\RealUpgradeScheduledTaskS-1-5-21-232412378-3118420049-1387226345-1000" "" "" "File not found: C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe"
+ "\Scheduled Update for Ask Toolbar" "" "" "File not found: C:\Program Files (x86)\Ask.com\UpdateTask.exe"
+ "\winupd" "" "" "File not found: C:\Users\Adam\AppData\Local\Temp:winupd.exe"
+ "\{B87D5513-3199-4256-84B6-D5FC52A16E84}" "Skype " "Skype Technologies S.A." "c:\program files (x86)\skype\phone\skype.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AgereModemAudio" "Agere Soft Modem Call Progress Service" "Agere Systems" "c:\windows\system32\agr64svc.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "camsvc" "" "TOSHIBA" "c:\program files (x86)\toshiba\toshiba web camera application\twebcamerasrv.exe"
+ "ConfigFree Gadget Service" "It's called by ConfigFree Gadget (x64)" "TOSHIBA CORPORATION" "c:\program files (x86)\toshiba\configfree\cfprocsrvc.exe"
+ "ConfigFree Service" "You can't stop this service, if you want to keep ConfigFree functionality fine." "TOSHIBA CORPORATION" "c:\program files (x86)\toshiba\configfree\cfsvcs.exe"
+ "EvtEng" "Manages the event trace messages for all the IntelŪ PROSet/Wireless Software components." "Intel® Corporation" "c:\program files\intel\wifi\bin\evteng.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files (x86)\common files\installshield\driver\1150\intel 32\idrivert.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "LightScribeService" "Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work." "Hewlett-Packard Company" "c:\program files (x86)\common files\lightscribe\lssrvc.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "N360" "Norton Security Suite" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine\6.4.0.9\ccsvchst.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "RegSrvc" "Provides registry access to all IntelŪ PROSet/Wireless Software components" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\regsrvc.exe"
+ "RSELSVC" "This service is the purpose of changing modem region" "TOSHIBA Corporation" "c:\program files\toshiba\rselect\rselsvc.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "Thpsrv" "TOSHIBA HDD Protection Service" "TOSHIBA Corporation" "c:\windows\system32\thpsrv.exe"
+ "TNaviSrv" "TOSHIBA Navi Support Service" "TOSHIBA Corporation" "c:\program files (x86)\toshiba\toshiba dvd player\tnavisrv.exe"
+ "TODDSrv" "TDCSrv Application" "TOSHIBA Corporation" "c:\windows\system32\toddsrv.exe"
+ "TosCoSrv" "TOSHIBA Power Saver manages power saving settings supported by TOSHIBA. These settings will not work if the service has stopped." "TOSHIBA Corporation" "c:\program files\toshiba\power saver\toscosrv.exe"
+ "TOSHIBA eco Utility Service" "TOSHIBA eco Utility Service" "TOSHIBA Corporation" "c:\program files\toshiba\teco\tecoservice.exe"
+ "TOSHIBA HDD SSD Alert Service" "TosSmartSrv.exe" "TOSHIBA Corporation" "c:\program files\toshiba\toshiba hdd ssd alert\tossmartsrv.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AgereSoftModem" "SoftModem Device Driver" "Agere Systems" "c:\windows\system32\drivers\agrsm64.sys"
+ "BHDrvx64" "SONAR Engine Driver" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.0.0.145\definitions\bashdefs\20130107.001\bhdrvx64.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "ccSet_N360" "Common Client Settings Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0604000.009\ccsetx64.sys"
+ "E1G60" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1g6032e.sys"
+ "eeCtrl" "Symantec Eraser Control Driver" "Symantec Corporation" "c:\program files (x86)\common files\symantec shared\eengine\eectrl64.sys"
+ "EraserUtilRebootDrv" "Symantec Eraser Utility Driver" "Symantec Corporation" "c:\program files (x86)\common files\symantec shared\eengine\eraserutilrebootdrv.sys"
+ "FwLnk" "TOSHIBA Firmware Linkage 64-bit Driver" "TOSHIBA Corporation" "c:\windows\system32\drivers\fwlnk.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "HSF_DPV" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstdpv6.sys"
+ "HSFHWAZL" "HSF_HWAZL WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstazl6.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "IDSVia64" "Symantec Intrusion Prevention Driver" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.0.0.145\definitions\ipsdefs\20130113.001\idsvia64.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "IntcHdmiAddService" "Intel® High Definition Audio HDMI" "Intel® Corporation" "c:\windows\system32\drivers\intchdmi.sys"
+ "IpInIp" "IP in IP Tunnel Driver" "" "File not found: system32\DRIVERS\ipinip.sys"
+ "ManyCam" "ManyCam Virtual Webcam" "ManyCam LLC" "c:\windows\system32\drivers\mcvidrv_x64.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "mcaudrv_simple" "ManyCam Virtual Microphone" "ManyCam LLC" "c:\windows\system32\drivers\mcaudrv_x64.sys"
+ "NAVENG" "AV Engine" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.0.0.145\definitions\virusdefs\20130112.007\eng64.sys"
+ "NAVEX15" "AV Engine" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.0.0.145\definitions\virusdefs\20130112.007\ex64.sys"
+ "NETw5v64" "IntelŪ Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw5v64.sys"
+ "NwlnkFlt" "IPX Traffic Filter Driver" "" "File not found: system32\DRIVERS\nwlnkflt.sys"
+ "NwlnkFwd" "IPX Traffic Forwarder Driver" "" "File not found: system32\DRIVERS\nwlnkfwd.sys"
+ "PGEffect" "TOSHIBA Universal Camera Filter Driver" "TOSHIBA Corporation" "c:\windows\system32\drivers\pgeffect.sys"
+ "rimspci" "RICOH MS Driver" "REDC" "c:\windows\system32\drivers\rimspe64.sys"
+ "rixdpcie" "RICOH PCIe XD Driver" "REDC" "c:\windows\system32\drivers\rixdpe64.sys"
+ "RTL8169" "Realtek 8136/8168/8169 NDIS6 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rtlh64.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SMR250" "SMR" "Symantec Corporation" "c:\windows\system32\drivers\smr250.sys"
+ "SMR311" "SMR" "Symantec Corporation" "c:\windows\system32\drivers\smr311.sys"
+ "SRTSP" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0604000.009\srtsp64.sys"
+ "SRTSPX" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0604000.009\srtspx64.sys"
+ "SymDS" "Symantec Data Store" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0604000.009\symds64.sys"
+ "SymEFA" "Symantec Extended File Attributes" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0604000.009\symefa64.sys"
+ "SymEvent" "Symantec Event Library" "Symantec Corporation" "c:\windows\system32\drivers\symevent64x86.sys"
+ "SymIRON" "Iron Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0604000.009\ironx64.sys"
+ "SYMTDIv" "Network Dispatch Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0604000.009\symtdiv.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "tdcmdpst" "TOSHIBA ODD Writing Driver for x64." "TOSHIBA Corporation." "c:\windows\system32\drivers\tdcmdpst.sys"
+ "Thpdrv" "TOSHIBA HDD Protection Driver" "TOSHIBA Corporation" "c:\windows\system32\drivers\thpdrv.sys"
+ "Thpevm" "TOSHIBA HDD Protection - Shock Sensor Driver" "TOSHIBA Corporation" "c:\windows\system32\drivers\thpevm.sys"
+ "tos_sps64" "tos_sps2" "TOSHIBA Corporation" "c:\windows\system32\drivers\tos_sps64.sys"
+ "TVALZ" "TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver" "TOSHIBA Corporation" "c:\windows\system32\drivers\tvalz_o.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "winachsf" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstcnxt6.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.dvacm" "Ulead DV Audio ACM Driver" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\vio\dvacm.acm"
+ "msacm.mpegacm" "Ulead MPEG1 Layer2 Audio ACM Driver" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\mpegacm.acm"
+ "msacm.ulmp3acm" "Ulead MP3 codec engine" "Ulead systems" "c:\program files (x86)\common files\ulead systems\mpeg\ulmp3acm.acm"
+ "vidc.cvid" "CinepakŪ Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Allocator Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Bitmap" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Capture ASF Writer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files\divx\divx codec\divxdec.ax"
+ "Frame Eater" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Multiple File Output" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Sink" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Record Queue" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ShotDetect" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WM VIH2 Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Bytescout Screen Capturing Filter" "Bytescout Virtual Camera Filter acts like a video capture source." "Bytescout" "c:\program files (x86)\applian technologies\freecorder 6 applications\screen\bytescoutscreencapturingfilter.dll"
+ "Bytescout Video Mixer Filter" "Bytescout Video Mixer Filter mixes two video streams into one." "Bytescout" "c:\program files (x86)\applian technologies\freecorder 6 applications\screen\bytescoutvideomixerfilter.dll"
+ "CyberLink Audio Commercial Cut Analyzer" "CLAudCM" "Cyberlink Corp." "c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\video\claudcm.ax"
+ "CyberLink Audio Commercial Cut Analyzer" "CLAudCM" "Cyberlink Corp." "c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\clml\claudcm.ax"
+ "CyberLink Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\clml\claud.ax"
+ "CyberLink Audio Decoder (PCM45)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\video\claud.ax"
+ "CyberLink Audio Effect (PCM45)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\video\claudfx.ax"
+ "CyberLink Audio Noise Reduction" "CLAuNR" "CyberLink Corp." "c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\clml\claunrwrapper.ax"
+ "CyberLink Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\clml\claursmpl.ax"
+ "CyberLink Audio Spectrum Analyzer" "CLAudSpa.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\video\claudspa.ax"
+ "CyberLink Audio Wizard (PCM45)" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\video\claudwizard.ax"
+ "CyberLink AudioCD Filter (PCM45)" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\video\claudiocd.ax"
+ "CyberLink Demultiplexer (PCM45)" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\video\cldemuxer.ax"
+ "CyberLink DVD Navigator (PCM45)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\video\clnavx.ax"
+ "CyberLink H.264/AVC Decoder" "CyberLink 264 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\clml\cl264dec.ax"
+ "CyberLink Line21 Decoder Filter (PCM45)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\video\clline21.ax"
+ "CyberLink MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\video\clsplter.ax"
+ "CyberLink Scene Detect Filter 2" "CLScnDt2" "訊連科技" "c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\clml\clscndt2.dll"
+ "CyberLink SnapShotTIP Filter" "CLSShot" "CyberLink" "c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\clml\clsshot.ax"
+ "Cyberlink SubTitle Importor (PCM45)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\video\clsubtitle.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\video\clauts.ax"
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\clml\cltlmsplter.ax"
+ "CyberLink UltraSpeed/SVRT Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\clml\cledtdemuxer.ax"
+ "CyberLink Video Effect (PCM45)" "CLVidFx" "CyberLink" "c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\video\clvidfx.ax"
+ "CyberLink Video Regulator" "Video Regulator" "Cyberlink" "c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\clml\clrgl.ax"
+ "CyberLink Video/SP Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\clml\clvsd.ax"
+ "CyberLink Video/SP Decoder (PCM45)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\video\clvsd.ax"
+ "CyberLink Video/SP Decoder (ShEX)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\video\climagevsd.ax"
+ "Dib Output" "" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\filters\diboutput.ax"
+ "Dib Receive" "" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\filters\dibreceive.ax"
+ "DV ACM V/A Source Filter" "" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\filters\dvsf.ax"
+ "DV V/A Source Filter" "" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\filters\dvsf.ax"
+ "DV Video Source Filter" "" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\filters\dvsf.ax"
+ "IDM Filter" "idmf" "Cyberlink" "c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\clml\idmf.ax"
+ "IDM Filter" "idmf" "Cyberlink" "c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\video\idmf.ax"
+ "Image Effects" "TimeStam Dynamic Link Library" "" "c:\program files (x86)\toshiba\toshiba web camera application\pgtimefilter.dll"
+ "TOSHIBA Audio Back Switcher" "" "" "c:\program files (x86)\toshiba\toshiba dvd player\tosaudiobackswitcher.ax"
+ "TOSHIBA Audio Decoder DVD" "TOSHIBA Audio Decoder DVD" "TOSHIBA Corporation" "c:\program files (x86)\toshiba\toshiba dvd player\tosauddecl.ax"
+ "TOSHIBA Audio Front Switcher" "" "" "c:\program files (x86)\toshiba\toshiba dvd player\tosaudiofrontswitcher.ax"
+ "TOSHIBA Audio Rate Converter" "TOSHIBA Audio Rate Converter" "TOSHIBA Corporation" "c:\program files (x86)\toshiba\toshiba dvd player\tosarc.ax"
+ "TOSHIBA DualMono" "TOSHIBA DualMono" "TOSHIBA Corporation" "c:\program files (x86)\toshiba\toshiba dvd player\tosdualmono.ax"
+ "TOSHIBA DVD Navigator" "TOSHIBA DVD Navigator" "TOSHIBA Corporation" "c:\program files (x86)\toshiba\toshiba dvd player\tdvdnavi.ax"
+ "TOSHIBA DVD VR Navigator" "TOSHIBA DVD Player" "TOSHIBA Corporation" "c:\program files (x86)\toshiba\toshiba dvd player\tvrnavi.ax"
+ "TOSHIBA Progress Monitor" "TOSHIBA Progress Monitor" "TOSHIBA Corporation" "c:\program files\toshiba\toshiba disc creator\tprogmon.ax"
+ "TOSHIBA WAV Converter" "TOSHIBA Wav Converter" "TOSHIBA Corporation" "c:\program files\toshiba\toshiba disc creator\twavconv.ax"
+ "Ulead AMR Audio Decoder" "MP4 AMR Audio Decoder Filter" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\uladamr.ax"
+ "Ulead Audio Dual Channel Filter" "Ulead Audio Dual Channel Filter" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\uaudiodcfilter.ax"
+ "Ulead DV Scene Detect" "ulDvScDt" "Ulead system Inc." "c:\program files (x86)\common files\ulead systems\capture\uldvscdt.ax"
+ "Ulead DV SubTitle Filter" "DV SubTitle Filter" "Microsoft Corporation" "c:\program files (x86)\common files\ulead systems\mpeg\dvtranssubtitle.ax"
+ "Ulead DV Writer" "ulDVWriter" "Corel" "c:\program files (x86)\common files\ulead systems\capture\uldvrite.ax"
+ "Ulead DVB Parser" "Ulead DVB Parser Filter" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\uldvbparser.ax"
+ "Ulead DVD Audio Decoder 2" "Audio Decoder" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\uldvdaudio.ax"
+ "Ulead DVD Navigator" "DVD Navigator filter" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\dvd\uleaddvdnavigator.ax"
+ "Ulead DVD Parser" "ulDVDParser" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\uldvdparser.ax"
+ "Ulead DVD Video decoder 2" "DVD Video Decoder with DxVA Support" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\uldvdvideo.ax"
+ "ULead File Source (Async.)" "Ulead Async Filter" "Ulead Systems" "c:\program files (x86)\common files\ulead systems\mpeg\ulasync.ax"
+ "ULead File Writer" "File Dump Filter" "ULead Systems" "c:\program files (x86)\common files\ulead systems\mpeg\uldump.ax"
+ "Ulead H264 Decoder" "uldsh264" "uleadivi" "c:\program files (x86)\common files\ulead systems\mpeg\uldsh264.ax"
+ "ULead Infinite Pin Tee" "Ulead Infinite Tee Filter" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\uinftee.ax"
+ "Ulead MPEG Audio Decoder" "Audio Decoder" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\uldvdaudio.ax"
+ "Ulead MPEG Encoder" "MPEG Encoder and Muxer" "ULead Systems" "c:\program files (x86)\common files\ulead systems\mpeg\ulesmpeg.ax"
+ "Ulead MPEG Muxer" "MPEG Muxer" "ULead Systems" "c:\program files (x86)\common files\ulead systems\mpeg\ulmxmpeg.ax"
+ "Ulead MPEG Splitter" "ULead Mpeg I/II Splitter" "ULead Systems" "c:\program files (x86)\common files\ulead systems\mpeg\ulspmpeg.ax"
+ "Ulead MPEG Transcoder" "ulMPGTrans" "Ulead com" "c:\program files (x86)\common files\ulead systems\mpeg\ulmpgtrans.ax"
+ "Ulead MPEG Video Decoder" "MPEG Video and Audio Decoder" "ULead Systems" "c:\program files (x86)\common files\ulead systems\mpeg\uldsmpeg.ax"
+ "Ulead MPEG-4 ASP Video Decoder" "MP4 ASP Video Decoder Filter" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\ulaspvdmp4.ax"
+ "Ulead MPEG-4 Encoder" "MP4 Encoder Filter" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\ulmp4enc.ax"
+ "Ulead MPEG-4 Splitter" "MP4 Splitter Filter" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\ulspmp4.ax"
+ "Ulead MPEG-4 Video Decoder" "MP4 Video Decoder Filter" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\ulvdmp4.ax"
+ "Ulead Ogg Parser" "ulOggParserFilter" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\uloggparserfilter.ax"
+ "Ulead OggVorbis Decoder" "ulOggVorbisDecoderFilter" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\uloggvorbisdecoderfilter.ax"
+ "Ulead OggVorbis Encoder" "ulOggVorbisEncoderFilter" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\uloggvorbisencoderfilter.ax"
+ "Ulead Push Source Filter" "Ulead Push Source Filter" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\ulpushsource.ax"
+ "Ulead Sub-Picture Push Source Filter" "Ulead Sub-Picture Push Source Filter" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\ulsubpicpushsource.ax"
+ "Ulead Video Deinterlace Filter" "" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\filters\deinterlace.ax"
+ "WAV Dest" "" "" "c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\clml\wavdest.ax"
+ "Xiph.Org Vorbis Decoder" "" "" "File not found: C:\Program Files (x86)\ManyCam\Bin\dsfVorbisDecoder.dll"
+ "Xiph.Org Vorbis Encoder" "" "" "File not found: C:\Program Files (x86)\ManyCam\Bin\dsfVorbisEncoder.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:34 AM

Posted 13 January 2013 - 06:05 PM

Now run RKILL given in previous instructions and post the new log

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log

Edited by narenxp, 15 January 2013 - 09:49 PM.


#7 SoundsOfSand

SoundsOfSand
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:34 AM

Posted 15 January 2013 - 08:44 PM

RKILL RESULTS:
Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/15/2013 04:02:34 PM in x64 mode.
Windows Version: Windows Vista ™ Home Premium Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\system32\TODDSrv.exe (PID: 1560) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Firewall Authorization Driver (mpsdrv) is not Running.
Startup Type set to: Manual

* BFE [Missing Service]
* iphlpsvc [Missing Service]
* MpsSvc [Missing Service]
* WinDefend [Missing Service]
* wscsvc [Missing Service]

* SharedAccess [Missing ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost
::1 localhost

Program finished at: 01/15/2013 04:02:56 PM
Execution time: 0 hours(s), 0 minute(s), and 21 seconds(s)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



FSS RESULTS:
Farbar Service Scanner Version: 05-01-2013
Ran by Adam (administrator) on 15-01-2013 at 16:17:23
Running from "C:\Users\Adam\Documents\ComputerCheck"
Windows Vista ™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcsvc.dll
[2009-12-03 12:00] - [2009-04-11 01:11] - 0268288 ____A (Microsoft Corporation) 3ED0321127CE70ACDAABBF77E157C2A7

C:\Windows\System32\drivers\afd.sys
[2012-02-15 09:49] - [2012-01-03 08:25] - 0404992 ____A (Microsoft Corporation) C4F6CE6087760AD70960C9EB130E7943

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-05-09 05:41] - [2012-03-30 06:45] - 1423744 ____A (Microsoft Corporation) 46D448E9117464E4D3BBF36D7E3FA48E

C:\Windows\System32\dnsrslvr.dll
[2011-04-13 13:47] - [2011-03-02 10:12] - 0117760 ____A (Microsoft Corporation) 06230F1B721494A6DF8D47FD395BB1B0

C:\Windows\System32\mpssvc.dll
[2009-12-03 12:00] - [2009-04-11 01:11] - 0603136 ____A (Microsoft Corporation) 897E3BAF68BA406A61682AE39C83900C

C:\Windows\System32\bfe.dll
[2009-12-03 11:59] - [2009-04-11 01:11] - 0458240 ____A (Microsoft Corporation) FFB96C2589FFA60473EAD78B39FBDE29

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe
[2009-12-03 12:01] - [2009-04-11 01:11] - 1433600 ____A (Microsoft Corporation) B75232DAD33BFD95BF6F0A3E6BFF51E1

C:\Windows\System32\wscsvc.dll
[2009-12-03 11:59] - [2009-04-11 01:11] - 0074752 ____A (Microsoft Corporation) 9EA3E6D0EF7A5C2B9181961052A4B01A

C:\Windows\System32\wbem\WMIsvc.dll
[2009-12-03 12:00] - [2009-04-11 01:11] - 0221696 ____A (Microsoft Corporation) D2E7296ED1BD26D8DB2799770C077A02

C:\Windows\System32\wuaueng.dll
[2009-10-30 06:34] - [2009-08-06 20:24] - 2424024 ____A (Microsoft Corporation) FB3796754FE00F0BDC87A36F164A5F4D

C:\Windows\System32\qmgr.dll
[2009-12-03 12:01] - [2009-04-11 01:11] - 1081856 ____A (Microsoft Corporation) 6D316F4859634071CC25C4FD4589AD2C

C:\Windows\System32\es.dll
[2009-12-03 12:00] - [2009-04-11 01:11] - 0361984 ____A (Microsoft Corporation) E12F22B73F153DECE721CD45EC05B4AF

C:\Windows\System32\cryptsvc.dll
[2012-06-13 10:47] - [2012-04-23 10:25] - 0174592 ____A (Microsoft Corporation) 62740B9D2A137E8CED41A9E4239A7A31

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2009-12-03 12:01] - [2009-04-11 01:11] - 0719872 ____A (Microsoft Corporation) CF8B9A3A5E7DC57724A89D0C3E8CF9EF



**** End of log ****

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:34 AM

Posted 15 January 2013 - 09:49 PM

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users