Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Live Security Platform


  • Please log in to reply
18 replies to this topic

#1 mercuryrsng

mercuryrsng

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:01:51 AM

Posted 22 August 2012 - 10:01 AM

I am trying to clean out a Windows 7 laptop that had Live Security Platinum on it. It was blocking all kinds of services, including accessing the internet. I ran Malwarebytes Anti Malware and it found a bunch of trojans. I can post that log. The computer is working MUCH better but I just want to make sure that I have everything cleared out.

Any advice?

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:51 AM

Posted 22 August 2012 - 11:08 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 mercuryrsng

mercuryrsng
  • Topic Starter

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:01:51 AM

Posted 22 August 2012 - 03:28 PM

Hey,

For starters, I should let you know that I accidentally titled this post "Live Security Platform" but it should have been "Live Security Platinum".

Also, ESET was forced to close the first time that I ran it, so I have 2 result entries. I will list them both.


13:06:30.0010 3940 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
13:06:30.0306 3940 ============================================================
13:06:30.0306 3940 Current date / time: 2012/08/22 13:06:30.0306
13:06:30.0306 3940 SystemInfo:
13:06:30.0306 3940
13:06:30.0306 3940 OS Version: 6.1.7601 ServicePack: 1.0
13:06:30.0306 3940 Product type: Workstation
13:06:30.0307 3940 ComputerName: OWNER-PC
13:06:30.0307 3940 UserName: Owner
13:06:30.0307 3940 Windows directory: C:\windows
13:06:30.0307 3940 System windows directory: C:\windows
13:06:30.0307 3940 Running under WOW64
13:06:30.0307 3940 Processor architecture: Intel x64
13:06:30.0307 3940 Number of processors: 4
13:06:30.0307 3940 Page size: 0x1000
13:06:30.0307 3940 Boot type: Normal boot
13:06:30.0307 3940 ============================================================
13:06:30.0759 3940 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:06:30.0763 3940 ============================================================
13:06:30.0763 3940 \Device\Harddisk0\DR0:
13:06:30.0764 3940 MBR partitions:
13:06:30.0764 3940 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x3880B800
13:06:30.0764 3940 ============================================================
13:06:30.0800 3940 C: <-> \Device\Harddisk0\DR0\Partition1
13:06:30.0800 3940 ============================================================
13:06:30.0801 3940 Initialize success
13:06:30.0801 3940 ============================================================
13:06:44.0570 5972 ============================================================
13:06:44.0570 5972 Scan started
13:06:44.0570 5972 Mode: Manual; TDLFS;
13:06:44.0570 5972 ============================================================
13:06:47.0488 5972 ================ Scan system memory ========================
13:06:47.0488 5972 System memory - ok
13:06:47.0489 5972 ================ Scan services =============================
13:06:47.0691 5972 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
13:06:47.0697 5972 1394ohci - ok
13:06:47.0733 5972 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
13:06:47.0741 5972 ACPI - ok
13:06:47.0776 5972 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
13:06:47.0778 5972 AcpiPmi - ok
13:06:47.0907 5972 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:06:47.0912 5972 AdobeFlashPlayerUpdateSvc - ok
13:06:47.0985 5972 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
13:06:47.0993 5972 adp94xx - ok
13:06:48.0030 5972 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
13:06:48.0036 5972 adpahci - ok
13:06:48.0083 5972 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
13:06:48.0087 5972 adpu320 - ok
13:06:48.0119 5972 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
13:06:48.0121 5972 AeLookupSvc - ok
13:06:48.0194 5972 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
13:06:48.0205 5972 AFD - ok
13:06:48.0253 5972 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
13:06:48.0254 5972 agp440 - ok
13:06:48.0299 5972 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
13:06:48.0300 5972 ALG - ok
13:06:48.0353 5972 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
13:06:48.0355 5972 aliide - ok
13:06:48.0361 5972 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
13:06:48.0363 5972 amdide - ok
13:06:48.0373 5972 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
13:06:48.0375 5972 AmdK8 - ok
13:06:48.0381 5972 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
13:06:48.0383 5972 AmdPPM - ok
13:06:48.0417 5972 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
13:06:48.0420 5972 amdsata - ok
13:06:48.0428 5972 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
13:06:48.0432 5972 amdsbs - ok
13:06:48.0453 5972 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
13:06:48.0454 5972 amdxata - ok
13:06:48.0551 5972 [ 1B7D1F0A0DFADBC797C16364792A7AA5 ] Amsp C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
13:06:48.0558 5972 Amsp - ok
13:06:48.0590 5972 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
13:06:48.0593 5972 AppID - ok
13:06:48.0623 5972 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
13:06:48.0626 5972 AppIDSvc - ok
13:06:48.0668 5972 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
13:06:48.0671 5972 Appinfo - ok
13:06:48.0874 5972 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:06:48.0877 5972 Apple Mobile Device - ok
13:06:48.0903 5972 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
13:06:48.0905 5972 arc - ok
13:06:48.0919 5972 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
13:06:48.0921 5972 arcsas - ok
13:06:48.0942 5972 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
13:06:48.0943 5972 AsyncMac - ok
13:06:48.0975 5972 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
13:06:48.0976 5972 atapi - ok
13:06:49.0027 5972 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
13:06:49.0035 5972 AudioEndpointBuilder - ok
13:06:49.0047 5972 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
13:06:49.0053 5972 AudioSrv - ok
13:06:49.0090 5972 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
13:06:49.0092 5972 AxInstSV - ok
13:06:49.0132 5972 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
13:06:49.0137 5972 b06bdrv - ok
13:06:49.0177 5972 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
13:06:49.0181 5972 b57nd60a - ok
13:06:49.0237 5972 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
13:06:49.0239 5972 BDESVC - ok
13:06:49.0276 5972 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
13:06:49.0277 5972 Beep - ok
13:06:49.0291 5972 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
13:06:49.0292 5972 blbdrive - ok
13:06:49.0371 5972 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:06:49.0381 5972 Bonjour Service - ok
13:06:49.0395 5972 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
13:06:49.0397 5972 bowser - ok
13:06:49.0412 5972 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
13:06:49.0413 5972 BrFiltLo - ok
13:06:49.0426 5972 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
13:06:49.0427 5972 BrFiltUp - ok
13:06:49.0453 5972 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\windows\System32\browser.dll
13:06:49.0456 5972 Browser - ok
13:06:49.0481 5972 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
13:06:49.0485 5972 Brserid - ok
13:06:49.0488 5972 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
13:06:49.0490 5972 BrSerWdm - ok
13:06:49.0495 5972 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
13:06:49.0496 5972 BrUsbMdm - ok
13:06:49.0499 5972 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
13:06:49.0500 5972 BrUsbSer - ok
13:06:49.0504 5972 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
13:06:49.0505 5972 BTHMODEM - ok
13:06:49.0536 5972 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
13:06:49.0538 5972 bthserv - ok
13:06:49.0563 5972 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
13:06:49.0565 5972 cdfs - ok
13:06:49.0615 5972 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
13:06:49.0617 5972 cdrom - ok
13:06:49.0651 5972 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
13:06:49.0653 5972 CertPropSvc - ok
13:06:49.0693 5972 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
13:06:49.0695 5972 circlass - ok
13:06:49.0760 5972 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
13:06:49.0764 5972 CLFS - ok
13:06:49.0803 5972 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:06:49.0805 5972 clr_optimization_v2.0.50727_32 - ok
13:06:49.0853 5972 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:06:49.0855 5972 clr_optimization_v2.0.50727_64 - ok
13:06:49.0927 5972 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:06:49.0929 5972 clr_optimization_v4.0.30319_32 - ok
13:06:49.0950 5972 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:06:49.0953 5972 clr_optimization_v4.0.30319_64 - ok
13:06:49.0988 5972 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
13:06:49.0989 5972 CmBatt - ok
13:06:50.0007 5972 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
13:06:50.0009 5972 cmdide - ok
13:06:50.0040 5972 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
13:06:50.0046 5972 CNG - ok
13:06:50.0146 5972 [ A260BE645DD096D90318C8CF98536720 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
13:06:50.0158 5972 CnxtHdAudService - ok
13:06:50.0177 5972 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
13:06:50.0178 5972 Compbatt - ok
13:06:50.0202 5972 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
13:06:50.0203 5972 CompositeBus - ok
13:06:50.0211 5972 COMSysApp - ok
13:06:50.0223 5972 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
13:06:50.0224 5972 crcdisk - ok
13:06:50.0262 5972 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\windows\system32\cryptsvc.dll
13:06:50.0265 5972 CryptSvc - ok
13:06:50.0402 5972 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
13:06:50.0416 5972 cvhsvc - ok
13:06:50.0476 5972 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
13:06:50.0486 5972 DcomLaunch - ok
13:06:50.0513 5972 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
13:06:50.0517 5972 defragsvc - ok
13:06:50.0549 5972 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
13:06:50.0550 5972 DfsC - ok
13:06:50.0604 5972 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
13:06:50.0608 5972 Dhcp - ok
13:06:50.0642 5972 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
13:06:50.0642 5972 discache - ok
13:06:50.0660 5972 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
13:06:50.0661 5972 Disk - ok
13:06:50.0706 5972 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
13:06:50.0709 5972 Dnscache - ok
13:06:50.0729 5972 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
13:06:50.0732 5972 dot3svc - ok
13:06:50.0737 5972 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
13:06:50.0739 5972 DPS - ok
13:06:50.0766 5972 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
13:06:50.0767 5972 drmkaud - ok
13:06:50.0805 5972 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
13:06:50.0811 5972 DXGKrnl - ok
13:06:50.0856 5972 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
13:06:50.0858 5972 EapHost - ok
13:06:50.0961 5972 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
13:06:51.0026 5972 ebdrv - ok
13:06:51.0047 5972 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
13:06:51.0048 5972 EFS - ok
13:06:51.0108 5972 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
13:06:51.0115 5972 ehRecvr - ok
13:06:51.0134 5972 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
13:06:51.0137 5972 ehSched - ok
13:06:51.0176 5972 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
13:06:51.0182 5972 elxstor - ok
13:06:51.0186 5972 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
13:06:51.0187 5972 ErrDev - ok
13:06:51.0221 5972 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
13:06:51.0225 5972 EventSystem - ok
13:06:51.0247 5972 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
13:06:51.0254 5972 exfat - ok
13:06:51.0285 5972 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
13:06:51.0288 5972 fastfat - ok
13:06:51.0328 5972 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
13:06:51.0337 5972 Fax - ok
13:06:51.0352 5972 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
13:06:51.0353 5972 fdc - ok
13:06:51.0389 5972 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
13:06:51.0390 5972 fdPHost - ok
13:06:51.0407 5972 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
13:06:51.0409 5972 FDResPub - ok
13:06:51.0440 5972 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
13:06:51.0441 5972 FileInfo - ok
13:06:51.0452 5972 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
13:06:51.0454 5972 Filetrace - ok
13:06:51.0465 5972 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
13:06:51.0466 5972 flpydisk - ok
13:06:51.0488 5972 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
13:06:51.0491 5972 FltMgr - ok
13:06:51.0544 5972 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
13:06:51.0562 5972 FontCache - ok
13:06:51.0608 5972 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:06:51.0609 5972 FontCache3.0.0.0 - ok
13:06:51.0642 5972 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
13:06:51.0643 5972 FsDepends - ok
13:06:51.0677 5972 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
13:06:51.0678 5972 Fs_Rec - ok
13:06:51.0705 5972 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
13:06:51.0708 5972 fvevol - ok
13:06:51.0736 5972 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] FwLnk C:\windows\system32\DRIVERS\FwLnk.sys
13:06:51.0737 5972 FwLnk - ok
13:06:51.0765 5972 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
13:06:51.0767 5972 gagp30kx - ok
13:06:51.0853 5972 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
13:06:51.0856 5972 GamesAppService - ok
13:06:51.0895 5972 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
13:06:51.0897 5972 GEARAspiWDM - ok
13:06:51.0940 5972 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
13:06:51.0948 5972 gpsvc - ok
13:06:51.0991 5972 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:06:51.0994 5972 gupdate - ok
13:06:52.0010 5972 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:06:52.0013 5972 gupdatem - ok
13:06:52.0041 5972 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
13:06:52.0044 5972 gusvc - ok
13:06:52.0074 5972 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
13:06:52.0075 5972 hcw85cir - ok
13:06:52.0112 5972 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
13:06:52.0116 5972 HdAudAddService - ok
13:06:52.0156 5972 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
13:06:52.0158 5972 HDAudBus - ok
13:06:52.0162 5972 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
13:06:52.0164 5972 HidBatt - ok
13:06:52.0191 5972 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
13:06:52.0193 5972 HidBth - ok
13:06:52.0199 5972 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
13:06:52.0200 5972 HidIr - ok
13:06:52.0233 5972 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
13:06:52.0235 5972 hidserv - ok
13:06:52.0284 5972 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
13:06:52.0285 5972 HidUsb - ok
13:06:52.0313 5972 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
13:06:52.0315 5972 hkmsvc - ok
13:06:52.0324 5972 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
13:06:52.0328 5972 HomeGroupListener - ok
13:06:52.0360 5972 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
13:06:52.0364 5972 HomeGroupProvider - ok
13:06:52.0397 5972 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
13:06:52.0399 5972 HpSAMD - ok
13:06:52.0445 5972 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
13:06:52.0453 5972 HTTP - ok
13:06:52.0466 5972 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
13:06:52.0467 5972 hwpolicy - ok
13:06:52.0501 5972 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
13:06:52.0503 5972 i8042prt - ok
13:06:52.0559 5972 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
13:06:52.0563 5972 iaStor - ok
13:06:52.0603 5972 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
13:06:52.0608 5972 iaStorV - ok
13:06:52.0696 5972 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:06:52.0714 5972 idsvc - ok
13:06:53.0022 5972 [ 370C2A8629B30F910F740387795DDC6F ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
13:06:53.0294 5972 igfx - ok
13:06:53.0325 5972 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
13:06:53.0326 5972 iirsp - ok
13:06:53.0385 5972 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
13:06:53.0394 5972 IKEEXT - ok
13:06:53.0414 5972 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
13:06:53.0415 5972 intelide - ok
13:06:53.0465 5972 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
13:06:53.0466 5972 intelppm - ok
13:06:53.0484 5972 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
13:06:53.0487 5972 IPBusEnum - ok
13:06:53.0506 5972 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
13:06:53.0507 5972 IpFilterDriver - ok
13:06:53.0511 5972 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
13:06:53.0513 5972 IPMIDRV - ok
13:06:53.0539 5972 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
13:06:53.0541 5972 IPNAT - ok
13:06:53.0621 5972 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:06:53.0631 5972 iPod Service - ok
13:06:53.0649 5972 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
13:06:53.0650 5972 IRENUM - ok
13:06:53.0700 5972 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
13:06:53.0703 5972 isapnp - ok
13:06:53.0729 5972 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
13:06:53.0733 5972 iScsiPrt - ok
13:06:53.0759 5972 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
13:06:53.0760 5972 kbdclass - ok
13:06:53.0793 5972 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
13:06:53.0795 5972 kbdhid - ok
13:06:53.0813 5972 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
13:06:53.0815 5972 KeyIso - ok
13:06:53.0845 5972 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
13:06:53.0847 5972 KSecDD - ok
13:06:53.0889 5972 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
13:06:53.0892 5972 KSecPkg - ok
13:06:53.0922 5972 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
13:06:53.0923 5972 ksthunk - ok
13:06:53.0960 5972 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
13:06:53.0968 5972 KtmRm - ok
13:06:54.0003 5972 [ 045FB70BC993B691517CE309045FF02D ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
13:06:54.0004 5972 L1C - ok
13:06:54.0058 5972 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
13:06:54.0063 5972 LanmanServer - ok
13:06:54.0099 5972 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
13:06:54.0103 5972 LanmanWorkstation - ok
13:06:54.0138 5972 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
13:06:54.0140 5972 lltdio - ok
13:06:54.0201 5972 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
13:06:54.0206 5972 lltdsvc - ok
13:06:54.0250 5972 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
13:06:54.0252 5972 lmhosts - ok
13:06:54.0313 5972 [ 98B16E756243BEA9410E32025B19C06F ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
13:06:54.0317 5972 LMS - ok
13:06:54.0344 5972 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
13:06:54.0346 5972 LSI_FC - ok
13:06:54.0361 5972 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
13:06:54.0363 5972 LSI_SAS - ok
13:06:54.0369 5972 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
13:06:54.0371 5972 LSI_SAS2 - ok
13:06:54.0386 5972 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
13:06:54.0388 5972 LSI_SCSI - ok
13:06:54.0420 5972 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
13:06:54.0422 5972 luafv - ok
13:06:54.0468 5972 [ 024DA28053D57E9E32BEE52600576BBB ] MarvinBus C:\windows\system32\DRIVERS\MarvinBus64.sys
13:06:54.0471 5972 MarvinBus - ok
13:06:54.0506 5972 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
13:06:54.0509 5972 Mcx2Svc - ok
13:06:54.0534 5972 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
13:06:54.0536 5972 megasas - ok
13:06:54.0566 5972 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
13:06:54.0570 5972 MegaSR - ok
13:06:54.0607 5972 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
13:06:54.0609 5972 MEIx64 - ok
13:06:54.0640 5972 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
13:06:54.0642 5972 MMCSS - ok
13:06:54.0655 5972 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
13:06:54.0657 5972 Modem - ok
13:06:54.0689 5972 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
13:06:54.0690 5972 monitor - ok
13:06:54.0713 5972 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
13:06:54.0714 5972 mouclass - ok
13:06:54.0720 5972 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
13:06:54.0721 5972 mouhid - ok
13:06:54.0736 5972 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
13:06:54.0738 5972 mountmgr - ok
13:06:54.0755 5972 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
13:06:54.0765 5972 mpio - ok
13:06:54.0781 5972 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
13:06:54.0783 5972 mpsdrv - ok
13:06:54.0790 5972 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
13:06:54.0793 5972 MRxDAV - ok
13:06:54.0817 5972 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
13:06:54.0819 5972 mrxsmb - ok
13:06:54.0851 5972 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
13:06:54.0855 5972 mrxsmb10 - ok
13:06:54.0872 5972 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
13:06:54.0874 5972 mrxsmb20 - ok
13:06:54.0891 5972 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\DRIVERS\msahci.sys
13:06:54.0892 5972 msahci - ok
13:06:54.0907 5972 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
13:06:54.0909 5972 msdsm - ok
13:06:54.0921 5972 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
13:06:54.0923 5972 MSDTC - ok
13:06:54.0972 5972 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
13:06:54.0973 5972 Msfs - ok
13:06:54.0995 5972 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
13:06:54.0996 5972 mshidkmdf - ok
13:06:54.0999 5972 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
13:06:55.0000 5972 msisadrv - ok
13:06:55.0020 5972 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
13:06:55.0023 5972 MSiSCSI - ok
13:06:55.0026 5972 msiserver - ok
13:06:55.0060 5972 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
13:06:55.0061 5972 MSKSSRV - ok
13:06:55.0078 5972 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
13:06:55.0079 5972 MSPCLOCK - ok
13:06:55.0097 5972 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
13:06:55.0098 5972 MSPQM - ok
13:06:55.0115 5972 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
13:06:55.0120 5972 MsRPC - ok
13:06:55.0137 5972 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
13:06:55.0138 5972 mssmbios - ok
13:06:55.0161 5972 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
13:06:55.0162 5972 MSTEE - ok
13:06:55.0172 5972 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
13:06:55.0174 5972 MTConfig - ok
13:06:55.0186 5972 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
13:06:55.0187 5972 Mup - ok
13:06:55.0227 5972 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
13:06:55.0233 5972 napagent - ok
13:06:55.0285 5972 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
13:06:55.0289 5972 NativeWifiP - ok
13:06:55.0330 5972 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\windows\system32\drivers\ndis.sys
13:06:55.0339 5972 NDIS - ok
13:06:55.0356 5972 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
13:06:55.0357 5972 NdisCap - ok
13:06:55.0397 5972 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
13:06:55.0398 5972 NdisTapi - ok
13:06:55.0405 5972 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
13:06:55.0406 5972 Ndisuio - ok
13:06:55.0418 5972 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
13:06:55.0421 5972 NdisWan - ok
13:06:55.0432 5972 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
13:06:55.0433 5972 NDProxy - ok
13:06:55.0445 5972 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
13:06:55.0446 5972 NetBIOS - ok
13:06:55.0483 5972 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
13:06:55.0486 5972 NetBT - ok
13:06:55.0502 5972 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
13:06:55.0503 5972 Netlogon - ok
13:06:55.0542 5972 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
13:06:55.0547 5972 Netman - ok
13:06:55.0564 5972 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
13:06:55.0570 5972 netprofm - ok
13:06:55.0601 5972 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:06:55.0603 5972 NetTcpPortSharing - ok
13:06:55.0628 5972 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
13:06:55.0630 5972 nfrd960 - ok
13:06:55.0672 5972 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
13:06:55.0677 5972 NlaSvc - ok
13:06:55.0717 5972 Norton PC Checkup Application Launcher - ok
13:06:55.0729 5972 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
13:06:55.0730 5972 Npfs - ok
13:06:55.0749 5972 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
13:06:55.0751 5972 nsi - ok
13:06:55.0772 5972 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
13:06:55.0772 5972 nsiproxy - ok
13:06:55.0839 5972 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
13:06:55.0855 5972 Ntfs - ok
13:06:55.0887 5972 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
13:06:55.0888 5972 Null - ok
13:06:55.0914 5972 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
13:06:55.0916 5972 nvraid - ok
13:06:55.0921 5972 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
13:06:55.0924 5972 nvstor - ok
13:06:55.0939 5972 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
13:06:55.0941 5972 nv_agp - ok
13:06:55.0945 5972 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
13:06:55.0946 5972 ohci1394 - ok
13:06:55.0987 5972 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:06:55.0990 5972 ose - ok
13:06:56.0195 5972 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:06:56.0328 5972 osppsvc - ok
13:06:56.0357 5972 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
13:06:56.0361 5972 p2pimsvc - ok
13:06:56.0378 5972 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
13:06:56.0384 5972 p2psvc - ok
13:06:56.0413 5972 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
13:06:56.0415 5972 Parport - ok
13:06:56.0447 5972 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
13:06:56.0448 5972 partmgr - ok
13:06:56.0484 5972 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
13:06:56.0488 5972 PcaSvc - ok
13:06:56.0521 5972 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
13:06:56.0522 5972 PCCUJobMgr - ok
13:06:56.0554 5972 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
13:06:56.0556 5972 pci - ok
13:06:56.0572 5972 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
13:06:56.0573 5972 pciide - ok
13:06:56.0595 5972 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
13:06:56.0599 5972 pcmcia - ok
13:06:56.0617 5972 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
13:06:56.0618 5972 pcw - ok
13:06:56.0643 5972 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
13:06:56.0651 5972 PEAUTH - ok
13:06:56.0703 5972 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
13:06:56.0705 5972 PerfHost - ok
13:06:56.0739 5972 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
13:06:56.0740 5972 PGEffect - ok
13:06:56.0798 5972 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
13:06:56.0817 5972 pla - ok
13:06:56.0861 5972 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
13:06:56.0869 5972 PlugPlay - ok
13:06:56.0895 5972 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
13:06:56.0898 5972 PNRPAutoReg - ok
13:06:56.0913 5972 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
13:06:56.0918 5972 PNRPsvc - ok
13:06:56.0954 5972 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
13:06:56.0965 5972 PolicyAgent - ok
13:06:57.0007 5972 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
13:06:57.0011 5972 Power - ok
13:06:57.0054 5972 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
13:06:57.0056 5972 PptpMiniport - ok
13:06:57.0069 5972 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
13:06:57.0071 5972 Processor - ok
13:06:57.0115 5972 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
13:06:57.0119 5972 ProfSvc - ok
13:06:57.0135 5972 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
13:06:57.0137 5972 ProtectedStorage - ok
13:06:57.0154 5972 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
13:06:57.0156 5972 Psched - ok
13:06:57.0228 5972 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
13:06:57.0249 5972 ql2300 - ok
13:06:57.0259 5972 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
13:06:57.0261 5972 ql40xx - ok
13:06:57.0298 5972 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
13:06:57.0302 5972 QWAVE - ok
13:06:57.0330 5972 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
13:06:57.0332 5972 QWAVEdrv - ok
13:06:57.0348 5972 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
13:06:57.0349 5972 RasAcd - ok
13:06:57.0386 5972 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
13:06:57.0387 5972 RasAgileVpn - ok
13:06:57.0416 5972 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
13:06:57.0420 5972 RasAuto - ok
13:06:57.0446 5972 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
13:06:57.0447 5972 Rasl2tp - ok
13:06:57.0465 5972 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
13:06:57.0471 5972 RasMan - ok
13:06:57.0492 5972 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
13:06:57.0493 5972 RasPppoe - ok
13:06:57.0507 5972 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
13:06:57.0508 5972 RasSstp - ok
13:06:57.0529 5972 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
13:06:57.0533 5972 rdbss - ok
13:06:57.0569 5972 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
13:06:57.0570 5972 rdpbus - ok
13:06:57.0580 5972 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
13:06:57.0581 5972 RDPCDD - ok
13:06:57.0603 5972 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
13:06:57.0604 5972 RDPENCDD - ok
13:06:57.0629 5972 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
13:06:57.0630 5972 RDPREFMP - ok
13:06:57.0671 5972 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
13:06:57.0674 5972 RDPWD - ok
13:06:57.0709 5972 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
13:06:57.0712 5972 rdyboost - ok
13:06:57.0736 5972 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
13:06:57.0739 5972 RemoteAccess - ok
13:06:57.0758 5972 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
13:06:57.0762 5972 RemoteRegistry - ok
13:06:57.0771 5972 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
13:06:57.0774 5972 RpcEptMapper - ok
13:06:57.0805 5972 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
13:06:57.0807 5972 RpcLocator - ok
13:06:57.0842 5972 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
13:06:57.0847 5972 RpcSs - ok
13:06:57.0888 5972 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
13:06:57.0889 5972 rspndr - ok
13:06:57.0931 5972 [ 0E3DCF76F11DC431B088A2DFD7265CDA ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
13:06:57.0934 5972 RSUSBSTOR - ok
13:06:57.0969 5972 [ 64FDF4FE366CA42DA2B7D9D424B6E39B ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
13:06:57.0976 5972 RTL8192Ce - ok
13:06:57.0991 5972 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
13:06:57.0992 5972 SamSs - ok
13:06:58.0006 5972 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
13:06:58.0008 5972 sbp2port - ok
13:06:58.0054 5972 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
13:06:58.0057 5972 SCardSvr - ok
13:06:58.0089 5972 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
13:06:58.0091 5972 scfilter - ok
13:06:58.0127 5972 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
13:06:58.0140 5972 Schedule - ok
13:06:58.0162 5972 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
13:06:58.0163 5972 SCPolicySvc - ok
13:06:58.0183 5972 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
13:06:58.0187 5972 SDRSVC - ok
13:06:58.0214 5972 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
13:06:58.0215 5972 secdrv - ok
13:06:58.0234 5972 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
13:06:58.0236 5972 seclogon - ok
13:06:58.0246 5972 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
13:06:58.0248 5972 SENS - ok
13:06:58.0279 5972 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
13:06:58.0281 5972 SensrSvc - ok
13:06:58.0301 5972 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
13:06:58.0312 5972 Serenum - ok
13:06:58.0350 5972 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
13:06:58.0352 5972 Serial - ok
13:06:58.0359 5972 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
13:06:58.0360 5972 sermouse - ok
13:06:58.0389 5972 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
13:06:58.0392 5972 SessionEnv - ok
13:06:58.0395 5972 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
13:06:58.0396 5972 sffdisk - ok
13:06:58.0399 5972 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
13:06:58.0401 5972 sffp_mmc - ok
13:06:58.0404 5972 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
13:06:58.0406 5972 sffp_sd - ok
13:06:58.0409 5972 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
13:06:58.0410 5972 sfloppy - ok
13:06:58.0470 5972 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
13:06:58.0475 5972 Sftfs - ok
13:06:58.0557 5972 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
13:06:58.0563 5972 sftlist - ok
13:06:58.0656 5972 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
13:06:58.0659 5972 Sftplay - ok
13:06:58.0692 5972 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
13:06:58.0693 5972 Sftredir - ok
13:06:58.0712 5972 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
13:06:58.0713 5972 Sftvol - ok
13:06:58.0752 5972 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
13:06:58.0756 5972 sftvsa - ok
13:06:58.0788 5972 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
13:06:58.0794 5972 ShellHWDetection - ok
13:06:58.0820 5972 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
13:06:58.0821 5972 SiSRaid2 - ok
13:06:58.0826 5972 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
13:06:58.0828 5972 SiSRaid4 - ok
13:06:59.0028 5972 [ 0F97E7A47A52F4A36969F0FC319654C2 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
13:06:59.0104 5972 Skype C2C Service - ok
13:06:59.0155 5972 [ 68EA68D03BF58389FE6AD2B38FAD798C ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:06:59.0157 5972 SkypeUpdate - ok
13:06:59.0191 5972 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
13:06:59.0193 5972 Smb - ok
13:06:59.0225 5972 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
13:06:59.0227 5972 SNMPTRAP - ok
13:06:59.0236 5972 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
13:06:59.0237 5972 spldr - ok
13:06:59.0260 5972 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\windows\System32\spoolsv.exe
13:06:59.0267 5972 Spooler - ok
13:06:59.0352 5972 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
13:06:59.0408 5972 sppsvc - ok
13:06:59.0425 5972 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
13:06:59.0428 5972 sppuinotify - ok
13:06:59.0461 5972 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
13:06:59.0466 5972 srv - ok
13:06:59.0486 5972 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
13:06:59.0491 5972 srv2 - ok
13:06:59.0525 5972 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
13:06:59.0528 5972 srvnet - ok
13:06:59.0570 5972 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
13:06:59.0574 5972 SSDPSRV - ok
13:06:59.0588 5972 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
13:06:59.0591 5972 SstpSvc - ok
13:06:59.0609 5972 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
13:06:59.0610 5972 stexstor - ok
13:06:59.0663 5972 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
13:06:59.0671 5972 stisvc - ok
13:06:59.0696 5972 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
13:06:59.0697 5972 swenum - ok
13:06:59.0731 5972 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
13:06:59.0738 5972 swprv - ok
13:06:59.0769 5972 [ 470C47DABA9CA3966F0AB3F835D7D135 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
13:06:59.0771 5972 SynTP - ok
13:06:59.0827 5972 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
13:06:59.0847 5972 SysMain - ok
13:06:59.0878 5972 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
13:06:59.0881 5972 TabletInputService - ok
13:06:59.0898 5972 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
13:06:59.0903 5972 TapiSrv - ok
13:06:59.0920 5972 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
13:06:59.0922 5972 TBS - ok
13:06:59.0983 5972 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\windows\system32\drivers\tcpip.sys
13:07:00.0005 5972 Tcpip - ok
13:07:00.0043 5972 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
13:07:00.0055 5972 TCPIP6 - ok
13:07:00.0108 5972 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
13:07:00.0110 5972 tcpipreg - ok
13:07:00.0131 5972 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
13:07:00.0132 5972 tdcmdpst - ok
13:07:00.0144 5972 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
13:07:00.0145 5972 TDPIPE - ok
13:07:00.0178 5972 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
13:07:00.0180 5972 TDTCP - ok
13:07:00.0214 5972 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
13:07:00.0216 5972 tdx - ok
13:07:00.0231 5972 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
13:07:00.0232 5972 TermDD - ok
13:07:00.0273 5972 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
13:07:00.0281 5972 TermService - ok
13:07:00.0298 5972 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
13:07:00.0300 5972 Themes - ok
13:07:00.0317 5972 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
13:07:00.0318 5972 THREADORDER - ok
13:07:00.0387 5972 [ 71C321649B28638EE80A2EEB164C1DC8 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
13:07:00.0388 5972 TMachInfo - ok
13:07:00.0429 5972 [ E386DD8EC68C67CA3E2A3ABDC1DF5C56 ] tmactmon C:\windows\system32\DRIVERS\tmactmon.sys
13:07:00.0430 5972 tmactmon - ok
13:07:00.0462 5972 [ AB011C569487FD65C8944DDF8CBB2572 ] tmcomm C:\windows\system32\DRIVERS\tmcomm.sys
13:07:00.0464 5972 tmcomm - ok
13:07:00.0488 5972 [ 8870A3D7305455B47ADCCD226F8E51BC ] tmevtmgr C:\windows\system32\DRIVERS\tmevtmgr.sys
13:07:00.0491 5972 tmevtmgr - ok
13:07:00.0529 5972 [ 065CB7D9278D778FB9EF62CEAD01433F ] tmtdi C:\windows\system32\DRIVERS\tmtdi.sys
13:07:00.0531 5972 tmtdi - ok
13:07:00.0558 5972 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\windows\system32\TODDSrv.exe
13:07:00.0563 5972 TODDSrv - ok
13:07:00.0626 5972 [ 1C73689B900428C7D054A41C4687F55C ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
13:07:00.0635 5972 TosCoSrv - ok
13:07:00.0685 5972 [ 29D0886CF250FCEF1BF9E65AB8D2C0C8 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
13:07:00.0687 5972 TOSHIBA HDD SSD Alert Service - ok
13:07:00.0740 5972 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys
13:07:00.0747 5972 tos_sps64 - ok
13:07:00.0776 5972 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
13:07:00.0780 5972 TrkWks - ok
13:07:00.0824 5972 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
13:07:00.0828 5972 TrustedInstaller - ok
13:07:00.0856 5972 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
13:07:00.0857 5972 tssecsrv - ok
13:07:00.0884 5972 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
13:07:00.0886 5972 TsUsbFlt - ok
13:07:00.0894 5972 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
13:07:00.0895 5972 TsUsbGD - ok
13:07:00.0931 5972 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
13:07:00.0934 5972 tunnel - ok
13:07:00.0968 5972 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
13:07:00.0969 5972 TVALZ - ok
13:07:00.0992 5972 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
13:07:00.0994 5972 uagp35 - ok
13:07:01.0023 5972 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
13:07:01.0028 5972 udfs - ok
13:07:01.0067 5972 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
13:07:01.0070 5972 UI0Detect - ok
13:07:01.0093 5972 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
13:07:01.0095 5972 uliagpkx - ok
13:07:01.0140 5972 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
13:07:01.0141 5972 umbus - ok
13:07:01.0146 5972 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
13:07:01.0147 5972 UmPass - ok
13:07:01.0239 5972 [ 7A78ED1088890114DFDE2C4AB038D6B6 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
13:07:01.0297 5972 UNS - ok
13:07:01.0328 5972 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
13:07:01.0333 5972 upnphost - ok
13:07:01.0371 5972 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
13:07:01.0372 5972 USBAAPL64 - ok
13:07:01.0402 5972 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
13:07:01.0403 5972 usbccgp - ok
13:07:01.0423 5972 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
13:07:01.0425 5972 usbcir - ok
13:07:01.0442 5972 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
13:07:01.0443 5972 usbehci - ok
13:07:01.0486 5972 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
13:07:01.0491 5972 usbhub - ok
13:07:01.0509 5972 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
13:07:01.0510 5972 usbohci - ok
13:07:01.0542 5972 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
13:07:01.0543 5972 usbprint - ok
13:07:01.0574 5972 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
13:07:01.0576 5972 usbscan - ok
13:07:01.0594 5972 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
13:07:01.0596 5972 USBSTOR - ok
13:07:01.0599 5972 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
13:07:01.0601 5972 usbuhci - ok
13:07:01.0627 5972 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
13:07:01.0629 5972 usbvideo - ok
13:07:01.0660 5972 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
13:07:01.0662 5972 UxSms - ok
13:07:01.0679 5972 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
13:07:01.0681 5972 VaultSvc - ok
13:07:01.0715 5972 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
13:07:01.0716 5972 vdrvroot - ok
13:07:01.0753 5972 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
13:07:01.0761 5972 vds - ok
13:07:01.0800 5972 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
13:07:01.0801 5972 vga - ok
13:07:01.0814 5972 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
13:07:01.0814 5972 VgaSave - ok
13:07:01.0829 5972 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
13:07:01.0832 5972 vhdmp - ok
13:07:01.0835 5972 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
13:07:01.0836 5972 viaide - ok
13:07:01.0851 5972 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
13:07:01.0852 5972 volmgr - ok
13:07:01.0884 5972 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
13:07:01.0888 5972 volmgrx - ok
13:07:01.0896 5972 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
13:07:01.0899 5972 volsnap - ok
13:07:01.0916 5972 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
13:07:01.0919 5972 vsmraid - ok
13:07:01.0973 5972 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
13:07:01.0992 5972 VSS - ok
13:07:02.0003 5972 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
13:07:02.0004 5972 vwifibus - ok
13:07:02.0022 5972 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
13:07:02.0024 5972 vwififlt - ok
13:07:02.0071 5972 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
13:07:02.0078 5972 W32Time - ok
13:07:02.0107 5972 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
13:07:02.0109 5972 WacomPen - ok
13:07:02.0144 5972 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
13:07:02.0146 5972 WANARP - ok
13:07:02.0150 5972 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
13:07:02.0151 5972 Wanarpv6 - ok
13:07:02.0242 5972 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
13:07:02.0266 5972 WatAdminSvc - ok
13:07:02.0334 5972 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
13:07:02.0355 5972 wbengine - ok
13:07:02.0386 5972 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
13:07:02.0390 5972 WbioSrvc - ok
13:07:02.0408 5972 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
13:07:02.0414 5972 wcncsvc - ok
13:07:02.0458 5972 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
13:07:02.0460 5972 WcsPlugInService - ok
13:07:02.0486 5972 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
13:07:02.0486 5972 Wd - ok
13:07:02.0520 5972 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
13:07:02.0527 5972 Wdf01000 - ok
13:07:02.0543 5972 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
13:07:02.0546 5972 WdiServiceHost - ok
13:07:02.0549 5972 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
13:07:02.0551 5972 WdiSystemHost - ok
13:07:02.0573 5972 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
13:07:02.0578 5972 WebClient - ok
13:07:02.0585 5972 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
13:07:02.0590 5972 Wecsvc - ok
13:07:02.0594 5972 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
13:07:02.0597 5972 wercplsupport - ok
13:07:02.0614 5972 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
13:07:02.0617 5972 WerSvc - ok
13:07:02.0634 5972 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
13:07:02.0635 5972 WfpLwf - ok
13:07:02.0657 5972 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
13:07:02.0658 5972 WIMMount - ok
13:07:02.0662 5972 WinHttpAutoProxySvc - ok
13:07:02.0723 5972 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
13:07:02.0728 5972 Winmgmt - ok
13:07:02.0806 5972 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
13:07:02.0828 5972 WinRM - ok
13:07:02.0881 5972 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
13:07:02.0882 5972 WinUsb - ok
13:07:02.0918 5972 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
13:07:02.0929 5972 Wlansvc - ok
13:07:02.0982 5972 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:07:02.0984 5972 wlcrasvc - ok
13:07:03.0086 5972 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:07:03.0111 5972 wlidsvc - ok
13:07:03.0124 5972 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
13:07:03.0125 5972 WmiAcpi - ok
13:07:03.0157 5972 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
13:07:03.0160 5972 wmiApSrv - ok
13:07:03.0187 5972 WMPNetworkSvc - ok
13:07:03.0220 5972 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
13:07:03.0222 5972 WPCSvc - ok
13:07:03.0242 5972 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
13:07:03.0246 5972 WPDBusEnum - ok
13:07:03.0273 5972 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
13:07:03.0274 5972 ws2ifsl - ok
13:07:03.0279 5972 WSearch - ok
13:07:03.0300 5972 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
13:07:03.0302 5972 WudfPf - ok
13:07:03.0343 5972 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
13:07:03.0346 5972 WUDFRd - ok
13:07:03.0374 5972 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
13:07:03.0377 5972 wudfsvc - ok
13:07:03.0399 5972 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
13:07:03.0403 5972 WwanSvc - ok
13:07:03.0409 5972 ================ Scan global ===============================
13:07:03.0436 5972 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
13:07:03.0464 5972 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
13:07:03.0471 5972 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
13:07:03.0503 5972 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
13:07:03.0539 5972 [ 014A9CB92514E27C0107614DF764BC06 ] C:\windows\system32\services.exe
13:07:03.0546 5972 C:\windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - infected
13:07:03.0546 5972 C:\windows\system32\services.exe - detected Virus.Win64.ZAccess.b (0)
13:07:03.0547 5972 ================ Scan MBR ==================================
13:07:03.0560 5972 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
13:07:03.0825 5972 \Device\Harddisk0\DR0 - ok
13:07:03.0827 5972 ================ Scan VBR ==================================
13:07:03.0856 5972 [ 21B75301057FD5DF422B89DC21ADFF02 ] \Device\Harddisk0\DR0\Partition1
13:07:03.0860 5972 \Device\Harddisk0\DR0\Partition1 - ok
13:07:03.0860 5972 ============================================================
13:07:03.0861 5972 Scan finished
13:07:03.0861 5972 ============================================================
13:07:03.0888 4352 Detected object count: 1
13:07:03.0888 4352 Actual detected object count: 1
13:07:18.0510 4352 C:\windows\system32\services.exe - copied to quarantine
13:07:18.0905 4352 C:\windows\installer\{feb10708-6fe6-a64b-8480-d2495a840fff}\@ - copied to quarantine
13:07:18.0908 4352 C:\windows\installer\{feb10708-6fe6-a64b-8480-d2495a840fff}\U\00000001.@ - copied to quarantine
13:07:18.0911 4352 C:\windows\installer\{feb10708-6fe6-a64b-8480-d2495a840fff}\U\80000000.@ - copied to quarantine
13:07:18.0915 4352 C:\windows\installer\{feb10708-6fe6-a64b-8480-d2495a840fff}\U\800000cb.@ - copied to quarantine
13:07:18.0917 4352 C:\Users\Owner\AppData\Local\{feb10708-6fe6-a64b-8480-d2495a840fff}\@ - copied to quarantine
13:07:18.0930 4352 C:\Users\Owner\AppData\Local\{feb10708-6fe6-a64b-8480-d2495a840fff}\n - copied to quarantine
13:07:28.0856 4352 Backup copy found, using it..
13:07:28.0908 4352 C:\windows\installer\{feb10708-6fe6-a64b-8480-d2495a840fff}\@ - will be deleted on reboot
13:07:28.0909 4352 C:\windows\installer\{feb10708-6fe6-a64b-8480-d2495a840fff}\U\00000001.@ - will be deleted on reboot
13:07:28.0909 4352 C:\windows\installer\{feb10708-6fe6-a64b-8480-d2495a840fff}\U\80000000.@ - will be deleted on reboot
13:07:28.0909 4352 C:\windows\installer\{feb10708-6fe6-a64b-8480-d2495a840fff}\U\800000cb.@ - will be deleted on reboot
13:07:28.0910 4352 C:\Users\Owner\AppData\Local\{feb10708-6fe6-a64b-8480-d2495a840fff}\@ - will be deleted on reboot
13:07:28.0911 4352 C:\Users\Owner\AppData\Local\{feb10708-6fe6-a64b-8480-d2495a840fff}\n - will be deleted on reboot
13:07:28.0911 4352 C:\windows\system32\services.exe - will be cured on reboot
13:07:28.0911 4352 C:\windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - User select action: Cure
13:07:58.0861 5288 Deinitialize success



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-22 13:18:21
-----------------------------
13:18:21.373 OS Version: Windows x64 6.1.7601 Service Pack 1
13:18:21.373 Number of processors: 4 586 0x2A07
13:18:21.373 ComputerName: OWNER-PC UserName: Owner
13:18:26.677 Initialize success
13:18:38.409 AVAST engine defs: 12082200
13:18:40.983 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
13:18:40.998 Disk 0 Vendor: TOSHIBA_ GB00 Size: 476940MB BusType: 3
13:18:41.029 Disk 0 MBR read successfully
13:18:41.029 Disk 0 MBR scan
13:18:41.029 Disk 0 Windows VISTA default MBR code
13:18:41.045 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
13:18:41.076 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 462871 MB offset 3074048
13:18:41.154 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 12568 MB offset 951033856
13:18:41.217 Disk 0 scanning C:\windows\system32\drivers
13:19:01.622 Service scanning
13:20:07.717 Modules scanning
13:20:07.727 Disk 0 trace - called modules:
13:20:07.753 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
13:20:07.762 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80068da060]
13:20:07.768 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80049e6050]
13:20:09.973 AVAST engine scan C:\windows
13:20:12.983 AVAST engine scan C:\windows\system32
13:22:25.272 AVAST engine scan C:\windows\system32\drivers
13:22:35.106 AVAST engine scan C:\Users\Owner
13:23:34.962 File: C:\Users\Owner\AppData\Local\Temp\e3s.exe **INFECTED** Win32:Sirefef-AGO [Trj]
13:26:27.102 File: C:\Users\Owner\AppData\Local\Temp\~!#AF6B.tmp **INFECTED** Win32:Karagany-JG [Trj]
13:26:42.513 File: C:\Users\Owner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\32242f12-51bcd269 **INFECTED** Win32:Sirefef-AGO [Trj]
13:27:24.352 File: C:\Users\Owner\AppData\Roaming\reanlm.dll **INFECTED** Win32:Medfos-A [Trj]
13:27:24.832 File: C:\Users\Owner\AppData\Roaming\retdi.dll **INFECTED** Win32:Medfos [Trj]
13:28:35.904 AVAST engine scan C:\ProgramData
13:29:13.537 Scan finished successfully
13:30:15.712 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
13:30:15.718 The log file has been saved successfully to "C:\aswMBR.txt"







C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarApp.dll a variant of Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarEng.dll Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarsrv.exe probably a variant of Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\ProgramData\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined




C:\TDSSKiller_Quarantine\22.08.2012_13.06.30\zasubsys0000\file0000\tsk0000.dta Win64/Patched.B.Gen trojan deleted - quarantined
C:\TDSSKiller_Quarantine\22.08.2012_13.06.30\zasubsys0000\zafs0000\tsk0002.dta Win64/Sirefef.AL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\22.08.2012_13.06.30\zasubsys0000\zafs0000\tsk0003.dta Win64/Sirefef.AH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\22.08.2012_13.06.30\zasubsys0000\zafs0000\tsk0005.dta Win64/Sirefef.W trojan cleaned by deleting - quarantined
C:\Users\Owner\AppData\Local\Temp\air2938.exe a variant of Win32/SpeedingUpMyPC application cleaned by deleting - quarantined
C:\Users\Owner\AppData\Local\Temp\air5505.exe probably a variant of Win32/Adware.HTPHRAW application cleaned by deleting - quarantined
C:\Users\Owner\AppData\Local\Temp\e3s.exe a variant of Win32/Injector.RXO trojan deleted - quarantined
C:\Users\Owner\AppData\Local\Temp\YontooSetup-Silent.exe Win32/Adware.Yontoo application cleaned by deleting - quarantined
C:\Users\Owner\AppData\Local\Temp\~!#AF6B.tmp a variant of Win32/Injector.UTQ trojan deleted - quarantined
C:\Users\Owner\AppData\Local\Temp\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbar4ie.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Users\Owner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\32242f12-51bcd269 a variant of Win32/Injector.RXO trojan deleted - quarantined
C:\Users\Owner\AppData\Roaming\reanlm.dll a variant of Win32/Medfos.CO trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\Owner\AppData\Roaming\retdi.dll a variant of Win32/Medfos.CC trojan cleaned by deleting (after the next restart) - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:51 AM

Posted 22 August 2012 - 04:58 PM

Restart the PC,run TDSSkiller again and post the new log

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 mercuryrsng

mercuryrsng
  • Topic Starter

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:01:51 AM

Posted 22 August 2012 - 07:22 PM

18:07:07.0177 3332 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
18:07:07.0448 3332 ============================================================
18:07:07.0448 3332 Current date / time: 2012/08/22 18:07:07.0448
18:07:07.0448 3332 SystemInfo:
18:07:07.0449 3332
18:07:07.0449 3332 OS Version: 6.1.7601 ServicePack: 1.0
18:07:07.0449 3332 Product type: Workstation
18:07:07.0449 3332 ComputerName: OWNER-PC
18:07:07.0449 3332 UserName: Owner
18:07:07.0449 3332 Windows directory: C:\windows
18:07:07.0449 3332 System windows directory: C:\windows
18:07:07.0449 3332 Running under WOW64
18:07:07.0449 3332 Processor architecture: Intel x64
18:07:07.0449 3332 Number of processors: 4
18:07:07.0449 3332 Page size: 0x1000
18:07:07.0449 3332 Boot type: Normal boot
18:07:07.0450 3332 ============================================================
18:07:07.0876 3332 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:07:07.0880 3332 ============================================================
18:07:07.0880 3332 \Device\Harddisk0\DR0:
18:07:07.0880 3332 MBR partitions:
18:07:07.0880 3332 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x3880B800
18:07:07.0880 3332 ============================================================
18:07:07.0906 3332 C: <-> \Device\Harddisk0\DR0\Partition1
18:07:07.0906 3332 ============================================================
18:07:07.0906 3332 Initialize success
18:07:07.0906 3332 ============================================================
18:07:12.0440 5016 ============================================================
18:07:12.0440 5016 Scan started
18:07:12.0440 5016 Mode: Manual; TDLFS;
18:07:12.0440 5016 ============================================================
18:07:12.0794 5016 ================ Scan system memory ========================
18:07:12.0794 5016 System memory - ok
18:07:12.0794 5016 ================ Scan services =============================
18:07:12.0996 5016 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
18:07:13.0001 5016 1394ohci - ok
18:07:13.0026 5016 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
18:07:13.0032 5016 ACPI - ok
18:07:13.0070 5016 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
18:07:13.0072 5016 AcpiPmi - ok
18:07:13.0191 5016 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:07:13.0194 5016 AdobeFlashPlayerUpdateSvc - ok
18:07:13.0267 5016 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
18:07:13.0276 5016 adp94xx - ok
18:07:13.0327 5016 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
18:07:13.0332 5016 adpahci - ok
18:07:13.0366 5016 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
18:07:13.0369 5016 adpu320 - ok
18:07:13.0403 5016 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
18:07:13.0405 5016 AeLookupSvc - ok
18:07:13.0452 5016 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
18:07:13.0457 5016 AFD - ok
18:07:13.0514 5016 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
18:07:13.0516 5016 agp440 - ok
18:07:13.0571 5016 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
18:07:13.0573 5016 ALG - ok
18:07:13.0625 5016 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
18:07:13.0627 5016 aliide - ok
18:07:13.0631 5016 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
18:07:13.0632 5016 amdide - ok
18:07:13.0655 5016 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
18:07:13.0657 5016 AmdK8 - ok
18:07:13.0662 5016 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
18:07:13.0663 5016 AmdPPM - ok
18:07:13.0690 5016 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
18:07:13.0692 5016 amdsata - ok
18:07:13.0698 5016 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
18:07:13.0701 5016 amdsbs - ok
18:07:13.0725 5016 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
18:07:13.0726 5016 amdxata - ok
18:07:13.0857 5016 [ 1B7D1F0A0DFADBC797C16364792A7AA5 ] Amsp C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
18:07:13.0864 5016 Amsp - ok
18:07:13.0907 5016 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
18:07:13.0910 5016 AppID - ok
18:07:13.0940 5016 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
18:07:13.0942 5016 AppIDSvc - ok
18:07:13.0973 5016 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
18:07:13.0976 5016 Appinfo - ok
18:07:14.0180 5016 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:07:14.0184 5016 Apple Mobile Device - ok
18:07:14.0220 5016 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
18:07:14.0222 5016 arc - ok
18:07:14.0246 5016 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
18:07:14.0249 5016 arcsas - ok
18:07:14.0269 5016 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
18:07:14.0270 5016 AsyncMac - ok
18:07:14.0292 5016 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
18:07:14.0293 5016 atapi - ok
18:07:14.0343 5016 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
18:07:14.0352 5016 AudioEndpointBuilder - ok
18:07:14.0364 5016 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
18:07:14.0370 5016 AudioSrv - ok
18:07:14.0418 5016 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
18:07:14.0420 5016 AxInstSV - ok
18:07:14.0460 5016 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
18:07:14.0467 5016 b06bdrv - ok
18:07:14.0495 5016 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
18:07:14.0499 5016 b57nd60a - ok
18:07:14.0554 5016 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
18:07:14.0556 5016 BDESVC - ok
18:07:14.0604 5016 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
18:07:14.0605 5016 Beep - ok
18:07:14.0619 5016 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
18:07:14.0621 5016 blbdrive - ok
18:07:14.0700 5016 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:07:14.0711 5016 Bonjour Service - ok
18:07:14.0746 5016 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
18:07:14.0748 5016 bowser - ok
18:07:14.0774 5016 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
18:07:14.0776 5016 BrFiltLo - ok
18:07:14.0798 5016 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
18:07:14.0799 5016 BrFiltUp - ok
18:07:14.0837 5016 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\windows\System32\browser.dll
18:07:14.0839 5016 Browser - ok
18:07:14.0866 5016 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
18:07:14.0874 5016 Brserid - ok
18:07:14.0883 5016 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
18:07:14.0886 5016 BrSerWdm - ok
18:07:14.0909 5016 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
18:07:14.0911 5016 BrUsbMdm - ok
18:07:14.0929 5016 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
18:07:14.0930 5016 BrUsbSer - ok
18:07:14.0934 5016 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
18:07:14.0936 5016 BTHMODEM - ok
18:07:14.0975 5016 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
18:07:14.0977 5016 bthserv - ok
18:07:15.0026 5016 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
18:07:15.0029 5016 cdfs - ok
18:07:15.0066 5016 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
18:07:15.0070 5016 cdrom - ok
18:07:15.0102 5016 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
18:07:15.0104 5016 CertPropSvc - ok
18:07:15.0133 5016 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
18:07:15.0135 5016 circlass - ok
18:07:15.0189 5016 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
18:07:15.0195 5016 CLFS - ok
18:07:15.0265 5016 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:07:15.0268 5016 clr_optimization_v2.0.50727_32 - ok
18:07:15.0316 5016 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:07:15.0319 5016 clr_optimization_v2.0.50727_64 - ok
18:07:15.0400 5016 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:07:15.0404 5016 clr_optimization_v4.0.30319_32 - ok
18:07:15.0435 5016 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:07:15.0439 5016 clr_optimization_v4.0.30319_64 - ok
18:07:15.0471 5016 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
18:07:15.0473 5016 CmBatt - ok
18:07:15.0491 5016 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
18:07:15.0493 5016 cmdide - ok
18:07:15.0535 5016 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
18:07:15.0541 5016 CNG - ok
18:07:15.0651 5016 [ A260BE645DD096D90318C8CF98536720 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
18:07:15.0676 5016 CnxtHdAudService - ok
18:07:15.0716 5016 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
18:07:15.0717 5016 Compbatt - ok
18:07:15.0741 5016 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
18:07:15.0743 5016 CompositeBus - ok
18:07:15.0761 5016 COMSysApp - ok
18:07:15.0784 5016 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
18:07:15.0786 5016 crcdisk - ok
18:07:15.0835 5016 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\windows\system32\cryptsvc.dll
18:07:15.0841 5016 CryptSvc - ok
18:07:16.0253 5016 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
18:07:16.0266 5016 cvhsvc - ok
18:07:16.0351 5016 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
18:07:16.0363 5016 DcomLaunch - ok
18:07:16.0510 5016 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
18:07:16.0555 5016 defragsvc - ok
18:07:16.0599 5016 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
18:07:16.0601 5016 DfsC - ok
18:07:16.0656 5016 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
18:07:16.0662 5016 Dhcp - ok
18:07:16.0681 5016 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
18:07:16.0682 5016 discache - ok
18:07:16.0723 5016 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
18:07:16.0725 5016 Disk - ok
18:07:16.0768 5016 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
18:07:16.0771 5016 Dnscache - ok
18:07:16.0791 5016 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
18:07:16.0794 5016 dot3svc - ok
18:07:16.0800 5016 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
18:07:16.0802 5016 DPS - ok
18:07:16.0839 5016 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
18:07:16.0840 5016 drmkaud - ok
18:07:16.0879 5016 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
18:07:16.0887 5016 DXGKrnl - ok
18:07:16.0928 5016 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
18:07:16.0931 5016 EapHost - ok
18:07:17.0153 5016 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
18:07:17.0251 5016 ebdrv - ok
18:07:17.0330 5016 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
18:07:17.0334 5016 EFS - ok
18:07:17.0398 5016 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
18:07:17.0412 5016 ehRecvr - ok
18:07:17.0441 5016 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
18:07:17.0445 5016 ehSched - ok
18:07:17.0495 5016 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
18:07:17.0504 5016 elxstor - ok
18:07:17.0509 5016 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
18:07:17.0510 5016 ErrDev - ok
18:07:17.0550 5016 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
18:07:17.0555 5016 EventSystem - ok
18:07:17.0609 5016 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
18:07:17.0613 5016 exfat - ok
18:07:17.0646 5016 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
18:07:17.0650 5016 fastfat - ok
18:07:17.0703 5016 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
18:07:17.0714 5016 Fax - ok
18:07:17.0719 5016 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
18:07:17.0720 5016 fdc - ok
18:07:17.0739 5016 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
18:07:17.0740 5016 fdPHost - ok
18:07:17.0758 5016 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
18:07:17.0759 5016 FDResPub - ok
18:07:17.0790 5016 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
18:07:17.0791 5016 FileInfo - ok
18:07:17.0802 5016 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
18:07:17.0804 5016 Filetrace - ok
18:07:17.0816 5016 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
18:07:17.0817 5016 flpydisk - ok
18:07:17.0839 5016 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
18:07:17.0842 5016 FltMgr - ok
18:07:17.0886 5016 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
18:07:17.0898 5016 FontCache - ok
18:07:17.0947 5016 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:07:17.0949 5016 FontCache3.0.0.0 - ok
18:07:17.0981 5016 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
18:07:17.0982 5016 FsDepends - ok
18:07:18.0027 5016 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
18:07:18.0029 5016 Fs_Rec - ok
18:07:18.0068 5016 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
18:07:18.0074 5016 fvevol - ok
18:07:18.0109 5016 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] FwLnk C:\windows\system32\DRIVERS\FwLnk.sys
18:07:18.0110 5016 FwLnk - ok
18:07:18.0149 5016 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
18:07:18.0152 5016 gagp30kx - ok
18:07:18.0190 5016 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
18:07:18.0191 5016 GEARAspiWDM - ok
18:07:18.0274 5016 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
18:07:18.0291 5016 gpsvc - ok
18:07:18.0364 5016 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:07:18.0366 5016 gupdate - ok
18:07:18.0381 5016 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:07:18.0382 5016 gupdatem - ok
18:07:18.0413 5016 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
18:07:18.0415 5016 hcw85cir - ok
18:07:18.0451 5016 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
18:07:18.0456 5016 HdAudAddService - ok
18:07:18.0484 5016 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
18:07:18.0486 5016 HDAudBus - ok
18:07:18.0490 5016 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
18:07:18.0492 5016 HidBatt - ok
18:07:18.0523 5016 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
18:07:18.0525 5016 HidBth - ok
18:07:18.0531 5016 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
18:07:18.0533 5016 HidIr - ok
18:07:18.0561 5016 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
18:07:18.0563 5016 hidserv - ok
18:07:18.0583 5016 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
18:07:18.0584 5016 HidUsb - ok
18:07:18.0619 5016 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
18:07:18.0622 5016 hkmsvc - ok
18:07:18.0653 5016 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
18:07:18.0657 5016 HomeGroupListener - ok
18:07:18.0700 5016 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
18:07:18.0705 5016 HomeGroupProvider - ok
18:07:18.0736 5016 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
18:07:18.0738 5016 HpSAMD - ok
18:07:18.0806 5016 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
18:07:18.0814 5016 HTTP - ok
18:07:18.0838 5016 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
18:07:18.0839 5016 hwpolicy - ok
18:07:18.0863 5016 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
18:07:18.0866 5016 i8042prt - ok
18:07:18.0946 5016 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
18:07:18.0953 5016 iaStor - ok
18:07:18.0999 5016 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
18:07:19.0005 5016 iaStorV - ok
18:07:19.0091 5016 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:07:19.0106 5016 idsvc - ok
18:07:20.0020 5016 [ 370C2A8629B30F910F740387795DDC6F ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
18:07:20.0312 5016 igfx - ok
18:07:20.0353 5016 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
18:07:20.0355 5016 iirsp - ok
18:07:20.0454 5016 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
18:07:20.0473 5016 IKEEXT - ok
18:07:20.0498 5016 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
18:07:20.0500 5016 intelide - ok
18:07:20.0538 5016 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
18:07:20.0540 5016 intelppm - ok
18:07:20.0558 5016 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
18:07:20.0561 5016 IPBusEnum - ok
18:07:20.0567 5016 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
18:07:20.0569 5016 IpFilterDriver - ok
18:07:20.0575 5016 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
18:07:20.0577 5016 IPMIDRV - ok
18:07:20.0605 5016 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
18:07:20.0607 5016 IPNAT - ok
18:07:20.0691 5016 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:07:20.0709 5016 iPod Service - ok
18:07:20.0733 5016 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
18:07:20.0734 5016 IRENUM - ok
18:07:20.0762 5016 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
18:07:20.0764 5016 isapnp - ok
18:07:20.0823 5016 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
18:07:20.0827 5016 iScsiPrt - ok
18:07:20.0865 5016 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
18:07:20.0866 5016 kbdclass - ok
18:07:20.0900 5016 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
18:07:20.0901 5016 kbdhid - ok
18:07:20.0931 5016 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
18:07:20.0932 5016 KeyIso - ok
18:07:20.0973 5016 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
18:07:20.0975 5016 KSecDD - ok
18:07:21.0007 5016 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
18:07:21.0009 5016 KSecPkg - ok
18:07:21.0039 5016 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
18:07:21.0040 5016 ksthunk - ok
18:07:21.0078 5016 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
18:07:21.0084 5016 KtmRm - ok
18:07:21.0120 5016 [ 045FB70BC993B691517CE309045FF02D ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
18:07:21.0121 5016 L1C - ok
18:07:21.0188 5016 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
18:07:21.0199 5016 LanmanServer - ok
18:07:21.0228 5016 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
18:07:21.0233 5016 LanmanWorkstation - ok
18:07:21.0289 5016 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
18:07:21.0291 5016 lltdio - ok
18:07:21.0339 5016 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
18:07:21.0345 5016 lltdsvc - ok
18:07:21.0357 5016 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
18:07:21.0360 5016 lmhosts - ok
18:07:21.0429 5016 [ 98B16E756243BEA9410E32025B19C06F ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
18:07:21.0434 5016 LMS - ok
18:07:21.0462 5016 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
18:07:21.0465 5016 LSI_FC - ok
18:07:21.0480 5016 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
18:07:21.0482 5016 LSI_SAS - ok
18:07:21.0487 5016 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
18:07:21.0489 5016 LSI_SAS2 - ok
18:07:21.0504 5016 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
18:07:21.0506 5016 LSI_SCSI - ok
18:07:21.0537 5016 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
18:07:21.0539 5016 luafv - ok
18:07:21.0586 5016 [ 024DA28053D57E9E32BEE52600576BBB ] MarvinBus C:\windows\system32\DRIVERS\MarvinBus64.sys
18:07:21.0589 5016 MarvinBus - ok
18:07:21.0635 5016 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
18:07:21.0640 5016 Mcx2Svc - ok
18:07:21.0675 5016 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
18:07:21.0677 5016 megasas - ok
18:07:21.0686 5016 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
18:07:21.0690 5016 MegaSR - ok
18:07:21.0725 5016 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
18:07:21.0727 5016 MEIx64 - ok
18:07:21.0757 5016 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
18:07:21.0759 5016 MMCSS - ok
18:07:21.0784 5016 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
18:07:21.0785 5016 Modem - ok
18:07:21.0829 5016 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
18:07:21.0831 5016 monitor - ok
18:07:21.0864 5016 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
18:07:21.0866 5016 mouclass - ok
18:07:21.0898 5016 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
18:07:21.0900 5016 mouhid - ok
18:07:21.0931 5016 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
18:07:21.0932 5016 mountmgr - ok
18:07:21.0962 5016 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
18:07:21.0965 5016 mpio - ok
18:07:21.0976 5016 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
18:07:21.0978 5016 mpsdrv - ok
18:07:21.0982 5016 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
18:07:21.0985 5016 MRxDAV - ok
18:07:22.0001 5016 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
18:07:22.0004 5016 mrxsmb - ok
18:07:22.0036 5016 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
18:07:22.0039 5016 mrxsmb10 - ok
18:07:22.0068 5016 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
18:07:22.0072 5016 mrxsmb20 - ok
18:07:22.0098 5016 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\DRIVERS\msahci.sys
18:07:22.0100 5016 msahci - ok
18:07:22.0125 5016 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
18:07:22.0129 5016 msdsm - ok
18:07:22.0150 5016 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
18:07:22.0155 5016 MSDTC - ok
18:07:22.0201 5016 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
18:07:22.0202 5016 Msfs - ok
18:07:22.0246 5016 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
18:07:22.0247 5016 mshidkmdf - ok
18:07:22.0254 5016 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
18:07:22.0256 5016 msisadrv - ok
18:07:22.0284 5016 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
18:07:22.0290 5016 MSiSCSI - ok
18:07:22.0299 5016 msiserver - ok
18:07:22.0333 5016 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
18:07:22.0335 5016 MSKSSRV - ok
18:07:22.0352 5016 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
18:07:22.0353 5016 MSPCLOCK - ok
18:07:22.0370 5016 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
18:07:22.0371 5016 MSPQM - ok
18:07:22.0389 5016 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
18:07:22.0393 5016 MsRPC - ok
18:07:22.0411 5016 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
18:07:22.0411 5016 mssmbios - ok
18:07:22.0434 5016 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
18:07:22.0435 5016 MSTEE - ok
18:07:22.0446 5016 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
18:07:22.0447 5016 MTConfig - ok
18:07:22.0459 5016 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
18:07:22.0460 5016 Mup - ok
18:07:22.0512 5016 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
18:07:22.0520 5016 napagent - ok
18:07:22.0569 5016 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
18:07:22.0574 5016 NativeWifiP - ok
18:07:22.0626 5016 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\windows\system32\drivers\ndis.sys
18:07:22.0636 5016 NDIS - ok
18:07:22.0652 5016 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
18:07:22.0653 5016 NdisCap - ok
18:07:22.0693 5016 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
18:07:22.0694 5016 NdisTapi - ok
18:07:22.0712 5016 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
18:07:22.0713 5016 Ndisuio - ok
18:07:22.0725 5016 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
18:07:22.0728 5016 NdisWan - ok
18:07:22.0739 5016 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
18:07:22.0740 5016 NDProxy - ok
18:07:22.0771 5016 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
18:07:22.0773 5016 NetBIOS - ok
18:07:22.0813 5016 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
18:07:22.0817 5016 NetBT - ok
18:07:22.0842 5016 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
18:07:22.0843 5016 Netlogon - ok
18:07:22.0883 5016 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
18:07:22.0888 5016 Netman - ok
18:07:22.0905 5016 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
18:07:22.0911 5016 netprofm - ok
18:07:22.0941 5016 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:07:22.0943 5016 NetTcpPortSharing - ok
18:07:22.0979 5016 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
18:07:22.0981 5016 nfrd960 - ok
18:07:23.0034 5016 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
18:07:23.0040 5016 NlaSvc - ok
18:07:23.0079 5016 Norton PC Checkup Application Launcher - ok
18:07:23.0091 5016 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
18:07:23.0092 5016 Npfs - ok
18:07:23.0122 5016 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
18:07:23.0125 5016 nsi - ok
18:07:23.0145 5016 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
18:07:23.0146 5016 nsiproxy - ok
18:07:23.0202 5016 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
18:07:23.0220 5016 Ntfs - ok
18:07:23.0250 5016 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
18:07:23.0251 5016 Null - ok
18:07:23.0276 5016 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
18:07:23.0279 5016 nvraid - ok
18:07:23.0286 5016 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
18:07:23.0289 5016 nvstor - ok
18:07:23.0294 5016 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
18:07:23.0296 5016 nv_agp - ok
18:07:23.0302 5016 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
18:07:23.0304 5016 ohci1394 - ok
18:07:23.0349 5016 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:07:23.0352 5016 ose - ok
18:07:23.0807 5016 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:07:23.0940 5016 osppsvc - ok
18:07:23.0986 5016 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
18:07:23.0996 5016 p2pimsvc - ok
18:07:24.0043 5016 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
18:07:24.0053 5016 p2psvc - ok
18:07:24.0087 5016 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
18:07:24.0089 5016 Parport - ok
18:07:24.0120 5016 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
18:07:24.0122 5016 partmgr - ok
18:07:24.0158 5016 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
18:07:24.0163 5016 PcaSvc - ok
18:07:24.0195 5016 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
18:07:24.0197 5016 PCCUJobMgr - ok
18:07:24.0228 5016 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
18:07:24.0232 5016 pci - ok
18:07:24.0245 5016 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
18:07:24.0247 5016 pciide - ok
18:07:24.0268 5016 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
18:07:24.0271 5016 pcmcia - ok
18:07:24.0290 5016 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
18:07:24.0291 5016 pcw - ok
18:07:24.0317 5016 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
18:07:24.0324 5016 PEAUTH - ok
18:07:24.0387 5016 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
18:07:24.0389 5016 PerfHost - ok
18:07:24.0412 5016 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
18:07:24.0413 5016 PGEffect - ok
18:07:24.0491 5016 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
18:07:24.0535 5016 pla - ok
18:07:24.0581 5016 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
18:07:24.0592 5016 PlugPlay - ok
18:07:24.0624 5016 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
18:07:24.0628 5016 PNRPAutoReg - ok
18:07:24.0677 5016 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
18:07:24.0684 5016 PNRPsvc - ok
18:07:24.0741 5016 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
18:07:24.0749 5016 PolicyAgent - ok
18:07:24.0780 5016 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
18:07:24.0784 5016 Power - ok
18:07:24.0827 5016 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
18:07:24.0829 5016 PptpMiniport - ok
18:07:24.0843 5016 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
18:07:24.0844 5016 Processor - ok
18:07:24.0889 5016 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
18:07:24.0897 5016 ProfSvc - ok
18:07:24.0920 5016 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
18:07:24.0922 5016 ProtectedStorage - ok
18:07:24.0961 5016 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
18:07:24.0963 5016 Psched - ok
18:07:25.0070 5016 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
18:07:25.0091 5016 ql2300 - ok
18:07:25.0097 5016 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
18:07:25.0100 5016 ql40xx - ok
18:07:25.0127 5016 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
18:07:25.0131 5016 QWAVE - ok
18:07:25.0159 5016 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
18:07:25.0160 5016 QWAVEdrv - ok
18:07:25.0177 5016 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
18:07:25.0178 5016 RasAcd - ok
18:07:25.0214 5016 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
18:07:25.0216 5016 RasAgileVpn - ok
18:07:25.0245 5016 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
18:07:25.0249 5016 RasAuto - ok
18:07:25.0308 5016 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
18:07:25.0311 5016 Rasl2tp - ok
18:07:25.0353 5016 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
18:07:25.0364 5016 RasMan - ok
18:07:25.0388 5016 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
18:07:25.0390 5016 RasPppoe - ok
18:07:25.0402 5016 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
18:07:25.0404 5016 RasSstp - ok
18:07:25.0424 5016 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
18:07:25.0429 5016 rdbss - ok
18:07:25.0464 5016 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
18:07:25.0466 5016 rdpbus - ok
18:07:25.0487 5016 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
18:07:25.0488 5016 RDPCDD - ok
18:07:25.0510 5016 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
18:07:25.0511 5016 RDPENCDD - ok
18:07:25.0526 5016 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
18:07:25.0527 5016 RDPREFMP - ok
18:07:25.0567 5016 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
18:07:25.0570 5016 RDPWD - ok
18:07:25.0604 5016 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
18:07:25.0607 5016 rdyboost - ok
18:07:25.0631 5016 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
18:07:25.0634 5016 RemoteAccess - ok
18:07:25.0654 5016 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
18:07:25.0657 5016 RemoteRegistry - ok
18:07:25.0667 5016 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
18:07:25.0669 5016 RpcEptMapper - ok
18:07:25.0723 5016 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
18:07:25.0724 5016 RpcLocator - ok
18:07:25.0759 5016 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
18:07:25.0763 5016 RpcSs - ok
18:07:25.0806 5016 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
18:07:25.0807 5016 rspndr - ok
18:07:25.0849 5016 [ 0E3DCF76F11DC431B088A2DFD7265CDA ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
18:07:25.0852 5016 RSUSBSTOR - ok
18:07:25.0898 5016 [ 64FDF4FE366CA42DA2B7D9D424B6E39B ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
18:07:25.0905 5016 RTL8192Ce - ok
18:07:25.0919 5016 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
18:07:25.0921 5016 SamSs - ok
18:07:25.0935 5016 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
18:07:25.0937 5016 sbp2port - ok
18:07:25.0971 5016 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
18:07:25.0975 5016 SCardSvr - ok
18:07:26.0007 5016 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
18:07:26.0008 5016 scfilter - ok
18:07:26.0075 5016 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
18:07:26.0096 5016 Schedule - ok
18:07:26.0124 5016 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
18:07:26.0125 5016 SCPolicySvc - ok
18:07:26.0146 5016 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
18:07:26.0150 5016 SDRSVC - ok
18:07:26.0188 5016 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
18:07:26.0189 5016 secdrv - ok
18:07:26.0197 5016 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
18:07:26.0199 5016 seclogon - ok
18:07:26.0219 5016 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
18:07:26.0222 5016 SENS - ok
18:07:26.0252 5016 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
18:07:26.0255 5016 SensrSvc - ok
18:07:26.0274 5016 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
18:07:26.0276 5016 Serenum - ok
18:07:26.0312 5016 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
18:07:26.0314 5016 Serial - ok
18:07:26.0337 5016 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
18:07:26.0339 5016 sermouse - ok
18:07:26.0374 5016 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
18:07:26.0377 5016 SessionEnv - ok
18:07:26.0402 5016 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
18:07:26.0403 5016 sffdisk - ok
18:07:26.0407 5016 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
18:07:26.0408 5016 sffp_mmc - ok
18:07:26.0412 5016 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
18:07:26.0413 5016 sffp_sd - ok
18:07:26.0418 5016 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
18:07:26.0420 5016 sfloppy - ok
18:07:26.0477 5016 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
18:07:26.0484 5016 Sftfs - ok
18:07:26.0578 5016 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
18:07:26.0589 5016 sftlist - ok
18:07:26.0631 5016 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
18:07:26.0636 5016 Sftplay - ok
18:07:26.0677 5016 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
18:07:26.0678 5016 Sftredir - ok
18:07:26.0697 5016 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
18:07:26.0698 5016 Sftvol - ok
18:07:26.0749 5016 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
18:07:26.0753 5016 sftvsa - ok
18:07:26.0785 5016 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
18:07:26.0792 5016 ShellHWDetection - ok
18:07:26.0826 5016 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
18:07:26.0828 5016 SiSRaid2 - ok
18:07:26.0835 5016 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
18:07:26.0838 5016 SiSRaid4 - ok
18:07:27.0163 5016 [ 0F97E7A47A52F4A36969F0FC319654C2 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
18:07:27.0262 5016 Skype C2C Service - ok
18:07:27.0317 5016 [ 68EA68D03BF58389FE6AD2B38FAD798C ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:07:27.0320 5016 SkypeUpdate - ok
18:07:27.0353 5016 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
18:07:27.0357 5016 Smb - ok
18:07:27.0398 5016 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
18:07:27.0401 5016 SNMPTRAP - ok
18:07:27.0420 5016 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
18:07:27.0422 5016 spldr - ok
18:07:27.0446 5016 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\windows\System32\spoolsv.exe
18:07:27.0456 5016 Spooler - ok
18:07:27.0596 5016 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
18:07:27.0685 5016 sppsvc - ok
18:07:27.0698 5016 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
18:07:27.0701 5016 sppuinotify - ok
18:07:27.0750 5016 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
18:07:27.0760 5016 srv - ok
18:07:27.0783 5016 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
18:07:27.0788 5016 srv2 - ok
18:07:27.0821 5016 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
18:07:27.0824 5016 srvnet - ok
18:07:27.0877 5016 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
18:07:27.0882 5016 SSDPSRV - ok
18:07:27.0894 5016 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
18:07:27.0898 5016 SstpSvc - ok
18:07:27.0915 5016 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
18:07:27.0917 5016 stexstor - ok
18:07:27.0959 5016 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
18:07:27.0969 5016 stisvc - ok
18:07:27.0992 5016 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
18:07:27.0993 5016 swenum - ok
18:07:28.0027 5016 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
18:07:28.0035 5016 swprv - ok
18:07:28.0078 5016 [ 470C47DABA9CA3966F0AB3F835D7D135 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
18:07:28.0084 5016 SynTP - ok
18:07:28.0291 5016 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
18:07:28.0351 5016 SysMain - ok
18:07:28.0385 5016 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
18:07:28.0389 5016 TabletInputService - ok
18:07:28.0416 5016 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
18:07:28.0422 5016 TapiSrv - ok
18:07:28.0437 5016 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
18:07:28.0440 5016 TBS - ok
18:07:28.0515 5016 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\windows\system32\drivers\tcpip.sys
18:07:28.0580 5016 Tcpip - ok
18:07:28.0621 5016 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
18:07:28.0637 5016 TCPIP6 - ok
18:07:28.0693 5016 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
18:07:28.0694 5016 tcpipreg - ok
18:07:28.0738 5016 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
18:07:28.0738 5016 tdcmdpst - ok
18:07:28.0750 5016 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
18:07:28.0751 5016 TDPIPE - ok
18:07:28.0785 5016 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
18:07:28.0787 5016 TDTCP - ok
18:07:28.0832 5016 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
18:07:28.0836 5016 tdx - ok
18:07:28.0849 5016 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
18:07:28.0851 5016 TermDD - ok
18:07:28.0919 5016 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
18:07:28.0936 5016 TermService - ok
18:07:28.0960 5016 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
18:07:28.0963 5016 Themes - ok
18:07:28.0979 5016 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
18:07:28.0981 5016 THREADORDER - ok
18:07:29.0083 5016 [ 71C321649B28638EE80A2EEB164C1DC8 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
18:07:29.0085 5016 TMachInfo - ok
18:07:29.0125 5016 [ E386DD8EC68C67CA3E2A3ABDC1DF5C56 ] tmactmon C:\windows\system32\DRIVERS\tmactmon.sys
18:07:29.0128 5016 tmactmon - ok
18:07:29.0169 5016 [ AB011C569487FD65C8944DDF8CBB2572 ] tmcomm C:\windows\system32\DRIVERS\tmcomm.sys
18:07:29.0171 5016 tmcomm - ok
18:07:29.0195 5016 [ 8870A3D7305455B47ADCCD226F8E51BC ] tmevtmgr C:\windows\system32\DRIVERS\tmevtmgr.sys
18:07:29.0196 5016 tmevtmgr - ok
18:07:29.0224 5016 [ 065CB7D9278D778FB9EF62CEAD01433F ] tmtdi C:\windows\system32\DRIVERS\tmtdi.sys
18:07:29.0226 5016 tmtdi - ok
18:07:29.0254 5016 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\windows\system32\TODDSrv.exe
18:07:29.0258 5016 TODDSrv - ok
18:07:29.0325 5016 [ 1C73689B900428C7D054A41C4687F55C ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
18:07:29.0334 5016 TosCoSrv - ok
18:07:29.0380 5016 [ 29D0886CF250FCEF1BF9E65AB8D2C0C8 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
18:07:29.0383 5016 TOSHIBA HDD SSD Alert Service - ok
18:07:29.0436 5016 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys
18:07:29.0442 5016 tos_sps64 - ok
18:07:29.0471 5016 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
18:07:29.0475 5016 TrkWks - ok
18:07:29.0520 5016 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
18:07:29.0523 5016 TrustedInstaller - ok
18:07:29.0551 5016 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
18:07:29.0553 5016 tssecsrv - ok
18:07:29.0591 5016 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
18:07:29.0592 5016 TsUsbFlt - ok
18:07:29.0600 5016 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
18:07:29.0601 5016 TsUsbGD - ok
18:07:29.0649 5016 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
18:07:29.0652 5016 tunnel - ok
18:07:29.0686 5016 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
18:07:29.0686 5016 TVALZ - ok
18:07:29.0709 5016 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
18:07:29.0711 5016 uagp35 - ok
18:07:29.0751 5016 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
18:07:29.0757 5016 udfs - ok
18:07:29.0784 5016 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
18:07:29.0787 5016 UI0Detect - ok
18:07:29.0799 5016 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
18:07:29.0801 5016 uliagpkx - ok
18:07:29.0835 5016 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
18:07:29.0837 5016 umbus - ok
18:07:29.0839 5016 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
18:07:29.0840 5016 UmPass - ok
18:07:29.0977 5016 [ 7A78ED1088890114DFDE2C4AB038D6B6 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
18:07:30.0068 5016 UNS - ok
18:07:30.0126 5016 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
18:07:30.0139 5016 upnphost - ok
18:07:30.0178 5016 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
18:07:30.0181 5016 USBAAPL64 - ok
18:07:30.0220 5016 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
18:07:30.0224 5016 usbccgp - ok
18:07:30.0255 5016 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
18:07:30.0258 5016 usbcir - ok
18:07:30.0282 5016 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
18:07:30.0285 5016 usbehci - ok
18:07:30.0338 5016 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
18:07:30.0343 5016 usbhub - ok
18:07:30.0360 5016 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
18:07:30.0361 5016 usbohci - ok
18:07:30.0393 5016 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
18:07:30.0395 5016 usbprint - ok
18:07:30.0425 5016 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
18:07:30.0427 5016 usbscan - ok
18:07:30.0456 5016 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
18:07:30.0458 5016 USBSTOR - ok
18:07:30.0462 5016 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
18:07:30.0464 5016 usbuhci - ok
18:07:30.0511 5016 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
18:07:30.0514 5016 usbvideo - ok
18:07:30.0544 5016 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
18:07:30.0547 5016 UxSms - ok
18:07:30.0564 5016 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
18:07:30.0565 5016 VaultSvc - ok
18:07:30.0589 5016 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
18:07:30.0590 5016 vdrvroot - ok
18:07:30.0639 5016 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
18:07:30.0647 5016 vds - ok
18:07:30.0673 5016 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
18:07:30.0675 5016 vga - ok
18:07:30.0687 5016 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
18:07:30.0688 5016 VgaSave - ok
18:07:30.0695 5016 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
18:07:30.0699 5016 vhdmp - ok
18:07:30.0713 5016 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
18:07:30.0714 5016 viaide - ok
18:07:30.0735 5016 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
18:07:30.0737 5016 volmgr - ok
18:07:30.0770 5016 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
18:07:30.0775 5016 volmgrx - ok
18:07:30.0804 5016 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
18:07:30.0808 5016 volsnap - ok
18:07:30.0846 5016 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
18:07:30.0849 5016 vsmraid - ok
18:07:30.0947 5016 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
18:07:30.0999 5016 VSS - ok
18:07:31.0021 5016 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
18:07:31.0022 5016 vwifibus - ok
18:07:31.0040 5016 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
18:07:31.0041 5016 vwififlt - ok
18:07:31.0078 5016 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
18:07:31.0084 5016 W32Time - ok
18:07:31.0114 5016 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
18:07:31.0115 5016 WacomPen - ok
18:07:31.0151 5016 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
18:07:31.0152 5016 WANARP - ok
18:07:31.0156 5016 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
18:07:31.0158 5016 Wanarpv6 - ok
18:07:31.0275 5016 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
18:07:31.0305 5016 WatAdminSvc - ok
18:07:31.0426 5016 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
18:07:31.0490 5016 wbengine - ok
18:07:31.0525 5016 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
18:07:31.0531 5016 WbioSrvc - ok
18:07:31.0568 5016 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
18:07:31.0575 5016 wcncsvc - ok
18:07:31.0586 5016 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
18:07:31.0589 5016 WcsPlugInService - ok
18:07:31.0613 5016 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
18:07:31.0614 5016 Wd - ok
18:07:31.0697 5016 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
18:07:31.0728 5016 Wdf01000 - ok
18:07:31.0749 5016 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
18:07:31.0754 5016 WdiServiceHost - ok
18:07:31.0761 5016 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
18:07:31.0763 5016 WdiSystemHost - ok
18:07:31.0779 5016 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
18:07:31.0783 5016 WebClient - ok
18:07:31.0789 5016 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
18:07:31.0793 5016 Wecsvc - ok
18:07:31.0797 5016 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
18:07:31.0800 5016 wercplsupport - ok
18:07:31.0820 5016 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
18:07:31.0822 5016 WerSvc - ok
18:07:31.0840 5016 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
18:07:31.0841 5016 WfpLwf - ok
18:07:31.0874 5016 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
18:07:31.0875 5016 WIMMount - ok
18:07:31.0881 5016 WinHttpAutoProxySvc - ok
18:07:31.0974 5016 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
18:07:31.0980 5016 Winmgmt - ok
18:07:32.0058 5016 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
18:07:32.0094 5016 WinRM - ok
18:07:32.0153 5016 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
18:07:32.0155 5016 WinUsb - ok
18:07:32.0190 5016 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
18:07:32.0201 5016 Wlansvc - ok
18:07:32.0254 5016 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:07:32.0256 5016 wlcrasvc - ok
18:07:32.0528 5016 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:07:32.0600 5016 wlidsvc - ok
18:07:32.0630 5016 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
18:07:32.0631 5016 WmiAcpi - ok
18:07:32.0663 5016 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
18:07:32.0666 5016 wmiApSrv - ok
18:07:32.0693 5016 WMPNetworkSvc - ok
18:07:32.0736 5016 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
18:07:32.0739 5016 WPCSvc - ok
18:07:32.0759 5016 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
18:07:32.0762 5016 WPDBusEnum - ok
18:07:32.0789 5016 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
18:07:32.0791 5016 ws2ifsl - ok
18:07:32.0794 5016 WSearch - ok
18:07:32.0817 5016 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
18:07:32.0819 5016 WudfPf - ok
18:07:32.0849 5016 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
18:07:32.0852 5016 WUDFRd - ok
18:07:32.0880 5016 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
18:07:32.0884 5016 wudfsvc - ok
18:07:32.0904 5016 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
18:07:32.0909 5016 WwanSvc - ok
18:07:32.0917 5016 ================ Scan global ===============================
18:07:32.0942 5016 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
18:07:32.0970 5016 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
18:07:32.0979 5016 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
18:07:33.0009 5016 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
18:07:33.0058 5016 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
18:07:33.0069 5016 [Global] - ok
18:07:33.0070 5016 ================ Scan MBR ==================================
18:07:33.0088 5016 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
18:07:33.0553 5016 \Device\Harddisk0\DR0 - ok
18:07:33.0554 5016 ================ Scan VBR ==================================
18:07:33.0595 5016 [ 21B75301057FD5DF422B89DC21ADFF02 ] \Device\Harddisk0\DR0\Partition1
18:07:33.0598 5016 \Device\Harddisk0\DR0\Partition1 - ok
18:07:33.0599 5016 ============================================================
18:07:33.0599 5016 Scan finished
18:07:33.0599 5016 ============================================================
18:07:33.0619 5004 Detected object count: 0
18:07:33.0619 5004 Actual detected object count: 0




Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.22.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Owner :: OWNER-PC [administrator]

8/22/2012 6:10:00 PM
mbam-log-2012-08-22 (18-10-00).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 322772
Time elapsed: 28 minute(s), 1 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)




MiniToolBox by Farbar Version: 23-07-2012
Ran by Owner (administrator) on 22-08-2012 at 20:14:42
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection (Connected)
Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Owner-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : 00-26-6C-E2-82-5D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
Physical Address. . . . . . . . . : 74-DE-2B-78-3E-7A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::bc44:2ab3:592:1d8b%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.13(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, August 22, 2012 6:03:21 PM
Lease Expires . . . . . . . . . . : Thursday, August 23, 2012 6:03:21 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 242540075
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-2E-F2-48-74-DE-2B-78-3E-7A
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{63916DA0-430E-4B9A-8492-7C0C679F624D}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{ADA2BA17-9927-4567-8CE3-9E4EDCA49FB1}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4004:802::1005
74.125.228.100
74.125.228.101
74.125.228.102
74.125.228.103
74.125.228.104
74.125.228.105
74.125.228.110
74.125.228.96
74.125.228.97
74.125.228.98
74.125.228.99


Pinging google.com [74.125.228.100] with 32 bytes of data:
Reply from 74.125.228.100: bytes=32 time=22ms TTL=51
Reply from 74.125.228.100: bytes=32 time=20ms TTL=51

Ping statistics for 74.125.228.100:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 20ms, Maximum = 22ms, Average = 21ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=214ms TTL=49
Reply from 72.30.38.140: bytes=32 time=89ms TTL=49

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 89ms, Maximum = 214ms, Average = 151ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...00 26 6c e2 82 5d ......Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
11...74 de 2b 78 3e 7a ......Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.13 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.13 281
192.168.1.13 255.255.255.255 On-link 192.168.1.13 281
192.168.1.255 255.255.255.255 On-link 192.168.1.13 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.13 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.13 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 281 fe80::/64 On-link
11 281 fe80::bc44:2ab3:592:1d8b/128
On-link
1 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/22/2012 07:05:51 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/22/2012 07:05:05 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/22/2012 06:10:25 PM) (Source: CVHSVC) (User: )
Description: Information only.
Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.

Error: (08/22/2012 06:01:39 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/22/2012 06:00:25 PM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (08/22/2012 03:19:24 PM) (Source: CVHSVC) (User: )
Description: Information only.
Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.

Error: (08/22/2012 03:12:36 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/22/2012 03:12:34 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/22/2012 03:10:42 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/22/2012 03:09:26 PM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)


System errors:
=============
Error: (08/22/2012 06:03:27 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (08/22/2012 06:03:27 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (08/22/2012 06:00:21 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (08/22/2012 06:00:21 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (08/22/2012 06:00:21 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (08/22/2012 03:09:15 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (08/22/2012 03:09:15 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (08/22/2012 03:09:15 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (08/22/2012 01:17:49 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (08/22/2012 01:17:49 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.


Microsoft Office Sessions:
=========================
Error: (08/22/2012 07:05:51 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Owner\downloads\esetsmartinstaller_enu.exe

Error: (08/22/2012 07:05:05 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (08/22/2012 06:10:25 PM) (Source: CVHSVC)(User: )
Description: Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.

Error: (08/22/2012 06:01:39 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/22/2012 06:00:25 PM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (08/22/2012 03:19:24 PM) (Source: CVHSVC)(User: )
Description: Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.

Error: (08/22/2012 03:12:36 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\Downloads\esetsmartinstaller_enu.exe

Error: (08/22/2012 03:12:34 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\Downloads\esetsmartinstaller_enu.exe

Error: (08/22/2012 03:10:42 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/22/2012 03:09:26 PM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)


=========================== Installed Programs ============================

Adobe AIR (Version: 2.6.0.19140)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Reader X MUI (Version: 10.0.0)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.1.42)
BabylonObjectInstaller (Version: 2.0.0.3)
Bonjour (Version: 3.0.0.10)
Canon MX870 series MP Drivers
Conexant HD Audio (Version: 8.54.4.53)
D3DX10 (Version: 15.4.2368.0902)
Download Updater (AOL Inc.)
ESET Online Scanner v3
Google Chrome (Version: 21.0.1180.83)
Google Update Helper (Version: 1.3.21.115)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2353)
Intel® Rapid Storage Technology (Version: 10.1.0.1008)
InterActual Player
iTunes (Version: 10.6.1.7)
Java 7 Update 6 (Version: 7.0.60)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 25 (Version: 6.0.250)
Java™ 7 Update 4 (64-bit) (Version: 7.0.40)
Junk Mail filter update (Version: 15.4.3502.0922)
Label@Once 1.0 (Version: 1.0)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
ooVoo (Version: 3.0.7040)
PDF Reader
Pinnacle Studio 15 (Version: 15.0.0.7593)
Pinnacle Studio Bonus Content (Version: 15.0.0.51)
Pinnacle Video Driver (Version: 12.1.0.030)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.5)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30124)
Realtek WLAN Driver (Version: 2.00.0016)
RealUpgrade 1.1 (Version: 1.1.0)
Skype Click to Call (Version: 6.1.10441)
Skype Launcher (Version: 2.01)
Skype™ 5.9 (Version: 5.9.114)
Synaptics Pointing Device Driver (Version: 15.0.8.1)
The Weather Channel App
The Weather Channel Desktop 6
Toshiba App Place (Version: 1.0.6.3)
TOSHIBA Application Installer (Version: 9.0.1.2)
TOSHIBA Assist (Version: 4.2.3.0)
Toshiba Book Place (Version: 2.2.7530)
TOSHIBA Bulletin Board (Version: 1.6.11.64)
TOSHIBA Disc Creator (Version: 2.1.0.11 for x64)
TOSHIBA Face Recognition (Version: 3.1.17.64)
TOSHIBA Hardware Setup (Version: 2.1.0.3)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.9)
Toshiba Laptop Checkup (Version: 2.0.13.11)
TOSHIBA Media Controller (Version: 1.0.87.4)
TOSHIBA Media Controller Plug-in (Version: 1.0.7.5)
Toshiba Online Backup (Version: 2.0.0.31)
TOSHIBA Quality Application (Version: 1.0.3)
TOSHIBA Recovery Media Creator (Version: 2.1.5.5109a)
TOSHIBA ReelTime (Version: 1.7.21.64)
TOSHIBA Resolution+ Plug-in for Windows Media Player (Version: 1.1.2001)
TOSHIBA Service Station (Version: 2.2.12)
TOSHIBA Supervisor Password (Version: 2.1.0.2)
TOSHIBA Value Added Package (Version: 1.6.1.64)
TOSHIBA Web Camera Application (Version: 2.0.3.3)
TOSHIBA Wireless LAN Indicator (Version: 1.0.5)
TOSHIBARegistration (Version: 1.0.6)
Trend Micro Titanium (Version: 5.00)
Trend Micro Titanium 2012 (Version: 5.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Memory info: ===================================

Percentage of memory in use: 44%
Total physical RAM: 4043.86 MB
Available physical RAM: 2225.33 MB
Total Pagefile: 8085.91 MB
Available Pagefile: 6125.76 MB
Total Virtual: 4095.88 MB
Available Virtual: 3963.91 MB

========================= Partitions: =====================================

1 Drive c: (TI106238W0C) (Fixed) (Total:452.02 GB) (Free:399.61 GB) NTFS
2 Drive d: (THE_DARK_NIGHT) (CDROM) (Total:7.76 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\OWNER-PC

Administrator Guest Owner


**** End of log ****



Farbar Service Scanner Version: 06-08-2012
Ran by Owner (administrator) on 22-08-2012 at 20:16:34
Running from "C:\Users\Owner\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


# AdwCleaner v1.801 - Logfile created 08/22/2012 at 20:18:02
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Owner - OWNER-PC
# Boot Mode : Normal
# Running from : C:\Users\Owner\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Owner\AppData\Local\APN
Folder Deleted : C:\Users\Owner\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\Owner\AppData\Local\Temp\BabylonToolbar
Folder Deleted : C:\Users\Owner\AppData\Local\Temp\boost_interprocess
Folder Deleted : C:\Users\Owner\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Owner\Documents\ShopToWin
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\blekko toolbars
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
File Deleted : C:\user.js

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
[x64] Key Deleted : HKLM\SOFTWARE\Software
[x64] Key Deleted : HKLM\SOFTWARE\Tarma Installer

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F9E44926-2497-46F3-8A25-928136AC079E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v21.0.1180.83

File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "name": "Babylon ToolBar",
Deleted : "path": "C:\\Users\\Owner\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\[...]
Deleted : "name": "Babylon ToolBar"

*************************

AdwCleaner[S1].txt - [9139 octets] - [22/08/2012 20:18:02]

########## EOF - C:\AdwCleaner[S1].txt - [9267 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:51 AM

Posted 22 August 2012 - 07:35 PM

Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache
Repair hosts


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Post the FSS log

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#7 mercuryrsng

mercuryrsng
  • Topic Starter

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:01:51 AM

Posted 22 August 2012 - 08:12 PM

you said "post the fss log" with no instructions on running it. I assume to run it first?

Thanks

#8 mercuryrsng

mercuryrsng
  • Topic Starter

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:01:51 AM

Posted 22 August 2012 - 08:13 PM

Here is the rkill log in the mean time. Please advise on FSS.


Rkill 2.3.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/22/2012 09:12:40 PM in x64 mode.
Windows Version: Windows 7 Service Pack 1

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* No malware processes found to kill.

Checking Registry for malware related settings.

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Owner\Desktop\rkill\rkill-08-22-2012-09-13-04.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* ALERT: ZEROACCESS rootkit symptoms found!

* HKEY_CLASSES_ROOT\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32 [ZA Reg Hijack]
* C:\Users\Owner\AppData\Local\{feb10708-6fe6-a64b-8480-d2495a840fff}\ [ZA Dir]
* C:\Users\Owner\AppData\Local\{feb10708-6fe6-a64b-8480-d2495a840fff}\L\ [ZA Dir]
* C:\Users\Owner\AppData\Local\{feb10708-6fe6-a64b-8480-d2495a840fff}\U\ [ZA Dir]
* C:\windows\installer\{feb10708-6fe6-a64b-8480-d2495a840fff}\ [ZA Dir]
* C:\windows\installer\{feb10708-6fe6-a64b-8480-d2495a840fff}\L\ [ZA Dir]
* C:\windows\installer\{feb10708-6fe6-a64b-8480-d2495a840fff}\U\ [ZA Dir]

Checking Windows Service Integrity:

* AppMgmt [Missing Service]
* BITS [Missing Service]
* CscService [Missing Service]
* iphlpsvc [Missing Service]
* PeerDistSvc [Missing Service]
* UmRdpService [Missing Service]
* WinDefend [Missing Service]
* wuauserv [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 08/22/2012 09:13:15 PM
Execution time: 0 hours(s), 0 minute(s), and 35 seconds(s)

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:51 AM

Posted 22 August 2012 - 08:30 PM

FSS instructions are already given

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Restart the PC and run RKILL again and post the new log

#10 mercuryrsng

mercuryrsng
  • Topic Starter

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:01:51 AM

Posted 22 August 2012 - 08:43 PM

Farbar Service Scanner Version: 06-08-2012
Ran by Owner (administrator) on 22-08-2012 at 21:36:57
Running from "C:\Users\Owner\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****




Rkill 2.3.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/22/2012 09:40:49 PM in x64 mode.
Windows Version: Windows 7 Service Pack 1

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* No malware processes found to kill.

Checking Registry for malware related settings.

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* ALERT: ZEROACCESS rootkit symptoms found!

* HKEY_CLASSES_ROOT\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32 [ZA Reg Hijack]
* C:\Users\Owner\AppData\Local\{feb10708-6fe6-a64b-8480-d2495a840fff}\ [ZA Dir]
* C:\Users\Owner\AppData\Local\{feb10708-6fe6-a64b-8480-d2495a840fff}\L\ [ZA Dir]
* C:\Users\Owner\AppData\Local\{feb10708-6fe6-a64b-8480-d2495a840fff}\U\ [ZA Dir]
* C:\windows\installer\{feb10708-6fe6-a64b-8480-d2495a840fff}\ [ZA Dir]
* C:\windows\installer\{feb10708-6fe6-a64b-8480-d2495a840fff}\L\ [ZA Dir]
* C:\windows\installer\{feb10708-6fe6-a64b-8480-d2495a840fff}\U\ [ZA Dir]

Checking Windows Service Integrity:

* AppMgmt [Missing Service]
* BITS [Missing Service]
* CscService [Missing Service]
* iphlpsvc [Missing Service]
* PeerDistSvc [Missing Service]
* UmRdpService [Missing Service]
* WinDefend [Missing Service]
* wuauserv [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 08/22/2012 09:41:05 PM
Execution time: 0 hours(s), 0 minute(s), and 15 seconds(s)

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:51 AM

Posted 22 August 2012 - 08:48 PM

Download

http://download.bleepingcomputer.com/win-services/7/WinDefend.reg
http://download.bleepingcomputer.com/win-services/7/BITS.reg
http://download.bleepingcomputer.com/win-services/7/wuauserv.reg

Launch it,click YES

Open your C drive

On top,click on Organize-folder and search options

Click on View tab and scroll down

Check mark Show hidden files
Uncheck Hide operating system files


Click ok,now go to

C:\Users\Owner\AppData\Local\{feb10708-6fe6-a64b-8480-d2495a840fff}
C:\windows\installer\{feb10708-6fe6-a64b-8480-d2495a840fff}

delete the folders

Download the file

Fix.reg

launch it,click YES

Run RKILL again and post the new log

#12 mercuryrsng

mercuryrsng
  • Topic Starter

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:01:51 AM

Posted 22 August 2012 - 09:18 PM

Rkill 2.3.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/22/2012 10:18:08 PM in x64 mode.
Windows Version: Windows 7 Service Pack 1

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* No malware processes found to kill.

Checking Registry for malware related settings.

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* ALERT: ZEROACCESS rootkit symptoms found!

* HKEY_CLASSES_ROOT\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32 [ZA Reg Hijack]

Checking Windows Service Integrity:

* AppMgmt [Missing Service]
* CscService [Missing Service]
* iphlpsvc [Missing Service]
* PeerDistSvc [Missing Service]
* UmRdpService [Missing Service]

* WinDefend => %ProgramFiles(x86)%\Windows Defender\mpsvc.dll [Incorrect ServiceDLL]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 08/22/2012 10:18:14 PM
Execution time: 0 hours(s), 0 minute(s), and 5 seconds(s)

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:51 AM

Posted 22 August 2012 - 09:24 PM

You missed this

Download the file

Fix.reg

Launch it and click YES


you were infected by zero access rootkit too.


Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#14 mercuryrsng

mercuryrsng
  • Topic Starter

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:01:51 AM

Posted 23 August 2012 - 07:24 AM

Thank you kindly.

I have one more problem that popped up after a few restarts ago. I get 4 pop up messages at start up, but they are duplicated so there really are 2 of them. They are as follows.


There was a problem starting C:\Users\Owner\AppData\Roaming\reanlm.dll


There was a problem starting C:\Users\Owner\AppData\Roaming\retdi.dll

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:51 AM

Posted 23 August 2012 - 07:28 AM

Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the text contents here




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users