Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Blue screen of death keeps popping up. Possible alureon virus that I can't delete


  • Please log in to reply
21 replies to this topic

#1 Coachjm53

Coachjm53

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:16 AM

Posted 16 October 2012 - 07:50 AM

I keep getting the blue screen on my toshiba windows 7pc. It says something about a memory dump being unable.

I ran windows security and it said I had the alureon b but it only partially removed it. I ran avast and it found a few similar trojan viruses as well. The last thing I ran was the tdsskiller. It also said I had a virus. I got rid of everything but when I woke up this morning I tried to run my antivirus but I got the blue screen again.

I should have just come here first.

Any help would be greatly appreciated. It's a pretty new computer so I'm hoping it can be fixed

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:16 AM

Posted 16 October 2012 - 09:23 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Coachjm53

Coachjm53
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:16 AM

Posted 16 October 2012 - 09:31 AM

thank you for your help.

Here is my TDSS log

08:01:15.0961 6008 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
08:01:17.0973 6008 ============================================================
08:01:17.0973 6008 Current date / time: 2012/10/16 08:01:17.0973
08:01:17.0973 6008 SystemInfo:
08:01:17.0973 6008
08:01:17.0973 6008 OS Version: 6.1.7601 ServicePack: 1.0
08:01:17.0973 6008 Product type: Workstation
08:01:17.0973 6008 ComputerName: DEIDRA-PC
08:01:17.0973 6008 UserName: Deidra
08:01:17.0973 6008 Windows directory: C:\windows
08:01:17.0973 6008 System windows directory: C:\windows
08:01:17.0973 6008 Running under WOW64
08:01:17.0973 6008 Processor architecture: Intel x64
08:01:17.0973 6008 Number of processors: 8
08:01:17.0973 6008 Page size: 0x1000
08:01:17.0973 6008 Boot type: Normal boot
08:01:17.0973 6008 ============================================================
08:01:27.0223 6008 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:01:27.0231 6008 ============================================================
08:01:27.0231 6008 \Device\Harddisk0\DR0:
08:01:27.0232 6008 MBR partitions:
08:01:27.0232 6008 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x55425800
08:01:27.0232 6008 ============================================================
08:01:27.0286 6008 C: <-> \Device\Harddisk0\DR0\Partition1
08:01:27.0287 6008 ============================================================
08:01:27.0288 6008 Initialize success
08:01:27.0288 6008 ============================================================
08:01:43.0105 6064 ============================================================
08:01:43.0105 6064 Scan started
08:01:43.0105 6064 Mode: Manual; TDLFS;
08:01:43.0105 6064 ============================================================
08:01:44.0931 6064 ================ Scan system memory ========================
08:01:44.0931 6064 System memory - ok
08:01:44.0931 6064 ================ Scan services =============================
08:01:45.0243 6064 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
08:01:45.0258 6064 1394ohci - ok
08:01:45.0289 6064 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
08:01:45.0305 6064 ACPI - ok
08:01:45.0352 6064 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
08:01:45.0352 6064 AcpiPmi - ok
08:01:45.0414 6064 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
08:01:45.0430 6064 adp94xx - ok
08:01:45.0477 6064 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
08:01:45.0492 6064 adpahci - ok
08:01:45.0508 6064 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
08:01:45.0523 6064 adpu320 - ok
08:01:45.0555 6064 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
08:01:45.0555 6064 AeLookupSvc - ok
08:01:45.0648 6064 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
08:01:45.0679 6064 AFD - ok
08:01:45.0742 6064 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
08:01:45.0757 6064 agp440 - ok
08:01:45.0820 6064 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
08:01:45.0820 6064 ALG - ok
08:01:45.0835 6064 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
08:01:45.0835 6064 aliide - ok
08:01:45.0835 6064 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
08:01:45.0851 6064 amdide - ok
08:01:45.0851 6064 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
08:01:45.0851 6064 AmdK8 - ok
08:01:45.0867 6064 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
08:01:45.0867 6064 AmdPPM - ok
08:01:45.0898 6064 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
08:01:45.0913 6064 amdsata - ok
08:01:45.0929 6064 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
08:01:45.0929 6064 amdsbs - ok
08:01:45.0929 6064 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
08:01:45.0929 6064 amdxata - ok
08:01:45.0960 6064 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
08:01:45.0960 6064 AppID - ok
08:01:45.0991 6064 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
08:01:46.0007 6064 AppIDSvc - ok
08:01:46.0023 6064 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
08:01:46.0023 6064 Appinfo - ok
08:01:46.0085 6064 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
08:01:46.0101 6064 arc - ok
08:01:46.0132 6064 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
08:01:46.0147 6064 arcsas - ok
08:01:46.0194 6064 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
08:01:46.0194 6064 aswFsBlk - ok
08:01:46.0241 6064 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
08:01:46.0241 6064 aswMonFlt - ok
08:01:46.0272 6064 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] aswRdr C:\windows\System32\Drivers\aswrdr2.sys
08:01:46.0272 6064 aswRdr - ok
08:01:46.0335 6064 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\windows\system32\drivers\aswSnx.sys
08:01:46.0350 6064 aswSnx - ok
08:01:46.0397 6064 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\windows\system32\drivers\aswSP.sys
08:01:46.0397 6064 aswSP - ok
08:01:46.0428 6064 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\windows\system32\drivers\aswTdi.sys
08:01:46.0428 6064 aswTdi - ok
08:01:46.0475 6064 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
08:01:46.0491 6064 AsyncMac - ok
08:01:46.0522 6064 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
08:01:46.0569 6064 atapi - ok
08:01:46.0615 6064 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
08:01:46.0647 6064 AudioEndpointBuilder - ok
08:01:46.0662 6064 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
08:01:46.0678 6064 AudioSrv - ok
08:01:46.0818 6064 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
08:01:46.0818 6064 avast! Antivirus - ok
08:01:46.0927 6064 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
08:01:46.0959 6064 AxInstSV - ok
08:01:47.0021 6064 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
08:01:47.0037 6064 b06bdrv - ok
08:01:47.0068 6064 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
08:01:47.0083 6064 b57nd60a - ok
08:01:47.0115 6064 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
08:01:47.0130 6064 BDESVC - ok
08:01:47.0161 6064 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
08:01:47.0161 6064 Beep - ok
08:01:47.0239 6064 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
08:01:47.0255 6064 BFE - ok
08:01:47.0286 6064 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
08:01:47.0317 6064 BITS - ok
08:01:47.0364 6064 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\drivers\blbdrive.sys
08:01:47.0380 6064 blbdrive - ok
08:01:47.0411 6064 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
08:01:47.0411 6064 bowser - ok
08:01:47.0442 6064 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
08:01:47.0442 6064 BrFiltLo - ok
08:01:47.0458 6064 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
08:01:47.0458 6064 BrFiltUp - ok
08:01:47.0505 6064 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
08:01:47.0520 6064 Browser - ok
08:01:47.0551 6064 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
08:01:47.0567 6064 Brserid - ok
08:01:47.0583 6064 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
08:01:47.0583 6064 BrSerWdm - ok
08:01:47.0598 6064 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
08:01:47.0598 6064 BrUsbMdm - ok
08:01:47.0598 6064 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
08:01:47.0598 6064 BrUsbSer - ok
08:01:47.0598 6064 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
08:01:47.0598 6064 BTHMODEM - ok
08:01:47.0629 6064 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
08:01:47.0629 6064 bthserv - ok
08:01:47.0661 6064 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
08:01:47.0676 6064 cdfs - ok
08:01:47.0707 6064 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
08:01:47.0723 6064 cdrom - ok
08:01:47.0770 6064 [ A965B206921C55F2D1481789D609B711 ] CeKbFilter C:\windows\system32\DRIVERS\CeKbFilter.sys
08:01:47.0770 6064 CeKbFilter - ok
08:01:47.0817 6064 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
08:01:47.0817 6064 CertPropSvc - ok
08:01:47.0863 6064 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
08:01:47.0863 6064 circlass - ok
08:01:47.0879 6064 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
08:01:47.0895 6064 CLFS - ok
08:01:47.0973 6064 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:01:47.0988 6064 clr_optimization_v2.0.50727_32 - ok
08:01:48.0051 6064 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:01:48.0066 6064 clr_optimization_v2.0.50727_64 - ok
08:01:48.0160 6064 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:01:48.0175 6064 clr_optimization_v4.0.30319_32 - ok
08:01:48.0222 6064 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:01:48.0222 6064 clr_optimization_v4.0.30319_64 - ok
08:01:48.0269 6064 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\drivers\CmBatt.sys
08:01:48.0269 6064 CmBatt - ok
08:01:48.0285 6064 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
08:01:48.0285 6064 cmdide - ok
08:01:48.0347 6064 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
08:01:48.0347 6064 CNG - ok
08:01:48.0441 6064 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
08:01:48.0441 6064 Compbatt - ok
08:01:48.0472 6064 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
08:01:48.0472 6064 CompositeBus - ok
08:01:48.0503 6064 COMSysApp - ok
08:01:48.0519 6064 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
08:01:48.0519 6064 crcdisk - ok
08:01:48.0581 6064 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
08:01:48.0597 6064 CryptSvc - ok
08:01:48.0706 6064 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
08:01:48.0721 6064 cvhsvc - ok
08:01:48.0815 6064 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
08:01:48.0831 6064 DcomLaunch - ok
08:01:48.0862 6064 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
08:01:48.0877 6064 defragsvc - ok
08:01:48.0909 6064 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
08:01:48.0909 6064 DfsC - ok
08:01:48.0940 6064 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
08:01:48.0955 6064 Dhcp - ok
08:01:48.0971 6064 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
08:01:48.0971 6064 discache - ok
08:01:49.0002 6064 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
08:01:49.0002 6064 Disk - ok
08:01:49.0033 6064 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
08:01:49.0049 6064 Dnscache - ok
08:01:49.0065 6064 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
08:01:49.0080 6064 dot3svc - ok
08:01:49.0080 6064 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
08:01:49.0080 6064 DPS - ok
08:01:49.0111 6064 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
08:01:49.0111 6064 drmkaud - ok
08:01:49.0143 6064 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
08:01:49.0143 6064 DXGKrnl - ok
08:01:49.0158 6064 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
08:01:49.0174 6064 EapHost - ok
08:01:49.0299 6064 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
08:01:49.0408 6064 ebdrv - ok
08:01:49.0439 6064 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
08:01:49.0455 6064 EFS - ok
08:01:49.0548 6064 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
08:01:49.0595 6064 ehRecvr - ok
08:01:49.0626 6064 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
08:01:49.0626 6064 ehSched - ok
08:01:49.0673 6064 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
08:01:49.0689 6064 elxstor - ok
08:01:49.0751 6064 [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
08:01:49.0767 6064 EpsonBidirectionalService - ok
08:01:49.0782 6064 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
08:01:49.0782 6064 ErrDev - ok
08:01:49.0813 6064 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
08:01:49.0813 6064 EventSystem - ok
08:01:49.0969 6064 [ 57E61DC4F7980D57C0B162FC5B9F0B38 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
08:01:50.0063 6064 EvtEng - ok
08:01:50.0110 6064 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
08:01:50.0110 6064 exfat - ok
08:01:50.0141 6064 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
08:01:50.0141 6064 fastfat - ok
08:01:50.0266 6064 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
08:01:50.0281 6064 Fax - ok
08:01:50.0344 6064 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
08:01:50.0359 6064 fdc - ok
08:01:50.0391 6064 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
08:01:50.0391 6064 fdPHost - ok
08:01:50.0406 6064 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
08:01:50.0406 6064 FDResPub - ok
08:01:50.0453 6064 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
08:01:50.0453 6064 FileInfo - ok
08:01:50.0469 6064 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
08:01:50.0469 6064 Filetrace - ok
08:01:50.0515 6064 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
08:01:50.0515 6064 flpydisk - ok
08:01:50.0531 6064 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
08:01:50.0547 6064 FltMgr - ok
08:01:50.0640 6064 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
08:01:50.0718 6064 FontCache - ok
08:01:50.0796 6064 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:01:50.0812 6064 FontCache3.0.0.0 - ok
08:01:50.0859 6064 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
08:01:50.0859 6064 FsDepends - ok
08:01:50.0890 6064 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
08:01:50.0890 6064 Fs_Rec - ok
08:01:50.0937 6064 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
08:01:50.0937 6064 fvevol - ok
08:01:50.0983 6064 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
08:01:50.0983 6064 gagp30kx - ok
08:01:51.0046 6064 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
08:01:51.0061 6064 GamesAppService - ok
08:01:51.0124 6064 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
08:01:51.0124 6064 gpsvc - ok
08:01:51.0171 6064 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:01:51.0171 6064 gupdate - ok
08:01:51.0186 6064 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:01:51.0186 6064 gupdatem - ok
08:01:51.0233 6064 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
08:01:51.0233 6064 gusvc - ok
08:01:51.0264 6064 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
08:01:51.0264 6064 hcw85cir - ok
08:01:51.0295 6064 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
08:01:51.0327 6064 HdAudAddService - ok
08:01:51.0373 6064 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
08:01:51.0373 6064 HDAudBus - ok
08:01:51.0373 6064 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
08:01:51.0389 6064 HidBatt - ok
08:01:51.0405 6064 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
08:01:51.0405 6064 HidBth - ok
08:01:51.0420 6064 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
08:01:51.0420 6064 HidIr - ok
08:01:51.0451 6064 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
08:01:51.0451 6064 hidserv - ok
08:01:51.0483 6064 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\drivers\hidusb.sys
08:01:51.0483 6064 HidUsb - ok
08:01:51.0498 6064 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
08:01:51.0529 6064 hkmsvc - ok
08:01:51.0545 6064 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
08:01:51.0545 6064 HomeGroupListener - ok
08:01:51.0592 6064 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
08:01:51.0607 6064 HomeGroupProvider - ok
08:01:51.0623 6064 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
08:01:51.0639 6064 HpSAMD - ok
08:01:51.0670 6064 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
08:01:51.0685 6064 HTTP - ok
08:01:51.0717 6064 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
08:01:51.0717 6064 hwpolicy - ok
08:01:51.0748 6064 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
08:01:51.0748 6064 i8042prt - ok
08:01:51.0810 6064 [ D469B77687E12FE43E344806740B624D ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
08:01:51.0826 6064 iaStor - ok
08:01:51.0888 6064 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
08:01:51.0919 6064 iaStorV - ok
08:01:52.0060 6064 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:01:52.0169 6064 idsvc - ok
08:01:52.0965 6064 [ 93C8115D4BAEB1BD047AB0A9B265EE7A ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
08:01:53.0152 6064 igfx - ok
08:01:53.0199 6064 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
08:01:53.0199 6064 iirsp - ok
08:01:53.0245 6064 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
08:01:53.0261 6064 IKEEXT - ok
08:01:53.0292 6064 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\windows\system32\drivers\intelaud.sys
08:01:53.0308 6064 intaud_WaveExtensible - ok
08:01:53.0448 6064 [ AC9AAFD18E4D52084C4AA8A38795B7E4 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
08:01:53.0464 6064 IntcAzAudAddService - ok
08:01:53.0526 6064 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
08:01:53.0542 6064 IntcDAud - ok
08:01:53.0573 6064 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
08:01:53.0573 6064 intelide - ok
08:01:53.0604 6064 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
08:01:53.0604 6064 intelppm - ok
08:01:53.0651 6064 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
08:01:53.0667 6064 IPBusEnum - ok
08:01:53.0667 6064 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
08:01:53.0667 6064 IpFilterDriver - ok
08:01:53.0760 6064 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
08:01:53.0776 6064 iphlpsvc - ok
08:01:53.0823 6064 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
08:01:53.0854 6064 IPMIDRV - ok
08:01:53.0885 6064 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
08:01:53.0901 6064 IPNAT - ok
08:01:53.0932 6064 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
08:01:53.0932 6064 IRENUM - ok
08:01:53.0947 6064 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
08:01:53.0963 6064 isapnp - ok
08:01:53.0994 6064 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
08:01:53.0994 6064 iScsiPrt - ok
08:01:54.0025 6064 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\windows\system32\DRIVERS\iwdbus.sys
08:01:54.0025 6064 iwdbus - ok
08:01:54.0057 6064 [ 0B44199365A69696109AB9A5855E0841 ] JMCR C:\windows\system32\DRIVERS\jmcr.sys
08:01:54.0057 6064 JMCR - ok
08:01:54.0088 6064 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
08:01:54.0088 6064 kbdclass - ok
08:01:54.0181 6064 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
08:01:54.0181 6064 kbdhid - ok
08:01:54.0244 6064 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
08:01:54.0244 6064 KeyIso - ok
08:01:54.0275 6064 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
08:01:54.0291 6064 KSecDD - ok
08:01:54.0306 6064 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
08:01:54.0306 6064 KSecPkg - ok
08:01:54.0384 6064 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
08:01:54.0384 6064 ksthunk - ok
08:01:54.0447 6064 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
08:01:54.0462 6064 KtmRm - ok
08:01:54.0509 6064 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
08:01:54.0509 6064 LanmanServer - ok
08:01:54.0540 6064 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
08:01:54.0540 6064 LanmanWorkstation - ok
08:01:54.0587 6064 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
08:01:54.0587 6064 lltdio - ok
08:01:54.0618 6064 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
08:01:54.0634 6064 lltdsvc - ok
08:01:54.0665 6064 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
08:01:54.0665 6064 lmhosts - ok
08:01:54.0727 6064 [ 50C7CE53EF461870410355F1F2E7D515 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
08:01:54.0743 6064 LMS - ok
08:01:54.0774 6064 [ 2825A71E7501CB33B3B9F856610C729D ] LPCFilter C:\windows\system32\DRIVERS\LPCFilter.sys
08:01:54.0774 6064 LPCFilter - ok
08:01:54.0805 6064 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
08:01:54.0821 6064 LSI_FC - ok
08:01:54.0852 6064 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
08:01:54.0852 6064 LSI_SAS - ok
08:01:54.0868 6064 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
08:01:54.0868 6064 LSI_SAS2 - ok
08:01:54.0883 6064 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
08:01:54.0883 6064 LSI_SCSI - ok
08:01:54.0899 6064 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
08:01:54.0899 6064 luafv - ok
08:01:54.0946 6064 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\windows\system32\drivers\mbam.sys
08:01:54.0946 6064 MBAMProtector - ok
08:01:55.0008 6064 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
08:01:55.0024 6064 MBAMScheduler - ok
08:01:55.0086 6064 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
08:01:55.0227 6064 MBAMService - ok
08:01:55.0258 6064 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
08:01:55.0258 6064 Mcx2Svc - ok
08:01:55.0320 6064 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
08:01:55.0336 6064 megasas - ok
08:01:55.0383 6064 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
08:01:55.0398 6064 MegaSR - ok
08:01:55.0429 6064 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
08:01:55.0445 6064 MEIx64 - ok
08:01:55.0492 6064 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
08:01:55.0507 6064 MMCSS - ok
08:01:55.0523 6064 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
08:01:55.0523 6064 Modem - ok
08:01:55.0570 6064 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
08:01:55.0570 6064 monitor - ok
08:01:55.0601 6064 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\drivers\mouclass.sys
08:01:55.0601 6064 mouclass - ok
08:01:55.0632 6064 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\drivers\mouhid.sys
08:01:55.0632 6064 mouhid - ok
08:01:55.0679 6064 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
08:01:55.0679 6064 mountmgr - ok
08:01:55.0695 6064 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
08:01:55.0695 6064 mpio - ok
08:01:55.0710 6064 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
08:01:55.0710 6064 mpsdrv - ok
08:01:55.0757 6064 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
08:01:55.0773 6064 MpsSvc - ok
08:01:55.0788 6064 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
08:01:55.0804 6064 MRxDAV - ok
08:01:55.0819 6064 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
08:01:55.0819 6064 mrxsmb - ok
08:01:55.0851 6064 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
08:01:55.0851 6064 mrxsmb10 - ok
08:01:55.0851 6064 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
08:01:55.0851 6064 mrxsmb20 - ok
08:01:55.0882 6064 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\DRIVERS\msahci.sys
08:01:55.0882 6064 msahci - ok
08:01:55.0929 6064 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
08:01:55.0929 6064 msdsm - ok
08:01:55.0975 6064 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
08:01:55.0991 6064 MSDTC - ok
08:01:56.0022 6064 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
08:01:56.0022 6064 Msfs - ok
08:01:56.0053 6064 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
08:01:56.0069 6064 mshidkmdf - ok
08:01:56.0100 6064 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
08:01:56.0100 6064 msisadrv - ok
08:01:56.0147 6064 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
08:01:56.0163 6064 MSiSCSI - ok
08:01:56.0163 6064 msiserver - ok
08:01:56.0209 6064 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
08:01:56.0209 6064 MSKSSRV - ok
08:01:56.0225 6064 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
08:01:56.0241 6064 MSPCLOCK - ok
08:01:56.0272 6064 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
08:01:56.0272 6064 MSPQM - ok
08:01:56.0303 6064 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
08:01:56.0319 6064 MsRPC - ok
08:01:56.0350 6064 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
08:01:56.0350 6064 mssmbios - ok
08:01:56.0365 6064 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
08:01:56.0365 6064 MSTEE - ok
08:01:56.0381 6064 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
08:01:56.0381 6064 MTConfig - ok
08:01:56.0397 6064 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
08:01:56.0412 6064 Mup - ok
08:01:56.0459 6064 [ 50B99D53BC013458381C6476D790C9F3 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
08:01:56.0475 6064 MyWiFiDHCPDNS - ok
08:01:56.0521 6064 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
08:01:56.0553 6064 napagent - ok
08:01:56.0615 6064 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
08:01:56.0631 6064 NativeWifiP - ok
08:01:56.0693 6064 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
08:01:56.0709 6064 NDIS - ok
08:01:56.0740 6064 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
08:01:56.0755 6064 NdisCap - ok
08:01:56.0787 6064 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
08:01:56.0787 6064 NdisTapi - ok
08:01:56.0802 6064 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
08:01:56.0802 6064 Ndisuio - ok
08:01:56.0818 6064 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
08:01:56.0818 6064 NdisWan - ok
08:01:56.0818 6064 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
08:01:56.0833 6064 NDProxy - ok
08:01:56.0849 6064 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
08:01:56.0849 6064 NetBIOS - ok
08:01:56.0865 6064 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
08:01:56.0865 6064 NetBT - ok
08:01:56.0896 6064 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
08:01:56.0896 6064 Netlogon - ok
08:01:56.0927 6064 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
08:01:56.0943 6064 Netman - ok
08:01:56.0958 6064 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
08:01:56.0958 6064 netprofm - ok
08:01:56.0989 6064 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:01:56.0989 6064 NetTcpPortSharing - ok
08:01:57.0348 6064 [ AC69618DE5BCCE8747C9AB0AAE1003C1 ] NETwNs64 C:\windows\system32\DRIVERS\NETwNs64.sys
08:01:57.0520 6064 NETwNs64 - ok
08:01:57.0598 6064 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
08:01:57.0598 6064 nfrd960 - ok
08:01:57.0660 6064 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
08:01:57.0676 6064 NlaSvc - ok
08:01:57.0707 6064 Norton PC Checkup Application Launcher - ok
08:01:57.0723 6064 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
08:01:57.0723 6064 Npfs - ok
08:01:57.0738 6064 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
08:01:57.0738 6064 nsi - ok
08:01:57.0769 6064 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
08:01:57.0769 6064 nsiproxy - ok
08:01:57.0957 6064 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
08:01:58.0019 6064 Ntfs - ok
08:01:58.0050 6064 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
08:01:58.0066 6064 Null - ok
08:01:58.0128 6064 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\windows\system32\DRIVERS\nusb3hub.sys
08:01:58.0128 6064 nusb3hub - ok
08:01:58.0175 6064 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\windows\system32\DRIVERS\nusb3xhc.sys
08:01:58.0175 6064 nusb3xhc - ok
08:01:58.0253 6064 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
08:01:58.0253 6064 nvraid - ok
08:01:58.0269 6064 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
08:01:58.0284 6064 nvstor - ok
08:01:58.0300 6064 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
08:01:58.0315 6064 nv_agp - ok
08:01:58.0315 6064 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
08:01:58.0315 6064 ohci1394 - ok
08:01:58.0378 6064 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:01:58.0393 6064 ose - ok
08:01:58.0674 6064 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:01:58.0830 6064 osppsvc - ok
08:01:58.0861 6064 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
08:01:58.0861 6064 p2pimsvc - ok
08:01:58.0893 6064 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
08:01:58.0893 6064 p2psvc - ok
08:01:58.0908 6064 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
08:01:58.0924 6064 Parport - ok
08:01:58.0939 6064 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
08:01:58.0955 6064 partmgr - ok
08:01:58.0986 6064 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
08:01:58.0986 6064 PcaSvc - ok
08:01:59.0017 6064 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
08:01:59.0017 6064 PCCUJobMgr - ok
08:01:59.0095 6064 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
08:01:59.0127 6064 pci - ok
08:01:59.0173 6064 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
08:01:59.0173 6064 pciide - ok
08:01:59.0205 6064 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
08:01:59.0220 6064 pcmcia - ok
08:01:59.0236 6064 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
08:01:59.0236 6064 pcw - ok
08:01:59.0251 6064 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
08:01:59.0267 6064 PEAUTH - ok
08:01:59.0423 6064 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
08:01:59.0423 6064 PerfHost - ok
08:01:59.0485 6064 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
08:01:59.0485 6064 PGEffect - ok
08:01:59.0563 6064 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
08:01:59.0595 6064 pla - ok
08:01:59.0641 6064 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
08:01:59.0657 6064 PlugPlay - ok
08:01:59.0673 6064 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
08:01:59.0673 6064 PNRPAutoReg - ok
08:01:59.0688 6064 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
08:01:59.0704 6064 PNRPsvc - ok
08:01:59.0766 6064 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
08:01:59.0782 6064 PolicyAgent - ok
08:01:59.0797 6064 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
08:01:59.0813 6064 Power - ok
08:01:59.0844 6064 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
08:01:59.0844 6064 PptpMiniport - ok
08:01:59.0875 6064 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
08:01:59.0875 6064 Processor - ok
08:01:59.0907 6064 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
08:01:59.0922 6064 ProfSvc - ok
08:01:59.0922 6064 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
08:01:59.0938 6064 ProtectedStorage - ok
08:01:59.0969 6064 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
08:01:59.0969 6064 Psched - ok
08:02:00.0031 6064 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
08:02:00.0063 6064 ql2300 - ok
08:02:00.0094 6064 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
08:02:00.0094 6064 ql40xx - ok
08:02:00.0125 6064 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
08:02:00.0125 6064 QWAVE - ok
08:02:00.0172 6064 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
08:02:00.0172 6064 QWAVEdrv - ok
08:02:00.0203 6064 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
08:02:00.0203 6064 RasAcd - ok
08:02:00.0250 6064 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
08:02:00.0250 6064 RasAgileVpn - ok
08:02:00.0281 6064 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
08:02:00.0281 6064 RasAuto - ok
08:02:00.0297 6064 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
08:02:00.0297 6064 Rasl2tp - ok
08:02:00.0359 6064 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
08:02:00.0359 6064 RasMan - ok
08:02:00.0406 6064 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
08:02:00.0406 6064 RasPppoe - ok
08:02:00.0406 6064 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
08:02:00.0421 6064 RasSstp - ok
08:02:00.0421 6064 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
08:02:00.0437 6064 rdbss - ok
08:02:00.0453 6064 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
08:02:00.0468 6064 rdpbus - ok
08:02:00.0484 6064 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
08:02:00.0484 6064 RDPCDD - ok
08:02:00.0499 6064 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
08:02:00.0515 6064 RDPENCDD - ok
08:02:00.0515 6064 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
08:02:00.0515 6064 RDPREFMP - ok
08:02:00.0546 6064 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
08:02:00.0562 6064 RDPWD - ok
08:02:00.0593 6064 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
08:02:00.0609 6064 rdyboost - ok
08:02:00.0687 6064 [ 18505D90FEE940EE9EAE4C5B421F22B4 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
08:02:00.0718 6064 RegSrvc - ok
08:02:00.0749 6064 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
08:02:00.0765 6064 RemoteAccess - ok
08:02:00.0796 6064 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
08:02:00.0811 6064 RemoteRegistry - ok
08:02:00.0827 6064 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
08:02:00.0843 6064 RpcEptMapper - ok
08:02:00.0874 6064 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
08:02:00.0874 6064 RpcLocator - ok
08:02:00.0889 6064 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
08:02:00.0905 6064 RpcSs - ok
08:02:00.0936 6064 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
08:02:00.0936 6064 rspndr - ok
08:02:00.0983 6064 [ 6D3C7E7D82D3DC92DC2A8B0DF9F20F8A ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
08:02:00.0999 6064 RTL8167 - ok
08:02:01.0014 6064 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
08:02:01.0030 6064 SamSs - ok
08:02:01.0077 6064 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
08:02:01.0108 6064 sbp2port - ok
08:02:01.0155 6064 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
08:02:01.0155 6064 SCardSvr - ok
08:02:01.0186 6064 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
08:02:01.0201 6064 scfilter - ok
08:02:01.0233 6064 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
08:02:01.0264 6064 Schedule - ok
08:02:01.0295 6064 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
08:02:01.0295 6064 SCPolicySvc - ok
08:02:01.0357 6064 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\windows\system32\DRIVERS\sdbus.sys
08:02:01.0373 6064 sdbus - ok
08:02:01.0404 6064 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
08:02:01.0420 6064 SDRSVC - ok
08:02:01.0467 6064 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
08:02:01.0482 6064 secdrv - ok
08:02:01.0498 6064 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
08:02:01.0513 6064 seclogon - ok
08:02:01.0545 6064 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
08:02:01.0560 6064 SENS - ok
08:02:01.0591 6064 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
08:02:01.0591 6064 SensrSvc - ok
08:02:01.0638 6064 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
08:02:01.0654 6064 Serenum - ok
08:02:01.0669 6064 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
08:02:01.0669 6064 Serial - ok
08:02:01.0669 6064 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
08:02:01.0685 6064 sermouse - ok
08:02:01.0716 6064 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
08:02:01.0716 6064 SessionEnv - ok
08:02:01.0732 6064 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
08:02:01.0732 6064 sffdisk - ok
08:02:01.0747 6064 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
08:02:01.0747 6064 sffp_mmc - ok
08:02:01.0763 6064 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
08:02:01.0763 6064 sffp_sd - ok
08:02:01.0779 6064 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
08:02:01.0779 6064 sfloppy - ok
08:02:01.0841 6064 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
08:02:01.0841 6064 Sftfs - ok
08:02:01.0935 6064 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
08:02:01.0935 6064 sftlist - ok
08:02:01.0966 6064 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
08:02:01.0966 6064 Sftplay - ok
08:02:02.0013 6064 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
08:02:02.0013 6064 Sftredir - ok
08:02:02.0075 6064 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
08:02:02.0091 6064 Sftvol - ok
08:02:02.0122 6064 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
08:02:02.0122 6064 sftvsa - ok
08:02:02.0200 6064 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
08:02:02.0215 6064 SharedAccess - ok
08:02:02.0231 6064 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
08:02:02.0247 6064 ShellHWDetection - ok
08:02:02.0278 6064 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
08:02:02.0293 6064 SiSRaid2 - ok
08:02:02.0325 6064 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
08:02:02.0340 6064 SiSRaid4 - ok
08:02:02.0418 6064 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
08:02:02.0418 6064 SkypeUpdate - ok
08:02:02.0449 6064 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
08:02:02.0465 6064 Smb - ok
08:02:02.0496 6064 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
08:02:02.0496 6064 SNMPTRAP - ok
08:02:02.0527 6064 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
08:02:02.0527 6064 spldr - ok
08:02:02.0590 6064 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
08:02:02.0605 6064 Spooler - ok
08:02:02.0715 6064 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
08:02:02.0793 6064 sppsvc - ok
08:02:02.0808 6064 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
08:02:02.0808 6064 sppuinotify - ok
08:02:02.0839 6064 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
08:02:02.0839 6064 srv - ok
08:02:02.0855 6064 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
08:02:02.0855 6064 srv2 - ok
08:02:02.0855 6064 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
08:02:02.0871 6064 srvnet - ok
08:02:02.0902 6064 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
08:02:02.0902 6064 SSDPSRV - ok
08:02:02.0933 6064 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
08:02:02.0949 6064 SstpSvc - ok
08:02:02.0995 6064 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
08:02:03.0011 6064 stexstor - ok
08:02:03.0073 6064 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
08:02:03.0073 6064 stisvc - ok
08:02:03.0105 6064 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
08:02:03.0105 6064 swenum - ok
08:02:03.0151 6064 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
08:02:03.0167 6064 swprv - ok
08:02:03.0229 6064 [ F5B46DF59FEAA48A442AED7EEB754D4B ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
08:02:03.0229 6064 SynTP - ok
08:02:03.0354 6064 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
08:02:03.0729 6064 SysMain - ok
08:02:03.0760 6064 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
08:02:03.0760 6064 TabletInputService - ok
08:02:03.0775 6064 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
08:02:03.0775 6064 TapiSrv - ok
08:02:03.0775 6064 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
08:02:03.0791 6064 TBS - ok
08:02:03.0838 6064 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\windows\system32\drivers\tcpip.sys
08:02:03.0869 6064 Tcpip - ok
08:02:03.0900 6064 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
08:02:03.0900 6064 TCPIP6 - ok
08:02:03.0931 6064 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
08:02:03.0947 6064 tcpipreg - ok
08:02:04.0009 6064 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
08:02:04.0009 6064 tdcmdpst - ok
08:02:04.0025 6064 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
08:02:04.0025 6064 TDPIPE - ok
08:02:04.0056 6064 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
08:02:04.0056 6064 TDTCP - ok
08:02:04.0087 6064 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
08:02:04.0103 6064 tdx - ok
08:02:04.0119 6064 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
08:02:04.0119 6064 TermDD - ok
08:02:04.0181 6064 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
08:02:04.0181 6064 TermService - ok
08:02:04.0197 6064 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
08:02:04.0197 6064 Themes - ok
08:02:04.0243 6064 [ 7F35CA8296A52C7161088EB1D952E8ED ] Thpdrv C:\windows\system32\DRIVERS\thpdrv.sys
08:02:04.0243 6064 Thpdrv - ok
08:02:04.0275 6064 [ B4E609047434ED948AF7BDEF2FA66E38 ] Thpevm C:\windows\system32\DRIVERS\Thpevm.SYS
08:02:04.0275 6064 Thpevm - ok
08:02:04.0321 6064 [ 0B4734AE9EC70B843DF02E7B1C056377 ] Thpsrv C:\windows\system32\ThpSrv.exe
08:02:04.0337 6064 Thpsrv - ok
08:02:04.0353 6064 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
08:02:04.0353 6064 THREADORDER - ok
08:02:04.0446 6064 [ 71C321649B28638EE80A2EEB164C1DC8 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
08:02:04.0446 6064 TMachInfo - ok
08:02:04.0477 6064 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\windows\system32\TODDSrv.exe
08:02:04.0477 6064 TODDSrv - ok
08:02:04.0587 6064 [ 1C73689B900428C7D054A41C4687F55C ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
08:02:04.0587 6064 TosCoSrv - ok
08:02:04.0649 6064 [ 63AAFCF3EA5DBB17123E0BAE9AFE4D58 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
08:02:04.0649 6064 TOSHIBA eco Utility Service - ok
08:02:04.0711 6064 [ 29D0886CF250FCEF1BF9E65AB8D2C0C8 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
08:02:04.0711 6064 TOSHIBA HDD SSD Alert Service - ok
08:02:04.0743 6064 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys
08:02:04.0758 6064 tos_sps64 - ok
08:02:04.0805 6064 [ 098B8A408C17E125A3D9A8E1166780C8 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
08:02:04.0867 6064 TPCHSrv - ok
08:02:04.0914 6064 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
08:02:04.0945 6064 TrkWks - ok
08:02:05.0023 6064 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
08:02:05.0039 6064 TrustedInstaller - ok
08:02:05.0070 6064 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
08:02:05.0070 6064 tssecsrv - ok
08:02:05.0101 6064 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
08:02:05.0133 6064 TsUsbFlt - ok
08:02:05.0148 6064 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
08:02:05.0164 6064 TsUsbGD - ok
08:02:05.0164 6064 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
08:02:05.0179 6064 tunnel - ok
08:02:05.0242 6064 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
08:02:05.0242 6064 TVALZ - ok
08:02:05.0289 6064 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
08:02:05.0289 6064 TVALZFL - ok
08:02:05.0335 6064 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
08:02:05.0351 6064 uagp35 - ok
08:02:05.0382 6064 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
08:02:05.0382 6064 udfs - ok
08:02:05.0429 6064 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
08:02:05.0429 6064 UI0Detect - ok
08:02:05.0523 6064 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
08:02:05.0538 6064 uliagpkx - ok
08:02:05.0585 6064 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
08:02:05.0585 6064 umbus - ok
08:02:05.0632 6064 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
08:02:05.0632 6064 UmPass - ok
08:02:05.0819 6064 [ 374EBDA379A8F38E0CFC2211611E7167 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
08:02:05.0913 6064 UNS - ok
08:02:05.0944 6064 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
08:02:05.0944 6064 upnphost - ok
08:02:05.0975 6064 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
08:02:05.0991 6064 usbccgp - ok
08:02:06.0022 6064 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
08:02:06.0022 6064 usbcir - ok
08:02:06.0022 6064 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
08:02:06.0037 6064 usbehci - ok
08:02:06.0053 6064 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\drivers\usbhub.sys
08:02:06.0069 6064 usbhub - ok
08:02:06.0084 6064 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
08:02:06.0100 6064 usbohci - ok
08:02:06.0131 6064 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\drivers\usbprint.sys
08:02:06.0147 6064 usbprint - ok
08:02:06.0162 6064 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
08:02:06.0162 6064 USBSTOR - ok
08:02:06.0193 6064 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
08:02:06.0209 6064 usbuhci - ok
08:02:06.0303 6064 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
08:02:06.0318 6064 usbvideo - ok
08:02:06.0365 6064 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
08:02:06.0381 6064 UxSms - ok
08:02:06.0412 6064 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
08:02:06.0412 6064 VaultSvc - ok
08:02:06.0443 6064 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
08:02:06.0443 6064 vdrvroot - ok
08:02:06.0521 6064 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
08:02:06.0537 6064 vds - ok
08:02:06.0583 6064 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
08:02:06.0583 6064 vga - ok
08:02:06.0583 6064 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
08:02:06.0599 6064 VgaSave - ok
08:02:06.0599 6064 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
08:02:06.0615 6064 vhdmp - ok
08:02:06.0630 6064 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
08:02:06.0630 6064 viaide - ok
08:02:06.0646 6064 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
08:02:06.0661 6064 volmgr - ok
08:02:06.0677 6064 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
08:02:06.0677 6064 volmgrx - ok
08:02:06.0693 6064 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
08:02:06.0693 6064 volsnap - ok
08:02:06.0755 6064 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
08:02:06.0755 6064 vsmraid - ok
08:02:06.0786 6064 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
08:02:06.0802 6064 VSS - ok
08:02:06.0833 6064 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
08:02:06.0833 6064 vwifibus - ok
08:02:06.0895 6064 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
08:02:06.0895 6064 vwififlt - ok
08:02:06.0911 6064 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
08:02:06.0911 6064 vwifimp - ok
08:02:06.0942 6064 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
08:02:06.0958 6064 W32Time - ok
08:02:06.0973 6064 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
08:02:07.0005 6064 WacomPen - ok
08:02:07.0051 6064 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
08:02:07.0051 6064 WANARP - ok
08:02:07.0083 6064 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
08:02:07.0083 6064 Wanarpv6 - ok
08:02:07.0176 6064 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
08:02:07.0192 6064 WatAdminSvc - ok
08:02:07.0270 6064 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
08:02:07.0317 6064 wbengine - ok
08:02:07.0348 6064 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
08:02:07.0363 6064 WbioSrvc - ok
08:02:07.0395 6064 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
08:02:07.0410 6064 wcncsvc - ok
08:02:07.0426 6064 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
08:02:07.0426 6064 WcsPlugInService - ok
08:02:07.0457 6064 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
08:02:07.0457 6064 Wd - ok
08:02:07.0504 6064 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
08:02:07.0519 6064 Wdf01000 - ok
08:02:07.0535 6064 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
08:02:07.0535 6064 WdiServiceHost - ok
08:02:07.0535 6064 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
08:02:07.0535 6064 WdiSystemHost - ok
08:02:07.0582 6064 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
08:02:07.0597 6064 WebClient - ok
08:02:07.0613 6064 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
08:02:07.0629 6064 Wecsvc - ok
08:02:07.0644 6064 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
08:02:07.0660 6064 wercplsupport - ok
08:02:07.0691 6064 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
08:02:07.0691 6064 WerSvc - ok
08:02:07.0722 6064 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
08:02:07.0722 6064 WfpLwf - ok
08:02:07.0738 6064 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
08:02:07.0738 6064 WIMMount - ok
08:02:07.0769 6064 WinDefend - ok
08:02:07.0769 6064 WinHttpAutoProxySvc - ok
08:02:07.0863 6064 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
08:02:07.0894 6064 Winmgmt - ok
08:02:08.0003 6064 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
08:02:08.0034 6064 WinRM - ok
08:02:08.0065 6064 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
08:02:08.0081 6064 Wlansvc - ok
08:02:08.0128 6064 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:02:08.0175 6064 wlcrasvc - ok
08:02:08.0424 6064 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:02:08.0440 6064 wlidsvc - ok
08:02:08.0487 6064 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
08:02:08.0502 6064 WmiAcpi - ok
08:02:08.0565 6064 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
08:02:08.0580 6064 wmiApSrv - ok
08:02:08.0658 6064 WMPNetworkSvc - ok
08:02:08.0736 6064 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
08:02:08.0752 6064 WPCSvc - ok
08:02:08.0814 6064 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
08:02:08.0830 6064 WPDBusEnum - ok
08:02:08.0877 6064 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
08:02:08.0892 6064 ws2ifsl - ok
08:02:08.0970 6064 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
08:02:09.0001 6064 wscsvc - ok
08:02:09.0126 6064 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\windows\system32\DRIVERS\WSDPrint.sys
08:02:09.0126 6064 WSDPrintDevice - ok
08:02:09.0142 6064 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\windows\system32\DRIVERS\WSDScan.sys
08:02:09.0142 6064 WSDScan - ok
08:02:09.0142 6064 WSearch - ok
08:02:09.0438 6064 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
08:02:09.0532 6064 wuauserv - ok
08:02:09.0547 6064 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
08:02:09.0563 6064 WudfPf - ok
08:02:09.0641 6064 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
08:02:09.0657 6064 WUDFRd - ok
08:02:09.0688 6064 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
08:02:09.0719 6064 wudfsvc - ok
08:02:09.0750 6064 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
08:02:09.0781 6064 WwanSvc - ok
08:02:09.0828 6064 ================ Scan global ===============================
08:02:09.0875 6064 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
08:02:09.0937 6064 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
08:02:09.0969 6064 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
08:02:10.0000 6064 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
08:02:10.0031 6064 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
08:02:10.0062 6064 [Global] - ok
08:02:10.0062 6064 ================ Scan MBR ==================================
08:02:10.0078 6064 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
08:02:10.0561 6064 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
08:02:10.0561 6064 \Device\Harddisk0\DR0 - detected TDSS File System (1)
08:02:10.0561 6064 ================ Scan VBR ==================================
08:02:10.0577 6064 [ 7FE22F346CBD2CE23B57EF3E3B9D4055 ] \Device\Harddisk0\DR0\Partition1
08:02:10.0577 6064 \Device\Harddisk0\DR0\Partition1 - ok
08:02:10.0577 6064 ============================================================
08:02:10.0577 6064 Scan finished
08:02:10.0577 6064 ============================================================
08:02:10.0608 5320 Detected object count: 1
08:02:10.0608 5320 Actual detected object count: 1
08:02:25.0678 5320 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
08:02:25.0678 5320 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
09:27:15.0400 2700 ============================================================
09:27:15.0400 2700 Scan started
09:27:15.0400 2700 Mode: Manual;
09:27:15.0400 2700 ============================================================
09:27:15.0806 2700 ================ Scan system memory ========================
09:27:15.0806 2700 System memory - ok
09:27:15.0806 2700 ================ Scan services =============================
09:27:15.0931 2700 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
09:27:15.0931 2700 1394ohci - ok
09:27:15.0962 2700 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
09:27:15.0962 2700 ACPI - ok
09:27:15.0993 2700 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
09:27:15.0993 2700 AcpiPmi - ok
09:27:16.0009 2700 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
09:27:16.0009 2700 adp94xx - ok
09:27:16.0056 2700 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
09:27:16.0056 2700 adpahci - ok
09:27:16.0071 2700 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
09:27:16.0071 2700 adpu320 - ok
09:27:16.0087 2700 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
09:27:16.0087 2700 AeLookupSvc - ok
09:27:16.0118 2700 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
09:27:16.0118 2700 AFD - ok
09:27:16.0149 2700 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
09:27:16.0149 2700 agp440 - ok
09:27:16.0149 2700 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
09:27:16.0165 2700 ALG - ok
09:27:16.0165 2700 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
09:27:16.0165 2700 aliide - ok
09:27:16.0165 2700 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
09:27:16.0165 2700 amdide - ok
09:27:16.0165 2700 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
09:27:16.0165 2700 AmdK8 - ok
09:27:16.0180 2700 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
09:27:16.0180 2700 AmdPPM - ok
09:27:16.0180 2700 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
09:27:16.0180 2700 amdsata - ok
09:27:16.0196 2700 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
09:27:16.0196 2700 amdsbs - ok
09:27:16.0212 2700 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
09:27:16.0212 2700 amdxata - ok
09:27:16.0212 2700 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
09:27:16.0212 2700 AppID - ok
09:27:16.0243 2700 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
09:27:16.0243 2700 AppIDSvc - ok
09:27:16.0243 2700 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
09:27:16.0243 2700 Appinfo - ok
09:27:16.0243 2700 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
09:27:16.0243 2700 arc - ok
09:27:16.0258 2700 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
09:27:16.0258 2700 arcsas - ok
09:27:16.0290 2700 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
09:27:16.0290 2700 aswFsBlk - ok
09:27:16.0321 2700 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
09:27:16.0321 2700 aswMonFlt - ok
09:27:16.0336 2700 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] aswRdr C:\windows\System32\Drivers\aswrdr2.sys
09:27:16.0336 2700 aswRdr - ok
09:27:16.0399 2700 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\windows\system32\drivers\aswSnx.sys
09:27:16.0414 2700 aswSnx - ok
09:27:16.0446 2700 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\windows\system32\drivers\aswSP.sys
09:27:16.0446 2700 aswSP - ok
09:27:16.0461 2700 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\windows\system32\drivers\aswTdi.sys
09:27:16.0461 2700 aswTdi - ok
09:27:16.0492 2700 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
09:27:16.0492 2700 AsyncMac - ok
09:27:16.0524 2700 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
09:27:16.0524 2700 atapi - ok
09:27:16.0570 2700 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
09:27:16.0570 2700 AudioEndpointBuilder - ok
09:27:16.0586 2700 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
09:27:16.0586 2700 AudioSrv - ok
09:27:16.0695 2700 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
09:27:16.0695 2700 avast! Antivirus - ok
09:27:16.0726 2700 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
09:27:16.0742 2700 AxInstSV - ok
09:27:16.0773 2700 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
09:27:16.0789 2700 b06bdrv - ok
09:27:16.0789 2700 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
09:27:16.0804 2700 b57nd60a - ok
09:27:16.0820 2700 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
09:27:16.0820 2700 BDESVC - ok
09:27:16.0836 2700 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
09:27:16.0836 2700 Beep - ok
09:27:16.0882 2700 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
09:27:16.0898 2700 BFE - ok
09:27:16.0929 2700 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
09:27:16.0945 2700 BITS - ok
09:27:16.0976 2700 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\drivers\blbdrive.sys
09:27:16.0976 2700 blbdrive - ok
09:27:16.0992 2700 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
09:27:16.0992 2700 bowser - ok
09:27:17.0023 2700 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
09:27:17.0023 2700 BrFiltLo - ok
09:27:17.0023 2700 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
09:27:17.0023 2700 BrFiltUp - ok
09:27:17.0038 2700 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
09:27:17.0054 2700 Browser - ok
09:27:17.0070 2700 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
09:27:17.0085 2700 Brserid - ok
09:27:17.0101 2700 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
09:27:17.0101 2700 BrSerWdm - ok
09:27:17.0116 2700 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
09:27:17.0116 2700 BrUsbMdm - ok
09:27:17.0132 2700 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
09:27:17.0132 2700 BrUsbSer - ok
09:27:17.0132 2700 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
09:27:17.0132 2700 BTHMODEM - ok
09:27:17.0163 2700 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
09:27:17.0163 2700 bthserv - ok
09:27:17.0179 2700 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
09:27:17.0179 2700 cdfs - ok
09:27:17.0210 2700 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
09:27:17.0210 2700 cdrom - ok
09:27:17.0226 2700 [ A965B206921C55F2D1481789D609B711 ] CeKbFilter C:\windows\system32\DRIVERS\CeKbFilter.sys
09:27:17.0241 2700 CeKbFilter - ok
09:27:17.0257 2700 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
09:27:17.0257 2700 CertPropSvc - ok
09:27:17.0272 2700 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
09:27:17.0272 2700 circlass - ok
09:27:17.0304 2700 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
09:27:17.0304 2700 CLFS - ok
09:27:17.0397 2700 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:27:17.0397 2700 clr_optimization_v2.0.50727_32 - ok
09:27:17.0444 2700 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:27:17.0444 2700 clr_optimization_v2.0.50727_64 - ok
09:27:17.0491 2700 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:27:17.0491 2700 clr_optimization_v4.0.30319_32 - ok
09:27:17.0522 2700 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:27:17.0538 2700 clr_optimization_v4.0.30319_64 - ok
09:27:17.0569 2700 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\drivers\CmBatt.sys
09:27:17.0569 2700 CmBatt - ok
09:27:17.0584 2700 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
09:27:17.0584 2700 cmdide - ok
09:27:17.0616 2700 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
09:27:17.0616 2700 CNG - ok
09:27:17.0647 2700 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
09:27:17.0647 2700 Compbatt - ok
09:27:17.0662 2700 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
09:27:17.0662 2700 CompositeBus - ok
09:27:17.0662 2700 COMSysApp - ok
09:27:17.0694 2700 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
09:27:17.0694 2700 crcdisk - ok
09:27:17.0756 2700 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
09:27:17.0756 2700 CryptSvc - ok
09:27:17.0865 2700 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
09:27:17.0881 2700 cvhsvc - ok
09:27:17.0912 2700 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
09:27:17.0928 2700 DcomLaunch - ok
09:27:17.0943 2700 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
09:27:17.0959 2700 defragsvc - ok
09:27:17.0974 2700 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
09:27:17.0974 2700 DfsC - ok
09:27:17.0990 2700 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
09:27:17.0990 2700 Dhcp - ok
09:27:18.0006 2700 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
09:27:18.0006 2700 discache - ok
09:27:18.0021 2700 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
09:27:18.0021 2700 Disk - ok
09:27:18.0052 2700 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
09:27:18.0052 2700 Dnscache - ok
09:27:18.0068 2700 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
09:27:18.0068 2700 dot3svc - ok
09:27:18.0068 2700 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
09:27:18.0068 2700 DPS - ok
09:27:18.0099 2700 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
09:27:18.0099 2700 drmkaud - ok
09:27:18.0130 2700 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
09:27:18.0146 2700 DXGKrnl - ok
09:27:18.0162 2700 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
09:27:18.0177 2700 EapHost - ok
09:27:18.0240 2700 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
09:27:18.0286 2700 ebdrv - ok
09:27:18.0318 2700 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
09:27:18.0318 2700 EFS - ok
09:27:18.0380 2700 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
09:27:18.0396 2700 ehRecvr - ok
09:27:18.0474 2700 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
09:27:18.0474 2700 ehSched - ok
09:27:18.0505 2700 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
09:27:18.0520 2700 elxstor - ok
09:27:18.0583 2700 [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
09:27:18.0583 2700 EpsonBidirectionalService - ok
09:27:18.0598 2700 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
09:27:18.0598 2700 ErrDev - ok
09:27:18.0630 2700 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
09:27:18.0645 2700 EventSystem - ok
09:27:18.0739 2700 [ 57E61DC4F7980D57C0B162FC5B9F0B38 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
09:27:18.0754 2700 EvtEng - ok
09:27:18.0770 2700 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
09:27:18.0770 2700 exfat - ok
09:27:18.0801 2700 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
09:27:18.0801 2700 fastfat - ok
09:27:18.0848 2700 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
09:27:18.0848 2700 Fax - ok
09:27:18.0864 2700 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
09:27:18.0864 2700 fdc - ok
09:27:18.0895 2700 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
09:27:18.0895 2700 fdPHost - ok
09:27:18.0910 2700 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
09:27:18.0910 2700 FDResPub - ok
09:27:18.0942 2700 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
09:27:18.0942 2700 FileInfo - ok
09:27:18.0957 2700 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
09:27:18.0957 2700 Filetrace - ok
09:27:18.0973 2700 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
09:27:18.0973 2700 flpydisk - ok
09:27:18.0988 2700 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
09:27:19.0004 2700 FltMgr - ok
09:27:19.0051 2700 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
09:27:19.0082 2700 FontCache - ok
09:27:19.0113 2700 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:27:19.0129 2700 FontCache3.0.0.0 - ok
09:27:19.0160 2700 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
09:27:19.0160 2700 FsDepends - ok
09:27:19.0191 2700 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
09:27:19.0191 2700 Fs_Rec - ok
09:27:19.0222 2700 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
09:27:19.0222 2700 fvevol - ok
09:27:19.0238 2700 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
09:27:19.0238 2700 gagp30kx - ok
09:27:19.0300 2700 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
09:27:19.0316 2700 GamesAppService - ok
09:27:19.0347 2700 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
09:27:19.0363 2700 gpsvc - ok
09:27:19.0425 2700 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:27:19.0425 2700 gupdate - ok
09:27:19.0425 2700 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:27:19.0441 2700 gupdatem - ok
09:27:19.0472 2700 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
09:27:19.0472 2700 gusvc - ok
09:27:19.0488 2700 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
09:27:19.0503 2700 hcw85cir - ok
09:27:19.0519 2700 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
09:27:19.0519 2700 HdAudAddService - ok
09:27:19.0534 2700 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
09:27:19.0550 2700 HDAudBus - ok
09:27:19.0550 2700 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
09:27:19.0550 2700 HidBatt - ok
09:27:19.0550 2700 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
09:27:19.0550 2700 HidBth - ok
09:27:19.0566 2700 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
09:27:19.0566 2700 HidIr - ok
09:27:19.0597 2700 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
09:27:19.0597 2700 hidserv - ok
09:27:19.0612 2700 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\drivers\hidusb.sys
09:27:19.0628 2700 HidUsb - ok
09:27:19.0644 2700 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
09:27:19.0644 2700 hkmsvc - ok
09:27:19.0659 2700 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
09:27:19.0659 2700 HomeGroupListener - ok
09:27:19.0690 2700 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
09:27:19.0706 2700 HomeGroupProvider - ok
09:27:19.0722 2700 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
09:27:19.0722 2700 HpSAMD - ok
09:27:19.0753 2700 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
09:27:19.0768 2700 HTTP - ok
09:27:19.0784 2700 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
09:27:19.0784 2700 hwpolicy - ok
09:27:19.0800 2700 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
09:27:19.0800 2700 i8042prt - ok
09:27:19.0846 2700 [ D469B77687E12FE43E344806740B624D ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
09:27:19.0846 2700 iaStor - ok
09:27:19.0878 2700 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
09:27:19.0893 2700 iaStorV - ok
09:27:19.0940 2700 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:27:19.0971 2700 idsvc - ok
09:27:20.0236 2700 [ 93C8115D4BAEB1BD047AB0A9B265EE7A ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
09:27:20.0455 2700 igfx - ok
09:27:20.0486 2700 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
09:27:20.0486 2700 iirsp - ok
09:27:20.0517 2700 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
09:27:20.0548 2700 IKEEXT - ok
09:27:20.0564 2700 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\windows\system32\drivers\intelaud.sys
09:27:20.0564 2700 intaud_WaveExtensible - ok
09:27:20.0658 2700 [ AC9AAFD18E4D52084C4AA8A38795B7E4 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
09:27:20.0689 2700 IntcAzAudAddService - ok
09:27:20.0720 2700 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
09:27:20.0720 2700 IntcDAud - ok
09:27:20.0736 2700 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
09:27:20.0736 2700 intelide - ok
09:27:20.0767 2700 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
09:27:20.0767 2700 intelppm - ok
09:27:20.0798 2700 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
09:27:20.0798 2700 IPBusEnum - ok
09:27:20.0814 2700 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
09:27:20.0814 2700 IpFilterDriver - ok
09:27:20.0829 2700 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
09:27:20.0845 2700 iphlpsvc - ok
09:27:20.0860 2700 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
09:27:20.0860 2700 IPMIDRV - ok
09:27:20.0876 2700 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
09:27:20.0876 2700 IPNAT - ok
09:27:20.0892 2700 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
09:27:20.0892 2700 IRENUM - ok
09:27:20.0892 2700 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
09:27:20.0892 2700 isapnp - ok
09:27:20.0907 2700 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
09:27:20.0923 2700 iScsiPrt - ok
09:27:20.0938 2700 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\windows\system32\DRIVERS\iwdbus.sys
09:27:20.0938 2700 iwdbus - ok
09:27:20.0970 2700 [ 0B44199365A69696109AB9A5855E0841 ] JMCR C:\windows\system32\DRIVERS\jmcr.sys
09:27:20.0970 2700 JMCR - ok
09:27:20.0985 2700 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
09:27:20.0985 2700 kbdclass - ok
09:27:21.0032 2700 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
09:27:21.0032 2700 kbdhid - ok
09:27:21.0048 2700 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
09:27:21.0063 2700 KeyIso - ok
09:27:21.0079 2700 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
09:27:21.0079 2700 KSecDD - ok
09:27:21.0094 2700 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
09:27:21.0110 2700 KSecPkg - ok
09:27:21.0126 2700 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
09:27:21.0126 2700 ksthunk - ok
09:27:21.0172 2700 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
09:27:21.0172 2700 KtmRm - ok
09:27:21.0204 2700 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
09:27:21.0219 2700 LanmanServer - ok
09:27:21.0219 2700 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
09:27:21.0235 2700 LanmanWorkstation - ok
09:27:21.0250 2700 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
09:27:21.0250 2700 lltdio - ok
09:27:21.0282 2700 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
09:27:21.0282 2700 lltdsvc - ok
09:27:21.0297 2700 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
09:27:21.0297 2700 lmhosts - ok
09:27:21.0344 2700 [ 50C7CE53EF461870410355F1F2E7D515 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
09:27:21.0360 2700 LMS - ok
09:27:21.0375 2700 [ 2825A71E7501CB33B3B9F856610C729D ] LPCFilter C:\windows\system32\DRIVERS\LPCFilter.sys
09:27:21.0375 2700 LPCFilter - ok
09:27:21.0391 2700 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
09:27:21.0391 2700 LSI_FC - ok
09:27:21.0406 2700 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
09:27:21.0406 2700 LSI_SAS - ok
09:27:21.0422 2700 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
09:27:21.0422 2700 LSI_SAS2 - ok
09:27:21.0438 2700 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
09:27:21.0438 2700 LSI_SCSI - ok
09:27:21.0453 2700 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
09:27:21.0453 2700 luafv - ok
09:27:21.0484 2700 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\windows\system32\drivers\mbam.sys
09:27:21.0484 2700 MBAMProtector - ok
09:27:21.0547 2700 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:27:21.0547 2700 MBAMScheduler - ok
09:27:21.0578 2700 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
09:27:21.0578 2700 MBAMService - ok
09:27:21.0625 2700 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
09:27:21.0625 2700 Mcx2Svc - ok
09:27:21.0672 2700 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
09:27:21.0672 2700 megasas - ok
09:27:21.0703 2700 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
09:27:21.0718 2700 MegaSR - ok
09:27:21.0734 2700 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
09:27:21.0750 2700 MEIx64 - ok
09:27:21.0781 2700 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
09:27:21.0781 2700 MMCSS - ok
09:27:21.0796 2700 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
09:27:21.0796 2700 Modem - ok
09:27:21.0828 2700 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
09:27:21.0828 2700 monitor - ok
09:27:21.0859 2700 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\drivers\mouclass.sys
09:27:21.0859 2700 mouclass - ok
09:27:21.0906 2700 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\drivers\mouhid.sys
09:27:21.0906 2700 mouhid - ok
09:27:21.0921 2700 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
09:27:21.0921 2700 mountmgr - ok
09:27:21.0952 2700 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
09:27:21.0952 2700 mpio - ok
09:27:21.0968 2700 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
09:27:21.0968 2700 mpsdrv - ok
09:27:22.0015 2700 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
09:27:22.0030 2700 MpsSvc - ok
09:27:22.0046 2700 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
09:27:22.0062 2700 MRxDAV - ok
09:27:22.0108 2700 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
09:27:22.0124 2700 mrxsmb - ok
09:27:22.0155 2700 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
09:27:22.0155 2700 mrxsmb10 - ok
09:27:22.0171 2700 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
09:27:22.0171 2700 mrxsmb20 - ok
09:27:22.0202 2700 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\DRIVERS\msahci.sys
09:27:22.0202 2700 msahci - ok
09:27:22.0233 2700 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
09:27:22.0233 2700 msdsm - ok
09:27:22.0280 2700 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
09:27:22.0280 2700 MSDTC - ok
09:27:22.0311 2700 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
09:27:22.0311 2700 Msfs - ok
09:27:22.0342 2700 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
09:27:22.0342 2700 mshidkmdf - ok
09:27:22.0358 2700 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
09:27:22.0358 2700 msisadrv - ok
09:27:22.0389 2700 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
09:27:22.0389 2700 MSiSCSI - ok
09:27:22.0389 2700 msiserver - ok
09:27:22.0420 2700 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
09:27:22.0420 2700 MSKSSRV - ok
09:27:22.0436 2700 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
09:27:22.0436 2700 MSPCLOCK - ok
09:27:22.0452 2700 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
09:27:22.0452 2700 MSPQM - ok
09:27:22.0467 2700 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
09:27:22.0467 2700 MsRPC - ok
09:27:22.0483 2700 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
09:27:22.0483 2700 mssmbios - ok
09:27:22.0514 2700 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
09:27:22.0514 2700 MSTEE - ok
09:27:22.0530 2700 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
09:27:22.0530 2700 MTConfig - ok
09:27:22.0561 2700 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
09:27:22.0561 2700 Mup - ok
09:27:22.0592 2700 [ 50B99D53BC013458381C6476D790C9F3 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
09:27:22.0592 2700 MyWiFiDHCPDNS - ok
09:27:22.0639 2700 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
09:27:22.0654 2700 napagent - ok
09:27:22.0686 2700 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
09:27:22.0701 2700 NativeWifiP - ok
09:27:22.0748 2700 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
09:27:22.0748 2700 NDIS - ok
09:27:22.0779 2700 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
09:27:22.0779 2700 NdisCap - ok
09:27:22.0810 2700 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
09:27:22.0826 2700 NdisTapi - ok
09:27:22.0842 2700 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
09:27:22.0842 2700 Ndisuio - ok
09:27:22.0857 2700 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
09:27:22.0857 2700 NdisWan - ok
09:27:22.0857 2700 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
09:27:22.0857 2700 NDProxy - ok
09:27:22.0873 2700 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
09:27:22.0873 2700 NetBIOS - ok
09:27:22.0888 2700 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
09:27:22.0888 2700 NetBT - ok
09:27:22.0904 2700 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
09:27:22.0904 2700 Netlogon - ok
09:27:22.0920 2700 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
09:27:22.0935 2700 Netman - ok
09:27:22.0951 2700 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
09:27:22.0951 2700 netprofm - ok
09:27:22.0982 2700 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:27:22.0982 2700 NetTcpPortSharing - ok
09:27:23.0169 2700 [ AC69618DE5BCCE8747C9AB0AAE1003C1 ] NETwNs64 C:\windows\system32\DRIVERS\NETwNs64.sys
09:27:23.0341 2700 NETwNs64 - ok
09:27:23.0388 2700 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
09:27:23.0388 2700 nfrd960 - ok
09:27:23.0434 2700 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
09:27:23.0434 2700 NlaSvc - ok
09:27:23.0466 2700 Norton PC Checkup Application Launcher - ok
09:27:23.0481 2700 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
09:27:23.0497 2700 Npfs - ok
09:27:23.0512 2700 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
09:27:23.0512 2700 nsi - ok
09:27:23.0544 2700 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
09:27:23.0544 2700 nsiproxy - ok
09:27:23.0637 2700 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
09:27:23.0668 2700 Ntfs - ok
09:27:23.0715 2700 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
09:27:23.0715 2700 Null - ok
09:27:23.0746 2700 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\windows\system32\DRIVERS\nusb3hub.sys
09:27:23.0746 2700 nusb3hub - ok
09:27:23.0778 2700 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\windows\system32\DRIVERS\nusb3xhc.sys
09:27:23.0778 2700 nusb3xhc - ok
09:27:23.0793 2700 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
09:27:23.0793 2700 nvraid - ok
09:27:23.0840 2700 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
09:27:23.0840 2700 nvstor - ok
09:27:23.0856 2700 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
09:27:23.0856 2700 nv_agp - ok
09:27:23.0871 2700 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
09:27:23.0871 2700 ohci1394 - ok
09:27:23.0902 2700 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:27:23.0918 2700 ose - ok
09:27:24.0058 2700 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:27:24.0199 2700 osppsvc - ok
09:27:24.0246 2700 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
09:27:24.0246 2700 p2pimsvc - ok
09:27:24.0261 2700 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
09:27:24.0277 2700 p2psvc - ok
09:27:24.0292 2700 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
09:27:24.0292 2700 Parport - ok
09:27:24.0324 2700 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
09:27:24.0339 2700 partmgr - ok
09:27:24.0370 2700 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
09:27:24.0370 2700 PcaSvc - ok
09:27:24.0386 2700 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
09:27:24.0402 2700 PCCUJobMgr - ok
09:27:24.0433 2700 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
09:27:24.0433 2700 pci - ok
09:27:24.0464 2700 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
09:27:24.0464 2700 pciide - ok
09:27:24.0495 2700 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
09:27:24.0511 2700 pcmcia - ok
09:27:24.0511 2700 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
09:27:24.0511 2700 pcw - ok
09:27:24.0542 2700 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
09:27:24.0558 2700 PEAUTH - ok
09:27:24.0636 2700 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
09:27:24.0636 2700 PerfHost - ok
09:27:24.0667 2700 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
09:27:24.0667 2700 PGEffect - ok
09:27:24.0729 2700 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
09:27:24.0760 2700 pla - ok
09:27:24.0792 2700 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
09:27:24.0792 2700 PlugPlay - ok
09:27:24.0807 2700 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
09:27:24.0807 2700 PNRPAutoReg - ok
09:27:24.0823 2700 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
09:27:24.0838 2700 PNRPsvc - ok
09:27:24.0870 2700 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
09:27:24.0870 2700 PolicyAgent - ok
09:27:24.0901 2700 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
09:27:24.0901 2700 Power - ok
09:27:24.0932 2700 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
09:27:24.0932 2700 PptpMiniport - ok
09:27:24.0948 2700 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
09:27:24.0948 2700 Processor - ok
09:27:24.0963 2700 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
09:27:24.0979 2700 ProfSvc - ok
09:27:24.0994 2700 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
09:27:24.0994 2700 ProtectedStorage - ok
09:27:25.0026 2700 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
09:27:25.0026 2700 Psched - ok
09:27:25.0088 2700 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
09:27:25.0119 2700 ql2300 - ok
09:27:25.0119 2700 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
09:27:25.0119 2700 ql40xx - ok
09:27:25.0150 2700 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
09:27:25.0150 2700 QWAVE - ok
09:27:25.0166 2700 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
09:27:25.0166 2700 QWAVEdrv - ok
09:27:25.0166 2700 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
09:27:25.0166 2700 RasAcd - ok
09:27:25.0228 2700 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
09:27:25.0228 2700 RasAgileVpn - ok
09:27:25.0244 2700 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
09:27:25.0244 2700 RasAuto - ok
09:27:25.0260 2700 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
09:27:25.0260 2700 Rasl2tp - ok
09:27:25.0291 2700 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
09:27:25.0306 2700 RasMan - ok
09:27:25.0322 2700 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
09:27:25.0322 2700 RasPppoe - ok
09:27:25.0338 2700 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
09:27:25.0338 2700 RasSstp - ok
09:27:25.0338 2700 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
09:27:25.0353 2700 rdbss - ok
09:27:25.0369 2700 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
09:27:25.0384 2700 rdpbus - ok
09:27:25.0416 2700 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
09:27:25.0416 2700 RDPCDD - ok
09:27:25.0447 2700 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
09:27:25.0447 2700 RDPENCDD - ok
09:27:25.0462 2700 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
09:27:25.0462 2700 RDPREFMP - ok
09:27:25.0494 2700 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
09:27:25.0494 2700 RDPWD - ok
09:27:25.0540 2700 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
09:27:25.0540 2700 rdyboost - ok
09:27:25.0603 2700 [ 18505D90FEE940EE9EAE4C5B421F22B4 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
09:27:25.0618 2700 RegSrvc - ok
09:27:25.0665 2700 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
09:27:25.0665 2700 RemoteAccess - ok
09:27:25.0696 2700 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
09:27:25.0712 2700 RemoteRegistry - ok
09:27:25.0728 2700 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
09:27:25.0728 2700 RpcEptMapper - ok
09:27:25.0759 2700 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
09:27:25.0759 2700 RpcLocator - ok
09:27:25.0774 2700 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
09:27:25.0790 2700 RpcSs - ok
09:27:25.0821 2700 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
09:27:25.0821 2700 rspndr - ok
09:27:25.0852 2700 [ 6D3C7E7D82D3DC92DC2A8B0DF9F20F8A ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
09:27:25.0868 2700 RTL8167 - ok
09:27:25.0884 2700 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
09:27:25.0884 2700 SamSs - ok
09:27:25.0915 2700 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
09:27:25.0915 2700 sbp2port - ok
09:27:25.0946 2700 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
09:27:25.0962 2700 SCardSvr - ok
09:27:25.0993 2700 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
09:27:25.0993 2700 scfilter - ok
09:27:26.0024 2700 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
09:27:26.0040 2700 Schedule - ok
09:27:26.0071 2700 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
09:27:26.0071 2700 SCPolicySvc - ok
09:27:26.0102 2700 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\windows\system32\DRIVERS\sdbus.sys
09:27:26.0102 2700 sdbus - ok
09:27:26.0196 2700 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
09:27:26.0196 2700 SDRSVC - ok
09:27:26.0227 2700 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
09:27:26.0227 2700 secdrv - ok
09:27:26.0242 2700 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
09:27:26.0242 2700 seclogon - ok
09:27:26.0258 2700 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
09:27:26.0274 2700 SENS - ok
09:27:26.0305 2700 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
09:27:26.0305 2700 SensrSvc - ok
09:27:26.0352 2700 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
09:27:26.0352 2700 Serenum - ok
09:27:26.0367 2700 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
09:27:26.0367 2700 Serial - ok
09:27:26.0383 2700 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
09:27:26.0383 2700 sermouse - ok
09:27:26.0414 2700 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
09:27:26.0414 2700 SessionEnv - ok
09:27:26.0430 2700 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
09:27:26.0430 2700 sffdisk - ok
09:27:26.0430 2700 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
09:27:26.0430 2700 sffp_mmc - ok
09:27:26.0430 2700 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
09:27:26.0430 2700 sffp_sd - ok
09:27:26.0430 2700 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
09:27:26.0445 2700 sfloppy - ok
09:27:26.0476 2700 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
09:27:26.0492 2700 Sftfs - ok
09:27:26.0554 2700 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
09:27:26.0554 2700 sftlist - ok
09:27:26.0586 2700 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
09:27:26.0586 2700 Sftplay - ok
09:27:26.0586 2700 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
09:27:26.0601 2700 Sftredir - ok
09:27:26.0617 2700 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
09:27:26.0617 2700 Sftvol - ok
09:27:26.0632 2700 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
09:27:26.0648 2700 sftvsa - ok
09:27:26.0679 2700 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
09:27:26.0679 2700 SharedAccess - ok
09:27:26.0710 2700 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
09:27:26.0710 2700 ShellHWDetection - ok
09:27:26.0742 2700 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
09:27:26.0742 2700 SiSRaid2 - ok
09:27:26.0773 2700 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
09:27:26.0773 2700 SiSRaid4 - ok
09:27:26.0788 2700 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
09:27:26.0804 2700 SkypeUpdate - ok
09:27:26.0804 2700 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
09:27:26.0820 2700 Smb - ok
09:27:26.0835 2700 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
09:27:26.0835 2700 SNMPTRAP - ok
09:27:26.0851 2700 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
09:27:26.0866 2700 spldr - ok
09:27:26.0898 2700 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
09:27:26.0929 2700 Spooler - ok
09:27:26.0991 2700 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
09:27:27.0022 2700 sppsvc - ok
09:27:27.0038 2700 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
09:27:27.0038 2700 sppuinotify - ok
09:27:27.0069 2700 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
09:27:27.0069 2700 srv - ok
09:27:27.0085 2700 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
09:27:27.0085 2700 srv2 - ok
09:27:27.0085 2700 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
09:27:27.0085 2700 srvnet - ok
09:27:27.0116 2700 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
09:27:27.0116 2700 SSDPSRV - ok
09:27:27.0132 2700 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
09:27:27.0132 2700 SstpSvc - ok
09:27:27.0147 2700 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
09:27:27.0147 2700 stexstor - ok
09:27:27.0178 2700 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
09:27:27.0194 2700 stisvc - ok
09:27:27.0225 2700 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
09:27:27.0225 2700 swenum - ok
09:27:27.0256 2700 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
09:27:27.0272 2700 swprv - ok
09:27:27.0350 2700 [ F5B46DF59FEAA48A442AED7EEB754D4B ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
09:27:27.0381 2700 SynTP - ok
09:27:27.0428 2700 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
09:27:27.0444 2700 SysMain - ok
09:27:27.0459 2700 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
09:27:27.0475 2700 TabletInputService - ok
09:27:27.0475 2700 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
09:27:27.0490 2700 TapiSrv - ok
09:27:27.0490 2700 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
09:27:27.0506 2700 TBS - ok
09:27:27.0568 2700 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\windows\system32\drivers\tcpip.sys
09:27:27.0600 2700 Tcpip - ok
09:27:27.0631 2700 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
09:27:27.0631 2700 TCPIP6 - ok
09:27:27.0646 2700 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
09:27:27.0646 2700 tcpipreg - ok
09:27:27.0678 2700 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
09:27:27.0678 2700 tdcmdpst - ok
09:27:27.0693 2700 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
09:27:27.0693 2700 TDPIPE - ok
09:27:27.0724 2700 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
09:27:27.0724 2700 TDTCP - ok
09:27:27.0740 2700 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
09:27:27.0740 2700 tdx - ok
09:27:27.0740 2700 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
09:27:27.0756 2700 TermDD - ok
09:27:27.0787 2700 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
09:27:27.0802 2700 TermService - ok
09:27:27.0818 2700 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
09:27:27.0818 2700 Themes - ok
09:27:27.0849 2700 [ 7F35CA8296A52C7161088EB1D952E8ED ] Thpdrv C:\windows\system32\DRIVERS\thpdrv.sys
09:27:27.0865 2700 Thpdrv - ok
09:27:27.0880 2700 [ B4E609047434ED948AF7BDEF2FA66E38 ] Thpevm C:\windows\system32\DRIVERS\Thpevm.SYS
09:27:27.0896 2700 Thpevm - ok
09:27:27.0927 2700 [ 0B4734AE9EC70B843DF02E7B1C056377 ] Thpsrv C:\windows\system32\ThpSrv.exe
09:27:27.0943 2700 Thpsrv - ok
09:27:27.0958 2700 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
09:27:27.0958 2700 THREADORDER - ok
09:27:28.0021 2700 [ 71C321649B28638EE80A2EEB164C1DC8 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
09:27:28.0021 2700 TMachInfo - ok
09:27:28.0052 2700 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\windows\system32\TODDSrv.exe
09:27:28.0068 2700 TODDSrv - ok
09:27:28.0130 2700 [ 1C73689B900428C7D054A41C4687F55C ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
09:27:28.0146 2700 TosCoSrv - ok
09:27:28.0224 2700 [ 63AAFCF3EA5DBB17123E0BAE9AFE4D58 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
09:27:28.0224 2700 TOSHIBA eco Utility Service - ok
09:27:28.0270 2700 [ 29D0886CF250FCEF1BF9E65AB8D2C0C8 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
09:27:28.0286 2700 TOSHIBA HDD SSD Alert Service - ok
09:27:28.0317 2700 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys
09:27:28.0317 2700 tos_sps64 - ok
09:27:28.0364 2700 [ 098B8A408C17E125A3D9A8E1166780C8 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
09:27:28.0380 2700 TPCHSrv - ok
09:27:28.0411 2700 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
09:27:28.0426 2700 TrkWks - ok
09:27:28.0473 2700 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
09:27:28.0489 2700 TrustedInstaller - ok
09:27:28.0504 2700 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
09:27:28.0504 2700 tssecsrv - ok
09:27:28.0551 2700 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
09:27:28.0551 2700 TsUsbFlt - ok
09:27:28.0567 2700 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
09:27:28.0567 2700 TsUsbGD - ok
09:27:28.0582 2700 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
09:27:28.0598 2700 tunnel - ok
09:27:28.0629 2700 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
09:27:28.0629 2700 TVALZ - ok
09:27:28.0660 2700 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
09:27:28.0660 2700 TVALZFL - ok
09:27:28.0707 2700 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
09:27:28.0707 2700 uagp35 - ok
09:27:28.0723 2700 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
09:27:28.0738 2700 udfs - ok
09:27:28.0770 2700 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
09:27:28.0785 2700 UI0Detect - ok
09:27:28.0801 2700 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
09:27:28.0801 2700 uliagpkx - ok
09:27:28.0816 2700 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
09:27:28.0816 2700 umbus - ok
09:27:28.0848 2700 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
09:27:28.0848 2700 UmPass - ok
09:27:28.0972 2700 [ 374EBDA379A8F38E0CFC2211611E7167 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
09:27:28.0988 2700 UNS - ok
09:27:29.0019 2700 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
09:27:29.0019 2700 upnphost - ok
09:27:29.0050 2700 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
09:27:29.0050 2700 usbccgp - ok
09:27:29.0066 2700 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
09:27:29.0082 2700 usbcir - ok
09:27:29.0082 2700 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
09:27:29.0082 2700 usbehci - ok
09:27:29.0097 2700 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\drivers\usbhub.sys
09:27:29.0113 2700 usbhub - ok
09:27:29.0128 2700 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
09:27:29.0128 2700 usbohci - ok
09:27:29.0128 2700 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\drivers\usbprint.sys
09:27:29.0128 2700 usbprint - ok
09:27:29.0144 2700 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
09:27:29.0160 2700 USBSTOR - ok
09:27:29.0160 2700 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
09:27:29.0175 2700 usbuhci - ok
09:27:29.0206 2700 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
09:27:29.0206 2700 usbvideo - ok
09:27:29.0238 2700 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
09:27:29.0238 2700 UxSms - ok
09:27:29.0253 2700 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
09:27:29.0269 2700 VaultSvc - ok
09:27:29.0284 2700 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
09:27:29.0284 2700 vdrvroot - ok
09:27:29.0300 2700 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
09:27:29.0316 2700 vds - ok
09:27:29.0347 2700 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
09:27:29.0347 2700 vga - ok
09:27:29.0347 2700 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
09:27:29.0347 2700 VgaSave - ok
09:27:29.0347 2700 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
09:27:29.0347 2700 vhdmp - ok
09:27:29.0378 2700 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
09:27:29.0378 2700 viaide - ok
09:27:29.0394 2700 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
09:27:29.0394 2700 volmgr - ok
09:27:29.0409 2700 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
09:27:29.0409 2700 volmgrx - ok
09:27:29.0425 2700 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
09:27:29.0425 2700 volsnap - ok
09:27:29.0472 2700 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
09:27:29.0472 2700 vsmraid - ok
09:27:29.0534 2700 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
09:27:29.0550 2700 VSS - ok
09:27:29.0581 2700 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
09:27:29.0581 2700 vwifibus - ok
09:27:29.0612 2700 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
09:27:29.0612 2700 vwififlt - ok
09:27:29.0643 2700 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
09:27:29.0643 2700 vwifimp - ok
09:27:29.0690 2700 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
09:27:29.0706 2700 W32Time - ok
09:27:29.0721 2700 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
09:27:29.0721 2700 WacomPen - ok
09:27:29.0768 2700 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
09:27:29.0768 2700 WANARP - ok
09:27:29.0784 2700 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
09:27:29.0784 2700 Wanarpv6 - ok
09:27:29.0862 2700 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
09:27:29.0877 2700 WatAdminSvc - ok
09:27:29.0924 2700 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
09:27:29.0955 2700 wbengine - ok
09:27:29.0971 2700 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
09:27:29.0971 2700 WbioSrvc - ok
09:27:30.0002 2700 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
09:27:30.0002 2700 wcncsvc - ok
09:27:30.0033 2700 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
09:27:30.0033 2700 WcsPlugInService - ok
09:27:30.0064 2700 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
09:27:30.0064 2700 Wd - ok
09:27:30.0096 2700 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
09:27:30.0111 2700 Wdf01000 - ok
09:27:30.0158 2700 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
09:27:30.0174 2700 WdiServiceHost - ok
09:27:30.0174 2700 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
09:27:30.0189 2700 WdiSystemHost - ok
09:27:30.0220 2700 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
09:27:30.0236 2700 WebClient - ok
09:27:30.0267 2700 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
09:27:30.0283 2700 Wecsvc - ok
09:27:30.0298 2700 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
09:27:30.0298 2700 wercplsupport - ok
09:27:30.0330 2700 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
09:27:30.0330 2700 WerSvc - ok
09:27:30.0361 2700 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
09:27:30.0361 2700 WfpLwf - ok
09:27:30.0392 2700 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
09:27:30.0392 2700 WIMMount - ok
09:27:30.0408 2700 WinDefend - ok
09:27:30.0423 2700 WinHttpAutoProxySvc - ok
09:27:30.0454 2700 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
09:27:30.0470 2700 Winmgmt - ok
09:27:30.0548 2700 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
09:27:30.0579 2700 WinRM - ok
09:27:30.0626 2700 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
09:27:30.0642 2700 Wlansvc - ok
09:27:30.0688 2700 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:27:30.0688 2700 wlcrasvc - ok
09:27:30.0782 2700 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:27:30.0798 2700 wlidsvc - ok
09:27:30.0813 2700 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
09:27:30.0813 2700 WmiAcpi - ok
09:27:30.0844 2700 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
09:27:30.0844 2700 wmiApSrv - ok
09:27:30.0876 2700 WMPNetworkSvc - ok
09:27:30.0876 2700 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
09:27:30.0891 2700 WPCSvc - ok
09:27:30.0907 2700 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
09:27:30.0922 2700 WPDBusEnum - ok
09:27:30.0954 2700 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
09:27:30.0954 2700 ws2ifsl - ok
09:27:30.0985 2700 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
09:27:30.0985 2700 wscsvc - ok
09:27:31.0032 2700 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\windows\system32\DRIVERS\WSDPrint.sys
09:27:31.0032 2700 WSDPrintDevice - ok
09:27:31.0032 2700 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\windows\system32\DRIVERS\WSDScan.sys
09:27:31.0032 2700 WSDScan - ok
09:27:31.0047 2700 WSearch - ok
09:27:31.0125 2700 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
09:27:31.0156 2700 wuauserv - ok
09:27:31.0172 2700 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
09:27:31.0172 2700 WudfPf - ok
09:27:31.0219 2700 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
09:27:31.0219 2700 WUDFRd - ok
09:27:31.0250 2700 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
09:27:31.0266 2700 wudfsvc - ok
09:27:31.0281 2700 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
09:27:31.0297 2700 WwanSvc - ok
09:27:31.0312 2700 ================ Scan global ===============================
09:27:31.0328 2700 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
09:27:31.0375 2700 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
09:27:31.0406 2700 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
09:27:31.0437 2700 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
09:27:31.0484 2700 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
09:27:31.0484 2700 [Global] - ok
09:27:31.0500 2700 ================ Scan MBR ==================================
09:27:31.0515 2700 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
09:27:31.0687 2700 \Device\Harddisk0\DR0 - ok
09:27:31.0687 2700 ================ Scan VBR ==================================
09:27:31.0702 2700 [ 7FE22F346CBD2CE23B57EF3E3B9D4055 ] \Device\Harddisk0\DR0\Partition1
09:27:31.0702 2700 \Device\Harddisk0\DR0\Partition1 - ok
09:27:31.0702 2700 ============================================================
09:27:31.0702 2700 Scan finished
09:27:31.0702 2700 ============================================================
09:27:31.0718 6044 Detected object count: 0
09:27:31.0718 6044 Actual detected object count: 0

here is my ASWMBR log


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-16 08:17:06
-----------------------------
08:17:06.290 OS Version: Windows x64 6.1.7601 Service Pack 1
08:17:06.290 Number of processors: 8 586 0x2A07
08:17:06.290 ComputerName: DEIDRA-PC UserName: Deidra
08:17:07.522 Initialize success
08:17:07.896 AVAST engine defs: 12082100
08:17:13.372 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
08:17:13.388 Disk 0 Vendor: TOSHIBA_ GT00 Size: 715404MB BusType: 3
08:17:13.466 Disk 0 MBR read successfully
08:17:13.466 Disk 0 MBR scan
08:17:13.466 Disk 0 Windows VISTA default MBR code
08:17:13.481 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
08:17:13.512 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 698443 MB offset 3074048
08:17:13.544 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 15460 MB offset 1433485312
08:17:13.590 Disk 0 scanning C:\windows\system32\drivers
08:17:19.128 Service scanning
08:17:44.088 Modules scanning
08:17:44.104 Disk 0 trace - called modules:
08:17:44.166 ntoskrnl.exe CLASSPNP.SYS disk.sys thpdrv.sys iaStor.sys hal.dll
08:17:44.182 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800637f060]
08:17:44.198 3 CLASSPNP.SYS[fffff88001a5143f] -> nt!IofCallDriver -> \Device\THPDRV1[0xfffffa80062d2710]
08:17:44.198 5 thpdrv.sys[fffff88001b7a2b0] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005d4b050]
08:17:45.102 AVAST engine scan C:\windows
08:17:47.427 AVAST engine scan C:\windows\system32
08:19:09.904 AVAST engine scan C:\windows\system32\drivers
08:19:16.877 AVAST engine scan C:\Users\Deidra
08:22:03.298 AVAST engine scan C:\ProgramData
08:22:52.610 Scan finished successfully
08:24:49.439 Disk 0 MBR has been saved successfully to "C:\Users\Deidra\Desktop\MBR.dat"
08:24:49.439 The log file has been saved successfully to "C:\Users\Deidra\Desktop\aswMBR.txt"

#4 Coachjm53

Coachjm53
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:16 AM

Posted 16 October 2012 - 10:40 AM

ESET REsults

C:\ProgramData\Microsoft\Windows\DRM\BE26.tmp Win64/Olmarik.AO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\15.10.2012_20.15.35\mbr0000\tdlfs0000\tsk0000.dta a variant of Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\15.10.2012_20.15.35\mbr0000\tdlfs0000\tsk0001.dta a variant of Win64/Olmarik.AM trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\15.10.2012_20.15.35\mbr0000\tdlfs0000\tsk0002.dta a variant of Win32/Rootkit.Kryptik.OX trojan cleaned by deleting - quarantined
C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Default\aagdgggbgcgegfdfdidjgfdfdedhdhdf\background.html Win32/BHO.OEI trojan cleaned by deleting - quarantined
C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Default\aagdgggbgcgegfdfdidjgfdfdedhdhdf\ContentScript.js Win32/BHO.OEI trojan cleaned by deleting - quarantined

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:16 AM

Posted 16 October 2012 - 10:47 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#6 Coachjm53

Coachjm53
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:16 AM

Posted 16 October 2012 - 10:53 AM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Deidra (administrator) on 16-10-2012 at 10:51:11
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® WiFi Link 1000 BGN = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Deidra-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 74-E5-0B-7A-CA-F3
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 74-E5-0B-7A-CA-F3
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : DC-0E-A1-3A-66-9C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® WiFi Link 1000 BGN
Physical Address. . . . . . . . . : 74-E5-0B-7A-CA-F2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::c9e6:d336:e63:4ca4%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.101(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, October 16, 2012 7:59:28 AM
Lease Expires . . . . . . . . . . : Wednesday, October 17, 2012 10:23:29 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 242541835
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-93-B3-29-74-E5-0B-7A-CA-F2
DNS Servers . . . . . . . . . . . : 97.64.183.164
97.64.209.37
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{13F2EDA2-4CC1-4AFB-8905-10B632EE2D84}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:20d6:35a4:52ea:3040(Preferred)
Link-local IPv6 Address . . . . . : fe80::20d6:35a4:52ea:3040%18(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{05EC11BA-6F97-4855-B989-9DC4B0589779}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{80E5C7A0-DC5B-42CC-AD8D-33EBFC19C2B5}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{16639A3B-B0A9-4A55-97CC-3C26C0AD9BCB}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: sprdc-dns-dts10.mcomdc.com
Address: 97.64.183.164

Name: google.com
Addresses: 2607:f8b0:4009:802::1001
74.125.225.102
74.125.225.103
74.125.225.104
74.125.225.105
74.125.225.110
74.125.225.96
74.125.225.97
74.125.225.98
74.125.225.99
74.125.225.100
74.125.225.101


Pinging google.com [74.125.225.103] with 32 bytes of data:
Reply from 74.125.225.103: bytes=32 time=16ms TTL=54
Reply from 74.125.225.103: bytes=32 time=16ms TTL=54

Ping statistics for 74.125.225.103:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 16ms, Maximum = 16ms, Average = 16ms
Server: sprdc-dns-dts10.mcomdc.com
Address: 97.64.183.164

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=283ms TTL=47
Reply from 98.139.183.24: bytes=32 time=239ms TTL=49

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 239ms, Maximum = 283ms, Average = 261ms
Server: sprdc-dns-dts10.mcomdc.com
Address: 97.64.183.164

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128
Reply from 127.0.0.1: bytes=32 time=1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 2ms, Average = 1ms
===========================================================================
Interface List
15...74 e5 0b 7a ca f3 ......Microsoft Virtual WiFi Miniport Adapter #2
14...74 e5 0b 7a ca f3 ......Microsoft Virtual WiFi Miniport Adapter
12...dc 0e a1 3a 66 9c ......Realtek PCIe FE Family Controller
11...74 e5 0b 7a ca f2 ......Intel® WiFi Link 1000 BGN
1...........................Software Loopback Interface 1
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
37...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.101 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.101 281
192.168.1.101 255.255.255.255 On-link 192.168.1.101 281
192.168.1.255 255.255.255.255 On-link 192.168.1.101 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.101 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.101 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
18 58 ::/0 On-link
1 306 ::1/128 On-link
18 58 2001::/32 On-link
18 306 2001:0:4137:9e76:20d6:35a4:52ea:3040/128
On-link
11 281 fe80::/64 On-link
18 306 fe80::/64 On-link
18 306 fe80::20d6:35a4:52ea:3040/128
On-link
11 281 fe80::c9e6:d336:e63:4ca4/128
On-link
1 306 ff00::/8 On-link
18 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/16/2012 09:32:17 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/16/2012 09:32:12 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/16/2012 08:01:17 AM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (10/16/2012 08:00:14 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/16/2012 07:13:09 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/15/2012 10:25:36 PM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (10/15/2012 10:24:04 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/15/2012 09:54:33 PM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (10/15/2012 09:53:30 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/15/2012 07:35:42 PM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)


System errors:
=============
Error: (10/16/2012 08:01:11 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (10/16/2012 08:00:18 AM) (Source: Service Control Manager) (User: )
Description: The Windows Live ID Sign-in Assistant service failed to start due to the following error:
%%1053

Error: (10/16/2012 08:00:18 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect.

Error: (10/16/2012 07:19:21 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/16/2012 07:19:21 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/16/2012 07:19:21 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/16/2012 07:19:01 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/16/2012 07:19:01 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/16/2012 07:19:01 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/16/2012 07:14:21 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (10/16/2012 09:32:17 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Deidra\Downloads\esetsmartinstaller_enu.exe

Error: (10/16/2012 09:32:12 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Deidra\Downloads\esetsmartinstaller_enu.exe

Error: (10/16/2012 08:01:17 AM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (10/16/2012 08:00:14 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/16/2012 07:13:09 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/15/2012 10:25:36 PM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (10/15/2012 10:24:04 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/15/2012 09:54:33 PM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (10/15/2012 09:53:30 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/15/2012 07:35:42 PM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)


=========================== Installed Programs ============================

Adobe AIR (Version: 2.6.0.19140)
Adobe Flash Player 10 ActiveX (Version: 10.3.181.34)
Adobe Flash Player 10 Plugin (Version: 10.3.181.34)
Adobe Reader X MUI (Version: 10.0.0)
avast! Free Antivirus (Version: 7.0.1466.0)
Bejeweled 3 (Version: 2.2.0.97)
Chuzzle Deluxe (Version: 2.2.0.95)
Coupon Printer for Windows (Version: 5.0.0.1)
CouponBar (Version: 5.0.0.5)
D3DX10 (Version: 15.4.2368.0902)
Epson Event Manager (Version: 2.30.01)
EPSON Scan
EPSON WorkForce 610 Series Printer Uninstall
EpsonNet Print (Version: 2.4j)
EpsonNet Setup (Version: 3.1c)
ESET Online Scanner v3
FATE - The Traitor Soul (Version: 2.2.0.95)
Fishdom ™ 2 (Version: 2.2.0.98)
Google Chrome (Version: 22.0.1229.94)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
Intel PROSet Wireless
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2430)
Intel® PROSet/Wireless WiFi Software (Version: 14.01.1000)
Intel® Rapid Storage Technology (Version: 10.1.2.1004)
Intel® WiDi (Version: 2.1.41.0)
Intel® Wireless Display
Java Auto Updater (Version: 2.0.4.1)
Java™ 6 Update 25 (Version: 6.0.250)
JMicron Flash Media Controller Driver (Version: 1.0.57.2)
Junk Mail filter update (Version: 15.4.3502.0922)
Label@Once 1.0 (Version: 1.0)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Penguins! (Version: 2.2.0.95)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
Polar Bowler (Version: 2.2.0.97)
Realtek Ethernet Controller Driver (Version: 7.38.113.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6305)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.34.0)
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Drive Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung PC Studio 3 USB Driver Installer (Version: 3.2.0.70701)
Skype Launcher (Version: 2.01)
Skype™ 5.10 (Version: 5.10.116)
Synaptics Pointing Device Driver (Version: 15.2.11.1)
Tom Clancy's Splinter Cell (Version: 2.2.0.97)
Toshiba App Place (Version: 1.0.6.3)
TOSHIBA Application Installer (Version: 9.0.1.2)
TOSHIBA Assist (Version: 4.2.3.0)
Toshiba Book Place (Version: 2.2.7530)
TOSHIBA Bulletin Board (Version: 1.6.08.64)
TOSHIBA Disc Creator (Version: 2.1.0.11 for x64)
TOSHIBA eco Utility (Version: 1.3.5.64)
TOSHIBA Face Recognition (Version: 3.1.17.64)
TOSHIBA Flash Cards Support Utility (Version: 1.63.0.12C)
TOSHIBA Hardware Setup (Version: 1.63.1.37C)
TOSHIBA HDD Protection (Version: 2.2.2.15)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.9)
Toshiba Laptop Checkup (Version: 2.0.13.11)
TOSHIBA Media Controller (Version: 1.0.87.4)
TOSHIBA Media Controller Plug-in (Version: 1.0.7.5)
Toshiba Online Backup (Version: 2.0.0.31)
TOSHIBA PC Health Monitor (Version: 1.7.9.64)
TOSHIBA Quality Application (Version: 1.0.3)
TOSHIBA Recovery Media Creator (Version: 2.1.5.5109a)
TOSHIBA ReelTime (Version: 1.7.21.64)
TOSHIBA Resolution+ Plug-in for Windows Media Player (Version: 1.1.2001)
TOSHIBA Service Station (Version: 2.2.12)
TOSHIBA Sleep Utility (Version: 1.4.2.8)
TOSHIBA Supervisor Password (Version: 1.63.51.2C)
TOSHIBA Value Added Package (Version: 1.6.1.64)
TOSHIBA VIDEO PLAYER (Version: 4.00.7.06-A)
TOSHIBA Web Camera Application (Version: 2.0.3.3)
TOSHIBA Wireless Display Monitor (Version: 1.0.1)
TOSHIBA Wireless LAN Indicator (Version: 1.0.5)
TOSHIBARegistration (Version: 1.0.6)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update Installer for WildTangent Games App
Utility Common Driver (Version: 1.0.52.3C)
Virtual Villagers 5 - New Believers (Version: 2.2.0.97)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
WildTangent Games (Version: 1.0.2.5)
WildTangent Games App (Toshiba Games) (Version: 4.0.5.14)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Zuma's Revenge (Version: 2.2.0.97)

========================= Memory info: ===================================

Percentage of memory in use: 43%
Total physical RAM: 6050.69 MB
Available physical RAM: 3447.09 MB
Total Pagefile: 12099.57 MB
Available Pagefile: 9286.2 MB
Total Virtual: 4095.88 MB
Available Virtual: 3967.61 MB

========================= Partitions: =====================================

1 Drive c: (TI106230W0C) (Fixed) (Total:682.07 GB) (Free:630.43 GB) NTFS

========================= Users: ========================================

User accounts for \\DEIDRA-PC

Administrator Deidra Guest

========================= Restore Points ==================================

13-09-2012 11:44:51 Windows Modules Installer
13-09-2012 11:45:35 Windows Modules Installer
25-09-2012 11:38:27 Windows Modules Installer
26-09-2012 12:33:50 Windows Update
01-10-2012 03:18:43 Installed Samsung PC Studio 3 USB Driver Installer
01-10-2012 03:19:22 Device Driver Package Install: SAMSUNG Electronics Co.,Ltd. Modems
01-10-2012 03:19:51 Device Driver Package Install: SAMSUNG Electronics Co.,Ltd. Ports (COM & LPT)
11-10-2012 11:43:09 Windows Modules Installer
15-10-2012 16:58:24 Windows Update
15-10-2012 17:08:58 Windows Update
15-10-2012 20:05:16 avast! Free Antivirus Setup
15-10-2012 21:52:57 Removed AVG 2012
15-10-2012 21:57:17 Removed AVG 2012

**** End of log ****


fss log


Farbar Service Scanner Version: 07-10-2012
Ran by Deidra (administrator) on 16-10-2012 at 10:52:26
Running from "C:\Users\Deidra\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-10-10 06:53] - [2012-06-02 00:41] - 0184320 ____A (Microsoft Corporation) 9C01375BE382E834CC26D1B7EAF2C4FE

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

still working on other ones

#7 Coachjm53

Coachjm53
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:16 AM

Posted 16 October 2012 - 11:00 AM

when i try to the junkware removal tool it says that the page is unavailable. Im not sure if my avast blocked it or what happened. I ran the adware cleaner and am still waiting for the results.



*Update* when my computer rebooted for adwcleaner it gave me the option to download jrt again but it says its a rare and suspicious file. Should I still download it?

Edited by Coachjm53, 16 October 2012 - 11:08 AM.


#8 Coachjm53

Coachjm53
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:16 AM

Posted 16 October 2012 - 11:07 AM

# AdwCleaner v2.005 - Logfile created 10/16/2012 at 11:03:13
# Updated 14/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Deidra - DEIDRA-PC
# Boot Mode : Normal
# Running from : C:\Users\Deidra\Desktop\adwcleaner (1).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Deidra\AppData\Local\Temp\Uninstall.exe
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Deidra\AppData\Local\Temp\avg@toolbar
Folder Deleted : C:\Users\Deidra\AppData\Local\Temp\boost_interprocess
Folder Deleted : C:\Users\Deidra\AppData\LocalLow\Toolbar4

***** [Registry] *****

Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.TBSB07898
Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.TBSB07898.3
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07898
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07898.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Software

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.53] : icon_url = "hxxp://isearch.avg.com/favicon.ico",
Deleted [l.56] : keyword = "isearch.avg.com",
Deleted [l.59] : search_url = "hxxp://isearch.avg.com/search?cid={AA336F1F-ECDD-4D89-BD5A-828B8B1F3674}&mid=bd628345eed547d0b59b0d47e7de8f6f-3f23d07e9382494dbb8778ae4e6fdfadec35d52d&lang=en&ds=AVG&pr=fr&d=2012-06-17 17:47:38&v=11.1.0.12&sap=dsp&q={searchTerms}",

*************************

AdwCleaner[S1].txt - [9841 octets] - [16/10/2012 11:03:13]

########## EOF - C:\AdwCleaner[S1].txt - [9901 octets] ##########

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:16 AM

Posted 16 October 2012 - 11:10 AM

Disable avast and download JRT

#10 Coachjm53

Coachjm53
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:16 AM

Posted 16 October 2012 - 11:15 AM

I am running JRT now, sorry about that.

#11 Coachjm53

Coachjm53
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:16 AM

Posted 16 October 2012 - 11:30 AM

here are my jrt results: I'll post malware when I get back as it is still scanning.


Junkware Removal Tool (JRT) by Thisisu
Version: 1.6.7 (10.16.2012)
OS: Windows 7 Home Premium x64
Ran by Deidra on Tue 10/16/2012 at 11:13:34.02
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys: 0 Detections



*** Files:

Successfully deleted: [FILE] C:\Program Files (x86)\coupons\Coupons.ico
Successfully deleted: [FILE] C:\Program Files (x86)\coupons\CouponsDotCom.url
Successfully deleted: [FILE] C:\Program Files (x86)\coupons\uninstall.exe



*** Folders:

Successfully deleted: [FOLDER] "C:\Program Files (x86)\coupons"



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Tue 10/16/2012 at 11:29:03.56
End of Report

#12 Coachjm53

Coachjm53
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:16 AM

Posted 16 October 2012 - 11:37 AM

here is my malware log


Malwarebytes Anti-Malware (Trial) 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.16.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Deidra :: DEIDRA-PC [administrator]

Protection: Enabled

10/16/2012 11:07:42 AM
mbam-log-2012-10-16 (11-07-42).txt

Scan type: Full scan (C:\|D:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 309401
Time elapsed: 25 minute(s), 41 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:16 AM

Posted 16 October 2012 - 11:51 AM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#14 Coachjm53

Coachjm53
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:16 AM

Posted 16 October 2012 - 02:56 PM

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/16/2012 02:54:59 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\windows\system32\ThpSrv.exe (PID: 2388) [WD-HEUR]
* C:\Windows\System32\ThpSrv.exe (PID: 4812) [WD-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Deidra\Desktop\rkill\rkill-10-16-2012-02-55-04.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 10/16/2012 02:55:16 PM
Execution time: 0 hours(s), 0 minute(s), and 16 seconds(s)

#15 Coachjm53

Coachjm53
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:16 AM

Posted 16 October 2012 - 02:59 PM

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "HSON" "HotStartOn" "TOSHIBA Corporation" "c:\program files\toshiba\tbs\hson.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "IntelPAN" "Intel® PROSet/Wireless Framework" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\ifrmewrk.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "RtHDVBg" "HD Audio Background Process" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravbg64.exe"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
+ "TCrdMain" "TOSHIBA Flash Cards Main Module" "TOSHIBA Corporation" "c:\program files\toshiba\flashcards\tcrdmain.exe"
+ "Teco" "TOSHIBA eco Utility" "TOSHIBA Corporation" "c:\program files\toshiba\teco\teco.exe"
+ "ThpSrv" "TOSHIBA HDD Protection Service" "TOSHIBA Corporation" "c:\windows\system32\thpsrv.exe"
+ "TosNC" "Message Center" "TOSHIBA Corporation" "c:\program files\toshiba\bulletinboard\tosnccore.exe"
+ "TosReelTimeMonitor" "Monitor of TOSHIBA ReelTime" "TOSHIBA Corporation" "c:\program files\toshiba\reeltime\tosreeltimemonitor.exe"
+ "TosSENotify" "" "TOSHIBA Corporation" "c:\program files\toshiba\toshiba hdd ssd alert\toswaitsrv.exe"
+ "TosVolRegulator" " Toshiba Volume Regulator" "TOSHIBA Corporation" "c:\program files\toshiba\tosvolregulator\tosvolregulator.exe"
+ "TosWaitSrv" "" "TOSHIBA Corporation" "c:\program files\toshiba\tphm\toswaitsrv.exe"
+ "TPwrMain" "TOSHIBA Power Saver" "TOSHIBA Corporation" "c:\program files\toshiba\power saver\tpwrmain.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "avast" "avast! Antivirus" "AVAST Software" "c:\program files\avast software\avast\avastui.exe"
+ "EEventManager" "EEventManager Application" "SEIKO EPSON CORPORATION" "c:\program files (x86)\epson software\event manager\eeventmanager.exe"
+ "HF_G_Jul" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe"
+ "HWSetup" "HWSetup" "TOSHIBA Electronics, Inc." "c:\program files\toshiba\utilities\hwsetup.exe"
+ "KeNotify" "KeNotify MFC Application" "TOSHIBA CORPORATION" "c:\program files (x86)\toshiba\utilities\kenotify.exe"
+ "NortonOnlineBackupReminder" "Toshiba Online Backup Service" "Toshiba" "c:\program files (x86)\toshiba\toshiba online backup\activation\tobuactivation.exe"
+ "ROC_ROC_JULY_P1" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe"
+ "SVPWUTIL" "SVPWUTIL Application" "TOSHIBA CORPORATION" "c:\program files (x86)\toshiba\utilities\svpwutil.exe"
+ "ToshibaAppPlace" "Toshiba App Place" "Toshiba" "c:\program files (x86)\toshiba\toshiba app place\toshibaappplace.exe"
+ "ToshibaServiceStation" "TOSHIBA Service Station" "TOSHIBA Corporation" "c:\program files (x86)\toshiba\toshiba service station\toshibaservicestation.exe"
+ "TSleepSrv" "TOSHIBA Sleep Service" "TOSHIBA" "c:\program files (x86)\toshiba\toshiba sleep utility\tsleepsrv.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Skype" "Skype " "Skype Technologies S.A." "c:\program files (x86)\skype\phone\skype.exe"
+ "WorkForce 610(Network)" "EPSON Status Monitor 3" "SEIKO EPSON CORPORATION" "c:\windows\system32\spool\drivers\x64\3\e_iatifja.exe"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie64.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
+ "TOSHIBA Media Controller Plug-in" "TOSHIBA Media Controller Plug-in (64)" "<TOSHIBA>" "c:\program files (x86)\toshiba\toshiba media controller plug-in\x64\toshibamediacontrollerie.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "TOSHIBA Media Controller Plug-in" "TOSHIBA Media Controller Plug-in (32)" "<TOSHIBA>" "c:\program files (x86)\toshiba\toshiba media controller plug-in\toshibamediacontrollerie.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie64.dll"
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie.dll"
+ "Coupons.com CouponBar" "Internet Explorer Toolbar Engine" "" "c:\program files (x86)\coupons.com couponbar\tbcore3.dll"
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
"Task Scheduler" "" "" ""
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Defender\MpIdleTask" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\TOSHIBA Wireless Display Monitor" "Wireless Display Monitor" "TOSHIBA CORPORATION" "c:\program files (x86)\toshiba\widimon\widimon.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "avast! Antivirus" "Manages and implements avast! antivirus services for this computer. This includes the resident protection, the virus chest and the scheduler." "AVAST Software" "c:\program files\avast software\avast\avastsvc.exe"
+ "cvhsvc" "Client Virtualization Handler Service (unlocalized description)" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe"
+ "EpsonBidirectionalService" "eEBAPI Core Process module" "SEIKO EPSON CORPORATION" "c:\program files (x86)\common files\epson\ebapi\eebsvc.exe"
+ "EvtEng" "Manages the event trace messages for all the Intel® PROSet/Wireless Software components." "Intel® Corporation" "c:\program files\intel\wifi\bin\evteng.exe"
+ "GamesAppService" "WT Games App Services" "WildTangent, Inc." "c:\program files (x86)\wildtangent games\app\gamesappservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "MyWiFiDHCPDNS" "Wireless PAN DHCP and DNS Server" "" "c:\program files\intel\wifi\bin\pandhcpdns.exe"
+ "Norton PC Checkup Application Launcher" "Provides consolidated application launching facility" "Symantec Corporation" "c:\program files (x86)\norton pc checkup\engine\2.0.13.11\symcpcculaunchsvc.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "PCCUJobMgr" "Job Manager service for common client services" "Symantec Corporation" "c:\program files (x86)\norton pc checkup\engine\2.0.13.11\ccsvchst.exe"
+ "RegSrvc" "Provides registry access to all Intel® PROSet/Wireless Software components" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\regsrvc.exe"
+ "sftlist" "Streams and manages applications." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftlist.exe"
+ "sftvsa" "Monitors global service events and launches virtual services." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftvsa.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "Thpsrv" "TOSHIBA HDD Protection Service" "TOSHIBA Corporation" "c:\windows\system32\thpsrv.exe"
+ "TMachInfo" "TOSHIBA Machine Information Service" "TOSHIBA Corporation" "c:\program files (x86)\toshiba\toshiba service station\tmachinfo.exe"
+ "TODDSrv" "TDCSrv Application" "TOSHIBA Corporation" "c:\windows\system32\toddsrv.exe"
+ "TosCoSrv" "TOSHIBA Power Saver manages power saving settings supported by TOSHIBA. These settings will not work if the service has stopped." "TOSHIBA Corporation" "c:\program files\toshiba\power saver\toscosrv.exe"
+ "TOSHIBA eco Utility Service" "TOSHIBA eco Utility Service" "TOSHIBA Corporation" "c:\program files\toshiba\teco\tecoservice.exe"
+ "TOSHIBA HDD SSD Alert Service" "TOSHIBA HDD SSD Alert" "TOSHIBA Corporation" "c:\program files\toshiba\toshiba hdd ssd alert\tossmartsrv.exe"
+ "TPCHSrv" "TOSHIBA PC Health Monitor" "TOSHIBA Corporation" "c:\program files\toshiba\tphm\tpchsrv.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "aswFsBlk" "avast! mini-filter driver (aswFsBlk)" "AVAST Software" "c:\windows\system32\drivers\aswfsblk.sys"
+ "aswMonFlt" "avast! mini-filter driver (aswMonFlt)" "AVAST Software" "c:\windows\system32\drivers\aswmonflt.sys"
+ "aswRdr" "avast! WFP Redirect driver" "AVAST Software" "c:\windows\system32\drivers\aswrdr2.sys"
+ "aswSnx" "avast! virtualization driver (aswSnx)" "AVAST Software" "c:\windows\system32\drivers\aswsnx.sys"
+ "aswSP" "avast! Self Protection" "AVAST Software" "c:\windows\system32\drivers\aswsp.sys"
+ "aswTdi" "avast! Network Shield TDI driver" "AVAST Software" "c:\windows\system32\drivers\aswtdi.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "CeKbFilter" "Toshiba Flash Cards Support Driver" "Compal Electronics, INC." "c:\windows\system32\drivers\cekbfilter.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "intaud_WaveExtensible" "Intel® WiDi Solution" "Intel Corporation" "c:\windows\system32\drivers\intelaud.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "iwdbus" "Intel® WiDi Solution" "Intel Corporation" "c:\windows\system32\drivers\iwdbus.sys"
+ "JMCR" "JMicron PCIe Flash Media Controller Driver" "JMicron Technology Corporation" "c:\windows\system32\drivers\jmcr.sys"
+ "LPCFilter" "LPCFilter" "COMPAL ELECTRONIC INC." "c:\windows\system32\drivers\lpcfilter.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "NETwNs64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netwns64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nusb3hub" "USB 3.0 Hub Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3hub.sys"
+ "nusb3xhc" "USB 3.0 Host Controller Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3xhc.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PGEffect" "TOSHIBA Universal Camera Filter Driver" "TOSHIBA Corporation" "c:\windows\system32\drivers\pgeffect.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "tdcmdpst" "TOSHIBA ODD Writing Driver for x64." "TOSHIBA Corporation." "c:\windows\system32\drivers\tdcmdpst.sys"
+ "Thpdrv" "TOSHIBA HDD Protection Driver" "TOSHIBA Corporation" "c:\windows\system32\drivers\thpdrv.sys"
+ "Thpevm" "TOSHIBA HDD Protection - Shock Sensor Driver" "TOSHIBA Corporation" "c:\windows\system32\drivers\thpevm.sys"
+ "tos_sps64" "tos_sps64" "TOSHIBA Corporation" "c:\windows\system32\drivers\tos_sps64.sys"
+ "TVALZ" "TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver" "TOSHIBA Corporation" "c:\windows\system32\drivers\tvalz_o.sys"
+ "TVALZFL" "TOSHIBA TVALZ Filter Driver for x64" "TOSHIBA Corporation" "c:\windows\system32\drivers\tvalzfl.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files\playready\prsource.dll"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files\playready\prdmowrapper.dll"
+ "SFVCaptureFilter" "SmartFaceVCapt" "TOSHIBA Corporation" "c:\program files\toshiba\smartfacev\smartfacevcapt.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "DS Video Buffer Filter" "WiDiAgent.dll COM object." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\dsbuffer_video.ax"
+ "Image Effects" "TimeStam Dynamic Link Library" "TOSHIBA CORPORATION." "c:\program files (x86)\toshiba\toshiba web camera application\pgtimefilter.dll"
+ "Intel® Mux Renderer" "Intel® TS Mux / Network Renderer" "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\intelmux.dll"
+ "Intel®WiDi H264 encoder" "" "" "c:\program files (x86)\common files\intel corporation\widiagent\h264_enc_filter.dll"
+ "MainConcept AAC Encoder" "AAC audio encoder filter" "MainConcept GmbH" "c:\program files (x86)\common files\intel corporation\mainconcept filters\mc_enc_aac_ds.ax"
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prsource.dll"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prdmowrapper.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "TOSHIBA AAC Decoder" "TOSHIBA AAC Audio Decoder" "TOSHIBA Corporation" "c:\program files (x86)\common files\toshiba shared\tosrawaacdecoder.ax"
+ "TOSHIBA Audio Back Switcher" "" "" "c:\program files (x86)\toshiba\toshiba video player\tosaudiobackswitcher.ax"
+ "TOSHIBA Audio Decoder DVD" "TOSHIBA Audio Decoder DVD" "TOSHIBA Corporation" "c:\program files (x86)\toshiba\toshiba video player\tosauddecl.ax"
+ "TOSHIBA Audio Front Switcher" "" "" "c:\program files (x86)\toshiba\toshiba video player\tosaudiofrontswitcher.ax"
+ "TOSHIBA Audio Rate Converter" "TOSHIBA Audio Rate Converter" "TOSHIBA Corporation" "c:\program files (x86)\common files\toshiba shared\tosarc.ax"
+ "TOSHIBA DualMono" "TOSHIBA DualMono" "TOSHIBA Corporation" "c:\program files (x86)\common files\toshiba shared\tosdualmono.ax"
+ "TOSHIBA DVD Navigator" "TOSHIBA DVD Navigator" "TOSHIBA Corporation" "c:\program files (x86)\toshiba\toshiba video player\tdvdnavi.ax"
+ "TOSHIBA DVD VR Navigator" "TOSHIBA DVD Player" "TOSHIBA Corporation" "c:\program files (x86)\toshiba\toshiba video player\tvrnavi.ax"
+ "TOSHIBA MP4 Navigator" "" "" "c:\program files (x86)\common files\toshiba shared\mp4navifilter.ax"
+ "TOSHIBA Progress Monitor" "TOSHIBA Progress Monitor" "TOSHIBA Corporation" "c:\program files (x86)\toshiba\toshiba disc creator\tprogmon.ax"
+ "TOSHIBA WAV Converter" "TOSHIBA Wav Converter" "TOSHIBA Corporation" "c:\program files (x86)\toshiba\toshiba disc creator\twavconv.ax"
+ "WD Audio Filter" "WiDi Audio Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdaudiofilter.dll"
+ "WD Secure Source Filter" "Intel® WiDi Secure Video Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdsecuresourcefilter.dll"
+ "WDSource Filter" "WiDi Video Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdsourcefilter.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "SmartFaceVCP" "SmartFaceVCP" "TOSHIBA Corporation" "c:\program files\toshiba\smartfacev\smartfacevcp.dll"
+ "tosWirelessLANIndicatorCP" "Credential Provider Dll for TOSHIBA Wireless LAN Indicator" "TOSHIBA CORPORATION" "c:\windows\system32\toswirelesslanindicatorcp.dll"
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "EPSON WorkForce 610 Series 64MonitorBA" "EPSON Bi-directional Monitor AMD64" "SEIKO EPSON CORPORATION" "c:\windows\system32\e_ilmfja.dll"
+ "EpsonNet Print Port" "EpsonNet Print Port Monitor DLL" "SEIKO EPSON CORPORATION" "c:\windows\system32\enppmon.dll"
"C:\Users\Deidra\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "Avast! antivirus monitor" "Avast! antivirus sidebar gadget." "AVAST Software" "C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\Gadget.xml"




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users