Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware attack, detected in MBAM.


  • Please log in to reply
13 replies to this topic

#1 mercuryrsng

mercuryrsng

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:03:41 AM

Posted 20 November 2012 - 10:49 PM

Had a malware attack, detected in Malwarebytes Anti Malware. Computer is running really slow. Can anyone help me?

Thanks

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:41 AM

Posted 20 November 2012 - 10:50 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 mercuryrsng

mercuryrsng
  • Topic Starter

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:03:41 AM

Posted 21 November 2012 - 02:04 AM

22:52:06.0500 5532 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
22:52:07.0218 5532 ============================================================
22:52:07.0234 5532 Current date / time: 2012/11/20 22:52:07.0218
22:52:07.0234 5532 SystemInfo:
22:52:07.0234 5532
22:52:07.0234 5532 OS Version: 5.1.2600 ServicePack: 3.0
22:52:07.0234 5532 Product type: Workstation
22:52:07.0234 5532 ComputerName: JULIE
22:52:07.0234 5532 UserName: JulieF
22:52:07.0234 5532 Windows directory: C:\WINDOWS
22:52:07.0234 5532 System windows directory: C:\WINDOWS
22:52:07.0234 5532 Processor architecture: Intel x86
22:52:07.0234 5532 Number of processors: 2
22:52:07.0234 5532 Page size: 0x1000
22:52:07.0234 5532 Boot type: Normal boot
22:52:07.0234 5532 ============================================================
22:52:10.0750 5532 Drive \Device\Harddisk0\DR0 - Size: 0x12A1D00000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
22:52:10.0796 5532 ============================================================
22:52:10.0796 5532 \Device\Harddisk0\DR0:
22:52:10.0796 5532 MBR partitions:
22:52:10.0796 5532 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x893E53F
22:52:10.0796 5532 ============================================================
22:52:10.0828 5532 C: <-> \Device\Harddisk0\DR0\Partition1
22:52:10.0843 5532 ============================================================
22:52:10.0843 5532 Initialize success
22:52:10.0843 5532 ============================================================
22:52:32.0609 2144 ============================================================
22:52:32.0609 2144 Scan started
22:52:32.0609 2144 Mode: Manual; TDLFS;
22:52:32.0609 2144 ============================================================
22:52:35.0406 2144 ================ Scan system memory ========================
22:52:43.0062 2144 System memory - ok
22:52:43.0062 2144 ================ Scan services =============================
22:52:43.0312 2144 Abiosdsk - ok
22:52:43.0312 2144 abp480n5 - ok
22:52:43.0359 2144 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:52:43.0359 2144 ACPI - ok
22:52:43.0390 2144 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
22:52:43.0390 2144 ACPIEC - ok
22:52:43.0484 2144 [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
22:52:43.0500 2144 Adobe LM Service - ok
22:52:43.0500 2144 adpu160m - ok
22:52:43.0578 2144 [ 985E43B02D2443F6C0F440771C77E5D1 ] ADVService C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
22:52:43.0593 2144 ADVService - ok
22:52:43.0625 2144 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
22:52:43.0640 2144 aec - ok
22:52:43.0671 2144 [ 15E655BAA989444F56787EF558823643 ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
22:52:43.0703 2144 AegisP - ok
22:52:43.0734 2144 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
22:52:43.0750 2144 AFD - ok
22:52:43.0812 2144 [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\WINDOWS\system32\agrsmsvc.exe
22:52:43.0828 2144 AgereModemAudio - ok
22:52:43.0890 2144 [ CE91B158FA490CF4C4D487A4130F4660 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
22:52:43.0937 2144 AgereSoftModem - ok
22:52:43.0937 2144 Aha154x - ok
22:52:43.0953 2144 aic78u2 - ok
22:52:43.0953 2144 aic78xx - ok
22:52:44.0000 2144 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
22:52:44.0015 2144 Alerter - ok
22:52:44.0031 2144 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
22:52:44.0031 2144 ALG - ok
22:52:44.0046 2144 AliIde - ok
22:52:44.0062 2144 amsint - ok
22:52:44.0093 2144 [ 476A6EFB2BB338D2854B3751367F8F71 ] ApfiltrService C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
22:52:44.0109 2144 ApfiltrService - ok
22:52:44.0203 2144 [ 70D7BE78061126DD0C3ACCDB7E129017 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:52:44.0265 2144 Apple Mobile Device - ok
22:52:44.0312 2144 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
22:52:44.0328 2144 AppMgmt - ok
22:52:44.0375 2144 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
22:52:44.0390 2144 Arp1394 - ok
22:52:44.0406 2144 asc - ok
22:52:44.0406 2144 asc3350p - ok
22:52:44.0421 2144 asc3550 - ok
22:52:44.0468 2144 [ D880831279ED91F9A4190A2DB9539EA9 ] ASCTRM C:\WINDOWS\system32\drivers\ASCTRM.sys
22:52:44.0468 2144 ASCTRM - ok
22:52:44.0593 2144 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
22:52:44.0703 2144 aspnet_state - ok
22:52:44.0718 2144 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:52:44.0734 2144 AsyncMac - ok
22:52:44.0781 2144 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
22:52:44.0796 2144 atapi - ok
22:52:44.0828 2144 Atdisk - ok
22:52:44.0875 2144 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:52:44.0890 2144 Atmarpc - ok
22:52:44.0921 2144 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
22:52:44.0921 2144 AudioSrv - ok
22:52:44.0968 2144 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
22:52:44.0968 2144 audstub - ok
22:52:45.0093 2144 [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
22:52:45.0125 2144 BBSvc - ok
22:52:45.0156 2144 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files\Microsoft\BingBar\SeaPort.EXE
22:52:45.0203 2144 BBUpdate - ok
22:52:45.0312 2144 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
22:52:45.0328 2144 BcmSqlStartupSvc - ok
22:52:45.0375 2144 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
22:52:45.0375 2144 Beep - ok
22:52:45.0421 2144 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
22:52:45.0468 2144 BITS - ok
22:52:45.0546 2144 [ 673CF4F6BB1FBE09331B526802FBB892 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:52:45.0593 2144 Bonjour Service - ok
22:52:45.0640 2144 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
22:52:45.0640 2144 Browser - ok
22:52:45.0671 2144 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
22:52:45.0671 2144 cbidf2k - ok
22:52:45.0703 2144 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:52:45.0703 2144 CCDECODE - ok
22:52:45.0750 2144 [ 83053D67F40CD00D5FB3BAA2C4D6F9EC ] ccEvtMgr C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
22:52:45.0750 2144 ccEvtMgr - ok
22:52:45.0781 2144 [ AC60AD2FCA93F0D0180C9610403782EF ] ccPwdSvc C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
22:52:45.0796 2144 ccPwdSvc - ok
22:52:45.0828 2144 [ 2013A368106F5EB9AA6F492369F8063C ] ccSetMgr C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
22:52:45.0828 2144 ccSetMgr - ok
22:52:45.0843 2144 cd20xrnt - ok
22:52:45.0875 2144 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
22:52:45.0890 2144 Cdaudio - ok
22:52:45.0890 2144 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
22:52:45.0906 2144 Cdfs - ok
22:52:45.0921 2144 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:52:45.0937 2144 Cdrom - ok
22:52:46.0031 2144 [ 3CB0CC8879956C187E87E18634EE5164 ] CFSvcs C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
22:52:46.0046 2144 CFSvcs - ok
22:52:46.0046 2144 Changer - ok
22:52:46.0109 2144 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
22:52:46.0109 2144 CiSvc - ok
22:52:46.0125 2144 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
22:52:46.0140 2144 ClipSrv - ok
22:52:46.0171 2144 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:52:46.0421 2144 clr_optimization_v2.0.50727_32 - ok
22:52:46.0468 2144 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
22:52:46.0484 2144 CmBatt - ok
22:52:46.0484 2144 CmdIde - ok
22:52:46.0515 2144 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
22:52:46.0515 2144 Compbatt - ok
22:52:46.0546 2144 COMSysApp - ok
22:52:46.0562 2144 Cpqarray - ok
22:52:46.0593 2144 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
22:52:46.0609 2144 CryptSvc - ok
22:52:46.0625 2144 dac2w2k - ok
22:52:46.0625 2144 dac960nt - ok
22:52:46.0687 2144 [ 90F8539FA0DE4AAFE4FDBE7F95D6A512 ] dc3d C:\WINDOWS\system32\DRIVERS\dc3d.sys
22:52:46.0703 2144 dc3d - ok
22:52:46.0765 2144 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
22:52:46.0765 2144 DcomLaunch - ok
22:52:46.0843 2144 [ 955924C3532EFB803B0661B6AA516126 ] DefWatch C:\Program Files\Symantec AntiVirus\DefWatch.exe
22:52:46.0875 2144 DefWatch - ok
22:52:46.0906 2144 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
22:52:46.0906 2144 Dhcp - ok
22:52:46.0937 2144 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
22:52:46.0937 2144 Disk - ok
22:52:47.0015 2144 [ EE4325BECEF51B8C32B4329097E4F301 ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS
22:52:47.0031 2144 DLABOIOM - ok
22:52:47.0062 2144 [ D979BEBCF7EDCC9C9EE1857D1A68C67B ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
22:52:47.0078 2144 DLACDBHM - ok
22:52:47.0093 2144 [ 1E6C6597833A04C2157BE7B39EA92CE1 ] DLADResN C:\WINDOWS\system32\DLA\DLADResN.SYS
22:52:47.0093 2144 DLADResN - ok
22:52:47.0109 2144 [ 752376E109A090970BFA9722F0F40B03 ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
22:52:47.0140 2144 DLAIFS_M - ok
22:52:47.0140 2144 [ 62EE7902E74B90BF1CCC4643FC6C07A7 ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
22:52:47.0156 2144 DLAOPIOM - ok
22:52:47.0171 2144 [ 5C220124C5AFEAEE84A9BB89D685C17B ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS
22:52:47.0187 2144 DLAPoolM - ok
22:52:47.0218 2144 [ 7EE0852AE8907689DF25049DCD2342E8 ] DLARTL_N C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
22:52:47.0218 2144 DLARTL_N - ok
22:52:47.0250 2144 [ 4EBB78D9BBF072119363B35B9B3E518F ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
22:52:47.0265 2144 DLAUDFAM - ok
22:52:47.0312 2144 [ 333B770E52D2CEA7BD86391120466E43 ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
22:52:47.0328 2144 DLAUDF_M - ok
22:52:47.0328 2144 dmadmin - ok
22:52:47.0390 2144 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
22:52:47.0437 2144 dmboot - ok
22:52:47.0437 2144 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
22:52:47.0453 2144 dmio - ok
22:52:47.0484 2144 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
22:52:47.0484 2144 dmload - ok
22:52:47.0515 2144 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
22:52:47.0546 2144 dmserver - ok
22:52:47.0609 2144 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
22:52:47.0625 2144 DMusic - ok
22:52:47.0656 2144 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
22:52:47.0656 2144 Dnscache - ok
22:52:47.0734 2144 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
22:52:47.0750 2144 Dot3svc - ok
22:52:47.0750 2144 dpti2o - ok
22:52:47.0796 2144 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
22:52:47.0796 2144 drmkaud - ok
22:52:47.0812 2144 [ FD0F95981FEF9073659D8EC58E40AA3C ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
22:52:47.0843 2144 DRVMCDB - ok
22:52:47.0859 2144 [ B4869D320428CDC5EC4D7F5E808E99B5 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
22:52:47.0875 2144 DRVNDDM - ok
22:52:47.0906 2144 [ C9FFBD6B8EDC46CD3D13E3C6DB914FB7 ] DVD-RAM_Service C:\WINDOWS\system32\DVDRAMSV.exe
22:52:47.0921 2144 DVD-RAM_Service - ok
22:52:47.0984 2144 [ 1CD824A565DD4D3A33341F08A7CE44D9 ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys
22:52:48.0000 2144 e1express - ok
22:52:48.0046 2144 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
22:52:48.0062 2144 EapHost - ok
22:52:48.0140 2144 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
22:52:48.0171 2144 eeCtrl - ok
22:52:48.0187 2144 EraserUtilDrv11122 - ok
22:52:48.0234 2144 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilDrv11220 C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11220.sys
22:52:48.0234 2144 EraserUtilDrv11220 - ok
22:52:48.0281 2144 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
22:52:48.0296 2144 ERSvc - ok
22:52:48.0328 2144 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
22:52:48.0359 2144 Eventlog - ok
22:52:48.0390 2144 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
22:52:48.0406 2144 EventSystem - ok
22:52:48.0468 2144 [ 6A197698A141FFE7651B962AE3172008 ] EvtEng C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
22:52:48.0515 2144 EvtEng - ok
22:52:48.0546 2144 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
22:52:48.0578 2144 Fastfat - ok
22:52:48.0640 2144 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
22:52:48.0656 2144 FastUserSwitchingCompatibility - ok
22:52:48.0703 2144 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
22:52:48.0734 2144 Fax - ok
22:52:48.0765 2144 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
22:52:48.0781 2144 Fdc - ok
22:52:48.0812 2144 [ 3314F3134AC59771A133A0CD3D343FFF ] FdRedir C:\Program Files\Common Files\Protector Suite QL\Drivers\FdRedir.sys
22:52:48.0828 2144 FdRedir - ok
22:52:48.0843 2144 [ 7B33F094A7A42A0225C344F5B25B1B05 ] FileDisk2 C:\Program Files\Common Files\Protector Suite QL\Drivers\filedisk.sys
22:52:48.0843 2144 FileDisk2 - ok
22:52:48.0859 2144 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
22:52:48.0875 2144 Fips - ok
22:52:48.0890 2144 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
22:52:48.0890 2144 Flpydisk - ok
22:52:48.0937 2144 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
22:52:48.0953 2144 FltMgr - ok
22:52:49.0046 2144 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
22:52:49.0062 2144 FontCache3.0.0.0 - ok
22:52:49.0109 2144 [ C6EE3A87FE609D3E1DB9DBD072A248DE ] fssfltr C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
22:52:49.0109 2144 fssfltr - ok
22:52:49.0203 2144 [ 206AD9A89BF05DFA1621F1FC7B82592D ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
22:52:49.0281 2144 fsssvc - ok
22:52:49.0343 2144 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:52:49.0343 2144 Fs_Rec - ok
22:52:49.0375 2144 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:52:49.0390 2144 Ftdisk - ok
22:52:49.0421 2144 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
22:52:49.0437 2144 GEARAspiWDM - ok
22:52:49.0484 2144 [ 11DC77E8D9C0B93515A6A1157ADDBE8B ] GoToMyPC C:\Program Files\Citrix\GoToMyPC\g2svc.exe
22:52:49.0500 2144 GoToMyPC - ok
22:52:49.0531 2144 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:52:49.0546 2144 Gpc - ok
22:52:49.0640 2144 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
22:52:49.0687 2144 gupdate - ok
22:52:49.0718 2144 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
22:52:49.0718 2144 gupdatem - ok
22:52:49.0796 2144 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
22:52:49.0828 2144 gusvc - ok
22:52:49.0875 2144 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:52:49.0890 2144 HDAudBus - ok
22:52:49.0968 2144 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
22:52:49.0984 2144 helpsvc - ok
22:52:50.0031 2144 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
22:52:50.0046 2144 HidServ - ok
22:52:50.0093 2144 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:52:50.0109 2144 HidUsb - ok
22:52:50.0171 2144 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
22:52:50.0187 2144 hkmsvc - ok
22:52:50.0187 2144 hpn - ok
22:52:50.0312 2144 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
22:52:50.0343 2144 hpqcxs08 - ok
22:52:50.0390 2144 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
22:52:50.0406 2144 hpqddsvc - ok
22:52:50.0468 2144 [ 568E44F6DCFA173F3670172B69379891 ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
22:52:50.0515 2144 HPSLPSVC - ok
22:52:50.0562 2144 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
22:52:50.0578 2144 HPZid412 - ok
22:52:50.0609 2144 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
22:52:50.0609 2144 HPZipr12 - ok
22:52:50.0671 2144 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
22:52:50.0687 2144 HPZius12 - ok
22:52:50.0734 2144 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
22:52:50.0734 2144 HTTP - ok
22:52:50.0796 2144 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
22:52:50.0843 2144 HTTPFilter - ok
22:52:50.0843 2144 i2omgmt - ok
22:52:50.0859 2144 i2omp - ok
22:52:50.0875 2144 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:52:50.0906 2144 i8042prt - ok
22:52:50.0984 2144 [ BC1F1FF8D5800398937966CDB0A97FDC ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
22:52:51.0015 2144 ialm - ok
22:52:51.0078 2144 [ 6F95324909B502E2651442C1548AB12F ] IDriverT c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
22:52:51.0109 2144 IDriverT - ok
22:52:51.0218 2144 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:52:51.0265 2144 idsvc - ok
22:52:51.0296 2144 [ 0B556E950404D90D097C687E65238730 ] IFXTPM C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS
22:52:51.0312 2144 IFXTPM - ok
22:52:51.0359 2144 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
22:52:51.0375 2144 Imapi - ok
22:52:51.0421 2144 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
22:52:51.0453 2144 ImapiService - ok
22:52:51.0468 2144 ini910u - ok
22:52:51.0515 2144 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
22:52:51.0531 2144 IntelIde - ok
22:52:51.0562 2144 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:52:51.0562 2144 intelppm - ok
22:52:51.0609 2144 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
22:52:51.0609 2144 Ip6Fw - ok
22:52:51.0656 2144 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:52:51.0671 2144 IpFilterDriver - ok
22:52:51.0703 2144 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:52:51.0703 2144 IpInIp - ok
22:52:51.0734 2144 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:52:51.0750 2144 IpNat - ok
22:52:51.0843 2144 [ 32CDEDD15E2D1A557CD54552AE78FF86 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
22:52:51.0890 2144 iPod Service - ok
22:52:51.0921 2144 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:52:51.0937 2144 IPSec - ok
22:52:51.0953 2144 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
22:52:51.0968 2144 IRENUM - ok
22:52:52.0015 2144 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:52:52.0031 2144 isapnp - ok
22:52:52.0218 2144 [ B591E761161D1EF547D76EF236EAA6A5 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
22:52:52.0296 2144 JavaQuickStarterService - ok
22:52:52.0328 2144 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:52:52.0343 2144 Kbdclass - ok
22:52:52.0359 2144 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:52:52.0359 2144 kbdhid - ok
22:52:52.0390 2144 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
22:52:52.0406 2144 kmixer - ok
22:52:52.0453 2144 [ 1E0D65F7FFEB4E99B2EEC1CCB5754CC8 ] KR10I C:\WINDOWS\system32\drivers\KR10I.sys
22:52:52.0453 2144 KR10I - ok
22:52:52.0468 2144 [ D93F9961233D6BE1F4803A916852F45E ] KR10I2K C:\WINDOWS\system32\drivers\KR10I2K.sys
22:52:52.0500 2144 KR10I2K - ok
22:52:52.0546 2144 [ EAE20E5DEA431B0F01102168B8899553 ] kraidsvc c:\Program Files\TOSHIBA\TOSHIBA RAID\Service\kraidsvc.exe
22:52:52.0578 2144 kraidsvc - ok
22:52:52.0609 2144 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
22:52:52.0609 2144 KSecDD - ok
22:52:52.0640 2144 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
22:52:52.0640 2144 lanmanserver - ok
22:52:52.0687 2144 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
22:52:52.0703 2144 lanmanworkstation - ok
22:52:52.0703 2144 lbrtfdc - ok
22:52:52.0843 2144 [ 2FEB923B00505DC165AE46F80A287711 ] LkWebLink C:\Documents and Settings\Pam\My Documents\Inter-Tel\Collaboration Client 2.0\lkWebLink.exe
22:52:52.0859 2144 LkWebLink - ok
22:52:52.0890 2144 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
22:52:52.0906 2144 LmHosts - ok
22:52:53.0031 2144 [ FB548FF809634BFA866312B37D8A18AE ] LVcKap C:\WINDOWS\system32\DRIVERS\LVcKap.sys
22:52:53.0109 2144 LVcKap - ok
22:52:53.0156 2144 [ 14E4CC4D46169759D874F57604EA6BE5 ] LVCOMSer C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
22:52:53.0203 2144 LVCOMSer - ok
22:52:53.0296 2144 [ FE3FB994F8702D9E37648927819B74B8 ] LVMVDrv C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys
22:52:53.0390 2144 LVMVDrv - ok
22:52:53.0437 2144 [ C7EA51F1AB10B0B2B443F4D5589FC1A5 ] LVPr2Mon C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
22:52:53.0453 2144 LVPr2Mon - ok
22:52:53.0468 2144 [ B2D04E813BA12AB179DAF0B9FDECBA3D ] LVPrcSrv C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
22:52:53.0546 2144 LVPrcSrv - ok
22:52:53.0578 2144 [ A7A2EF5000007CA361DA1E2B99DF8C57 ] LVSrvLauncher C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
22:52:53.0609 2144 LVSrvLauncher - ok
22:52:53.0671 2144 [ F7E15F2FE7790733DF86E95A76556389 ] LVUSBSta C:\WINDOWS\system32\drivers\LVUSBSta.sys
22:52:53.0687 2144 LVUSBSta - ok
22:52:53.0843 2144 [ 92D03DC19EAE9D0A86735705E374FDAD ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
22:52:54.0015 2144 LVUVC - ok
22:52:54.0031 2144 MBAMSwissArmy - ok
22:52:54.0093 2144 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
22:52:54.0125 2144 McComponentHostService - ok
22:52:54.0250 2144 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
22:52:54.0265 2144 MDM - ok
22:52:54.0312 2144 [ 7EFAC183A25B30FB5D64CC9D484B1EB6 ] meiudf C:\WINDOWS\system32\Drivers\meiudf.sys
22:52:54.0328 2144 meiudf - ok
22:52:54.0375 2144 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
22:52:54.0375 2144 Messenger - ok
22:52:54.0500 2144 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
22:52:54.0562 2144 Microsoft Office Groove Audit Service - ok
22:52:54.0578 2144 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
22:52:54.0578 2144 mnmdd - ok
22:52:54.0640 2144 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
22:52:54.0656 2144 mnmsrvc - ok
22:52:54.0703 2144 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
22:52:54.0703 2144 Modem - ok
22:52:54.0750 2144 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:52:54.0750 2144 Mouclass - ok
22:52:54.0765 2144 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:52:54.0781 2144 mouhid - ok
22:52:54.0796 2144 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
22:52:54.0812 2144 MountMgr - ok
22:52:54.0828 2144 mraid35x - ok
22:52:54.0843 2144 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:52:54.0875 2144 MRxDAV - ok
22:52:54.0937 2144 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:52:54.0937 2144 MRxSmb - ok
22:52:54.0984 2144 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
22:52:55.0000 2144 MSDTC - ok
22:52:55.0000 2144 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
22:52:55.0015 2144 Msfs - ok
22:52:55.0031 2144 MSIServer - ok
22:52:55.0046 2144 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:52:55.0062 2144 MSKSSRV - ok
22:52:55.0093 2144 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:52:55.0109 2144 MSPCLOCK - ok
22:52:55.0125 2144 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
22:52:55.0140 2144 MSPQM - ok
22:52:55.0171 2144 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:52:55.0171 2144 mssmbios - ok
22:52:55.0250 2144 MSSQL$MSSMLBIZ - ok
22:52:55.0281 2144 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
22:52:55.0312 2144 MSSQLServerADHelper - ok
22:52:55.0359 2144 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
22:52:55.0375 2144 MSTEE - ok
22:52:55.0421 2144 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
22:52:55.0421 2144 Mup - ok
22:52:55.0437 2144 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:52:55.0453 2144 NABTSFEC - ok
22:52:55.0531 2144 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
22:52:55.0562 2144 napagent - ok
22:52:55.0703 2144 [ 8E4C77AD9BB279900C00F870CC0C674B ] NAVENG C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20121004.002\naveng.sys
22:52:55.0703 2144 NAVENG - ok
22:52:55.0796 2144 [ 826F699B69E88A3920C70F344DD42D88 ] NAVEX15 C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20121004.002\navex15.sys
22:52:55.0828 2144 NAVEX15 - ok
22:52:55.0859 2144 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
22:52:55.0875 2144 NDIS - ok
22:52:55.0937 2144 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:52:55.0953 2144 NdisIP - ok
22:52:55.0984 2144 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:52:55.0984 2144 NdisTapi - ok
22:52:56.0000 2144 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:52:56.0015 2144 Ndisuio - ok
22:52:56.0031 2144 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:52:56.0062 2144 NdisWan - ok
22:52:56.0093 2144 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
22:52:56.0109 2144 NDProxy - ok
22:52:56.0140 2144 [ 510C138564486FF926A3F773205C63D1 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
22:52:56.0156 2144 Net Driver HPZ12 - ok
22:52:56.0171 2144 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
22:52:56.0187 2144 NetBIOS - ok
22:52:56.0203 2144 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
22:52:56.0234 2144 NetBT - ok
22:52:56.0265 2144 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
22:52:56.0296 2144 NetDDE - ok
22:52:56.0312 2144 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
22:52:56.0312 2144 NetDDEdsdm - ok
22:52:56.0343 2144 [ 1265EB253ED4EBE4ACB3BD5F548FF796 ] Netdevio C:\WINDOWS\system32\DRIVERS\netdevio.sys
22:52:56.0359 2144 Netdevio - ok
22:52:56.0406 2144 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
22:52:56.0406 2144 Netlogon - ok
22:52:56.0421 2144 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
22:52:56.0437 2144 Netman - ok
22:52:56.0468 2144 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:52:56.0500 2144 NetTcpPortSharing - ok
22:52:56.0593 2144 [ 50F5DE54E1D1646C02078F3EDDC15A8E ] NETw3x32 C:\WINDOWS\system32\DRIVERS\NETw3x32.sys
22:52:56.0656 2144 NETw3x32 - ok
22:52:56.0953 2144 [ 72062B53186E4A3F5FCBC41EBB62B905 ] NETwLx32 C:\WINDOWS\system32\DRIVERS\NETwLx32.sys
22:52:57.0234 2144 NETwLx32 - ok
22:52:57.0265 2144 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
22:52:57.0281 2144 NIC1394 - ok
22:52:57.0328 2144 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
22:52:57.0328 2144 Nla - ok
22:52:57.0375 2144 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
22:52:57.0390 2144 Npfs - ok
22:52:57.0437 2144 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
22:52:57.0453 2144 Ntfs - ok
22:52:57.0484 2144 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
22:52:57.0484 2144 NtLmSsp - ok
22:52:57.0546 2144 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
22:52:57.0578 2144 NtmsSvc - ok
22:52:57.0609 2144 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
22:52:57.0609 2144 Null - ok
22:52:57.0640 2144 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:52:57.0656 2144 NwlnkFlt - ok
22:52:57.0671 2144 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:52:57.0687 2144 NwlnkFwd - ok
22:52:57.0812 2144 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:52:57.0875 2144 odserv - ok
22:52:57.0921 2144 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
22:52:57.0937 2144 ohci1394 - ok
22:52:57.0968 2144 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:52:58.0078 2144 ose - ok
22:52:58.0109 2144 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
22:52:58.0125 2144 Parport - ok
22:52:58.0140 2144 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
22:52:58.0156 2144 PartMgr - ok
22:52:58.0187 2144 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
22:52:58.0203 2144 ParVdm - ok
22:52:58.0218 2144 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
22:52:58.0234 2144 PCI - ok
22:52:58.0250 2144 PCIDump - ok
22:52:58.0265 2144 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
22:52:58.0281 2144 PCIIde - ok
22:52:58.0296 2144 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
22:52:58.0312 2144 Pcmcia - ok
22:52:58.0312 2144 PDCOMP - ok
22:52:58.0328 2144 PDFRAME - ok
22:52:58.0328 2144 PDRELI - ok
22:52:58.0343 2144 PDRFRAME - ok
22:52:58.0343 2144 perc2 - ok
22:52:58.0343 2144 perc2hib - ok
22:52:58.0406 2144 [ 6DBF2AC2BDAFF355995AB25ECCC4CFE1 ] pinger C:\TOSHIBA\IVP\ISM\pinger.exe
22:52:58.0421 2144 pinger - ok
22:52:58.0437 2144 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
22:52:58.0437 2144 PlugPlay - ok
22:52:58.0453 2144 [ 37E5E8FFBAD35605DAEEC3224EA0E465 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
22:52:58.0468 2144 Pml Driver HPZ12 - ok
22:52:58.0500 2144 [ 896D916DE06F5502D301E8C4DC442AE8 ] Point32 C:\WINDOWS\system32\DRIVERS\point32.sys
22:52:58.0515 2144 Point32 - ok
22:52:58.0531 2144 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
22:52:58.0531 2144 PolicyAgent - ok
22:52:58.0562 2144 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:52:58.0578 2144 PptpMiniport - ok
22:52:58.0578 2144 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
22:52:58.0578 2144 ProtectedStorage - ok
22:52:58.0593 2144 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
22:52:58.0609 2144 PSched - ok
22:52:58.0656 2144 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:52:58.0671 2144 Ptilink - ok
22:52:58.0687 2144 [ 183EF96BCC2EC3D5294CB2C2C0ECBCD1 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:52:58.0703 2144 PxHelp20 - ok
22:52:58.0703 2144 ql1080 - ok
22:52:58.0718 2144 Ql10wnt - ok
22:52:58.0718 2144 ql12160 - ok
22:52:58.0718 2144 ql1240 - ok
22:52:58.0734 2144 ql1280 - ok
22:52:58.0734 2144 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:52:58.0750 2144 RasAcd - ok
22:52:58.0765 2144 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
22:52:58.0765 2144 RasAuto - ok
22:52:58.0781 2144 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:52:58.0781 2144 Rasl2tp - ok
22:52:58.0843 2144 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
22:52:58.0859 2144 RasMan - ok
22:52:58.0875 2144 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:52:58.0875 2144 RasPppoe - ok
22:52:58.0890 2144 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
22:52:58.0890 2144 Raspti - ok
22:52:58.0921 2144 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:52:58.0937 2144 Rdbss - ok
22:52:58.0953 2144 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:52:58.0984 2144 RDPCDD - ok
22:52:59.0015 2144 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:52:59.0031 2144 rdpdr - ok
22:52:59.0093 2144 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
22:52:59.0109 2144 RDPWD - ok
22:52:59.0140 2144 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
22:52:59.0156 2144 RDSessMgr - ok
22:52:59.0203 2144 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
22:52:59.0218 2144 redbook - ok
22:52:59.0265 2144 [ D8F61AAAE73A1FBDE6F538BECC891F2F ] RegSrvc C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
22:52:59.0296 2144 RegSrvc - ok
22:52:59.0343 2144 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
22:52:59.0359 2144 RemoteAccess - ok
22:52:59.0406 2144 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
22:52:59.0421 2144 RemoteRegistry - ok
22:52:59.0437 2144 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
22:52:59.0453 2144 RpcLocator - ok
22:52:59.0500 2144 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
22:52:59.0515 2144 RpcSs - ok
22:52:59.0578 2144 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
22:52:59.0609 2144 RSVP - ok
22:52:59.0656 2144 [ 25F697E3AFA7B337BBCADDBCE38E6934 ] S24EventMonitor C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
22:52:59.0718 2144 S24EventMonitor - ok
22:52:59.0765 2144 [ 2862ADB14481AC28F98105FF33A99EB0 ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys
22:52:59.0765 2144 s24trans - ok
22:52:59.0781 2144 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
22:52:59.0781 2144 SamSs - ok
22:52:59.0859 2144 [ 778F31AA8685426CA2D0D38B423C2512 ] SavRoam C:\Program Files\Symantec AntiVirus\SavRoam.exe
22:52:59.0890 2144 SavRoam - ok
22:52:59.0921 2144 [ A00D5AA4748A1002590F08AA00FC660D ] SAVRT C:\Program Files\Symantec AntiVirus\savrt.sys
22:52:59.0937 2144 SAVRT - ok
22:52:59.0953 2144 [ 1E805005583BE1C1568A3FCE259C81E3 ] SAVRTPEL C:\Program Files\Symantec AntiVirus\Savrtpel.sys
22:52:59.0968 2144 SAVRTPEL - ok
22:53:00.0000 2144 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
22:53:00.0015 2144 SCardSvr - ok
22:53:00.0093 2144 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
22:53:00.0109 2144 Schedule - ok
22:53:00.0156 2144 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
22:53:00.0171 2144 sdbus - ok
22:53:00.0218 2144 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:53:00.0218 2144 Secdrv - ok
22:53:00.0234 2144 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
22:53:00.0250 2144 seclogon - ok
22:53:00.0265 2144 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
22:53:00.0281 2144 SENS - ok
22:53:00.0312 2144 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
22:53:00.0328 2144 Serial - ok
22:53:00.0375 2144 [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk C:\WINDOWS\system32\DRIVERS\sffdisk.sys
22:53:00.0390 2144 sffdisk - ok
22:53:00.0406 2144 [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
22:53:00.0421 2144 sffp_sd - ok
22:53:00.0437 2144 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\DRIVERS\sfloppy.sys
22:53:00.0437 2144 Sfloppy - ok
22:53:00.0500 2144 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
22:53:00.0531 2144 SharedAccess - ok
22:53:00.0593 2144 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
22:53:00.0609 2144 ShellHWDetection - ok
22:53:00.0609 2144 Simbad - ok
22:53:00.0703 2144 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
22:53:00.0984 2144 SkypeUpdate - ok
22:53:01.0031 2144 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:53:01.0031 2144 SLIP - ok
22:53:01.0078 2144 [ 94EEDE27FD7D46707BE49127922695A7 ] smihlp C:\Program Files\Protector Suite QL\smihlp.sys
22:53:01.0109 2144 smihlp - ok
22:53:01.0156 2144 [ 443E397643965E08C5AB6A6CAA732B97 ] SNDSrvc C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
22:53:01.0171 2144 SNDSrvc - ok
22:53:01.0187 2144 Sparrow - ok
22:53:01.0265 2144 [ C30FA11923892A4DBD1C747DB8492E8F ] SPBBCDrv C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
22:53:01.0296 2144 SPBBCDrv - ok
22:53:01.0343 2144 [ EA07435C72A8534C3A8E02D87246E546 ] SPBBCSvc C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
22:53:01.0375 2144 SPBBCSvc - ok
22:53:01.0421 2144 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
22:53:01.0421 2144 splitter - ok
22:53:01.0468 2144 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
22:53:01.0468 2144 Spooler - ok
22:53:01.0500 2144 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
22:53:01.0578 2144 SQLBrowser - ok
22:53:01.0609 2144 [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
22:53:01.0640 2144 SQLWriter - ok
22:53:01.0671 2144 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
22:53:01.0687 2144 sr - ok
22:53:01.0734 2144 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
22:53:01.0750 2144 srservice - ok
22:53:01.0781 2144 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
22:53:01.0796 2144 Srv - ok
22:53:01.0812 2144 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
22:53:01.0843 2144 SSDPSRV - ok
22:53:01.0937 2144 [ FBDE69A26D433951DF4818D3473D7429 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
22:53:02.0000 2144 STHDA - ok
22:53:02.0046 2144 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
22:53:02.0078 2144 stisvc - ok
22:53:02.0125 2144 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:53:02.0125 2144 streamip - ok
22:53:02.0156 2144 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
22:53:02.0156 2144 swenum - ok
22:53:02.0171 2144 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
22:53:02.0187 2144 swmidi - ok
22:53:02.0187 2144 SwPrv - ok
22:53:02.0234 2144 [ 327786C5D6BCF284FAB14C2B5751F514 ] Swupdtmr c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
22:53:02.0250 2144 Swupdtmr - ok
22:53:02.0359 2144 [ BC59BC3B68D45EB1716CC95E567A3B69 ] Symantec AntiVirus C:\Program Files\Symantec AntiVirus\Rtvscan.exe
22:53:02.0437 2144 Symantec AntiVirus - ok
22:53:02.0453 2144 symc810 - ok
22:53:02.0453 2144 symc8xx - ok
22:53:02.0500 2144 [ B3F8B9EAB2EBE205C0FE053FBA951D8C ] SymEvent C:\Program Files\Symantec\SYMEVENT.SYS
22:53:02.0515 2144 SymEvent - ok
22:53:02.0578 2144 [ 7C73B65F1BDFAB9052A5076C0CA622DE ] SYMREDRV C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
22:53:02.0578 2144 SYMREDRV - ok
22:53:02.0625 2144 [ B4562798891DCA27ED67CA07ACBADBD9 ] SYMTDI C:\WINDOWS\System32\Drivers\SYMTDI.SYS
22:53:02.0640 2144 SYMTDI - ok
22:53:02.0656 2144 sym_hi - ok
22:53:02.0656 2144 sym_u3 - ok
22:53:02.0687 2144 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
22:53:02.0703 2144 sysaudio - ok
22:53:02.0734 2144 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
22:53:02.0750 2144 SysmonLog - ok
22:53:02.0812 2144 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
22:53:02.0828 2144 TapiSrv - ok
22:53:02.0875 2144 [ 7147B0575BCC93A6AB7D5C90F47C0B9F ] tbiosdrv C:\WINDOWS\system32\DRIVERS\tbiosdrv.sys
22:53:02.0875 2144 tbiosdrv - ok
22:53:02.0890 2144 [ 1F1B3AA534DB6107118BF7942275F100 ] TBtnKey C:\WINDOWS\system32\DRIVERS\TBtnKey.sys
22:53:02.0906 2144 TBtnKey - ok
22:53:02.0953 2144 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:53:02.0968 2144 Tcpip - ok
22:53:02.0984 2144 [ FC6FE02F400308606A911640E72326B5 ] TcUsb C:\WINDOWS\system32\Drivers\tcusb.sys
22:53:03.0000 2144 TcUsb - ok
22:53:03.0031 2144 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
22:53:03.0046 2144 TDPIPE - ok
22:53:03.0062 2144 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
22:53:03.0078 2144 TDTCP - ok
22:53:03.0125 2144 [ 4A80E7A7D65560AA26E10B4C0A77D87A ] TEchoCan C:\WINDOWS\system32\DRIVERS\TEchoCan.sys
22:53:03.0171 2144 TEchoCan - ok
22:53:03.0203 2144 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
22:53:03.0218 2144 TermDD - ok
22:53:03.0265 2144 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
22:53:03.0312 2144 TermService - ok
22:53:03.0328 2144 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
22:53:03.0343 2144 Themes - ok
22:53:03.0359 2144 [ 9A932560E9246B0D370FB97789BC0FD4 ] Thpdrv C:\WINDOWS\system32\DRIVERS\thpdrv.sys
22:53:03.0359 2144 Thpdrv - ok
22:53:03.0375 2144 [ 51B3DFBE72CE64FAF326C07CCBB5D632 ] Thpevm C:\WINDOWS\system32\DRIVERS\Thpevm.SYS
22:53:03.0390 2144 Thpevm - ok
22:53:03.0421 2144 [ 737AC9EC5E8107B72152E4F9C0AE1694 ] Thpsrv C:\WINDOWS\system32\ThpSrv.exe
22:53:03.0468 2144 Thpsrv - ok
22:53:03.0515 2144 [ 28B7F973C36D157A7885B1AE42A4A2A9 ] tifm21 C:\WINDOWS\system32\drivers\tifm21.sys
22:53:03.0546 2144 tifm21 - ok
22:53:03.0593 2144 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
22:53:03.0625 2144 TlntSvr - ok
22:53:03.0656 2144 [ 684BFB1E9ABB05D3F48C53F3CD16A3E6 ] TMEI3E C:\WINDOWS\system32\Drivers\TMEI3E.SYS
22:53:03.0671 2144 TMEI3E - ok
22:53:03.0734 2144 [ 1251AFE77CE784D447E0D09DEAD08F1B ] Tmesrv C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe
22:53:03.0750 2144 Tmesrv - ok
22:53:03.0765 2144 TosIde - ok
22:53:03.0781 2144 [ CC069342EE0EAE55B32A0AE99CF6185C ] tosrfec C:\WINDOWS\system32\DRIVERS\tosrfec.sys
22:53:03.0796 2144 tosrfec - ok
22:53:03.0828 2144 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
22:53:03.0843 2144 TrkWks - ok
22:53:03.0875 2144 [ CCF4F8F8240F7057BF864EF73E91DCBB ] TVALZ C:\WINDOWS\system32\DRIVERS\TVALZ.SYS
22:53:03.0875 2144 TVALZ - ok
22:53:03.0906 2144 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
22:53:03.0921 2144 Udfs - ok
22:53:03.0937 2144 ultra - ok
22:53:03.0968 2144 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
22:53:03.0984 2144 Update - ok
22:53:04.0015 2144 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
22:53:04.0046 2144 upnphost - ok
22:53:04.0062 2144 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
22:53:04.0078 2144 UPS - ok
22:53:04.0109 2144 [ 4B8A9C16B6D9258ED99C512AECB8C555 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
22:53:04.0125 2144 USBAAPL - ok
22:53:04.0171 2144 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
22:53:04.0187 2144 usbaudio - ok
22:53:04.0203 2144 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:53:04.0218 2144 usbccgp - ok
22:53:04.0265 2144 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:53:04.0281 2144 usbehci - ok
22:53:04.0296 2144 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:53:04.0328 2144 usbhub - ok
22:53:04.0375 2144 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:53:04.0375 2144 usbprint - ok
22:53:04.0421 2144 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:53:04.0437 2144 usbscan - ok
22:53:04.0468 2144 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:53:04.0484 2144 USBSTOR - ok
22:53:04.0515 2144 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:53:04.0531 2144 usbuhci - ok
22:53:04.0578 2144 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
22:53:04.0593 2144 VgaSave - ok
22:53:04.0609 2144 ViaIde - ok
22:53:04.0640 2144 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
22:53:04.0656 2144 VolSnap - ok
22:53:04.0703 2144 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
22:53:04.0718 2144 VSS - ok
22:53:04.0750 2144 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
22:53:04.0765 2144 W32Time - ok
22:53:04.0812 2144 [ ACED8C149B30F8496C237BCBA3727B48 ] WacomPen C:\WINDOWS\system32\DRIVERS\wacompen.sys
22:53:04.0828 2144 WacomPen - ok
22:53:04.0843 2144 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:53:04.0859 2144 Wanarp - ok
22:53:04.0890 2144 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw C:\WINDOWS\system32\DRIVERS\wanatw4.sys
22:53:04.0906 2144 wanatw - ok
22:53:04.0984 2144 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
22:53:05.0015 2144 Wdf01000 - ok
22:53:05.0015 2144 WDICA - ok
22:53:05.0031 2144 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
22:53:05.0046 2144 wdmaud - ok
22:53:05.0078 2144 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
22:53:05.0093 2144 WebClient - ok
22:53:05.0187 2144 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
22:53:05.0218 2144 winmgmt - ok
22:53:05.0328 2144 [ D9250B31B353EE3322C1CAD411997E38 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:53:05.0500 2144 wlidsvc - ok
22:53:05.0546 2144 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
22:53:05.0546 2144 WmdmPmSN - ok
22:53:05.0609 2144 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
22:53:05.0625 2144 Wmi - ok
22:53:05.0671 2144 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
22:53:05.0687 2144 WmiApSrv - ok
22:53:05.0812 2144 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
22:53:05.0968 2144 WMPNetworkSvc - ok
22:53:06.0000 2144 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
22:53:06.0015 2144 WS2IFSL - ok
22:53:06.0046 2144 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
22:53:06.0078 2144 wscsvc - ok
22:53:06.0093 2144 WSearch - ok
22:53:06.0125 2144 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:53:06.0140 2144 WSTCODEC - ok
22:53:06.0156 2144 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
22:53:06.0156 2144 wuauserv - ok
22:53:06.0203 2144 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:53:06.0218 2144 WudfPf - ok
22:53:06.0250 2144 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:53:06.0265 2144 WudfRd - ok
22:53:06.0296 2144 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
22:53:06.0312 2144 WudfSvc - ok
22:53:06.0359 2144 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
22:53:06.0375 2144 WZCSVC - ok
22:53:06.0406 2144 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
22:53:06.0421 2144 xmlprov - ok
22:53:06.0437 2144 ================ Scan global ===============================
22:53:06.0484 2144 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
22:53:06.0531 2144 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
22:53:06.0562 2144 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
22:53:06.0593 2144 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
22:53:06.0593 2144 [Global] - ok
22:53:06.0593 2144 ================ Scan MBR ==================================
22:53:06.0625 2144 [ 09CE7397AF23D4C0B331B89D0297CC7E ] \Device\Harddisk0\DR0
22:53:06.0968 2144 \Device\Harddisk0\DR0 - ok
22:53:06.0968 2144 ================ Scan VBR ==================================
22:53:06.0968 2144 [ 877A8468B35D7629F0E87D03F3A57A2D ] \Device\Harddisk0\DR0\Partition1
22:53:06.0968 2144 \Device\Harddisk0\DR0\Partition1 - ok
22:53:06.0968 2144 ============================================================
22:53:06.0968 2144 Scan finished
22:53:06.0968 2144 ============================================================
22:53:06.0984 6136 Detected object count: 0
22:53:06.0984 6136 Actual detected object count: 0
22:53:12.0203 2652 Deinitialize success


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-20 22:56:22
-----------------------------
22:56:22.875 OS Version: Windows 5.1.2600 Service Pack 3
22:56:22.875 Number of processors: 2 586 0xF02
22:56:22.875 ComputerName: JULIE UserName:
22:56:33.859 Initialize success
23:04:03.625 AVAST engine defs: 12112000
23:05:30.500 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Scsi\KR10I1Port1Path0Target0Lun0
23:05:30.500 Disk 0 Vendor: TOSHIBA_ ____ Size: 76317MB BusType: 1
23:05:30.515 Disk 0 MBR read successfully
23:05:30.515 Disk 0 MBR scan
23:05:30.625 Disk 0 Windows XP default MBR code
23:05:30.640 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 70268 MB offset 63
23:05:30.671 Disk 0 Partition 2 00 1C Hidd FAT32 LBA MSDOS5.0 6047 MB offset 143910270
23:05:30.687 Disk 0 scanning sectors +156296385
23:05:30.781 Disk 0 scanning C:\WINDOWS\system32\drivers
23:05:55.125 Service scanning
23:06:46.843 Modules scanning
23:07:13.515 Module: C:\WINDOWS\System32\DLA\DLADResN.SYS **SUSPICIOUS**
23:07:19.765 Disk 0 trace - called modules:
23:07:19.781 ntoskrnl.exe CLASSPNP.SYS disk.sys thpdrv.sys hal.dll SCSIPORT.SYS KR10I.sys
23:07:19.796 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86fc5548]
23:07:19.796 3 CLASSPNP.SYS[f76eafd7] -> nt!IofCallDriver -> \Device\THPDRV[0x86eddba0]
23:07:19.796 5 thpdrv.sys[f76fc71d] -> nt!IofCallDriver -> \Device\Scsi\KR10I1Port1Path0Target0Lun0[0x86fac030]
23:07:21.203 AVAST engine scan C:\WINDOWS
23:08:13.578 AVAST engine scan C:\WINDOWS\system32
23:15:02.343 AVAST engine scan C:\WINDOWS\system32\drivers
23:15:25.890 AVAST engine scan C:\Documents and Settings\JulieF
23:27:04.078 AVAST engine scan C:\Documents and Settings\All Users
23:29:08.406 Scan finished successfully
23:30:46.171 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\JulieF\Desktop\Cleanup\MBR.dat"
23:30:46.171 The log file has been saved successfully to "C:\Documents and Settings\JulieF\Desktop\Cleanup\aswMBR.txt"


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-20 22:56:22
-----------------------------
22:56:22.875 OS Version: Windows 5.1.2600 Service Pack 3
22:56:22.875 Number of processors: 2 586 0xF02
22:56:22.875 ComputerName: JULIE UserName:
22:56:33.859 Initialize success
23:04:03.625 AVAST engine defs: 12112000
23:05:30.500 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Scsi\KR10I1Port1Path0Target0Lun0
23:05:30.500 Disk 0 Vendor: TOSHIBA_ ____ Size: 76317MB BusType: 1
23:05:30.515 Disk 0 MBR read successfully
23:05:30.515 Disk 0 MBR scan
23:05:30.625 Disk 0 Windows XP default MBR code
23:05:30.640 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 70268 MB offset 63
23:05:30.671 Disk 0 Partition 2 00 1C Hidd FAT32 LBA MSDOS5.0 6047 MB offset 143910270
23:05:30.687 Disk 0 scanning sectors +156296385
23:05:30.781 Disk 0 scanning C:\WINDOWS\system32\drivers
23:05:55.125 Service scanning
23:06:46.843 Modules scanning
23:07:13.515 Module: C:\WINDOWS\System32\DLA\DLADResN.SYS **SUSPICIOUS**
23:07:19.765 Disk 0 trace - called modules:
23:07:19.781 ntoskrnl.exe CLASSPNP.SYS disk.sys thpdrv.sys hal.dll SCSIPORT.SYS KR10I.sys
23:07:19.796 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86fc5548]
23:07:19.796 3 CLASSPNP.SYS[f76eafd7] -> nt!IofCallDriver -> \Device\THPDRV[0x86eddba0]
23:07:19.796 5 thpdrv.sys[f76fc71d] -> nt!IofCallDriver -> \Device\Scsi\KR10I1Port1Path0Target0Lun0[0x86fac030]
23:07:21.203 AVAST engine scan C:\WINDOWS
23:08:13.578 AVAST engine scan C:\WINDOWS\system32
23:15:02.343 AVAST engine scan C:\WINDOWS\system32\drivers
23:15:25.890 AVAST engine scan C:\Documents and Settings\JulieF
23:27:04.078 AVAST engine scan C:\Documents and Settings\All Users
23:29:08.406 Scan finished successfully
23:30:46.171 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\JulieF\Desktop\Cleanup\MBR.dat"
23:30:46.171 The log file has been saved successfully to "C:\Documents and Settings\JulieF\Desktop\Cleanup\aswMBR.txt"



C:\Documents and Settings\JulieF\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_0005c1 a variant of Win32/InstallBrain application cleaned by deleting - quarantined
C:\Documents and Settings\JulieF\Local Settings\Temp\97.tmp NSIS/TrojanDownloader.Agent.NKL trojan cleaned by deleting - quarantined
C:\Documents and Settings\JulieF\Local Settings\Temp\ibtmp9d74296\component_129.decrpt NSIS/TrojanDownloader.Agent.NKL trojan cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:41 AM

Posted 21 November 2012 - 02:21 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 mercuryrsng

mercuryrsng
  • Topic Starter

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:03:41 AM

Posted 21 November 2012 - 01:37 PM

Working on those scans. Norton antivirus is reporting Bloodhound.MalPE. It always finds that and no matter how many times it quarantines it, it always finds it again. I will have those other scan results shortly.

#6 mercuryrsng

mercuryrsng
  • Topic Starter

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:03:41 AM

Posted 21 November 2012 - 02:23 PM

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.19.10

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
JulieF :: JULIE [administrator]

11/21/2012 9:32:24 AM
mbam-log-2012-11-21 (09-32-24).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 374352
Time elapsed: 2 hour(s), 16 minute(s), 43 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\System Volume Information\_restore{54B45C65-99B6-4E80-9C3F-EFA62303F8BB}\RP969\A0076282.exe (PUP.BundleInstaller.IB) -> Quarantined and deleted successfully.

(end)



MiniToolBox by Farbar Version: 10-11-2012 02
Ran by JulieF (administrator) on 21-11-2012 at 13:27:44
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

192.168.5.3 SERVER-PC


127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.123topsearch.com
127.0.0.1 123topsearch.com

There are 10544 more lines starting with "127.0.0.1"

========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/21/2012 10:54:20 AM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Threat: Bloodhound.MalPE in File: C:\System Volume Information\_restore{54B45C65-99B6-4E80-9C3F-EFA62303F8BB}\RP989\A0079205.exe by: Auto-Protect scan. Action: Quarantine succeeded : Access denied. Action Description: The file was quarantined successfully.

Error: (11/21/2012 10:54:20 AM) (Source: Symantec AntiVirus) (User: )
Description: Threat Found!Threat: Bloodhound.MalPE in File: C:\System Volume Information\_restore{54B45C65-99B6-4E80-9C3F-EFA62303F8BB}\RP989\A0079205.exe by: Auto-Protect scan. Action: Quarantine succeeded : Access denied. Action Description: The file was quarantined successfully.

Error: (11/21/2012 10:54:18 AM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Threat: Bloodhound.MalPE in File: C:\System Volume Information\_restore{54B45C65-99B6-4E80-9C3F-EFA62303F8BB}\RP989\A0079205.exe by: Auto-Protect scan. Action: Quarantine succeeded. Action Description: The file was quarantined successfully.

Error: (11/20/2012 03:51:19 PM) (Source: MsiInstaller) (User: JULIE)
Description: Product: Microsoft Office Live Add-in 1.5 -- Error 1714. The older version of Microsoft Office Live Add-in 1.5 cannot be removed. Contact your technical support group. System Error 1612.

Error: (11/20/2012 03:45:41 PM) (Source: Windows Search Service) (User: )
Description: Performance monitoring cannot be initialized for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Context: Application, SystemIndex Catalog

Error: (11/20/2012 03:45:40 PM) (Source: Windows Search Service) (User: )
Description: Performance monitoring cannot be initialized for the gatherer service, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Error: (11/20/2012 03:21:01 PM) (Source: Windows Search Service) (User: )
Description: Performance monitoring cannot be initialized for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Context: Application, SystemIndex Catalog

Error: (11/20/2012 03:21:00 PM) (Source: Windows Search Service) (User: )
Description: Performance monitoring cannot be initialized for the gatherer service, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Error: (11/20/2012 02:55:08 PM) (Source: Windows Search Service) (User: )
Description: Performance monitoring cannot be initialized for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Context: Application, SystemIndex Catalog

Error: (11/20/2012 02:55:07 PM) (Source: Windows Search Service) (User: )
Description: Performance monitoring cannot be initialized for the gatherer service, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.


System errors:
=============
Error: (11/21/2012 09:25:08 AM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%1053

Error: (11/21/2012 09:25:08 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Google Update Service (gupdate) service to connect.

Error: (11/20/2012 10:35:17 PM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%1053

Error: (11/20/2012 10:35:17 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Google Update Service (gupdate) service to connect.

Error: (11/20/2012 10:34:31 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.119 for the Network Card with network address 001B77C5C077 has been
denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

Error: (11/20/2012 04:48:35 PM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%1053

Error: (11/20/2012 04:48:35 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Google Update Service (gupdate) service to connect.

Error: (11/20/2012 04:25:11 PM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070652: Office Live add-in 1.5.

Error: (11/20/2012 04:01:09 PM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%1053

Error: (11/20/2012 04:01:09 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Google Update Service (gupdate) service to connect.


Microsoft Office Sessions:
=========================
Error: (02/12/2010 02:11:28 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 8, Application Name: Microsoft Office Publisher, Application Version: 12.0.6501.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10470 seconds with 180 seconds of active time. This session ended with a crash.

Error: (01/08/2010 04:22:01 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 8, Application Name: Microsoft Office Publisher, Application Version: 12.0.6501.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 92 seconds with 60 seconds of active time. This session ended with a crash.

Error: (01/08/2010 04:20:19 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 8, Application Name: Microsoft Office Publisher, Application Version: 12.0.6501.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1308 seconds with 1200 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

32 Bit HP CIO Components Installer (Version: 6.1.1)
4500_G510gm_Help (Version: 000.0.439.000)
4500G510gm (Version: 000.0.423.000)
4500G510gm_Software_Min (Version: 000.0.423.000)
Acrobat.com (Version: 1.6.65)
Adobe Bridge 1.0 (Version: 001.000.000)
Adobe Common File Installer (Version: 1.00.0000)
Adobe Flash Player 10 Plugin (Version: 10.0.45.2)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.63)
Adobe Help Center 1.0 (Version: 001.000.000)
Adobe Photoshop CS2 (Version: 9.0)
Adobe Reader 9.4.6 (Version: 9.4.6)
Adobe Reader 9.5.2 (Version: 9.5.2)
Adobe Stock Photos 1.0 (Version: 001.000.000)
Agilix GoBinder Lite (Version: 4.0.905)
AIO_Scan (Version: 90.0.200.000)
All To PDF (Version: 4.1.0.0)
Amazon Unbox Video (Version: 2.1.0.124)
Apple Application Support (Version: 1.3.2)
Apple Mobile Device Support (Version: 3.2.0.47)
Apple Software Update (Version: 2.1.1.116)
Audible Download Manager (Version: 6.6.0.12)
Bing Bar (Version: 7.0.850.0)
Bluetooth Stack for Windows by Toshiba (Version: v4.00.36(T))
Bonjour (Version: 2.0.3.0)
BufferChm (Version: 130.0.331.000)
Business Contact Manager for Outlook 2007 SP2 (Version: 3.0.8619.1)
CD/DVD Drive Acoustic Silencer (Version: 1.00.008)
Click to Call with Skype (Version: 5.5.8013)
CollaborateMD 8.1.3
Copy (Version: 90.0.146.000)
Coupon Printer for Windows (Version: 5.0.0.1)
Critical Update for Windows Media Player 11 (KB959772)
Crystal Reports 2008 Runtime (Version: 12.0.0.683)
CustomerResearchQFolder (Version: 1.00.0000)
Dell Touchpad (Version: 7.1208.101.125)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.372.000)
DeviceManagementQFolder (Version: 1.00.0000)
DJ_AIO_ProductContext (Version: 90.0.201.000)
DJ_AIO_Software (Version: 90.0.200.000)
DJ_AIO_Software_min (Version: 90.0.200.000)
DocMgr (Version: 130.0.000.000)
DocProc (Version: 13.0.0.0)
Driver Detective (Version: 6.3.0)
Driver Performer (Version: 11.10.1.11897)
DVD-RAM Driver (Version: 5.0.2.5)
ESET Online Scanner v3
eSupportQFolder (Version: 1.00.0000)
EZBook 10.1.2 (Version: EZBook)
EZBook 9.0.043 (Version: EZBook)
F4100 (Version: 90.0.200.000)
F4100_doccd (Version: 90.0.200.000)
F4100_Help (Version: 90.0.200.000)
Fax (Version: 130.0.418.000)
Google Chrome (Version: 18.0.1025.162)
Google Chrome Frame (Version: 18.0.1025.162)
Google Earth (Version: 6.1.0.5001)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
GoToMyPC
GPBaseService2 (Version: 130.0.371.000)
Hard Disk Recovery Utilities
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Deskjet All-In-One Software 9.0 (Version: 9.0)
HP Document Manager 2.0 (Version: 2.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Officejet 4500 G510g-m (Version: 13.0)
HP Photosmart Essential 2.01 (Version: 2.01)
HP Photosmart Essential2.01 (Version: 1.01.0000)
HP Smart Web Printing 4.5 (Version: 4.5)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 4.000.011.006)
HPProductAssistant (Version: 130.0.371.000)
Ink Art (Version: 1.3)
Intel® Graphics Media Accelerator Driver (Version: 6.14.10.4436)
Intel® Network Connections Drivers (Version: 16.7)
Intel® PROSet/Wireless Software (Version: 10.50.0000)
Inter-Tel Collaboration Client 2.0 (Version: 4.2.2.0)
InterActual Player
InterVideo WinDVD for TOSHIBA (Version: 5.0-B11.529)
iTunes (Version: 10.0.1.22)
J2SE Runtime Environment 5.0 Update 7 (Version: 1.5.0.70)
Java 7 Update 9 (Version: 7.0.90)
Java™ 6 Update 37 (Version: 6.0.370)
Java™ 6 Update 7 (Version: 1.6.0.70)
Junk Mail filter update (Version: 14.0.8089.726)
jZip
KODAK EASYSHARE Gallery Upload ActiveX Control
Kyocera Product Library (Version: 2.0.713)
LiveUpdate 2.6 (Symantec Corporation) (Version: 2.6.18.0)
Logitech QuickCam (Version: 11.10.2030)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
MarketResearch (Version: 130.0.374.000)
McAfee Security Scan Plus (Version: 2.0.181.2)
mCore (Version: 7.05.0000)
mDrWiFi (Version: 7.05.0000)
mHelp (Version: 7.05.0000)
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.0 Security Update (KB2698035)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Education Pack for Windows XP Tablet PC Edition (Version: 1.0.0)
Microsoft Energy Blue Theme Pack (Version: 1.0.0)
Microsoft Experience Pack for Tablet PC (Version: 1.0.0)
Microsoft Ink Crossword (Version: 1.1)
Microsoft Ink Desktop (Version: 1.0.0)
Microsoft IntelliPoint 7.0 (Version: 7.0.260.0)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Media Transfer (Version: 1.0)
Microsoft National Language Support Downlevel APIs
Microsoft Office 2003 Web Components (Version: 11.0.8173.0)
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Accounting 2007 (Version: 2.0.7503.0)
Microsoft Office Accounting ADP Payroll Addin (Version: 0.0.0.0)
Microsoft Office Accounting Equifax Addin (Version: 2.0.7416.00)
Microsoft Office Accounting Fixed Asset Manager (Version: 2.0.7416.00)
Microsoft Office Accounting PayPal Addin (Version: 2.0.7416.00)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.4 (Version: 2.0.3008.0)
Microsoft Office OneNote 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 12.0.6423.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Small Business Connectivity Components (Version: 2.0.7024.0)
Microsoft Office Visio 2007 Service Pack 3 (SP3)
Microsoft Office Visio MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Visio Professional 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Snipping Tool 2.0 (Version: 2.0)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.4.5000.00)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.5000.00)
Microsoft SQL Server VSS Writer (Version: 9.00.5000.00)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
mIWA (Version: 7.05.0000)
mLogView (Version: 7.05.0000)
mMHouse (Version: 7.05.0000)
mPfMgr (Version: 7.05.0000)
mPfWiz (Version: 7.05.0000)
mProSafe (Version: 9.00.0000)
MSN
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6.0 Parser (KB933579) (Version: 6.10.1200.0)
mWlsSafe (Version: 7.05.0000)
mXML (Version: 7.05.0000)
mZConfig (Version: 7.05.0000)
Netflix Movie Viewer (Version: 1.2.211)
Network (Version: 130.0.374.000)
Norton Internet Security (Symantec Corporation) (Version: 10.2.0.30)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
Octoshape add-in for Adobe Flash Player
Office 2003 Trial Assistant (Version: 1.0.0)
OpenOffice.org Installer 1.0 (Version: 1.0.9221)
Protector Suite 5.4 (Version: 5.4.0.2934)
PSSWCORE (Version: 2.01.0000)
QuickBooks Pro 2006 (Version: )
QuickTime (Version: 7.68.75.0)
RealPlayer Basic
RedMon - Redirection Port Monitor
Safari (Version: 3.525.13.3)
Scan (Version: 13.0.0.0)
SD Secure Module (Version: 1.0.4)
Segoe UI (Version: 14.0.4327.805)
SigmaTel Audio (Version: 5.10.4650.0)
Skype™ 5.10 (Version: 5.10.116)
SmartWebPrinting (Version: 130.0.373.000)
SolutionCenter (Version: 130.0.373.000)
Sonic DLA (Version: 5.2.0)
Sonic RecordNow! (Version: 7.31)
SpecialSavings
Status (Version: 130.0.373.000)
Symantec AntiVirus (Version: 10.0.359.0)
Texas Instruments PCIxx21/x515/xx12 drivers. (Version: 1.16.0000)
The Weather Channel Desktop
TheraOffice (Version: 09.1.0.15)
TIPCI (Version: 1.16.0000)
Toolbox (Version: 130.0.648.000)
TOSHIBA Accelerometer Utilities (Version: 2.02.02)
TOSHIBA Assist
TOSHIBA ConfigFree (Version: 5.90.06)
TOSHIBA Controls
TOSHIBA Display Devices Change Utility
TOSHIBA HDD Protection (Version: 1.01.08e)
TOSHIBA Hotkey Utility for Display Devices
TOSHIBA Mic Effect (Version: 2.06.00)
TOSHIBA Mobile Extension3 for Windows XP V3.80.00.XP
TOSHIBA Password Utility (Version: 2.01.01)
TOSHIBA PC Diagnostic Tool
TOSHIBA Power Saver (Version: 7.08.02)
TOSHIBA RAID Utility (Version: 1.3.4.0)
Toshiba Registration (Version: 1.00.0000)
TOSHIBA Rotation Utility (Version: 4.00.00.06)
TOSHIBA SD Memory Boot Utility (Version: 1.1.0.0A)
TOSHIBA SD Memory Card Format
TOSHIBA Security Assist (Version: 1.1.8)
TOSHIBA Software Modem (Version: 2.1.62 (SM2162ALD04))
TOSHIBA Software Upgrades (Version: 4.2)
TOSHIBA Tablet Access Code Logon Utility (Version: 1.16.00)
TOSHIBA TouchPad On/Off Utility V2.05.01
TOSHIBA Utilities (Version: 4.30.11)
TOSHIBA Wireless Key Logon (Version: 1.0.0.13)
TOSHIBA Zooming Utility
TrayApp (Version: 130.0.376.000)
Unity Web Player (Version: )
University of Delaware (Version: 3.0.0)
UnloadSupport (Version: 9.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760413) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Visio 2007 Help (KB963666)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 7 (KB976749) (Version: 1)
Update for Windows Internet Explorer 7 (KB980182) (Version: 1)
Update for Windows Internet Explorer 8 (KB2447568) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2616676-v2) (Version: 2)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VideoToolkit01 (Version: 90.0.146.000)
Viewpoint Media Player
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 130.0.132.017)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 7 (Version: 20061107.210142)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8098.930)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Family Safety (Version: 14.0.8093.805)
Windows Live ID Sign-in Assistant (Version: 6.500.3146.0)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
Windows Media Format 11 runtime
Windows Search 4.0 (Version: 04.00.6001.503)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinZip 11.2 (Version: 11.2.8094)
Wireless Hotkey (Version: 2.0.0.6)

========================= Memory info: ===================================

Percentage of memory in use: 64%
Total physical RAM: 1014.85 MB
Available physical RAM: 355.58 MB
Total Pagefile: 2444.23 MB
Available Pagefile: 1698.36 MB
Total Virtual: 2047.88 MB
Available Virtual: 1973.36 MB

========================= Partitions: =====================================

1 Drive c: (SQ004491P04) (Fixed) (Total:68.62 GB) (Free:10.96 GB) NTFS

========================= Users: ========================================

User accounts for \\JULIE

Administrator ASPNET Guest
HelpAssistant JulieF Pam
SUPPORT_388945a0

========================= Restore Points ==================================

04-10-2012 22:44:10 System Checkpoint
18-10-2012 21:14:52 System Checkpoint
03-11-2012 03:02:54 Restore Operation
20-11-2012 04:24:54 System Checkpoint
20-11-2012 18:52:42 Removed Java™ 6 Update 31
20-11-2012 18:53:57 Installed Java™ 6 Update 37
20-11-2012 19:05:52 Before Cleanup
20-11-2012 19:24:45 Software Distribution Service 3.0
20-11-2012 21:24:56 Software Distribution Service 3.0
20-11-2012 21:38:32 Installed Java 7 Update 9

**** End of log ****





Farbar Service Scanner Version: 09-11-2012
Ran by JulieF (administrator) on 21-11-2012 at 13:34:14
Running from "C:\Documents and Settings\JulieF\My Documents\Downloads"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
AegisP(9) fssfltr(12) Gpc(6) IPSec(4) NetBT(5) PSched(7) s24trans(8) SYMTDI(11) Tcpip(3)
0x0E000000040000000100000002000000030000000B0000000A00000005000000060000000700000008000000090000000C0000000D0000000E000000
IpSec Tag value is correct.

**** End of log ****


# AdwCleaner v2.008 - Logfile created 11/21/2012 at 13:53:04
# Updated 17/11/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : JulieF - JULIE
# Boot Mode : Normal
# Running from : C:\Documents and Settings\JulieF\My Documents\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\WINDOWS\system32\conduitEngine.tmp
Folder Deleted : C:\Documents and Settings\All Users\Application Data\boost_interprocess
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\JulieF\Application Data\PriceGong
Folder Deleted : C:\Documents and Settings\JulieF\Local Settings\Application Data\Conduit
Folder Deleted : C:\Documents and Settings\JulieF\Start Menu\Programs\SpecialSavings
Folder Deleted : C:\Documents and Settings\Pam\Application Data\Dealio
Folder Deleted : C:\Documents and Settings\Pam\Local Settings\Application Data\Conduit
Folder Deleted : C:\Documents and Settings\Pam\Local Settings\Application Data\ConduitEngine
Folder Deleted : C:\Program Files\SpecialSavings
Folder Deleted : C:\Program Files\Viewpoint

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\SpecialSavings
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2426}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6A87B991-A31F-4130-AE72-6D0C294BF082}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7DA17D5A-5718-4130-A605-FC316C827836}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A69A551A-1AAE-4B67-8C2E-52F8B8A19504}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6AC4F2-9825-4FB6-A600-92BC5361F209}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E908B145-C847-4E85-B315-07E2E70DECF8}
Key Deleted : HKCU\Software\PriceGong
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A69A551A-1AAE-4B67-8C2E-52F8B8A19504}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF6AC4F2-9825-4FB6-A600-92BC5361F209}
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2452474
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A69A551A-1AAE-4B67-8C2E-52F8B8A19504}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2426}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ShoppingReport
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SpecialSavings
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpecialSavings
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\Software\TENCENT
Key Deleted : HKLM\Software\Viewpoint
Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.searchcore.net/426 --> hxxp://www.google.com

-\\ Google Chrome v [Unable to get version]

File : C:\Documents and Settings\Pam\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Documents and Settings\JulieF\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

Deleted [l.16] : homepage = "hxxp://www.searchcore.net/426",
Deleted [l.1559] : homepage = "hxxp://www.searchcore.net/426",

*************************

AdwCleaner[S2].txt - [5787 octets] - [21/11/2012 13:53:04]

########## EOF - C:\AdwCleaner[S2].txt - [5847 octets] ##########



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 3.4.0 (11.21.2012)
OS: Microsoft Windows XP x86
Ran by JulieF on Wed 11/21/2012 at 14:07:37.78
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\JulieF\Application Data\performersoft"
Successfully deleted: [Folder] "C:\Program Files\coupons"





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 11/21/2012 at 14:12:46.09
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:41 AM

Posted 21 November 2012 - 02:52 PM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#8 mercuryrsng

mercuryrsng
  • Topic Starter

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:03:41 AM

Posted 21 November 2012 - 03:10 PM

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/21/2012 03:05:52 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\WINDOWS\system32\DVDRAMSV.exe (PID: 324) [WD-HEUR]
* C:\WINDOWS\system32\ThpSrv.exe (PID: 3260) [WD-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.

* HOSTS file entries found:

127.0.0.1 localhost
192.168.5.3 SERVER-PC
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.123topsearch.com
127.0.0.1 123topsearch.com

20 out of 10565 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 11/21/2012 03:07:11 PM
Execution time: 0 hours(s), 1 minute(s), and 19 seconds(s)




"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files\adobe\reader 9.0\reader\reader_sl.exe"
+ "Apoint" "Alps Pointing-device Driver" "Alps Electric Co., Ltd." "c:\program files\delltpad\apoint.exe"
+ "GoToMyPC" "GoToMyPC Host Loader" "Citrix Online, a division of Citrix Systems, Inc." "c:\program files\citrix\gotomypc\g2svc.exe"
+ "GrooveMonitor" "GrooveMonitor Utility" "Microsoft Corporation" "c:\program files\microsoft office\office12\groovemonitor.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files\quicktime\qttask.exe"
"C:\Documents and Settings\All Users\Start Menu\Programs\Startup" "" "" ""
+ "McAfee Security Scan Plus.lnk" "McAfee Security Scanner Scheduler" "McAfee, Inc." "c:\program files\mcafee security scan\2.0.181\ssscheduler.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Address Book 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
+ "Microsoft Outlook Express 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "swg" "GoogleToolbarNotifier" "Google Inc." "c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "gcf" "" "" "File not found: C:\Program Files\Google\Chrome Frame\Application\18.0.1025.162\npchrome_frame.dll"
+ "grooveLocalGWS" "GrooveSystemServices Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\groovesystemservices.dll"
+ "livecall" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.14.0.8089.0726.dll"
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
+ "msnim" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.14.0.8089.0726.dll"
+ "mso-offdap11" "Microsoft Office Web Components 2003" "Microsoft Corporation" "c:\program files\common files\microsoft shared\web components\11\owc11.dll"
+ "skype-ie-addon-data" "Click to Call with Skype for Internet Explorer" "Skype Technologies S.A." "c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "skype4com" "Skype for COM API" "Skype Technologies" "c:\program files\common files\skype\skype4com.dll"
+ "wlmailhtml" "Windows Live Mail" "Microsoft Corporation" "c:\program files\windows live\mail\mailcomm.dll"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
+ "0" "" "" "File not found: About:Home"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Windows Desktop Search Namespace Manager" "Windows Search Namespace Manager" "Microsoft Corporation" "c:\program files\windows desktop search\msnlnamespacemgr.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "DSCtxMenuP" "" "QuickPDFtoWord" "c:\program files\all_to_pdf\dsctxmenu.dll"
+ "jZip" "jZip shell extension" "Discordia Limited" "c:\program files\jzip\jzipshell.dll"
+ "LDVPMenu" "Symantec AntiVirus" "Symantec Corporation" "c:\program files\common files\symantec shared\ssc\vpshell2.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "My Safe" "MySafe Namespace Extension" "UPEK Inc." "c:\program files\protector suite ql\mysafe.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Classes\Directory\Shellex\PropertySheetHandlers" "" "" ""
+ "My Safe" "MySafe Namespace Extension" "UPEK Inc." "c:\program files\protector suite ql\mysafe.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "My Safe" "MySafe Namespace Extension" "UPEK Inc." "c:\program files\protector suite ql\mysafe.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "AudibleShlExt Class" "AudibleExt Module" "Audible, Inc." "c:\program files\audible\bin\audibleext.dll"
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "jZip" "jZip shell extension" "Discordia Limited" "c:\program files\jzip\jzipshell.dll"
+ "LDVPMenu" "Symantec AntiVirus" "Symantec Corporation" "c:\program files\common files\symantec shared\ssc\vpshell2.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Bing Bar Helper" "Bing Client Extensions" "Microsoft Corporation." "c:\program files\microsoft\bingbar\bingext.dll"
+ "ChromeFrame BHO" "" "" "File not found: C:\Program Files\Google\Chrome Frame\Application\18.0.1025.162\npchrome_frame.dll"
+ "DriveLetterAccess" "Drive Letter Access Component" "Sonic Solutions" "c:\windows\system32\dla\dlashx_w.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files\google\google toolbar\googletoolbar_32.dll"
+ "Google Toolbar Notifier BHO" "" "" "File not found: C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll"
+ "Groove GFS Browser Helper" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "HP Print Enhancer" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll"
+ "HP Smart BHO Class" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\ssv.dll"
+ "Skype Browser Helper" "Click to Call with Skype for Internet Explorer" "Skype Technologies S.A." "c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Bing" "Bing Client Extensions" "Microsoft Corporation." "c:\program files\microsoft\bingbar\bingext.dll"
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files\google\google toolbar\googletoolbar_32.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files\windows live\writer\writerbrowserextension.dll"
+ "Click to call with Skype" "Click to Call with Skype for Internet Explorer" "Skype Technologies S.A." "c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "S&end to OneNote" "Microsoft Office OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office12\onbttnie.dll"
+ "Show or hide HP Smart Web Printing" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll"
+ "Windows Messenger" "Windows Messenger" "Microsoft Corporation" "c:\program files\messenger\msmsgs.exe"
"Task Scheduler" "" "" ""
+ "AppleSoftwareUpdate.job" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"
+ "DriverPerformer_UPDATES.job" "Driver Performer" "PerformerSoft LLC" "c:\program files\driver performer\driverperformer.exe"
+ "GoogleUpdateTaskMachineCore.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "GoogleUpdateTaskMachineUA.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Adobe LM Service" "AdobeLM Service" "Adobe Systems" "c:\program files\common files\adobe systems shared\service\adobelmsvc.exe"
+ "ADVService" "Manages downloads for the Amazon Unbox Video application." "Amazon.com" "c:\program files\amazon\amazon unbox video\advwindowsclientservice.exe"
+ "AgereModemAudio" "Agere Soft Modem Call Progress Service" "Agere Systems" "c:\windows\system32\agrsmsvc.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "BBSvc" "Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar." "Microsoft Corporation." "c:\program files\microsoft\bingbar\bbsvc.exe"
+ "BBUpdate" "Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar." "Microsoft Corporation" "c:\program files\microsoft\bingbar\seaport.exe"
+ "BcmSqlStartupSvc" "Controls the start of the Business Contact Manager SQL Server instance (MSSMLBIZ)." "Microsoft Corporation" "c:\program files\microsoft small business\business contact manager\bcmsqlstartupsvc.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "ccEvtMgr" "Event propagation and logging service" "Symantec Corporation" "c:\program files\common files\symantec shared\ccevtmgr.exe"
+ "ccPwdSvc" "User account management service" "Symantec Corporation" "c:\program files\common files\symantec shared\ccpwdsvc.exe"
+ "ccSetMgr" "Settings storage and management service" "Symantec Corporation" "c:\program files\common files\symantec shared\ccsetmgr.exe"
+ "CFSvcs" "Service of ConfigFree." "TOSHIBA CORPORATION" "c:\program files\toshiba\configfree\cfsvcs.exe"
+ "DefWatch" "Monitors and maintains virus definitions." "Symantec Corporation" "c:\program files\symantec antivirus\defwatch.exe"
+ "DVD-RAM_Service" "DVD-RAM Utility Helper Service" "Matsubleepa Electric Industrial Co., Ltd." "c:\windows\system32\dvdramsv.exe"
+ "EvtEng" "Manages the event trace messages for all the components of Intel® PROSet/Wireless software." "Intel Corporation" "c:\program files\intel\wireless\bin\evteng.exe"
+ "fsssvc" "This service enables Family Safety on the computer. If this service is not running, Family Safety will not work." "Microsoft Corporation" "c:\program files\windows live\family safety\fsssvc.exe"
+ "GoToMyPC" "Citrix GoToMyPC provides remote access to this PC from any Web browser." "Citrix Online, a division of Citrix Systems, Inc." "c:\program files\citrix\gotomypc\g2svc.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files\google\common\google updater\googleupdaterservice.exe"
+ "hpqcxs08" "HP CUE Context Manager Objects" "Hewlett-Packard Co." "c:\program files\hp\digital imaging\bin\hpqcxs08.dll"
+ "hpqddsvc" "This service detects and monitors CUE devices on the system." "Hewlett-Packard Co." "c:\program files\hp\digital imaging\bin\hpqddsvc.dll"
+ "HPSLPSVC" "Discovers and monitors the state and the configuration of the HP devices attached to your network. If the service is stopped, and your network devices change IP addresses, they might become unavailable" "Hewlett-Packard Co." "c:\program files\hp\digital imaging\bin\hpslpsvc32.dll"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "JavaQuickStarterService" "Prefetches JRE files for faster startup of Java applets and applications" "Oracle Corporation" "c:\program files\java\jre7\bin\jqs.exe"
+ "kraidsvc" "TOSHIBA RAID Service" "TOSHIBA Corporation" "c:\program files\toshiba\toshiba raid\service\kraidsvc.exe"
+ "LVCOMSer" "Logitech Video COM Service" "Logitech Inc." "c:\program files\common files\logishrd\lvcomser\lvcomser.exe"
+ "LVPrcSrv" "Injector service" "Logitech Inc." "c:\program files\common files\logishrd\lvmvfm\lvprcsrv.exe"
+ "LVSrvLauncher" "Launcher for Logitech Video Components." "Logitech Inc." "c:\program files\common files\logishrd\srvlnch\srvlnch.exe"
+ "McComponentHostService" "McAfee Security Scan Component Host Service" "McAfee, Inc." "c:\program files\mcafee security scan\2.0.181\mcchsvc.exe"
+ "MDM" "Supports local and remote debugging for Visual Studio and script debuggers. If this service is stopped, the debuggers will not function properly." "Microsoft Corporation" "c:\program files\common files\microsoft shared\vs7debug\mdm.exe"
+ "Microsoft Office Groove Audit Service" "Groove Audit Service" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveauditservice.exe"
+ "MSSQL$MSSMLBIZ" "Provides storage, processing and controlled access of data and rapid transaction processing." "Microsoft Corporation" "c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "pinger" "" "" "c:\toshiba\ivp\ism\pinger.exe"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll"
+ "RegSrvc" "Intel® PROSet/Wireless Registry Service" "Intel Corporation" "c:\program files\intel\wireless\bin\regsrvc.exe"
+ "S24EventMonitor" "Wireless Management Service for Intel® PROSet/Wireless" "Intel Corporation " "c:\program files\intel\wireless\bin\s24evmon.exe"
+ "SavRoam" "Symantec AntiVirus Roaming Service" "symantec" "c:\program files\symantec antivirus\savroam.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files\skype\updater\updater.exe"
+ "SNDSrvc" "Symantec Network Drivers Service" "Symantec Corporation" "c:\program files\common files\symantec shared\sndsrvc.exe"
+ "SPBBCSvc" "Symantec SPBBC" "Symantec Corporation" "c:\program files\common files\symantec shared\spbbc\spbbcsvc.exe"
+ "SQLBrowser" "Provides SQL Server connection information to client computers." "Microsoft Corporation" "c:\program files\microsoft sql server\90\shared\sqlbrowser.exe"
+ "SQLWriter" "Provides the interface to backup/restore Microsoft SQL server through the Windows VSS infrastructure." "Microsoft Corporation" "c:\program files\microsoft sql server\90\shared\sqlwriter.exe"
+ "Swupdtmr" "" "" "c:\toshiba\ivp\swupdate\swupdtmr.exe"
+ "Symantec AntiVirus" "Provides real-time virus scanning, reporting, and management functionality for Symantec AntiVirus." "Symantec Corporation" "c:\program files\symantec antivirus\rtvscan.exe"
+ "Thpsrv" "TOSHIBA HDD Protection Service" "TOSHIBA Corporation" "c:\windows\system32\thpsrv.exe"
+ "Tmesrv" "TOSHIBA MobileExtension Service" "TOSHIBA" "c:\program files\toshiba\tme3\tmesrv31.exe"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AegisP" "AEGIS Protocol (IEEE 802.1x) v3.5.3.0" "Meetinghouse Data Communications" "c:\windows\system32\drivers\aegisp.sys"
+ "AgereSoftModem" "SoftModem Device Driver" "Agere Systems" "c:\windows\system32\drivers\agrsm.sys"
+ "ApfiltrService" "Alps Touch Pad Driver" "Alps Electric Co., Ltd." "c:\windows\system32\drivers\apfiltr.sys"
+ "ASCTRM" "TR Manager" "Windows ® 2000 DDK provider" "c:\windows\system32\drivers\asctrm.sys"
+ "Changer" "" "" "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"
+ "DLABOIOM" "Drive Letter Access Component" "Sonic Solutions" "c:\windows\system32\dla\dlaboiom.sys"
+ "DLACDBHM" "Shared Driver Component" "Sonic Solutions" "c:\windows\system32\drivers\dlacdbhm.sys"
+ "DLADResN" "Drive Letter Access Component" "Sonic Solutions" "c:\windows\system32\dla\dladresn.sys"
+ "DLAIFS_M" "Drive Letter Access Component" "Sonic Solutions" "c:\windows\system32\dla\dlaifs_m.sys"
+ "DLAOPIOM" "Drive Letter Access Component" "Sonic Solutions" "c:\windows\system32\dla\dlaopiom.sys"
+ "DLAPoolM" "Drive Letter Access Component" "Sonic Solutions" "c:\windows\system32\dla\dlapoolm.sys"
+ "DLARTL_N" "Shared Driver Component" "Sonic Solutions" "c:\windows\system32\drivers\dlartl_n.sys"
+ "DLAUDF_M" "Drive Letter Access Component" "Sonic Solutions" "c:\windows\system32\dla\dlaudf_m.sys"
+ "DLAUDFAM" "Drive Letter Access Component" "Sonic Solutions" "c:\windows\system32\dla\dlaudfam.sys"
+ "DRVMCDB" "Device Driver" "Sonic Solutions" "c:\windows\system32\drivers\drvmcdb.sys"
+ "DRVNDDM" "Device Driver Manager" "Sonic Solutions" "c:\windows\system32\drivers\drvnddm.sys"
+ "e1express" "Intel® PRO/1000 Adapter NDIS 5.2 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1e5132.sys"
+ "eeCtrl" "Symantec Eraser Control Driver" "Symantec Corporation" "c:\program files\common files\symantec shared\eengine\eectrl.sys"
+ "EraserUtilDrv11122" "" "" "File not found: C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11122.sys"
+ "EraserUtilDrv11220" "Symantec Eraser Utility Driver" "Symantec Corporation" "c:\program files\common files\symantec shared\eengine\eraserutildrv11220.sys"
+ "FdRedir" "FdRedir Filter Driver" "UPEK Inc." "c:\program files\common files\protector suite ql\drivers\fdredir.sys"
+ "FileDisk2" "Virtual disk encryption driver" "UPEK Inc." "c:\program files\common files\protector suite ql\drivers\filedisk.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "HDAudBus" "High Definition Audio Bus Driver v1.0a" "Windows ® Server 2003 DDK provider" "c:\windows\system32\drivers\hdaudbus.sys"
+ "HPZid412" "IEEE-1284.4-1999 Driver (Windows 2000)" "HP" "c:\windows\system32\drivers\hpzid412.sys"
+ "HPZipr12" "IEEE-1284.4-1999 Print Class Driver" "HP" "c:\windows\system32\drivers\hpzipr12.sys"
+ "HPZius12" "1284.4<->Usb Datalink Driver (Windows 2000)" "HP" "c:\windows\system32\drivers\hpzius12.sys"
+ "i2omgmt" "" "" "File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys"
+ "ialm" "Intel Graphics Miniport Driver" "Intel Corporation" "c:\windows\system32\drivers\ialmnt5.sys"
+ "IFXTPM" "Infineon Trusted Platform Module" "Infineon Technologies AG" "c:\windows\system32\drivers\ifxtpm.sys"
+ "KR10I" "TOSHIBA RAID Driver" "TOSHIBA CORPORATION" "c:\windows\system32\drivers\kr10i.sys"
+ "KR10I2K" "TOSHIBA RAID Driver" "TOSHIBA CORPORATION" "c:\windows\system32\drivers\kr10i2k.sys"
+ "lbrtfdc" "" "" "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"
+ "LVcKap" "Logitech Kernel Audio Processing Filter Driver" "Logitech Inc." "c:\windows\system32\drivers\lvckap.sys"
+ "LVMVDrv" "Logitech Machine Vision Engine Loader" "Logitech Inc." "c:\windows\system32\drivers\lvmvdrv.sys"
+ "LVPr2Mon" "Logitech ProcMon Driver" "Logitech Inc." "c:\windows\system32\drivers\lvpr2mon.sys"
+ "LVUSBSta" "USB Statistic Driver" "Logitech Inc." "c:\windows\system32\drivers\lvusbsta.sys"
+ "LVUVC" "Logitech USB Video Class Driver" "Logitech Inc." "c:\windows\system32\drivers\lvuvc.sys"
+ "meiudf" "DVD-RAM UDF File System Driver" "Matsubleepa Electric Industrial Co.,Ltd." "c:\windows\system32\drivers\meiudf.sys"
+ "NAVENG" "AV Engine" "Symantec Corporation" "c:\program files\common files\symantec shared\virusdefs\20121004.002\naveng.sys"
+ "NAVEX15" "AV Engine" "Symantec Corporation" "c:\program files\common files\symantec shared\virusdefs\20121004.002\navex15.sys"
+ "Netdevio" "TOSHIBA Network Device Usermode I/O Protocol" "TOSHIBA Corporation." "c:\windows\system32\drivers\netdevio.sys"
+ "NETw3x32" "Intel® Wireless LAN Driver" "Intel® Corporation" "c:\windows\system32\drivers\netw3x32.sys"
+ "NETwLx32" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netwlx32.sys"
+ "PCIDump" "" "" "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"
+ "PDCOMP" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"
+ "PDFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"
+ "PDRELI" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"
+ "PDRFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"
+ "Ptilink" "Direct Parallel Link Driver" "Parallel Technologies, Inc." "c:\windows\system32\drivers\ptilink.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "s24trans" "WLAN Transport" "Intel Corporation" "c:\windows\system32\drivers\s24trans.sys"
+ "SAVRT" "AutoProtect" "Symantec Corporation" "c:\program files\symantec antivirus\savrt.sys"
+ "SAVRTPEL" "SAVRTPEL" "Symantec Corporation" "c:\program files\symantec antivirus\savrtpel.sys"
+ "Secdrv" "SafeDisc driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "smihlp" "SMI helper driver" "UPEK Inc." "c:\program files\protector suite ql\smihlp.sys"
+ "SPBBCDrv" "SPBBC Driver" "Symantec Corporation" "c:\program files\common files\symantec shared\spbbc\spbbcdrv.sys"
+ "STHDA" "IDT PC Audio - SHANGHAI DEVELOPMENT CENTER" "IDT, Inc." "c:\windows\system32\drivers\sthda.sys"
+ "SymEvent" "Symantec Event Library" "Symantec Corporation" "c:\program files\symantec\symevent.sys"
+ "SYMREDRV" "Redirector Filter Driver" "Symantec Corporation" "c:\windows\system32\drivers\symredrv.sys"
+ "SYMTDI" "Network Dispatch Driver" "Symantec Corporation" "c:\windows\system32\drivers\symtdi.sys"
+ "tbiosdrv" "" "" "c:\windows\system32\drivers\tbiosdrv.sys"
+ "TBtnKey" "TOSHIBA Tablet PC Buttons Type N HID Driver" "TOSHIBA" "c:\windows\system32\drivers\tbtnkey.sys"
+ "TcUsb" "TouchChip USB Kernel Driver" "UPEK Inc." "c:\windows\system32\drivers\tcusb.sys"
+ "TEchoCan" "TOSHIBA Echo Cancel Filter Driver" "TOSHIBA Corporation" "c:\windows\system32\drivers\techocan.sys"
+ "Thpdrv" "TOSHIBA HDD Protection Driver" "TOSHIBA Corporation" "c:\windows\system32\drivers\thpdrv.sys"
+ "Thpevm" "TOSHIBA HDD Protection - Shock Sensor Driver" "TOSHIBA Corporation" "c:\windows\system32\drivers\thpevm.sys"
+ "tifm21" "tifm21.sys" "Texas Instruments" "c:\windows\system32\drivers\tifm21.sys"
+ "TMEI3E" "Toshiba Mobile Extension Value Added Logical Device Driver" "Toshiba Corporation" "c:\windows\system32\drivers\tmei3e.sys"
+ "tosrfec" "TOSHIBA Bluetooth EC Driver" "TOSHIBA Corporation" "c:\windows\system32\drivers\tosrfec.sys"
+ "TVALZ" "TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver" "TOSHIBA Corporation" "c:\windows\system32\drivers\tvalz.sys"
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl.sys"
+ "wanatw" "Wan Miniport (ATW)" "America Online, Inc." "c:\windows\system32\drivers\wanatw4.sys"
+ "WDICA" "" "" "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.iac2" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "msacm.sl_anet" "Audio codec for MS ACM" "Sipro Lab Telecom Inc." "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch" "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50" "DSP GROUP, INC." "c:\windows\system32\tssoft32.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "VIDC.I420" "Video Codec" "Logitech Inc." "c:\windows\system32\lvcodec2.dll"
+ "vidc.iv31" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv41" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "vidc.iv50" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ACELP.net Audio Decoder" "ACELP.net Audio Decoder" "Sipro Lab Telecom Inc." "c:\windows\system32\acelpdec.ax"
+ "Allocator Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Amazon Format Change Fixer" "Amazon Unbox Video Format Change Fix Filter" "Amazon.com" "c:\program files\amazon\amazon unbox video\formatchangefix.ax"
+ "Audible Words Codec" "Audible Audio Files DirectShow Source Filter" "Audible, Inc." "c:\windows\system32\awrdscdc.ax"
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files\google\google earth\client\wavdest.ax"
+ "Bitmap" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "Frame Eater" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "HP VTK Frame Grabber Filter" "HP Video Toolkit" "Hewlett-Packard Co." "c:\program files\common files\hp\digital imaging\bin\hpqvtk01.dll"
+ "HP VTK MPEG-1 Encoder" "HP Video Toolkit" "Hewlett-Packard Co." "c:\program files\common files\hp\digital imaging\bin\hpqvtk01.dll"
+ "HP VTK Resize Filter" "HP Video Toolkit" "Hewlett-Packard Co." "c:\program files\common files\hp\digital imaging\bin\hpqvtk01.dll"
+ "HP VTK Rotate Filter" "HP Video Toolkit" "Hewlett-Packard Co." "c:\program files\common files\hp\digital imaging\bin\hpqvtk01.dll"
+ "Indeo® audio software" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "Indeo® video 5.10 Compression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "Indeo® video 5.10 Decompression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "InterVideo Audio Decoder" "IVIAUDIO" "InterVideo Inc." "c:\program files\intervideo\common\bin\iviaudio.ax"
+ "InterVideo Audio Processor" "" "" "c:\program files\intervideo\common\bin\iviaudioprocess.ax"
+ "InterVideo Navigator" "IVINAV" "InterVideo Inc." "c:\program files\intervideo\common\bin\ivinav.ax"
+ "InterVideo Video Decoder" "IVIVIDEO" " InterVideo Inc." "c:\program files\intervideo\common\bin\ivivideo.ax"
+ "MPEG Layer-3 Decoder" "MPEG Layer-3 Audio Decoder" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecx.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "Record Queue" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ShotDetect" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WIA Stream Snapshot Filter" "WIA Stream Snapshot Filter" "MyCompanyName" "c:\windows\system32\wiasf.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "GoToMyPC" "GoToMyPC Win-Logon Helper DLL" "Citrix Online, a division of Citrix Systems, Inc." "c:\program files\citrix\gotomypc\g2winlogon.dll"
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
+ "loginkey" "Microsoft Tablet PC Component" "Microsoft Corporation" "c:\program files\common files\microsoft shared\ink\loginkey.dll"
+ "NavLogon" "Symantec AntiVirus Logon Notification" "Symantec Corporation" "c:\windows\system32\navlogon.dll"
+ "psfus" "Logon stub" "UPEK Inc." "c:\windows\system32\psqlpwd.dll"
+ "TosBtNP" "TosBtNP" "TOSHIBA CORPORATION" "c:\windows\system32\tosbtnp.dll"
+ "TSigNP" "TSigNP" "TOSHIBA" "c:\windows\system32\tsignp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "GoToMyPC Port" "GoToMyPC Port Monitor" "Citrix Online, a division of Citrix Systems, Inc." "c:\windows\system32\gotomon.dll"
+ "KM Language Monitor" "KM language monitor" "KYOCERA MITA Corporation" "c:\windows\system32\kmpjlmn.dll"
+ "LIDIL hpzll64X" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpzll64x.dll"
+ "Redirected Port" "" "" "c:\windows\system32\execute.dll"
+ "Toshiba Bluetooth Monitor" "tbtmon98" "Toshiba America Business Solutions, Inc." "c:\windows\system32\tbtmon.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages" "" "" ""
+ "psqlpwd" "Logon stub" "UPEK Inc." "c:\windows\system32\psqlpwd.dll"

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:41 AM

Posted 21 November 2012 - 03:36 PM

Current issues?

#10 mercuryrsng

mercuryrsng
  • Topic Starter

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:03:41 AM

Posted 21 November 2012 - 03:37 PM

Let me play around for a little bit. I will get back to you

#11 mercuryrsng

mercuryrsng
  • Topic Starter

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:03:41 AM

Posted 21 November 2012 - 03:51 PM

I am trying to access the touchpad properties and I get an error message that says "you must install one of the following versions of the .NET Framework. v4.0.30319. I tried to install the latest (4.5) but it's not supported by Windows XP. Also in Automatic updates, Office Live add in 1.5 never installs.

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:41 AM

Posted 21 November 2012 - 04:49 PM

Try this

http://www.microsoft.com/en-us/download/details.aspx?id=17851

#13 mercuryrsng

mercuryrsng
  • Topic Starter

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:03:41 AM

Posted 29 November 2012 - 08:46 PM

That worked. Thanks. I am going to give the computer a once over and then report back with any problems. Also, in my last post I said " Also in Automatic updates, Office Live add in 1.5 never installs. ". Any idea for that?

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:41 AM

Posted 30 November 2012 - 01:45 AM

See if this fixit helps

http://support.microsoft.com/kb/2572738




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users