Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

MBR:whistler-c[rtk]


  • Please log in to reply
9 replies to this topic

#1 alexalexx

alexalexx

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:25 PM

Posted 27 June 2013 - 03:19 AM

I ran avast! anti-virus on my computer and he found virus:MBR:whistler-c[rtk],now the virus cant be deleted or quarantined.

I am running Windows Vista Home Premium 32 bit.

Please help me!


Edited by hamluis, 27 June 2013 - 08:16 AM.
Moved from Vista to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:25 PM

Posted 28 June 2013 - 10:15 AM

Hello,

I will be helping you with your problems. Please be patient while I assist you.

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us
 

  • Please do NOT run, install or uninstall any programs,  unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
          
  • Please do not attach logs or use code boxes, just copy and paste the text.  
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
          
  • Please read every post completely before doing anything.        
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
          
  • Please provide feedback about your experience as we go.     
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
          

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
- Do NOT backup any unknown files ending in .exe, .com, .scr, .pif, and .bat since files of these types are more likely to be infected.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

Please do the following:

:step1:

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!


  • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Under Objects to scan, check the boxes next to Verify file digital signatures, Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the full contents of that file in your next reply. - If the log is too long, then split it into multiple posts.



:step2:

Please download AdwCleaner by Xplode onto your desktop.


  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.



:step3:

Please download Farbar Service Scanner and run it on the computer with the issue.


  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press Scan.
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the full contents of the log in your next reply.



:step4:

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:


  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (Only Problems)
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points

NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.

Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.


Edited by dev00790, 28 June 2013 - 10:16 AM.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 alexalexx

alexalexx
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:25 PM

Posted 28 June 2013 - 01:02 PM

Hi there,first of all let me say thank u for ur help and i hope well get this as fast as possible.I started as soon as i saw your post.
So let me give u what u were asking me to do;
 
 
1.TDSSKiller report:
 
19:43:04.0373 3844  TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19
19:43:06.0366 3844  ============================================================
19:43:06.0366 3844  Current date / time: 2013/06/28 19:43:06.0366
19:43:06.0366 3844  SystemInfo:
19:43:06.0366 3844  
19:43:06.0366 3844  OS Version: 6.0.6002 ServicePack: 2.0
19:43:06.0366 3844  Product type: Workstation
19:43:06.0367 3844  ComputerName: SALE-PC
19:43:06.0367 3844  UserName: sale
19:43:06.0367 3844  Windows directory: C:\Windows
19:43:06.0367 3844  System windows directory: C:\Windows
19:43:06.0367 3844  Processor architecture: Intel x86
19:43:06.0367 3844  Number of processors: 2
19:43:06.0367 3844  Page size: 0x1000
19:43:06.0367 3844  Boot type: Normal boot
19:43:06.0367 3844  ============================================================
19:43:06.0943 3844  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:43:06.0945 3844  ============================================================
19:43:06.0945 3844  \Device\Harddisk0\DR0:
19:43:06.0945 3844  MBR partitions:
19:43:06.0945 3844  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x12A17000
19:43:06.0945 3844  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x12D05800, BlocksNum 0x12729000
19:43:06.0945 3844  ============================================================
19:43:06.0968 3844  C: <-> \Device\Harddisk0\DR0\Partition1
19:43:07.0258 3844  E: <-> \Device\Harddisk0\DR0\Partition2
19:43:07.0259 3844  ============================================================
19:43:07.0259 3844  Initialize success
19:43:07.0259 3844  ============================================================
19:44:07.0150 5176  ============================================================
19:44:07.0150 5176  Scan started
19:44:07.0150 5176  Mode: Manual; SigCheck; TDLFS; 
19:44:07.0150 5176  ============================================================
19:44:07.0451 5176  ================ Scan system memory ========================
19:44:07.0452 5176  System memory - ok
19:44:07.0452 5176  ================ Scan services =============================
19:44:07.0598 5176  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
19:44:07.0757 5176  ACPI - ok
19:44:07.0836 5176  [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
19:44:07.0891 5176  Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
19:44:07.0891 5176  Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
19:44:07.0993 5176  [ 249A44DCFA2500EB1C020E33A3E9F25B ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:44:08.0021 5176  AdobeFlashPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) - warning
19:44:08.0022 5176  AdobeFlashPlayerUpdateSvc - detected UnsignedFile.Multi.Generic (1)
19:44:08.0055 5176  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
19:44:08.0083 5176  adp94xx - ok
19:44:08.0105 5176  [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci         C:\Windows\system32\drivers\adpahci.sys
19:44:08.0126 5176  adpahci - ok
19:44:08.0137 5176  [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
19:44:08.0154 5176  adpu160m - ok
19:44:08.0161 5176  [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
19:44:08.0178 5176  adpu320 - ok
19:44:08.0200 5176  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:44:08.0261 5176  AeLookupSvc - ok
19:44:08.0310 5176  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
19:44:08.0350 5176  AFD - ok
19:44:08.0368 5176  [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440          C:\Windows\system32\drivers\agp440.sys
19:44:08.0383 5176  agp440 - ok
19:44:08.0395 5176  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
19:44:08.0412 5176  aic78xx - ok
19:44:08.0430 5176  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
19:44:08.0478 5176  ALG - ok
19:44:08.0493 5176  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:44:08.0507 5176  aliide - ok
19:44:08.0556 5176  [ C4232FADFA9691B85DDA0A7B636C5F6D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:44:08.0592 5176  AMD External Events Utility - ok
19:44:08.0606 5176  [ C47344BC706E5F0B9DCE369516661578 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
19:44:08.0622 5176  amdagp - ok
19:44:08.0630 5176  [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide          C:\Windows\system32\drivers\amdide.sys
19:44:08.0644 5176  amdide - ok
19:44:08.0662 5176  [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
19:44:08.0708 5176  AmdK7 - ok
19:44:08.0725 5176  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
19:44:08.0776 5176  AmdK8 - ok
19:44:09.0071 5176  [ 10D681E635E81C253FC5DD1A5048B0E9 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
19:44:10.0279 5176  amdkmdag - ok
19:44:10.0388 5176  [ 112A7F24C6535DBD2E90AEF34ECB57A4 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
19:44:10.0450 5176  amdkmdap - ok
19:44:10.0473 5176  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
19:44:10.0516 5176  Appinfo - ok
19:44:10.0531 5176  [ 5D2888182FB46632511ACEE92FDAD522 ] arc             C:\Windows\system32\drivers\arc.sys
19:44:10.0547 5176  arc - ok
19:44:10.0572 5176  [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:44:10.0589 5176  arcsas - ok
19:44:10.0654 5176  [ 4AF5F360BA1E8794D32B366E45A64A0A ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
19:44:10.0674 5176  aswFsBlk - ok
19:44:10.0746 5176  [ 1F7094D4268D46F718C51286DC189791 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
19:44:10.0761 5176  aswMonFlt - ok
19:44:10.0805 5176  [ 7B43265F92257A21CBFD88E7A651044C ] AswRdr          C:\Windows\system32\drivers\AswRdr.sys
19:44:10.0819 5176  AswRdr - ok
19:44:10.0874 5176  [ B680134BA1813B78B47FDD1DFF223CA5 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
19:44:10.0887 5176  aswRvrt - ok
19:44:10.0927 5176  [ CCD565A8A72AF7D45F9A242013870926 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
19:44:10.0979 5176  aswSnx - ok
19:44:11.0026 5176  [ 937300BC7C4CDF7576BCCE44E19BBB9D ] aswSP           C:\Windows\system32\drivers\aswSP.sys
19:44:11.0051 5176  aswSP - ok
19:44:11.0072 5176  [ 1F71F170D90E42EFDE9633D81D5E12DC ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
19:44:11.0086 5176  aswTdi - ok
19:44:11.0108 5176  [ 8CFAA2B965773A653F48F1207A9CB9C4 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
19:44:11.0126 5176  aswVmm - ok
19:44:11.0136 5176  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:44:11.0189 5176  AsyncMac - ok
19:44:11.0213 5176  [ 9C0E70031905ADBF94EDB9EA14AF943B ] atapi           C:\Windows\system32\drivers\atapi.sys
19:44:11.0228 5176  atapi - ok
19:44:11.0472 5176  [ 10D681E635E81C253FC5DD1A5048B0E9 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
19:44:12.0017 5176  atikmdag - ok
19:44:12.0085 5176  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:44:12.0141 5176  AudioEndpointBuilder - ok
19:44:12.0174 5176  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
19:44:12.0200 5176  Audiosrv - ok
19:44:12.0354 5176  [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:44:12.0368 5176  avast! Antivirus - ok
19:44:12.0374 5176  BDFsDrv - ok
19:44:12.0424 5176  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:44:12.0461 5176  Beep - ok
19:44:12.0518 5176  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
19:44:12.0566 5176  BFE - ok
19:44:12.0645 5176  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
19:44:12.0732 5176  BITS - ok
19:44:12.0787 5176  [ D4DF28447741FD3D953526E33A617397 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
19:44:12.0815 5176  blbdrive - ok
19:44:12.0862 5176  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:44:12.0880 5176  bowser - ok
19:44:12.0892 5176  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
19:44:12.0933 5176  BrFiltLo - ok
19:44:12.0967 5176  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
19:44:12.0990 5176  BrFiltUp - ok
19:44:13.0021 5176  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
19:44:13.0075 5176  Browser - ok
19:44:13.0258 5176  [ 981794879E8FD26CDD6ABCFF3F3F65EF ] BrowserProtect  C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
19:44:13.0417 5176  BrowserProtect - ok
19:44:13.0445 5176  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
19:44:13.0510 5176  Brserid - ok
19:44:13.0530 5176  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
19:44:13.0597 5176  BrSerWdm - ok
19:44:13.0612 5176  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
19:44:13.0670 5176  BrUsbMdm - ok
19:44:13.0685 5176  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
19:44:13.0743 5176  BrUsbSer - ok
19:44:13.0765 5176  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
19:44:13.0810 5176  BTHMODEM - ok
19:44:13.0885 5176  [ F1140ED3A1E1D6824A63F27AFD9EEF32 ] camsvc          C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe
19:44:13.0898 5176  camsvc - ok
19:44:13.0914 5176  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:44:13.0943 5176  cdfs - ok
19:44:13.0994 5176  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:44:14.0018 5176  cdrom - ok
19:44:14.0055 5176  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
19:44:14.0079 5176  CertPropSvc - ok
19:44:14.0093 5176  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\drivers\circlass.sys
19:44:14.0132 5176  circlass - ok
19:44:14.0184 5176  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
19:44:14.0205 5176  CLFS - ok
19:44:14.0281 5176  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:44:14.0296 5176  clr_optimization_v2.0.50727_32 - ok
19:44:14.0338 5176  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
19:44:14.0384 5176  CmBatt - ok
19:44:14.0413 5176  [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:44:14.0428 5176  cmdide - ok
19:44:14.0441 5176  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
19:44:14.0456 5176  Compbatt - ok
19:44:14.0461 5176  COMSysApp - ok
19:44:14.0547 5176  [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
19:44:14.0558 5176  ConfigFree Service - ok
19:44:14.0587 5176  [ 097A0A4899B759A4F032BD464963B4BE ] cpuz132         C:\Windows\system32\drivers\cpuz132_x32.sys
19:44:14.0606 5176  cpuz132 ( UnsignedFile.Multi.Generic ) - warning
19:44:14.0606 5176  cpuz132 - detected UnsignedFile.Multi.Generic (1)
19:44:14.0613 5176  [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
19:44:14.0628 5176  crcdisk - ok
19:44:14.0650 5176  [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
19:44:14.0697 5176  Crusoe - ok
19:44:14.0746 5176  [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:44:14.0784 5176  CryptSvc - ok
19:44:14.0835 5176  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:44:14.0913 5176  DcomLaunch - ok
19:44:14.0951 5176  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:44:14.0986 5176  DfsC - ok
19:44:15.0074 5176  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
19:44:15.0217 5176  DFSR - ok
19:44:15.0262 5176  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
19:44:15.0304 5176  Dhcp - ok
19:44:15.0330 5176  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
19:44:15.0346 5176  disk - ok
19:44:15.0374 5176  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:44:15.0423 5176  Dnscache - ok
19:44:15.0468 5176  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:44:15.0518 5176  dot3svc - ok
19:44:15.0540 5176  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
19:44:15.0584 5176  DPS - ok
19:44:15.0608 5176  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:44:15.0641 5176  drmkaud - ok
19:44:15.0714 5176  [ 5C7E2097B91D689DED7A6FF90F0F3A25 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:44:15.0765 5176  DXGKrnl - ok
19:44:15.0804 5176  [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
19:44:15.0843 5176  E1G60 - ok
19:44:15.0864 5176  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
19:44:15.0888 5176  EapHost - ok
19:44:15.0925 5176  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
19:44:15.0943 5176  Ecache - ok
19:44:15.0985 5176  [ 3A511ED3C9A9DA2CD5A50FF46178063A ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:44:16.0036 5176  ehRecvr - ok
19:44:16.0056 5176  [ A3D94C93333619458AF4BDE7531234C5 ] ehSched         C:\Windows\ehome\ehsched.exe
19:44:16.0091 5176  ehSched - ok
19:44:16.0107 5176  [ 487BA5C5BB442BD172F120DC197811C2 ] ehstart         C:\Windows\ehome\ehstart.dll
19:44:16.0141 5176  ehstart - ok
19:44:16.0179 5176  [ 178CC9403816C082D22A1D47FA1F9C85 ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
19:44:16.0193 5176  ElbyCDIO - ok
19:44:16.0227 5176  [ 23B62471681A124889978F6295B3F4C6 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
19:44:16.0251 5176  elxstor - ok
19:44:16.0305 5176  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
19:44:16.0373 5176  EMDMgmt - ok
19:44:16.0387 5176  [ 3DB974F3935483555D7148663F726C61 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:44:16.0424 5176  ErrDev - ok
19:44:16.0499 5176  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
19:44:16.0541 5176  EventSystem - ok
19:44:16.0589 5176  [ 1FC8C55255D197AA3A423624786D090C ] ewusbnet        C:\Windows\system32\DRIVERS\ewusbnet.sys
19:44:16.0621 5176  ewusbnet - ok
19:44:16.0647 5176  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
19:44:16.0683 5176  exfat - ok
19:44:16.0732 5176  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:44:16.0770 5176  fastfat - ok
19:44:16.0798 5176  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
19:44:16.0840 5176  fdc - ok
19:44:16.0863 5176  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
19:44:16.0892 5176  fdPHost - ok
19:44:16.0897 5176  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:44:16.0955 5176  FDResPub - ok
19:44:16.0970 5176  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:44:16.0986 5176  FileInfo - ok
19:44:16.0998 5176  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:44:17.0045 5176  Filetrace - ok
19:44:17.0066 5176  [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
19:44:17.0093 5176  flpydisk - ok
19:44:17.0138 5176  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:44:17.0157 5176  FltMgr - ok
19:44:17.0218 5176  [ D49705F25390265CAD9B620F55EA968C ] FontCache       C:\Windows\system32\FntCache.dll
19:44:17.0300 5176  FontCache - ok
19:44:17.0365 5176  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:44:17.0379 5176  FontCache3.0.0.0 - ok
19:44:17.0418 5176  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:44:17.0448 5176  Fs_Rec - ok
19:44:17.0479 5176  [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:44:17.0494 5176  gagp30kx - ok
19:44:17.0567 5176  [ 54FD6B2F163782914F1205D51FEDD3EF ] GameConsoleService C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
19:44:17.0597 5176  GameConsoleService - ok
19:44:17.0668 5176  GarenaPEngine - ok
19:44:17.0720 5176  [ B39662E4C237AA25A2CD2379FF508099 ] GoogleDesktopManager-022208-143751 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
19:44:17.0732 5176  GoogleDesktopManager-022208-143751 - ok
19:44:17.0787 5176  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
19:44:17.0865 5176  gpsvc - ok
19:44:17.0921 5176  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
19:44:17.0936 5176  gupdate - ok
19:44:17.0999 5176  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
19:44:18.0011 5176  gupdatem - ok
19:44:18.0056 5176  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:44:18.0073 5176  gusvc - ok
19:44:18.0108 5176  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:44:18.0158 5176  HdAudAddService - ok
19:44:18.0213 5176  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
19:44:18.0288 5176  HDAudBus - ok
19:44:18.0306 5176  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
19:44:18.0362 5176  HidBth - ok
19:44:18.0383 5176  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
19:44:18.0449 5176  HidIr - ok
19:44:18.0509 5176  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
19:44:18.0539 5176  hidserv - ok
19:44:18.0584 5176  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:44:18.0626 5176  HidUsb - ok
19:44:18.0658 5176  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:44:18.0688 5176  hkmsvc - ok
19:44:18.0701 5176  [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
19:44:18.0717 5176  HpCISSs - ok
19:44:18.0768 5176  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:44:18.0826 5176  HTTP - ok
19:44:18.0885 5176  [ 0515065A3C7E8869DD01253E987C5BD1 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
19:44:18.0923 5176  hwdatacard - ok
19:44:18.0940 5176  [ C6B032D69650985468160FC9937CF5B4 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
19:44:18.0955 5176  i2omp - ok
19:44:18.0965 5176  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
19:44:19.0001 5176  i8042prt - ok
19:44:19.0024 5176  [ 71ECC07BC7C5E24C3DD01D8A29A24054 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
19:44:19.0042 5176  iaStor - ok
19:44:19.0074 5176  [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
19:44:19.0094 5176  iaStorV - ok
19:44:19.0154 5176  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:44:19.0225 5176  idsvc - ok
19:44:19.0275 5176  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
19:44:19.0289 5176  iirsp - ok
19:44:19.0352 5176  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
19:44:19.0445 5176  IKEEXT - ok
19:44:19.0540 5176  [ 2E4F8AD76CB1203D68DB6E8F02E4AF74 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
19:44:19.0714 5176  IntcAzAudAddService - ok
19:44:19.0751 5176  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
19:44:19.0766 5176  intelide - ok
19:44:19.0816 5176  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:44:19.0856 5176  intelppm - ok
19:44:19.0879 5176  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:44:19.0925 5176  IPBusEnum - ok
19:44:19.0938 5176  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:44:19.0981 5176  IpFilterDriver - ok
19:44:20.0028 5176  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:44:20.0059 5176  iphlpsvc - ok
19:44:20.0064 5176  IpInIp - ok
19:44:20.0082 5176  [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
19:44:20.0127 5176  IPMIDRV - ok
19:44:20.0148 5176  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
19:44:20.0178 5176  IPNAT - ok
19:44:20.0185 5176  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:44:20.0222 5176  IRENUM - ok
19:44:20.0240 5176  [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:44:20.0255 5176  isapnp - ok
19:44:20.0303 5176  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
19:44:20.0322 5176  iScsiPrt - ok
19:44:20.0339 5176  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
19:44:20.0353 5176  iteatapi - ok
19:44:20.0366 5176  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
19:44:20.0381 5176  iteraid - ok
19:44:20.0400 5176  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:44:20.0415 5176  kbdclass - ok
19:44:20.0452 5176  [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:44:20.0474 5176  kbdhid - ok
19:44:20.0513 5176  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
19:44:20.0544 5176  KeyIso - ok
19:44:20.0594 5176  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:44:20.0621 5176  KSecDD - ok
19:44:20.0659 5176  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:44:20.0747 5176  KtmRm - ok
19:44:20.0814 5176  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:44:20.0853 5176  LanmanServer - ok
19:44:20.0914 5176  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:44:20.0947 5176  LanmanWorkstation - ok
19:44:20.0971 5176  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:44:21.0014 5176  lltdio - ok
19:44:21.0051 5176  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:44:21.0083 5176  lltdsvc - ok
19:44:21.0098 5176  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:44:21.0145 5176  lmhosts - ok
19:44:21.0162 5176  [ 31F74D5D47EEA83E5E89447586917774 ] LPCFilter       C:\Windows\system32\DRIVERS\LPCFilter.sys
19:44:21.0174 5176  LPCFilter - ok
19:44:21.0192 5176  [ C7E15E82879BF3235B559563D4185365 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
19:44:21.0208 5176  LSI_FC - ok
19:44:21.0218 5176  [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:44:21.0235 5176  LSI_SAS - ok
19:44:21.0240 5176  [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
19:44:21.0258 5176  LSI_SCSI - ok
19:44:21.0271 5176  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
19:44:21.0314 5176  luafv - ok
19:44:21.0368 5176  [ F0435FE3C1EC2659D2BBF073CA0752EE ] massfilter      C:\Windows\system32\drivers\massfilter.sys
19:44:21.0398 5176  massfilter - ok
19:44:21.0423 5176  [ 3BD2AD18179DEAD6652E87157FB98E4A ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:44:21.0450 5176  Mcx2Svc - ok
19:44:21.0469 5176  [ 0001CE609D66632FA17B84705F658879 ] megasas         C:\Windows\system32\drivers\megasas.sys
19:44:21.0484 5176  megasas - ok
19:44:21.0518 5176  [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
19:44:21.0543 5176  MegaSR - ok
19:44:21.0641 5176  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
19:44:21.0654 5176  Microsoft Office Groove Audit Service - ok
19:44:21.0682 5176  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
19:44:21.0725 5176  MMCSS - ok
19:44:21.0752 5176  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
19:44:21.0792 5176  Modem - ok
19:44:21.0797 5176  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:44:21.0834 5176  monitor - ok
19:44:21.0849 5176  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:44:21.0864 5176  mouclass - ok
19:44:21.0877 5176  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:44:21.0925 5176  mouhid - ok
19:44:21.0940 5176  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
19:44:21.0955 5176  MountMgr - ok
19:44:21.0968 5176  [ 511D011289755DD9F9A7579FB0B064E6 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:44:21.0985 5176  mpio - ok
19:44:21.0995 5176  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:44:22.0026 5176  mpsdrv - ok
19:44:22.0084 5176  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:44:22.0118 5176  MpsSvc - ok
19:44:22.0131 5176  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
19:44:22.0145 5176  Mraid35x - ok
19:44:22.0169 5176  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:44:22.0205 5176  MRxDAV - ok
19:44:22.0237 5176  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:44:22.0278 5176  mrxsmb - ok
19:44:22.0324 5176  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:44:22.0354 5176  mrxsmb10 - ok
19:44:22.0383 5176  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:44:22.0425 5176  mrxsmb20 - ok
19:44:22.0438 5176  [ AA305CFF241DA187BD5077DE4A2A043D ] msahci          C:\Windows\system32\drivers\msahci.sys
19:44:22.0454 5176  msahci - ok
19:44:22.0467 5176  [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:44:22.0483 5176  msdsm - ok
19:44:22.0509 5176  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
19:44:22.0561 5176  MSDTC - ok
19:44:22.0582 5176  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:44:22.0625 5176  Msfs - ok
19:44:22.0645 5176  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:44:22.0660 5176  msisadrv - ok
19:44:22.0698 5176  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:44:22.0729 5176  MSiSCSI - ok
19:44:22.0734 5176  msiserver - ok
19:44:22.0756 5176  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:44:22.0803 5176  MSKSSRV - ok
19:44:22.0821 5176  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:44:22.0869 5176  MSPCLOCK - ok
19:44:22.0884 5176  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:44:22.0912 5176  MSPQM - ok
19:44:22.0961 5176  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:44:22.0979 5176  MsRPC - ok
19:44:23.0018 5176  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
19:44:23.0033 5176  mssmbios - ok
19:44:23.0045 5176  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:44:23.0088 5176  MSTEE - ok
19:44:23.0135 5176  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
19:44:23.0151 5176  Mup - ok
19:44:23.0203 5176  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
19:44:23.0246 5176  napagent - ok
19:44:23.0299 5176  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:44:23.0329 5176  NativeWifiP - ok
19:44:23.0385 5176  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:44:23.0415 5176  NDIS - ok
19:44:23.0432 5176  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:44:23.0455 5176  NdisTapi - ok
19:44:23.0468 5176  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:44:23.0505 5176  Ndisuio - ok
19:44:23.0556 5176  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:44:23.0597 5176  NdisWan - ok
19:44:23.0614 5176  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:44:23.0651 5176  NDProxy - ok
19:44:23.0655 5176  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:44:23.0690 5176  NetBIOS - ok
19:44:23.0733 5176  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
19:44:23.0759 5176  netbt - ok
19:44:23.0771 5176  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
19:44:23.0788 5176  Netlogon - ok
19:44:23.0828 5176  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
19:44:23.0880 5176  Netman - ok
19:44:23.0901 5176  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
19:44:23.0953 5176  netprofm - ok
19:44:24.0011 5176  [ 2DD6BB85C8BDAE6116565AB5BECA4F7C ] netr73          C:\Windows\system32\DRIVERS\netr73.sys
19:44:24.0033 5176  netr73 ( UnsignedFile.Multi.Generic ) - warning
19:44:24.0033 5176  netr73 - detected UnsignedFile.Multi.Generic (1)
19:44:24.0071 5176  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:44:24.0085 5176  NetTcpPortSharing - ok
19:44:24.0208 5176  [ 8DE67BD902095A13329FD82C85A1FA09 ] NETw5v32        C:\Windows\system32\DRIVERS\NETw5v32.sys
19:44:24.0451 5176  NETw5v32 - ok
19:44:24.0522 5176  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
19:44:24.0537 5176  nfrd960 - ok
19:44:24.0603 5176  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:44:24.0651 5176  NlaSvc - ok
19:44:24.0688 5176  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:44:24.0727 5176  Npfs - ok
19:44:24.0740 5176  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
19:44:24.0771 5176  nsi - ok
19:44:24.0783 5176  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:44:24.0811 5176  nsiproxy - ok
19:44:24.0879 5176  [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:44:24.0956 5176  Ntfs - ok
19:44:24.0977 5176  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
19:44:25.0037 5176  ntrigdigi - ok
19:44:25.0051 5176  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
19:44:25.0092 5176  Null - ok
19:44:25.0115 5176  [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:44:25.0132 5176  nvraid - ok
19:44:25.0150 5176  [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:44:25.0165 5176  nvstor - ok
19:44:25.0179 5176  [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:44:25.0195 5176  nv_agp - ok
19:44:25.0200 5176  NwlnkFlt - ok
19:44:25.0206 5176  NwlnkFwd - ok
19:44:25.0284 5176  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:44:25.0309 5176  odserv - ok
19:44:25.0315 5176  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:44:25.0362 5176  ohci1394 - ok
19:44:25.0432 5176  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:44:25.0448 5176  ose - ok
19:44:25.0505 5176  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
19:44:25.0588 5176  p2pimsvc - ok
19:44:25.0599 5176  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
19:44:25.0640 5176  p2psvc - ok
19:44:25.0662 5176  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
19:44:25.0725 5176  Parport - ok
19:44:25.0765 5176  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:44:25.0780 5176  partmgr - ok
19:44:25.0799 5176  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
19:44:25.0844 5176  Parvdm - ok
19:44:25.0871 5176  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:44:25.0907 5176  PcaSvc - ok
19:44:25.0914 5176  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
19:44:25.0932 5176  pci - ok
19:44:25.0952 5176  [ FC175F5DDAB666D7F4D17449A547626F ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
19:44:25.0967 5176  pciide - ok
19:44:25.0987 5176  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:44:26.0004 5176  pcmcia - ok
19:44:26.0039 5176  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:44:26.0151 5176  PEAUTH - ok
19:44:26.0208 5176  [ 28F7FFFF50C474CF8BE16A2CACC7CE42 ] PGEffect        C:\Windows\system32\DRIVERS\pgeffect.sys
19:44:26.0236 5176  PGEffect - ok
19:44:26.0289 5176  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
19:44:26.0411 5176  pla - ok
19:44:26.0460 5176  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:44:26.0503 5176  PlugPlay - ok
19:44:26.0545 5176  [ 205E1B699FD3F2F9B036EEA2EC30C620 ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
19:44:26.0562 5176  PnkBstrA - ok
19:44:26.0584 5176  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
19:44:26.0612 5176  PNRPAutoReg - ok
19:44:26.0661 5176  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
19:44:26.0690 5176  PNRPsvc - ok
19:44:26.0746 5176  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:44:26.0795 5176  PolicyAgent - ok
19:44:26.0826 5176  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:44:26.0865 5176  PptpMiniport - ok
19:44:26.0885 5176  [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor       C:\Windows\system32\drivers\processr.sys
19:44:26.0927 5176  Processor - ok
19:44:26.0970 5176  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:44:26.0998 5176  ProfSvc - ok
19:44:27.0006 5176  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
19:44:27.0024 5176  ProtectedStorage - ok
19:44:27.0072 5176  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
19:44:27.0096 5176  PSched - ok
19:44:27.0114 5176  [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
19:44:27.0127 5176  PxHelp20 - ok
19:44:27.0171 5176  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
19:44:27.0296 5176  ql2300 - ok
19:44:27.0338 5176  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
19:44:27.0354 5176  ql40xx - ok
19:44:27.0410 5176  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
19:44:27.0434 5176  QWAVE - ok
19:44:27.0458 5176  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:44:27.0474 5176  QWAVEdrv - ok
19:44:27.0483 5176  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:44:27.0510 5176  RasAcd - ok
19:44:27.0531 5176  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
19:44:27.0570 5176  RasAuto - ok
19:44:27.0588 5176  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:44:27.0634 5176  Rasl2tp - ok
19:44:27.0693 5176  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
19:44:27.0742 5176  RasMan - ok
19:44:27.0769 5176  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:44:27.0792 5176  RasPppoe - ok
19:44:27.0797 5176  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:44:27.0815 5176  RasSstp - ok
19:44:27.0849 5176  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:44:27.0885 5176  rdbss - ok
19:44:27.0905 5176  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:44:27.0933 5176  RDPCDD - ok
19:44:27.0967 5176  [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
19:44:28.0000 5176  rdpdr - ok
19:44:28.0008 5176  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:44:28.0050 5176  RDPENCDD - ok
19:44:28.0078 5176  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:44:28.0097 5176  RDPWD - ok
19:44:28.0144 5176  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:44:28.0174 5176  RemoteAccess - ok
19:44:28.0230 5176  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:44:28.0275 5176  RemoteRegistry - ok
19:44:28.0303 5176  [ 75E8A6BFA7374ABA833AE92BF41AE4E6 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
19:44:28.0330 5176  ROOTMODEM - ok
19:44:28.0358 5176  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
19:44:28.0387 5176  RpcLocator - ok
19:44:28.0410 5176  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
19:44:28.0443 5176  RpcSs - ok
19:44:28.0464 5176  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:44:28.0505 5176  rspndr - ok
19:44:28.0526 5176  [ D85DA4371AF61359EDFCA4EA06619DD4 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys
19:44:28.0542 5176  RTHDMIAzAudService - ok
19:44:28.0570 5176  [ 470253597930E765DD08B30E723C1FA2 ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
19:44:28.0620 5176  RTL8169 - ok
19:44:28.0657 5176  [ 52532A4CA8B251775DECC87C4813ABFB ] RTSTOR          C:\Windows\system32\drivers\RTSTOR.SYS
19:44:28.0672 5176  RTSTOR - ok
19:44:28.0685 5176  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
19:44:28.0703 5176  SamSs - ok
19:44:28.0716 5176  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:44:28.0731 5176  sbp2port - ok
19:44:28.0775 5176  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:44:28.0811 5176  SCardSvr - ok
19:44:28.0861 5176  [ 9FEB2026A460916D1A1198B460632630 ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
19:44:28.0868 5176  SCDEmu ( UnsignedFile.Multi.Generic ) - warning
19:44:28.0868 5176  SCDEmu - detected UnsignedFile.Multi.Generic (1)
19:44:28.0925 5176  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
19:44:29.0009 5176  Schedule - ok
19:44:29.0031 5176  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:44:29.0053 5176  SCPolicySvc - ok
19:44:29.0085 5176  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:44:29.0115 5176  SDRSVC - ok
19:44:29.0149 5176  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:44:29.0193 5176  secdrv - ok
19:44:29.0211 5176  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
19:44:29.0253 5176  seclogon - ok
19:44:29.0265 5176  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
19:44:29.0297 5176  SENS - ok
19:44:29.0312 5176  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
19:44:29.0358 5176  Serenum - ok
19:44:29.0386 5176  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
19:44:29.0440 5176  Serial - ok
19:44:29.0445 5176  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
19:44:29.0473 5176  sermouse - ok
19:44:29.0500 5176  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
19:44:29.0549 5176  SessionEnv - ok
19:44:29.0562 5176  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:44:29.0600 5176  sffdisk - ok
19:44:29.0615 5176  [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:44:29.0664 5176  sffp_mmc - ok
19:44:29.0679 5176  [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:44:29.0708 5176  sffp_sd - ok
19:44:29.0722 5176  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
19:44:29.0780 5176  sfloppy - ok
19:44:29.0814 5176  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:44:29.0862 5176  SharedAccess - ok
19:44:29.0908 5176  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:44:29.0932 5176  ShellHWDetection - ok
19:44:29.0948 5176  [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
19:44:29.0963 5176  sisagp - ok
19:44:29.0972 5176  [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
19:44:29.0987 5176  SiSRaid2 - ok
19:44:29.0998 5176  [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:44:30.0014 5176  SiSRaid4 - ok
19:44:30.0140 5176  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
19:44:30.0332 5176  slsvc - ok
19:44:30.0375 5176  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
19:44:30.0414 5176  SLUINotify - ok
19:44:30.0461 5176  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:44:30.0486 5176  Smb - ok
19:44:30.0506 5176  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:44:30.0524 5176  SNMPTRAP - ok
19:44:30.0544 5176  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
19:44:30.0559 5176  spldr - ok
19:44:30.0607 5176  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
19:44:30.0628 5176  Spooler - ok
19:44:30.0690 5176  [ CDDDEC541BC3C96F91ECB48759673505 ] sptd            C:\Windows\system32\Drivers\sptd.sys
19:44:30.0690 5176  Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505
19:44:30.0692 5176  sptd ( LockedFile.Multi.Generic ) - warning
19:44:30.0692 5176  sptd - detected LockedFile.Multi.Generic (1)
19:44:30.0744 5176  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:44:30.0780 5176  srv - ok
19:44:30.0805 5176  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:44:30.0824 5176  srv2 - ok
19:44:30.0838 5176  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:44:30.0870 5176  srvnet - ok
19:44:30.0892 5176  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:44:30.0942 5176  SSDPSRV - ok
19:44:30.0964 5176  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:44:30.0996 5176  SstpSvc - ok
19:44:31.0044 5176  Steam Client Service - ok
19:44:31.0089 5176  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
19:44:31.0129 5176  stisvc - ok
19:44:31.0166 5176  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
19:44:31.0180 5176  swenum - ok
19:44:31.0229 5176  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
19:44:31.0274 5176  swprv - ok
19:44:31.0304 5176  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
19:44:31.0319 5176  Symc8xx - ok
19:44:31.0330 5176  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
19:44:31.0344 5176  Sym_hi - ok
19:44:31.0362 5176  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
19:44:31.0376 5176  Sym_u3 - ok
19:44:31.0422 5176  [ 5EFCEDCF3DAF5C8D9E8B77A34A4EEC99 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
19:44:31.0439 5176  SynTP - ok
19:44:31.0497 5176  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
19:44:31.0544 5176  SysMain - ok
19:44:31.0583 5176  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:44:31.0605 5176  TabletInputService - ok
19:44:31.0673 5176  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:44:31.0723 5176  TapiSrv - ok
19:44:31.0729 5176  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
19:44:31.0761 5176  TBS - ok
19:44:31.0823 5176  [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:44:31.0893 5176  Tcpip - ok
19:44:31.0911 5176  [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
19:44:31.0967 5176  Tcpip6 - ok
19:44:32.0024 5176  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:44:32.0052 5176  tcpipreg - ok
19:44:32.0094 5176  [ 6FDFBA25002CE4BAC463AC866AE71405 ] tdcmdpst        C:\Windows\system32\DRIVERS\tdcmdpst.sys
19:44:32.0106 5176  tdcmdpst - ok
19:44:32.0137 5176  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:44:32.0181 5176  TDPIPE - ok
19:44:32.0197 5176  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:44:32.0236 5176  TDTCP - ok
19:44:32.0283 5176  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:44:32.0308 5176  tdx - ok
19:44:32.0341 5176  [ 721D8DF7BE216946367255DE91529AB8 ] TemproMonitoringService C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
19:44:32.0354 5176  TemproMonitoringService - ok
19:44:32.0365 5176  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
19:44:32.0382 5176  TermDD - ok
19:44:32.0406 5176  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
19:44:32.0463 5176  TermService - ok
19:44:32.0498 5176  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
19:44:32.0519 5176  Themes - ok
19:44:32.0531 5176  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
19:44:32.0561 5176  THREADORDER - ok
19:44:32.0601 5176  [ FB8448D1B0DA00D70C28ADF9282B31BB ] TMachInfo       C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
19:44:32.0627 5176  TMachInfo - ok
19:44:32.0668 5176  [ 22BC804EFE155F54252F389B0781D7F2 ] TNaviSrv        C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
19:44:32.0681 5176  TNaviSrv - ok
19:44:32.0710 5176  [ C5AC715B65B01788ABC22D10749DDDD8 ] TODDSrv         C:\Windows\system32\TODDSrv.exe
19:44:32.0728 5176  TODDSrv - ok
19:44:32.0777 5176  [ 5557E7F940CBCF09BE43379F551F6689 ] TosCoSrv        C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
19:44:32.0799 5176  TosCoSrv - ok
19:44:32.0862 5176  [ E44759CB4AC9F43464D8780501CC0470 ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
19:44:32.0876 5176  TOSHIBA Bluetooth Service - ok
19:44:32.0930 5176  [ 9D1C30CE9F1A8488D5D9102C0820743D ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
19:44:32.0939 5176  TOSHIBA eco Utility Service ( UnsignedFile.Multi.Generic ) - warning
19:44:32.0939 5176  TOSHIBA eco Utility Service - detected UnsignedFile.Multi.Generic (1)
19:44:32.0960 5176  [ B792D35B8BDC5FC4106808FF5C7770AB ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
19:44:32.0984 5176  TOSHIBA HDD SSD Alert Service ( UnsignedFile.Multi.Generic ) - warning
19:44:32.0984 5176  TOSHIBA HDD SSD Alert Service - detected UnsignedFile.Multi.Generic (1)
19:44:33.0004 5176  [ 2C15B4856F929AC7DD144044D8334B54 ] tosporte        C:\Windows\system32\DRIVERS\tosporte.sys
19:44:33.0037 5176  tosporte - ok
19:44:33.0086 5176  [ EAEDDB6C8BBE3E1B753753C2E847FECB ] Tosrfbd         C:\Windows\system32\DRIVERS\tosrfbd.sys
19:44:33.0101 5176  Tosrfbd - ok
19:44:33.0159 5176  [ 45A0FD8D566E7C44B2FC340CBD6672D0 ] tosrfbnp        C:\Windows\system32\Drivers\tosrfbnp.sys
19:44:33.0192 5176  tosrfbnp - ok
19:44:33.0218 5176  [ C281D231BA7BC7955D39EA9E21374EFF ] Tosrfcom        C:\Windows\system32\Drivers\tosrfcom.sys
19:44:33.0235 5176  Tosrfcom - ok
19:44:33.0288 5176  [ C063B8E2DB85420438EBCE3FC8D2752E ] tosrfec         C:\Windows\system32\DRIVERS\tosrfec.sys
19:44:33.0303 5176  tosrfec - ok
19:44:33.0325 5176  [ 592CD9C8AB08EF02EA53905D30FB157E ] Tosrfhid        C:\Windows\system32\DRIVERS\Tosrfhid.sys
19:44:33.0355 5176  Tosrfhid - ok
19:44:33.0374 5176  [ 0F3FD4F55175CAEDDCE9EFD6C5CA45D3 ] tosrfnds        C:\Windows\system32\DRIVERS\tosrfnds.sys
19:44:33.0405 5176  tosrfnds - ok
19:44:33.0416 5176  [ C4245835D4FAC0494ED616F3BFE9EE0A ] Tosrfusb        C:\Windows\system32\DRIVERS\tosrfusb.sys
19:44:33.0444 5176  Tosrfusb - ok
19:44:33.0496 5176  [ 4399A9BF7D8F49991A07FD86590A1619 ] tos_sps32       C:\Windows\system32\DRIVERS\tos_sps32.sys
19:44:33.0513 5176  tos_sps32 - ok
19:44:33.0576 5176  [ 1A6FA701F66B58192B814570322521B2 ] TPCHSrv         C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
19:44:33.0615 5176  TPCHSrv - ok
19:44:33.0655 5176  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
19:44:33.0703 5176  TrkWks - ok
19:44:33.0766 5176  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:44:33.0803 5176  TrustedInstaller - ok
19:44:33.0830 5176  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:44:33.0859 5176  tssecsrv - ok
19:44:33.0914 5176  [ 4196D7BC21786883201747DCC0DC84A0 ] TuneUp.Defrag   C:\Windows\System32\TuneUpDefragService.exe
19:44:33.0938 5176  TuneUp.Defrag - ok
19:44:33.0971 5176  [ 02E5F68A55CD413C5BFB9F2DF677DD01 ] TuneUp.ProgramStatisticsSvc C:\Windows\System32\TUProgSt.exe
19:44:34.0007 5176  TuneUp.ProgramStatisticsSvc - ok
19:44:34.0024 5176  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
19:44:34.0040 5176  tunmp - ok
19:44:34.0068 5176  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:44:34.0084 5176  tunnel - ok
19:44:34.0110 5176  [ 792A8B80F8188ABA4B2BE271583F3E46 ] TVALZ           C:\Windows\system32\DRIVERS\TVALZ_O.SYS
19:44:34.0122 5176  TVALZ - ok
19:44:34.0173 5176  [ 009AECD4C19209B09669A6615EA1E889 ] TVALZFL         C:\Windows\system32\DRIVERS\TVALZFL.sys
19:44:34.0185 5176  TVALZFL - ok
19:44:34.0204 5176  [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:44:34.0219 5176  uagp35 - ok
19:44:34.0266 5176  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:44:34.0294 5176  udfs - ok
19:44:34.0335 5176  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:44:34.0386 5176  UI0Detect - ok
19:44:34.0411 5176  [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:44:34.0427 5176  uliagpkx - ok
19:44:34.0472 5176  [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci         C:\Windows\system32\drivers\uliahci.sys
19:44:34.0494 5176  uliahci - ok
19:44:34.0499 5176  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
19:44:34.0517 5176  UlSata - ok
19:44:34.0530 5176  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
19:44:34.0548 5176  ulsata2 - ok
19:44:34.0559 5176  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:44:34.0602 5176  umbus - ok
19:44:34.0629 5176  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
19:44:34.0680 5176  upnphost - ok
19:44:34.0713 5176  [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
19:44:34.0756 5176  usbaudio - ok
19:44:34.0806 5176  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:44:34.0830 5176  usbccgp - ok
19:44:34.0837 5176  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:44:34.0894 5176  usbcir - ok
19:44:34.0917 5176  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
19:44:34.0939 5176  usbehci - ok
19:44:34.0983 5176  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:44:35.0010 5176  usbhub - ok
19:44:35.0026 5176  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:44:35.0088 5176  usbohci - ok
19:44:35.0100 5176  [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
19:44:35.0160 5176  usbprint - ok
19:44:35.0166 5176  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:44:35.0189 5176  USBSTOR - ok
19:44:35.0209 5176  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
19:44:35.0232 5176  usbuhci - ok
19:44:35.0257 5176  [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
19:44:35.0308 5176  usbvideo - ok
19:44:35.0355 5176  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
19:44:35.0381 5176  UxSms - ok
19:44:35.0397 5176  [ 4360D5653E885479FED75C378E9FAAB3 ] UxTuneUp        C:\Windows\System32\uxtuneup.dll
19:44:35.0412 5176  UxTuneUp - ok
19:44:35.0454 5176  [ 1CDAA48CB2F7744B8D25650E050766A5 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
19:44:35.0482 5176  VClone - ok
19:44:35.0524 5176  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
19:44:35.0587 5176  vds - ok
19:44:35.0617 5176  [ 87B06E1F30B749A114F74622D013F8D4 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:44:35.0655 5176  vga - ok
19:44:35.0675 5176  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:44:35.0719 5176  VgaSave - ok
19:44:35.0731 5176  [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp          C:\Windows\system32\drivers\viaagp.sys
19:44:35.0747 5176  viaagp - ok
19:44:35.0764 5176  [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7           C:\Windows\system32\drivers\viac7.sys
19:44:35.0808 5176  ViaC7 - ok
19:44:35.0828 5176  [ AADF5587A4063F52C2C3FED7887426FC ] viaide          C:\Windows\system32\drivers\viaide.sys
19:44:35.0843 5176  viaide - ok
19:44:35.0864 5176  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:44:35.0880 5176  volmgr - ok
19:44:35.0912 5176  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:44:35.0935 5176  volmgrx - ok
19:44:35.0973 5176  [ 786DB5771F05EF300390399F626BF30A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:44:35.0996 5176  volsnap - ok
19:44:36.0018 5176  [ 587253E09325E6BF226B299774B728A9 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:44:36.0036 5176  vsmraid - ok
19:44:36.0076 5176  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
19:44:36.0167 5176  VSS - ok
19:44:36.0188 5176  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
19:44:36.0237 5176  W32Time - ok
19:44:36.0261 5176  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
19:44:36.0306 5176  WacomPen - ok
19:44:36.0319 5176  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
19:44:36.0357 5176  Wanarp - ok
19:44:36.0364 5176  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:44:36.0387 5176  Wanarpv6 - ok
19:44:36.0422 5176  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:44:36.0490 5176  wcncsvc - ok
19:44:36.0522 5176  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:44:36.0559 5176  WcsPlugInService - ok
19:44:36.0581 5176  [ 78FE9542363F297B18C027B2D7E7C07F ] Wd              C:\Windows\system32\drivers\wd.sys
19:44:36.0605 5176  Wd - ok
19:44:36.0628 5176  [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:44:36.0677 5176  Wdf01000 - ok
19:44:36.0696 5176  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:44:36.0741 5176  WdiServiceHost - ok
19:44:36.0745 5176  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:44:36.0778 5176  WdiSystemHost - ok
19:44:36.0830 5176  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
19:44:36.0869 5176  WebClient - ok
19:44:36.0903 5176  [ 905214925A88311FCE52F66153DE7610 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:44:36.0938 5176  Wecsvc - ok
19:44:36.0957 5176  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:44:36.0993 5176  wercplsupport - ok
19:44:37.0050 5176  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:44:37.0093 5176  WerSvc - ok
19:44:37.0151 5176  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
19:44:37.0173 5176  WinDefend - ok
19:44:37.0179 5176  WinHttpAutoProxySvc - ok
19:44:37.0226 5176  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:44:37.0253 5176  Winmgmt - ok
19:44:37.0310 5176  [ 01874D4689C212460FBABF0ECD7CB7F7 ] WinRM           C:\Windows\system32\WsmSvc.dll
19:44:37.0414 5176  WinRM - ok
19:44:37.0489 5176  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:44:37.0568 5176  Wlansvc - ok
19:44:37.0591 5176  [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
19:44:37.0635 5176  WmiAcpi - ok
19:44:37.0691 5176  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:44:37.0716 5176  wmiApSrv - ok
19:44:37.0791 5176  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
19:44:37.0850 5176  WMPNetworkSvc - ok
19:44:37.0895 5176  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:44:37.0932 5176  WPCSvc - ok
19:44:37.0976 5176  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:44:38.0015 5176  WPDBusEnum - ok
19:44:38.0060 5176  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:44:38.0089 5176  ws2ifsl - ok
19:44:38.0125 5176  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\System32\wscsvc.dll
19:44:38.0164 5176  wscsvc - ok
19:44:38.0169 5176  WSearch - ok
19:44:38.0265 5176  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
19:44:38.0400 5176  wuauserv - ok
19:44:38.0434 5176  [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:44:38.0478 5176  WUDFRd - ok
19:44:38.0501 5176  [ 575A4190D989F64732119E4114045A4F ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:44:38.0549 5176  wudfsvc - ok
19:44:38.0609 5176  [ B8B466103280E45E391E876F05122607 ] ZTEusbmdm6k     C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
19:44:38.0644 5176  ZTEusbmdm6k - ok
19:44:38.0661 5176  [ 911BA85906BC7602C73441502ABFB565 ] ZTEusbnet       C:\Windows\system32\DRIVERS\ZTEusbnet.sys
19:44:38.0678 5176  ZTEusbnet - ok
19:44:38.0705 5176  [ 69774B89725DDC4781E0EEB9809F3B20 ] ZTEusbnmea      C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
19:44:38.0737 5176  ZTEusbnmea - ok
19:44:38.0744 5176  [ B8B466103280E45E391E876F05122607 ] ZTEusbser6k     C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
19:44:38.0760 5176  ZTEusbser6k - ok
19:44:38.0778 5176  [ B8B466103280E45E391E876F05122607 ] ZTEusbvoice     C:\Windows\system32\DRIVERS\ZTEusbvoice.sys
19:44:38.0795 5176  ZTEusbvoice - ok
19:44:38.0813 5176  ================ Scan global ===============================
19:44:38.0856 5176  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
19:44:38.0905 5176  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
19:44:38.0938 5176  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
19:44:38.0990 5176  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
19:44:38.0999 5176  [Global] - ok
19:44:38.0999 5176  ================ Scan MBR ==================================
19:44:39.0011 5176  [ 9C603BC3977968C891DE319283E1E7AF ] \Device\Harddisk0\DR0
19:44:39.0012 5176  Suspicious mbr (Forged): \Device\Harddisk0\DR0
19:44:39.0045 5176  \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - infected
19:44:39.0045 5176  \Device\Harddisk0\DR0 - detected Rootkit.Boot.Wistler.a (0)
19:44:39.0160 5176  ================ Scan VBR ==================================
19:44:39.0195 5176  [ CF83110828D8AB4D4213956A31186A23 ] \Device\Harddisk0\DR0\Partition1
19:44:39.0197 5176  \Device\Harddisk0\DR0\Partition1 - ok
19:44:39.0220 5176  [ C7FD826542946C1A7A784B60C562BD1B ] \Device\Harddisk0\DR0\Partition2
19:44:39.0221 5176  \Device\Harddisk0\DR0\Partition2 - ok
19:44:39.0222 5176  ============================================================
19:44:39.0222 5176  Scan finished
19:44:39.0222 5176  ============================================================
19:44:39.0235 1232  Detected object count: 9
19:44:39.0235 1232  Actual detected object count: 9
19:45:39.0050 1232  Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:45:39.0050 1232  Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:45:39.0052 1232  AdobeFlashPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:45:39.0052 1232  AdobeFlashPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:45:39.0054 1232  cpuz132 ( UnsignedFile.Multi.Generic ) - skipped by user
19:45:39.0054 1232  cpuz132 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:45:39.0056 1232  netr73 ( UnsignedFile.Multi.Generic ) - skipped by user
19:45:39.0056 1232  netr73 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:45:39.0058 1232  SCDEmu ( UnsignedFile.Multi.Generic ) - skipped by user
19:45:39.0058 1232  SCDEmu ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:45:39.0060 1232  sptd ( LockedFile.Multi.Generic ) - skipped by user
19:45:39.0060 1232  sptd ( LockedFile.Multi.Generic ) - User select action: Skip 
19:45:39.0062 1232  TOSHIBA eco Utility Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:45:39.0063 1232  TOSHIBA eco Utility Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:45:39.0065 1232  TOSHIBA HDD SSD Alert Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:45:39.0065 1232  TOSHIBA HDD SSD Alert Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:45:39.0579 1232  \Device\Harddisk0\DR0\# - copied to quarantine
19:45:39.0582 1232  \Device\Harddisk0\DR0 - copied to quarantine
19:45:39.0698 1232  \Device\Harddisk0\DR0 - processing error
 
 

2.ADWcleaner report:

 

# AdwCleaner v2.303 - Logfile created 06/28/2013 at 19:53:44
# Updated 08/06/2013 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : sale - SALE-PC
# Boot Mode : Normal
# Running from : C:\Users\sale\Downloads\AdwCleaner.exe
# Option [Search]
 
 
***** [Services] *****
 
Found : BrowserProtect
 
***** [Files / Folders] *****
 
File Found : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Found : C:\Users\sale\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
File Found : C:\Users\sale\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\bProtector_extensions.rdf
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\bprotector_extensions.sqlite
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\bprotector_prefs.js
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\extensions\gophoto@gophoto.it.xpi
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\searchplugins\Conduit.xml
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\searchplugins\delta.xml
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\searchplugins\icqplugin.xml
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\searchplugins\icqplugin-1.xml
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\searchplugins\icqplugin-10.xml
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\searchplugins\icqplugin-2.xml
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\searchplugins\icqplugin-3.xml
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\searchplugins\icqplugin-4.xml
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\searchplugins\icqplugin-5.xml
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\searchplugins\icqplugin-6.xml
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\searchplugins\icqplugin-7.xml
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\searchplugins\icqplugin-8.xml
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\searchplugins\icqplugin-9.xml
Folder Found : C:\Program Files\Delta
Folder Found : C:\Program Files\Gophoto.it
Folder Found : C:\Program Files\ICQ6Toolbar
Folder Found : C:\Program Files\TornTV.com
Folder Found : C:\Program Files\Winamp Toolbar
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\BrowserProtect
Folder Found : C:\ProgramData\ICQ\ICQToolbar
Folder Found : C:\ProgramData\Winamp Toolbar
Folder Found : C:\Users\sale\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Folder Found : C:\Users\sale\AppData\Local\PackageAware
Folder Found : C:\Users\sale\AppData\Local\Winamp Toolbar
Folder Found : C:\Users\sale\AppData\LocalLow\Delta
Folder Found : C:\Users\sale\AppData\Roaming\BabSolution
Folder Found : C:\Users\sale\AppData\Roaming\Babylon
Folder Found : C:\Users\sale\AppData\Roaming\Delta
Folder Found : C:\Users\sale\AppData\Roaming\file scout
Folder Found : C:\Users\sale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Folder Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Folder Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\extensions\ffxtlbr@delta.com
 
***** [Registry] *****
 
Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\BabSolution
Key Found : HKCU\Software\BabylonToolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\d538a8fb53bbf10
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\Delta
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Chrome Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Winamp Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Winamp Toolbar
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\winamptbServer.exe
Key Found : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6EF4E91D-DDD5-4478-BCA7-DA04435934C0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B38D6EDE-390B-4620-8365-29E16459EBDA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F20F11FD-203E-45A9-B7BB-AFC1B4FEA7A6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FE178B09-C8AA-4734-804D-1849BCCA0C29}
Key Found : HKLM\SOFTWARE\Classes\delta.deltaappCore
Key Found : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Key Found : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Key Found : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Found : HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch
Key Found : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch.1
Key Found : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand
Key Found : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand.1
Key Found : HKLM\SOFTWARE\Classes\WinampTb.Downloader
Key Found : HKLM\SOFTWARE\Classes\WinampTb.Downloader.1
Key Found : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo
Key Found : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo.1
Key Found : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams
Key Found : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams.1
Key Found : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\d538a8fb53bbf10
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\Software\Delta
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar
Key Found : HKLM\SOFTWARE\Software
Key Found : HKLM\Software\Winamp Toolbar
Key Found : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Found : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Found : HKU\S-1-5-21-1754380148-3273611749-601346732-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKU\S-1-5-21-1754380148-3273611749-601346732-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKU\S-1-5-21-1754380148-3273611749-601346732-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKU\S-1-5-21-1754380148-3273611749-601346732-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}]
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v7.0.6002.18005
 
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
[HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page] = hxxp://www.delta-search.com/?affID=119776&babsrc=HP_ss&mntrId=fedf17ca000000000000001e6585cdb2
 
-\\ Mozilla Firefox v [Unable to get version]
 
File : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\prefs.js
 
Found : user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?affID=119776&babsrc=NT_ss&mntrId=fedf1[...]
Found : user_pref("browser.search.defaultthis.engineName", "InnoGames International Customized Web Search");
Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2832595&Sea[...]
Found : user_pref("browser.search.order.1", "Delta Search");
Found : user_pref("browser.search.selectedEngine", "Delta Search");
Found : user_pref("extensions.delta.admin", false);
Found : user_pref("extensions.delta.aflt", "babsst");
Found : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Found : user_pref("extensions.delta.autoRvrt", "false");
Found : user_pref("extensions.delta.dfltLng", "en");
Found : user_pref("extensions.delta.excTlbr", false);
Found : user_pref("extensions.delta.id", "fedf17ca000000000000001e6585cdb2");
Found : user_pref("extensions.delta.instlDay", "15767");
Found : user_pref("extensions.delta.instlRef", "sst");
Found : user_pref("extensions.delta.newTab", false);
Found : user_pref("extensions.delta.prdct", "delta");
Found : user_pref("extensions.delta.prtnrId", "delta");
Found : user_pref("extensions.delta.rvrt", "false");
Found : user_pref("extensions.delta.smplGrp", "none");
Found : user_pref("extensions.delta.tlbrId", "base");
Found : user_pref("extensions.delta.tlbrSrchUrl", "");
Found : user_pref("extensions.delta.vrsn", "1.8.10.0");
Found : user_pref("extensions.delta.vrsnTs", "1.8.10.018:27:12");
Found : user_pref("extensions.delta.vrsni", "1.8.10.0");
Found : user_pref("icqtoolbar.allowSendURL", false);
Found : user_pref("icqtoolbar.engineVerified", true);
Found : user_pref("icqtoolbar.firstTbRun", false);
Found : user_pref("icqtoolbar.geolastmodified", 1364825244);
Found : user_pref("icqtoolbar.hiddenElements", "itb_options itb_people itb_zoom_in itb_zoom_out itb_zoom_def[...]
Found : user_pref("icqtoolbar.history", "vip||t-com||eurobattle.net||youtube");
Found : user_pref("icqtoolbar.icqgeo", 385);
Found : user_pref("icqtoolbar.installTime", "1362331957");
Found : user_pref("icqtoolbar.numberOfSearches", 0);
Found : user_pref("icqtoolbar.previousFFVersion", "14.0.1");
Found : user_pref("icqtoolbar.skip_default_search", "no");
Found : user_pref("icqtoolbar.uniqueID", "136225872813623245561362331957969");
Found : user_pref("icqtoolbar.usageStatstTimestamp", 1364813854);
Found : user_pref("icqtoolbar.version", "1.5.3");
Found : user_pref("icqtoolbar.voucherHideClicks", 0);
Found : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Found : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Found : user_pref("icqtoolbar.voucherWasShown", 0);
Found : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q=");
 
-\\ Google Chrome v27.0.1453.116
 
File : C:\Users\sale\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[R1].txt - [17815 octets] - [28/06/2013 19:53:44]
 
########## EOF - C:\AdwCleaner[R1].txt - [17876 octets] ##########

 

 

3.Farbar Service Scanner report:

 

Farbar Service Scanner Version: 27-06-2013
Ran by sale (administrator) on 28-06-2013 at 19:57:26
Running from "C:\Users\sale\Downloads"
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Security Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2013-04-01 20:09] - [2013-01-04 13:28] - 0905576 ____A (Microsoft Corporation) 74E2D020C47BB2B2FCCBA29A518A7EB4
 
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
 
 
**** End of log ****

 

 

4.MiniToolBox report:

 

MiniToolBox by Farbar  Version: 16-06-2013
Ran by sale (administrator) on 28-06-2013 at 20:01:02
Running from "C:\Users\sale\Downloads"
Windows Vista ™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
::1             localhost
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Bluetooth Personal Area Network = Local Area Connection 2 (Disconnected)
Intel® WiFi Link 5100 AGN = Wireless Network Connection (Connected)
Realtek RTL8102/8103 Family PCI-E FE NIC = Local Area Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global defaultcurhoplimit=64 icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : sale-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Mixed
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : lan
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : lan
   Description . . . . . . . . . . . : Intel® WiFi Link 5100 AGN
   Physical Address. . . . . . . . . : 00-1E-65-85-CD-B2
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::ed54:163c:33d:5c62%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.27(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 28. lipnja 2013 11:01:48
   Lease Expires . . . . . . . . . . : 29. lipnja 2013 11:01:47
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 285220453
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-24-67-54-00-26-22-30-88-CB
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : lan
   Description . . . . . . . . . . . : Realtek RTL8102/8103 Family PCI-E FE NIC
   Physical Address. . . . . . . . . : 00-26-22-30-88-CB
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 6:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : lan
   Description . . . . . . . . . . . : isatap.lan
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 12:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 14:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  speedtouch.lan
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2a00:1450:400d:805::1007
 173.194.39.165
 173.194.39.166
 173.194.39.167
 173.194.39.168
 173.194.39.169
 173.194.39.174
 173.194.39.160
 173.194.39.161
 173.194.39.162
 173.194.39.163
 173.194.39.164
 
 
 
Pinging google.com [173.194.39.174] with 32 bytes of data:
 
Reply from 173.194.39.174: bytes=32 time=24ms TTL=57
 
Reply from 173.194.39.174: bytes=32 time=163ms TTL=57
 
 
 
Ping statistics for 173.194.39.174:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 24ms, Maximum = 163ms, Average = 93ms
 
Server:  speedtouch.lan
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  206.190.36.45
 98.138.253.109
 98.139.183.24
 
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
 
Reply from 98.138.253.109: bytes=32 time=286ms TTL=50
 
Reply from 98.138.253.109: bytes=32 time=236ms TTL=51
 
 
 
Ping statistics for 98.138.253.109:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 236ms, Maximum = 286ms, Average = 261ms
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
===========================================================================
Interface List
 11 ...00 1e 65 85 cd b2 ...... Intel® WiFi Link 5100 AGN
 10 ...00 26 22 30 88 cb ...... Realtek RTL8102/8103 Family PCI-E FE NIC
  1 ........................... Software Loopback Interface 1
 20 ...00 00 00 00 00 00 00 e0  isatap.lan
 12 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 21 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.27     30
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.27    286
     192.168.1.27  255.255.255.255         On-link      192.168.1.27    286
    192.168.1.255  255.255.255.255         On-link      192.168.1.27    286
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.27    286
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.27    286
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11    286 fe80::/64                On-link
 11    286 fe80::ed54:163c:33d:5c62/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    286 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (06/28/2013 07:32:00 PM) (Source: Application Error) (User: )
Description: Faulting application FlashPlayerUpdateService.exe, version 11.6.602.180, time stamp 0x51a4ab8c, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000005, fault offset 0x0004881b,
process id 0x14f8, application start time 0xFlashPlayerUpdateService.exe0.
 
Error: (06/28/2013 06:32:02 PM) (Source: Application Error) (User: )
Description: Faulting application FlashPlayerUpdateService.exe, version 11.6.602.180, time stamp 0x51a4ab8c, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000005, fault offset 0x0004881b,
process id 0xbc4, application start time 0xFlashPlayerUpdateService.exe0.
 
Error: (06/28/2013 05:32:00 PM) (Source: Application Error) (User: )
Description: Faulting application FlashPlayerUpdateService.exe, version 11.6.602.180, time stamp 0x51a4ab8c, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000005, fault offset 0x0004881b,
process id 0x14a0, application start time 0xFlashPlayerUpdateService.exe0.
 
Error: (06/28/2013 04:32:01 PM) (Source: Application Error) (User: )
Description: Faulting application FlashPlayerUpdateService.exe, version 11.6.602.180, time stamp 0x51a4ab8c, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000005, fault offset 0x0004881b,
process id 0xbd0, application start time 0xFlashPlayerUpdateService.exe0.
 
Error: (06/28/2013 03:32:22 PM) (Source: Application Error) (User: )
Description: Faulting application FlashPlayerUpdateService.exe, version 11.6.602.180, time stamp 0x51a4ab8c, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000005, fault offset 0x0004881b,
process id 0x151c, application start time 0xFlashPlayerUpdateService.exe0.
 
Error: (06/28/2013 02:32:00 PM) (Source: Application Error) (User: )
Description: Faulting application FlashPlayerUpdateService.exe, version 11.6.602.180, time stamp 0x51a4ab8c, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000005, fault offset 0x0004881b,
process id 0x13d4, application start time 0xFlashPlayerUpdateService.exe0.
 
Error: (06/28/2013 01:32:00 PM) (Source: Application Error) (User: )
Description: Faulting application FlashPlayerUpdateService.exe, version 11.6.602.180, time stamp 0x51a4ab8c, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000005, fault offset 0x0004881b,
process id 0x7a0, application start time 0xFlashPlayerUpdateService.exe0.
 
Error: (06/28/2013 00:32:00 PM) (Source: Application Error) (User: )
Description: Faulting application FlashPlayerUpdateService.exe, version 11.6.602.180, time stamp 0x51a4ab8c, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000005, fault offset 0x0004881b,
process id 0x1750, application start time 0xFlashPlayerUpdateService.exe0.
 
Error: (06/28/2013 11:32:01 AM) (Source: Application Error) (User: )
Description: Faulting application FlashPlayerUpdateService.exe, version 11.6.602.180, time stamp 0x51a4ab8c, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000005, fault offset 0x0004881b,
process id 0xf84, application start time 0xFlashPlayerUpdateService.exe0.
 
Error: (06/28/2013 11:03:10 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (06/28/2013 11:03:11 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058
 
Error: (06/28/2013 11:02:39 AM) (Source: DCOM) (User: )
Description: {0002DF01-0000-0000-C000-000000000046}
 
Error: (06/28/2013 11:02:38 AM) (Source: ipnathlp) (User: )
Description: The DHCP allocator has disabled itself on IP address 192.168.1.27, since the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.
 
Error: (06/28/2013 11:02:38 AM) (Source: ipnathlp) (User: )
Description: The ICS_IPV6 failed to configure IPv6 stack.
 
Error: (06/27/2013 09:36:13 PM) (Source: ipnathlp) (User: )
Description: The DHCP allocator has disabled itself on IP address 192.168.1.27, since the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.
 
Error: (06/27/2013 09:34:08 PM) (Source: ipnathlp) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
 
Error: (06/27/2013 09:24:25 PM) (Source: ipnathlp) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
 
Error: (06/27/2013 09:01:10 PM) (Source: ipnathlp) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
 
Error: (06/27/2013 08:54:57 PM) (Source: ipnathlp) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
 
Error: (06/27/2013 08:32:35 PM) (Source: ipnathlp) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
 
 
Microsoft Office Sessions:
=========================
 
=========================== Installed Programs ============================
 
 Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 3.3.0.29625)
50 FREE MP3s +1 Free Audiobook! (Version: 1.0.0.1)
Acrobat.com (Version: 0.0.0)
Adobe Bridge 1.0 (Version: 001.000.000)
Adobe Common File Installer (Version: 1.00.0000)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Help Center 1.0 (Version: 001.000.000)
Adobe Photoshop CS2 (Version: 9.0)
Adobe Stock Photos 1.0 (Version: 001.000.000)
AMD APP SDK Runtime (Version: 10.0.937.2)
AMD Catalyst Install Manager (Version: 8.0.877.0)
avast! Free Antivirus (Version: 8.0.1489.0)
Bluetooth Stack for Windows by Toshiba (Version: v6.40.00(T))
BrowserProtect
BS.Player FREE (Version: 2.41.1003)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2012.0704.122.388)
Catalyst Control Center InstallProxy (Version: 2009.0421.2132.36832)
Catalyst Control Center InstallProxy (Version: 2012.0704.122.388)
Catalyst Control Center Localization All (Version: 2012.0704.122.388)
Catalyst Pro Control Center (Version: 2012.0704.122.388)
CCC Help Chinese Standard (Version: 2012.0704.0121.388)
CCC Help Chinese Traditional (Version: 2012.0704.0121.388)
CCC Help Czech (Version: 2012.0704.0121.388)
CCC Help Danish (Version: 2012.0704.0121.388)
CCC Help Dutch (Version: 2012.0704.0121.388)
CCC Help English (Version: 2012.0704.0121.388)
CCC Help Finnish (Version: 2012.0704.0121.388)
CCC Help French (Version: 2012.0704.0121.388)
CCC Help German (Version: 2012.0704.0121.388)
CCC Help Greek (Version: 2012.0704.0121.388)
CCC Help Hungarian (Version: 2012.0704.0121.388)
CCC Help Italian (Version: 2012.0704.0121.388)
CCC Help Japanese (Version: 2012.0704.0121.388)
CCC Help Korean (Version: 2012.0704.0121.388)
CCC Help Norwegian (Version: 2012.0704.0121.388)
CCC Help Polish (Version: 2012.0704.0121.388)
CCC Help Portuguese (Version: 2012.0704.0121.388)
CCC Help Russian (Version: 2012.0704.0121.388)
CCC Help Spanish (Version: 2012.0704.0121.388)
CCC Help Swedish (Version: 2012.0704.0121.388)
CCC Help Thai (Version: 2012.0704.0121.388)
CCC Help Turkish (Version: 2012.0704.0121.388)
ccc-utility (Version: 2012.0704.122.388)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Counter Strike 1.6  FULL v42
Counter-Strike 1.6
CPUID HWMonitor 1.15
Delta Chrome Toolbar
Delta toolbar   (Version: 1.8.10.0)
Google Chrome (Version: 27.0.1453.116)
Google Desktop (Version: 5.7.0802.22438)
Google Drive (Version: 1.10.4769.632)
Google Earth (Version: 6.0.0.1735)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4209.2358)
Google Update Helper (Version: 1.3.21.145)
Intel® Matrix Storage Manager
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
K-Lite Codec Pack 4.7.5 (Full) (Version: 4.7.5)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Games for Windows - LIVE (Version: 3.0.86.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.0.17.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
myphotobook 3.65 (Version: 3.65)
Notepad++ (Version: 5.6.8)
NVIDIA PhysX (Version: 9.10.0129)
OpenAL
Picasa 2 (Version: 2.0)
PlayReady PC runtime (Version: 1)
PokerStars
PowerISO (Version: 4.8)
PunkBuster Services (Version: 0.991)
Ralink Wireless LAN Card (Version: 1.00.01)
Rapture3D 2.3.26 Game
Realtek 8136 8168 8169 Ethernet Driver (Version: 1.00.0004)
Realtek High Definition Audio Driver (Version: 6.0.1.5821)
Realtek USB 2.0 Card Reader (Version: 6.0.6000.20132)
Skype Click to Call (Version: 5.6.8312)
Skype™ 5.5 (Version: 5.5.119)
SPlayer
StarCraft II (Version: 2.0.5.25092)
Steam (Version: 1.0.0.0)
Synaptics Pointing Device Driver (Version: 12.2.11.0)
TeamSpeak 3 Client (Version: 3.0.6)
TOSHIBA Assist (Version: 2.01.10)
TOSHIBA ConfigFree (Version: 7.4.9)
TOSHIBA Disc Creator (Version: 2.0.1.3)
TOSHIBA DVD PLAYER (Version: 3.00.1.04-A)
TOSHIBA eco Utility (Version: 1.0.3.0)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00)
TOSHIBA Face Recognition (Version: 3.0.5.32)
TOSHIBA Flash Cards Support Utility (Version: 1.63.0.3C)
TOSHIBA Hardware Setup (Version: 1.63.0.6C)
TOSHIBA HDD/SSD Alert (Version: 3.0.0.1)
TOSHIBA Manuals (Version: 7.40)
Toshiba Online Product Information (Version: 2.06.0000)
TOSHIBA PC Health Monitor (Version: 1.3.2.0)
TOSHIBA Recovery Disk Creator Reminder (Version: 1.00.0017)
TOSHIBA SD Memory Utilities (Version: 1.8.1.6)
TOSHIBA Service Station (Version: 2.0.26)
TOSHIBA Supervisor Password (Version: 1.63.0.3C)
Toshiba TEMPRO (Version: 2.0)
TOSHIBA Value Added Package (Version: 1.2.8)
TOSHIBA Web Camera Application (Version: 1.0.1.8)
TRORDCLauncher (Version: 1.0.0.6)
TuneUp Utilities 2009 (Version: 8.0.2000.35)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768024) 32-Bit Edition
Utility Common Driver (Version: 1.0.50.22C)
VirtualCloneDrive
WildTangent Games (Version: 1.0.0.71)
Winamp (Version: 5.552 )
Winamp Toolbar
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Upload Tool (Version: 14.0.8014.1029)
WinRAR archiver
Wise Game Booster 1.09
World of Tanks v.0.7.2
 
========================= Devices: ================================
 
Name: Bluetooth Personal Area Network
Description: Bluetooth Personal Area Network
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Toshiba
Service: tosrfnds
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 53%
Total physical RAM: 3035.93 MB
Available physical RAM: 1409.76 MB
Total Pagefile: 6274.16 MB
Available Pagefile: 4264.82 MB
Total Virtual: 2047.88 MB
Available Virtual: 1947.3 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Vista) (Fixed) (Total:149.04 GB) (Free:33.04 GB) NTFS
2 Drive e: (Data) (Fixed) (Total:147.58 GB) (Free:50.66 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\SALE-PC
 
Administrator            Guest                    sale                     
 
========================= Minidump Files ==================================
 
C:\Windows\Minidump\Mini031413-01.dmp
C:\Windows\Minidump\Mini052113-01.dmp
C:\Windows\Minidump\Mini053012-01.dmp
C:\Windows\Minidump\Mini060513-01.dmp
C:\Windows\Minidump\Mini060713-01.dmp
C:\Windows\Minidump\Mini062513-01.dmp
C:\Windows\Minidump\Mini071812-01.dmp
C:\Windows\Minidump\Mini091511-01.dmp
C:\Windows\Minidump\Mini102311-01.dmp
C:\Windows\Minidump\Mini102311-02.dmp
C:\Windows\Minidump\Mini102612-01.dmp
C:\Windows\Minidump\Mini120712-01.dmp
========================= Restore Points ==================================
 
25-06-2013 20:44:51 Installed Adobe Reader 7.0.8
26-06-2013 00:07:04 avast! Free Antivirus konfiguracija
26-06-2013 16:49:00 Scheduled Checkpoint
27-06-2013 22:34:46 Scheduled Checkpoint
28-06-2013 10:43:29 Scheduled Checkpoint
 
**** End of log ****

Edited by alexalexx, 28 June 2013 - 01:11 PM.


#4 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:25 PM

Posted 28 June 2013 - 01:19 PM

Hi

 

Are you still getting the warning from Avast about MBR being infected?


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#5 alexalexx

alexalexx
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:25 PM

Posted 28 June 2013 - 02:04 PM

I made a mistake im sorry,heres the real results

 

TDSSKiller report:

 

20:35:11.0640 3492  TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19

20:35:11.0906 3492  ============================================================
20:35:11.0906 3492  Current date / time: 2013/06/28 20:35:11.0906
20:35:11.0906 3492  SystemInfo:
20:35:11.0906 3492  
20:35:11.0906 3492  OS Version: 6.0.6002 ServicePack: 2.0
20:35:11.0906 3492  Product type: Workstation
20:35:11.0907 3492  ComputerName: SALE-PC
20:35:11.0907 3492  UserName: sale
20:35:11.0907 3492  Windows directory: C:\Windows
20:35:11.0907 3492  System windows directory: C:\Windows
20:35:11.0907 3492  Processor architecture: Intel x86
20:35:11.0907 3492  Number of processors: 2
20:35:11.0907 3492  Page size: 0x1000
20:35:11.0907 3492  Boot type: Normal boot
20:35:11.0907 3492  ============================================================
20:35:12.0319 3492  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:35:12.0321 3492  ============================================================
20:35:12.0321 3492  \Device\Harddisk0\DR0:
20:35:12.0321 3492  MBR partitions:
20:35:12.0321 3492  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x12A17000
20:35:12.0321 3492  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x12D05800, BlocksNum 0x12729000
20:35:12.0321 3492  ============================================================
20:35:12.0349 3492  C: <-> \Device\Harddisk0\DR0\Partition1
20:35:12.0401 3492  E: <-> \Device\Harddisk0\DR0\Partition2
20:35:12.0401 3492  ============================================================
20:35:12.0401 3492  Initialize success
20:35:12.0401 3492  ============================================================
20:36:09.0952 5236  ============================================================
20:36:09.0952 5236  Scan started
20:36:09.0952 5236  Mode: Manual; SigCheck; TDLFS; 
20:36:09.0952 5236  ============================================================
20:36:10.0270 5236  ================ Scan system memory ========================
20:36:10.0271 5236  System memory - ok
20:36:10.0271 5236  ================ Scan services =============================
20:36:10.0440 5236  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
20:36:10.0543 5236  ACPI - ok
20:36:10.0633 5236  [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
20:36:10.0640 5236  Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
20:36:10.0640 5236  Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
20:36:10.0745 5236  [ 249A44DCFA2500EB1C020E33A3E9F25B ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:36:10.0751 5236  AdobeFlashPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) - warning
20:36:10.0751 5236  AdobeFlashPlayerUpdateSvc - detected UnsignedFile.Multi.Generic (1)
20:36:10.0785 5236  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
20:36:10.0807 5236  adp94xx - ok
20:36:10.0835 5236  [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci         C:\Windows\system32\drivers\adpahci.sys
20:36:10.0852 5236  adpahci - ok
20:36:10.0878 5236  [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
20:36:10.0892 5236  adpu160m - ok
20:36:10.0899 5236  [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
20:36:10.0913 5236  adpu320 - ok
20:36:10.0941 5236  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:36:10.0962 5236  AeLookupSvc - ok
20:36:11.0017 5236  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
20:36:11.0035 5236  AFD - ok
20:36:11.0064 5236  [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440          C:\Windows\system32\drivers\agp440.sys
20:36:11.0078 5236  agp440 - ok
20:36:11.0113 5236  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
20:36:11.0128 5236  aic78xx - ok
20:36:11.0160 5236  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
20:36:11.0202 5236  ALG - ok
20:36:11.0234 5236  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:36:11.0246 5236  aliide - ok
20:36:11.0308 5236  [ C4232FADFA9691B85DDA0A7B636C5F6D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:36:11.0327 5236  AMD External Events Utility - ok
20:36:11.0359 5236  [ C47344BC706E5F0B9DCE369516661578 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
20:36:11.0372 5236  amdagp - ok
20:36:11.0379 5236  [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide          C:\Windows\system32\drivers\amdide.sys
20:36:11.0392 5236  amdide - ok
20:36:11.0414 5236  [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
20:36:11.0439 5236  AmdK7 - ok
20:36:11.0466 5236  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
20:36:11.0491 5236  AmdK8 - ok
20:36:11.0800 5236  [ 10D681E635E81C253FC5DD1A5048B0E9 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
20:36:12.0108 5236  amdkmdag - ok
20:36:12.0173 5236  [ 112A7F24C6535DBD2E90AEF34ECB57A4 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
20:36:12.0191 5236  amdkmdap - ok
20:36:12.0225 5236  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
20:36:12.0241 5236  Appinfo - ok
20:36:12.0261 5236  [ 5D2888182FB46632511ACEE92FDAD522 ] arc             C:\Windows\system32\drivers\arc.sys
20:36:12.0274 5236  arc - ok
20:36:12.0291 5236  [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:36:12.0305 5236  arcsas - ok
20:36:12.0361 5236  [ 4AF5F360BA1E8794D32B366E45A64A0A ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
20:36:12.0378 5236  aswFsBlk - ok
20:36:12.0453 5236  [ 1F7094D4268D46F718C51286DC189791 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
20:36:12.0465 5236  aswMonFlt - ok
20:36:12.0512 5236  [ 7B43265F92257A21CBFD88E7A651044C ] AswRdr          C:\Windows\system32\drivers\AswRdr.sys
20:36:12.0524 5236  AswRdr - ok
20:36:12.0581 5236  [ B680134BA1813B78B47FDD1DFF223CA5 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
20:36:12.0592 5236  aswRvrt - ok
20:36:12.0635 5236  [ CCD565A8A72AF7D45F9A242013870926 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
20:36:12.0662 5236  aswSnx - ok
20:36:12.0689 5236  [ 937300BC7C4CDF7576BCCE44E19BBB9D ] aswSP           C:\Windows\system32\drivers\aswSP.sys
20:36:12.0708 5236  aswSP - ok
20:36:12.0735 5236  [ 1F71F170D90E42EFDE9633D81D5E12DC ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
20:36:12.0748 5236  aswTdi - ok
20:36:12.0771 5236  [ 8CFAA2B965773A653F48F1207A9CB9C4 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
20:36:12.0785 5236  aswVmm - ok
20:36:12.0799 5236  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:36:12.0825 5236  AsyncMac - ok
20:36:12.0854 5236  [ 9C0E70031905ADBF94EDB9EA14AF943B ] atapi           C:\Windows\system32\drivers\atapi.sys
20:36:12.0867 5236  atapi - ok
20:36:13.0113 5236  [ 10D681E635E81C253FC5DD1A5048B0E9 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
20:36:13.0422 5236  atikmdag - ok
20:36:13.0481 5236  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:36:13.0508 5236  AudioEndpointBuilder - ok
20:36:13.0537 5236  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
20:36:13.0561 5236  Audiosrv - ok
20:36:13.0694 5236  [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:36:13.0706 5236  avast! Antivirus - ok
20:36:13.0714 5236  BDFsDrv - ok
20:36:13.0742 5236  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:36:13.0768 5236  Beep - ok
20:36:13.0825 5236  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
20:36:13.0852 5236  BFE - ok
20:36:13.0908 5236  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
20:36:13.0945 5236  BITS - ok
20:36:13.0960 5236  [ D4DF28447741FD3D953526E33A617397 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
20:36:13.0986 5236  blbdrive - ok
20:36:14.0024 5236  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:36:14.0055 5236  bowser - ok
20:36:14.0066 5236  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
20:36:14.0086 5236  BrFiltLo - ok
20:36:14.0096 5236  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
20:36:14.0116 5236  BrFiltUp - ok
20:36:14.0138 5236  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
20:36:14.0166 5236  Browser - ok
20:36:14.0376 5236  [ 981794879E8FD26CDD6ABCFF3F3F65EF ] BrowserProtect  C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
20:36:14.0540 5236  BrowserProtect - ok
20:36:14.0586 5236  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
20:36:14.0637 5236  Brserid - ok
20:36:14.0692 5236  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
20:36:14.0737 5236  BrSerWdm - ok
20:36:14.0752 5236  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
20:36:14.0796 5236  BrUsbMdm - ok
20:36:14.0814 5236  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
20:36:14.0858 5236  BrUsbSer - ok
20:36:14.0871 5236  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
20:36:14.0915 5236  BTHMODEM - ok
20:36:14.0992 5236  [ F1140ED3A1E1D6824A63F27AFD9EEF32 ] camsvc          C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe
20:36:15.0002 5236  camsvc - ok
20:36:15.0021 5236  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:36:15.0048 5236  cdfs - ok
20:36:15.0090 5236  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:36:15.0111 5236  cdrom - ok
20:36:15.0151 5236  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:36:15.0172 5236  CertPropSvc - ok
20:36:15.0189 5236  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\drivers\circlass.sys
20:36:15.0215 5236  circlass - ok
20:36:15.0257 5236  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
20:36:15.0278 5236  CLFS - ok
20:36:15.0343 5236  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:36:15.0357 5236  clr_optimization_v2.0.50727_32 - ok
20:36:15.0378 5236  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
20:36:15.0405 5236  CmBatt - ok
20:36:15.0420 5236  [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:36:15.0433 5236  cmdide - ok
20:36:15.0448 5236  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
20:36:15.0461 5236  Compbatt - ok
20:36:15.0469 5236  COMSysApp - ok
20:36:15.0553 5236  [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
20:36:15.0563 5236  ConfigFree Service - ok
20:36:15.0593 5236  [ 097A0A4899B759A4F032BD464963B4BE ] cpuz132         C:\Windows\system32\drivers\cpuz132_x32.sys
20:36:15.0598 5236  cpuz132 ( UnsignedFile.Multi.Generic ) - warning
20:36:15.0598 5236  cpuz132 - detected UnsignedFile.Multi.Generic (1)
20:36:15.0612 5236  [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
20:36:15.0626 5236  crcdisk - ok
20:36:15.0646 5236  [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
20:36:15.0672 5236  Crusoe - ok
20:36:15.0720 5236  [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:36:15.0736 5236  CryptSvc - ok
20:36:15.0786 5236  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:36:15.0817 5236  DcomLaunch - ok
20:36:15.0840 5236  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:36:15.0854 5236  DfsC - ok
20:36:15.0925 5236  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
20:36:16.0031 5236  DFSR - ok
20:36:16.0080 5236  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
20:36:16.0102 5236  Dhcp - ok
20:36:16.0126 5236  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
20:36:16.0140 5236  disk - ok
20:36:16.0170 5236  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:36:16.0192 5236  Dnscache - ok
20:36:16.0241 5236  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:36:16.0266 5236  dot3svc - ok
20:36:16.0291 5236  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
20:36:16.0320 5236  DPS - ok
20:36:16.0348 5236  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:36:16.0368 5236  drmkaud - ok
20:36:16.0443 5236  [ 5C7E2097B91D689DED7A6FF90F0F3A25 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:36:16.0469 5236  DXGKrnl - ok
20:36:16.0488 5236  [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
20:36:16.0517 5236  E1G60 - ok
20:36:16.0537 5236  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
20:36:16.0560 5236  EapHost - ok
20:36:16.0598 5236  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
20:36:16.0614 5236  Ecache - ok
20:36:16.0658 5236  [ 3A511ED3C9A9DA2CD5A50FF46178063A ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:36:16.0682 5236  ehRecvr - ok
20:36:16.0707 5236  [ A3D94C93333619458AF4BDE7531234C5 ] ehSched         C:\Windows\ehome\ehsched.exe
20:36:16.0723 5236  ehSched - ok
20:36:16.0735 5236  [ 487BA5C5BB442BD172F120DC197811C2 ] ehstart         C:\Windows\ehome\ehstart.dll
20:36:16.0750 5236  ehstart - ok
20:36:16.0797 5236  [ 178CC9403816C082D22A1D47FA1F9C85 ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
20:36:16.0809 5236  ElbyCDIO - ok
20:36:16.0833 5236  [ 23B62471681A124889978F6295B3F4C6 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
20:36:16.0855 5236  elxstor - ok
20:36:16.0911 5236  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
20:36:16.0983 5236  EMDMgmt - ok
20:36:17.0005 5236  [ 3DB974F3935483555D7148663F726C61 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:36:17.0030 5236  ErrDev - ok
20:36:17.0106 5236  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
20:36:17.0130 5236  EventSystem - ok
20:36:17.0174 5236  [ 1FC8C55255D197AA3A423624786D090C ] ewusbnet        C:\Windows\system32\DRIVERS\ewusbnet.sys
20:36:17.0190 5236  ewusbnet - ok
20:36:17.0220 5236  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
20:36:17.0261 5236  exfat - ok
20:36:17.0306 5236  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:36:17.0328 5236  fastfat - ok
20:36:17.0348 5236  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:36:17.0375 5236  fdc - ok
20:36:17.0403 5236  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
20:36:17.0433 5236  fdPHost - ok
20:36:17.0439 5236  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:36:17.0496 5236  FDResPub - ok
20:36:17.0510 5236  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:36:17.0524 5236  FileInfo - ok
20:36:17.0549 5236  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:36:17.0576 5236  Filetrace - ok
20:36:17.0584 5236  [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:36:17.0611 5236  flpydisk - ok
20:36:17.0655 5236  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:36:17.0673 5236  FltMgr - ok
20:36:17.0747 5236  [ D49705F25390265CAD9B620F55EA968C ] FontCache       C:\Windows\system32\FntCache.dll
20:36:17.0822 5236  FontCache - ok
20:36:18.0050 5236  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:36:18.0062 5236  FontCache3.0.0.0 - ok
20:36:18.0102 5236  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:36:18.0123 5236  Fs_Rec - ok
20:36:18.0152 5236  [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:36:18.0166 5236  gagp30kx - ok
20:36:18.0240 5236  [ 54FD6B2F163782914F1205D51FEDD3EF ] GameConsoleService C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
20:36:18.0256 5236  GameConsoleService - ok
20:36:18.0330 5236  GarenaPEngine - ok
20:36:18.0382 5236  [ B39662E4C237AA25A2CD2379FF508099 ] GoogleDesktopManager-022208-143751 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
20:36:18.0392 5236  GoogleDesktopManager-022208-143751 - ok
20:36:18.0449 5236  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
20:36:18.0497 5236  gpsvc - ok
20:36:18.0549 5236  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
20:36:18.0562 5236  gupdate - ok
20:36:18.0605 5236  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
20:36:18.0616 5236  gupdatem - ok
20:36:18.0652 5236  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:36:18.0666 5236  gusvc - ok
20:36:18.0726 5236  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:36:18.0772 5236  HdAudAddService - ok
20:36:18.0820 5236  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
20:36:18.0847 5236  HDAudBus - ok
20:36:18.0879 5236  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
20:36:18.0922 5236  HidBth - ok
20:36:18.0934 5236  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
20:36:18.0977 5236  HidIr - ok
20:36:19.0027 5236  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
20:36:19.0043 5236  hidserv - ok
20:36:19.0090 5236  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:36:19.0111 5236  HidUsb - ok
20:36:19.0142 5236  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:36:19.0171 5236  hkmsvc - ok
20:36:19.0186 5236  [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
20:36:19.0199 5236  HpCISSs - ok
20:36:19.0252 5236  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:36:19.0306 5236  HTTP - ok
20:36:19.0359 5236  [ 0515065A3C7E8869DD01253E987C5BD1 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
20:36:19.0374 5236  hwdatacard - ok
20:36:19.0391 5236  [ C6B032D69650985468160FC9937CF5B4 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
20:36:19.0404 5236  i2omp - ok
20:36:19.0416 5236  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
20:36:19.0437 5236  i8042prt - ok
20:36:19.0464 5236  [ 71ECC07BC7C5E24C3DD01D8A29A24054 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
20:36:19.0482 5236  iaStor - ok
20:36:19.0514 5236  [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
20:36:19.0532 5236  iaStorV - ok
20:36:19.0594 5236  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:36:19.0654 5236  idsvc - ok
20:36:19.0693 5236  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
20:36:19.0709 5236  iirsp - ok
20:36:19.0770 5236  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
20:36:19.0802 5236  IKEEXT - ok
20:36:19.0880 5236  [ 2E4F8AD76CB1203D68DB6E8F02E4AF74 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
20:36:20.0010 5236  IntcAzAudAddService - ok
20:36:20.0057 5236  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:36:20.0070 5236  intelide - ok
20:36:20.0134 5236  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:36:20.0160 5236  intelppm - ok
20:36:20.0186 5236  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:36:20.0215 5236  IPBusEnum - ok
20:36:20.0233 5236  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:36:20.0260 5236  IpFilterDriver - ok
20:36:20.0312 5236  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:36:20.0336 5236  iphlpsvc - ok
20:36:20.0341 5236  IpInIp - ok
20:36:20.0355 5236  [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
20:36:20.0381 5236  IPMIDRV - ok
20:36:20.0399 5236  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
20:36:20.0427 5236  IPNAT - ok
20:36:20.0436 5236  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:36:20.0462 5236  IRENUM - ok
20:36:20.0479 5236  [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:36:20.0493 5236  isapnp - ok
20:36:20.0542 5236  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
20:36:20.0559 5236  iScsiPrt - ok
20:36:20.0578 5236  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
20:36:20.0591 5236  iteatapi - ok
20:36:20.0606 5236  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
20:36:20.0618 5236  iteraid - ok
20:36:20.0629 5236  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:36:20.0642 5236  kbdclass - ok
20:36:20.0680 5236  [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
20:36:20.0701 5236  kbdhid - ok
20:36:20.0742 5236  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
20:36:20.0758 5236  KeyIso - ok
20:36:20.0811 5236  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:36:20.0848 5236  KSecDD - ok
20:36:20.0887 5236  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:36:20.0938 5236  KtmRm - ok
20:36:21.0009 5236  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:36:21.0029 5236  LanmanServer - ok
20:36:21.0087 5236  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:36:21.0109 5236  LanmanWorkstation - ok
20:36:21.0144 5236  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:36:21.0170 5236  lltdio - ok
20:36:21.0201 5236  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:36:21.0233 5236  lltdsvc - ok
20:36:21.0249 5236  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:36:21.0294 5236  lmhosts - ok
20:36:21.0302 5236  [ 31F74D5D47EEA83E5E89447586917774 ] LPCFilter       C:\Windows\system32\DRIVERS\LPCFilter.sys
20:36:21.0311 5236  LPCFilter - ok
20:36:21.0331 5236  [ C7E15E82879BF3235B559563D4185365 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
20:36:21.0345 5236  LSI_FC - ok
20:36:21.0358 5236  [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:36:21.0372 5236  LSI_SAS - ok
20:36:21.0377 5236  [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:36:21.0391 5236  LSI_SCSI - ok
20:36:21.0410 5236  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
20:36:21.0437 5236  luafv - ok
20:36:21.0496 5236  [ F0435FE3C1EC2659D2BBF073CA0752EE ] massfilter      C:\Windows\system32\drivers\massfilter.sys
20:36:21.0508 5236  massfilter - ok
20:36:21.0529 5236  [ 3BD2AD18179DEAD6652E87157FB98E4A ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:36:21.0546 5236  Mcx2Svc - ok
20:36:21.0564 5236  [ 0001CE609D66632FA17B84705F658879 ] megasas         C:\Windows\system32\drivers\megasas.sys
20:36:21.0578 5236  megasas - ok
20:36:21.0602 5236  [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
20:36:21.0626 5236  MegaSR - ok
20:36:21.0703 5236  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
20:36:21.0715 5236  Microsoft Office Groove Audit Service - ok
20:36:21.0742 5236  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
20:36:21.0771 5236  MMCSS - ok
20:36:21.0780 5236  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
20:36:21.0807 5236  Modem - ok
20:36:21.0812 5236  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:36:21.0840 5236  monitor - ok
20:36:21.0856 5236  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:36:21.0869 5236  mouclass - ok
20:36:21.0883 5236  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:36:21.0909 5236  mouhid - ok
20:36:21.0923 5236  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
20:36:21.0938 5236  MountMgr - ok
20:36:22.0019 5236  [ 511D011289755DD9F9A7579FB0B064E6 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:36:22.0034 5236  mpio - ok
20:36:22.0090 5236  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:36:22.0111 5236  mpsdrv - ok
20:36:22.0168 5236  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:36:22.0197 5236  MpsSvc - ok
20:36:22.0215 5236  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
20:36:22.0227 5236  Mraid35x - ok
20:36:22.0253 5236  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:36:22.0269 5236  MRxDAV - ok
20:36:22.0321 5236  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:36:22.0335 5236  mrxsmb - ok
20:36:22.0363 5236  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:36:22.0380 5236  mrxsmb10 - ok
20:36:22.0400 5236  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:36:22.0415 5236  mrxsmb20 - ok
20:36:22.0420 5236  [ AA305CFF241DA187BD5077DE4A2A043D ] msahci          C:\Windows\system32\drivers\msahci.sys
20:36:22.0433 5236  msahci - ok
20:36:22.0462 5236  [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:36:22.0475 5236  msdsm - ok
20:36:22.0515 5236  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
20:36:22.0546 5236  MSDTC - ok
20:36:22.0577 5236  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:36:22.0603 5236  Msfs - ok
20:36:22.0629 5236  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:36:22.0643 5236  msisadrv - ok
20:36:22.0693 5236  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:36:22.0722 5236  MSiSCSI - ok
20:36:22.0727 5236  msiserver - ok
20:36:22.0829 5236  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:36:22.0854 5236  MSKSSRV - ok
20:36:22.0938 5236  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:36:22.0964 5236  MSPCLOCK - ok
20:36:23.0002 5236  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:36:23.0027 5236  MSPQM - ok
20:36:23.0100 5236  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:36:23.0115 5236  MsRPC - ok
20:36:23.0147 5236  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
20:36:23.0160 5236  mssmbios - ok
20:36:23.0173 5236  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:36:23.0200 5236  MSTEE - ok
20:36:23.0341 5236  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
20:36:23.0355 5236  Mup - ok
20:36:23.0453 5236  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
20:36:23.0485 5236  napagent - ok
20:36:23.0572 5236  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:36:23.0589 5236  NativeWifiP - ok
20:36:23.0691 5236  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:36:23.0714 5236  NDIS - ok
20:36:23.0905 5236  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:36:23.0925 5236  NdisTapi - ok
20:36:23.0941 5236  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:36:23.0969 5236  Ndisuio - ok
20:36:24.0096 5236  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:36:24.0118 5236  NdisWan - ok
20:36:24.0387 5236  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:36:24.0408 5236  NDProxy - ok
20:36:24.0426 5236  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:36:24.0451 5236  NetBIOS - ok
20:36:24.0606 5236  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
20:36:24.0629 5236  netbt - ok
20:36:24.0644 5236  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
20:36:24.0661 5236  Netlogon - ok
20:36:24.0802 5236  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
20:36:24.0836 5236  Netman - ok
20:36:24.0863 5236  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
20:36:24.0896 5236  netprofm - ok
20:36:25.0118 5236  [ 2DD6BB85C8BDAE6116565AB5BECA4F7C ] netr73          C:\Windows\system32\DRIVERS\netr73.sys
20:36:25.0126 5236  netr73 ( UnsignedFile.Multi.Generic ) - warning
20:36:25.0126 5236  netr73 - detected UnsignedFile.Multi.Generic (1)
20:36:25.0167 5236  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:36:25.0181 5236  NetTcpPortSharing - ok
20:36:25.0391 5236  [ 8DE67BD902095A13329FD82C85A1FA09 ] NETw5v32        C:\Windows\system32\DRIVERS\NETw5v32.sys
20:36:25.0701 5236  NETw5v32 - ok
20:36:25.0729 5236  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
20:36:25.0742 5236  nfrd960 - ok
20:36:25.0921 5236  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:36:25.0959 5236  NlaSvc - ok
20:36:26.0073 5236  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:36:26.0094 5236  Npfs - ok
20:36:26.0125 5236  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
20:36:26.0154 5236  nsi - ok
20:36:26.0179 5236  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:36:26.0205 5236  nsiproxy - ok
20:36:26.0319 5236  [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:36:26.0406 5236  Ntfs - ok
20:36:26.0429 5236  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
20:36:26.0476 5236  ntrigdigi - ok
20:36:26.0492 5236  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
20:36:26.0518 5236  Null - ok
20:36:26.0533 5236  [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:36:26.0548 5236  nvraid - ok
20:36:26.0657 5236  [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:36:26.0670 5236  nvstor - ok
20:36:26.0697 5236  [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:36:26.0712 5236  nv_agp - ok
20:36:26.0717 5236  NwlnkFlt - ok
20:36:26.0724 5236  NwlnkFwd - ok
20:36:26.0914 5236  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:36:26.0939 5236  odserv - ok
20:36:26.0990 5236  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:36:27.0080 5236  ohci1394 - ok
20:36:27.0239 5236  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:36:27.0254 5236  ose - ok
20:36:27.0390 5236  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
20:36:27.0434 5236  p2pimsvc - ok
20:36:27.0449 5236  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:36:27.0480 5236  p2psvc - ok
20:36:27.0514 5236  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
20:36:27.0562 5236  Parport - ok
20:36:27.0683 5236  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:36:27.0697 5236  partmgr - ok
20:36:27.0739 5236  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
20:36:27.0784 5236  Parvdm - ok
20:36:27.0823 5236  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:36:27.0841 5236  PcaSvc - ok
20:36:27.0848 5236  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
20:36:27.0864 5236  pci - ok
20:36:27.0881 5236  [ FC175F5DDAB666D7F4D17449A547626F ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
20:36:27.0894 5236  pciide - ok
20:36:27.0916 5236  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:36:27.0931 5236  pcmcia - ok
20:36:27.0969 5236  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:36:28.0051 5236  PEAUTH - ok
20:36:28.0115 5236  [ 28F7FFFF50C474CF8BE16A2CACC7CE42 ] PGEffect        C:\Windows\system32\DRIVERS\pgeffect.sys
20:36:28.0143 5236  PGEffect - ok
20:36:28.0196 5236  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
20:36:28.0312 5236  pla - ok
20:36:28.0357 5236  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:36:28.0388 5236  PlugPlay - ok
20:36:28.0419 5236  [ 205E1B699FD3F2F9B036EEA2EC30C620 ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
20:36:28.0436 5236  PnkBstrA - ok
20:36:28.0480 5236  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
20:36:28.0536 5236  PNRPAutoReg - ok
20:36:28.0548 5236  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
20:36:28.0576 5236  PNRPsvc - ok
20:36:28.0654 5236  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:36:28.0688 5236  PolicyAgent - ok
20:36:28.0734 5236  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:36:28.0761 5236  PptpMiniport - ok
20:36:28.0781 5236  [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor       C:\Windows\system32\drivers\processr.sys
20:36:28.0813 5236  Processor - ok
20:36:28.0866 5236  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:36:28.0893 5236  ProfSvc - ok
20:36:28.0902 5236  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
20:36:28.0934 5236  ProtectedStorage - ok
20:36:28.0979 5236  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
20:36:29.0002 5236  PSched - ok
20:36:29.0021 5236  [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
20:36:29.0032 5236  PxHelp20 - ok
20:36:29.0078 5236  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
20:36:29.0210 5236  ql2300 - ok
20:36:29.0245 5236  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
20:36:29.0259 5236  ql40xx - ok
20:36:29.0318 5236  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
20:36:29.0351 5236  QWAVE - ok
20:36:29.0388 5236  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:36:29.0404 5236  QWAVEdrv - ok
20:36:29.0412 5236  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:36:29.0439 5236  RasAcd - ok
20:36:29.0460 5236  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
20:36:29.0497 5236  RasAuto - ok
20:36:29.0518 5236  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:36:29.0559 5236  Rasl2tp - ok
20:36:29.0633 5236  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
20:36:29.0666 5236  RasMan - ok
20:36:29.0690 5236  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:36:29.0719 5236  RasPppoe - ok
20:36:29.0725 5236  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:36:29.0740 5236  RasSstp - ok
20:36:29.0779 5236  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:36:29.0824 5236  rdbss - ok
20:36:29.0846 5236  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:36:29.0882 5236  RDPCDD - ok
20:36:30.0041 5236  [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
20:36:30.0085 5236  rdpdr - ok
20:36:30.0091 5236  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:36:30.0122 5236  RDPENCDD - ok
20:36:30.0167 5236  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:36:30.0184 5236  RDPWD - ok
20:36:30.0240 5236  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:36:30.0270 5236  RemoteAccess - ok
20:36:30.0326 5236  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:36:30.0354 5236  RemoteRegistry - ok
20:36:30.0400 5236  [ 75E8A6BFA7374ABA833AE92BF41AE4E6 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
20:36:30.0428 5236  ROOTMODEM - ok
20:36:30.0499 5236  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
20:36:30.0515 5236  RpcLocator - ok
20:36:30.0551 5236  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
20:36:30.0598 5236  RpcSs - ok
20:36:30.0794 5236  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:36:30.0837 5236  rspndr - ok
20:36:32.0435 5236  [ D85DA4371AF61359EDFCA4EA06619DD4 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys
20:36:32.0447 5236  RTHDMIAzAudService - ok
20:36:32.0957 5236  [ 470253597930E765DD08B30E723C1FA2 ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
20:36:32.0984 5236  RTL8169 - ok
20:36:33.0043 5236  [ 52532A4CA8B251775DECC87C4813ABFB ] RTSTOR          C:\Windows\system32\drivers\RTSTOR.SYS
20:36:33.0056 5236  RTSTOR - ok
20:36:33.0072 5236  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
20:36:33.0089 5236  SamSs - ok
20:36:33.0125 5236  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:36:33.0139 5236  sbp2port - ok
20:36:33.0206 5236  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:36:33.0233 5236  SCardSvr - ok
20:36:33.0292 5236  [ 9FEB2026A460916D1A1198B460632630 ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
20:36:33.0297 5236  SCDEmu ( UnsignedFile.Multi.Generic ) - warning
20:36:33.0297 5236  SCDEmu - detected UnsignedFile.Multi.Generic (1)
20:36:33.0424 5236  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
20:36:33.0466 5236  Schedule - ok
20:36:33.0517 5236  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:36:33.0565 5236  SCPolicySvc - ok
20:36:33.0605 5236  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:36:33.0624 5236  SDRSVC - ok
20:36:33.0668 5236  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:36:33.0712 5236  secdrv - ok
20:36:33.0753 5236  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
20:36:33.0784 5236  seclogon - ok
20:36:33.0808 5236  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
20:36:33.0840 5236  SENS - ok
20:36:33.0877 5236  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
20:36:33.0920 5236  Serenum - ok
20:36:33.0962 5236  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
20:36:34.0005 5236  Serial - ok
20:36:34.0010 5236  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
20:36:34.0036 5236  sermouse - ok
20:36:34.0076 5236  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
20:36:34.0108 5236  SessionEnv - ok
20:36:34.0138 5236  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:36:34.0158 5236  sffdisk - ok
20:36:34.0190 5236  [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:36:34.0216 5236  sffp_mmc - ok
20:36:34.0221 5236  [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:36:34.0247 5236  sffp_sd - ok
20:36:34.0286 5236  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
20:36:34.0329 5236  sfloppy - ok
20:36:34.0389 5236  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:36:34.0420 5236  SharedAccess - ok
20:36:34.0472 5236  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:36:34.0494 5236  ShellHWDetection - ok
20:36:34.0534 5236  [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
20:36:34.0548 5236  sisagp - ok
20:36:34.0659 5236  [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
20:36:34.0672 5236  SiSRaid2 - ok
20:36:34.0696 5236  [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:36:34.0710 5236  SiSRaid4 - ok
20:36:34.0850 5236  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
20:36:35.0048 5236  slsvc - ok
20:36:35.0740 5236  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
20:36:35.0766 5236  SLUINotify - ok
20:36:35.0960 5236  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:36:35.0981 5236  Smb - ok
20:36:36.0015 5236  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:36:36.0032 5236  SNMPTRAP - ok
20:36:36.0087 5236  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
20:36:36.0100 5236  spldr - ok
20:36:36.0161 5236  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
20:36:36.0180 5236  Spooler - ok
20:36:36.0266 5236  [ CDDDEC541BC3C96F91ECB48759673505 ] sptd            C:\Windows\system32\Drivers\sptd.sys
20:36:36.0266 5236  Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505
20:36:36.0268 5236  sptd ( LockedFile.Multi.Generic ) - warning
20:36:36.0268 5236  sptd - detected LockedFile.Multi.Generic (1)
20:36:36.0376 5236  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:36:36.0408 5236  srv - ok
20:36:36.0559 5236  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:36:36.0663 5236  srv2 - ok
20:36:36.0832 5236  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:36:36.0849 5236  srvnet - ok
20:36:36.0880 5236  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:36:36.0912 5236  SSDPSRV - ok
20:36:37.0018 5236  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:36:37.0051 5236  SstpSvc - ok
20:36:37.0087 5236  Steam Client Service - ok
20:36:37.0143 5236  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
20:36:37.0188 5236  stisvc - ok
20:36:37.0242 5236  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
20:36:37.0255 5236  swenum - ok
20:36:37.0339 5236  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
20:36:37.0370 5236  swprv - ok
20:36:37.0425 5236  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
20:36:37.0437 5236  Symc8xx - ok
20:36:37.0473 5236  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
20:36:37.0486 5236  Sym_hi - ok
20:36:37.0494 5236  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
20:36:37.0507 5236  Sym_u3 - ok
20:36:37.0554 5236  [ 5EFCEDCF3DAF5C8D9E8B77A34A4EEC99 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
20:36:37.0567 5236  SynTP - ok
20:36:37.0629 5236  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
20:36:37.0676 5236  SysMain - ok
20:36:37.0748 5236  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:36:37.0769 5236  TabletInputService - ok
20:36:37.0827 5236  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:36:37.0857 5236  TapiSrv - ok
20:36:37.0895 5236  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
20:36:37.0927 5236  TBS - ok
20:36:38.0000 5236  [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:36:38.0043 5236  Tcpip - ok
20:36:38.0108 5236  [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
20:36:38.0197 5236  Tcpip6 - ok
20:36:38.0256 5236  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:36:38.0271 5236  tcpipreg - ok
20:36:38.0348 5236  [ 6FDFBA25002CE4BAC463AC866AE71405 ] tdcmdpst        C:\Windows\system32\DRIVERS\tdcmdpst.sys
20:36:38.0359 5236  tdcmdpst - ok
20:36:38.0414 5236  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:36:38.0440 5236  TDPIPE - ok
20:36:38.0462 5236  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:36:38.0488 5236  TDTCP - ok
20:36:38.0538 5236  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:36:38.0560 5236  tdx - ok
20:36:38.0606 5236  [ 721D8DF7BE216946367255DE91529AB8 ] TemproMonitoringService C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
20:36:38.0617 5236  TemproMonitoringService - ok
20:36:38.0642 5236  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
20:36:38.0656 5236  TermDD - ok
20:36:38.0705 5236  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
20:36:38.0750 5236  TermService - ok
20:36:38.0775 5236  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
20:36:38.0794 5236  Themes - ok
20:36:38.0830 5236  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
20:36:38.0859 5236  THREADORDER - ok
20:36:38.0922 5236  [ FB8448D1B0DA00D70C28ADF9282B31BB ] TMachInfo       C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
20:36:38.0932 5236  TMachInfo - ok
20:36:38.0978 5236  [ 22BC804EFE155F54252F389B0781D7F2 ] TNaviSrv        C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
20:36:38.0988 5236  TNaviSrv - ok
20:36:39.0020 5236  [ C5AC715B65B01788ABC22D10749DDDD8 ] TODDSrv         C:\Windows\system32\TODDSrv.exe
20:36:39.0034 5236  TODDSrv - ok
20:36:39.0087 5236  [ 5557E7F940CBCF09BE43379F551F6689 ] TosCoSrv        C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
20:36:39.0105 5236  TosCoSrv - ok
20:36:39.0172 5236  [ E44759CB4AC9F43464D8780501CC0470 ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
20:36:39.0183 5236  TOSHIBA Bluetooth Service - ok
20:36:39.0229 5236  [ 9D1C30CE9F1A8488D5D9102C0820743D ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
20:36:39.0237 5236  TOSHIBA eco Utility Service ( UnsignedFile.Multi.Generic ) - warning
20:36:39.0237 5236  TOSHIBA eco Utility Service - detected UnsignedFile.Multi.Generic (1)
20:36:39.0270 5236  [ B792D35B8BDC5FC4106808FF5C7770AB ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
20:36:39.0274 5236  TOSHIBA HDD SSD Alert Service ( UnsignedFile.Multi.Generic ) - warning
20:36:39.0274 5236  TOSHIBA HDD SSD Alert Service - detected UnsignedFile.Multi.Generic (1)
20:36:39.0303 5236  [ 2C15B4856F929AC7DD144044D8334B54 ] tosporte        C:\Windows\system32\DRIVERS\tosporte.sys
20:36:39.0315 5236  tosporte - ok
20:36:39.0374 5236  [ EAEDDB6C8BBE3E1B753753C2E847FECB ] Tosrfbd         C:\Windows\system32\DRIVERS\tosrfbd.sys
20:36:39.0385 5236  Tosrfbd - ok
20:36:39.0447 5236  [ 45A0FD8D566E7C44B2FC340CBD6672D0 ] tosrfbnp        C:\Windows\system32\Drivers\tosrfbnp.sys
20:36:39.0459 5236  tosrfbnp - ok
20:36:39.0484 5236  [ C281D231BA7BC7955D39EA9E21374EFF ] Tosrfcom        C:\Windows\system32\Drivers\tosrfcom.sys
20:36:39.0497 5236  Tosrfcom - ok
20:36:39.0543 5236  [ C063B8E2DB85420438EBCE3FC8D2752E ] tosrfec         C:\Windows\system32\DRIVERS\tosrfec.sys
20:36:39.0555 5236  tosrfec - ok
20:36:39.0580 5236  [ 592CD9C8AB08EF02EA53905D30FB157E ] Tosrfhid        C:\Windows\system32\DRIVERS\Tosrfhid.sys
20:36:39.0593 5236  Tosrfhid - ok
20:36:39.0606 5236  [ 0F3FD4F55175CAEDDCE9EFD6C5CA45D3 ] tosrfnds        C:\Windows\system32\DRIVERS\tosrfnds.sys
20:36:39.0618 5236  tosrfnds - ok
20:36:39.0637 5236  [ C4245835D4FAC0494ED616F3BFE9EE0A ] Tosrfusb        C:\Windows\system32\DRIVERS\tosrfusb.sys
20:36:39.0649 5236  Tosrfusb - ok
20:36:39.0706 5236  [ 4399A9BF7D8F49991A07FD86590A1619 ] tos_sps32       C:\Windows\system32\DRIVERS\tos_sps32.sys
20:36:39.0719 5236  tos_sps32 - ok
20:36:39.0797 5236  [ 1A6FA701F66B58192B814570322521B2 ] TPCHSrv         C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
20:36:39.0819 5236  TPCHSrv - ok
20:36:39.0865 5236  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
20:36:39.0896 5236  TrkWks - ok
20:36:39.0964 5236  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:36:39.0985 5236  TrustedInstaller - ok
20:36:40.0018 5236  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:36:40.0043 5236  tssecsrv - ok
20:36:40.0101 5236  [ 4196D7BC21786883201747DCC0DC84A0 ] TuneUp.Defrag   C:\Windows\System32\TuneUpDefragService.exe
20:36:40.0122 5236  TuneUp.Defrag - ok
20:36:40.0147 5236  [ 02E5F68A55CD413C5BFB9F2DF677DD01 ] TuneUp.ProgramStatisticsSvc C:\Windows\System32\TUProgSt.exe
20:36:40.0172 5236  TuneUp.ProgramStatisticsSvc - ok
20:36:40.0190 5236  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
20:36:40.0215 5236  tunmp - ok
20:36:40.0244 5236  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:36:40.0259 5236  tunnel - ok
20:36:40.0286 5236  [ 792A8B80F8188ABA4B2BE271583F3E46 ] TVALZ           C:\Windows\system32\DRIVERS\TVALZ_O.SYS
20:36:40.0296 5236  TVALZ - ok
20:36:40.0939 5236  [ 009AECD4C19209B09669A6615EA1E889 ] TVALZFL         C:\Windows\system32\DRIVERS\TVALZFL.sys
20:36:40.0948 5236  TVALZFL - ok
20:36:41.0003 5236  [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35          C:\Windows\system32\drivers\uagp35.sys
20:36:41.0016 5236  uagp35 - ok
20:36:41.0088 5236  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:36:41.0113 5236  udfs - ok
20:36:41.0146 5236  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:36:41.0176 5236  UI0Detect - ok
20:36:41.0200 5236  [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:36:41.0214 5236  uliagpkx - ok
20:36:41.0249 5236  [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci         C:\Windows\system32\drivers\uliahci.sys
20:36:41.0267 5236  uliahci - ok
20:36:41.0273 5236  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
20:36:41.0288 5236  UlSata - ok
20:36:41.0318 5236  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
20:36:41.0331 5236  ulsata2 - ok
20:36:41.0359 5236  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:36:41.0384 5236  umbus - ok
20:36:41.0495 5236  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
20:36:41.0530 5236  upnphost - ok
20:36:41.0590 5236  [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
20:36:41.0615 5236  usbaudio - ok
20:36:41.0739 5236  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:36:41.0760 5236  usbccgp - ok
20:36:41.0794 5236  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:36:41.0837 5236  usbcir - ok
20:36:41.0916 5236  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
20:36:41.0937 5236  usbehci - ok
20:36:42.0661 5236  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:36:42.0683 5236  usbhub - ok
20:36:42.0726 5236  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:36:42.0769 5236  usbohci - ok
20:36:43.0467 5236  [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
20:36:43.0511 5236  usbprint - ok
20:36:43.0584 5236  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:36:43.0605 5236  USBSTOR - ok
20:36:43.0694 5236  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
20:36:43.0715 5236  usbuhci - ok
20:36:43.0768 5236  [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
20:36:43.0795 5236  usbvideo - ok
20:36:43.0833 5236  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
20:36:43.0857 5236  UxSms - ok
20:36:43.0897 5236  [ 4360D5653E885479FED75C378E9FAAB3 ] UxTuneUp        C:\Windows\System32\uxtuneup.dll
20:36:43.0910 5236  UxTuneUp - ok
20:36:43.0965 5236  [ 1CDAA48CB2F7744B8D25650E050766A5 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
20:36:43.0977 5236  VClone - ok
20:36:44.0085 5236  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
20:36:44.0130 5236  vds - ok
20:36:44.0184 5236  [ 87B06E1F30B749A114F74622D013F8D4 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:36:44.0209 5236  vga - ok
20:36:44.0231 5236  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:36:44.0257 5236  VgaSave - ok
20:36:44.0275 5236  [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp          C:\Windows\system32\drivers\viaagp.sys
20:36:44.0289 5236  viaagp - ok
20:36:44.0309 5236  [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7           C:\Windows\system32\drivers\viac7.sys
20:36:44.0335 5236  ViaC7 - ok
20:36:44.0351 5236  [ AADF5587A4063F52C2C3FED7887426FC ] viaide          C:\Windows\system32\drivers\viaide.sys
20:36:44.0364 5236  viaide - ok
20:36:44.0397 5236  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:36:44.0411 5236  volmgr - ok
20:36:44.0446 5236  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:36:44.0463 5236  volmgrx - ok
20:36:44.0574 5236  [ 786DB5771F05EF300390399F626BF30A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:36:44.0590 5236  volsnap - ok
20:36:44.0640 5236  [ 587253E09325E6BF226B299774B728A9 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:36:44.0663 5236  vsmraid - ok
20:36:44.0754 5236  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
20:36:44.0799 5236  VSS - ok
20:36:44.0833 5236  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
20:36:44.0864 5236  W32Time - ok
20:36:44.0928 5236  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
20:36:44.0971 5236  WacomPen - ok
20:36:44.0986 5236  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
20:36:45.0007 5236  Wanarp - ok
20:36:45.0011 5236  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:36:45.0033 5236  Wanarpv6 - ok
20:36:45.0889 5236  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:36:45.0929 5236  wcncsvc - ok
20:36:45.0956 5236  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:36:45.0982 5236  WcsPlugInService - ok
20:36:46.0015 5236  [ 78FE9542363F297B18C027B2D7E7C07F ] Wd              C:\Windows\system32\drivers\wd.sys
20:36:46.0028 5236  Wd - ok
20:36:46.0106 5236  [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:36:46.0129 5236  Wdf01000 - ok
20:36:46.0141 5236  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:36:46.0172 5236  WdiServiceHost - ok
20:36:46.0176 5236  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:36:46.0207 5236  WdiSystemHost - ok
20:36:46.0408 5236  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
20:36:46.0431 5236  WebClient - ok
20:36:46.0582 5236  [ 905214925A88311FCE52F66153DE7610 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:36:46.0639 5236  Wecsvc - ok
20:36:46.0780 5236  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:36:46.0806 5236  wercplsupport - ok
20:36:46.0962 5236  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:36:47.0006 5236  WerSvc - ok
20:36:47.0230 5236  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
20:36:47.0246 5236  WinDefend - ok
20:36:47.0252 5236  WinHttpAutoProxySvc - ok
20:36:47.0316 5236  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:36:47.0338 5236  Winmgmt - ok
20:36:47.0422 5236  [ 01874D4689C212460FBABF0ECD7CB7F7 ] WinRM           C:\Windows\system32\WsmSvc.dll
20:36:47.0482 5236  WinRM - ok
20:36:47.0568 5236  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:36:47.0606 5236  Wlansvc - ok
20:36:47.0626 5236  [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
20:36:47.0648 5236  WmiAcpi - ok
20:36:47.0859 5236  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:36:47.0896 5236  wmiApSrv - ok
20:36:47.0992 5236  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
20:36:48.0061 5236  WMPNetworkSvc - ok
20:36:48.0173 5236  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:36:48.0217 5236  WPCSvc - ok
20:36:48.0300 5236  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:36:48.0319 5236  WPDBusEnum - ok
20:36:48.0384 5236  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:36:48.0410 5236  ws2ifsl - ok
20:36:48.0538 5236  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\System32\wscsvc.dll
20:36:48.0557 5236  wscsvc - ok
20:36:48.0562 5236  WSearch - ok
20:36:48.0982 5236  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
20:36:49.0182 5236  wuauserv - ok
20:36:49.0335 5236  [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:36:49.0363 5236  WUDFRd - ok
20:36:49.0413 5236  [ 575A4190D989F64732119E4114045A4F ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:36:49.0444 5236  wudfsvc - ok
20:36:49.0745 5236  [ B8B466103280E45E391E876F05122607 ] ZTEusbmdm6k     C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
20:36:49.0757 5236  ZTEusbmdm6k - ok
20:36:49.0924 5236  [ 911BA85906BC7602C73441502ABFB565 ] ZTEusbnet       C:\Windows\system32\DRIVERS\ZTEusbnet.sys
20:36:49.0937 5236  ZTEusbnet - ok
20:36:50.0018 5236  [ 69774B89725DDC4781E0EEB9809F3B20 ] ZTEusbnmea      C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
20:36:50.0031 5236  ZTEusbnmea - ok
20:36:50.0037 5236  [ B8B466103280E45E391E876F05122607 ] ZTEusbser6k     C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
20:36:50.0050 5236  ZTEusbser6k - ok
20:36:50.0069 5236  [ B8B466103280E45E391E876F05122607 ] ZTEusbvoice     C:\Windows\system32\DRIVERS\ZTEusbvoice.sys
20:36:50.0081 5236  ZTEusbvoice - ok
20:36:50.0099 5236  ================ Scan global ===============================
20:36:50.0225 5236  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
20:36:50.0307 5236  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
20:36:50.0362 5236  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
20:36:50.0436 5236  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
20:36:50.0444 5236  [Global] - ok
20:36:50.0444 5236  ================ Scan MBR ==================================
20:36:50.0524 5236  [ 9C603BC3977968C891DE319283E1E7AF ] \Device\Harddisk0\DR0
20:36:50.0525 5236  Suspicious mbr (Forged): \Device\Harddisk0\DR0
20:36:50.0570 5236  \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - infected
20:36:50.0570 5236  \Device\Harddisk0\DR0 - detected Rootkit.Boot.Wistler.a (0)
20:36:50.0907 5236  ================ Scan VBR ==================================
20:36:50.0964 5236  [ CF83110828D8AB4D4213956A31186A23 ] \Device\Harddisk0\DR0\Partition1
20:36:50.0966 5236  \Device\Harddisk0\DR0\Partition1 - ok
20:36:50.0988 5236  [ C7FD826542946C1A7A784B60C562BD1B ] \Device\Harddisk0\DR0\Partition2
20:36:50.0990 5236  \Device\Harddisk0\DR0\Partition2 - ok
20:36:50.0990 5236  ============================================================
20:36:50.0990 5236  Scan finished
20:36:50.0990 5236  ============================================================
20:36:51.0001 6048  Detected object count: 9
20:36:51.0001 6048  Actual detected object count: 9
20:37:03.0812 6048  Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:37:03.0812 6048  Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:37:03.0814 6048  AdobeFlashPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:37:03.0814 6048  AdobeFlashPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:37:03.0816 6048  cpuz132 ( UnsignedFile.Multi.Generic ) - skipped by user
20:37:03.0816 6048  cpuz132 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:37:03.0818 6048  netr73 ( UnsignedFile.Multi.Generic ) - skipped by user
20:37:03.0818 6048  netr73 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:37:03.0819 6048  SCDEmu ( UnsignedFile.Multi.Generic ) - skipped by user
20:37:03.0820 6048  SCDEmu ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:37:03.0821 6048  sptd ( LockedFile.Multi.Generic ) - skipped by user
20:37:03.0822 6048  sptd ( LockedFile.Multi.Generic ) - User select action: Skip 
20:37:03.0823 6048  TOSHIBA eco Utility Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:37:03.0823 6048  TOSHIBA eco Utility Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:37:03.0824 6048  TOSHIBA HDD SSD Alert Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:37:03.0824 6048  TOSHIBA HDD SSD Alert Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:37:04.0425 6048  \Device\Harddisk0\DR0\# - copied to quarantine
20:37:04.0427 6048  \Device\Harddisk0\DR0 - copied to quarantine
20:37:04.0542 6048  \Device\Harddisk0\DR0 - processing error
20:37:06.0634 6048  \Device\Harddisk0\DR0 - will be restored on reboot
20:37:06.0634 6048  \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - User select action: Cure Restore 
20:37:10.0961 4988  Deinitialize success

 

 

ADWCleaner report:

 

# AdwCleaner v2.303 - Logfile created 06/28/2013 at 20:57:18

# Updated 08/06/2013 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : sale - SALE-PC
# Boot Mode : Normal
# Running from : C:\Users\sale\Desktop\AdwCleaner.exe
# Option [Search]
 
 
***** [Services] *****
 
Found : BrowserProtect
 
***** [Files / Folders] *****
 
File Found : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Found : C:\Users\sale\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
File Found : C:\Users\sale\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\bProtector_extensions.rdf
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\bprotector_extensions.sqlite
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\bprotector_prefs.js
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\extensions\gophoto@gophoto.it.xpi
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\searchplugins\Conduit.xml
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\searchplugins\delta.xml
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\searchplugins\icqplugin.xml
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\searchplugins\icqplugin-1.xml
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\searchplugins\icqplugin-10.xml
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\searchplugins\icqplugin-2.xml
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\searchplugins\icqplugin-3.xml
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\searchplugins\icqplugin-4.xml
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\searchplugins\icqplugin-5.xml
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\searchplugins\icqplugin-6.xml
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\searchplugins\icqplugin-7.xml
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\searchplugins\icqplugin-8.xml
File Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\searchplugins\icqplugin-9.xml
Folder Found : C:\Program Files\Delta
Folder Found : C:\Program Files\Gophoto.it
Folder Found : C:\Program Files\ICQ6Toolbar
Folder Found : C:\Program Files\TornTV.com
Folder Found : C:\Program Files\Winamp Toolbar
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\BrowserProtect
Folder Found : C:\ProgramData\ICQ\ICQToolbar
Folder Found : C:\ProgramData\Winamp Toolbar
Folder Found : C:\Users\sale\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Folder Found : C:\Users\sale\AppData\Local\PackageAware
Folder Found : C:\Users\sale\AppData\Local\Winamp Toolbar
Folder Found : C:\Users\sale\AppData\LocalLow\Delta
Folder Found : C:\Users\sale\AppData\Roaming\BabSolution
Folder Found : C:\Users\sale\AppData\Roaming\Babylon
Folder Found : C:\Users\sale\AppData\Roaming\Delta
Folder Found : C:\Users\sale\AppData\Roaming\file scout
Folder Found : C:\Users\sale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Folder Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Folder Found : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\extensions\ffxtlbr@delta.com
 
***** [Registry] *****
 
Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\BabSolution
Key Found : HKCU\Software\BabylonToolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\d538a8fb53bbf10
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\Delta
Key Found : HKCU\Software\filescout
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Chrome Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Winamp Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Winamp Toolbar
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\winamptbServer.exe
Key Found : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6EF4E91D-DDD5-4478-BCA7-DA04435934C0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B38D6EDE-390B-4620-8365-29E16459EBDA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F20F11FD-203E-45A9-B7BB-AFC1B4FEA7A6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FE178B09-C8AA-4734-804D-1849BCCA0C29}
Key Found : HKLM\SOFTWARE\Classes\delta.deltaappCore
Key Found : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Key Found : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Key Found : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Found : HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch
Key Found : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch.1
Key Found : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand
Key Found : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand.1
Key Found : HKLM\SOFTWARE\Classes\WinampTb.Downloader
Key Found : HKLM\SOFTWARE\Classes\WinampTb.Downloader.1
Key Found : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo
Key Found : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo.1
Key Found : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams
Key Found : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams.1
Key Found : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\d538a8fb53bbf10
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\Software\Delta
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserProtect
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar
Key Found : HKLM\SOFTWARE\Software
Key Found : HKLM\Software\Winamp Toolbar
Key Found : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Found : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Found : HKU\S-1-5-21-1754380148-3273611749-601346732-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKU\S-1-5-21-1754380148-3273611749-601346732-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKU\S-1-5-21-1754380148-3273611749-601346732-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKU\S-1-5-21-1754380148-3273611749-601346732-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}]
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v7.0.6002.18005
 
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
[HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page] = hxxp://www.delta-search.com/?affID=119776&babsrc=HP_ss&mntrId=fedf17ca000000000000001e6585cdb2
 
-\\ Mozilla Firefox v [Unable to get version]
 
File : C:\Users\sale\AppData\Roaming\Mozilla\Firefox\Profiles\8yc0n2uu.default\prefs.js
 
Found : user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?affID=119776&babsrc=NT_ss&mntrId=fedf1[...]
Found : user_pref("browser.search.defaultthis.engineName", "InnoGames International Customized Web Search");
Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2832595&Sea[...]
Found : user_pref("browser.search.order.1", "Delta Search");
Found : user_pref("browser.search.selectedEngine", "Delta Search");
Found : user_pref("extensions.delta.admin", false);
Found : user_pref("extensions.delta.aflt", "babsst");
Found : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Found : user_pref("extensions.delta.autoRvrt", "false");
Found : user_pref("extensions.delta.dfltLng", "en");
Found : user_pref("extensions.delta.excTlbr", false);
Found : user_pref("extensions.delta.id", "fedf17ca000000000000001e6585cdb2");
Found : user_pref("extensions.delta.instlDay", "15767");
Found : user_pref("extensions.delta.instlRef", "sst");
Found : user_pref("extensions.delta.newTab", false);
Found : user_pref("extensions.delta.prdct", "delta");
Found : user_pref("extensions.delta.prtnrId", "delta");
Found : user_pref("extensions.delta.rvrt", "false");
Found : user_pref("extensions.delta.smplGrp", "none");
Found : user_pref("extensions.delta.tlbrId", "base");
Found : user_pref("extensions.delta.tlbrSrchUrl", "");
Found : user_pref("extensions.delta.vrsn", "1.8.10.0");
Found : user_pref("extensions.delta.vrsnTs", "1.8.10.018:27:12");
Found : user_pref("extensions.delta.vrsni", "1.8.10.0");
Found : user_pref("icqtoolbar.allowSendURL", false);
Found : user_pref("icqtoolbar.engineVerified", true);
Found : user_pref("icqtoolbar.firstTbRun", false);
Found : user_pref("icqtoolbar.geolastmodified", 1364825244);
Found : user_pref("icqtoolbar.hiddenElements", "itb_options itb_people itb_zoom_in itb_zoom_out itb_zoom_def[...]
Found : user_pref("icqtoolbar.history", "vip||t-com||eurobattle.net||youtube");
Found : user_pref("icqtoolbar.icqgeo", 385);
Found : user_pref("icqtoolbar.installTime", "1362331957");
Found : user_pref("icqtoolbar.numberOfSearches", 0);
Found : user_pref("icqtoolbar.previousFFVersion", "14.0.1");
Found : user_pref("icqtoolbar.skip_default_search", "no");
Found : user_pref("icqtoolbar.uniqueID", "136225872813623245561362331957969");
Found : user_pref("icqtoolbar.usageStatstTimestamp", 1364813854);
Found : user_pref("icqtoolbar.version", "1.5.3");
Found : user_pref("icqtoolbar.voucherHideClicks", 0);
Found : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Found : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Found : user_pref("icqtoolbar.voucherWasShown", 0);
Found : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q=");
 
-\\ Google Chrome v27.0.1453.116
 
File : C:\Users\sale\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[R1].txt - [17946 octets] - [28/06/2013 19:53:44]
AdwCleaner[R2].txt - [18144 octets] - [28/06/2013 20:44:49]
AdwCleaner[R3].txt - [18074 octets] - [28/06/2013 20:57:18]
 
########## EOF - C:\AdwCleaner[R3].txt - [18135 octets] ##########

 

 

FSS report:

 

Farbar Service Scanner Version: 27-06-2013

Ran by sale (administrator) on 28-06-2013 at 20:50:51
Running from "C:\Users\sale\Downloads"
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Security Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2013-04-01 20:09] - [2013-01-04 13:28] - 0905576 ____A (Microsoft Corporation) 74E2D020C47BB2B2FCCBA29A518A7EB4
 
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
 
 
**** End of log ****

 

 

MiniToolBox report:

 

MiniToolBox by Farbar  Version: 16-06-2013

Ran by sale (administrator) on 28-06-2013 at 20:53:09
Running from "C:\Users\sale\Desktop"
Windows Vista ™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
::1             localhost
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Intel® WiFi Link 5100 AGN = Wireless Network Connection (Connected)
Realtek RTL8102/8103 Family PCI-E FE NIC = Local Area Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global defaultcurhoplimit=64 icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : sale-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Mixed
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : lan
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : lan
   Description . . . . . . . . . . . : Intel® WiFi Link 5100 AGN
   Physical Address. . . . . . . . . : 00-1E-65-85-CD-B2
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::ed54:163c:33d:5c62%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.27(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 28. lipnja 2013 20:38:38
   Lease Expires . . . . . . . . . . : 29. lipnja 2013 20:38:37
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 285220453
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-24-67-54-00-26-22-30-88-CB
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : lan
   Description . . . . . . . . . . . : Realtek RTL8102/8103 Family PCI-E FE NIC
   Physical Address. . . . . . . . . : 00-26-22-30-88-CB
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 6:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : lan
   Description . . . . . . . . . . . : isatap.lan
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 12:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:14eb:393b:3f57:fee4(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::14eb:393b:3f57:fee4%12(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter Local Area Connection* 14:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  speedtouch.lan
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2a00:1450:400d:805::1002
 173.194.39.167
 173.194.39.168
 173.194.39.169
 173.194.39.174
 173.194.39.160
 173.194.39.161
 173.194.39.162
 173.194.39.163
 173.194.39.164
 173.194.39.165
 173.194.39.166
 
 
 
Pinging google.com [173.194.39.161] with 32 bytes of data:
 
Reply from 173.194.39.161: bytes=32 time=24ms TTL=57
 
Reply from 173.194.39.161: bytes=32 time=35ms TTL=57
 
 
 
Ping statistics for 173.194.39.161:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 24ms, Maximum = 35ms, Average = 29ms
 
Server:  speedtouch.lan
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  98.138.253.109
 98.139.183.24
 206.190.36.45
 
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
 
Reply from 98.139.183.24: bytes=32 time=330ms TTL=52
 
Reply from 98.139.183.24: bytes=32 time=559ms TTL=52
 
 
 
Ping statistics for 98.139.183.24:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 330ms, Maximum = 559ms, Average = 444ms
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
===========================================================================
Interface List
 11 ...00 1e 65 85 cd b2 ...... Intel® WiFi Link 5100 AGN
 10 ...00 26 22 30 88 cb ...... Realtek RTL8102/8103 Family PCI-E FE NIC
  1 ........................... Software Loopback Interface 1
 20 ...00 00 00 00 00 00 00 e0  isatap.lan
 12 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 21 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.27     30
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.27    286
     192.168.1.27  255.255.255.255         On-link      192.168.1.27    286
    192.168.1.255  255.255.255.255         On-link      192.168.1.27    286
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.27    286
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.27    286
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12     18 ::/0                     On-link
  1    306 ::1/128                  On-link
 12     18 2001::/32                On-link
 12    266 2001:0:9d38:953c:14eb:393b:3f57:fee4/128
                                    On-link
 11    286 fe80::/64                On-link
 12    266 fe80::/64                On-link
 12    266 fe80::14eb:393b:3f57:fee4/128
                                    On-link
 11    286 fe80::ed54:163c:33d:5c62/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    266 ff00::/8                 On-link
 11    286 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (06/28/2013 08:39:56 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/28/2013 08:32:00 PM) (Source: Application Error) (User: )
Description: Faulting application FlashPlayerUpdateService.exe, version 11.6.602.180, time stamp 0x51a4ab8c, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000005, fault offset 0x0004881b,
process id 0x1478, application start time 0xFlashPlayerUpdateService.exe0.
 
Error: (06/28/2013 07:32:00 PM) (Source: Application Error) (User: )
Description: Faulting application FlashPlayerUpdateService.exe, version 11.6.602.180, time stamp 0x51a4ab8c, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000005, fault offset 0x0004881b,
process id 0x14f8, application start time 0xFlashPlayerUpdateService.exe0.
 
Error: (06/28/2013 06:32:02 PM) (Source: Application Error) (User: )
Description: Faulting application FlashPlayerUpdateService.exe, version 11.6.602.180, time stamp 0x51a4ab8c, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000005, fault offset 0x0004881b,
process id 0xbc4, application start time 0xFlashPlayerUpdateService.exe0.
 
Error: (06/28/2013 05:32:00 PM) (Source: Application Error) (User: )
Description: Faulting application FlashPlayerUpdateService.exe, version 11.6.602.180, time stamp 0x51a4ab8c, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000005, fault offset 0x0004881b,
process id 0x14a0, application start time 0xFlashPlayerUpdateService.exe0.
 
Error: (06/28/2013 04:32:01 PM) (Source: Application Error) (User: )
Description: Faulting application FlashPlayerUpdateService.exe, version 11.6.602.180, time stamp 0x51a4ab8c, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000005, fault offset 0x0004881b,
process id 0xbd0, application start time 0xFlashPlayerUpdateService.exe0.
 
Error: (06/28/2013 03:32:22 PM) (Source: Application Error) (User: )
Description: Faulting application FlashPlayerUpdateService.exe, version 11.6.602.180, time stamp 0x51a4ab8c, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000005, fault offset 0x0004881b,
process id 0x151c, application start time 0xFlashPlayerUpdateService.exe0.
 
Error: (06/28/2013 02:32:00 PM) (Source: Application Error) (User: )
Description: Faulting application FlashPlayerUpdateService.exe, version 11.6.602.180, time stamp 0x51a4ab8c, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000005, fault offset 0x0004881b,
process id 0x13d4, application start time 0xFlashPlayerUpdateService.exe0.
 
Error: (06/28/2013 01:32:00 PM) (Source: Application Error) (User: )
Description: Faulting application FlashPlayerUpdateService.exe, version 11.6.602.180, time stamp 0x51a4ab8c, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000005, fault offset 0x0004881b,
process id 0x7a0, application start time 0xFlashPlayerUpdateService.exe0.
 
Error: (06/28/2013 00:32:00 PM) (Source: Application Error) (User: )
Description: Faulting application FlashPlayerUpdateService.exe, version 11.6.602.180, time stamp 0x51a4ab8c, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000005, fault offset 0x0004881b,
process id 0x1750, application start time 0xFlashPlayerUpdateService.exe0.
 
 
System errors:
=============
Error: (06/28/2013 08:50:32 PM) (Source: ipnathlp) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
 
Error: (06/28/2013 08:39:57 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058
 
Error: (06/28/2013 08:39:00 PM) (Source: ipnathlp) (User: )
Description: The DHCP allocator has disabled itself on IP address 192.168.1.27, since the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.
 
Error: (06/28/2013 08:39:00 PM) (Source: ipnathlp) (User: )
Description: The ICS_IPV6 failed to configure IPv6 stack.
 
Error: (06/28/2013 11:03:11 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058
 
Error: (06/28/2013 11:02:39 AM) (Source: DCOM) (User: )
Description: {0002DF01-0000-0000-C000-000000000046}
 
Error: (06/28/2013 11:02:38 AM) (Source: ipnathlp) (User: )
Description: The DHCP allocator has disabled itself on IP address 192.168.1.27, since the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.
 
Error: (06/28/2013 11:02:38 AM) (Source: ipnathlp) (User: )
Description: The ICS_IPV6 failed to configure IPv6 stack.
 
Error: (06/27/2013 09:36:13 PM) (Source: ipnathlp) (User: )
Description: The DHCP allocator has disabled itself on IP address 192.168.1.27, since the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.
 
Error: (06/27/2013 09:34:08 PM) (Source: ipnathlp) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
 
 
Microsoft Office Sessions:
=========================
 
=========================== Installed Programs ============================
 
 Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 3.3.0.29625)
50 FREE MP3s +1 Free Audiobook! (Version: 1.0.0.1)
Acrobat.com (Version: 0.0.0)
Adobe Bridge 1.0 (Version: 001.000.000)
Adobe Common File Installer (Version: 1.00.0000)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Help Center 1.0 (Version: 001.000.000)
Adobe Photoshop CS2 (Version: 9.0)
Adobe Stock Photos 1.0 (Version: 001.000.000)
AMD APP SDK Runtime (Version: 10.0.937.2)
AMD Catalyst Install Manager (Version: 8.0.877.0)
avast! Free Antivirus (Version: 8.0.1489.0)
Bluetooth Stack for Windows by Toshiba (Version: v6.40.00(T))
BrowserProtect
BS.Player FREE (Version: 2.41.1003)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2012.0704.122.388)
Catalyst Control Center InstallProxy (Version: 2009.0421.2132.36832)
Catalyst Control Center InstallProxy (Version: 2012.0704.122.388)
Catalyst Control Center Localization All (Version: 2012.0704.122.388)
Catalyst Pro Control Center (Version: 2012.0704.122.388)
CCC Help Chinese Standard (Version: 2012.0704.0121.388)
CCC Help Chinese Traditional (Version: 2012.0704.0121.388)
CCC Help Czech (Version: 2012.0704.0121.388)
CCC Help Danish (Version: 2012.0704.0121.388)
CCC Help Dutch (Version: 2012.0704.0121.388)
CCC Help English (Version: 2012.0704.0121.388)
CCC Help Finnish (Version: 2012.0704.0121.388)
CCC Help French (Version: 2012.0704.0121.388)
CCC Help German (Version: 2012.0704.0121.388)
CCC Help Greek (Version: 2012.0704.0121.388)
CCC Help Hungarian (Version: 2012.0704.0121.388)
CCC Help Italian (Version: 2012.0704.0121.388)
CCC Help Japanese (Version: 2012.0704.0121.388)
CCC Help Korean (Version: 2012.0704.0121.388)
CCC Help Norwegian (Version: 2012.0704.0121.388)
CCC Help Polish (Version: 2012.0704.0121.388)
CCC Help Portuguese (Version: 2012.0704.0121.388)
CCC Help Russian (Version: 2012.0704.0121.388)
CCC Help Spanish (Version: 2012.0704.0121.388)
CCC Help Swedish (Version: 2012.0704.0121.388)
CCC Help Thai (Version: 2012.0704.0121.388)
CCC Help Turkish (Version: 2012.0704.0121.388)
ccc-utility (Version: 2012.0704.122.388)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Counter Strike 1.6  FULL v42
Counter-Strike 1.6
CPUID HWMonitor 1.15
Delta Chrome Toolbar
Delta toolbar   (Version: 1.8.10.0)
Google Chrome (Version: 27.0.1453.116)
Google Desktop (Version: 5.7.0802.22438)
Google Drive (Version: 1.10.4769.632)
Google Earth (Version: 6.0.0.1735)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4209.2358)
Google Update Helper (Version: 1.3.21.145)
Intel® Matrix Storage Manager
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
K-Lite Codec Pack 4.7.5 (Full) (Version: 4.7.5)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Games for Windows - LIVE (Version: 3.0.86.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.0.17.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
myphotobook 3.65 (Version: 3.65)
Notepad++ (Version: 5.6.8)
NVIDIA PhysX (Version: 9.10.0129)
OpenAL
Picasa 2 (Version: 2.0)
PlayReady PC runtime (Version: 1)
PokerStars
PowerISO (Version: 4.8)
PunkBuster Services (Version: 0.991)
Ralink Wireless LAN Card (Version: 1.00.01)
Rapture3D 2.3.26 Game
Realtek 8136 8168 8169 Ethernet Driver (Version: 1.00.0004)
Realtek High Definition Audio Driver (Version: 6.0.1.5821)
Realtek USB 2.0 Card Reader (Version: 6.0.6000.20132)
Skype Click to Call (Version: 5.6.8312)
Skype™ 5.5 (Version: 5.5.119)
SPlayer
StarCraft II (Version: 2.0.5.25092)
Steam (Version: 1.0.0.0)
Synaptics Pointing Device Driver (Version: 12.2.11.0)
TeamSpeak 3 Client (Version: 3.0.6)
TOSHIBA Assist (Version: 2.01.10)
TOSHIBA ConfigFree (Version: 7.4.9)
TOSHIBA Disc Creator (Version: 2.0.1.3)
TOSHIBA DVD PLAYER (Version: 3.00.1.04-A)
TOSHIBA eco Utility (Version: 1.0.3.0)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00)
TOSHIBA Face Recognition (Version: 3.0.5.32)
TOSHIBA Flash Cards Support Utility (Version: 1.63.0.3C)
TOSHIBA Hardware Setup (Version: 1.63.0.6C)
TOSHIBA HDD/SSD Alert (Version: 3.0.0.1)
TOSHIBA Manuals (Version: 7.40)
Toshiba Online Product Information (Version: 2.06.0000)
TOSHIBA PC Health Monitor (Version: 1.3.2.0)
TOSHIBA Recovery Disk Creator Reminder (Version: 1.00.0017)
TOSHIBA SD Memory Utilities (Version: 1.8.1.6)
TOSHIBA Service Station (Version: 2.0.26)
TOSHIBA Supervisor Password (Version: 1.63.0.3C)
Toshiba TEMPRO (Version: 2.0)
TOSHIBA Value Added Package (Version: 1.2.8)
TOSHIBA Web Camera Application (Version: 1.0.1.8)
TRORDCLauncher (Version: 1.0.0.6)
TuneUp Utilities 2009 (Version: 8.0.2000.35)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768024) 32-Bit Edition
Utility Common Driver (Version: 1.0.50.22C)
VirtualCloneDrive
WildTangent Games (Version: 1.0.0.71)
Winamp (Version: 5.552 )
Winamp Toolbar
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Upload Tool (Version: 14.0.8014.1029)
WinRAR archiver
Wise Game Booster 1.09
World of Tanks v.0.7.2
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 37%
Total physical RAM: 3035.93 MB
Available physical RAM: 1903.83 MB
Total Pagefile: 6274.12 MB
Available Pagefile: 5106.59 MB
Total Virtual: 2047.88 MB
Available Virtual: 1943.3 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Vista) (Fixed) (Total:149.04 GB) (Free:33.14 GB) NTFS
2 Drive e: (Data) (Fixed) (Total:147.58 GB) (Free:50.66 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\SALE-PC
 
Administrator            Guest                    sale                     
 
========================= Minidump Files ==================================
 
C:\Windows\Minidump\Mini031413-01.dmp
C:\Windows\Minidump\Mini052113-01.dmp
C:\Windows\Minidump\Mini053012-01.dmp
C:\Windows\Minidump\Mini060513-01.dmp
C:\Windows\Minidump\Mini060713-01.dmp
C:\Windows\Minidump\Mini062513-01.dmp
C:\Windows\Minidump\Mini071812-01.dmp
C:\Windows\Minidump\Mini091511-01.dmp
C:\Windows\Minidump\Mini102311-01.dmp
C:\Windows\Minidump\Mini102311-02.dmp
C:\Windows\Minidump\Mini102612-01.dmp
C:\Windows\Minidump\Mini120712-01.dmp
========================= Restore Points ==================================
 
25-06-2013 20:44:51 Installed Adobe Reader 7.0.8
26-06-2013 00:07:04 avast! Free Antivirus konfiguracija
26-06-2013 16:49:00 Scheduled Checkpoint
27-06-2013 22:34:46 Scheduled Checkpoint
28-06-2013 10:43:29 Scheduled Checkpoint
 
**** End of log ****
 

 

And i ran avast! antivirus quick scan and didnt find anything.Do i need to doublecheck this and how?



#6 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:25 PM

Posted 28 June 2013 - 02:38 PM

Hi

Some bad news, due to whistler rootkit being found by TDSSkiller:

---------

IMPORTANT NOTE: One or more of the identified infections is a backdoor Trojan.

Backdoor Trojans, Botnets, and IRCBots are very dangerous because they compromise system integrity by making changes that allow it to be used by the attacker for malicious purposes.
They can disable your anti-virus and security tools to prevent detection and removal. Remote attackers use backdoors as a means of accessing and taking control of a computer that bypasses security mechanisms.
This type of exploit allows them to steal sensitive information like passwords, personal and financial data which is then sent back to the hacker.
Read Danger: Remote Access Trojans.

You should disconnect the computer from the Internet and from any networked computers until it is cleaned. If your computer was used for online banking, paying bills, has credit card information or other sensitive data on it, all passwords should be changed immediately to include those used for taxes, email, eBay, paypal and any other online activities.
You should consider them to be compromised and change passwords from a clean computer, not the infected one. If not, an attacker may get the new passwords and transaction information.
Banking and credit card institutions should be notified immediately of the possible security breach. Failure to notify your financial institution and local law enforcement can result in refusal to reimburse funds lost due to fraud or similar criminal activity.
If using a router, you need to reset it with a strong logon/password before connecting again.

Although the infection has been identified and may be removed, your machine has likely been compromised and there is no way to be sure the computer can ever be trusted again. It is dangerous and incorrect to assume the computer is secure even if the malware appears to have been removed.
In some instances an infection may have caused so much damage to your system that it cannot be successfully cleaned or repaired. The malware may leave so many remnants behind that security tools cannot find them.
Many experts in the security community believe that once infected with this type of malware, the best course of action is to wipe the drive clean, reformat and reinstall the OS. Please read:



Whenever a system has been compromised by a backdoor payload, it is impossible to know if or how much the backdoor has been used to affect your system...There are only a few ways to return a compromised system to a confident security configuration. These include:
• Reimaging the system
• Restoring the entire system using a full system backup from before the backdoor infection
• Reformatting and reinstalling the system

Backdoors and What They Mean to You

This is what Jesper M. Johansson, Security Program Manager at Microsoft TechNet has to say:

The only way to clean a compromised system is to flatten and rebuild. That’s right. If you have a system that has been completely compromised, the only thing you can do is to flatten the system (reformat the system disk) and rebuild it from scratch (reinstall Windows and your applications).

Help: I Got Hacked. Now What Do I Do?.

We will do our best to clean the computer of any infections seen on the log. However, because of the nature of this Trojan, I cannot offer a total
guarantee that there are no remnants left in the system, or that the computer will be trustworthy.

Many security experts believe that once infected with this type of Trojan, the best course of action is to reformat and reinstall the Operating System.
Making this decision is based on what the computer is used for, and what information can be accessed from it.

Knowing the above, do you wish to proceed with cleaning the malware from the computer?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#7 alexalexx

alexalexx
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:25 PM

Posted 28 June 2013 - 02:46 PM

Hi ,yes i would like to remove it,please tell me,what should i do?



#8 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:25 PM

Posted 28 June 2013 - 03:05 PM

Please follow the instructions in ==>This Guide<== starting at Step 6.  If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<==  Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#9 alexalexx

alexalexx
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:25 PM

Posted 28 June 2013 - 04:03 PM

Hello again just to say,i have started new topic,thank u so far!



#10 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:25 PM

Posted 28 June 2013 - 05:40 PM

You're welcome :)


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users