Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

found trojan


  • Please log in to reply
9 replies to this topic

#1 yol

yol

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:09 PM

Posted 30 August 2013 - 08:54 PM

I found a low level trojan while surfing a website thorugh jajvascript.

it is called JS/Exploit!JNLP.

Mcaffee picked it up right away and malwarebytes found no other infected files.just want to confirm no onther files infected.

 



BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:09 AM

Posted 31 August 2013 - 12:31 PM

Hello,

I will be helping you with your problems. Please be patient while I assist you.

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do NOT run, install or uninstall any programs,  unless instructed to do so.
    We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
- Do NOT backup any unknown files ending in .exe, .com, .scr, .pif, and .bat since files of these types are more likely to be infected.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

Please do the following:

:step1:

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

  • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
  • Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Under Objects to scan, check the boxes next to Verify file digital signatures, Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the full contents of that file in your next reply. - If the log is too long, then split it into multiple posts.

:step2:

Please download AdwCleaner by Xplode onto your desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.

:step3:

Please download Farbar Service Scanner and run it on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press Scan.
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the full contents of the log in your next reply.

:step4:

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (Only Problems)
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points

NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.

Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.


Edited by dev00790, 31 August 2013 - 12:32 PM.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 yol

yol
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:09 PM

Posted 31 August 2013 - 07:15 PM

hi thanks for helping me

tsskiller log

 

09:40:25.0151 0x0854  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
09:40:26.0859 0x0854  ============================================================
09:40:26.0860 0x0854  Current date / time: 2013/09/01 09:40:26.0859
09:40:26.0860 0x0854  SystemInfo:
09:40:26.0860 0x0854  
09:40:26.0860 0x0854  OS Version: 6.0.6002 ServicePack: 2.0
09:40:26.0860 0x0854  Product type: Workstation
09:40:26.0860 0x0854  ComputerName: OWNER-PC
09:40:26.0861 0x0854  UserName: Owner
09:40:26.0861 0x0854  Windows directory: C:\Windows
09:40:26.0861 0x0854  System windows directory: C:\Windows
09:40:26.0861 0x0854  Processor architecture: Intel x86
09:40:26.0861 0x0854  Number of processors: 2
09:40:26.0861 0x0854  Page size: 0x1000
09:40:26.0861 0x0854  Boot type: Normal boot
09:40:26.0861 0x0854  ============================================================
09:40:29.0495 0x0854  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:40:29.0522 0x0854  ============================================================
09:40:29.0522 0x0854  \Device\Harddisk0\DR0:
09:40:29.0523 0x0854  MBR partitions:
09:40:29.0523 0x0854  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x11A81000
09:40:29.0523 0x0854  ============================================================
09:40:29.0572 0x0854  C: <-> \Device\Harddisk0\DR0\Partition1
09:40:29.0670 0x0854  ============================================================
09:40:29.0670 0x0854  Initialize success
09:40:29.0670 0x0854  ============================================================
09:40:44.0154 0x0c2c  ============================================================
09:40:44.0154 0x0c2c  Scan started
09:40:44.0154 0x0c2c  Mode: Manual; SigCheck; TDLFS;
09:40:44.0154 0x0c2c  ============================================================
09:40:44.0597 0x0c2c  ================ Scan system memory ========================
09:40:44.0597 0x0c2c  System memory - ok
09:40:44.0598 0x0c2c  ================ Scan services =============================
09:40:44.0849 0x0c2c  [ B0CC0B50441372157F31C4C023D43A3E ] A2DDA           C:\Users\Owner\Downloads\GrabIt Downloads\EmsisoftEmergencyKit\Run\a2ddax86.sys
09:40:45.0140 0x0c2c  A2DDA - ok
09:40:45.0380 0x0c2c  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
09:40:45.0452 0x0c2c  ACPI - ok
09:40:45.0620 0x0c2c  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
09:40:45.0670 0x0c2c  AdobeARMservice - ok
09:40:45.0758 0x0c2c  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:40:45.0823 0x0c2c  AdobeFlashPlayerUpdateSvc - ok
09:40:45.0925 0x0c2c  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
09:40:46.0038 0x0c2c  adp94xx - ok
09:40:46.0128 0x0c2c  [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci         C:\Windows\system32\drivers\adpahci.sys
09:40:46.0199 0x0c2c  adpahci - ok
09:40:46.0245 0x0c2c  [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
09:40:46.0306 0x0c2c  adpu160m - ok
09:40:46.0335 0x0c2c  [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320         C:\Windows\system32\drivers\adpu320.sys
09:40:46.0381 0x0c2c  adpu320 - ok
09:40:46.0465 0x0c2c  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
09:40:46.0657 0x0c2c  AeLookupSvc - ok
09:40:46.0747 0x0c2c  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
09:40:46.0850 0x0c2c  AFD - ok
09:40:46.0897 0x0c2c  [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
09:40:47.0004 0x0c2c  AgereModemAudio - ok
09:40:47.0109 0x0c2c  [ CE91B158FA490CF4C4D487A4130F4660 ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
09:40:47.0266 0x0c2c  AgereSoftModem - ok
09:40:47.0345 0x0c2c  [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440          C:\Windows\system32\drivers\agp440.sys
09:40:47.0399 0x0c2c  agp440 - ok
09:40:47.0474 0x0c2c  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
09:40:47.0537 0x0c2c  aic78xx - ok
09:40:47.0606 0x0c2c  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
09:40:47.0697 0x0c2c  ALG - ok
09:40:47.0729 0x0c2c  [ 90395B64600EBB4552E26E178C94B2E4 ] aliide          C:\Windows\system32\drivers\aliide.sys
09:40:47.0806 0x0c2c  aliide - ok
09:40:47.0833 0x0c2c  [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
09:40:47.0879 0x0c2c  amdagp - ok
09:40:47.0893 0x0c2c  [ 0577DF1D323FE75A739C787893D300EA ] amdide          C:\Windows\system32\drivers\amdide.sys
09:40:47.0989 0x0c2c  amdide - ok
09:40:48.0079 0x0c2c  [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
09:40:48.0370 0x0c2c  AmdK7 - ok
09:40:48.0398 0x0c2c  [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
09:40:48.0529 0x0c2c  AmdK8 - ok
09:40:48.0622 0x0c2c  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
09:40:48.0746 0x0c2c  Appinfo - ok
09:40:48.0860 0x0c2c  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:40:48.0919 0x0c2c  Apple Mobile Device - ok
09:40:49.0017 0x0c2c  [ 5F673180268BB1FDB69C99B6619FE379 ] arc             C:\Windows\system32\drivers\arc.sys
09:40:49.0073 0x0c2c  arc - ok
09:40:49.0143 0x0c2c  [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
09:40:49.0215 0x0c2c  arcsas - ok
09:40:49.0298 0x0c2c  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
09:40:49.0388 0x0c2c  AsyncMac - ok
09:40:49.0432 0x0c2c  [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi           C:\Windows\system32\drivers\atapi.sys
09:40:49.0477 0x0c2c  atapi - ok
09:40:49.0596 0x0c2c  [ 8BE56F8300E1C37B578DA23C71816B7A ] athr            C:\Windows\system32\DRIVERS\athr.sys
09:40:49.0731 0x0c2c  athr - ok
09:40:49.0830 0x0c2c  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:40:49.0926 0x0c2c  AudioEndpointBuilder - ok
09:40:49.0963 0x0c2c  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
09:40:50.0049 0x0c2c  Audiosrv - ok
09:40:50.0136 0x0c2c  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
09:40:50.0219 0x0c2c  Beep - ok
09:40:50.0313 0x0c2c  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
09:40:50.0403 0x0c2c  BFE - ok
09:40:50.0513 0x0c2c  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
09:40:50.0687 0x0c2c  BITS - ok
09:40:50.0697 0x0c2c  blbdrive - ok
09:40:50.0824 0x0c2c  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:40:50.0888 0x0c2c  Bonjour Service - ok
09:40:50.0951 0x0c2c  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:40:51.0056 0x0c2c  bowser - ok
09:40:51.0134 0x0c2c  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
09:40:51.0216 0x0c2c  BrFiltLo - ok
09:40:51.0242 0x0c2c  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
09:40:51.0338 0x0c2c  BrFiltUp - ok
09:40:51.0401 0x0c2c  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
09:40:51.0501 0x0c2c  Browser - ok
09:40:51.0609 0x0c2c  [ 9F80879913DC2712FD0C4D734E3F519B ] BrSerIb         C:\Windows\system32\DRIVERS\BrSerIb.sys
09:40:51.0705 0x0c2c  BrSerIb - ok
09:40:51.0794 0x0c2c  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
09:40:51.0907 0x0c2c  Brserid - ok
09:40:51.0928 0x0c2c  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
09:40:52.0051 0x0c2c  BrSerWdm - ok
09:40:52.0076 0x0c2c  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
09:40:52.0185 0x0c2c  BrUsbMdm - ok
09:40:52.0215 0x0c2c  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
09:40:52.0331 0x0c2c  BrUsbSer - ok
09:40:52.0364 0x0c2c  [ B67512DA42C0C90BF236D5485226C1C7 ] BrUsbSIb        C:\Windows\system32\DRIVERS\BrUsbSIb.sys
09:40:52.0439 0x0c2c  BrUsbSIb - ok
09:40:52.0513 0x0c2c  [ EA7E57F87D6FEE5FD6C5F813C04E8CD2 ] BrYNSvc         C:\Program Files\Browny02\BrYNSvc.exe
09:40:52.0591 0x0c2c  BrYNSvc ( UnsignedFile.Multi.Generic ) - warning
09:40:52.0591 0x0c2c  BrYNSvc - detected UnsignedFile.Multi.Generic (1)
09:40:52.0617 0x0c2c  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
09:40:52.0730 0x0c2c  BTHMODEM - ok
09:40:52.0831 0x0c2c  [ 248DFA5762DDE38DFDDBBD44149E9D7A ] BVRPMPR5        C:\Windows\system32\drivers\BVRPMPR5.SYS
09:40:52.0893 0x0c2c  BVRPMPR5 ( UnsignedFile.Multi.Generic ) - warning
09:40:52.0893 0x0c2c  BVRPMPR5 - detected UnsignedFile.Multi.Generic (1)
09:40:52.0974 0x0c2c  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:40:53.0066 0x0c2c  cdfs - ok
09:40:53.0098 0x0c2c  Cdr4_xp - ok
09:40:53.0144 0x0c2c  [ 2C41CD49D82D5FD85C72D57B6CA25471 ] Cdralw2k        C:\Windows\system32\drivers\Cdralw2k.sys
09:40:53.0193 0x0c2c  Cdralw2k ( UnsignedFile.Multi.Generic ) - warning
09:40:53.0193 0x0c2c  Cdralw2k - detected UnsignedFile.Multi.Generic (1)
09:40:53.0274 0x0c2c  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
09:40:53.0358 0x0c2c  cdrom - ok
09:40:53.0457 0x0c2c  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
09:40:53.0570 0x0c2c  CertPropSvc - ok
09:40:53.0669 0x0c2c  [ C82162949BBA6CC5D006C7BD008F3CF1 ] CFSvcs          C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
09:40:53.0721 0x0c2c  CFSvcs ( UnsignedFile.Multi.Generic ) - warning
09:40:53.0721 0x0c2c  CFSvcs - detected UnsignedFile.Multi.Generic (1)
09:40:53.0838 0x0c2c  [ 67FEF1CA7EF8541670BE38520097C2C9 ] cfwids          C:\Windows\system32\drivers\cfwids.sys
09:40:53.0898 0x0c2c  cfwids - ok
09:40:53.0933 0x0c2c  [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass        C:\Windows\system32\drivers\circlass.sys
09:40:54.0063 0x0c2c  circlass - ok
09:40:54.0152 0x0c2c  [ 333A88E0227007E2E0677A92057A6D90 ] cleanhlp        C:\Users\Owner\Downloads\GrabIt Downloads\EmsisoftEmergencyKit\Run\cleanhlp32.sys
09:40:54.0224 0x0c2c  cleanhlp - ok
09:40:54.0287 0x0c2c  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
09:40:54.0353 0x0c2c  CLFS - ok
09:40:54.0437 0x0c2c  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:40:54.0497 0x0c2c  clr_optimization_v2.0.50727_32 - ok
09:40:54.0637 0x0c2c  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:40:54.0716 0x0c2c  clr_optimization_v4.0.30319_32 - ok
09:40:54.0800 0x0c2c  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
09:40:54.0894 0x0c2c  CmBatt - ok
09:40:54.0930 0x0c2c  [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
09:40:54.0995 0x0c2c  cmdide - ok
09:40:55.0077 0x0c2c  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
09:40:55.0129 0x0c2c  Compbatt - ok
09:40:55.0146 0x0c2c  COMSysApp - ok
09:40:55.0172 0x0c2c  [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
09:40:55.0239 0x0c2c  crcdisk - ok
09:40:55.0269 0x0c2c  [ 22A7F883508176489F559EE745B5BF5D ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
09:40:55.0400 0x0c2c  Crusoe - ok
09:40:55.0462 0x0c2c  [ 684C130BBC6DB681BAD4920A4C944AA5 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:40:55.0561 0x0c2c  CryptSvc - ok
09:40:55.0665 0x0c2c  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:40:55.0786 0x0c2c  DcomLaunch - ok
09:40:55.0842 0x0c2c  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
09:40:55.0924 0x0c2c  DfsC - ok
09:40:56.0101 0x0c2c  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
09:40:56.0339 0x0c2c  DFSR - ok
09:40:56.0433 0x0c2c  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
09:40:56.0534 0x0c2c  Dhcp - ok
09:40:56.0621 0x0c2c  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
09:40:56.0817 0x0c2c  disk - ok
09:40:56.0913 0x0c2c  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:40:56.0999 0x0c2c  Dnscache - ok
09:40:57.0080 0x0c2c  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
09:40:57.0169 0x0c2c  dot3svc - ok
09:40:57.0241 0x0c2c  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
09:40:57.0343 0x0c2c  DPS - ok
09:40:57.0379 0x0c2c  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:40:57.0465 0x0c2c  drmkaud - ok
09:40:57.0522 0x0c2c  [ 5DE0FAEC9E5D1AAE74F8568897891A01 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:40:57.0645 0x0c2c  DXGKrnl - ok
09:40:57.0740 0x0c2c  [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
09:40:57.0852 0x0c2c  E1G60 - ok
09:40:57.0906 0x0c2c  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
09:40:57.0996 0x0c2c  EapHost - ok
09:40:58.0089 0x0c2c  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
09:40:58.0155 0x0c2c  Ecache - ok
09:40:58.0317 0x0c2c  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
09:40:58.0420 0x0c2c  ehRecvr - ok
09:40:58.0450 0x0c2c  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
09:40:58.0635 0x0c2c  ehSched - ok
09:40:58.0652 0x0c2c  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
09:40:58.0752 0x0c2c  ehstart - ok
09:40:58.0845 0x0c2c  [ E8F3F21A71720C84BCF423B80028359F ] elxstor         C:\Windows\system32\drivers\elxstor.sys
09:40:58.0960 0x0c2c  elxstor - ok
09:40:59.0041 0x0c2c  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
09:40:59.0169 0x0c2c  EMDMgmt - ok
09:40:59.0226 0x0c2c  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
09:40:59.0326 0x0c2c  EventSystem - ok
09:40:59.0367 0x0c2c  ewusbnet - ok
09:40:59.0434 0x0c2c  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
09:40:59.0518 0x0c2c  exfat - ok
09:40:59.0572 0x0c2c  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:40:59.0669 0x0c2c  fastfat - ok
09:40:59.0725 0x0c2c  [ 63BDADA84951B9C03E641800E176898A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
09:40:59.0831 0x0c2c  fdc - ok
09:40:59.0889 0x0c2c  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
09:40:59.0970 0x0c2c  fdPHost - ok
09:41:00.0020 0x0c2c  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:41:00.0134 0x0c2c  FDResPub - ok
09:41:00.0218 0x0c2c  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:41:00.0278 0x0c2c  FileInfo - ok
09:41:00.0336 0x0c2c  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:41:00.0423 0x0c2c  Filetrace - ok
09:41:00.0455 0x0c2c  [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
09:41:00.0603 0x0c2c  flpydisk - ok
09:41:00.0654 0x0c2c  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:41:00.0716 0x0c2c  FltMgr - ok
09:41:00.0853 0x0c2c  [ 119ACA7CADCA75BEA6B38E999443BAA6 ] FontCache       C:\Windows\system32\FntCache.dll
09:41:01.0000 0x0c2c  FontCache - ok
09:41:01.0115 0x0c2c  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:41:01.0169 0x0c2c  FontCache3.0.0.0 - ok
09:41:01.0294 0x0c2c  [ 9513B437B7ADB1E6065B7F0D83D11ECF ] FreeAgentGoNext Service C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
09:41:01.0355 0x0c2c  FreeAgentGoNext Service - ok
09:41:01.0400 0x0c2c  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:41:01.0502 0x0c2c  Fs_Rec - ok
09:41:01.0545 0x0c2c  [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
09:41:01.0601 0x0c2c  gagp30kx - ok
09:41:01.0662 0x0c2c  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
09:41:01.0815 0x0c2c  gpsvc - ok
09:41:01.0896 0x0c2c  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:41:02.0020 0x0c2c  HdAudAddService - ok
09:41:02.0091 0x0c2c  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
09:41:02.0174 0x0c2c  HDAudBus - ok
09:41:02.0221 0x0c2c  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
09:41:02.0350 0x0c2c  HidBth - ok
09:41:02.0390 0x0c2c  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
09:41:02.0512 0x0c2c  HidIr - ok
09:41:02.0570 0x0c2c  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\System32\hidserv.dll
09:41:02.0644 0x0c2c  hidserv - ok
09:41:02.0693 0x0c2c  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
09:41:02.0791 0x0c2c  HidUsb - ok
09:41:02.0913 0x0c2c  [ 8F72C4916A288485812745DC5AF873FC ] HipShieldK      C:\Windows\system32\drivers\HipShieldK.sys
09:41:02.0965 0x0c2c  HipShieldK - ok
09:41:03.0026 0x0c2c  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:41:03.0127 0x0c2c  hkmsvc - ok
09:41:03.0319 0x0c2c  [ 5007E21208DA68F60EBF43352BDFE6D0 ] HomeNetSvc      C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
09:41:03.0373 0x0c2c  HomeNetSvc - ok
09:41:03.0411 0x0c2c  [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
09:41:03.0475 0x0c2c  HpCISSs - ok
09:41:03.0564 0x0c2c  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:41:03.0676 0x0c2c  HTTP - ok
09:41:03.0723 0x0c2c  hwdatacard - ok
09:41:03.0739 0x0c2c  hwusbdev - ok
09:41:03.0789 0x0c2c  [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
09:41:03.0843 0x0c2c  i2omp - ok
09:41:03.0933 0x0c2c  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
09:41:04.0024 0x0c2c  i8042prt - ok
09:41:04.0080 0x0c2c  [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
09:41:04.0148 0x0c2c  iaStorV - ok
09:41:04.0214 0x0c2c  [ DAF66902F08796F9C694901660E5A64A ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
09:41:04.0274 0x0c2c  IDriverT ( UnsignedFile.Multi.Generic ) - warning
09:41:04.0274 0x0c2c  IDriverT - detected UnsignedFile.Multi.Generic (1)
09:41:04.0377 0x0c2c  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:41:04.0509 0x0c2c  idsvc - ok
09:41:04.0634 0x0c2c  [ 75577D903D8F90E7985F5CDDD7DD1E2D ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
09:41:04.0837 0x0c2c  igfx - ok
09:41:04.0860 0x0c2c  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
09:41:04.0930 0x0c2c  iirsp - ok
09:41:04.0988 0x0c2c  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
09:41:05.0108 0x0c2c  IKEEXT - ok
09:41:05.0248 0x0c2c  [ 76C7728AE966EC10DA79DF69E284910F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
09:41:05.0509 0x0c2c  IntcAzAudAddService - ok
09:41:05.0540 0x0c2c  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
09:41:05.0603 0x0c2c  intelide - ok
09:41:05.0684 0x0c2c  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
09:41:05.0782 0x0c2c  intelppm - ok
09:41:05.0873 0x0c2c  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
09:41:05.0969 0x0c2c  IPBusEnum - ok
09:41:06.0033 0x0c2c  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:41:06.0124 0x0c2c  IpFilterDriver - ok
09:41:06.0201 0x0c2c  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:41:06.0302 0x0c2c  iphlpsvc - ok
09:41:06.0323 0x0c2c  IpInIp - ok
09:41:06.0371 0x0c2c  [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
09:41:06.0492 0x0c2c  IPMIDRV - ok
09:41:06.0549 0x0c2c  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
09:41:06.0626 0x0c2c  IPNAT - ok
09:41:06.0692 0x0c2c  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:41:06.0771 0x0c2c  IRENUM - ok
09:41:06.0796 0x0c2c  [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:41:06.0870 0x0c2c  isapnp - ok
09:41:06.0927 0x0c2c  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
09:41:06.0992 0x0c2c  iScsiPrt - ok
09:41:07.0023 0x0c2c  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
09:41:07.0098 0x0c2c  iteatapi - ok
09:41:07.0183 0x0c2c  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
09:41:07.0242 0x0c2c  iteraid - ok
09:41:07.0326 0x0c2c  [ 67390C4565772D4BFA996C40D8319954 ] ivusb           C:\Windows\system32\DRIVERS\ivusb.sys
09:41:07.0375 0x0c2c  ivusb - ok
09:41:07.0408 0x0c2c  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
09:41:07.0472 0x0c2c  kbdclass - ok
09:41:07.0500 0x0c2c  [ D2600CB17B7408B4A83F231DC9A11AC3 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
09:41:07.0638 0x0c2c  kbdhid - ok
09:41:07.0685 0x0c2c  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
09:41:07.0760 0x0c2c  KeyIso - ok
09:41:07.0835 0x0c2c  [ 1E0D65F7FFEB4E99B2EEC1CCB5754CC8 ] KR10I           C:\Windows\system32\drivers\kr10i.sys
09:41:07.0882 0x0c2c  KR10I ( UnsignedFile.Multi.Generic ) - warning
09:41:07.0883 0x0c2c  KR10I - detected UnsignedFile.Multi.Generic (1)
09:41:07.0930 0x0c2c  [ 485E005CD51FF502FB16483EB4B69C17 ] KR3NPXP         C:\Windows\system32\drivers\kr3npxp.sys
09:41:08.0013 0x0c2c  KR3NPXP ( UnsignedFile.Multi.Generic ) - warning
09:41:08.0013 0x0c2c  KR3NPXP - detected UnsignedFile.Multi.Generic (1)
09:41:08.0091 0x0c2c  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:41:08.0165 0x0c2c  KSecDD - ok
09:41:08.0272 0x0c2c  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:41:08.0399 0x0c2c  KtmRm - ok
09:41:08.0527 0x0c2c  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\System32\srvsvc.dll
09:41:08.0721 0x0c2c  LanmanServer - ok
09:41:08.0815 0x0c2c  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:41:08.0907 0x0c2c  LanmanWorkstation - ok
09:41:09.0009 0x0c2c  [ 6E5DAC168D1FF9843E84A59D51D31107 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
09:41:09.0060 0x0c2c  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
09:41:09.0060 0x0c2c  LightScribeService - detected UnsignedFile.Multi.Generic (1)
09:41:09.0110 0x0c2c  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:41:09.0215 0x0c2c  lltdio - ok
09:41:09.0283 0x0c2c  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:41:09.0381 0x0c2c  lltdsvc - ok
09:41:09.0414 0x0c2c  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:41:09.0531 0x0c2c  lmhosts - ok
09:41:09.0594 0x0c2c  [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
09:41:09.0658 0x0c2c  LSI_FC - ok
09:41:09.0686 0x0c2c  [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
09:41:09.0748 0x0c2c  LSI_SAS - ok
09:41:09.0789 0x0c2c  [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
09:41:09.0856 0x0c2c  LSI_SCSI - ok
09:41:09.0932 0x0c2c  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
09:41:10.0022 0x0c2c  luafv - ok
09:41:10.0185 0x0c2c  [ 7DE4257D9369054E74ED29DE2D2349D7 ] McAfee SiteAdvisor Service c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
09:41:10.0241 0x0c2c  McAfee SiteAdvisor Service - ok
09:41:10.0355 0x0c2c  [ CCB60B6820DF49646D5D97CBEC12D7B3 ] McAPExe         C:\Program Files\McAfee\MSC\McAPExe.exe
09:41:10.0418 0x0c2c  McAPExe - ok
09:41:10.0552 0x0c2c  [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
09:41:10.0610 0x0c2c  McComponentHostService - ok
09:41:10.0641 0x0c2c  [ 5007E21208DA68F60EBF43352BDFE6D0 ] McMPFSvc        C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
09:41:10.0706 0x0c2c  McMPFSvc - ok
09:41:10.0731 0x0c2c  [ 5007E21208DA68F60EBF43352BDFE6D0 ] McNaiAnn        C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
09:41:10.0810 0x0c2c  McNaiAnn - ok
09:41:10.0982 0x0c2c  [ 3A01047FFF666D33EBDE3513D20DA1F5 ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe
09:41:11.0074 0x0c2c  McODS - ok
09:41:11.0208 0x0c2c  [ 5007E21208DA68F60EBF43352BDFE6D0 ] mcpltsvc        C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
09:41:11.0307 0x0c2c  mcpltsvc - ok
09:41:11.0419 0x0c2c  [ 5007E21208DA68F60EBF43352BDFE6D0 ] McProxy         C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
09:41:11.0474 0x0c2c  McProxy - ok
09:41:11.0544 0x0c2c  [ 807114687BF45F5EC0F85CA379227974 ] McPvDrv         C:\Windows\system32\drivers\McPvDrv.sys
09:41:11.0605 0x0c2c  McPvDrv - ok
09:41:11.0663 0x0c2c  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
09:41:11.0751 0x0c2c  Mcx2Svc - ok
09:41:11.0864 0x0c2c  [ 11F714F85530A2BD134074DC30E99FCA ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
09:41:11.0927 0x0c2c  MDM - ok
09:41:12.0010 0x0c2c  [ D153B14FC6598EAE8422A2037553ADCE ] megasas         C:\Windows\system32\drivers\megasas.sys
09:41:12.0078 0x0c2c  megasas - ok
09:41:12.0147 0x0c2c  [ 65DF665FDED501263D0CC3D6E0E9DC7F ] mfeapfk         C:\Windows\system32\drivers\mfeapfk.sys
09:41:12.0204 0x0c2c  mfeapfk - ok
09:41:12.0268 0x0c2c  [ AF069594C9D062B1DA9128E21E6A0FC7 ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
09:41:12.0334 0x0c2c  mfeavfk - ok
09:41:12.0407 0x0c2c  [ 2619A2839439AB73901AEA77259B302E ] mfebopk         C:\Windows\system32\drivers\mfebopk.sys
09:41:12.0471 0x0c2c  mfebopk - ok
09:41:12.0590 0x0c2c  [ 2DA577B09944F3B4E8751CEEB733D380 ] mfecore         C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
09:41:12.0684 0x0c2c  mfecore - ok
09:41:12.0796 0x0c2c  [ F9505D12D562549815D680C32E56D80C ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
09:41:12.0858 0x0c2c  mfefire - ok
09:41:12.0919 0x0c2c  [ DB608133C5E66B300EC0B86DAE115EC1 ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
09:41:13.0034 0x0c2c  mfefirek - ok
09:41:13.0100 0x0c2c  [ C0C70B2C66B8525BAED8448BEE3B90A1 ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
09:41:13.0167 0x0c2c  mfehidk - ok
09:41:13.0231 0x0c2c  [ A53DD250107293390D24D0AD80F872E1 ] mfencbdc        C:\Windows\system32\DRIVERS\mfencbdc.sys
09:41:13.0297 0x0c2c  mfencbdc - ok
09:41:13.0385 0x0c2c  [ 38CF6C1A74A5AC6D341B735208FB8ED8 ] mfencrk         C:\Windows\system32\DRIVERS\mfencrk.sys
09:41:13.0450 0x0c2c  mfencrk - ok
09:41:13.0506 0x0c2c  [ 3EB57CFC149C8B702B22424DC870CD8C ] mfevtp          C:\Windows\system32\mfevtps.exe
09:41:13.0573 0x0c2c  mfevtp - ok
09:41:13.0603 0x0c2c  [ 32A895811EC9F7E4AA3CD503419AA463 ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
09:41:13.0668 0x0c2c  mfewfpk - ok
09:41:13.0717 0x0c2c  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
09:41:13.0829 0x0c2c  MMCSS - ok
09:41:13.0945 0x0c2c  [ 35176FA09A0FC58DB630991A81A0BA39 ] MOBKbackup      C:\Program Files\McAfee Online Backup\MOBKbackup.exe
09:41:13.0997 0x0c2c  MOBKbackup - ok
09:41:14.0074 0x0c2c  [ E896775837A8BCE436348DF460522394 ] MOBKFilter      C:\Windows\system32\DRIVERS\MOBK.sys
09:41:14.0134 0x0c2c  MOBKFilter - ok
09:41:14.0196 0x0c2c  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
09:41:14.0297 0x0c2c  Modem - ok
09:41:14.0385 0x0c2c  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
09:41:14.0469 0x0c2c  monitor - ok
09:41:14.0537 0x0c2c  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
09:41:14.0597 0x0c2c  mouclass - ok
09:41:14.0621 0x0c2c  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
09:41:14.0713 0x0c2c  mouhid - ok
09:41:14.0777 0x0c2c  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
09:41:14.0843 0x0c2c  MountMgr - ok
09:41:14.0968 0x0c2c  [ A35576A433F4AEB0D48976A004657CB6 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:41:15.0038 0x0c2c  MozillaMaintenance - ok
09:41:15.0100 0x0c2c  [ 583A41F26278D9E0EA548163D6139397 ] mpio            C:\Windows\system32\drivers\mpio.sys
09:41:15.0164 0x0c2c  mpio - ok
09:41:15.0215 0x0c2c  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:41:15.0288 0x0c2c  mpsdrv - ok
09:41:15.0353 0x0c2c  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:41:15.0478 0x0c2c  MpsSvc - ok
09:41:15.0513 0x0c2c  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
09:41:15.0587 0x0c2c  Mraid35x - ok
09:41:15.0631 0x0c2c  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:41:15.0718 0x0c2c  MRxDAV - ok
09:41:15.0780 0x0c2c  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:41:15.0925 0x0c2c  mrxsmb - ok
09:41:16.0053 0x0c2c  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:41:16.0122 0x0c2c  mrxsmb10 - ok
09:41:16.0160 0x0c2c  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:41:16.0229 0x0c2c  mrxsmb20 - ok
09:41:16.0310 0x0c2c  [ 5457DCFA7C0DA43522F4D9D4049C1472 ] msahci          C:\Windows\system32\drivers\msahci.sys
09:41:16.0372 0x0c2c  msahci - ok
09:41:16.0425 0x0c2c  [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
09:41:16.0680 0x0c2c  msdsm - ok
09:41:16.0754 0x0c2c  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
09:41:16.0877 0x0c2c  MSDTC - ok
09:41:16.0929 0x0c2c  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:41:17.0038 0x0c2c  Msfs - ok
09:41:17.0143 0x0c2c  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:41:17.0199 0x0c2c  msisadrv - ok
09:41:17.0290 0x0c2c  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:41:17.0388 0x0c2c  MSiSCSI - ok
09:41:17.0430 0x0c2c  msiserver - ok
09:41:17.0475 0x0c2c  [ 5007E21208DA68F60EBF43352BDFE6D0 ] MSK80Service    C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
09:41:17.0528 0x0c2c  MSK80Service - ok
09:41:17.0584 0x0c2c  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:41:17.0672 0x0c2c  MSKSSRV - ok
09:41:17.0759 0x0c2c  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:41:17.0886 0x0c2c  MSPCLOCK - ok
09:41:17.0922 0x0c2c  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:41:18.0028 0x0c2c  MSPQM - ok
09:41:18.0082 0x0c2c  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:41:18.0146 0x0c2c  MsRPC - ok
09:41:18.0213 0x0c2c  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
09:41:18.0273 0x0c2c  mssmbios - ok
09:41:18.0290 0x0c2c  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:41:18.0400 0x0c2c  MSTEE - ok
09:41:18.0436 0x0c2c  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
09:41:18.0501 0x0c2c  Mup - ok
09:41:18.0556 0x0c2c  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
09:41:18.0666 0x0c2c  napagent - ok
09:41:18.0753 0x0c2c  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:41:18.0870 0x0c2c  NativeWifiP - ok
09:41:19.0096 0x0c2c  [ 9576CC8E84F7CEDA9189CDDA1CFD4BC1 ] NBService       C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
09:41:19.0211 0x0c2c  NBService ( UnsignedFile.Multi.Generic ) - warning
09:41:19.0211 0x0c2c  NBService - detected UnsignedFile.Multi.Generic (1)
09:41:19.0316 0x0c2c  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:41:19.0424 0x0c2c  NDIS - ok
09:41:19.0494 0x0c2c  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:41:19.0569 0x0c2c  NdisTapi - ok
09:41:19.0625 0x0c2c  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:41:19.0706 0x0c2c  Ndisuio - ok
09:41:19.0765 0x0c2c  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:41:19.0864 0x0c2c  NdisWan - ok
09:41:19.0922 0x0c2c  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:41:19.0993 0x0c2c  NDProxy - ok
09:41:20.0035 0x0c2c  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:41:20.0140 0x0c2c  NetBIOS - ok
09:41:20.0189 0x0c2c  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
09:41:20.0272 0x0c2c  netbt - ok
09:41:20.0283 0x0c2c  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
09:41:20.0379 0x0c2c  Netlogon - ok
09:41:20.0440 0x0c2c  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
09:41:20.0540 0x0c2c  Netman - ok
09:41:20.0602 0x0c2c  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
09:41:20.0744 0x0c2c  netprofm - ok
09:41:20.0787 0x0c2c  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:41:20.0851 0x0c2c  NetTcpPortSharing - ok
09:41:20.0950 0x0c2c  [ A15F219208843A5A210C8CB391384453 ] NETw3v32        C:\Windows\system32\DRIVERS\NETw3v32.sys
09:41:21.0232 0x0c2c  NETw3v32 - ok
09:41:21.0267 0x0c2c  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
09:41:21.0335 0x0c2c  nfrd960 - ok
09:41:21.0400 0x0c2c  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:41:21.0501 0x0c2c  NlaSvc - ok
09:41:21.0572 0x0c2c  [ C4EBBBD7165BE535F0BFD06B80601D91 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
09:41:21.0650 0x0c2c  NMIndexingService ( UnsignedFile.Multi.Generic ) - warning
09:41:21.0650 0x0c2c  NMIndexingService - detected UnsignedFile.Multi.Generic (1)
09:41:21.0697 0x0c2c  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:41:21.0783 0x0c2c  Npfs - ok
09:41:21.0840 0x0c2c  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
09:41:21.0932 0x0c2c  nsi - ok
09:41:21.0988 0x0c2c  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:41:22.0074 0x0c2c  nsiproxy - ok
09:41:22.0185 0x0c2c  [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:41:22.0302 0x0c2c  Ntfs - ok
09:41:22.0354 0x0c2c  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
09:41:22.0457 0x0c2c  ntrigdigi - ok
09:41:22.0482 0x0c2c  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
09:41:22.0567 0x0c2c  Null - ok
09:41:22.0601 0x0c2c  [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:41:22.0670 0x0c2c  nvraid - ok
09:41:22.0692 0x0c2c  [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:41:22.0757 0x0c2c  nvstor - ok
09:41:22.0787 0x0c2c  [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:41:22.0859 0x0c2c  nv_agp - ok
09:41:22.0875 0x0c2c  NwlnkFlt - ok
09:41:22.0892 0x0c2c  NwlnkFwd - ok
09:41:22.0977 0x0c2c  [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
09:41:23.0064 0x0c2c  ohci1394 - ok
09:41:23.0117 0x0c2c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:41:23.0215 0x0c2c  ose - ok
09:41:23.0483 0x0c2c  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:41:23.0837 0x0c2c  osppsvc - ok
09:41:23.0919 0x0c2c  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
09:41:24.0049 0x0c2c  p2pimsvc - ok
09:41:24.0196 0x0c2c  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
09:41:24.0276 0x0c2c  p2psvc - ok
09:41:24.0319 0x0c2c  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
09:41:24.0436 0x0c2c  Parport - ok
09:41:24.0488 0x0c2c  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:41:24.0547 0x0c2c  partmgr - ok
09:41:24.0582 0x0c2c  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
09:41:24.0700 0x0c2c  Parvdm - ok
09:41:24.0757 0x0c2c  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:41:24.0865 0x0c2c  PcaSvc - ok
09:41:24.0920 0x0c2c  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
09:41:24.0983 0x0c2c  pci - ok
09:41:25.0030 0x0c2c  [ 3B1901E401473E03EB8C874271E50C26 ] pciide          C:\Windows\system32\drivers\pciide.sys
09:41:25.0195 0x0c2c  pciide - ok
09:41:25.0264 0x0c2c  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
09:41:25.0372 0x0c2c  pcmcia - ok
09:41:25.0427 0x0c2c  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:41:25.0633 0x0c2c  PEAUTH - ok
09:41:25.0715 0x0c2c  pgfilter - ok
09:41:25.0809 0x0c2c  [ 6DBF2AC2BDAFF355995AB25ECCC4CFE1 ] pinger          C:\Toshiba\IVP\ISM\pinger.exe
09:41:25.0865 0x0c2c  pinger - ok
09:41:25.0979 0x0c2c  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
09:41:26.0167 0x0c2c  pla - ok
09:41:26.0221 0x0c2c  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:41:26.0325 0x0c2c  PlugPlay - ok
09:41:26.0550 0x0c2c  [ 7C725A94A89E3C1EA7D492D5E79698A2 ] PMBDeviceInfoProvider C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
09:41:26.0613 0x0c2c  PMBDeviceInfoProvider - ok
09:41:26.0664 0x0c2c  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
09:41:26.0746 0x0c2c  PNRPAutoReg - ok
09:41:26.0786 0x0c2c  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
09:41:26.0873 0x0c2c  PNRPsvc - ok
09:41:26.0921 0x0c2c  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:41:27.0053 0x0c2c  PolicyAgent - ok
09:41:27.0121 0x0c2c  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:41:27.0211 0x0c2c  PptpMiniport - ok
09:41:27.0256 0x0c2c  [ 0E3CEF5D28B40CF273281D620C50700A ] Processor       C:\Windows\system32\drivers\processr.sys
09:41:27.0364 0x0c2c  Processor - ok
09:41:27.0415 0x0c2c  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
09:41:27.0491 0x0c2c  ProfSvc - ok
09:41:27.0520 0x0c2c  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
09:41:27.0590 0x0c2c  ProtectedStorage - ok
09:41:27.0640 0x0c2c  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
09:41:27.0721 0x0c2c  PSched - ok
09:41:27.0746 0x0c2c  [ 1962166E0CEB740704F30FA55AD3D509 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
09:41:27.0807 0x0c2c  PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
09:41:27.0807 0x0c2c  PxHelp20 - detected UnsignedFile.Multi.Generic (1)
09:41:27.0881 0x0c2c  [ 674EBA70A52C02696E503B0A57AE6372 ] QIOMem          C:\Windows\system32\DRIVERS\QIOMem.sys
09:41:27.0988 0x0c2c  QIOMem - ok
09:41:28.0102 0x0c2c  [ CCDAC889326317792480C0A67156A1EC ] ql2300          C:\Windows\system32\drivers\ql2300.sys
09:41:28.0188 0x0c2c  ql2300 - ok
09:41:28.0215 0x0c2c  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
09:41:28.0279 0x0c2c  ql40xx - ok
09:41:28.0339 0x0c2c  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
09:41:28.0467 0x0c2c  QWAVE - ok
09:41:28.0522 0x0c2c  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:41:28.0602 0x0c2c  QWAVEdrv - ok
09:41:28.0655 0x0c2c  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:41:28.0759 0x0c2c  RasAcd - ok
09:41:28.0817 0x0c2c  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
09:41:28.0921 0x0c2c  RasAuto - ok
09:41:28.0977 0x0c2c  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
09:41:29.0065 0x0c2c  Rasl2tp - ok
09:41:29.0127 0x0c2c  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
09:41:29.0243 0x0c2c  RasMan - ok
09:41:29.0302 0x0c2c  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:41:29.0428 0x0c2c  RasPppoe - ok
09:41:29.0465 0x0c2c  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
09:41:29.0543 0x0c2c  RasSstp - ok
09:41:29.0599 0x0c2c  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:41:29.0718 0x0c2c  rdbss - ok
09:41:29.0798 0x0c2c  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
09:41:29.0903 0x0c2c  RDPCDD - ok
09:41:29.0968 0x0c2c  [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
09:41:30.0104 0x0c2c  rdpdr - ok
09:41:30.0159 0x0c2c  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
09:41:30.0277 0x0c2c  RDPENCDD - ok
09:41:30.0402 0x0c2c  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
09:41:30.0537 0x0c2c  RDPWD - ok
09:41:30.0645 0x0c2c  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:41:30.0710 0x0c2c  RemoteAccess - ok
09:41:30.0754 0x0c2c  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:41:30.0828 0x0c2c  RemoteRegistry - ok
09:41:30.0899 0x0c2c  [ C2EF513BBE069F0D4EE0938A76F975D3 ] rimmptsk        C:\Windows\system32\DRIVERS\rimmptsk.sys
09:41:30.0967 0x0c2c  rimmptsk - ok
09:41:31.0000 0x0c2c  [ C398BCA91216755B098679A8DA8A2300 ] rimsptsk        C:\Windows\system32\DRIVERS\rimsptsk.sys
09:41:31.0075 0x0c2c  rimsptsk - ok
09:41:31.0135 0x0c2c  [ 2A2554CB24506E0A0508FC395C4A1B42 ] rismxdp         C:\Windows\system32\DRIVERS\rixdptsk.sys
09:41:31.0239 0x0c2c  rismxdp - ok
09:41:31.0275 0x0c2c  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
09:41:31.0378 0x0c2c  RpcLocator - ok
09:41:31.0467 0x0c2c  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
09:41:31.0932 0x0c2c  RpcSs - ok
09:41:31.0988 0x0c2c  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:41:32.0077 0x0c2c  rspndr - ok
09:41:32.0173 0x0c2c  [ 2D19A7469EA19993D0C12E627F4530BC ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
09:41:32.0245 0x0c2c  RTL8169 - ok
09:41:32.0287 0x0c2c  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
09:41:32.0365 0x0c2c  SamSs - ok
09:41:32.0479 0x0c2c  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:41:32.0558 0x0c2c  sbp2port - ok
09:41:32.0660 0x0c2c  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:41:32.0754 0x0c2c  SCardSvr - ok
09:41:32.0897 0x0c2c  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
09:41:33.0018 0x0c2c  Schedule - ok
09:41:33.0059 0x0c2c  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:41:33.0163 0x0c2c  SCPolicySvc - ok
09:41:33.0203 0x0c2c  [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
09:41:33.0288 0x0c2c  sdbus - ok
09:41:33.0365 0x0c2c  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:41:33.0442 0x0c2c  SDRSVC - ok
09:41:33.0500 0x0c2c  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:41:33.0621 0x0c2c  secdrv - ok
09:41:33.0694 0x0c2c  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
09:41:33.0822 0x0c2c  seclogon - ok
09:41:33.0863 0x0c2c  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\system32\sens.dll
09:41:34.0000 0x0c2c  SENS - ok
09:41:34.0057 0x0c2c  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
09:41:34.0285 0x0c2c  Serenum - ok
09:41:34.0331 0x0c2c  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
09:41:34.0458 0x0c2c  Serial - ok
09:41:34.0482 0x0c2c  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
09:41:34.0583 0x0c2c  sermouse - ok
09:41:34.0681 0x0c2c  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
09:41:34.0772 0x0c2c  SessionEnv - ok
09:41:34.0841 0x0c2c  [ 103B79418DA647736EE95645F305F68A ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
09:41:34.0975 0x0c2c  sffdisk - ok
09:41:35.0002 0x0c2c  [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
09:41:35.0126 0x0c2c  sffp_mmc - ok
09:41:35.0155 0x0c2c  [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
09:41:35.0281 0x0c2c  sffp_sd - ok
09:41:35.0328 0x0c2c  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
09:41:35.0499 0x0c2c  sfloppy - ok
09:41:35.0553 0x0c2c  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:41:35.0658 0x0c2c  SharedAccess - ok
09:41:35.0740 0x0c2c  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:41:35.0845 0x0c2c  ShellHWDetection - ok
09:41:35.0898 0x0c2c  [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
09:41:36.0037 0x0c2c  sisagp - ok
09:41:36.0059 0x0c2c  [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
09:41:36.0139 0x0c2c  SiSRaid2 - ok
09:41:36.0173 0x0c2c  [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
09:41:36.0239 0x0c2c  SiSRaid4 - ok
09:41:36.0448 0x0c2c  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
09:41:36.0816 0x0c2c  slsvc - ok
09:41:36.0903 0x0c2c  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
09:41:36.0983 0x0c2c  SLUINotify - ok
09:41:37.0041 0x0c2c  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
09:41:37.0167 0x0c2c  Smb - ok
09:41:37.0238 0x0c2c  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:41:37.0316 0x0c2c  SNMPTRAP - ok
09:41:37.0460 0x0c2c  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
09:41:37.0555 0x0c2c  spldr - ok
09:41:37.0610 0x0c2c  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
09:41:37.0714 0x0c2c  Spooler - ok
09:41:37.0782 0x0c2c  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:41:37.0882 0x0c2c  srv - ok
09:41:37.0946 0x0c2c  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:41:38.0030 0x0c2c  srv2 - ok
09:41:38.0067 0x0c2c  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:41:38.0155 0x0c2c  srvnet - ok
09:41:38.0229 0x0c2c  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:41:38.0333 0x0c2c  SSDPSRV - ok
09:41:38.0432 0x0c2c  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:41:38.0503 0x0c2c  SstpSvc - ok
09:41:38.0620 0x0c2c  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
09:41:38.0738 0x0c2c  stisvc - ok
09:41:38.0816 0x0c2c  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
09:41:38.0880 0x0c2c  swenum - ok
09:41:38.0948 0x0c2c  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
09:41:39.0070 0x0c2c  swprv - ok
09:41:39.0151 0x0c2c  [ 327786C5D6BCF284FAB14C2B5751F514 ] Swupdtmr        c:\Toshiba\IVP\swupdate\swupdtmr.exe
09:41:39.0251 0x0c2c  Swupdtmr - ok
09:41:39.0296 0x0c2c  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
09:41:39.0390 0x0c2c  Symc8xx - ok
09:41:39.0410 0x0c2c  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
09:41:39.0475 0x0c2c  Sym_hi - ok
09:41:39.0563 0x0c2c  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
09:41:39.0607 0x0c2c  Sym_u3 - ok
09:41:39.0755 0x0c2c  [ 2D2C815364A878C7E358D5F549711197 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
09:41:39.0875 0x0c2c  SynTP - ok
09:41:39.0969 0x0c2c  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
09:41:40.0071 0x0c2c  SysMain - ok
09:41:40.0129 0x0c2c  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:41:40.0207 0x0c2c  TabletInputService - ok
09:41:40.0268 0x0c2c  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:41:40.0377 0x0c2c  TapiSrv - ok
09:41:40.0426 0x0c2c  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
09:41:40.0493 0x0c2c  TBS - ok
09:41:40.0583 0x0c2c  [ D18D53974FD715D50FC76F9FFE1C830D ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:41:40.0664 0x0c2c  Tcpip - ok
09:41:40.0728 0x0c2c  [ D18D53974FD715D50FC76F9FFE1C830D ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
09:41:40.0798 0x0c2c  Tcpip6 - ok
09:41:40.0856 0x0c2c  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:41:40.0987 0x0c2c  tcpipreg - ok
09:41:41.0070 0x0c2c  [ 1825BCEB47BF41C5A9F0E44DE82FC27A ] tdcmdpst        C:\Windows\system32\DRIVERS\tdcmdpst.sys
09:41:41.0132 0x0c2c  tdcmdpst - ok
09:41:41.0193 0x0c2c  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
09:41:41.0975 0x0c2c  TDPIPE - ok
09:41:42.0066 0x0c2c  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
09:41:42.0426 0x0c2c  TDTCP - ok
09:41:42.0527 0x0c2c  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:41:42.0778 0x0c2c  tdx - ok
09:41:42.0859 0x0c2c  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
09:41:43.0237 0x0c2c  TermDD - ok
09:41:43.0395 0x0c2c  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
09:41:43.0710 0x0c2c  TermService - ok
09:41:43.0760 0x0c2c  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
09:41:43.0992 0x0c2c  Themes - ok
09:41:44.0041 0x0c2c  [ BAB2B0E314FD4079C859AB07B1DD162A ] Thpdrv          C:\Windows\system32\DRIVERS\thpdrv.sys
09:41:44.0294 0x0c2c  Thpdrv - ok
09:41:44.0341 0x0c2c  [ 39CA469F82FC9C8D84410BDB5FC332AF ] Thpevm          C:\Windows\system32\DRIVERS\Thpevm.SYS
09:41:44.0503 0x0c2c  Thpevm - ok
09:41:44.0600 0x0c2c  [ 5E3E3BF9DFDAA30BB76AACAECD818B15 ] Thpsrv          C:\Windows\system32\ThpSrv.exe
09:41:44.0706 0x0c2c  Thpsrv - ok
09:41:44.0742 0x0c2c  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
09:41:44.0935 0x0c2c  THREADORDER - ok
09:41:45.0335 0x0c2c  [ 38E18DCE385FF2DED57423A279559DBC ] TNaviSrv        C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
09:41:45.0632 0x0c2c  TNaviSrv ( UnsignedFile.Multi.Generic ) - warning
09:41:45.0633 0x0c2c  TNaviSrv - detected UnsignedFile.Multi.Generic (1)
09:41:45.0744 0x0c2c  [ D540858E65BFA6FDED41AD2495ECE344 ] TODDSrv         C:\Windows\system32\TODDSrv.exe
09:41:45.0853 0x0c2c  TODDSrv ( UnsignedFile.Multi.Generic ) - warning
09:41:45.0853 0x0c2c  TODDSrv - detected UnsignedFile.Multi.Generic (1)
09:41:46.0045 0x0c2c  [ 6A54C28B53C6B50D333C8EE974C6B208 ] TosCoSrv        C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
09:41:46.0251 0x0c2c  TosCoSrv - ok
09:41:46.0503 0x0c2c  [ 87843B2DA99051BC66E2D6C211E3D6A4 ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
09:41:46.0660 0x0c2c  TOSHIBA Bluetooth Service - ok
09:41:46.0676 0x0c2c  Tosrfcom - ok
09:41:46.0709 0x0c2c  [ 5C4103544612E5011EF46301B93D1AA6 ] tosrfec         C:\Windows\system32\DRIVERS\tosrfec.sys
09:41:46.0847 0x0c2c  tosrfec - ok
09:41:46.0906 0x0c2c  [ 1EA5F27C29405BF49799FECA77186DA9 ] tos_sps32       C:\Windows\system32\DRIVERS\tos_sps32.sys
09:41:47.0082 0x0c2c  tos_sps32 - ok
09:41:47.0152 0x0c2c  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
09:41:47.0263 0x0c2c  TrkWks - ok
09:41:47.0323 0x0c2c  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:41:47.0443 0x0c2c  TrustedInstaller - ok
09:41:47.0527 0x0c2c  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
09:41:47.0698 0x0c2c  tssecsrv - ok
09:41:47.0769 0x0c2c  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
09:41:47.0826 0x0c2c  tunmp - ok
09:41:47.0900 0x0c2c  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:41:47.0997 0x0c2c  tunnel - ok
09:41:48.0039 0x0c2c  [ 521C5F39829875ADF5466DD94C6282C7 ] TVALZ           C:\Windows\system32\DRIVERS\TVALZ_O.SYS
09:41:48.0129 0x0c2c  TVALZ - ok
09:41:48.0183 0x0c2c  [ C3ADE15414120033A36C0F293D4A4121 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
09:41:48.0244 0x0c2c  uagp35 - ok
09:41:48.0335 0x0c2c  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:41:48.0507 0x0c2c  udfs - ok
09:41:48.0656 0x0c2c  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:41:48.0732 0x0c2c  UI0Detect - ok
09:41:48.0789 0x0c2c  [ 332D341D92B933600D41953B08360DFB ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
09:41:48.0813 0x0c2c  UleadBurningHelper ( UnsignedFile.Multi.Generic ) - warning
09:41:48.0813 0x0c2c  UleadBurningHelper - detected UnsignedFile.Multi.Generic (1)
09:41:48.0834 0x0c2c  [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:41:48.0873 0x0c2c  uliagpkx - ok
09:41:48.0897 0x0c2c  [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci         C:\Windows\system32\drivers\uliahci.sys
09:41:48.0951 0x0c2c  uliahci - ok
09:41:48.0983 0x0c2c  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
09:41:49.0024 0x0c2c  UlSata - ok
09:41:49.0046 0x0c2c  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
09:41:49.0123 0x0c2c  ulsata2 - ok
09:41:49.0172 0x0c2c  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
09:41:49.0241 0x0c2c  umbus - ok
09:41:49.0298 0x0c2c  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
09:41:49.0382 0x0c2c  upnphost - ok
09:41:49.0459 0x0c2c  [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
09:41:49.0575 0x0c2c  USBAAPL - ok
09:41:49.0792 0x0c2c  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
09:41:49.0873 0x0c2c  usbccgp - ok
09:41:50.0070 0x0c2c  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
09:41:50.0172 0x0c2c  usbcir - ok
09:41:50.0232 0x0c2c  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
09:41:50.0320 0x0c2c  usbehci - ok
09:41:50.0354 0x0c2c  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
09:41:50.0469 0x0c2c  usbhub - ok
09:41:50.0504 0x0c2c  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
09:41:50.0629 0x0c2c  usbohci - ok
09:41:50.0673 0x0c2c  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
09:41:50.0751 0x0c2c  usbprint - ok
09:41:50.0835 0x0c2c  [ A508C9BD8724980512136B039BBA65E9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
09:41:50.0909 0x0c2c  usbscan - ok
09:41:50.0930 0x0c2c  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:41:51.0029 0x0c2c  USBSTOR - ok
09:41:51.0079 0x0c2c  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
09:41:51.0170 0x0c2c  usbuhci - ok
09:41:51.0252 0x0c2c  [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
09:41:51.0345 0x0c2c  usbvideo - ok
09:41:51.0426 0x0c2c  [ 228F444F9AF0D3B9ECA9FC3F4FEB12F2 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
09:41:51.0509 0x0c2c  usb_rndisx - ok
09:41:51.0557 0x0c2c  [ 3B929A72AAEA96DC0150D3A6DA268C89 ] UVCFTR          C:\Windows\system32\Drivers\UVCFTR_S.SYS
09:41:51.0666 0x0c2c  UVCFTR - ok
09:41:51.0724 0x0c2c  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
09:41:51.0796 0x0c2c  UxSms - ok
09:41:51.0861 0x0c2c  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
09:41:51.0958 0x0c2c  vds - ok
09:41:51.0989 0x0c2c  [ 7D92BE0028ECDEDEC74617009084B5EF ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
09:41:52.0090 0x0c2c  vga - ok
09:41:52.0142 0x0c2c  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
09:41:52.0232 0x0c2c  VgaSave - ok
09:41:52.0271 0x0c2c  [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp          C:\Windows\system32\drivers\viaagp.sys
09:41:52.0333 0x0c2c  viaagp - ok
09:41:52.0385 0x0c2c  [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
09:41:52.0560 0x0c2c  ViaC7 - ok
09:41:52.0588 0x0c2c  [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide          C:\Windows\system32\drivers\viaide.sys
09:41:52.0647 0x0c2c  viaide - ok
09:41:52.0710 0x0c2c  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:41:52.0784 0x0c2c  volmgr - ok
09:41:52.0839 0x0c2c  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:41:52.0894 0x0c2c  volmgrx - ok
09:41:52.0961 0x0c2c  [ 786DB5771F05EF300390399F626BF30A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:41:53.0041 0x0c2c  volsnap - ok
09:41:53.0068 0x0c2c  [ D984439746D42B30FC65A4C3546C6829 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
09:41:53.0113 0x0c2c  vsmraid - ok
09:41:53.0183 0x0c2c  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
09:41:53.0363 0x0c2c  VSS - ok
09:41:53.0414 0x0c2c  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
09:41:53.0530 0x0c2c  W32Time - ok
09:41:53.0579 0x0c2c  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
09:41:53.0688 0x0c2c  WacomPen - ok
09:41:53.0742 0x0c2c  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
09:41:53.0832 0x0c2c  Wanarp - ok
09:41:53.0843 0x0c2c  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:41:53.0914 0x0c2c  Wanarpv6 - ok
09:41:53.0955 0x0c2c  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:41:54.0038 0x0c2c  wcncsvc - ok
09:41:54.0082 0x0c2c  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:41:54.0170 0x0c2c  WcsPlugInService - ok
09:41:54.0225 0x0c2c  [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd              C:\Windows\system32\drivers\wd.sys
09:41:54.0269 0x0c2c  Wd - ok
09:41:54.0343 0x0c2c  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:41:54.0442 0x0c2c  Wdf01000 - ok
09:41:54.0498 0x0c2c  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:41:54.0571 0x0c2c  WdiServiceHost - ok
09:41:54.0587 0x0c2c  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:41:54.0657 0x0c2c  WdiSystemHost - ok
09:41:54.0728 0x0c2c  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
09:41:54.0851 0x0c2c  WebClient - ok
09:41:54.0931 0x0c2c  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:41:55.0081 0x0c2c  Wecsvc - ok
09:41:55.0142 0x0c2c  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:41:55.0222 0x0c2c  wercplsupport - ok
09:41:55.0283 0x0c2c  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
09:41:55.0437 0x0c2c  WerSvc - ok
09:41:55.0548 0x0c2c  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
09:41:55.0623 0x0c2c  WinDefend - ok
09:41:55.0645 0x0c2c  WinHttpAutoProxySvc - ok
09:41:55.0722 0x0c2c  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:41:55.0830 0x0c2c  Winmgmt - ok
09:41:56.0155 0x0c2c  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
09:41:56.0914 0x0c2c  WinRM - ok
09:41:57.0071 0x0c2c  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
09:41:57.0227 0x0c2c  Wlansvc - ok
09:41:57.0286 0x0c2c  [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
09:41:57.0458 0x0c2c  WmiAcpi - ok
09:41:57.0516 0x0c2c  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:41:57.0597 0x0c2c  wmiApSrv - ok
09:41:57.0735 0x0c2c  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
09:41:57.0881 0x0c2c  WMPNetworkSvc - ok
09:41:57.0919 0x0c2c  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:41:58.0014 0x0c2c  WPCSvc - ok
09:41:58.0092 0x0c2c  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:41:58.0154 0x0c2c  WPDBusEnum - ok
09:41:58.0242 0x0c2c  [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
09:41:58.0299 0x0c2c  WpdUsb - ok
09:41:58.0495 0x0c2c  [ B800EEC15851597405784126C407188C ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:41:58.0600 0x0c2c  WPFFontCache_v0400 - ok
09:41:58.0656 0x0c2c  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:41:58.0755 0x0c2c  ws2ifsl - ok
09:41:58.0792 0x0c2c  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\system32\wscsvc.dll
09:41:58.0849 0x0c2c  wscsvc - ok
09:41:58.0864 0x0c2c  WSearch - ok
09:41:59.0006 0x0c2c  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
09:41:59.0194 0x0c2c  wuauserv - ok
09:41:59.0287 0x0c2c  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:41:59.0362 0x0c2c  WudfPf - ok
09:41:59.0443 0x0c2c  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
09:41:59.0524 0x0c2c  WUDFRd - ok
09:41:59.0588 0x0c2c  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:41:59.0653 0x0c2c  wudfsvc - ok
09:41:59.0718 0x0c2c  ================ Scan global ===============================
09:41:59.0775 0x0c2c  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
09:41:59.0837 0x0c2c  [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
09:41:59.0881 0x0c2c  [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
09:41:59.0932 0x0c2c  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
09:41:59.0938 0x0c2c  [Global] - ok
09:41:59.0938 0x0c2c  ================ Scan MBR ==================================
09:41:59.0957 0x0c2c  [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
09:42:00.0909 0x0c2c  \Device\Harddisk0\DR0 - ok
09:42:00.0910 0x0c2c  ================ Scan VBR ==================================
09:42:00.0921 0x0c2c  [ 6DB0C7C230DA4EF1B978C0C7A410852B ] \Device\Harddisk0\DR0\Partition1
09:42:00.0924 0x0c2c  \Device\Harddisk0\DR0\Partition1 - ok
09:42:00.0925 0x0c2c  ============================================================
09:42:00.0925 0x0c2c  Scan finished
09:42:00.0925 0x0c2c  ============================================================
09:42:01.0015 0x15f4  Detected object count: 14
09:42:01.0015 0x15f4  Actual detected object count: 14
09:43:04.0038 0x15f4  BrYNSvc ( UnsignedFile.Multi.Generic ) - skipped by user
09:43:04.0038 0x15f4  BrYNSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:43:04.0042 0x15f4  BVRPMPR5 ( UnsignedFile.Multi.Generic ) - skipped by user
09:43:04.0043 0x15f4  BVRPMPR5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:43:04.0047 0x15f4  Cdralw2k ( UnsignedFile.Multi.Generic ) - skipped by user
09:43:04.0047 0x15f4  Cdralw2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:43:04.0051 0x15f4  CFSvcs ( UnsignedFile.Multi.Generic ) - skipped by user
09:43:04.0051 0x15f4  CFSvcs ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:43:04.0055 0x15f4  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
09:43:04.0056 0x15f4  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:43:04.0059 0x15f4  KR10I ( UnsignedFile.Multi.Generic ) - skipped by user
09:43:04.0060 0x15f4  KR10I ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:43:04.0066 0x15f4  KR3NPXP ( UnsignedFile.Multi.Generic ) - skipped by user
09:43:04.0066 0x15f4  KR3NPXP ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:43:04.0070 0x15f4  LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
09:43:04.0070 0x15f4  LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:43:04.0072 0x15f4  NBService ( UnsignedFile.Multi.Generic ) - skipped by user
09:43:04.0072 0x15f4  NBService ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:43:04.0076 0x15f4  NMIndexingService ( UnsignedFile.Multi.Generic ) - skipped by user
09:43:04.0076 0x15f4  NMIndexingService ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:43:04.0077 0x15f4  PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
09:43:04.0077 0x15f4  PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:43:04.0081 0x15f4  TNaviSrv ( UnsignedFile.Multi.Generic ) - skipped by user
09:43:04.0082 0x15f4  TNaviSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:43:04.0087 0x15f4  TODDSrv ( UnsignedFile.Multi.Generic ) - skipped by user
09:43:04.0088 0x15f4  TODDSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:43:04.0103 0x15f4  UleadBurningHelper ( UnsignedFile.Multi.Generic ) - skipped by user
09:43:04.0103 0x15f4  UleadBurningHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:43:44.0299 0x08b4  Deinitialize success

 

 

adwcleaner log

 

# AdwCleaner v3.001 - Report created 01/09/2013 at 09:45:25
# Updated 24/08/2013 by Xplode
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# Username : Owner - OWNER-PC
# Running from : C:\Users\Owner\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16502


-\\ Mozilla Firefox v23.0.1 (en-US)

[ File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\7na8p5x8.default-1368339064000\prefs.js ]


[ File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7o4rhxs.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1005 octets] - [01/09/2013 09:44:04]
AdwCleaner[S0].txt - [928 octets] - [01/09/2013 09:45:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [987 octets] ##########

 

Farbar log

 

 

Farbar Service Scanner Version: 28-08-2013
Ran by Owner (administrator) on 01-09-2013 at 10:06:30
Running from "C:\Users\Owner\Desktop"
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

 

 

 

minitoolbox log

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Owner (administrator) on 01-09-2013 at 10:07:12
Running from "C:\Users\Owner\Desktop"
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Realtek PCIe FE Family Controller = Local Area Connection 2 (Connected)
Atheros AR5007EG Wireless Network Adapter = Wireless Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Owner-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Atheros AR5007EG Wireless Network Adapter
   Physical Address. . . . . . . . . : 00-1B-9E-57-9B-53
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection 2:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller #2
   Physical Address. . . . . . . . . : 00-1B-24-A5-30-A3
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::a151:2ae9:627d:9ab5%9(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, 1 September 2013 10:05:22 AM
   Lease Expires . . . . . . . . . . : Monday, 2 September 2013 10:05:22 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 184556324
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0E-82-F4-23-00-1B-24-A5-30-A3
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 7:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{5DBCA865-A3F9-40EB-B6AB-2885EDA177B6}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 10:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:2879:310a:840c:f209(Preferred)
   Link-local IPv6 Address . . . . . : fe80::2879:310a:840c:f209%12(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 13:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{2D784431-1F27-4852-B650-922908B52C67}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.1.1

DNS request timed out.
    timeout was 2 seconds.
Name:    google.com
Address:  74.125.237.7



Pinging google.com [74.125.237.7] with 32 bytes of data:

Reply from 74.125.237.7: bytes=32 time=18ms TTL=56

Reply from 74.125.237.7: bytes=32 time=17ms TTL=56



Ping statistics for 74.125.237.7:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 17ms, Maximum = 18ms, Average = 17ms

Server:  UnKnown
Address:  192.168.1.1

DNS request timed out.
    timeout was 2 seconds.
Name:    yahoo.com
Address:  98.139.183.24



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

Reply from 98.139.183.24: bytes=32 time=358ms TTL=44

Reply from 98.139.183.24: bytes=32 time=331ms TTL=43



Ping statistics for 98.139.183.24:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 331ms, Maximum = 358ms, Average = 344ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
 11 ...00 1b 9e 57 9b 53 ...... Atheros AR5007EG Wireless Network Adapter
  9 ...00 1b 24 a5 30 a3 ...... Realtek PCIe FE Family Controller #2
  1 ........................... Software Loopback Interface 1
 10 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
 26 ...00 00 00 00 00 00 00 e0  isatap.{5DBCA865-A3F9-40EB-B6AB-2885EDA177B6}
 12 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 27 ...00 00 00 00 00 00 00 e0  isatap.{2D784431-1F27-4852-B650-922908B52C67}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.2     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.2    276
      192.168.1.2  255.255.255.255         On-link       192.168.1.2    276
    192.168.1.255  255.255.255.255         On-link       192.168.1.2    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.2    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.2    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12     18 ::/0                     On-link
  1    306 ::1/128                  On-link
 12     18 2001::/32                On-link
 12    266 2001:0:4137:9e76:2879:310a:840c:f209/128
                                    On-link
  9    276 fe80::/64                On-link
 12    266 fe80::/64                On-link
 12    266 fe80::2879:310a:840c:f209/128
                                    On-link
  9    276 fe80::a151:2ae9:627d:9ab5/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    266 ff00::/8                 On-link
  9    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 41 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 42 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 43 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 44 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 45 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 46 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 47 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 48 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 49 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 50 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 51 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 52 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 53 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 54 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/01/2013 10:03:44 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {0e916ec1-41ec-453e-b8dc-87b5f63bdaa7}

Error: (09/01/2013 07:28:34 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {645fe5f8-133d-4d5f-9b53-074c1c1d6c3d}

Error: (08/31/2013 07:01:42 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {3dace160-633c-43e4-af9b-b460c077746a}

Error: (08/31/2013 03:42:48 PM) (Source: Application Hang) (User: )
Description: The program mcuicnt.exe version 5.8.710.2 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 102c
Start Time: 01cea5f0ce071c39
Termination Time: 1121

Error: (08/31/2013 00:23:22 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {c1a2f4c1-155d-4d87-b239-7ee4fffd2bfd}

Error: (08/31/2013 11:43:30 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {988ab73b-a6a0-4f3a-b629-469ad01900cf}

Error: (08/31/2013 06:33:44 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {4fb37053-7524-4641-a7be-1f1ceadbd31d}

Error: (08/30/2013 11:49:37 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {07bb7c70-ca80-43b6-9c14-189ffe9f6fd2}

Error: (08/30/2013 11:08:01 PM) (Source: Application Hang) (User: )
Description: The program mcuicnt.exe version 5.8.710.2 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 1494
Start Time: 01cea573d264b437
Termination Time: 1426

Error: (08/30/2013 09:28:17 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {da0b75c5-8aaf-4fa5-95d9-653c75d47637}


System errors:
=============
Error: (09/01/2013 10:03:57 AM) (Source: DCOM) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (09/01/2013 09:59:27 AM) (Source: Service Control Manager) (User: )
Description: Cdr4_xp

Error: (09/01/2013 09:59:27 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (09/01/2013 09:59:09 AM) (Source: TermService) (User: )
Description: The Terminal Server has failed to create a new self signed certificate to be used for Terminal Server authentication on SSL connections. The relevant status code was Key not valid for use in specified state.
.

Error: (09/01/2013 09:46:32 AM) (Source: DCOM) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}

Error: (09/01/2013 07:45:12 AM) (Source: DCOM) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (09/01/2013 07:32:58 AM) (Source: DCOM) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (09/01/2013 07:28:02 AM) (Source: DCOM) (User: )
Description: {6DFC2D17-579D-4C1C-93B7-B05B7DCCD766}

Error: (09/01/2013 07:24:24 AM) (Source: Service Control Manager) (User: )
Description: Cdr4_xp

Error: (09/01/2013 07:24:23 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058


Microsoft Office Sessions:
=========================
Error: (09/01/2013 10:03:44 AM) (Source: VSS)(User: )
Description: 0x80070005

Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {0e916ec1-41ec-453e-b8dc-87b5f63bdaa7}

Error: (09/01/2013 07:28:34 AM) (Source: VSS)(User: )
Description: 0x80070005

Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {645fe5f8-133d-4d5f-9b53-074c1c1d6c3d}

Error: (08/31/2013 07:01:42 PM) (Source: VSS)(User: )
Description: 0x80070005

Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {3dace160-633c-43e4-af9b-b460c077746a}

Error: (08/31/2013 03:42:48 PM) (Source: Application Hang)(User: )
Description: mcuicnt.exe5.8.710.2102c01cea5f0ce071c391121

Error: (08/31/2013 00:23:22 PM) (Source: VSS)(User: )
Description: 0x80070005

Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {c1a2f4c1-155d-4d87-b239-7ee4fffd2bfd}

Error: (08/31/2013 11:43:30 AM) (Source: VSS)(User: )
Description: 0x80070005

Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {988ab73b-a6a0-4f3a-b629-469ad01900cf}

Error: (08/31/2013 06:33:44 AM) (Source: VSS)(User: )
Description: 0x80070005

Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {4fb37053-7524-4641-a7be-1f1ceadbd31d}

Error: (08/30/2013 11:49:37 PM) (Source: VSS)(User: )
Description: 0x80070005

Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {07bb7c70-ca80-43b6-9c14-189ffe9f6fd2}

Error: (08/30/2013 11:08:01 PM) (Source: Application Hang)(User: )
Description: mcuicnt.exe5.8.710.2149401cea573d264b4371426

Error: (08/30/2013 09:28:17 PM) (Source: VSS)(User: )
Description: 0x80070005

Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {da0b75c5-8aaf-4fa5-95d9-653c75d47637}


CodeIntegrity Errors:
===================================
  Date: 2013-08-31 14:07:57.975
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-31 14:07:56.809
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-31 14:07:55.435
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-31 14:07:54.394
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-31 14:07:53.172
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-31 14:07:52.106
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-31 14:03:05.993
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-31 14:03:04.992
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-31 14:03:03.922
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-31 14:03:02.535
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

??? (Version: 7.1)
AC3Filter (remove only)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Reader XI (11.0.03) (Version: 11.0.03)
Adobe Shockwave Player 12.0 (Version: 12.0.3.133)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Atheros Driver Installation Program (Version: 7.1)
Audacity 2.0
Blackhawk Striker 2 (Version: WT022085)
Blasterball 3 (Version: WT022086)
Bluetooth Stack for Windows by Toshiba (Version: v5.10.06(T))
Bonjour (Version: 3.0.0.10)
Brother MFL-Pro Suite MFC-7362N (Version: 1.0.2.0)
Camera Assistant Software for Toshiba (Version: 1.7.138.0426)
CCleaner (Version: 3.24)
CD/DVD Drive Acoustic Silencer (Version: 2.01.01)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Desktop Dialer
Diner Dash - Flo on the Go (Version: WT022087)
DVD MovieFactory for TOSHIBA (Version: 5.3)
DVD Shrink 3.2
Eraser 5.8.7 (Version: Eraser 5.8.7)
FATE (Version: WT022089)
ffdshow [rev 3014] [2009-06-20] (Version: 1.0)
FileASSASSIN (Version: 1.06)
Google Chrome (Version: 29.0.1547.62)
GrabIt 1.7.2 Beta 6 (build 1008)
Haali Media Splitter
Intel® Graphics Media Accelerator Driver
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
LAME v3.99.3 (for Windows)
LightScribe  1.4.124.1 (Version: 1.4.124.1)
Mah Jong Quest (Version: WT022090)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
McAfee All Access – Total Protection (Version: 12.8.750)
McAfee Online Backup
McAfee Online Backup (Version: 1.16.4.0)
McAfee Security Scan Plus (Version: 3.0.318.3)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Single Image 2010 (Version: 14.0.7015.1000)
Microsoft Office Standard Edition 2003 (Version: 11.0.8173.0)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 08.05.0818)
Microsoft XML Parser (Version: 8.20.8730.4)
Mozilla Firefox 23.0.1 (x86 en-US) (Version: 23.0.1)
Mozilla Maintenance Service (Version: 23.0.1)
MSTPCRT (Version: 1.0.0.0)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
MyTomTom 3.2.0.1116 (Version: 3.2.0.1116)
NavDesk 7.30 (Version: 7.30.0108.117)
Nero 7 Essentials (Version: 7.02.4129)
oggcodecs 0.71.0946 (Version: 0.71.0946)
Penguins! (Version: WT022091)
PlayMemories Home (Version: 7.0.03.04240)
Polar Bowler (Version: WT022092)
Polar Golfer (Version: WT022093)
QuickPar 0.9 (Version: 0.9)
QuickTime (Version: 7.74.80.86)
Real Alternative 2.0.0 (Version: 2.0.0)
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.5420)
Recuva (Version: 1.42)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 (Version: 3.51.01)
SABnzbd 0.7.14 (Version: 0.7.14)
Seagate Manager Installer (Version: 2.01.0600)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Shared C Run-time for x86 (Version: 10.0.0)
SpywareBlaster 5.0 (Version: 5.0.0)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 9.1.0.0)
TOSHIBA Assist (Version: 2.01.02)
TOSHIBA ConfigFree (Version: 7.00.29)
TOSHIBA Disc Creator (Version: 2.0.0.7a)
TOSHIBA DVD PLAYER (Version: 1.00.21)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00)
TOSHIBA Game Console
TOSHIBA Hardware Setup (Version: 2.01.01.00)
TOSHIBA HDD Protection (Version: 2.0.1.7)
TOSHIBA Media Center Game Console
TOSHIBA Music (Version: 1.00.1)
TOSHIBA Recovery Disc Creator (Version: 2.0.0.1a)
Toshiba Registration (Version: 1.00.0000)
TOSHIBA SD Memory Utilities (Version: 1.8.1.1)
TOSHIBA Software Modem (Version: 2.1.77 (SM2177ALD03))
TOSHIBA Software Upgrades (Version: 4.2)
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password (Version: 2.01.01.00)
TOSHIBA Value Added Package (Version: 1.0.21)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
USB Disk Security
Visual Studio C++ 10.0 Runtime (Version: 10.0.0)
VLC media player 2.0.7 (Version: 2.0.7)
VobSub v2.23 (Remove Only)
WinDirStat 1.1.2
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.3374)
WinRAR 4.20 (32-bit) (Version: 4.20.0)

========================= Devices: ================================

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Tun Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Tun Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Tun Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Tun Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Tun Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Tun Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Tun Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Tun Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Tun Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Tun Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Tun Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Tun Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


========================= Memory info: ===================================

Percentage of memory in use: 75%
Total physical RAM: 2037.68 MB
Available physical RAM: 489.73 MB
Total Pagefile: 4312.6 MB
Available Pagefile: 2504.77 MB
Total Virtual: 2047.88 MB
Available Virtual: 1933.25 MB

========================= Partitions: =====================================

1 Drive c: (SQ004539V02) (Fixed) (Total:141.25 GB) (Free:29.83 GB) NTFS

========================= Users: ========================================

User accounts for \\OWNER-PC

Administrator            Guest                    Owner                    

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

27-08-2013 09:37:02 Scheduled Checkpoint
28-08-2013 07:17:59 Windows Update
29-08-2013 06:43:39 Installed DirectX
30-08-2013 07:21:56 Removed Nuance PDF Viewer Plus.
31-08-2013 02:07:51 Removed Nuance PaperPort 12
31-08-2013 02:24:07 Removed PaperPort Image Printer
31-08-2013 02:26:56 Removed iTunes
31-08-2013 02:39:34 Removed OF Dragon Rising

**** End of log ****
 

 

 

 

 



#4 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:09 AM

Posted 01 September 2013 - 07:43 AM

Hi

Please do the following next:

step1.gif

  • Launch Malwarebytes' Anti-Malware (MBAM)
  • Click on the tab update, then click Check for Updates
  • If an update is found, it will download and install the latest version.
  • Then on the Scanner tab select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Post the full contents of the log in your next reply.

Note: Be sure to restart the computer.

The log can also be found here:
C:\Users\<Username>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt


step2.gif

I'd like us to scan your machine with ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Note: Vista / Windows 7 / Windows 8 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png
       icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • On ESET: Click the Back button, then the Finish button.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

 

step3.gif

  • Please close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Clean.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#5 yol

yol
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:09 PM

Posted 01 September 2013 - 09:42 PM

hi malwarebytes picked up nothing.

eset online scanner picked up zero infections.

here is log file of adwcleaner

 

 

 

AdwCleaner v3.002 - Report created 02/09/2013 at 12:31:45
# Updated 01/09/2013 by Xplode
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# Username : Owner - OWNER-PC
# Running from : C:\Users\Owner\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16502


-\\ Mozilla Firefox v23.0.1 (en-US)

[ File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\7na8p5x8.default-1368339064000\prefs.js ]


[ File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\u7o4rhxs.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1005 octets] - [01/09/2013 09:44:04]
AdwCleaner[R1].txt - [1207 octets] - [02/09/2013 12:29:20]
AdwCleaner[S0].txt - [1066 octets] - [01/09/2013 09:45:25]
AdwCleaner[S1].txt - [1130 octets] - [02/09/2013 12:31:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1190 octets] ##########
 

adwcleaner always picks up pref.js.It must be an extension possibly adblock plus?



#6 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:09 AM

Posted 02 September 2013 - 03:02 AM

Hi

adwcleaner always picks up pref.js.It must be an extension possibly adblock plus?

- This a legit file, and adwcleaner didn't remove it.

 

How is the computer running now?


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#7 yol

yol
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:09 PM

Posted 02 September 2013 - 03:10 AM

hi all good.



#8 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:09 AM

Posted 02 September 2013 - 03:28 AM

FINAL STEPS

If you are not experiencing any other malware related issues, it is time to do our final steps:

  • Any programs that we had you download and/or install can be removed at this time.
  • If we had you create or download any custom fixes, these can be deleted at this time.
  • If you used DeFogger to disable your Disk Emulation Software, you can reopen DeFogger and use the "Enable" button.
  • You can download this tool to delete more traces of our tools. Delete the tool itself afterwards.
  • Toggle System Restore OFF and then back ON.
  • You should delete your old, potentially infected System Restore points and create a new, clean restore point.
    • If you are using Windows XP, read and follow the steps on "How to turn off or turn on System Restore" from this link
    • If you are using Windows Vista, read and follow the steps on "How do I turn System Restore on and off?" proceeded by "How do I create a restore point manually?" from this link.
    • If you are using Windows 7, read and follow the steps on "To delete all restore points" from this link proceeded by "Create a restore point" from this link.
    • If you are using Windows 8, read and follow the steps on "Disabling System Restore" from this link proceeded by "Manually Creating Restore Points" from this link.
  • Recommended reading material to protect your computer from infection in the future:

Be safe :hello:


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#9 yol

yol
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:09 PM

Posted 02 September 2013 - 04:09 AM

ok thanks for your help.



#10 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:09 AM

Posted 02 September 2013 - 04:24 AM

You're welcome :)


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users