Jump to content

mydomainadvisor


Recommended Posts

Hello,

I've been without internet for the past two weeks, then the first day I get connected again, I get a virus! Go figure! Haha.

I'm having problems with the mydomainadvisor virus. When I go to a link or type an address into my firefox browser, I'm redirected to a new page saying mydomainadvisor can't find the page.

How do I get rid of this? Is there a way?

Thank you for ANY help you can give me!

Oh, also I have malawarebytes pro as my protection.

Link to post
Share on other sites

Hello vicisaran and welcome to MalwareBytes forums.

Given that Firefox is having redirects, for the time being, use Internet Explorer.

While this help topic is open, do NOT do any websurfing, NO online games, or shopping or banking.

  1. Close any/all open internet browsers. Save any open documents you have open & close programs you started.
  2. Click on START>All Programs>Malwarebytes' Anti-Malware>Tools>Malwarebytes Anti-Malware Chameleon
    On Windows 7, press Windows-key, then start typing in text box
    Malwarebytes

    then select/click Malwarebytes Anti-Malware Chameleon

  3. Once the Help file opens, click on a Chameleon button (starting with #1)
  4. If running on Vista, Windows 7, press the Yes button when prompted at the UAC prompt to allow to run.
  5. You should see a black Command-prompt-window that remains open and says MBAM-chameleon ver. 1.62 at the top
  6. Press any key to continue as it says in the window {space-bar will do}
  7. If the Chameleon button you tried does not work, try the next Chameleon button shown. (There are 12 in all).
  8. Have infinite patience during this process
  9. Malwarebytes Chameleon will proceed to update Malwarebytes Anti-Malware, so ensure that you are connected to the internet if possible
  10. Once the update completes and it says your database is updated, click on OK button so that process can continue :excl:
  11. Malwarebytes Chameleon will then terminate any threats running in memory, which may take a while, so please be patient.
  12. After that, Malwarebytes Anti-Malware will open automatically and perform a Quick scan
  13. A quick scan will take a few minutes, possibly 5 or so minutes. Have infinite patience.
  14. Once the scan is complete, click on Show Results and remove any threats that are found by clicking Remove Selected
  15. If prompted to restart your computer to complete the removal process, click Yes :excl:
  16. If no threats are found, press OK button & press EXIT to end MBAM. Press the space-bar (or another key) to exit the command-prompt-window.
  17. After your computer restarts, open Malwarebytes Anti-Malware and perform one last Quick scan to verify that there are no remaining threats

Link to post
Share on other sites

Hi Maurice,

I did a quick scan and this is the log:

Malwarebytes Anti-Malware (PRO) 1.62.0.1300

www.malwarebytes.org

Database version: v2012.08.10.07

Windows 7 x64 NTFS

Internet Explorer 9.0.8112.16421

Victor :: VICTOR-PC [administrator]

Protection: Enabled

8/11/2012 5:43:20 PM

mbam-log-2012-08-11 (17-43-20).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 235831

Time elapsed: 2 minute(s), 29 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Should I also do another full system scan and post the scan log as well?

Thanks a lot

Link to post
Share on other sites

Hello vic,

Please do the following.

Step 1

1. Go >> Here << and download ERUNT

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

2. Install ERUNT by following the prompts

(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

3. Start ERUNT

(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)

4. Choose a location for the backup

(the default location is C:\WINDOWS\ERDNT which is acceptable).

5. Make sure that at least the first two check boxes are ticked

6. Press OK

7. Press YES to create the folder.

Step 2

To show all files:

  • Go to your Desktop
  • Double-Click the Computer icon.
  • From the menu options, Select Tools, then Folder Options.
  • Next click the View tab.
  • Locate and uncheck Hide file extensions for known file types.
  • Locate and uncheck Hide protected operating system files (Recommended).
  • Locate and click Show hidden files and folders and drives.
  • Click Apply > OK.

Step 3

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Download aswMBR.exe ( 511KB ) to your desktop.

On Windows 7 or Vista, RIGHT click on aswMBR.exe and select Run As Administrator to start.

On Windows XP, double click the exe to start.

change the a-v scan to None.

uncheck trace disk IO calls

Click the "Scan" button to start scan

On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply

Step 4

Please read carefully and follow these steps.

  • Delete the prior copies of TDSSKILLER.zip & TDSSKILLER.exe that you may have.
  • Download TDSSKiller and save it to your Desktop.
  • If on Windows 7 or Vista, RIGHT-Click on TDSSKiller.exe and select Run As Administrator to run the application.
    If on Windows XP, double-click to start.
  • Click on "Change parameters" and place a checkmark next to Verify Driver Digital Signature and Detect TDLFS file system, then click OK
  • Then press Start Scan

When the scan is done, it will display a summary screen.

  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Step 5

  • Download & SAVE to your Desktop >> Tigzy's RogueKillerfrom here << or
    >> from here <<
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
    For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on Scan button at upper right of screen.
  • Wait until the Status box shows "Scan Finished"
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller

Do NOT click any FIX buttons !

Step 6

RE-Enable your antivirus program. excl.png

Then copy/paste the following into your post (in order):

  • the contents of aswMBR report;
  • the contents of TDSSKILLER log;
  • the contents of RKReport log;

Be sure to do a Preview prior to pressing Submit because all reports may not fit into 1 single reply. You may have to do more than 1 reply.

Do not use the attachment feature to place any of your reports. Always put them in-line inside the body of reply.

Edited by Maurice Naggar
Link to post
Share on other sites

Hi Maurice,

This is from the aswMBR scan

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software

Run date: 2012-08-12 09:21:55

-----------------------------

09:21:55.958 OS Version: Windows x64 6.1.7600

09:21:55.958 Number of processors: 2 586 0x2505

09:21:55.958 ComputerName: VICTOR-PC UserName: Victor

09:22:01.277 Initialize success

09:22:40.721 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

09:22:40.737 Disk 0 Vendor: TOSHIBA_ GH10 Size: 476940MB BusType: 3

09:22:40.768 Disk 0 MBR read successfully

09:22:40.768 Disk 0 MBR scan

09:22:40.768 Disk 0 Windows VISTA default MBR code

09:22:40.784 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048

09:22:40.815 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 463437 MB offset 3074048

09:22:40.846 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 12002 MB offset 952193024

09:22:40.877 Disk 0 scanning C:\windows\system32\drivers

09:22:46.384 Service scanning

09:23:17.054 Modules scanning

09:23:17.054 Scan finished successfully

09:24:06.828 Disk 0 MBR has been saved successfully to "C:\Users\Victor\Desktop\MBR.dat"

09:24:06.829 The log file has been saved successfully to "C:\Users\Victor\Desktop\aswMBR.txt"

This was only possible after a system restore I did this morning....whatever virus is on my computer is starting to get VERY aggressive :(

I'm running the TDSSKiller now....

Link to post
Share on other sites

From RKreport:

RogueKiller V7.6.6 [08/10/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7600 ) 64 bits version

Started in : Normal mode

User: Victor [Admin rights]

Mode: Scan -- Date: 08/12/2012 09:34:14

¤¤¤ Bad processes: 1 ¤¤¤

[sUSP PATH] visicom_antiphishing.exe -- C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe -> KILLED [TermProc]

¤¤¤ Registry Entries: 8 ¤¤¤

[sUSP PATH] HKLM\[...]\Wow6432Node\Run : Anti-phishing Domain Advisor ("C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe") -> FOUND

[sUSP PATH] RGames Updater.job @ : C:\Users\Work\AppData\Local\RivalGaming\Updater.exe -> FOUND

[sUSP PATH] RGames Updater.job @ : C:\Users\Work\AppData\Local\RivalGaming\Updater.exe -> FOUND

[sUSP PATH] DesktopVideoPlayer.lnk @Work : C:\Users\Work\AppData\Local\vghd\bin\vghd.exe -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

[HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND

[HJ] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK5065GSXN +++++

--- User ---

[MBR] f2e70c56f5b165a2ac0e0af253223bfd

[bSP] 0013612b643f43c1e16d704f4517ab9c : Windows Vista MBR Code

Partition table:

0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 463437 Mo

2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 952193024 | Size: 12002 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

Link to post
Share on other sites

IF TDSSKILLER is open, close/exit it. Then do this.

Please read carefully and follow these steps.

  • Download TDSSKiller and save it to your Desktop.
  • Double-Click on TDSSKiller.exe to run the application, then on Start Scan.
    If running Vista or Windows 7, do a RIGHT-Click and select Run as Administrator to start TDSSKILLER.exe.
  • If an infected file is detected, the default action will be Cure, click on Continue.
    TDSSKillerMal-1.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    TDSSKillerCompleted.png
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

  • Disable your anti-virus program, How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • Right-Click RogueKiller and select Run as Administrator.
  • Wait until Prescan finishes. :excl:
  • On the RogueKiller console, click the Registry tab.
  • Then press the Delete button.
  • When done, logoff & Restart the system.
  • The log will be found as RKreport
    Copy & Paste the contents into next reply.

Link to post
Share on other sites

Hi Maurice,

The TDSSKiller log:

10:22:42.0216 2064 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32

10:22:43.0105 2064 ============================================================

10:22:43.0105 2064 Current date / time: 2012/08/12 10:22:43.0105

10:22:43.0105 2064 SystemInfo:

10:22:43.0105 2064

10:22:43.0105 2064 OS Version: 6.1.7600 ServicePack: 0.0

10:22:43.0105 2064 Product type: Workstation

10:22:43.0105 2064 ComputerName: VICTOR-PC

10:22:43.0105 2064 UserName: Victor

10:22:43.0105 2064 Windows directory: C:\windows

10:22:43.0105 2064 System windows directory: C:\windows

10:22:43.0105 2064 Running under WOW64

10:22:43.0105 2064 Processor architecture: Intel x64

10:22:43.0105 2064 Number of processors: 2

10:22:43.0105 2064 Page size: 0x1000

10:22:43.0105 2064 Boot type: Normal boot

10:22:43.0105 2064 ============================================================

10:22:43.0449 2064 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

10:22:43.0449 2064 ============================================================

10:22:43.0449 2064 \Device\Harddisk0\DR0:

10:22:43.0449 2064 MBR partitions:

10:22:43.0449 2064 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38926800

10:22:43.0449 2064 ============================================================

10:22:43.0495 2064 C: <-> \Device\Harddisk0\DR0\Partition0

10:22:43.0495 2064 ============================================================

10:22:43.0495 2064 Initialize success

10:22:43.0495 2064 ============================================================

10:22:55.0320 3684 ============================================================

10:22:55.0320 3684 Scan started

10:22:55.0320 3684 Mode: Manual;

10:22:55.0320 3684 ============================================================

10:22:55.0960 3684 1394ohci (969c91060cbb5d17cb8440b5f78b4c51) C:\windows\system32\DRIVERS\1394ohci.sys

10:22:55.0960 3684 1394ohci - ok

10:22:56.0038 3684 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\windows\system32\DRIVERS\ACPI.sys

10:22:56.0038 3684 ACPI - ok

10:22:56.0085 3684 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\windows\system32\DRIVERS\acpipmi.sys

10:22:56.0085 3684 AcpiPmi - ok

10:22:56.0178 3684 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

10:22:56.0178 3684 AdobeARMservice - ok

10:22:56.0303 3684 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys

10:22:56.0303 3684 adp94xx - ok

10:22:56.0334 3684 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys

10:22:56.0350 3684 adpahci - ok

10:22:56.0443 3684 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys

10:22:56.0443 3684 adpu320 - ok

10:22:56.0475 3684 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll

10:22:56.0475 3684 AeLookupSvc - ok

10:22:56.0584 3684 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\windows\system32\drivers\afd.sys

10:22:56.0599 3684 AFD - ok

10:22:56.0662 3684 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\DRIVERS\agp440.sys

10:22:56.0662 3684 agp440 - ok

10:22:56.0724 3684 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe

10:22:56.0724 3684 ALG - ok

10:22:56.0802 3684 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\DRIVERS\aliide.sys

10:22:56.0802 3684 aliide - ok

10:22:56.0802 3684 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\DRIVERS\amdide.sys

10:22:56.0802 3684 amdide - ok

10:22:56.0833 3684 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys

10:22:56.0833 3684 AmdK8 - ok

10:22:56.0849 3684 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys

10:22:56.0849 3684 AmdPPM - ok

10:22:56.0911 3684 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\windows\system32\drivers\amdsata.sys

10:22:56.0911 3684 amdsata - ok

10:22:56.0958 3684 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys

10:22:56.0958 3684 amdsbs - ok

10:22:56.0974 3684 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\windows\system32\drivers\amdxata.sys

10:22:56.0974 3684 amdxata - ok

10:22:57.0021 3684 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\windows\system32\drivers\appid.sys

10:22:57.0021 3684 AppID - ok

10:22:57.0052 3684 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll

10:22:57.0052 3684 AppIDSvc - ok

10:22:57.0083 3684 Appinfo (d065be66822847b7f127d1f90158376e) C:\windows\System32\appinfo.dll

10:22:57.0083 3684 Appinfo - ok

10:22:57.0161 3684 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys

10:22:57.0161 3684 arc - ok

10:22:57.0177 3684 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys

10:22:57.0177 3684 arcsas - ok

10:22:57.0192 3684 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys

10:22:57.0192 3684 AsyncMac - ok

10:22:57.0223 3684 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\DRIVERS\atapi.sys

10:22:57.0223 3684 atapi - ok

10:22:57.0317 3684 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\windows\System32\Audiosrv.dll

10:22:57.0333 3684 AudioEndpointBuilder - ok

10:22:57.0348 3684 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\windows\System32\Audiosrv.dll

10:22:57.0348 3684 AudioSrv - ok

10:22:57.0395 3684 avgtp (e1b8ec60c85a266cb604cd46921606b4) C:\windows\system32\drivers\avgtpx64.sys

10:22:57.0395 3684 avgtp - ok

10:22:57.0457 3684 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\windows\System32\AxInstSV.dll

10:22:57.0457 3684 AxInstSV - ok

10:22:57.0535 3684 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys

10:22:57.0535 3684 b06bdrv - ok

10:22:57.0598 3684 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys

10:22:57.0598 3684 b57nd60a - ok

10:22:57.0676 3684 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll

10:22:57.0676 3684 BDESVC - ok

10:22:57.0707 3684 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys

10:22:57.0707 3684 Beep - ok

10:22:57.0801 3684 BFE (4992c609a6315671463e30f6512bc022) C:\windows\System32\bfe.dll

10:22:57.0816 3684 BFE - ok

10:22:57.0879 3684 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\windows\System32\qmgr.dll

10:22:57.0894 3684 BITS - ok

10:22:57.0972 3684 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys

10:22:57.0972 3684 blbdrive - ok

10:22:58.0035 3684 bowser (19d20159708e152267e53b66677a4995) C:\windows\system32\DRIVERS\bowser.sys

10:22:58.0035 3684 bowser - ok

10:22:58.0066 3684 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys

10:22:58.0066 3684 BrFiltLo - ok

10:22:58.0081 3684 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys

10:22:58.0081 3684 BrFiltUp - ok

10:22:58.0144 3684 Browser (94fbc06f294d58d02361918418f996e3) C:\windows\System32\browser.dll

10:22:58.0144 3684 Browser - ok

10:22:58.0191 3684 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys

10:22:58.0191 3684 Brserid - ok

10:22:58.0222 3684 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys

10:22:58.0222 3684 BrSerWdm - ok

10:22:58.0222 3684 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys

10:22:58.0222 3684 BrUsbMdm - ok

10:22:58.0237 3684 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys

10:22:58.0237 3684 BrUsbSer - ok

10:22:58.0237 3684 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys

10:22:58.0237 3684 BTHMODEM - ok

10:22:58.0300 3684 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll

10:22:58.0300 3684 bthserv - ok

10:22:58.0315 3684 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys

10:22:58.0315 3684 cdfs - ok

10:22:58.0362 3684 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\windows\system32\DRIVERS\cdrom.sys

10:22:58.0362 3684 cdrom - ok

10:22:58.0425 3684 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\windows\System32\certprop.dll

10:22:58.0425 3684 CertPropSvc - ok

10:22:58.0487 3684 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys

10:22:58.0487 3684 circlass - ok

10:22:58.0565 3684 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys

10:22:58.0565 3684 CLFS - ok

10:22:58.0643 3684 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

10:22:58.0643 3684 clr_optimization_v2.0.50727_32 - ok

10:22:58.0674 3684 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

10:22:58.0674 3684 clr_optimization_v2.0.50727_64 - ok

10:22:58.0783 3684 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

10:22:58.0783 3684 clr_optimization_v4.0.30319_32 - ok

10:22:58.0815 3684 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

10:22:58.0815 3684 clr_optimization_v4.0.30319_64 - ok

10:22:58.0830 3684 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys

10:22:58.0830 3684 CmBatt - ok

10:22:58.0877 3684 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\DRIVERS\cmdide.sys

10:22:58.0877 3684 cmdide - ok

10:22:58.0955 3684 CNG (ca7720b73446fddec5c69519c1174c98) C:\windows\system32\Drivers\cng.sys

10:22:58.0955 3684 CNG - ok

10:22:59.0049 3684 CnxtHdAudService (25c58ee97be0416a373e3e4f855206b5) C:\windows\system32\drivers\CHDRT64.sys

10:22:59.0064 3684 CnxtHdAudService - ok

10:22:59.0127 3684 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys

10:22:59.0127 3684 Compbatt - ok

10:22:59.0142 3684 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\windows\system32\DRIVERS\CompositeBus.sys

10:22:59.0142 3684 CompositeBus - ok

10:22:59.0158 3684 COMSysApp - ok

10:22:59.0189 3684 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys

10:22:59.0189 3684 crcdisk - ok

10:22:59.0236 3684 CryptSvc (f02786b66375292e58c8777082d4396d) C:\windows\system32\cryptsvc.dll

10:22:59.0251 3684 CryptSvc - ok

10:22:59.0329 3684 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\windows\system32\rpcss.dll

10:22:59.0345 3684 DcomLaunch - ok

10:22:59.0376 3684 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll

10:22:59.0392 3684 defragsvc - ok

10:22:59.0439 3684 DfsC (9c253ce7311ca60fc11c774692a13208) C:\windows\system32\Drivers\dfsc.sys

10:22:59.0439 3684 DfsC - ok

10:22:59.0517 3684 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\windows\system32\dhcpcore.dll

10:22:59.0517 3684 Dhcp - ok

10:22:59.0563 3684 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys

10:22:59.0579 3684 discache - ok

10:22:59.0641 3684 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys

10:22:59.0641 3684 Disk - ok

10:22:59.0688 3684 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\windows\System32\dnsrslvr.dll

10:22:59.0688 3684 Dnscache - ok

10:22:59.0751 3684 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\windows\System32\dot3svc.dll

10:22:59.0751 3684 dot3svc - ok

10:22:59.0782 3684 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\windows\system32\dps.dll

10:22:59.0782 3684 DPS - ok

10:22:59.0844 3684 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys

10:22:59.0844 3684 drmkaud - ok

10:22:59.0922 3684 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\windows\System32\drivers\dxgkrnl.sys

10:22:59.0922 3684 DXGKrnl - ok

10:22:59.0985 3684 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll

10:22:59.0985 3684 EapHost - ok

10:23:00.0172 3684 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys

10:23:00.0219 3684 ebdrv - ok

10:23:00.0328 3684 EFS (156f6159457d0aa7e59b62681b56eb90) C:\windows\System32\lsass.exe

10:23:00.0328 3684 EFS - ok

10:23:00.0406 3684 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\windows\ehome\ehRecvr.exe

10:23:00.0421 3684 ehRecvr - ok

10:23:00.0453 3684 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe

10:23:00.0453 3684 ehSched - ok

10:23:00.0515 3684 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys

10:23:00.0515 3684 elxstor - ok

10:23:00.0515 3684 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\DRIVERS\errdev.sys

10:23:00.0515 3684 ErrDev - ok

10:23:00.0609 3684 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll

10:23:00.0624 3684 EventSystem - ok

10:23:00.0671 3684 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys

10:23:00.0687 3684 exfat - ok

10:23:00.0702 3684 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys

10:23:00.0718 3684 fastfat - ok

10:23:00.0796 3684 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\windows\system32\fxssvc.exe

10:23:00.0811 3684 Fax - ok

10:23:00.0827 3684 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys

10:23:00.0827 3684 fdc - ok

10:23:00.0889 3684 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll

10:23:00.0889 3684 fdPHost - ok

10:23:00.0905 3684 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll

10:23:00.0905 3684 FDResPub - ok

10:23:00.0967 3684 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys

10:23:00.0967 3684 FileInfo - ok

10:23:00.0967 3684 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys

10:23:00.0967 3684 Filetrace - ok

10:23:00.0983 3684 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys

10:23:00.0983 3684 flpydisk - ok

10:23:00.0999 3684 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\windows\system32\drivers\fltmgr.sys

10:23:01.0014 3684 FltMgr - ok

10:23:01.0092 3684 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\windows\system32\FntCache.dll

10:23:01.0108 3684 FontCache - ok

10:23:01.0201 3684 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

10:23:01.0201 3684 FontCache3.0.0.0 - ok

10:23:01.0248 3684 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys

10:23:01.0248 3684 FsDepends - ok

10:23:01.0279 3684 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\windows\system32\drivers\Fs_Rec.sys

10:23:01.0279 3684 Fs_Rec - ok

10:23:01.0342 3684 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\windows\system32\DRIVERS\fvevol.sys

10:23:01.0357 3684 fvevol - ok

10:23:01.0373 3684 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys

10:23:01.0373 3684 gagp30kx - ok

10:23:01.0482 3684 GameConsoleService (1fda0df739234c4023851a282dd28704) C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe

10:23:01.0482 3684 GameConsoleService - ok

10:23:01.0560 3684 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\windows\System32\gpsvc.dll

10:23:01.0576 3684 gpsvc - ok

10:23:01.0654 3684 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

10:23:01.0654 3684 gupdate - ok

10:23:01.0669 3684 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

10:23:01.0669 3684 gupdatem - ok

10:23:01.0701 3684 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys

10:23:01.0701 3684 hcw85cir - ok

10:23:01.0747 3684 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\windows\system32\drivers\HdAudio.sys

10:23:01.0763 3684 HdAudAddService - ok

10:23:01.0810 3684 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\windows\system32\DRIVERS\HDAudBus.sys

10:23:01.0810 3684 HDAudBus - ok

10:23:01.0872 3684 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\windows\system32\DRIVERS\HECIx64.sys

10:23:01.0872 3684 HECIx64 - ok

10:23:01.0888 3684 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys

10:23:01.0903 3684 HidBatt - ok

10:23:01.0919 3684 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys

10:23:01.0919 3684 HidBth - ok

10:23:01.0950 3684 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys

10:23:01.0950 3684 HidIr - ok

10:23:01.0981 3684 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll

10:23:01.0981 3684 hidserv - ok

10:23:02.0044 3684 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\windows\system32\DRIVERS\hidusb.sys

10:23:02.0044 3684 HidUsb - ok

10:23:02.0075 3684 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\windows\system32\kmsvc.dll

10:23:02.0075 3684 hkmsvc - ok

10:23:02.0091 3684 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\windows\system32\ListSvc.dll

10:23:02.0091 3684 HomeGroupListener - ok

10:23:02.0137 3684 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\windows\system32\provsvc.dll

10:23:02.0137 3684 HomeGroupProvider - ok

10:23:02.0153 3684 HpSAMD (0886d440058f203eba0e1825e4355914) C:\windows\system32\DRIVERS\HpSAMD.sys

10:23:02.0169 3684 HpSAMD - ok

10:23:02.0247 3684 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\windows\system32\drivers\HTTP.sys

10:23:02.0247 3684 HTTP - ok

10:23:02.0278 3684 hwpolicy (f17766a19145f111856378df337a5d79) C:\windows\system32\drivers\hwpolicy.sys

10:23:02.0278 3684 hwpolicy - ok

10:23:02.0325 3684 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys

10:23:02.0325 3684 i8042prt - ok

10:23:02.0403 3684 iaStor (5e60dd5f090ab4a563c7204c289c4650) C:\windows\system32\DRIVERS\iaStor.sys

10:23:02.0418 3684 iaStor - ok

10:23:02.0496 3684 iaStorV (b75e45c564e944a2657167d197ab29da) C:\windows\system32\drivers\iaStorV.sys

10:23:02.0496 3684 iaStorV - ok

10:23:02.0605 3684 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

10:23:02.0605 3684 IDriverT - ok

10:23:02.0715 3684 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

10:23:02.0715 3684 idsvc - ok

10:23:03.0354 3684 igfx (1be8d9ca4f2363b8e8015621878e0043) C:\windows\system32\DRIVERS\igdkmd64.sys

10:23:03.0526 3684 igfx - ok

10:23:03.0619 3684 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys

10:23:03.0619 3684 iirsp - ok

10:23:03.0697 3684 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\windows\System32\ikeext.dll

10:23:03.0697 3684 IKEEXT - ok

10:23:03.0760 3684 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\windows\system32\DRIVERS\Impcd.sys

10:23:03.0760 3684 Impcd - ok

10:23:03.0822 3684 InputFilter_Hid_FlexDef2b (caa8bc6737dfa3bf1a50175cfb226788) C:\windows\system32\DRIVERS\InputFilter_FlexDef2b.sys

10:23:03.0822 3684 InputFilter_Hid_FlexDef2b - ok

10:23:03.0900 3684 IntcDAud (03c74719d48056a1078f3a51ceb76baa) C:\windows\system32\DRIVERS\IntcDAud.sys

10:23:03.0900 3684 IntcDAud - ok

10:23:03.0931 3684 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\DRIVERS\intelide.sys

10:23:03.0931 3684 intelide - ok

10:23:03.0978 3684 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys

10:23:03.0978 3684 intelppm - ok

10:23:04.0025 3684 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll

10:23:04.0025 3684 IPBusEnum - ok

10:23:04.0056 3684 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\windows\system32\DRIVERS\ipfltdrv.sys

10:23:04.0056 3684 IpFilterDriver - ok

10:23:04.0134 3684 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\windows\System32\iphlpsvc.dll

10:23:04.0134 3684 iphlpsvc - ok

10:23:04.0165 3684 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\windows\system32\DRIVERS\IPMIDrv.sys

10:23:04.0165 3684 IPMIDRV - ok

10:23:04.0165 3684 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys

10:23:04.0181 3684 IPNAT - ok

10:23:04.0212 3684 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys

10:23:04.0212 3684 IRENUM - ok

10:23:04.0243 3684 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\DRIVERS\isapnp.sys

10:23:04.0243 3684 isapnp - ok

10:23:04.0290 3684 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\windows\system32\DRIVERS\msiscsi.sys

10:23:04.0290 3684 iScsiPrt - ok

10:23:04.0337 3684 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys

10:23:04.0337 3684 kbdclass - ok

10:23:04.0384 3684 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\windows\system32\DRIVERS\kbdhid.sys

10:23:04.0384 3684 kbdhid - ok

10:23:04.0415 3684 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe

10:23:04.0415 3684 KeyIso - ok

10:23:04.0446 3684 KSecDD (4f4b5fde429416877de7143044582eb5) C:\windows\system32\Drivers\ksecdd.sys

10:23:04.0446 3684 KSecDD - ok

10:23:04.0477 3684 KSecPkg (6f40465a44ecdc1731befafec5bdd03c) C:\windows\system32\Drivers\ksecpkg.sys

10:23:04.0477 3684 KSecPkg - ok

10:23:04.0540 3684 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys

10:23:04.0540 3684 ksthunk - ok

10:23:04.0587 3684 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll

10:23:04.0602 3684 KtmRm - ok

10:23:04.0665 3684 L1C (655a5d8e80869781cce23760ada7e695) C:\windows\system32\DRIVERS\L1C62x64.sys

10:23:04.0665 3684 L1C - ok

10:23:04.0758 3684 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\windows\system32\srvsvc.dll

10:23:04.0758 3684 LanmanServer - ok

10:23:04.0789 3684 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\windows\System32\wkssvc.dll

10:23:04.0805 3684 LanmanWorkstation - ok

10:23:04.0852 3684 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys

10:23:04.0852 3684 lltdio - ok

10:23:04.0899 3684 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll

10:23:04.0899 3684 lltdsvc - ok

10:23:04.0945 3684 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll

10:23:04.0945 3684 lmhosts - ok

10:23:05.0055 3684 LMS (dbc1136a62bd4decc3632df650284c2e) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

10:23:05.0055 3684 LMS - ok

10:23:05.0117 3684 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys

10:23:05.0117 3684 LSI_FC - ok

10:23:05.0133 3684 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys

10:23:05.0148 3684 LSI_SAS - ok

10:23:05.0148 3684 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys

10:23:05.0148 3684 LSI_SAS2 - ok

10:23:05.0164 3684 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys

10:23:05.0164 3684 LSI_SCSI - ok

10:23:05.0179 3684 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys

10:23:05.0179 3684 luafv - ok

10:23:05.0242 3684 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\windows\system32\drivers\mbam.sys

10:23:05.0242 3684 MBAMProtector - ok

10:23:05.0335 3684 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

10:23:05.0335 3684 MBAMService - ok

10:23:05.0367 3684 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\windows\system32\Mcx2Svc.dll

10:23:05.0367 3684 Mcx2Svc - ok

10:23:05.0398 3684 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys

10:23:05.0413 3684 megasas - ok

10:23:05.0429 3684 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys

10:23:05.0429 3684 MegaSR - ok

10:23:05.0491 3684 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll

10:23:05.0491 3684 MMCSS - ok

10:23:05.0507 3684 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys

10:23:05.0507 3684 Modem - ok

10:23:05.0569 3684 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys

10:23:05.0569 3684 monitor - ok

10:23:05.0616 3684 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys

10:23:05.0616 3684 mouclass - ok

10:23:05.0647 3684 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys

10:23:05.0647 3684 mouhid - ok

10:23:05.0694 3684 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\windows\system32\drivers\mountmgr.sys

10:23:05.0694 3684 mountmgr - ok

10:23:05.0788 3684 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

10:23:05.0803 3684 MozillaMaintenance - ok

10:23:05.0819 3684 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\windows\system32\DRIVERS\mpio.sys

10:23:05.0835 3684 mpio - ok

10:23:05.0850 3684 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys

10:23:05.0866 3684 mpsdrv - ok

10:23:05.0928 3684 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\windows\system32\mpssvc.dll

10:23:05.0944 3684 MpsSvc - ok

10:23:05.0975 3684 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\windows\system32\drivers\mrxdav.sys

10:23:05.0975 3684 MRxDAV - ok

10:23:06.0006 3684 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\windows\system32\DRIVERS\mrxsmb.sys

10:23:06.0006 3684 mrxsmb - ok

10:23:06.0053 3684 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\windows\system32\DRIVERS\mrxsmb10.sys

10:23:06.0053 3684 mrxsmb10 - ok

10:23:06.0084 3684 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\windows\system32\DRIVERS\mrxsmb20.sys

10:23:06.0100 3684 mrxsmb20 - ok

10:23:06.0115 3684 msahci (2ba4ff3d5eb68587dd662a896f649c7d) C:\windows\system32\DRIVERS\msahci.sys

10:23:06.0131 3684 msahci - ok

10:23:06.0147 3684 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\windows\system32\DRIVERS\msdsm.sys

10:23:06.0147 3684 msdsm - ok

10:23:06.0178 3684 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe

10:23:06.0193 3684 MSDTC - ok

10:23:06.0225 3684 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys

10:23:06.0225 3684 Msfs - ok

10:23:06.0256 3684 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys

10:23:06.0256 3684 mshidkmdf - ok

10:23:06.0271 3684 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\DRIVERS\msisadrv.sys

10:23:06.0271 3684 msisadrv - ok

10:23:06.0318 3684 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll

10:23:06.0318 3684 MSiSCSI - ok

10:23:06.0318 3684 msiserver - ok

10:23:06.0381 3684 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys

10:23:06.0381 3684 MSKSSRV - ok

10:23:06.0396 3684 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys

10:23:06.0396 3684 MSPCLOCK - ok

10:23:06.0412 3684 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys

10:23:06.0412 3684 MSPQM - ok

10:23:06.0443 3684 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\windows\system32\drivers\MsRPC.sys

10:23:06.0443 3684 MsRPC - ok

10:23:06.0459 3684 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys

10:23:06.0459 3684 mssmbios - ok

10:23:06.0505 3684 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys

10:23:06.0505 3684 MSTEE - ok

10:23:06.0521 3684 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys

10:23:06.0521 3684 MTConfig - ok

10:23:06.0537 3684 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys

10:23:06.0537 3684 Mup - ok

10:23:06.0599 3684 napagent (4987e079a4530fa737a128be54b63b12) C:\windows\system32\qagentRT.dll

10:23:06.0599 3684 napagent - ok

10:23:06.0677 3684 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys

10:23:06.0693 3684 NativeWifiP - ok

10:23:06.0786 3684 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\windows\system32\drivers\ndis.sys

10:23:06.0802 3684 NDIS - ok

10:23:06.0833 3684 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys

10:23:06.0849 3684 NdisCap - ok

10:23:06.0880 3684 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys

10:23:06.0880 3684 NdisTapi - ok

10:23:06.0911 3684 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\windows\system32\DRIVERS\ndisuio.sys

10:23:06.0911 3684 Ndisuio - ok

10:23:06.0927 3684 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\windows\system32\DRIVERS\ndiswan.sys

10:23:06.0927 3684 NdisWan - ok

10:23:06.0927 3684 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\windows\system32\drivers\NDProxy.sys

10:23:06.0942 3684 NDProxy - ok

10:23:06.0958 3684 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys

10:23:06.0958 3684 NetBIOS - ok

10:23:06.0973 3684 NetBT (9162b273a44ab9dce5b44362731d062a) C:\windows\system32\DRIVERS\netbt.sys

10:23:06.0989 3684 NetBT - ok

10:23:07.0036 3684 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe

10:23:07.0036 3684 Netlogon - ok

10:23:07.0114 3684 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll

10:23:07.0114 3684 Netman - ok

10:23:07.0145 3684 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll

10:23:07.0161 3684 netprofm - ok

10:23:07.0223 3684 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

10:23:07.0223 3684 NetTcpPortSharing - ok

10:23:07.0254 3684 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys

10:23:07.0254 3684 nfrd960 - ok

10:23:07.0332 3684 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\windows\System32\nlasvc.dll

10:23:07.0332 3684 NlaSvc - ok

10:23:07.0395 3684 Norton PC Checkup Application Launcher - ok

10:23:07.0410 3684 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys

10:23:07.0410 3684 Npfs - ok

10:23:07.0426 3684 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll

10:23:07.0441 3684 nsi - ok

10:23:07.0441 3684 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys

10:23:07.0441 3684 nsiproxy - ok

10:23:07.0566 3684 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\windows\system32\drivers\Ntfs.sys

10:23:07.0582 3684 Ntfs - ok

10:23:07.0675 3684 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys

10:23:07.0675 3684 Null - ok

10:23:07.0753 3684 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\windows\system32\drivers\nvraid.sys

10:23:07.0753 3684 nvraid - ok

10:23:07.0785 3684 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\windows\system32\drivers\nvstor.sys

10:23:07.0800 3684 nvstor - ok

10:23:07.0847 3684 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\DRIVERS\nv_agp.sys

10:23:07.0847 3684 nv_agp - ok

10:23:07.0863 3684 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\DRIVERS\ohci1394.sys

10:23:07.0863 3684 ohci1394 - ok

10:23:07.0925 3684 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

10:23:07.0925 3684 ose - ok

10:23:08.0003 3684 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll

10:23:08.0003 3684 p2pimsvc - ok

10:23:08.0050 3684 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll

10:23:08.0050 3684 p2psvc - ok

10:23:08.0081 3684 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys

10:23:08.0081 3684 Parport - ok

10:23:08.0128 3684 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\windows\system32\drivers\partmgr.sys

10:23:08.0128 3684 partmgr - ok

10:23:08.0159 3684 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll

10:23:08.0159 3684 PcaSvc - ok

10:23:08.0237 3684 PCCUJobMgr (2f86be1818c2d7ac90478e3323ee7fcb) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\ccSvcHst.exe

10:23:08.0237 3684 PCCUJobMgr - ok

10:23:08.0284 3684 pci (5aab2b170536885de70a6cba8d7ce52b) C:\windows\system32\DRIVERS\pci.sys

10:23:08.0284 3684 pci - ok

10:23:08.0299 3684 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys

10:23:08.0299 3684 pciide - ok

10:23:08.0331 3684 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys

10:23:08.0331 3684 pcmcia - ok

10:23:08.0362 3684 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys

10:23:08.0362 3684 pcw - ok

10:23:08.0409 3684 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys

10:23:08.0409 3684 PEAUTH - ok

10:23:08.0487 3684 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe

10:23:08.0487 3684 PerfHost - ok

10:23:08.0533 3684 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys

10:23:08.0533 3684 PGEffect - ok

10:23:08.0627 3684 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\windows\system32\pla.dll

10:23:08.0658 3684 pla - ok

10:23:08.0736 3684 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\windows\system32\umpnpmgr.dll

10:23:08.0736 3684 PlugPlay - ok

10:23:08.0767 3684 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll

10:23:08.0783 3684 PNRPAutoReg - ok

10:23:08.0799 3684 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll

10:23:08.0799 3684 PNRPsvc - ok

10:23:08.0845 3684 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\windows\System32\ipsecsvc.dll

10:23:08.0861 3684 PolicyAgent - ok

10:23:08.0877 3684 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll

10:23:08.0877 3684 Power - ok

10:23:08.0970 3684 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\windows\system32\DRIVERS\raspptp.sys

10:23:08.0970 3684 PptpMiniport - ok

10:23:08.0986 3684 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys

10:23:08.0986 3684 Processor - ok

10:23:09.0017 3684 ProfSvc (97293447431311c06703368ad0f6c4be) C:\windows\system32\profsvc.dll

10:23:09.0033 3684 ProfSvc - ok

10:23:09.0064 3684 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe

10:23:09.0064 3684 ProtectedStorage - ok

10:23:09.0126 3684 Psched (ee992183bd8eaefd9973f352e587a299) C:\windows\system32\DRIVERS\pacer.sys

10:23:09.0126 3684 Psched - ok

10:23:09.0173 3684 QIOMem (c8fcb4899f8b70cc34e0d9876a80963c) C:\windows\system32\DRIVERS\QIOMem.sys

10:23:09.0173 3684 QIOMem - ok

10:23:09.0313 3684 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys

10:23:09.0329 3684 ql2300 - ok

10:23:09.0438 3684 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys

10:23:09.0454 3684 ql40xx - ok

10:23:09.0485 3684 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll

10:23:09.0501 3684 QWAVE - ok

10:23:09.0516 3684 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys

10:23:09.0516 3684 QWAVEdrv - ok

10:23:09.0547 3684 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys

10:23:09.0547 3684 RasAcd - ok

10:23:09.0594 3684 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys

10:23:09.0594 3684 RasAgileVpn - ok

10:23:09.0641 3684 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll

10:23:09.0641 3684 RasAuto - ok

10:23:09.0703 3684 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\windows\system32\DRIVERS\rasl2tp.sys

10:23:09.0703 3684 Rasl2tp - ok

10:23:09.0735 3684 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\windows\System32\rasmans.dll

10:23:09.0750 3684 RasMan - ok

10:23:09.0797 3684 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys

10:23:09.0797 3684 RasPppoe - ok

10:23:09.0813 3684 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys

10:23:09.0813 3684 RasSstp - ok

10:23:09.0828 3684 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\windows\system32\DRIVERS\rdbss.sys

10:23:09.0844 3684 rdbss - ok

10:23:09.0844 3684 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys

10:23:09.0844 3684 rdpbus - ok

10:23:09.0891 3684 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys

10:23:09.0891 3684 RDPCDD - ok

10:23:09.0906 3684 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys

10:23:09.0906 3684 RDPENCDD - ok

10:23:09.0937 3684 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys

10:23:09.0937 3684 RDPREFMP - ok

10:23:09.0969 3684 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\windows\system32\drivers\RDPWD.sys

10:23:09.0969 3684 RDPWD - ok

10:23:10.0047 3684 rdyboost (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\windows\system32\drivers\rdyboost.sys

10:23:10.0047 3684 rdyboost - ok

10:23:10.0078 3684 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll

10:23:10.0078 3684 RemoteAccess - ok

10:23:10.0125 3684 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll

10:23:10.0125 3684 RemoteRegistry - ok

10:23:10.0140 3684 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll

10:23:10.0140 3684 RpcEptMapper - ok

10:23:10.0171 3684 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe

10:23:10.0171 3684 RpcLocator - ok

10:23:10.0234 3684 RpcSs (7266972e86890e2b30c0c322e906b027) C:\windows\system32\rpcss.dll

10:23:10.0249 3684 RpcSs - ok

10:23:10.0312 3684 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys

10:23:10.0312 3684 rspndr - ok

10:23:10.0374 3684 RSUSBSTOR (3ceee53bbf8ba284ff44585cec0162fe) C:\windows\system32\Drivers\RtsUStor.sys

10:23:10.0374 3684 RSUSBSTOR - ok

10:23:10.0483 3684 rtl8192Ce (ffc748d848740d1bc8f330a8879c2674) C:\windows\system32\DRIVERS\rtl8192Ce.sys

10:23:10.0499 3684 rtl8192Ce - ok

10:23:10.0530 3684 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe

10:23:10.0530 3684 SamSs - ok

10:23:10.0561 3684 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\windows\system32\DRIVERS\sbp2port.sys

10:23:10.0561 3684 sbp2port - ok

10:23:10.0608 3684 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll

10:23:10.0608 3684 SCardSvr - ok

10:23:10.0624 3684 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\windows\system32\DRIVERS\scfilter.sys

10:23:10.0624 3684 scfilter - ok

10:23:10.0717 3684 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\windows\system32\schedsvc.dll

10:23:10.0733 3684 Schedule - ok

10:23:10.0780 3684 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\windows\System32\certprop.dll

10:23:10.0780 3684 SCPolicySvc - ok

10:23:10.0811 3684 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\windows\System32\SDRSVC.dll

10:23:10.0827 3684 SDRSVC - ok

10:23:10.0889 3684 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys

10:23:10.0889 3684 secdrv - ok

10:23:10.0920 3684 seclogon (463b386ebc70f98da5dff85f7e654346) C:\windows\system32\seclogon.dll

10:23:10.0920 3684 seclogon - ok

10:23:10.0951 3684 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll

10:23:10.0951 3684 SENS - ok

10:23:11.0014 3684 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll

10:23:11.0014 3684 SensrSvc - ok

10:23:11.0029 3684 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys

10:23:11.0029 3684 Serenum - ok

10:23:11.0061 3684 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys

10:23:11.0061 3684 Serial - ok

10:23:11.0076 3684 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys

10:23:11.0076 3684 sermouse - ok

10:23:11.0123 3684 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\windows\system32\sessenv.dll

10:23:11.0123 3684 SessionEnv - ok

10:23:11.0139 3684 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\DRIVERS\sffdisk.sys

10:23:11.0154 3684 sffdisk - ok

10:23:11.0154 3684 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\DRIVERS\sffp_mmc.sys

10:23:11.0154 3684 sffp_mmc - ok

10:23:11.0170 3684 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\windows\system32\DRIVERS\sffp_sd.sys

10:23:11.0170 3684 sffp_sd - ok

10:23:11.0170 3684 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys

10:23:11.0170 3684 sfloppy - ok

10:23:11.0217 3684 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll

10:23:11.0217 3684 SharedAccess - ok

10:23:11.0263 3684 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\windows\System32\shsvcs.dll

10:23:11.0263 3684 ShellHWDetection - ok

10:23:11.0295 3684 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys

10:23:11.0295 3684 SiSRaid2 - ok

10:23:11.0310 3684 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys

10:23:11.0310 3684 SiSRaid4 - ok

10:23:11.0388 3684 SkypeUpdate (f07af60b152221472fbdb2fecec4896d) C:\Program Files (x86)\Skype\Updater\Updater.exe

10:23:11.0388 3684 SkypeUpdate - ok

10:23:11.0435 3684 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys

10:23:11.0435 3684 Smb - ok

10:23:11.0497 3684 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe

10:23:11.0497 3684 SNMPTRAP - ok

10:23:11.0513 3684 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys

10:23:11.0529 3684 spldr - ok

10:23:11.0575 3684 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\windows\System32\spoolsv.exe

10:23:11.0575 3684 Spooler - ok

10:23:11.0794 3684 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\windows\system32\sppsvc.exe

10:23:11.0872 3684 sppsvc - ok

10:23:11.0965 3684 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll

10:23:11.0981 3684 sppuinotify - ok

10:23:12.0028 3684 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\windows\system32\DRIVERS\srv.sys

10:23:12.0028 3684 srv - ok

10:23:12.0075 3684 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\windows\system32\DRIVERS\srv2.sys

10:23:12.0090 3684 srv2 - ok

10:23:12.0153 3684 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\windows\system32\DRIVERS\VSTAZL6.SYS

10:23:12.0168 3684 SrvHsfHDA - ok

10:23:12.0262 3684 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\windows\system32\DRIVERS\VSTDPV6.SYS

10:23:12.0277 3684 SrvHsfV92 - ok

10:23:12.0418 3684 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\windows\system32\DRIVERS\VSTCNXT6.SYS

10:23:12.0433 3684 SrvHsfWinac - ok

10:23:12.0465 3684 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\windows\system32\DRIVERS\srvnet.sys

10:23:12.0465 3684 srvnet - ok

10:23:12.0527 3684 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll

10:23:12.0527 3684 SSDPSRV - ok

10:23:12.0543 3684 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll

10:23:12.0543 3684 SstpSvc - ok

10:23:12.0574 3684 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys

10:23:12.0574 3684 stexstor - ok

10:23:12.0667 3684 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\windows\System32\wiaservc.dll

10:23:12.0683 3684 stisvc - ok

10:23:12.0699 3684 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys

10:23:12.0699 3684 swenum - ok

10:23:12.0761 3684 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll

10:23:12.0761 3684 swprv - ok

10:23:12.0839 3684 SynTP (470c47daba9ca3966f0ab3f835d7d135) C:\windows\system32\DRIVERS\SynTP.sys

10:23:12.0855 3684 SynTP - ok

10:23:12.0979 3684 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\windows\system32\sysmain.dll

10:23:12.0995 3684 SysMain - ok

10:23:13.0089 3684 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\windows\System32\TabSvc.dll

10:23:13.0089 3684 TabletInputService - ok

10:23:13.0120 3684 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\windows\System32\tapisrv.dll

10:23:13.0120 3684 TapiSrv - ok

10:23:13.0135 3684 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll

10:23:13.0135 3684 TBS - ok

10:23:13.0291 3684 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\windows\system32\drivers\tcpip.sys

10:23:13.0323 3684 Tcpip - ok

10:23:13.0557 3684 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\windows\system32\DRIVERS\tcpip.sys

10:23:13.0572 3684 TCPIP6 - ok

10:23:13.0666 3684 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\windows\system32\drivers\tcpipreg.sys

10:23:13.0666 3684 tcpipreg - ok

10:23:13.0728 3684 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys

10:23:13.0728 3684 tdcmdpst - ok

10:23:13.0760 3684 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys

10:23:13.0760 3684 TDPIPE - ok

10:23:13.0791 3684 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\windows\system32\drivers\tdtcp.sys

10:23:13.0791 3684 TDTCP - ok

10:23:13.0822 3684 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\windows\system32\DRIVERS\tdx.sys

10:23:13.0822 3684 tdx - ok

10:23:13.0853 3684 TermDD (c448651339196c0e869a355171875522) C:\windows\system32\DRIVERS\termdd.sys

10:23:13.0853 3684 TermDD - ok

10:23:13.0916 3684 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\windows\System32\termsrv.dll

10:23:13.0916 3684 TermService - ok

10:23:13.0931 3684 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll

10:23:13.0931 3684 Themes - ok

10:23:13.0962 3684 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll

10:23:13.0962 3684 THREADORDER - ok

10:23:14.0072 3684 TMachInfo (28644b0523d64eff2fc7312a2ee74b0a) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

10:23:14.0072 3684 TMachInfo - ok

10:23:14.0103 3684 TODDSrv (ed32035bdfeced1ad66d459fd9cc1140) C:\Windows\system32\TODDSrv.exe

10:23:14.0103 3684 TODDSrv - ok

10:23:14.0228 3684 TosCoSrv (db9719688c08f42705feb3f6a0c98b91) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

10:23:14.0228 3684 TosCoSrv - ok

10:23:14.0321 3684 TOSHIBA eco Utility Service (bae96ad126f4eed4d361b092ba2e61fe) C:\Program Files\TOSHIBA\TECO\TecoService.exe

10:23:14.0321 3684 TOSHIBA eco Utility Service - ok

10:23:14.0368 3684 TOSHIBA HDD SSD Alert Service (74c2fa8c3765ee71a9c22182ec108457) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

10:23:14.0368 3684 TOSHIBA HDD SSD Alert Service - ok

10:23:14.0493 3684 TPCHSrv (97687d094aa597da366e1194b218cc6c) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

10:23:14.0508 3684 TPCHSrv - ok

10:23:14.0633 3684 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll

10:23:14.0633 3684 TrkWks - ok

10:23:14.0711 3684 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\windows\servicing\TrustedInstaller.exe

10:23:14.0711 3684 TrustedInstaller - ok

10:23:14.0742 3684 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\windows\system32\DRIVERS\tssecsrv.sys

10:23:14.0742 3684 tssecsrv - ok

10:23:14.0805 3684 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\windows\system32\DRIVERS\tunnel.sys

10:23:14.0805 3684 tunnel - ok

10:23:14.0867 3684 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS

10:23:14.0867 3684 TVALZ - ok

10:23:14.0914 3684 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys

10:23:14.0914 3684 TVALZFL - ok

10:23:14.0930 3684 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys

10:23:14.0930 3684 uagp35 - ok

10:23:14.0961 3684 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\windows\system32\DRIVERS\udfs.sys

10:23:14.0961 3684 udfs - ok

10:23:14.0992 3684 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe

10:23:14.0992 3684 UI0Detect - ok

10:23:15.0023 3684 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\DRIVERS\uliagpkx.sys

10:23:15.0023 3684 uliagpkx - ok

10:23:15.0086 3684 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\windows\system32\DRIVERS\umbus.sys

10:23:15.0086 3684 umbus - ok

10:23:15.0117 3684 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys

10:23:15.0117 3684 UmPass - ok

10:23:15.0304 3684 UNS (7466809e6da561d60c2f1ce8ede3c73f) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

10:23:15.0335 3684 UNS - ok

10:23:15.0444 3684 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll

10:23:15.0444 3684 upnphost - ok

10:23:15.0538 3684 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\windows\system32\drivers\usbaudio.sys

10:23:15.0538 3684 usbaudio - ok

10:23:15.0585 3684 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\windows\system32\DRIVERS\usbccgp.sys

10:23:15.0600 3684 usbccgp - ok

10:23:15.0647 3684 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\DRIVERS\usbcir.sys

10:23:15.0647 3684 usbcir - ok

10:23:15.0710 3684 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\windows\system32\drivers\usbehci.sys

10:23:15.0710 3684 usbehci - ok

10:23:15.0741 3684 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\windows\system32\DRIVERS\usbhub.sys

10:23:15.0756 3684 usbhub - ok

10:23:15.0772 3684 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\windows\system32\drivers\usbohci.sys

10:23:15.0772 3684 usbohci - ok

10:23:15.0881 3684 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys

10:23:15.0881 3684 usbprint - ok

10:23:15.0928 3684 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys

10:23:15.0928 3684 usbscan - ok

10:23:15.0959 3684 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\windows\system32\DRIVERS\USBSTOR.SYS

10:23:15.0975 3684 USBSTOR - ok

10:23:16.0006 3684 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\windows\system32\drivers\usbuhci.sys

10:23:16.0006 3684 usbuhci - ok

10:23:16.0084 3684 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\windows\System32\Drivers\usbvideo.sys

10:23:16.0084 3684 usbvideo - ok

10:23:16.0115 3684 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll

Link to post
Share on other sites

10:23:16.0115 3684 UxSms - ok

10:23:16.0178 3684 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe

10:23:16.0178 3684 VaultSvc - ok

10:23:16.0240 3684 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\DRIVERS\vdrvroot.sys

10:23:16.0240 3684 vdrvroot - ok

10:23:16.0302 3684 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\windows\System32\vds.exe

10:23:16.0302 3684 vds - ok

10:23:16.0349 3684 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys

10:23:16.0349 3684 vga - ok

10:23:16.0380 3684 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys

10:23:16.0380 3684 VgaSave - ok

10:23:16.0412 3684 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\windows\system32\DRIVERS\vhdmp.sys

10:23:16.0412 3684 vhdmp - ok

10:23:16.0427 3684 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\DRIVERS\viaide.sys

10:23:16.0427 3684 viaide - ok

10:23:16.0443 3684 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\windows\system32\DRIVERS\volmgr.sys

10:23:16.0443 3684 volmgr - ok

10:23:16.0474 3684 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\windows\system32\drivers\volmgrx.sys

10:23:16.0474 3684 volmgrx - ok

10:23:16.0521 3684 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\windows\system32\DRIVERS\volsnap.sys

10:23:16.0536 3684 volsnap - ok

10:23:16.0568 3684 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys

10:23:16.0568 3684 vsmraid - ok

10:23:16.0692 3684 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\windows\system32\vssvc.exe

10:23:16.0708 3684 VSS - ok

10:23:16.0833 3684 vToolbarUpdater12.1.5 (3da649c6ec481d8f36b54f33fc01dd1e) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe

10:23:16.0833 3684 vToolbarUpdater12.1.5 - ok

10:23:16.0926 3684 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys

10:23:16.0926 3684 vwifibus - ok

10:23:16.0958 3684 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys

10:23:16.0958 3684 vwififlt - ok

10:23:17.0020 3684 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll

10:23:17.0020 3684 W32Time - ok

10:23:17.0051 3684 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys

10:23:17.0051 3684 WacomPen - ok

10:23:17.0098 3684 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys

10:23:17.0098 3684 WANARP - ok

10:23:17.0114 3684 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys

10:23:17.0114 3684 Wanarpv6 - ok

10:23:17.0238 3684 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe

10:23:17.0254 3684 WatAdminSvc - ok

10:23:17.0363 3684 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\windows\system32\wbengine.exe

10:23:17.0379 3684 wbengine - ok

10:23:17.0519 3684 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll

10:23:17.0535 3684 WbioSrvc - ok

10:23:17.0582 3684 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\windows\System32\wcncsvc.dll

10:23:17.0597 3684 wcncsvc - ok

10:23:17.0613 3684 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll

10:23:17.0613 3684 WcsPlugInService - ok

10:23:17.0644 3684 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys

10:23:17.0644 3684 Wd - ok

10:23:17.0691 3684 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys

10:23:17.0691 3684 Wdf01000 - ok

10:23:17.0722 3684 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll

10:23:17.0738 3684 WdiServiceHost - ok

10:23:17.0738 3684 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll

10:23:17.0738 3684 WdiSystemHost - ok

10:23:17.0769 3684 WebClient (733006127f235be7c35354ebee7b9a7b) C:\windows\System32\webclnt.dll

10:23:17.0784 3684 WebClient - ok

10:23:17.0847 3684 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll

10:23:17.0862 3684 Wecsvc - ok

10:23:17.0878 3684 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll

10:23:17.0878 3684 wercplsupport - ok

10:23:17.0925 3684 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll

10:23:17.0925 3684 WerSvc - ok

10:23:18.0003 3684 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys

10:23:18.0003 3684 WfpLwf - ok

10:23:18.0018 3684 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys

10:23:18.0018 3684 WIMMount - ok

10:23:18.0050 3684 WinDefend - ok

10:23:18.0065 3684 WinHttpAutoProxySvc - ok

10:23:18.0128 3684 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll

10:23:18.0143 3684 Winmgmt - ok

10:23:18.0268 3684 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\windows\system32\WsmSvc.dll

10:23:18.0284 3684 WinRM - ok

10:23:18.0440 3684 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\windows\system32\DRIVERS\WinUsb.sys

10:23:18.0440 3684 WinUsb - ok

10:23:18.0502 3684 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll

10:23:18.0518 3684 Wlansvc - ok

10:23:18.0596 3684 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

10:23:18.0596 3684 wlcrasvc - ok

10:23:18.0767 3684 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

10:23:18.0798 3684 wlidsvc - ok

10:23:18.0923 3684 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys

10:23:18.0923 3684 WmiAcpi - ok

10:23:19.0001 3684 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe

10:23:19.0001 3684 wmiApSrv - ok

10:23:19.0048 3684 WMPNetworkSvc - ok

10:23:19.0095 3684 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll

10:23:19.0095 3684 WPCSvc - ok

10:23:19.0110 3684 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\windows\system32\wpdbusenum.dll

10:23:19.0126 3684 WPDBusEnum - ok

10:23:19.0142 3684 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys

10:23:19.0142 3684 ws2ifsl - ok

10:23:19.0173 3684 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\windows\System32\wscsvc.dll

10:23:19.0173 3684 wscsvc - ok

10:23:19.0173 3684 WSearch - ok

10:23:19.0344 3684 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\windows\system32\wuaueng.dll

10:23:19.0376 3684 wuauserv - ok

10:23:19.0469 3684 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\windows\system32\drivers\WudfPf.sys

10:23:19.0469 3684 WudfPf - ok

10:23:19.0532 3684 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\windows\system32\DRIVERS\WUDFRd.sys

10:23:19.0532 3684 WUDFRd - ok

10:23:19.0563 3684 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\windows\System32\WUDFSvc.dll

10:23:19.0563 3684 wudfsvc - ok

10:23:19.0594 3684 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll

10:23:19.0610 3684 WwanSvc - ok

10:23:19.0656 3684 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0

10:23:19.0875 3684 \Device\Harddisk0\DR0 - ok

10:23:19.0906 3684 Boot (0x1200) (dafa8d81702cdb9f083e9219c17a720d) \Device\Harddisk0\DR0\Partition0

10:23:19.0906 3684 \Device\Harddisk0\DR0\Partition0 - ok

10:23:19.0906 3684 ============================================================

10:23:19.0906 3684 Scan finished

10:23:19.0906 3684 ============================================================

10:23:19.0922 4972 Detected object count: 0

10:23:19.0922 4972 Actual detected object count: 0

10:23:56.0129 1936 ============================================================

10:23:56.0129 1936 Scan started

10:23:56.0129 1936 Mode: Manual; SigCheck; TDLFS;

10:23:56.0129 1936 ============================================================

10:23:56.0379 1936 1394ohci (969c91060cbb5d17cb8440b5f78b4c51) C:\windows\system32\DRIVERS\1394ohci.sys

10:23:56.0488 1936 1394ohci - ok

10:23:56.0519 1936 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\windows\system32\DRIVERS\ACPI.sys

10:23:56.0550 1936 ACPI - ok

10:23:56.0566 1936 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\windows\system32\DRIVERS\acpipmi.sys

10:23:56.0582 1936 AcpiPmi - ok

10:23:56.0644 1936 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

10:23:56.0660 1936 AdobeARMservice - ok

10:23:56.0706 1936 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys

10:23:56.0738 1936 adp94xx - ok

10:23:56.0753 1936 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys

10:23:56.0769 1936 adpahci - ok

10:23:56.0784 1936 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys

10:23:56.0800 1936 adpu320 - ok

10:23:56.0831 1936 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll

10:23:56.0878 1936 AeLookupSvc - ok

10:23:56.0925 1936 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\windows\system32\drivers\afd.sys

10:23:56.0940 1936 AFD - ok

10:23:56.0972 1936 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\DRIVERS\agp440.sys

10:23:56.0987 1936 agp440 - ok

10:23:57.0018 1936 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe

10:23:57.0034 1936 ALG - ok

10:23:57.0034 1936 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\DRIVERS\aliide.sys

10:23:57.0050 1936 aliide - ok

10:23:57.0050 1936 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\DRIVERS\amdide.sys

10:23:57.0065 1936 amdide - ok

10:23:57.0065 1936 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys

10:23:57.0081 1936 AmdK8 - ok

10:23:57.0081 1936 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys

10:23:57.0096 1936 AmdPPM - ok

10:23:57.0143 1936 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\windows\system32\drivers\amdsata.sys

10:23:57.0143 1936 amdsata - ok

10:23:57.0174 1936 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys

10:23:57.0206 1936 amdsbs - ok

10:23:57.0237 1936 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\windows\system32\drivers\amdxata.sys

10:23:57.0237 1936 amdxata - ok

10:23:57.0268 1936 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\windows\system32\drivers\appid.sys

10:23:57.0284 1936 AppID - ok

10:23:57.0315 1936 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll

10:23:57.0362 1936 AppIDSvc - ok

10:23:57.0362 1936 Appinfo (d065be66822847b7f127d1f90158376e) C:\windows\System32\appinfo.dll

10:23:57.0377 1936 Appinfo - ok

10:23:57.0377 1936 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys

10:23:57.0393 1936 arc - ok

10:23:57.0393 1936 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys

10:23:57.0408 1936 arcsas - ok

10:23:57.0408 1936 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys

10:23:57.0455 1936 AsyncMac - ok

10:23:57.0471 1936 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\DRIVERS\atapi.sys

10:23:57.0486 1936 atapi - ok

10:23:57.0518 1936 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\windows\System32\Audiosrv.dll

10:23:57.0564 1936 AudioEndpointBuilder - ok

10:23:57.0580 1936 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\windows\System32\Audiosrv.dll

10:23:57.0627 1936 AudioSrv - ok

10:23:57.0642 1936 avgtp (e1b8ec60c85a266cb604cd46921606b4) C:\windows\system32\drivers\avgtpx64.sys

10:23:57.0674 1936 avgtp - ok

10:23:57.0705 1936 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\windows\System32\AxInstSV.dll

10:23:57.0720 1936 AxInstSV - ok

10:23:57.0783 1936 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys

10:23:57.0814 1936 b06bdrv - ok

10:23:57.0861 1936 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys

10:23:57.0876 1936 b57nd60a - ok

10:23:57.0923 1936 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll

10:23:57.0939 1936 BDESVC - ok

10:23:57.0954 1936 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys

10:23:58.0001 1936 Beep - ok

10:23:58.0048 1936 BFE (4992c609a6315671463e30f6512bc022) C:\windows\System32\bfe.dll

10:23:58.0110 1936 BFE - ok

10:23:58.0188 1936 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\windows\System32\qmgr.dll

10:23:58.0251 1936 BITS - ok

10:23:58.0298 1936 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys

10:23:58.0313 1936 blbdrive - ok

10:23:58.0344 1936 bowser (19d20159708e152267e53b66677a4995) C:\windows\system32\DRIVERS\bowser.sys

10:23:58.0360 1936 bowser - ok

10:23:58.0376 1936 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys

10:23:58.0407 1936 BrFiltLo - ok

10:23:58.0407 1936 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys

10:23:58.0422 1936 BrFiltUp - ok

10:23:58.0454 1936 Browser (94fbc06f294d58d02361918418f996e3) C:\windows\System32\browser.dll

10:23:58.0500 1936 Browser - ok

10:23:58.0500 1936 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys

10:23:58.0516 1936 Brserid - ok

10:23:58.0532 1936 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys

10:23:58.0547 1936 BrSerWdm - ok

10:23:58.0547 1936 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys

10:23:58.0563 1936 BrUsbMdm - ok

10:23:58.0563 1936 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys

10:23:58.0578 1936 BrUsbSer - ok

10:23:58.0594 1936 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys

10:23:58.0610 1936 BTHMODEM - ok

10:23:58.0625 1936 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll

10:23:58.0672 1936 bthserv - ok

10:23:58.0703 1936 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys

10:23:58.0734 1936 cdfs - ok

10:23:58.0750 1936 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\windows\system32\DRIVERS\cdrom.sys

10:23:58.0766 1936 cdrom - ok

10:23:58.0797 1936 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\windows\System32\certprop.dll

10:23:58.0844 1936 CertPropSvc - ok

10:23:58.0875 1936 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys

10:23:58.0890 1936 circlass - ok

10:23:58.0906 1936 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys

10:23:58.0922 1936 CLFS - ok

10:23:59.0000 1936 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

10:23:59.0031 1936 clr_optimization_v2.0.50727_32 - ok

10:23:59.0078 1936 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

10:23:59.0093 1936 clr_optimization_v2.0.50727_64 - ok

10:23:59.0156 1936 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

10:23:59.0171 1936 clr_optimization_v4.0.30319_32 - ok

10:23:59.0218 1936 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

10:23:59.0234 1936 clr_optimization_v4.0.30319_64 - ok

10:23:59.0249 1936 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys

10:23:59.0265 1936 CmBatt - ok

10:23:59.0280 1936 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\DRIVERS\cmdide.sys

10:23:59.0296 1936 cmdide - ok

10:23:59.0343 1936 CNG (ca7720b73446fddec5c69519c1174c98) C:\windows\system32\Drivers\cng.sys

10:23:59.0374 1936 CNG - ok

10:23:59.0436 1936 CnxtHdAudService (25c58ee97be0416a373e3e4f855206b5) C:\windows\system32\drivers\CHDRT64.sys

10:23:59.0452 1936 CnxtHdAudService - ok

10:23:59.0483 1936 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys

10:23:59.0499 1936 Compbatt - ok

10:23:59.0499 1936 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\windows\system32\DRIVERS\CompositeBus.sys

10:23:59.0514 1936 CompositeBus - ok

10:23:59.0530 1936 COMSysApp - ok

10:23:59.0546 1936 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys

10:23:59.0546 1936 crcdisk - ok

10:23:59.0592 1936 CryptSvc (f02786b66375292e58c8777082d4396d) C:\windows\system32\cryptsvc.dll

10:23:59.0608 1936 CryptSvc - ok

10:23:59.0670 1936 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\windows\system32\rpcss.dll

10:23:59.0717 1936 DcomLaunch - ok

10:23:59.0764 1936 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll

10:23:59.0811 1936 defragsvc - ok

10:23:59.0842 1936 DfsC (9c253ce7311ca60fc11c774692a13208) C:\windows\system32\Drivers\dfsc.sys

10:23:59.0873 1936 DfsC - ok

10:23:59.0904 1936 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\windows\system32\dhcpcore.dll

10:23:59.0920 1936 Dhcp - ok

10:23:59.0951 1936 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys

10:24:00.0014 1936 discache - ok

10:24:00.0045 1936 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys

10:24:00.0060 1936 Disk - ok

10:24:00.0092 1936 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\windows\System32\dnsrslvr.dll

10:24:00.0123 1936 Dnscache - ok

10:24:00.0154 1936 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\windows\System32\dot3svc.dll

10:24:00.0216 1936 dot3svc - ok

10:24:00.0232 1936 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\windows\system32\dps.dll

10:24:00.0279 1936 DPS - ok

10:24:00.0310 1936 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys

10:24:00.0326 1936 drmkaud - ok

10:24:00.0388 1936 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\windows\System32\drivers\dxgkrnl.sys

10:24:00.0419 1936 DXGKrnl - ok

10:24:00.0450 1936 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll

10:24:00.0497 1936 EapHost - ok

10:24:00.0700 1936 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys

10:24:00.0747 1936 ebdrv - ok

10:24:00.0856 1936 EFS (156f6159457d0aa7e59b62681b56eb90) C:\windows\System32\lsass.exe

10:24:00.0887 1936 EFS - ok

10:24:00.0981 1936 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\windows\ehome\ehRecvr.exe

10:24:01.0028 1936 ehRecvr - ok

10:24:01.0059 1936 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe

10:24:01.0074 1936 ehSched - ok

10:24:01.0152 1936 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys

10:24:01.0184 1936 elxstor - ok

10:24:01.0184 1936 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\DRIVERS\errdev.sys

10:24:01.0199 1936 ErrDev - ok

10:24:01.0246 1936 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll

10:24:01.0293 1936 EventSystem - ok

10:24:01.0324 1936 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys

10:24:01.0371 1936 exfat - ok

10:24:01.0402 1936 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys

10:24:01.0433 1936 fastfat - ok

10:24:01.0496 1936 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\windows\system32\fxssvc.exe

10:24:01.0542 1936 Fax - ok

10:24:01.0558 1936 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys

10:24:01.0574 1936 fdc - ok

10:24:01.0605 1936 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll

10:24:01.0652 1936 fdPHost - ok

10:24:01.0652 1936 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll

10:24:01.0698 1936 FDResPub - ok

10:24:01.0714 1936 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys

10:24:01.0730 1936 FileInfo - ok

10:24:01.0745 1936 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys

10:24:01.0776 1936 Filetrace - ok

10:24:01.0792 1936 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys

10:24:01.0808 1936 flpydisk - ok

10:24:01.0823 1936 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\windows\system32\drivers\fltmgr.sys

10:24:01.0839 1936 FltMgr - ok

10:24:01.0932 1936 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\windows\system32\FntCache.dll

10:24:01.0979 1936 FontCache - ok

10:24:02.0042 1936 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

10:24:02.0057 1936 FontCache3.0.0.0 - ok

10:24:02.0104 1936 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys

10:24:02.0120 1936 FsDepends - ok

10:24:02.0151 1936 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\windows\system32\drivers\Fs_Rec.sys

10:24:02.0166 1936 Fs_Rec - ok

10:24:02.0198 1936 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\windows\system32\DRIVERS\fvevol.sys

10:24:02.0229 1936 fvevol - ok

10:24:02.0244 1936 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys

10:24:02.0244 1936 gagp30kx - ok

10:24:02.0322 1936 GameConsoleService (1fda0df739234c4023851a282dd28704) C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe

10:24:02.0354 1936 GameConsoleService - ok

10:24:02.0416 1936 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\windows\System32\gpsvc.dll

10:24:02.0447 1936 gpsvc - ok

10:24:02.0510 1936 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

10:24:02.0525 1936 gupdate - ok

10:24:02.0525 1936 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

10:24:02.0541 1936 gupdatem - ok

10:24:02.0556 1936 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys

10:24:02.0572 1936 hcw85cir - ok

10:24:02.0588 1936 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\windows\system32\drivers\HdAudio.sys

10:24:02.0603 1936 HdAudAddService - ok

10:24:02.0634 1936 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\windows\system32\DRIVERS\HDAudBus.sys

10:24:02.0650 1936 HDAudBus - ok

10:24:02.0666 1936 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\windows\system32\DRIVERS\HECIx64.sys

10:24:02.0681 1936 HECIx64 - ok

10:24:02.0697 1936 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys

10:24:02.0712 1936 HidBatt - ok

10:24:02.0728 1936 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys

10:24:02.0744 1936 HidBth - ok

10:24:02.0744 1936 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys

10:24:02.0759 1936 HidIr - ok

10:24:02.0790 1936 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll

10:24:02.0837 1936 hidserv - ok

10:24:02.0837 1936 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\windows\system32\DRIVERS\hidusb.sys

10:24:02.0853 1936 HidUsb - ok

10:24:02.0884 1936 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\windows\system32\kmsvc.dll

10:24:02.0931 1936 hkmsvc - ok

10:24:02.0946 1936 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\windows\system32\ListSvc.dll

10:24:02.0978 1936 HomeGroupListener - ok

10:24:02.0993 1936 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\windows\system32\provsvc.dll

10:24:03.0009 1936 HomeGroupProvider - ok

10:24:03.0040 1936 HpSAMD (0886d440058f203eba0e1825e4355914) C:\windows\system32\DRIVERS\HpSAMD.sys

10:24:03.0056 1936 HpSAMD - ok

10:24:03.0102 1936 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\windows\system32\drivers\HTTP.sys

10:24:03.0165 1936 HTTP - ok

10:24:03.0180 1936 hwpolicy (f17766a19145f111856378df337a5d79) C:\windows\system32\drivers\hwpolicy.sys

10:24:03.0196 1936 hwpolicy - ok

10:24:03.0196 1936 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys

10:24:03.0212 1936 i8042prt - ok

10:24:03.0258 1936 iaStor (5e60dd5f090ab4a563c7204c289c4650) C:\windows\system32\DRIVERS\iaStor.sys

10:24:03.0290 1936 iaStor - ok

10:24:03.0321 1936 iaStorV (b75e45c564e944a2657167d197ab29da) C:\windows\system32\drivers\iaStorV.sys

10:24:03.0352 1936 iaStorV - ok

10:24:03.0430 1936 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

10:24:03.0446 1936 IDriverT ( UnsignedFile.Multi.Generic ) - warning

10:24:03.0446 1936 IDriverT - detected UnsignedFile.Multi.Generic (1)

10:24:03.0539 1936 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

10:24:03.0586 1936 idsvc - ok

10:24:04.0210 1936 igfx (1be8d9ca4f2363b8e8015621878e0043) C:\windows\system32\DRIVERS\igdkmd64.sys

10:24:04.0350 1936 igfx - ok

10:24:04.0522 1936 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys

10:24:04.0553 1936 iirsp - ok

10:24:04.0616 1936 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\windows\System32\ikeext.dll

10:24:04.0678 1936 IKEEXT - ok

10:24:04.0725 1936 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\windows\system32\DRIVERS\Impcd.sys

10:24:04.0740 1936 Impcd - ok

10:24:04.0772 1936 InputFilter_Hid_FlexDef2b (caa8bc6737dfa3bf1a50175cfb226788) C:\windows\system32\DRIVERS\InputFilter_FlexDef2b.sys

10:24:04.0787 1936 InputFilter_Hid_FlexDef2b - ok

10:24:04.0834 1936 IntcDAud (03c74719d48056a1078f3a51ceb76baa) C:\windows\system32\DRIVERS\IntcDAud.sys

10:24:04.0865 1936 IntcDAud - ok

10:24:04.0896 1936 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\DRIVERS\intelide.sys

10:24:04.0912 1936 intelide - ok

10:24:04.0928 1936 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys

10:24:04.0943 1936 intelppm - ok

10:24:04.0959 1936 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll

10:24:05.0006 1936 IPBusEnum - ok

10:24:05.0037 1936 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\windows\system32\DRIVERS\ipfltdrv.sys

10:24:05.0084 1936 IpFilterDriver - ok

10:24:05.0130 1936 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\windows\System32\iphlpsvc.dll

10:24:05.0193 1936 iphlpsvc - ok

10:24:05.0193 1936 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\windows\system32\DRIVERS\IPMIDrv.sys

10:24:05.0208 1936 IPMIDRV - ok

10:24:05.0224 1936 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys

10:24:05.0255 1936 IPNAT - ok

10:24:05.0286 1936 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys

10:24:05.0302 1936 IRENUM - ok

10:24:05.0302 1936 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\DRIVERS\isapnp.sys

10:24:05.0318 1936 isapnp - ok

10:24:05.0364 1936 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\windows\system32\DRIVERS\msiscsi.sys

10:24:05.0380 1936 iScsiPrt - ok

10:24:05.0396 1936 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys

10:24:05.0411 1936 kbdclass - ok

10:24:05.0427 1936 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\windows\system32\DRIVERS\kbdhid.sys

10:24:05.0442 1936 kbdhid - ok

10:24:05.0474 1936 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe

10:24:05.0489 1936 KeyIso - ok

10:24:05.0520 1936 KSecDD (4f4b5fde429416877de7143044582eb5) C:\windows\system32\Drivers\ksecdd.sys

10:24:05.0536 1936 KSecDD - ok

10:24:05.0552 1936 KSecPkg (6f40465a44ecdc1731befafec5bdd03c) C:\windows\system32\Drivers\ksecpkg.sys

10:24:05.0567 1936 KSecPkg - ok

10:24:05.0598 1936 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys

10:24:05.0661 1936 ksthunk - ok

10:24:05.0692 1936 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll

10:24:05.0739 1936 KtmRm - ok

10:24:05.0770 1936 L1C (655a5d8e80869781cce23760ada7e695) C:\windows\system32\DRIVERS\L1C62x64.sys

10:24:05.0786 1936 L1C - ok

10:24:05.0817 1936 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\windows\system32\srvsvc.dll

10:24:05.0848 1936 LanmanServer - ok

10:24:05.0879 1936 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\windows\System32\wkssvc.dll

10:24:05.0942 1936 LanmanWorkstation - ok

10:24:05.0957 1936 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys

10:24:06.0004 1936 lltdio - ok

10:24:06.0035 1936 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll

10:24:06.0082 1936 lltdsvc - ok

10:24:06.0098 1936 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll

10:24:06.0144 1936 lmhosts - ok

10:24:06.0222 1936 LMS (dbc1136a62bd4decc3632df650284c2e) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

10:24:06.0254 1936 LMS - ok

10:24:06.0269 1936 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys

10:24:06.0285 1936 LSI_FC - ok

10:24:06.0316 1936 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys

10:24:06.0332 1936 LSI_SAS - ok

10:24:06.0332 1936 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys

10:24:06.0347 1936 LSI_SAS2 - ok

10:24:06.0363 1936 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys

10:24:06.0378 1936 LSI_SCSI - ok

10:24:06.0394 1936 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys

10:24:06.0441 1936 luafv - ok

10:24:06.0472 1936 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\windows\system32\drivers\mbam.sys

10:24:06.0472 1936 MBAMProtector - ok

10:24:06.0534 1936 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

10:24:06.0581 1936 MBAMService - ok

10:24:06.0612 1936 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\windows\system32\Mcx2Svc.dll

10:24:06.0628 1936 Mcx2Svc - ok

10:24:06.0644 1936 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys

10:24:06.0659 1936 megasas - ok

10:24:06.0675 1936 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys

10:24:06.0690 1936 MegaSR - ok

10:24:06.0722 1936 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll

10:24:06.0768 1936 MMCSS - ok

10:24:06.0784 1936 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys

10:24:06.0831 1936 Modem - ok

10:24:06.0846 1936 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys

10:24:06.0862 1936 monitor - ok

10:24:06.0878 1936 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys

10:24:06.0878 1936 mouclass - ok

10:24:06.0893 1936 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys

10:24:06.0909 1936 mouhid - ok

10:24:06.0924 1936 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\windows\system32\drivers\mountmgr.sys

10:24:06.0940 1936 mountmgr - ok

10:24:06.0987 1936 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

10:24:07.0018 1936 MozillaMaintenance - ok

10:24:07.0049 1936 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\windows\system32\DRIVERS\mpio.sys

10:24:07.0065 1936 mpio - ok

10:24:07.0096 1936 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys

10:24:07.0127 1936 mpsdrv - ok

10:24:07.0190 1936 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\windows\system32\mpssvc.dll

10:24:07.0252 1936 MpsSvc - ok

10:24:07.0268 1936 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\windows\system32\drivers\mrxdav.sys

10:24:07.0283 1936 MRxDAV - ok

10:24:07.0314 1936 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\windows\system32\DRIVERS\mrxsmb.sys

10:24:07.0346 1936 mrxsmb - ok

10:24:07.0377 1936 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\windows\system32\DRIVERS\mrxsmb10.sys

10:24:07.0408 1936 mrxsmb10 - ok

10:24:07.0439 1936 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\windows\system32\DRIVERS\mrxsmb20.sys

10:24:07.0455 1936 mrxsmb20 - ok

10:24:07.0470 1936 msahci (2ba4ff3d5eb68587dd662a896f649c7d) C:\windows\system32\DRIVERS\msahci.sys

10:24:07.0486 1936 msahci - ok

10:24:07.0517 1936 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\windows\system32\DRIVERS\msdsm.sys

10:24:07.0533 1936 msdsm - ok

10:24:07.0564 1936 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe

10:24:07.0580 1936 MSDTC - ok

10:24:07.0595 1936 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys

10:24:07.0642 1936 Msfs - ok

10:24:07.0658 1936 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys

10:24:07.0689 1936 mshidkmdf - ok

10:24:07.0704 1936 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\DRIVERS\msisadrv.sys

10:24:07.0720 1936 msisadrv - ok

10:24:07.0767 1936 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll

10:24:07.0798 1936 MSiSCSI - ok

10:24:07.0814 1936 msiserver - ok

10:24:07.0829 1936 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys

10:24:07.0876 1936 MSKSSRV - ok

10:24:07.0876 1936 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys

10:24:07.0923 1936 MSPCLOCK - ok

10:24:07.0923 1936 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys

10:24:07.0970 1936 MSPQM - ok

10:24:08.0001 1936 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\windows\system32\drivers\MsRPC.sys

10:24:08.0016 1936 MsRPC - ok

10:24:08.0032 1936 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys

10:24:08.0048 1936 mssmbios - ok

10:24:08.0048 1936 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys

10:24:08.0094 1936 MSTEE - ok

10:24:08.0110 1936 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys

10:24:08.0110 1936 MTConfig - ok

10:24:08.0126 1936 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys

10:24:08.0141 1936 Mup - ok

10:24:08.0172 1936 napagent (4987e079a4530fa737a128be54b63b12) C:\windows\system32\qagentRT.dll

10:24:08.0235 1936 napagent - ok

10:24:08.0266 1936 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys

10:24:08.0297 1936 NativeWifiP - ok

10:24:08.0360 1936 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\windows\system32\drivers\ndis.sys

10:24:08.0391 1936 NDIS - ok

10:24:08.0406 1936 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys

10:24:08.0453 1936 NdisCap - ok

10:24:08.0453 1936 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys

10:24:08.0484 1936 NdisTapi - ok

10:24:08.0516 1936 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\windows\system32\DRIVERS\ndisuio.sys

10:24:08.0547 1936 Ndisuio - ok

10:24:08.0562 1936 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\windows\system32\DRIVERS\ndiswan.sys

10:24:08.0609 1936 NdisWan - ok

10:24:08.0609 1936 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\windows\system32\drivers\NDProxy.sys

10:24:08.0656 1936 NDProxy - ok

10:24:08.0656 1936 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys

10:24:08.0703 1936 NetBIOS - ok

10:24:08.0718 1936 NetBT (9162b273a44ab9dce5b44362731d062a) C:\windows\system32\DRIVERS\netbt.sys

10:24:08.0750 1936 NetBT - ok

10:24:08.0781 1936 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe

10:24:08.0796 1936 Netlogon - ok

10:24:08.0843 1936 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll

10:24:08.0906 1936 Netman - ok

10:24:08.0937 1936 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll

10:24:08.0984 1936 netprofm - ok

10:24:09.0046 1936 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

10:24:09.0077 1936 NetTcpPortSharing - ok

10:24:09.0108 1936 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys

10:24:09.0124 1936 nfrd960 - ok

10:24:09.0155 1936 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\windows\System32\nlasvc.dll

10:24:09.0218 1936 NlaSvc - ok

10:24:09.0264 1936 Norton PC Checkup Application Launcher - ok

10:24:09.0280 1936 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys

10:24:09.0327 1936 Npfs - ok

10:24:09.0358 1936 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll

10:24:09.0389 1936 nsi - ok

10:24:09.0420 1936 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys

10:24:09.0467 1936 nsiproxy - ok

10:24:09.0592 1936 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\windows\system32\drivers\Ntfs.sys

10:24:09.0639 1936 Ntfs - ok

10:24:09.0732 1936 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys

10:24:09.0779 1936 Null - ok

10:24:09.0810 1936 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\windows\system32\drivers\nvraid.sys

10:24:09.0826 1936 nvraid - ok

10:24:09.0842 1936 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\windows\system32\drivers\nvstor.sys

10:24:09.0857 1936 nvstor - ok

10:24:09.0888 1936 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\DRIVERS\nv_agp.sys

10:24:09.0904 1936 nv_agp - ok

10:24:09.0920 1936 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\DRIVERS\ohci1394.sys

10:24:09.0935 1936 ohci1394 - ok

10:24:09.0982 1936 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

10:24:09.0998 1936 ose - ok

10:24:10.0044 1936 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll

10:24:10.0076 1936 p2pimsvc - ok

10:24:10.0107 1936 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll

10:24:10.0122 1936 p2psvc - ok

10:24:10.0154 1936 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys

10:24:10.0169 1936 Parport - ok

10:24:10.0216 1936 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\windows\system32\drivers\partmgr.sys

10:24:10.0232 1936 partmgr - ok

10:24:10.0263 1936 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll

10:24:10.0278 1936 PcaSvc - ok

10:24:10.0325 1936 PCCUJobMgr (2f86be1818c2d7ac90478e3323ee7fcb) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\ccSvcHst.exe

10:24:10.0341 1936 PCCUJobMgr - ok

10:24:10.0388 1936 pci (5aab2b170536885de70a6cba8d7ce52b) C:\windows\system32\DRIVERS\pci.sys

10:24:10.0403 1936 pci - ok

10:24:10.0434 1936 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys

10:24:10.0434 1936 pciide - ok

10:24:10.0481 1936 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys

10:24:10.0497 1936 pcmcia - ok

10:24:10.0512 1936 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys

10:24:10.0528 1936 pcw - ok

10:24:10.0559 1936 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys

10:24:10.0622 1936 PEAUTH - ok

10:24:10.0700 1936 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe

10:24:10.0715 1936 PerfHost - ok

10:24:10.0746 1936 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys

10:24:10.0762 1936 PGEffect - ok

10:24:10.0856 1936 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\windows\system32\pla.dll

10:24:10.0918 1936 pla - ok

10:24:10.0965 1936 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\windows\system32\umpnpmgr.dll

10:24:10.0996 1936 PlugPlay - ok

10:24:11.0027 1936 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll

10:24:11.0043 1936 PNRPAutoReg - ok

10:24:11.0058 1936 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll

10:24:11.0074 1936 PNRPsvc - ok

10:24:11.0121 1936 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\windows\System32\ipsecsvc.dll

10:24:11.0168 1936 PolicyAgent - ok

10:24:11.0199 1936 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll

10:24:11.0246 1936 Power - ok

10:24:11.0292 1936 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\windows\system32\DRIVERS\raspptp.sys

10:24:11.0370 1936 PptpMiniport - ok

10:24:11.0386 1936 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys

10:24:11.0402 1936 Processor - ok

10:24:11.0417 1936 ProfSvc (97293447431311c06703368ad0f6c4be) C:\windows\system32\profsvc.dll

10:24:11.0464 1936 ProfSvc - ok

10:24:11.0480 1936 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe

10:24:11.0495 1936 ProtectedStorage - ok

10:24:11.0526 1936 Psched (ee992183bd8eaefd9973f352e587a299) C:\windows\system32\DRIVERS\pacer.sys

10:24:11.0573 1936 Psched - ok

10:24:11.0604 1936 QIOMem (c8fcb4899f8b70cc34e0d9876a80963c) C:\windows\system32\DRIVERS\QIOMem.sys

10:24:11.0620 1936 QIOMem - ok

10:24:11.0729 1936 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys

10:24:11.0776 1936 ql2300 - ok

10:24:11.0901 1936 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys

10:24:11.0932 1936 ql40xx - ok

10:24:11.0948 1936 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll

10:24:11.0979 1936 QWAVE - ok

10:24:11.0994 1936 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys

10:24:12.0010 1936 QWAVEdrv - ok

10:24:12.0026 1936 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys

10:24:12.0072 1936 RasAcd - ok

10:24:12.0088 1936 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys

10:24:12.0135 1936 RasAgileVpn - ok

10:24:12.0166 1936 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll

10:24:12.0213 1936 RasAuto - ok

10:24:12.0228 1936 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\windows\system32\DRIVERS\rasl2tp.sys

10:24:12.0275 1936 Rasl2tp - ok

10:24:12.0306 1936 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\windows\System32\rasmans.dll

10:24:12.0353 1936 RasMan - ok

10:24:12.0369 1936 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys

10:24:12.0416 1936 RasPppoe - ok

10:24:12.0416 1936 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys

10:24:12.0462 1936 RasSstp - ok

10:24:12.0478 1936 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\windows\system32\DRIVERS\rdbss.sys

10:24:12.0525 1936 rdbss - ok

10:24:12.0540 1936 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys

10:24:12.0556 1936 rdpbus - ok

10:24:12.0587 1936 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys

10:24:12.0618 1936 RDPCDD - ok

10:24:12.0634 1936 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys

10:24:12.0681 1936 RDPENCDD - ok

10:24:12.0681 1936 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys

10:24:12.0728 1936 RDPREFMP - ok

10:24:12.0759 1936 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\windows\system32\drivers\RDPWD.sys

10:24:12.0790 1936 RDPWD - ok

10:24:12.0821 1936 rdyboost (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\windows\system32\drivers\rdyboost.sys

10:24:12.0837 1936 rdyboost - ok

10:24:12.0868 1936 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll

10:24:12.0915 1936 RemoteAccess - ok

10:24:12.0946 1936 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll

10:24:12.0993 1936 RemoteRegistry - ok

10:24:13.0008 1936 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll

10:24:13.0055 1936 RpcEptMapper - ok

10:24:13.0071 1936 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe

10:24:13.0086 1936 RpcLocator - ok

10:24:13.0149 1936 RpcSs (7266972e86890e2b30c0c322e906b027) C:\windows\system32\rpcss.dll

10:24:13.0196 1936 RpcSs - ok

10:24:13.0227 1936 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys

10:24:13.0274 1936 rspndr - ok

10:24:13.0289 1936 RSUSBSTOR (3ceee53bbf8ba284ff44585cec0162fe) C:\windows\system32\Drivers\RtsUStor.sys

10:24:13.0305 1936 RSUSBSTOR - ok

10:24:13.0383 1936 rtl8192Ce (ffc748d848740d1bc8f330a8879c2674) C:\windows\system32\DRIVERS\rtl8192Ce.sys

10:24:13.0430 1936 rtl8192Ce - ok

10:24:13.0445 1936 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe

10:24:13.0461 1936 SamSs - ok

10:24:13.0492 1936 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\windows\system32\DRIVERS\sbp2port.sys

10:24:13.0508 1936 sbp2port - ok

10:24:13.0554 1936 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll

10:24:13.0601 1936 SCardSvr - ok

10:24:13.0617 1936 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\windows\system32\DRIVERS\scfilter.sys

10:24:13.0664 1936 scfilter - ok

10:24:13.0742 1936 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\windows\system32\schedsvc.dll

10:24:13.0804 1936 Schedule - ok

10:24:13.0835 1936 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\windows\System32\certprop.dll

10:24:13.0882 1936 SCPolicySvc - ok

10:24:13.0913 1936 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\windows\System32\SDRSVC.dll

10:24:13.0944 1936 SDRSVC - ok

10:24:13.0991 1936 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys

10:24:14.0054 1936 secdrv - ok

10:24:14.0069 1936 seclogon (463b386ebc70f98da5dff85f7e654346) C:\windows\system32\seclogon.dll

10:24:14.0116 1936 seclogon - ok

10:24:14.0132 1936 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll

10:24:14.0178 1936 SENS - ok

10:24:14.0178 1936 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll

10:24:14.0210 1936 SensrSvc - ok

10:24:14.0225 1936 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys

10:24:14.0241 1936 Serenum - ok

10:24:14.0256 1936 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys

10:24:14.0256 1936 Serial - ok

10:24:14.0272 1936 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys

10:24:14.0272 1936 sermouse - ok

10:24:14.0303 1936 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\windows\system32\sessenv.dll

10:24:14.0350 1936 SessionEnv - ok

10:24:14.0350 1936 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\DRIVERS\sffdisk.sys

10:24:14.0381 1936 sffdisk - ok

10:24:14.0397 1936 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\DRIVERS\sffp_mmc.sys

10:24:14.0412 1936 sffp_mmc - ok

10:24:14.0412 1936 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\windows\system32\DRIVERS\sffp_sd.sys

10:24:14.0428 1936 sffp_sd - ok

10:24:14.0428 1936 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys

10:24:14.0444 1936 sfloppy - ok

10:24:14.0490 1936 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll

10:24:14.0537 1936 SharedAccess - ok

10:24:14.0584 1936 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\windows\System32\shsvcs.dll

10:24:14.0615 1936 ShellHWDetection - ok

10:24:14.0631 1936 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys

10:24:14.0631 1936 SiSRaid2 - ok

10:24:14.0662 1936 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys

10:24:14.0678 1936 SiSRaid4 - ok

10:24:14.0709 1936 SkypeUpdate (f07af60b152221472fbdb2fecec4896d) C:\Program Files (x86)\Skype\Updater\Updater.exe

10:24:14.0724 1936 SkypeUpdate - ok

10:24:14.0740 1936 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys

10:24:14.0787 1936 Smb - ok

10:24:14.0818 1936 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe

10:24:14.0834 1936 SNMPTRAP - ok

10:24:14.0849 1936 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys

10:24:14.0865 1936 spldr - ok

10:24:14.0912 1936 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\windows\System32\spoolsv.exe

10:24:14.0943 1936 Spooler - ok

10:24:15.0161 1936 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\windows\system32\sppsvc.exe

10:24:15.0224 1936 sppsvc - ok

10:24:15.0317 1936 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll

10:24:15.0364 1936 sppuinotify - ok

10:24:15.0426 1936 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\windows\system32\DRIVERS\srv.sys

10:24:15.0458 1936 srv - ok

10:24:15.0489 1936 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\windows\system32\DRIVERS\srv2.sys

10:24:15.0520 1936 srv2 - ok

10:24:15.0551 1936 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\windows\system32\DRIVERS\VSTAZL6.SYS

10:24:15.0567 1936 SrvHsfHDA - ok

10:24:15.0660 1936 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\windows\system32\DRIVERS\VSTDPV6.SYS

10:24:15.0707 1936 SrvHsfV92 - ok

10:24:15.0863 1936 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\windows\system32\DRIVERS\VSTCNXT6.SYS

10:24:15.0894 1936 SrvHsfWinac - ok

10:24:15.0926 1936 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\windows\system32\DRIVERS\srvnet.sys

10:24:15.0941 1936 srvnet - ok

10:24:15.0972 1936 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll

10:24:16.0019 1936 SSDPSRV - ok

10:24:16.0035 1936 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll

10:24:16.0066 1936 SstpSvc - ok

10:24:16.0113 1936 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys

10:24:16.0113 1936 stexstor - ok

10:24:16.0175 1936 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\windows\System32\wiaservc.dll

10:24:16.0222 1936 stisvc - ok

10:24:16.0253 1936 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys

10:24:16.0253 1936 swenum - ok

10:24:16.0316 1936 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll

10:24:16.0362 1936 swprv - ok

10:24:16.0409 1936 SynTP (470c47daba9ca3966f0ab3f835d7d135) C:\windows\system32\DRIVERS\SynTP.sys

10:24:16.0425 1936 SynTP - ok

10:24:16.0581 1936 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\windows\system32\sysmain.dll

10:24:16.0628 1936 SysMain - ok

10:24:16.0784 1936 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\windows\System32\TabSvc.dll

10:24:16.0815 1936 TabletInputService - ok

10:24:16.0862 1936 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\windows\System32\tapisrv.dll

10:24:16.0908 1936 TapiSrv - ok

10:24:16.0924 1936 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll

10:24:16.0955 1936 TBS - ok

10:24:17.0111 1936 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\windows\system32\drivers\tcpip.sys

10:24:17.0158 1936 Tcpip - ok

10:24:17.0361 1936 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\windows\system32\DRIVERS\tcpip.sys

10:24:17.0408 1936 TCPIP6 - ok

10:24:17.0517 1936 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\windows\system32\drivers\tcpipreg.sys

10:24:17.0564 1936 tcpipreg - ok

10:24:17.0595 1936 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys

10:24:17.0610 1936 tdcmdpst - ok

10:24:17.0626 1936 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys

10:24:17.0642 1936 TDPIPE - ok

10:24:17.0673 1936 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\windows\system32\drivers\tdtcp.sys

10:24:17.0704 1936 TDTCP - ok

10:24:17.0720 1936 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\windows\system32\DRIVERS\tdx.sys

10:24:17.0766 1936 tdx - ok

10:24:17.0782 1936 TermDD (c448651339196c0e869a355171875522) C:\windows\system32\DRIVERS\termdd.sys

10:24:17.0813 1936 TermDD - ok

10:24:17.0876 1936 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\windows\System32\termsrv.dll

10:24:17.0938 1936 TermService - ok

10:24:17.0954 1936 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll

10:24:17.0969 1936 Themes - ok

10:24:18.0000 1936 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll

10:24:18.0047 1936 THREADORDER - ok

10:24:18.0110 1936 TMachInfo (28644b0523d64eff2fc7312a2ee74b0a) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

10:24:18.0125 1936 TMachInfo - ok

10:24:18.0156 1936 TODDSrv (ed32035bdfeced1ad66d459fd9cc1140) C:\Windows\system32\TODDSrv.exe

10:24:18.0172 1936 TODDSrv - ok

10:24:18.0266 1936 TosCoSrv (db9719688c08f42705feb3f6a0c98b91) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

10:24:18.0297 1936 TosCoSrv - ok

10:24:18.0344 1936 TOSHIBA eco Utility Service (bae96ad126f4eed4d361b092ba2e61fe) C:\Program Files\TOSHIBA\TECO\TecoService.exe

10:24:18.0359 1936 TOSHIBA eco Utility Service ( UnsignedFile.Multi.Generic ) - warning

10:24:18.0359 1936 TOSHIBA eco Utility Service - detected UnsignedFile.Multi.Generic (1)

10:24:18.0406 1936 TOSHIBA HDD SSD Alert Service (74c2fa8c3765ee71a9c22182ec108457) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

10:24:18.0422 1936 TOSHIBA HDD SSD Alert Service - ok

10:24:18.0500 1936 TPCHSrv (97687d094aa597da366e1194b218cc6c) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

10:24:18.0531 1936 TPCHSrv - ok

10:24:18.0640 1936 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll

10:24:18.0702 1936 TrkWks - ok

10:24:18.0765 1936 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\windows\servicing\TrustedInstaller.exe

10:24:18.0796 1936 TrustedInstaller - ok

10:24:18.0827 1936 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\windows\system32\DRIVERS\tssecsrv.sys

10:24:18.0874 1936 tssecsrv - ok

10:24:18.0874 1936 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\windows\system32\DRIVERS\tunnel.sys

10:24:18.0921 1936 tunnel - ok

10:24:18.0936 1936 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS

10:24:18.0952 1936 TVALZ - ok

10:24:18.0968 1936 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys

10:24:18.0968 1936 TVALZFL - ok

10:24:18.0983 1936 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys

10:24:18.0999 1936 uagp35 - ok

10:24:19.0030 1936 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\windows\system32\DRIVERS\udfs.sys

10:24:19.0077 1936 udfs - ok

10:24:19.0092 1936 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe

10:24:19.0108 1936 UI0Detect - ok

10:24:19.0108 1936 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\DRIVERS\uliagpkx.sys

10:24:19.0124 1936 uliagpkx - ok

10:24:19.0139 1936 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\windows\system32\DRIVERS\umbus.sys

10:24:19.0155 1936 umbus - ok

10:24:19.0155 1936 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys

10:24:19.0170 1936 UmPass - ok

10:24:19.0373 1936 UNS (7466809e6da561d60c2f1ce8ede3c73f) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

10:24:19.0420 1936 UNS - ok

10:24:19.0545 1936 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll

10:24:19.0607 1936 upnphost - ok

10:24:19.0654 1936 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\windows\system32\drivers\usbaudio.sys

10:24:19.0685 1936 usbaudio - ok

10:24:19.0716 1936 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\windows\system32\DRIVERS\usbccgp.sys

10:24:19.0748 1936 usbccgp - ok

10:24:19.0779 1936 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\DRIVERS\usbcir.sys

10:24:19.0794 1936 usbcir - ok

10:24:19.0810 1936 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\windows\system32\drivers\usbehci.sys

10:24:19.0826 1936 usbehci - ok

10:24:19.0841 1936 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\windows\system32\DRIVERS\usbhub.sys

10:24:19.0857 1936 usbhub - ok

10:24:19.0888 1936 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\windows\system32\drivers\usbohci.sys

10:24:19.0904 1936 usbohci - ok

10:24:19.0919 1936 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys

10:24:19.0935 1936 usbprint - ok

10:24:19.0982 1936 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys

10:24:19.0997 1936 usbscan - ok

10:24:20.0028 1936 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\windows\system32\DRIVERS\USBSTOR.SYS

10:24:20.0060 1936 USBSTOR - ok

10:24:20.0075 1936 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\windows\system32\drivers\usbuhci.sys

10:24:20.0091 1936 usbuhci - ok

10:24:20.0138 1936 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\windows\System32\Drivers\usbvideo.sys

10:24:20.0169 1936 usbvideo - ok

10:24:20.0200 1936 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll

10:24:20.0247 1936 UxSms - ok

10:24:20.0278 1936 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe

10:24:20.0294 1936 VaultSvc - ok

10:24:20.0325 1936 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\DRIVERS\vdrvroot.sys

10:24:20.0340 1936 vdrvroot - ok

10:24:20.0403 1936 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\windows\System32\vds.exe

10:24:20.0434 1936 vds - ok

10:24:20.0450 1936 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys

10:24:20.0465 1936 vga - ok

10:24:20.0496 1936 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys

10:24:20.0528 1936 VgaSave - ok

10:24:20.0590 1936 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\windows\system32\DRIVERS\vhdmp.sys

10:24:20.0606 1936 vhdmp - ok

10:24:20.0621 1936 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\DRIVERS\viaide.sys

10:24:20.0637 1936 viaide - ok

10:24:20.0652 1936 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\windows\system32\DRIVERS\volmgr.sys

10:24:20.0668 1936 volmgr - ok

10:24:20.0699 1936 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\windows\system32\drivers\volmgrx.sys

10:24:20.0715 1936 volmgrx - ok

10:24:20.0762 1936 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\windows\system32\DRIVERS\volsnap.sys

10:24:20.0777 1936 volsnap - ok

10:24:20.0793 1936 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys

10:24:20.0808 1936 vsmraid - ok

10:24:20.0933 1936 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\windows\system32\vssvc.exe

10:24:20.0996 1936 VSS - ok

10:24:21.0105 1936 vToolbarUpdater12.1.5 (3da649c6ec481d8f36b54f33fc01dd1e) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe

10:24:21.0136 1936 vToolbarUpdater12.1.5 - ok

10:24:21.0230 1936 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys

10:24:21.0261 1936 vwifibus - ok

10:24:21.0276 1936 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys

10:24:21.0292 1936 vwififlt - ok

10:24:21.0339 1936 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll

10:24:21.0386 1936 W32Time - ok

10:24:21.0401 1936 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys

10:24:21.0417 1936 WacomPen - ok

10:24:21.0432 1936 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys

10:24:21.0479 1936 WANARP - ok

10:24:21.0479 1936 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys

10:24:21.0526 1936 Wanarpv6 - ok

10:24:21.0620 1936 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe

10:24:21.0682 1936 WatAdminSvc - ok

10:24:21.0791 1936 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\windows\system32\wbengine.exe

10:24:21.0838 1936 wbengine - ok

10:24:21.0963 1936 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll

10:24:21.0994 1936 WbioSrvc - ok

10:24:22.0041 1936 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\windows\System32\wcncsvc.dll

10:24:22.0056 1936 wcncsvc - ok

10:24:22.0088 1936 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll

10:24:22.0119 1936 WcsPlugInService - ok

10:24:22.0150 1936 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys

10:24:22.0166 1936 Wd - ok

10:24:22.0197 1936 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys

10:24:22.0228 1936 Wdf01000 - ok

10:24:22.0259 1936 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll

10:24:22.0275 1936 WdiServiceHost - ok

10:24:22.0290 1936 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll

10:24:22.0306 1936 WdiSystemHost - ok

10:24:22.0337 1936 WebClient (733006127f235be7c35354ebee7b9a7b) C:\windows\System32\webclnt.dll

10:24:22.0368 1936 WebClient - ok

10:24:22.0400 1936 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll

10:24:22.0462 1936 Wecsvc - ok

10:24:22.0462 1936 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll

10:24:22.0509 1936 wercplsupport - ok

10:24:22.0509 1936 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll

10:24:22.0556 1936 WerSvc - ok

10:24:22.0602 1936 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys

10:24:22.0649 1936 WfpLwf - ok

10:24:22.0665 1936 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys

10:24:22.0680 1936 WIMMount - ok

10:24:22.0712 1936 WinDefend - ok

10:24:22.0712 1936 WinHttpAutoProxySvc - ok

10:24:22.0774 1936 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll

10:24:22.0836 1936 Winmgmt - ok

10:24:22.0961 1936 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\windows\system32\WsmSvc.dll

10:24:23.0039 1936 WinRM - ok

10:24:23.0148 1936 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\windows\system32\DRIVERS\WinUsb.sys

10:24:23.0180 1936 WinUsb - ok

10:24:23.0242 1936 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll

10:24:23.0273 1936 Wlansvc - ok

10:24:23.0336 1936 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

10:24:23.0351 1936 wlcrasvc - ok

10:24:23.0507 1936 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

10:24:23.0570 1936 wlidsvc - ok

10:24:23.0679 1936 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys

10:24:23.0694 1936 WmiAcpi - ok

10:24:23.0772 1936 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe

10:24:23.0804 1936 wmiApSrv - ok

10:24:23.0835 1936 WMPNetworkSvc - ok

10:24:23.0850 1936 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll

10:24:23.0882 1936 WPCSvc - ok

10:24:23.0913 1936 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\windows\system32\wpdbusenum.dll

10:24:23.0928 1936 WPDBusEnum - ok

10:24:23.0944 1936 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys

10:24:23.0991 1936 ws2ifsl - ok

10:24:24.0006 1936 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\windows\System32\wscsvc.dll

10:24:24.0038 1936 wscsvc - ok

10:24:24.0038 1936 WSearch - ok

10:24:24.0194 1936 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\windows\system32\wuaueng.dll

10:24:24.0256 1936 wuauserv - ok

10:24:24.0365 1936 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\windows\system32\drivers\WudfPf.sys

10:24:24.0428 1936 WudfPf - ok

10:24:24.0443 1936 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\windows\system32\DRIVERS\WUDFRd.sys

10:24:24.0490 1936 WUDFRd - ok

10:24:24.0521 1936 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\windows\System32\WUDFSvc.dll

10:24:24.0568 1936 wudfsvc - ok

10:24:24.0584 1936 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll

10:24:24.0599 1936 WwanSvc - ok

10:24:24.0630 1936 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0

10:24:25.0332 1936 \Device\Harddisk0\DR0 - ok

10:24:25.0348 1936 Boot (0x1200) (dafa8d81702cdb9f083e9219c17a720d) \Device\Harddisk0\DR0\Partition0

10:24:25.0364 1936 \Device\Harddisk0\DR0\Partition0 - ok

10:24:25.0364 1936 ============================================================

10:24:25.0364 1936 Scan finished

10:24:25.0364 1936 ============================================================

10:24:25.0364 4576 Detected object count: 2

10:24:25.0364 4576 Actual detected object count: 2

10:25:58.0482 4576 C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe - copied to quarantine

10:25:58.0498 4576 HKLM\SYSTEM\ControlSet001\services\IDriverT - will be deleted on reboot

10:25:58.0544 4576 HKLM\SYSTEM\ControlSet002\services\IDriverT - will be deleted on reboot

10:25:58.0732 4576 C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe - will be deleted on reboot

10:25:58.0732 4576 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Delete

10:25:58.0841 4576 C:\Program Files\TOSHIBA\TECO\TecoService.exe - copied to quarantine

10:25:58.0841 4576 HKLM\SYSTEM\ControlSet001\services\TOSHIBA eco Utility Service - will be deleted on reboot

10:25:58.0872 4576 HKLM\SYSTEM\ControlSet002\services\TOSHIBA eco Utility Service - will be deleted on reboot

10:25:58.0872 4576 C:\Program Files\TOSHIBA\TECO\TecoService.exe - will be deleted on reboot

10:25:58.0872 4576 TOSHIBA eco Utility Service ( UnsignedFile.Multi.Generic ) - User select action: Delete

10:26:14.0706 3224 Deinitialize success

my only concern right now is for the "TOSHIBA eco Utility Service" which was deleted. I fear that might have been a legitimate program.

thanks alot. I will post again soon

Link to post
Share on other sites

2 RKreports were created after the last step. I'm posting the most recent

RogueKiller V7.6.6 [08/10/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7600 ) 64 bits version

Started in : Normal mode

User: Victor [Admin rights]

Mode: Remove -- Date: 08/12/2012 10:36:26

¤¤¤ Bad processes: 1 ¤¤¤

[sUSP PATH] visicom_antiphishing.exe -- C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe -> KILLED [TermProc]

¤¤¤ Registry Entries: 8 ¤¤¤

[sUSP PATH] HKLM\[...]\Wow6432Node\Run : Anti-phishing Domain Advisor ("C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe") -> DELETED

[sUSP PATH] RGames Updater.job @ : C:\Users\Work\AppData\Local\RivalGaming\Updater.exe -> DELETED

[sUSP PATH] RGames Updater.job @ : C:\Users\Work\AppData\Local\RivalGaming\Updater.exe -> DELETED

[sUSP PATH] DesktopVideoPlayer.lnk @Work : C:\Users\Work\AppData\Local\vghd\bin\vghd.exe -> DELETED

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

[HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0)

[HJ] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK5065GSXN +++++

--- User ---

[MBR] f2e70c56f5b165a2ac0e0af253223bfd

[bSP] 0013612b643f43c1e16d704f4517ab9c : Windows Vista MBR Code

Partition table:

0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 463437 Mo

2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 952193024 | Size: 12002 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[3].txt >>

RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

Link to post
Share on other sites

OK. Let's follow up with this:

Download and Save McAfee Stinger to your Desktop

http://www.mcafee.com/us/downloads/free-tools/stinger.aspx

Close all browsers before starting. Disable your antivirus program and anti-malware,if any.

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

On Windows 7 & Vista systems, Right Click stinger-icon.gif and select Run as Administrator.

On XP, double-click to start it.

The GUI interface will look like this

stinger2.png

The C drive is the default for scanning.

Press the Preferences button. In the top right-block "On virus detection", click Rename

In the bottom block "Heuristic network check for suspicious files" select High

Click the Scan Now button.

When done, use the File menu and select Save report to file

Stinger.txt is the log report and will be saved to your Desktop. I will need a copy of that log.

Stinger is a standalone utility used to detect and remove specific malware. It is not a full scan for all types of malware or viruses.

It is not intended as virus protection.

MBAM update & Full scan

Save and close any work documents, close any apps that you started.

Start your MBAM MalwareBytes' Anti-Malware.

Click the Settings Tab and then the General Settings sub-tab. Make sure all option lines have a checkmark.

Then click the Scanner settings sub-tab in second row of tabs. Make sure all option lines have a checkmark.

Next, Click the Update tab. Press the "Check for Updates" button.

If prompted for a Restart, do that.

When done, click the Scanner tab.

Do a Full Scan.

When the scan is complete, click OK, then Show Results to view the results.

Make sure that everything is checked, and click Remove Selected.

When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.

The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

When all done, RE-Enable your anti-virus program.

Post copy of contents of last MBAM scan log for review. So that is two logs I need from you.

And tell me, How is the system now :excl:

Link to post
Share on other sites

Stinger log:

McAfee® Labs Stinger™ Version 10.2.0.735 built on Aug 10 2012

Copyright © 2012 McAfee, Inc. All Rights Reserved.

Virus data file v1000.0000 created on Aug 10 2012.

Ready to scan for 4827 viruses, trojans and variants.

Scan initiated on Sun Aug 12 11:06:49 2012

Rootkit scan result : Not Scanned

Master Boot Record(s):....1

Possibly Infected:.............0

Boot Sector(s):.................1

Possibly Infected: ............0

Number of clean files: 18120

MBAM log:

Malwarebytes Anti-Malware (PRO) 1.62.0.1300

www.malwarebytes.org

Database version: v2012.08.12.04

Windows 7 x64 NTFS

Internet Explorer 9.0.8112.16421

Victor :: VICTOR-PC [administrator]

Protection: Enabled

8/12/2012 11:14:11 AM

mbam-log-2012-08-12 (11-14-11).txt

Scan type: Full scan (C:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 475952

Time elapsed: 46 minute(s), 25 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

THANKS SO MUCH FOR THE HELP!

So far so good. I will post again soon with another report after I've been using my computer for a few hours. Again though, my only concern right now is the Toshiba eco Utility Service, which gives me an error message when I start the computer. But of course, that's not really a big deal :)

Link to post
Share on other sites

Please download SystemLook from one of the links below and save it to your Desktop.

Download Mirror #1

Download Mirror #2

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    :filefind
    *TecoService*


  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

Link to post
Share on other sites

Hi Maurice,

SystemLook log:

SystemLook 30.07.11 by jpshortstuff

Log created at 21:17 on 12/08/2012 by Victor

Administrator - Elevation successful

WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

========== filefind ==========

Searching for "*TecoService*"

No files found.

-= EOF =-

Link to post
Share on other sites

Humh.... tecoservice not found.....you may need to get with Toshiba support on that. See if they can help you to get it back.

Need some additional reports on your system.

Step 1

Download Security Check by screen317 from here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Step 2

Download >> Farbar's Service Scanner utility << and Save to your Desktop.

If using Windows 7 or Vista, Right-Click on fss.exe and select Run As Admisnitrator.

If using XP, double-click to start.

Answer Yes to ok when prompted.

If your firewall then puts out a prompt, again, allow it to run.

Once FSS is on-screen, be sure the following items are checkmarked:

  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center/Action Center
  • Windows Update
  • Windows Defender

Click on "Scan".

It will create a log (FSS.txt) in the same directory the tool is run.

Copy & Paste contents of FSS.txt into your reply.

3

Is the mydomainadvisor issue long gone ?

How is the system now as compared to your original issue ?

Step 4

Download DDS and save it to your desktop from http://www.techsupportforum.com/sectools/sUBs/dds here

or http://download.bleepingcomputer.com/sUBs/dds.scr or

http://www.forospyware.com/sUBs/dds

Disable any script blocker if your antivirus/antimalware has it.

Then double click dds.scr to run the tool.

DDS will run in a command prompt window and will take 3 to 4 minutes or so.

  • When done, DDS will open two (2) logs:
  • DDS.txt
  • Attach.txt
  • Save both reports to your desktop.

Please Copy & Paste contents of the following logs in your next reply:

DDS.txt

Attach.txt

Edited by Maurice Naggar
added DDS
Link to post
Share on other sites

Hi Maurice,

As always, thanks for your help. I haven’t had a chance to post in awhile because I normally work during the week, and I’m not on my computer very often until the weekend. I just found your latest instructions though, and followed them.

As for whether or not the domainadvisor issue is long gone, I still can’t give you a definitive yes. I thought last Sunday it was gone, as I was no longer being redirected, but my laptop is acting…..funny now. It won’t stay powered on, even though the AC adaptor is plugged in. I’m not experiencing any power surges or problems with my power, and there’s not issue with the laptop batter because I normally don’t keep it in the laptop when it’s plugged into the wall. I never had any problems with my computer suddenly shutting down by itself until I got this virus, so I find it too much of a coincidence to be a power issue/AC adaptor issue. For this reason, I still think it’s a virus issue that’s causing my laptop to suddenly shutdown by itself at random times (literally, it’ll shut down after 10 minutes sometimes, other times it’ll work fine for 5 HOURS before shutting down), but I really don’t know. I could just have enormously bad luck, and the same time I got the domainadvisor virus, my AC adapter could’ve gotten a problem sending power to my laptop.

Anyway, here are the latest logs you’ve requested. Thanks again

From the Security check:

Results of screen317's Security Check version 0.99.44

Windows 7 x64 (UAC is enabled)

Out of date service pack!!

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

WMI entry may not exist for antivirus; attempting automatic update.

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware version 1.62.0.1300

JavaFX 2.1.1

Java 6 Update 17

Java 7 Update 5

Java version out of Date!

Adobe Flash Player 10 Flash Player out of Date!

Adobe Reader X 10.1.3 Adobe Reader out of Date!

Mozilla Firefox (14.0.1)

````````Process Check: objlist.exe by Laurent````````

Norton ccSvcHst.exe

Malwarebytes Anti-Malware mbamservice.exe

Malwarebytes Anti-Malware mbamgui.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 0%

````````````````````End of Log``````````````````````

From the FSS log:

Farbar Service Scanner Version: 06-08-2012

Ran by Victor (administrator) on 16-08-2012 at 22:20:48

Running from "C:\Users\Victor\Desktop"

Microsoft Windows 7 Home Premium (X64)

Boot Mode: Normal

****************************************************************

Internet Services:

============

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Yahoo IP is accessible.

Yahoo.com is accessible.

Windows Firewall:

=============

Firewall Disabled Policy:

==================

System Restore:

============

System Restore Disabled Policy:

========================

Action Center:

============

Windows Update:

============

Windows Autoupdate Disabled Policy:

============================

Windows Defender:

==============

Other Services:

==============

File Check:

========

C:\Windows\System32\nsisvc.dll => MD5 is legit

C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit

C:\Windows\System32\dhcpcore.dll => MD5 is legit

C:\Windows\System32\drivers\afd.sys

[2012-07-27 12:18] - [2011-12-27 23:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E

C:\Windows\System32\drivers\tdx.sys => MD5 is legit

C:\Windows\System32\Drivers\tcpip.sys

[2012-07-27 12:18] - [2012-03-30 07:09] - 1895280 ____A (Microsoft Corporation) 624C5B3AA4C99B3184BB922D9ECE3FF0

C:\Windows\System32\dnsrslvr.dll => MD5 is legit

C:\Windows\System32\mpssvc.dll

[2009-07-13 20:09] - [2009-07-13 21:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit

C:\Windows\System32\SDRSVC.dll

[2009-07-13 19:36] - [2009-07-13 21:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit

C:\Windows\System32\wscsvc.dll => MD5 is legit

C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit

C:\Windows\System32\wuaueng.dll => MD5 is legit

C:\Windows\System32\qmgr.dll => MD5 is legit

C:\Windows\System32\es.dll => MD5 is legit

C:\Windows\System32\cryptsvc.dll

[2012-07-27 12:18] - [2012-04-24 01:59] - 0182272 ____A (Microsoft Corporation) F02786B66375292E58C8777082D4396D

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

Here are the two logs created by DDS

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1

Run by Victor at 22:22:40 on 2012-08-16

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3894.2144 [GMT -4:00]

.

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\SymcPCCULaunchSvc.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\ccSvcHst.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\TODDSrv.exe

C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\windows\system32\taskhost.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\ccSvcHst.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

C:\windows\system32\igfxsrvc.exe

C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe

C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe

C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe

C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe

C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\windows\system32\igfxext.exe

C:\windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\windows\System32\svchost.exe -k secsvcs

C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe

C:\windows\system32\wuauclt.exe

C:\windows\system32\svchost.exe -k defragsvc

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe

C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe

C:\windows\SysWOW64\notepad.exe

C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE

C:\windows\splwow64.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\system32\svchost.exe -k SDRSVC

C:\windows\system32\vssvc.exe

C:\windows\SysWOW64\notepad.exe

C:\windows\System32\svchost.exe -k swprv

C:\windows\servicing\TrustedInstaller.exe

C:\windows\system32\SearchProtocolHost.exe

C:\windows\system32\wuauclt.exe

C:\windows\system32\SearchFilterHost.exe

C:\windows\SoftwareDistribution\Download\Install\mpas-d_bd_1.131.1768.0.exe

c:\48e36c7152e01b6f9b\MpMiniSigStub.exe

C:\windows\system32\MpSigStub.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\system32\DllHost.exe

C:\windows\system32\DllHost.exe

C:\windows\SysWOW64\cmd.exe

C:\windows\system32\conhost.exe

C:\windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://start.toshiba.com/g/

uDefault_Page_URL = hxxp://start.toshiba.com/g/

uInternet Settings,ProxyOverride = <local>

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: RivalGaming Games: {26d675ac-d925-4bbf-a720-62c2aa4a81eb} - C:\Users\Work\AppData\Local\RivalGaming\RivalGaming.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll

BHO: WeCareReminder Class: {d824f0de-3d60-4f57-9eb1-66033ecd8abb} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

BHO: TOSHIBA Media Controller Plug-in: {f3c88694-effa-4d78-b409-54b7b2535b14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll

TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

uRun: [googletalk] C:\Users\Victor\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart

uRunOnce: [FlashPlayerUpdate] C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_268_Plugin.exe -update plugin

mRun: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"

mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60

mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{14EABF20-F0D0-4C39-AEE4-8011AC8DBA70} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{14EABF20-F0D0-4C39-AEE4-8011AC8DBA70}\25544454F51424F5F4 : DhcpNameServer = 192.168.42.1 192.168.100.1 8.8.8.8

TCP: Interfaces\{14EABF20-F0D0-4C39-AEE4-8011AC8DBA70}\453435 : DhcpNameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{14EABF20-F0D0-4C39-AEE4-8011AC8DBA70}\74D423 : DhcpNameServer = 200.222.145.86 200.165.132.148 192.168.0.1

TCP: Interfaces\{14EABF20-F0D0-4C39-AEE4-8011AC8DBA70}\96E63796768647F577966696F503930303 : DhcpNameServer = 192.168.2.1 209.18.47.61 209.18.47.62

TCP: Interfaces\{19B60485-C4A3-4538-94A8-EA2FA468DC7C} : DhcpNameServer = 209.18.47.61 209.18.47.62

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.1.5\ViProtocol.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: RivalGaming Games: {26D675AC-D925-4bbf-A720-62C2AA4A81EB} - C:\Users\Work\AppData\Local\RivalGaming\RivalGaming.dll

BHO-X64: RivalGaming Games - No File

BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll

BHO-X64: WeCareReminder Class: {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll

BHO-X64: WeCareReminder - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

BHO-X64: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll

TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

mRun-x64: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"

mRun-x64: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60

mRun-x64: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Victor\AppData\Roaming\Mozilla\Firefox\Profiles\034wfyfp.default\

FF - prefs.js: browser.startup.homepage - www.asiafinest.com

FF - prefs.js: keyword.URL - hxxps://isearch.avg.com/search?cid=%7Bcb0ca02d-7115-4e6a-8ed3-4eb5babde760%7D&mid=863ffc3fce5847d0ab0cb1a22f153dfb-1f6330eb42dd8974cb1bd46fd9b683e109e7d073&ds=gf011&v=12.1.0.21〈=en&pr=sa&d=2012-07-27%2020%3A16%3A39&sap=ku&q=

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.1.5\npsitesafety.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll

FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\windows\SysWOW64\npmproxy.dll

.

============= SERVICES / DRIVERS ===============

.

R1 avgtp;avgtp;\??\C:\windows\system32\drivers\avgtpx64.sys --> C:\windows\system32\drivers\avgtpx64.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-27 655944]

R2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\SymcPCCULaunchSvc.exe [2012-7-27 115056]

R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\ccSvcHst.exe [2012-7-27 126392]

R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\system32\DRIVERS\TVALZFL.sys --> C:\windows\system32\DRIVERS\TVALZFL.sys [?]

R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-7-27 2320920]

R2 vToolbarUpdater12.1.5;vToolbarUpdater12.1.5;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe [2012-7-27 830048]

R3 HECIx64;Intel® Management Engine Interface;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?]

R3 Impcd;Impcd;C:\windows\system32\DRIVERS\Impcd.sys --> C:\windows\system32\DRIVERS\Impcd.sys [?]

R3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service;C:\windows\system32\DRIVERS\InputFilter_FlexDef2b.sys --> C:\windows\system32\DRIVERS\InputFilter_FlexDef2b.sys [?]

R3 IntcDAud;Intel® Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys --> C:\windows\system32\DRIVERS\IntcDAud.sys [?]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\system32\DRIVERS\L1C62x64.sys --> C:\windows\system32\DRIVERS\L1C62x64.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\windows\system32\drivers\mbam.sys --> C:\windows\system32\drivers\mbam.sys [?]

R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys --> C:\windows\system32\DRIVERS\pgeffect.sys [?]

R3 QIOMem;Generic IO & Memory Access;C:\windows\system32\DRIVERS\QIOMem.sys --> C:\windows\system32\DRIVERS\QIOMem.sys [?]

R3 rtl8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\system32\DRIVERS\rtl8192Ce.sys --> C:\windows\system32\DRIVERS\rtl8192Ce.sys [?]

R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2012-7-27 51512]

R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]

R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-2-23 835952]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-15 136176]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-15 136176]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-7-27 113120]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUStor.sys --> C:\windows\system32\Drivers\RtsUStor.sys [?]

S3 SrvHsfHDA;SrvHsfHDA;C:\windows\system32\DRIVERS\VSTAZL6.SYS --> C:\windows\system32\DRIVERS\VSTAZL6.SYS [?]

S3 SrvHsfV92;SrvHsfV92;C:\windows\system32\DRIVERS\VSTDPV6.SYS --> C:\windows\system32\DRIVERS\VSTDPV6.SYS [?]

S3 SrvHsfWinac;SrvHsfWinac;C:\windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\windows\system32\DRIVERS\VSTCNXT6.SYS [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2012-08-17 02:22:15 -------- d-----w- C:\48e36c7152e01b6f9b

2012-08-12 15:06:54 16200 ----a-w- C:\windows\stinger.sys

2012-08-12 15:06:03 -------- d-----w- C:\Program Files (x86)\stinger

2012-08-12 13:31:12 -------- d-----w- C:\TDSSKiller_Quarantine

2012-08-12 13:08:23 9133488 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C9113FFC-AE71-4D0D-8BAC-A10EA7A14272}\mpengine.dll

2012-08-04 20:44:39 -------- d-----w- C:\Users\Victor\AppData\Roaming\Tific

2012-08-04 20:44:39 -------- d-----w- C:\Users\Victor\AppData\Local\Tific

2012-08-04 04:49:55 -------- d-----w- C:\Users\Victor\AppData\Local\Diagnostics

2012-07-31 12:11:29 9133488 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

2012-07-30 15:23:29 82944 ----a-w- C:\windows\System32\Spool\prtprocs\x64\CNMPP9H.DLL

2012-07-30 15:23:29 27648 ----a-w- C:\windows\System32\Spool\prtprocs\x64\CNMPD9H.DLL

2012-07-30 15:22:58 279040 ----a-w- C:\windows\System32\CNMLM9H.DLL

2012-07-30 05:26:11 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared

2012-07-30 05:25:59 499712 ----a-w- C:\windows\SysWow64\msvcp71.dll

2012-07-30 05:25:59 348160 ----a-w- C:\windows\SysWow64\msvcr71.dll

2012-07-30 00:49:10 163048 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10141.bin

2012-07-28 23:53:46 -------- d-----w- C:\Users\Victor\AppData\Roaming\AnvSoft

2012-07-28 23:43:42 -------- d-----w- C:\Program Files (x86)\AnvSoft

2012-07-28 21:44:58 -------- d-----w- C:\Users\Victor\AppData\Roaming\Collaborate

2012-07-28 21:44:48 -------- d-----w- C:\Users\Victor\AppData\Roaming\Blackboard

2012-07-28 21:38:33 -------- d-----w- C:\Users\Victor\AppData\Local\Microsoft Games

2012-07-28 21:04:57 -------- d-----w- C:\Users\Victor\AppData\Local\Macromedia

2012-07-28 21:01:14 70344 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-07-28 21:01:14 426184 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe

2012-07-28 20:55:18 -------- d-----w- C:\Users\Victor\AppData\Local\Adobe

2012-07-28 06:41:29 -------- d-----w- C:\Program Files (x86)\VideoLAN

2012-07-28 06:41:12 33958 ----a-w- C:\ProgramData\uninstaller.exe

2012-07-28 06:41:10 -------- d-----w- C:\ProgramData\WeCareReminder

2012-07-28 06:40:55 -------- d-----w- C:\Program Files (x86)\Funmoods

2012-07-28 04:51:42 -------- d-----w- C:\Users\Victor\AppData\Roaming\.ZMatrix

2012-07-28 04:51:38 -------- d-----w- C:\Program Files (x86)\ZMatrix

2012-07-28 04:50:02 -------- d-----w- C:\ProgramData\blekko toolbars

2012-07-28 04:49:48 -------- d-----w- C:\Users\Victor\AppData\Local\blekkotb_031

2012-07-28 04:49:48 -------- d-----w- C:\ProgramData\Anti-phishing Domain Advisor

2012-07-28 01:15:03 -------- d-----w- C:\Users\Victor\OPEN ENGLISH

2012-07-28 01:15:03 -------- d-----w- C:\Users\Victor\NEW stuff

2012-07-28 00:26:33 -------- d-----w- C:\Program Files (x86)\DVD Shrink

2012-07-28 00:26:22 -------- d-----w- C:\Program Files (x86)\Oracle

2012-07-28 00:25:25 772544 ----a-w- C:\windows\SysWow64\npDeployJava1.dll

2012-07-28 00:25:25 687544 ----a-w- C:\windows\SysWow64\deployJava1.dll

2012-07-28 00:19:54 -------- d-----w- C:\ProgramData\MagicSoftware

2012-07-28 00:19:46 -------- d-----w- C:\Users\Victor\AppData\Local\MagicSoftware

2012-07-28 00:19:45 -------- d-----w- C:\Program Files (x86)\MagicDVDRipper

2012-07-28 00:16:52 -------- d-----w- C:\Users\Victor\AppData\Local\AVG Secure Search

2012-07-28 00:16:46 -------- d-----w- C:\ProgramData\AVG Secure Search

2012-07-28 00:16:46 -------- d-----w- C:\Program Files (x86)\BurnAware Free

2012-07-28 00:16:39 31080 ----a-w- C:\windows\System32\drivers\avgtpx64.sys

2012-07-28 00:16:37 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search

2012-07-28 00:16:37 -------- d-----w- C:\Program Files (x86)\AVG Secure Search

2012-07-28 00:15:21 -------- d--h--w- C:\ProgramData\Common Files

2012-07-28 00:14:15 -------- d-----w- C:\Program Files (x86)\Microsoft ActiveSync

2012-07-28 00:10:32 -------- d-----w- C:\Users\Victor\AppData\Roaming\Malwarebytes

2012-07-28 00:10:24 -------- d-----w- C:\ProgramData\Malwarebytes

2012-07-28 00:10:23 24904 ----a-w- C:\windows\System32\drivers\mbam.sys

2012-07-28 00:10:23 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-07-28 00:00:22 -------- d-----r- C:\Program Files (x86)\Skype

2012-07-27 23:53:16 -------- d-----w- C:\Users\Victor\AppData\Local\Mozilla

2012-07-27 21:37:28 -------- d-----w- C:\ProgramData\WildTangent

2012-07-27 21:37:28 -------- d-----w- C:\Program Files (x86)\TOSHIBA Games

2012-07-27 21:31:04 35008 ----a-w- C:\windows\System32\drivers\PGEffect.sys

2012-07-27 21:27:30 24576 ----a-w- C:\windows\SysWow64\TSCI.dll

2012-07-27 21:27:30 24576 ----a-w- C:\windows\SysWow64\THCI.dll

2012-07-27 21:26:06 -------- d-----w- C:\Program Files (x86)\Realtek WLAN Driver

2012-07-27 21:25:58 -------- d-----w- C:\Program Files (x86)\Cisco

2012-07-27 21:24:50 -------- d-----w- C:\windows\SysWow64\Atheros_L1e

2012-07-27 21:24:34 -------- d-----w- C:\Program Files\Synaptics

2012-07-27 21:24:18 8038944 ----a-w- C:\windows\System32\RTSUSTORicon.dll

2012-07-27 21:24:10 8038944 ----a-w- C:\windows\SysWow64\RtsUStoricon.dll

2012-07-27 21:24:10 422432 ----a-w- C:\windows\System32\RtsUStor.dll

2012-07-27 21:24:10 239136 ----a-w- C:\windows\System32\drivers\RtsUStor.sys

2012-07-27 21:24:10 -------- d-----w- C:\Program Files (x86)\Realtek

2012-07-27 21:22:04 -------- d-----w- C:\Program Files\CONEXANT

2012-07-27 21:19:54 540696 ----a-w- C:\windows\System32\drivers\iaStor.sys

2012-07-27 21:16:43 -------- d-----w- C:\Intel

2012-07-27 21:16:13 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent

2012-07-27 18:46:48 279656 ------w- C:\windows\System32\MpSigStub.exe

2012-07-27 18:44:30 -------- d--h--w- C:\windows\msdownld.tmp

2012-07-27 18:41:50 -------- d-----w- C:\windows\System32\drivers\NortonPCCheckupx64\0200050.03C

2012-07-27 18:41:50 -------- d-----w- C:\windows\System32\drivers\NortonPCCheckupx64

2012-07-27 18:41:49 -------- d-----w- C:\ProgramData\Norton

2012-07-27 18:41:49 -------- d-----w- C:\Program Files (x86)\Norton PC Checkup

2012-07-27 18:41:46 -------- d-----w- C:\ProgramData\NortonInstaller

2012-07-27 18:41:46 -------- d-----w- C:\Program Files (x86)\NortonInstaller

2012-07-27 18:41:39 -------- d-----w- C:\Program Files (x86)\Toshiba Online Backup

2012-07-27 18:41:19 -------- d-----w- C:\Program Files (x86)\TOSHIBA Corporation

2012-07-27 17:19:44 -------- d-----w- C:\bb09752b29c2c2eb4dcd8ecb

2012-07-27 17:11:53 -------- d-----w- C:\a80f1e2482abe34001

2012-07-27 17:09:42 -------- d-----w- C:\Users\Victor\AppData\Local\WindowsUpdate

2012-07-27 17:08:54 -------- d-----w- C:\Users\Victor\AppData\Local\Google

2012-07-27 17:01:55 -------- d-----w- C:\windows\SysWow64\Wat

2012-07-27 17:01:55 -------- d-----w- C:\windows\System32\Wat

2012-07-27 16:55:34 367104 ----a-w- C:\windows\System32\wcncsvc.dll

2012-07-27 16:55:34 276992 ----a-w- C:\windows\SysWow64\wcncsvc.dll

2012-07-27 16:52:27 3147264 ----a-w- C:\windows\System32\win32k.sys

2012-07-27 16:32:22 99176 ----a-w- C:\windows\SysWow64\PresentationHostProxy.dll

2012-07-27 16:32:22 49472 ----a-w- C:\windows\SysWow64\netfxperf.dll

2012-07-27 16:32:22 48960 ----a-w- C:\windows\System32\netfxperf.dll

2012-07-27 16:32:22 444752 ----a-w- C:\windows\System32\mscoree.dll

2012-07-27 16:32:22 320352 ----a-w- C:\windows\System32\PresentationHost.exe

2012-07-27 16:32:22 297808 ----a-w- C:\windows\SysWow64\mscoree.dll

2012-07-27 16:32:22 295264 ----a-w- C:\windows\SysWow64\PresentationHost.exe

2012-07-27 16:32:22 1942856 ----a-w- C:\windows\System32\dfshim.dll

2012-07-27 16:32:22 1130824 ----a-w- C:\windows\SysWow64\dfshim.dll

2012-07-27 16:32:22 109912 ----a-w- C:\windows\System32\PresentationHostProxy.dll

2012-07-27 16:24:38 80896 ----a-w- C:\windows\System32\imagehlp.dll

2012-07-27 16:24:38 5120 ----a-w- C:\windows\SysWow64\wmi.dll

2012-07-27 16:24:38 5120 ----a-w- C:\windows\System32\wmi.dll

2012-07-27 16:24:38 22896 ----a-w- C:\windows\System32\drivers\fs_rec.sys

2012-07-27 16:24:38 220672 ----a-w- C:\windows\System32\wintrust.dll

2012-07-27 16:24:38 172544 ----a-w- C:\windows\SysWow64\wintrust.dll

2012-07-27 16:24:38 158720 ----a-w- C:\windows\SysWow64\imagehlp.dll

2012-07-27 16:21:57 509952 ----a-w- C:\windows\System32\ntshrui.dll

2012-07-27 16:20:02 264192 ----a-w- C:\windows\System32\upnp.dll

2012-07-27 16:20:01 442880 ----a-w- C:\windows\System32\winhttp.dll

2012-07-27 16:20:01 204288 ----a-w- C:\windows\SysWow64\upnp.dll

2012-07-27 16:18:59 3213824 ----a-w- C:\windows\System32\msi.dll

2012-07-27 16:02:23 -------- d-----w- C:\Users\Victor\AppData\Local\TOSHIBA_Corporation

2012-07-27 16:00:17 826368 ----a-w- C:\windows\SysWow64\rdpcore.dll

2012-07-27 16:00:17 23552 ----a-w- C:\windows\System32\drivers\tdtcp.sys

2012-07-27 16:00:17 1031680 ----a-w- C:\windows\System32\rdpcore.dll

2012-07-27 15:58:37 -------- d-----w- C:\Users\Victor\AppData\Local\Toshiba

2012-07-27 15:57:44 -------- d-----w- C:\Users\Victor\AppData\Local\VirtualStore

2012-07-27 15:57:20 13 --sh--r- C:\windows\System32\drivers\fbd.sys

2012-07-27 15:56:41 2622464 ----a-w- C:\windows\System32\wucltux.dll

2012-07-27 15:56:41 -------- d-----w- C:\Users\Victor\AppData\Roaming\WinBatch

2012-07-27 15:56:20 99840 ----a-w- C:\windows\System32\wudriver.dll

2012-07-27 15:56:00 36864 ----a-w- C:\windows\System32\wuapp.exe

2012-07-27 15:56:00 186752 ----a-w- C:\windows\System32\wuwebv.dll

.

==================== Find3M ====================

.

2012-07-12 14:29:52 4534272 ----a-w- C:\ProgramData\ReadOnlyInstaller.msi

2012-06-06 05:50:50 2003968 ----a-w- C:\windows\System32\msxml6.dll

2012-06-06 05:50:50 1880064 ----a-w- C:\windows\System32\msxml3.dll

2012-06-06 05:09:46 1389568 ----a-w- C:\windows\SysWow64\msxml6.dll

2012-06-06 05:09:46 1236992 ----a-w- C:\windows\SysWow64\msxml3.dll

2012-06-02 05:38:26 95088 ----a-w- C:\windows\System32\drivers\ksecdd.sys

2012-06-02 05:38:24 152432 ----a-w- C:\windows\System32\drivers\ksecpkg.sys

2012-06-02 05:37:45 459216 ----a-w- C:\windows\System32\drivers\cng.sys

2012-06-02 05:27:02 340992 ----a-w- C:\windows\System32\schannel.dll

2012-06-02 05:27:00 307200 ----a-w- C:\windows\System32\ncrypt.dll

2012-06-02 04:48:39 22016 ----a-w- C:\windows\SysWow64\secur32.dll

2012-06-02 04:48:35 225280 ----a-w- C:\windows\SysWow64\schannel.dll

2012-06-02 04:47:31 219136 ----a-w- C:\windows\SysWow64\ncrypt.dll

2012-06-02 04:42:51 96768 ----a-w- C:\windows\SysWow64\sspicli.dll

.

============= FINISH: 22:24:12.78 ===============

And:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 7/27/2012 11:55:34 AM

System Uptime: 8/16/2012 10:09:42 PM (0 hours ago)

.

Motherboard: Intel Corp. | | Base Board Product Name

Processor: Intel® Pentium® CPU P6200 @ 2.13GHz | CPU | 2133/1066mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 453 GiB total, 293.176 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP20: 8/12/2012 9:07:36 AM - Windows Update

RP21: 8/16/2012 10:21:58 PM - Windows Update

.

==== Installed Programs ======================

.

Adobe Flash Player 10 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.3)

Amazon Links

Anti-phishing Domain Advisor

Any Video Converter 3.4.0

ASPCA Reminder by We-Care.com v4.1.17.1

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

AVG Security Toolbar

Bejeweled 2 Deluxe

BurnAware Free 5.0.1

Cake Mania - Lights, Camera, Action!

Chuzzle Deluxe

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

D3DX10

DVD Shrink 3.2

ERUNT 1.1j

FATE - The Traitor Soul

Funmoods Web Search

Google Talk (remove only)

Google Update Helper

Governor of Poker 2 Premium Edition

Intel® Graphics Media Accelerator Driver

Intel® Management Engine Components

Intel® Rapid Storage Technology

Java Auto Updater

Java 6 Update 17

Java 7 Update 5

JavaFX 2.1.1

Jewel Quest - Heritage

Junk Mail filter update

Label@Once 1.0

Magic DVD Ripper V7.0.0

Malwarebytes Anti-Malware version 1.62.0.1300

Mesh Runtime

Microsoft Office Professional Edition 2003

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Mozilla Firefox 14.0.1 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

Mystery P.I. - The London Caper

Opera 12.00

Plants vs. Zombies - Game of the Year

PlayReady PC Runtime x86

Polar Bowler

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

Realtek USB 2.0 Card Reader

Realtek WLAN Driver

RealUpgrade 1.1

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Skype™ 5.10

Slingo Supreme

Toshiba App Place

TOSHIBA Application Installer

TOSHIBA Assist

Toshiba Book Place

TOSHIBA Bulletin Board

TOSHIBA eco Utility

TOSHIBA Face Recognition

TOSHIBA Hardware Setup

TOSHIBA HDD/SSD Alert

Toshiba Laptop Checkup

TOSHIBA Media Controller

TOSHIBA Media Controller Plug-in

Toshiba Online Backup

TOSHIBA Quality Application

TOSHIBA ReelTime

TOSHIBA Service Station

TOSHIBA Supervisor Password

TOSHIBA Value Added Package

TOSHIBA Web Camera Application

ToshibaRegistration

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

VLC media player 2.0.0

WildTangent Games

WildTangent ORB Game Console

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinRAR 4.20 (32-bit)

ZMatrix 1.4.8

.

==== Event Viewer Messages From Past Week ========

.

8/9/2012 3:00:24 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

8/12/2012 8:58:36 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

8/12/2012 8:57:16 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

8/12/2012 8:57:15 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

8/12/2012 8:57:15 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

8/12/2012 8:57:14 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

8/12/2012 8:57:14 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

8/12/2012 8:57:13 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

8/12/2012 8:57:08 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

8/12/2012 8:56:56 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf

8/12/2012 8:56:53 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

8/12/2012 8:56:53 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

8/12/2012 8:56:53 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

8/12/2012 8:56:53 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

8/12/2012 8:56:53 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

8/12/2012 8:56:53 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

8/12/2012 8:56:53 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

8/12/2012 8:56:53 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

8/12/2012 8:56:53 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

8/12/2012 8:56:53 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

.

==== End Of File ===========================

Link to post
Share on other sites

Be aware: PC shutting off by itslef can well be due to hardware overheating, or sometimes bad RAM memory.

Long term goal for this system (after this case is done) is to get Windows 7 Service Pack 1 from Windows Update.

For now, some things to update: Having outdated Java or Adobe Reader or Flash player is some of the most frequent "facilitators" of malware.

Go to Control Panel >> Add or Remove Programs

Locate Java 6 Update 17

Click to select that line. Then do a Right-click and select Uninstall.

Then exit Control Panel.

Step 2

To de-install Flash Player

Use Programs and Features (Windows 7 & Vista) or Add-or-Remove Programs (Windows XP) to de-install older versions of Flash Player.

For stubborn cases,

Download and save the Flash Player uninstaller >> uninstall Flash Player for 32-bit Windows<<

If you have Windows 64-bit, use this Flash Player uninstaller >> uninstall Flash Player for 64-bit Windows<<

Close all browsers and instant messenger (IM) programs.

Run the uninstaller.

To get latest Flash Player

Go to http://www.adobe.com/go/getflash

and get the latest Flash Player

Un-Check any checkbox for McAfee Security Scan Plus, or Google or any other widget or toolbar !!!

Reference: How to determine whether a computer is running a 32-bit version or 64-bit version of the Windows operating system

http://support.microsoft.com/kb/827218

Step 3

Older versions of Adobe Reader pose a potential security risk.

De-install your Adobe Reader: Use Control Panel's Program and Features, Un-install Adobe Reader.

Get latest Adobe Reader version

http://get.adobe.com/reader/

Be sure to un-check the box for Free McAfee Security Scan or any "toolbar" (if offered )

Step 4

You will want to print out or copy these instructions to Notepad for offline reference!

These steps are for member vicsaran only. If you are a casual viewer, do NOT try this on your system!

If you are not and have a similar problem, do NOT post here; start your own topic

Do not run or start any other programs while these utilities and tools are in use!

Do NOT run any other tools on your own or do any fixes other than what is listed here.

If you have questions, please ask before you do something on your own.

But it is important that you get going on these following steps.

=

Close any of your open programs while you run these tools.

On most all of the following programs and tools, you will need to do a right-click on the program link or shortcut or desktop icon (as appropriate) and then select "Run as Administrator". Please remember that as you go along and use these tools, each in turn.

If you have a prior copy of Combofix, delete it now

Download Combofix from any of the links below, and SAVE it to your Desktop.

Link 1

Link 2

**Note: It is important that it is saved directly to your Desktop and not run straight away from download **

Turn OFF your antivirus, otherwise it will interfere. How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Have infinite patience during the run & scan by Combofix. It has many phases: some 50+ stages

It will display it's "stage" within the Command prompt window. Do NOT panic if it seems slow to change ! It has lots of work.

You may notice the desktop icons disappear. Do NOT panic, as that is expected behavior.

Combofix my take as little as 10 minutes and perhaps as much as 30-40 minutes. Time taken will depend on speed of your system and how much there is to scan & how much it needs to clean.

If this is on a notebook system, make sure first the notebook is connected to wall-power (AC power)or a UPS system

Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.

Right- click on Combo-Fix.exe on your Desktop cf-icon.jpg and select "Run as Administrator".

  • A window may open with a warning or prompts. Accept the EULA and follow the prompts during the start phase of Combofix.
    When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.

A caution - Do not run Combofix more than once.

Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock.

The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled.

If this occurs, please reboot to restore the desktop.

A file will be created at => C:\Combofix.txt.

Notes:

[1] IF after Combofix reboot you get the message

Illegal operation attempted on registry key that has been marked for deletion

....please reboot the computer, this should resolve the problem. You may have reboot the pc a second time if needed.

[2] Do not mouseclick combofix's window nor run any program while Combofix is running.

That may cause it to stall.

[3]When all done, IF Combofix did not do a Restart...then ... I need for you to Restart the system fresh :!:

Reply & attach the C:\Combofix.txt log and tell me, How is the system now ?

Re-enable your antivirus program.

Link to post
Share on other sites

Hi Maurice,

I did everything from your last message this morning. Here is the C:/Combofix.txt log:

ComboFix 12-08-17.03 - Victor 08/18/2012 11:38:09.1.2 - x64

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3894.2545 [GMT -4:00]

Running from: C:\Users\Victor\Desktop\ComboFix.exe

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

C:\ProgramData\ReadOnlyInstaller.msi

C:\ProgramData\uninstaller.exe

C:\Users\Work\AppData\Local\RivalGaming\RiVAlgaming.dll

((((((((((((((((((((((((( Files Created from 2012-07-18 to 2012-08-18 )))))))))))))))))))))))))))))))

It's too early to say if my computer is FINALLY free of domainadvisor, but so far so good :)

Link to post
Share on other sites

Nope, that log is not what is usually expected on a typical run.

I'd like for you to do an online scan.

You will want to print out or copy these instructions to Notepad for offline reference!

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Close all open browsers at this point.

Start Internet Explorer (fresh) by pressing Start >> Internet Explorer >> Right-Click and select Run As Administrator.

Using Internet Explorer browser only, go to ESET Online Scanner website:

http://www.eset.com/onlinescan/

  • Accept the Terms of Use and press Start button;
  • Approve the install of the required ActiveX Control, then follow on-screen instructions;
  • Enable (check) the Remove found threats option, and run the scan.
  • After the scan completes, the Details tab in the Results window will display what was found and removed.
    • A logfile is created and located at C:\Program Files (x86)\Eset\EsetOnlineScanner\log.txt.

    Look at contents of this file using Notepad.

    The Frequently Asked Questions for ESET Online Scanner can be viewed here

    http://go.eset.com/us/online-scanner/faq

    • It is emphasized to temporarily disable any pc-resident {active} antivirus program prior to any on-line scan by any on-line scanner.
      (And the prompt re-enabling when finished.)
    • If you use Firefox, you have to install IETab, an add-on. This is to enable ActiveX support.
    • Do not use the system while the scan is running. Once the full scan is underway, go take a long break popcorn.gifpepsi.gif

Re-enable the antivirus program.

Reply with copy of the Eset scan log.

Step 2

You already have the DDS tool. Get a new report and Copy & Paste contents inside main body of reply box.

Then double click dds.scr to run the tool.

DDS will run in a command prompt window and will take 3 to 4 minutes or so.

  • When done, DDS will open two (2) logs:
  • DDS.txt
  • Attach.txt
  • Save both reports to your desktop.

Please Copy & Paste contents of the following logs in your next reply:

DDS.txt

Attach.txt

Link to post
Share on other sites

Here is the log from the Eset Online Scanner.

ESETSmartInstaller@High as CAB hook log:

OnlineScanner64.ocx - registred OK

OnlineScanner.ocx - registred OK

# version=7

# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=

# end=finished

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2012-08-20 01:17:09

# local_time=2012-08-20 09:17:09 (-0500, Eastern Daylight Time)

# country="United States"

# lang=1033

# osver=6.1.7600 NT

# compatibility_mode=5893 16776574 100 94 0 97008424 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=289382

# found=3

# cleaned=3

# scan_time=3654

C:\Qoobox\Quarantine\C\Users\Work\AppData\Local\RivalGaming\RiVAlgaming.dll.vir a variant of Win32/Adware.Gamevance.CG application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Users\Work\AppData\Local\RivalGaming\Uninstaller.exe a variant of Win32/Adware.Gamevance.CJ application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Users\Work\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\links@rivalgaming.com\components\xpcomponent.dll probably a variant of Win32/Adware.Gamevance.CI application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

And this is from the DDS tool:

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1

Run by Victor at 9:30:31 on 2012-08-20

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3894.1876 [GMT -4:00]

.

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\SymcPCCULaunchSvc.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\ccSvcHst.exe

C:\Windows\system32\TODDSrv.exe

C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

C:\windows\system32\SearchIndexer.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\windows\system32\taskhost.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\ccSvcHst.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe

C:\windows\system32\igfxsrvc.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe

C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe

C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe

C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe

C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

C:\windows\system32\igfxext.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\windows\system32\wuauclt.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\windows\system32\NOTEPAD.EXE

C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE

C:\windows\system32\SearchProtocolHost.exe

C:\windows\system32\SearchFilterHost.exe

C:\windows\splwow64.exe

C:\windows\system32\DllHost.exe

C:\windows\system32\DllHost.exe

C:\windows\SysWOW64\cmd.exe

C:\windows\system32\conhost.exe

C:\windows\system32\DllHost.exe

C:\windows\SysWOW64\cscript.exe

C:\windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://start.toshiba.com/g/

uInternet Settings,ProxyOverride = <local>

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll

BHO: WeCareReminder Class: {d824f0de-3d60-4f57-9eb1-66033ecd8abb} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll

BHO: TOSHIBA Media Controller Plug-in: {f3c88694-effa-4d78-b409-54b7b2535b14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll

TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}

uRun: [googletalk] C:\Users\Victor\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart

mRun: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"

mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60

mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre7\bin\jusched.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

StartupFolder: C:\Users\Victor\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ZMatrix.lnk - C:\Program Files (x86)\ZMatrix\matrix.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab

DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{14EABF20-F0D0-4C39-AEE4-8011AC8DBA70} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{14EABF20-F0D0-4C39-AEE4-8011AC8DBA70}\25544454F51424F5F4 : DhcpNameServer = 192.168.42.1 192.168.100.1 8.8.8.8

TCP: Interfaces\{14EABF20-F0D0-4C39-AEE4-8011AC8DBA70}\453435 : DhcpNameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{14EABF20-F0D0-4C39-AEE4-8011AC8DBA70}\74D423 : DhcpNameServer = 200.222.145.86 200.165.132.148 192.168.0.1

TCP: Interfaces\{14EABF20-F0D0-4C39-AEE4-8011AC8DBA70}\96E63796768647F577966696F503930303 : DhcpNameServer = 192.168.2.1 209.18.47.61 209.18.47.62

TCP: Interfaces\{19B60485-C4A3-4538-94A8-EA2FA468DC7C} : DhcpNameServer = 209.18.47.61 209.18.47.62

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.1.5\ViProtocol.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll

BHO-X64: WeCareReminder Class: {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll

BHO-X64: WeCareReminder - No File

BHO-X64: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll

TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

mRun-x64: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"

mRun-x64: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60

mRun-x64: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre7\bin\jusched.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.