Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

"you can't proxy across different primary domain" hotmai


  • This topic is locked This topic is locked

#1
sassa

sassa

    Member

  • Member
  • PipPip
  • 32 posts
Hello guys plz i need help ...
i did the same as written in http://www.geekstogo...rimary-domains/ but it didnt fix my problem the aswMBR.exe result:


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-26 00:20:40
-----------------------------
00:20:40.172 OS Version: Windows x64 6.1.7601 Service Pack 1
00:20:40.173 Number of processors: 8 586 0x2A07
00:20:40.173 ComputerName: TOSHIBA-TOSH UserName: Toshiba
00:20:41.655 Initialize success
00:20:52.292 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
00:20:52.294 Disk 0 Vendor: TOSHIBA_ GT00 Size: 715404MB BusType: 3
00:20:52.297 Disk 0 MBR read successfully
00:20:52.299 Disk 0 MBR scan
00:20:52.301 Disk 0 Windows 7 default MBR code
00:20:52.308 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 399 MB offset 2048
00:20:52.322 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 356974 MB offset 819200
00:20:52.349 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 358030 MB offset 731901952
00:20:52.378 Disk 0 scanning C:\Windows\system32\drivers
00:20:58.052 Service scanning
00:21:08.249 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
00:21:22.985 Modules scanning
00:21:23.004 Disk 0 trace - called modules:
00:21:23.135 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
00:21:23.156 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8008265060]
00:21:23.176 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8006655050]
00:21:23.210 Scan finished successfully
00:22:17.782 Verifying
00:22:27.861 Disk 0 Windows 601 MBR fixed successfully
00:22:40.804 Disk 0 MBR has been saved successfully to "C:\Users\Toshiba\Documents\MBR.dat"
00:22:40.807 The log file has been saved successfully to "C:\Users\Toshiba\Documents\aswMBR.txt"


whereas OTL result is:

NOTEPAD:

OTL logfile created on: 4/26/2012 12:39:54 AM - Run 1
OTL by OldTimer - Version 3.2.42.0 Folder = C:\Users\Toshiba\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.98 Gb Total Physical Memory | 3.40 Gb Available Physical Memory | 56.78% Memory free
11.96 Gb Paging File | 9.15 Gb Available in Paging File | 76.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 348.61 Gb Total Space | 305.49 Gb Free Space | 87.63% Space Free | Partition Type: NTFS
Drive D: | 349.64 Gb Total Space | 335.83 Gb Free Space | 96.05% Space Free | Partition Type: NTFS
Drive E: | 82.91 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: TOSHIBA-TOSH | User Name: Toshiba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 180 Days

========== Processes (SafeList) ==========

PRC - [2012/04/26 00:22:58 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Toshiba\Downloads\OTL.exe
PRC - [2012/04/12 10:37:36 | 001,224,176 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012/02/23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
PRC - [2012/01/03 05:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/05/11 20:49:32 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/03/29 16:33:08 | 000,598,312 | ---- | M] (Nero AG) -- c:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2010/12/20 20:30:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/12/20 20:30:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/02/28 05:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
PRC - [2009/07/22 15:40:00 | 000,083,336 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
PRC - [2009/03/10 20:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe


========== Modules (No Company Name) ==========

MOD - [2012/04/12 10:37:34 | 000,444,400 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\ppgooglenaclpluginchrome.dll
MOD - [2012/04/12 10:37:33 | 003,915,248 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\pdf.dll
MOD - [2012/04/12 10:36:18 | 000,544,240 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\libglesv2.dll
MOD - [2012/04/12 10:36:17 | 000,117,744 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\libegl.dll
MOD - [2012/04/12 10:36:08 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\avutil-51.dll
MOD - [2012/04/12 10:36:06 | 000,220,672 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\avformat-53.dll
MOD - [2012/04/12 10:36:05 | 001,747,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\avcodec-53.dll
MOD - [2012/04/12 09:51:55 | 008,743,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
MOD - [2011/11/01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/02/28 05:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE


========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe /McCoreSvc -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2011/12/06 17:25:40 | 000,161,168 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2011/12/06 17:16:02 | 000,208,536 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2011/07/01 13:46:14 | 000,828,856 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2011/04/27 17:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011/04/27 17:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/03/02 17:36:16 | 000,266,680 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2010/12/09 19:45:26 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2010/12/08 17:42:54 | 000,137,632 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2010/10/20 16:41:00 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/14 04:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/04/20 23:44:20 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/02/29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/01/03 05:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/05/11 20:49:32 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/03/29 16:33:08 | 000,598,312 | ---- | M] (Nero AG) [Auto | Running] -- c:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) @c:\Program Files (x86)
SRV - [2011/02/10 10:25:36 | 000,112,080 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)
SRV - [2010/12/20 20:30:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/12/20 20:30:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/11/29 16:58:30 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/10/12 20:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/04/12 12:45:00 | 000,196,976 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/28 18:44:40 | 000,249,200 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2009/06/11 00:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/10 20:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/01 09:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/15 12:16:16 | 000,647,080 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2011/10/15 12:16:16 | 000,284,648 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2011/10/15 12:16:16 | 000,229,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2011/10/15 12:16:16 | 000,075,808 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2011/10/15 12:16:16 | 000,065,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2011/10/01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/08/02 17:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/07/08 19:06:08 | 000,307,304 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2011/05/10 19:41:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/04/27 15:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011/03/11 09:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 09:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/08 21:07:00 | 000,038,096 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2011/02/03 21:59:06 | 001,413,680 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/01/27 17:27:04 | 000,067,384 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfusb.sys -- (Tosrfusb)
DRV:64bit: - [2011/01/27 14:34:12 | 001,577,088 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2011/01/12 19:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/12/17 21:46:46 | 002,675,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/12/10 15:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/12/10 15:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/12/01 18:12:06 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/11/21 06:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 06:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 06:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/08 14:44:40 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/10/19 18:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010/10/18 16:14:02 | 000,042,096 | R--- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2010/06/18 18:45:00 | 000,018,872 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfec.sys -- (tosrfec)
DRV:64bit: - [2009/07/30 22:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/14 04:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 04:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 04:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/19 21:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/15 14:58:50 | 000,012,800 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\QIOMem.sys -- (QIOMem)
DRV:64bit: - [2009/06/11 00:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/11 00:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/11 00:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 23:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 23:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 23:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 23:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/07/14 04:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1861668113-2035247836-3707625544-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=TEUA&bmod=TEUA
IE - HKU\S-1-5-21-1861668113-2035247836-3707625544-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.sa/
IE - HKU\S-1-5-21-1861668113-2035247836-3707625544-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-1861668113-2035247836-3707625544-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1861668113-2035247836-3707625544-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7TEUA_enSA461
IE - HKU\S-1-5-21-1861668113-2035247836-3707625544-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1861668113-2035247836-3707625544-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/02/28 15:45:40 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U20 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - Extension: SiteAdvisor = C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\

O1 HOSTS File: ([2009/06/11 00:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-1861668113-2035247836-3707625544-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant systems, Inc.)
O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [NBAgent] c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe (TOSHIBA)
O4 - HKU\.DEFAULT..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-18..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-21-1861668113-2035247836-3707625544-1000..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKU\S-1-5-21-1861668113-2035247836-3707625544-1000..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe (TOSHIBA)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk = C:\Program Files (x86)\BBC iPlayer Desktop\BBC iPlayer Desktop.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8:64bit: - Extra context menu item: Add to TOSHIBA Bulletin Board - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O8 - Extra context menu item: Add to TOSHIBA Bulletin Board - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O9:64bit: - Extra Button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom64.dll (TODO: <会社名>)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom64.dll (TODO: <会社名>)
O9 - Extra Button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O9 - Extra 'Tools' menuitem : @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{58E04B8C-7262-4B15-9283-D716421EDB1F}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BFFF8AD4-A82B-458C-8709-85D1DE6C2357}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/03/12 18:19:10 | 000,000,044 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{7e3aa425-0484-11e1-a7fa-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{7e3aa425-0484-11e1-a7fa-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -- [2008/03/12 18:19:10 | 000,217,187 | R--- | M] (THOMSON Telecom Belgium)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 180 Days ==========

[2012/04/25 17:27:15 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\Desktop\CV
[2012/04/23 13:53:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/04/23 13:53:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/04/23 11:54:05 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{C4824836-FA80-4634-AA29-CAFE0319A7A0}
[2012/04/22 23:53:41 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{6E2A59A2-7A70-466F-9421-3F7627E66F89}
[2012/04/22 11:53:15 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{480A257F-02AB-4E3F-83F1-3BEB1948AF66}
[2012/04/21 23:52:51 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{CEE59D3F-058F-4FD2-8AB0-1B75FD348C25}
[2012/04/21 11:43:50 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{8A7BAFDA-AFFF-4997-80BC-3A8B98EFDA84}
[2012/04/20 23:44:20 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/04/20 23:44:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/04/20 23:43:18 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{3B58691B-F67A-4C51-B45D-A5373B09EDB6}
[2012/04/20 23:43:07 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{7E685F98-A34C-42E9-8A91-A45348CBDC87}
[2012/04/18 12:56:45 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{5EE94C51-F181-4169-8497-56916F81179A}
[2012/04/18 12:56:35 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{28864D65-EA55-49D5-A420-EC27E4318721}
[2012/04/18 12:27:03 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012/04/18 12:26:16 | 000,000,000 | ---D | C] -- C:\Windows\ar
[2012/04/18 12:26:14 | 000,000,000 | ---D | C] -- C:\Windows\fr
[2012/04/18 12:26:08 | 000,000,000 | ---D | C] -- C:\Windows\tr
[2012/04/18 12:20:30 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{C3D96398-BAAE-44BA-9721-F934FA41D752}
[2012/04/18 12:20:17 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{E5867A72-61F5-4F47-AA33-E3860118F828}
[2012/04/14 03:22:57 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{78C75A20-C526-4D05-8173-656596D7A5D1}
[2012/04/14 03:02:14 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/04/14 03:02:14 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/04/14 03:02:13 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/04/14 03:02:13 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/04/14 03:02:12 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/04/14 03:02:12 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/04/14 03:02:12 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/04/14 03:02:11 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/04/14 03:02:11 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/04/14 03:02:11 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/04/14 03:02:11 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/04/14 03:01:53 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/04/14 03:01:53 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/04/14 03:01:53 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/04/14 03:00:25 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/04/14 03:00:25 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/04/14 03:00:23 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/04/13 22:43:01 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\ElevatedDiagnostics
[2012/04/07 16:37:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/04/07 16:36:27 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/04/07 16:36:26 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/04/07 16:36:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/03/29 18:54:31 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{FF1A45C1-3C5E-4D32-9C36-5874E20372C9}
[2012/03/25 16:33:05 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\Desktop\New folder
[2012/03/24 23:14:59 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\Windows Live
[2012/03/24 23:14:59 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{1F051DDE-0A0B-40D7-AEC1-FAED98A16A16}
[2012/03/24 23:14:49 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{DAFF7997-A68F-4437-AAFF-60AE292903AA}
[2012/03/24 23:14:49 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{D675B993-52CE-4BBA-B54C-6F2AB8EE7C15}
[2012/03/24 23:14:36 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\Tracing
[2012/03/24 16:47:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012/03/24 16:46:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/03/24 14:32:08 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012/03/24 11:51:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Safari
[2012/03/24 11:35:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/03/24 11:35:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012/03/17 13:45:07 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\Desktop\livre
[2012/03/17 12:35:23 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/03/17 12:34:38 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/03/17 12:34:38 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/03/17 12:34:36 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/03/17 12:34:36 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/03/17 12:34:36 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/03/17 12:30:41 | 000,070,304 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/03/08 18:37:20 | 000,302,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[2012/02/26 10:34:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BBC iPlayer Desktop
[2012/02/21 23:57:07 | 000,000,000 | ---D | C] -- C:\ProgramData\TOSHIBA Tempro
[2012/02/21 23:57:07 | 000,000,000 | ---D | C] -- C:\ProgramData\IsolatedStorage
[2012/02/21 13:05:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012/02/21 12:49:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/02/21 12:49:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/02/21 00:43:45 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2012/02/21 00:43:43 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012/02/21 00:43:43 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012/02/21 00:43:43 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012/02/21 00:43:43 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012/02/21 00:43:42 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012/02/21 00:43:42 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012/02/21 00:43:42 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012/02/21 00:43:41 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012/02/21 00:43:40 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012/02/21 00:43:36 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012/02/21 00:43:36 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012/02/21 00:43:34 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/02/21 00:43:33 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/02/21 00:43:33 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/02/21 00:43:33 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/02/21 00:43:29 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/02/21 00:43:26 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2012/02/21 00:43:26 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2012/02/21 00:43:26 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2012/02/21 00:43:25 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2012/02/21 00:43:25 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2012/02/21 00:43:24 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2012/02/21 00:43:23 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2012/02/21 00:43:23 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2012/02/21 00:43:23 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2012/02/21 00:43:23 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2012/02/21 00:43:22 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2012/02/21 00:43:22 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2012/02/21 00:43:21 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2012/02/21 00:43:18 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/02/21 00:43:17 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/02/21 00:43:17 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/02/21 00:43:17 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/02/21 00:43:17 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/02/21 00:43:17 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/02/21 00:43:15 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012/02/21 00:43:13 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/02/21 00:43:12 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/02/21 00:43:07 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012/02/21 00:43:06 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/02/21 00:32:54 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Apple Computer
[2012/02/21 00:32:54 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\Apple Computer
[2012/02/21 00:32:47 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2012/02/21 00:32:47 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2012/02/21 00:32:47 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2012/02/21 00:32:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2012/02/21 00:31:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012/02/21 00:31:58 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012/02/21 00:31:14 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\Apple
[2012/02/21 00:31:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012/02/21 00:30:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012/02/21 00:30:28 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012/02/21 00:30:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012/02/21 00:29:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012/02/21 00:29:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012/02/21 00:19:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Toshiba
[2012/02/20 18:52:34 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/02/20 18:52:34 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/02/20 18:52:34 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/02/20 18:52:34 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/02/20 18:52:34 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/02/20 18:52:33 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/02/20 18:52:33 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/02/20 18:52:33 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/02/20 18:52:33 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/02/20 18:52:33 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/02/20 18:52:33 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/02/20 18:52:33 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/02/20 18:52:33 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/02/20 18:52:33 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/02/20 18:52:33 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/02/20 18:52:33 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/02/20 18:52:33 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/02/20 18:52:33 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/02/20 18:52:33 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/02/20 18:52:33 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/02/20 18:52:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/02/20 18:52:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/02/20 18:52:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/02/20 18:52:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/02/20 18:52:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/02/20 18:52:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/02/20 18:52:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/02/20 18:52:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/02/20 18:52:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/02/20 18:52:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/02/20 18:52:19 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012/02/20 18:52:19 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012/02/20 18:52:14 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/02/20 18:52:11 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012/02/20 18:52:11 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012/02/20 18:52:10 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012/02/20 18:52:10 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012/02/20 18:52:04 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/02/20 18:51:35 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012/02/20 18:51:35 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012/02/20 18:51:35 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012/02/20 18:51:35 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012/02/20 18:24:40 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Skype
[2012/02/20 17:18:25 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Nero
[2012/02/20 17:16:38 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\WinBatch
[2012/02/19 14:10:21 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\Diagnostics
[2012/02/16 13:08:04 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/02/16 13:08:04 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/02/16 12:24:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Wild Tangent
[2012/02/16 11:37:20 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\TOSHIBA Online Product Information
[2012/01/01 19:02:08 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications
[2012/01/01 16:50:03 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\SoftGrid Client
[2012/01/01 16:50:03 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\SoftGrid Client
[2012/01/01 16:49:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)
[2012/01/01 16:49:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012/01/01 16:49:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/01/01 16:49:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Application Virtualization Client
[2012/01/01 16:49:12 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\TP
[2011/12/20 20:10:46 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\Nero_AG
[2011/12/20 20:10:28 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\Nero
[2011/12/07 23:30:23 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Google
[2011/12/07 20:01:28 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\Google
[2011/12/07 20:01:22 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2011/12/07 14:13:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay
[2011/12/07 14:13:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2011/12/07 14:13:25 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Macromedia
[2011/12/07 14:13:24 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\Adobe
[2011/12/07 14:13:23 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Adobe
[2011/12/07 14:13:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon
[2011/12/07 14:13:12 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Toshiba
[2011/12/07 14:12:48 | 000,000,000 | R--D | C] -- C:\Users\Toshiba\Searches
[2011/12/07 14:12:48 | 000,000,000 | R--D | C] -- C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/12/07 14:12:48 | 000,000,000 | -H-D | C] -- C:\Users\Toshiba\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2011/12/07 14:12:41 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Identities
[2011/12/07 14:12:39 | 000,000,000 | R--D | C] -- C:\Users\Toshiba\Contacts
[2011/12/07 14:12:37 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\VirtualStore
[2011/12/07 13:54:39 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\Toshiba
[2011/12/07 13:49:00 | 000,000,000 | ---D | C] -- C:\ProgramData\ToshibaEurope
[2011/12/07 13:48:37 | 000,000,000 | --SD | C] -- C:\Users\Toshiba\AppData\Roaming\Microsoft
[2011/12/07 13:48:37 | 000,000,000 | R--D | C] -- C:\Users\Toshiba\Videos
[2011/12/07 13:48:37 | 000,000,000 | R--D | C] -- C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/12/07 13:48:37 | 000,000,000 | R--D | C] -- C:\Users\Toshiba\Saved Games
[2011/12/07 13:48:37 | 000,000,000 | R--D | C] -- C:\Users\Toshiba\Pictures
[2011/12/07 13:48:37 | 000,000,000 | R--D | C] -- C:\Users\Toshiba\Music
[2011/12/07 13:48:37 | 000,000,000 | R--D | C] -- C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/12/07 13:48:37 | 000,000,000 | R--D | C] -- C:\Users\Toshiba\Links
[2011/12/07 13:48:37 | 000,000,000 | R--D | C] -- C:\Users\Toshiba\Favorites
[2011/12/07 13:48:37 | 000,000,000 | R--D | C] -- C:\Users\Toshiba\Downloads
[2011/12/07 13:48:37 | 000,000,000 | R--D | C] -- C:\Users\Toshiba\Documents
[2011/12/07 13:48:37 | 000,000,000 | R--D | C] -- C:\Users\Toshiba\Desktop
[2011/12/07 13:48:37 | 000,000,000 | R--D | C] -- C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/12/07 13:48:37 | 000,000,000 | -HSD | C] -- C:\Users\Toshiba\AppData\Local\Temporary Internet Files
[2011/12/07 13:48:37 | 000,000,000 | -HSD | C] -- C:\Users\Toshiba\Templates
[2011/12/07 13:48:37 | 000,000,000 | -HSD | C] -- C:\Users\Toshiba\Start Menu
[2011/12/07 13:48:37 | 000,000,000 | -HSD | C] -- C:\Users\Toshiba\SendTo
[2011/12/07 13:48:37 | 000,000,000 | -HSD | C] -- C:\Users\Toshiba\Recent
[2011/12/07 13:48:37 | 000,000,000 | -HSD | C] -- C:\Users\Toshiba\PrintHood
[2011/12/07 13:48:37 | 000,000,000 | -HSD | C] -- C:\Users\Toshiba\NetHood
[2011/12/07 13:48:37 | 000,000,000 | -HSD | C] -- C:\Users\Toshiba\Documents\My Videos
[2011/12/07 13:48:37 | 000,000,000 | -HSD | C] -- C:\Users\Toshiba\Documents\My Pictures
[2011/12/07 13:48:37 | 000,000,000 | -HSD | C] -- C:\Users\Toshiba\Documents\My Music
[2011/12/07 13:48:37 | 000,000,000 | -HSD | C] -- C:\Users\Toshiba\My Documents
[2011/12/07 13:48:37 | 000,000,000 | -HSD | C] -- C:\Users\Toshiba\Local Settings
[2011/12/07 13:48:37 | 000,000,000 | -HSD | C] -- C:\Users\Toshiba\AppData\Local\History
[2011/12/07 13:48:37 | 000,000,000 | -HSD | C] -- C:\Users\Toshiba\Cookies
[2011/12/07 13:48:37 | 000,000,000 | -HSD | C] -- C:\Users\Toshiba\Application Data
[2011/12/07 13:48:37 | 000,000,000 | -HSD | C] -- C:\Users\Toshiba\AppData\Local\Application Data
[2011/12/07 13:48:37 | 000,000,000 | -H-D | C] -- C:\Users\Toshiba\AppData
[2011/12/07 13:48:37 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\Temp
[2011/12/07 13:48:37 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\Microsoft
[2011/12/07 13:48:37 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Media Center Programs
[2011/11/01 16:01:15 | 000,000,000 | ---D | C] -- C:\Windows\OemDrv
[2011/11/01 15:58:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2011/11/01 15:55:04 | 000,038,096 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\drivers\PGEffect.sys
[2011/11/01 15:49:18 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2011/11/01 15:45:36 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sda
[2011/11/01 15:45:32 | 009,888,360 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysWow64\RtsUStoricon.dll
[2011/11/01 15:45:32 | 000,422,504 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtsUStor.dll
[2011/11/01 15:45:32 | 000,307,304 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\rtsuvstor.sys
[2011/11/01 15:45:32 | 000,250,984 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtsUStor.sys
[2011/11/01 15:45:32 | 000,018,024 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\rtcrfilt64.sys
[2011/11/01 15:45:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2011/11/01 15:45:03 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Atheros_L1e
[2011/11/01 15:44:25 | 000,040,832 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\SysNative\drivers\TosBtCi.dll
[2011/11/01 15:43:37 | 000,042,096 | R--- | C] (Atheros) -- C:\Windows\SysNative\drivers\btfilter.sys
[2011/11/01 15:43:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TOH Class Filter
[2011/11/01 15:42:15 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2011/11/01 15:41:57 | 000,827,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100.dll
[2011/11/01 15:41:57 | 000,607,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp100.dll
[2011/11/01 15:41:57 | 000,099,320 | ---- | C] (TOSHIBA CORPORATION) -- C:\Windows\SysNative\tosWirelessLANIndicatorCP.dll
[2011/11/01 15:38:26 | 002,675,712 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2011/11/01 15:38:26 | 000,000,000 | ---D | C] -- C:\Windows\Options
[2011/11/01 15:38:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\nn-NO
[2011/11/01 15:38:25 | 000,443,040 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvs.dll
[2011/11/01 15:38:25 | 000,063,648 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvui.dll
[2011/11/01 15:38:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atheros
[2011/11/01 15:38:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2011/11/01 15:31:53 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2011/11/01 15:30:02 | 001,426,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco642040.dll
[2011/11/01 15:30:02 | 000,174,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2011/11/01 15:30:02 | 000,029,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2011/11/01 15:29:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Renesas Electronics
[2011/11/01 15:29:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2011/11/01 15:25:43 | 000,024,576 | ---- | C] (Toshiba) -- C:\Windows\SysWow64\TSCI.dll
[2011/11/01 15:25:43 | 000,024,576 | ---- | C] (Toshiba) -- C:\Windows\SysWow64\THCI.dll
[2011/11/01 15:24:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2011/11/01 15:23:53 | 000,439,320 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys
[2011/11/01 15:21:43 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011/11/01 15:21:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2011/11/01 15:21:00 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2011/11/01 15:20:43 | 020,460,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2011/11/01 15:20:43 | 018,580,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2011/11/01 15:20:43 | 015,051,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2011/11/01 15:20:43 | 013,011,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2011/11/01 15:20:43 | 012,840,552 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2011/11/01 15:20:43 | 010,059,880 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2011/11/01 15:20:43 | 008,106,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2011/11/01 15:20:43 | 006,597,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2011/11/01 15:20:43 | 006,029,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2011/11/01 15:20:43 | 004,936,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2011/11/01 15:20:43 | 003,182,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2011/11/01 15:20:43 | 002,954,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2011/11/01 15:20:43 | 002,871,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2011/11/01 15:20:43 | 002,579,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2011/11/01 15:20:43 | 002,206,824 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2011/11/01 15:20:43 | 001,969,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2011/11/01 15:20:43 | 001,625,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6420140.dll
[2011/11/01 15:20:43 | 001,368,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco642050.dll
[2011/11/01 15:20:43 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011/11/01 15:20:43 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011/11/01 15:20:43 | 000,011,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd
[2011/11/01 15:20:34 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011/11/01 15:20:29 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2011/11/01 15:19:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2011/11/01 15:18:27 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

========== Files - Modified Within 180 Days ==========

[2012/04/26 00:22:40 | 000,000,512 | ---- | M] () -- C:\Users\Toshiba\Documents\MBR.dat
[2012/04/26 00:09:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/25 23:54:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/04/25 18:09:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/25 14:54:51 | 000,015,508 | ---- | M] () -- C:\Users\Toshiba\Desktop\lol.jpg
[2012/04/24 14:06:26 | 000,747,590 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/04/24 14:06:26 | 000,639,174 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/04/24 14:06:26 | 000,111,932 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/04/24 14:05:33 | 000,110,992 | ---- | M] () -- C:\Users\Toshiba\Desktop\581390_10150669526080756_710895755_9727010_1943381955_n.jpg
[2012/04/24 14:04:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/22 17:49:41 | 009,473,591 | ---- | M] () -- C:\Users\Toshiba\Desktop\april2012_14th_issue_flyer.pdf
[2012/04/22 15:06:23 | 000,069,511 | ---- | M] () -- C:\Users\Toshiba\Desktop\rorito.jpg
[2012/04/22 00:07:34 | 000,025,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/22 00:07:34 | 000,025,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/21 00:37:46 | 000,381,258 | ---- | M] () -- C:\Users\Toshiba\Desktop\P2-HCG-Gourmet-Cookbook.pdf
[2012/04/21 00:31:22 | 001,274,044 | ---- | M] () -- C:\Users\Toshiba\Desktop\HCG-ebook-preview.pdf
[2012/04/20 23:44:20 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/04/20 23:44:20 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/04/20 23:42:47 | 000,001,100 | ---- | M] () -- C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk
[2012/04/20 23:41:48 | 522,604,543 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/14 04:10:00 | 000,002,343 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/04/14 03:34:46 | 000,002,026 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/04/07 16:39:43 | 000,002,515 | ---- | M] () -- C:\Users\Toshiba\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2012/04/07 16:39:43 | 000,002,491 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2012/04/07 16:37:24 | 000,001,790 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/03/28 18:49:25 | 000,002,748 | ---- | M] () -- C:\Users\Public\Desktop\WildTangent Games App - toshiba.lnk
[2012/03/24 16:47:35 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/03/24 16:47:01 | 000,761,436 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/03/24 14:54:32 | 000,191,573 | ---- | M] () -- C:\Users\Toshiba\Desktop\Formulaire_candidature_contrat_local.pdf
[2012/03/24 14:54:19 | 000,067,483 | ---- | M] () -- C:\Users\Toshiba\Desktop\Recrut_Contr_Local_pieces_a_fournir.pdf
[2012/03/24 11:46:23 | 000,000,628 | ---- | M] () -- C:\Windows\SysNative\mapisvc.inf
[2012/03/24 11:35:27 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/03/17 13:53:27 | 000,274,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/03/08 18:37:20 | 000,302,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[2012/03/06 09:53:37 | 005,559,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/03/06 08:59:47 | 003,968,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/03/06 08:59:41 | 003,913,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/03/01 09:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/03/01 09:38:27 | 000,220,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/03/01 09:33:50 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/02/28 09:56:48 | 002,311,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/02/28 09:48:57 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/02/28 09:48:36 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/02/28 09:45:47 | 000,818,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/02/28 09:43:16 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/02/28 09:39:50 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/02/28 04:11:21 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/02/28 04:09:51 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/02/28 04:06:48 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/02/28 04:03:31 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/02/28 03:59:59 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/02/26 10:34:34 | 000,000,988 | ---- | M] () -- C:\Users\Public\Desktop\BBC iPlayer Desktop.lnk
[2012/02/21 00:35:23 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/02/20 19:16:44 | 000,002,242 | ---- | M] () -- C:\Users\Toshiba\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/02/20 17:16:49 | 000,001,006 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Toshiba Places Icon Utility.lnk
[2012/02/17 09:38:26 | 001,031,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/02/17 08:34:22 | 000,826,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/02/16 12:04:27 | 000,000,355 | ---- | M] () -- C:\Users\Toshiba\Desktop\Computer.lnk
[2012/02/10 09:36:07 | 001,544,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/02/08 22:35:02 | 030,809,792 | ---- | M] () -- C:\Users\Toshiba\Desktop\BlackBerry Bold 9700 (220C4D55) (February 8, 2012) SARAH.ipd
[2012/01/25 09:38:39 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/01/25 09:38:38 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/01/25 09:33:30 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/01/04 13:44:20 | 000,509,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2011/12/30 09:26:08 | 000,515,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2011/12/30 08:27:56 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2011/12/16 11:46:06 | 000,634,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2011/12/07 23:30:16 | 000,001,448 | ---- | M] () -- C:\Users\Toshiba\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/12/07 14:13:35 | 000,000,514 | ---- | M] () -- C:\Users\Public\Desktop\eBay.lnk
[2011/12/07 14:13:35 | 000,000,420 | ---- | M] () -- C:\Users\Public\Desktop\Toshiba Places.lnk
[2011/12/07 12:47:12 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011/12/07 12:47:12 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011/12/07 12:37:50 | 000,000,000 | RHS- | M] () -- C:\Windows\SysWow64\drivers\TOSHIBA_Satellite L755_15158-AR_PSK2YE-0M302.MRK
[2011/12/06 17:25:40 | 000,161,168 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\mfevtps.exe
[2011/11/19 17:58:00 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2011/11/19 17:01:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2011/11/17 09:41:18 | 001,731,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2011/11/17 09:35:28 | 000,395,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2011/11/17 09:35:26 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2011/11/17 09:35:26 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2011/11/17 09:35:25 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2011/11/17 09:35:19 | 001,447,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2011/11/17 08:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2011/11/01 15:59:23 | 000,000,000 | ---- | M] () -- C:\Windows\NDSTray.INI
[2011/11/01 15:59:13 | 000,002,041 | ---- | M] () -- C:\Users\Public\Desktop\Manual.lnk
[2011/11/01 15:42:16 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf

========== Files Created - No Company Name ==========

[2012/04/26 00:22:40 | 000,000,512 | ---- | C] () -- C:\Users\Toshiba\Documents\MBR.dat
[2012/04/25 14:54:57 | 000,015,508 | ---- | C] () -- C:\Users\Toshiba\Desktop\lol.jpg
[2012/04/24 14:05:37 | 000,110,992 | ---- | C] () -- C:\Users\Toshiba\Desktop\581390_10150669526080756_710895755_9727010_1943381955_n.jpg
[2012/04/22 17:49:44 | 009,473,591 | ---- | C] () -- C:\Users\Toshiba\Desktop\april2012_14th_issue_flyer.pdf
[2012/04/22 15:06:33 | 000,069,511 | ---- | C] () -- C:\Users\Toshiba\Desktop\rorito.jpg
[2012/04/21 00:37:49 | 000,381,258 | ---- | C] () -- C:\Users\Toshiba\Desktop\P2-HCG-Gourmet-Cookbook.pdf
[2012/04/21 00:31:28 | 001,274,044 | ---- | C] () -- C:\Users\Toshiba\Desktop\HCG-ebook-preview.pdf
[2012/04/20 23:44:21 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/04/07 16:37:24 | 000,001,790 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/03/24 16:47:35 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012/03/24 16:46:59 | 000,001,904 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/03/24 14:54:34 | 000,191,573 | ---- | C] () -- C:\Users\Toshiba\Desktop\Formulaire_candidature_contrat_local.pdf
[2012/03/24 14:54:28 | 000,067,483 | ---- | C] () -- C:\Users\Toshiba\Desktop\Recrut_Contr_Local_pieces_a_fournir.pdf
[2012/03/24 11:51:33 | 000,002,515 | ---- | C] () -- C:\Users\Toshiba\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2012/03/24 11:51:33 | 000,002,503 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
[2012/03/24 11:51:33 | 000,002,491 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk
[2012/03/24 11:46:22 | 000,000,628 | ---- | C] () -- C:\Windows\SysNative\mapisvc.inf
[2012/03/24 11:35:27 | 000,001,852 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/02/22 12:26:41 | 000,002,026 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/02/21 00:53:46 | 030,809,792 | ---- | C] () -- C:\Users\Toshiba\Desktop\BlackBerry Bold 9700 (220C4D55) (February 8, 2012) SARAH.ipd
[2012/02/21 00:35:23 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/02/21 00:31:12 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/02/16 12:04:27 | 000,000,355 | ---- | C] () -- C:\Users\Toshiba\Desktop\Computer.lnk
[2012/01/01 16:49:45 | 000,761,436 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/12/07 23:30:16 | 000,001,448 | ---- | C] () -- C:\Users\Toshiba\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/12/07 20:01:23 | 000,001,100 | ---- | C] () -- C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk
[2011/12/07 14:13:35 | 000,000,514 | ---- | C] () -- C:\Users\Public\Desktop\eBay.lnk
[2011/12/07 14:13:35 | 000,000,424 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toshiba Places.lnk
[2011/12/07 14:13:35 | 000,000,420 | ---- | C] () -- C:\Users\Public\Desktop\Toshiba Places.lnk
[2011/12/07 14:13:33 | 000,001,000 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BBC iPlayer Desktop.lnk
[2011/12/07 14:13:33 | 000,000,988 | ---- | C] () -- C:\Users\Public\Desktop\BBC iPlayer Desktop.lnk
[2011/12/07 14:12:49 | 000,001,454 | ---- | C] () -- C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/12/07 13:48:37 | 000,002,242 | ---- | C] () -- C:\Users\Toshiba\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/12/07 13:48:37 | 000,000,290 | ---- | C] () -- C:\Users\Toshiba\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/12/07 13:48:37 | 000,000,272 | ---- | C] () -- C:\Users\Toshiba\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/12/07 12:37:50 | 000,000,000 | RHS- | C] () -- C:\Windows\SysWow64\drivers\TOSHIBA_Satellite L755_15158-AR_PSK2YE-0M302.MRK
[2011/11/01 15:59:23 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2011/11/01 15:59:13 | 000,002,041 | ---- | C] () -- C:\Users\Public\Desktop\Manual.lnk
[2011/11/01 15:42:16 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2011/11/01 15:20:43 | 000,007,621 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2011/11/01 15:19:26 | 000,008,192 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2011/11/01 15:15:16 | 522,604,543 | -HS- | C] () -- C:\hiberfil.sys
[2011/02/03 21:56:58 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll

========== LOP Check ==========

[2011/12/07 20:01:22 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2012/04/18 12:18:04 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\SoftGrid Client
[2012/02/22 00:00:21 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Toshiba
[2012/02/21 18:57:40 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\TOSHIBA Online Product Information
[2012/01/01 16:50:10 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\TP
[2012/02/20 17:16:38 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\WinBatch
[2012/04/20 23:41:56 | 000,032,552 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011/02/26 08:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 09:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 09:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 09:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 06:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 08:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 08:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 06:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 04:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2011/03/01 11:10:51 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=635455A95EB8EC47AC72142E501465ED -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.21671_none_14271b75353e4391\svchost.exe
[2011/03/01 11:07:49 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=6F68F63794097E54F36474ED4384B759 -- C:\Windows\SysNative\svchost.exe
[2011/03/01 11:07:49 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=6F68F63794097E54F36474ED4384B759 -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.17568_none_13af509c1c123937\svchost.exe
[2011/03/01 11:07:49 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=A91A288C91F9D9F1CFA4FAA9893C4D55 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.21671_none_b8087ff17ce0d25b\svchost.exe
[2009/07/14 04:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
[2011/03/01 11:05:31 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=ECDB182F885292145826C58252B53000 -- C:\Windows\SysWOW64\svchost.exe
[2011/03/01 11:05:31 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=ECDB182F885292145826C58252B53000 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.17568_none_b790b51863b4c801\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/21 06:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 06:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 06:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 06:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/21 06:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 06:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2012/04/12 10:37:36 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2012/04/12 10:37:36 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/04/12 10:37:36 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2012/04/12 10:37:36 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/08/03 12:57:18 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/08/03 12:57:18 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/08/03 12:57:18 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2011/08/03 12:57:18 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2011/08/03 12:57:18 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Safari\Safari.exe" /reinstall [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /hideicons [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /showicons [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files (x86)\Safari\Safari.exe" [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2012/04/12 10:37:36 | 001,224,176 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2012/04/12 10:37:36 | 001,224,176 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2012/04/12 10:37:36 | 001,224,176 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2012/04/12 10:37:36 | 001,224,176 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011/08/03 12:57:18 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011/08/03 12:57:18 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011/08/03 12:57:18 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2011/08/03 12:57:18 | 000,748,336 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2011/08/03 12:57:18 | 000,748,336 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /REINSTALL [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /HIDEICONS [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /SHOWICONS [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.)

< End of report >


EXTRAS.TXT
OTL Extras logfile created on: 4/26/2012 12:39:54 AM - Run 1
OTL by OldTimer - Version 3.2.42.0 Folder = C:\Users\Toshiba\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.98 Gb Total Physical Memory | 3.40 Gb Available Physical Memory | 56.78% Memory free
11.96 Gb Paging File | 9.15 Gb Available in Paging File | 76.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 348.61 Gb Total Space | 305.49 Gb Free Space | 87.63% Space Free | Partition Type: NTFS
Drive D: | 349.64 Gb Total Space | 335.83 Gb Free Space | 96.05% Space Free | Partition Type: NTFS
Drive E: | 82.91 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: TOSHIBA-TOSH | User Name: Toshiba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 180 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1861668113-2035247836-3707625544-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{43DBC64B-3DD1-47E2-8788-D3C3B110C574}" = TOSHIBA Bulletin Board
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{65486209-5C54-439C-8383-8AC9BBE25932}" = Atheros Bluetooth Filter Driver Package
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8B485965-8EFE-464A-842F-CF8F18C3DFD7}" = iCloud
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 268.57
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 268.57
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 268.57
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.23.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}" = TOSHIBA Hardware Setup
"{CBD6B23D-41D5-4A46-8019-6208516C9712}" = TOSHIBA Supervisor Password
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02FCAA8F-59D3-4198-822E-135C61EE4F0B}" = NeroKwikMedia Help (CHM)
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{07035AB3-5C70-3315-35A9-CFFECA140880}" = BBC iPlayer Desktop
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F7D9F37-C39C-486C-BDF8-8F440FFB3352}" = Nero Kwik Media
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2063D199-D79F-471A-9019-9E647296394D}" = Nero Multimedia Suite 10 Essentials
"{2290A680-4083-410A-ADCC-7092C67FC052}" = TOSHIBA Online Product Information
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{241E7104-937A-4366-AD57-8FDDDB003939}" = Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 20
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2C303EE0-A595-3543-A71A-931C7AC40EDE}" = Microsoft Primary Interoperability Assemblies 2005
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{443B561F-DE1B-4DEF-ADD9-484B684653C7}" = Windows Live Messenger
"{461F6F0D-7173-4902-9604-AB1A29108AF2}" = TOSHIBA Places Icon Utility
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{58CB9A9A-1EFB-4EA8-B50C-3097E754AC21}" = High-Definition Video Playback
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{654F7484-88C5-46DC-AB32-C66BCB0E2102}" = TOSHIBA Sleep Utility
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6D172D0A-B9F1-4046-AFAB-8599288545BF}" = Safari
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba" = WildTangent Games App (Toshiba Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78DBE8CE-61F6-4D6C-806C-A0FFF65F5E1D}" = Windows Live Messenger
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = Toshiba Manuals
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.3) MUI
"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}" = TOSHIBA Assist
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CDADE9BC-612C-42B8-B929-5C6A823E7FF9}" = TOSHIBA Wireless LAN Indicator
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5AEEAA2-184E-4A2A-BAA3-6225EA4B9516}" = TOSHIBA ConfigFree
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E18B30AA-6E2D-480C-B918-AF61009F4010}" = عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F082CB11-4794-4259-99A1-D91BA762AD15}" = TOSHIBA TEMPRO
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"Adobe AIR" = Adobe AIR
"BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1" = BBC iPlayer Desktop
"Google Chrome" = Google Chrome
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"InstallShield_{43DBC64B-3DD1-47E2-8788-D3C3B110C574}" = TOSHIBA Bulletin Board
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}" = TOSHIBA Hardware Setup
"InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}" = TOSHIBA Supervisor Password
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"MSC" = McAfee Internet Security
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"WildTangent toshiba Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"WTA-16320503-2a70-46ed-a7bc-a0a70fec690f" = Wedding Dash 2 - Rings Around the World
"WTA-1ca3e216-095f-4126-808d-1c67f171c6d2" = Zuma Deluxe
"WTA-2770ed66-c48a-4579-9e3e-53f21c3f3cad" = Diner Dash 2 Restaurant Rescue
"WTA-437b8b20-2048-4f54-982c-c0c5af0ba4c3" = Penguins!
"WTA-5ada7e1f-82f9-4f17-b7bd-c5d127a614a4" = Insaniquarium Deluxe
"WTA-762800e6-32f8-42eb-8515-28488523cfef" = Bejeweled 2 Deluxe
"WTA-89be1bed-a478-430b-a05c-a628d6507473" = Slingo Deluxe
"WTA-8d78ed6a-16b5-4564-bb44-08294988e845" = Chuzzle Deluxe
"WTA-a9cc7b98-c8fe-4292-b3aa-1adc77270b4b" = FATE
"WTA-b46daead-2810-4a1f-baf8-a925b5772436" = Bejeweled 3
"WTA-de9647da-e2d9-48dc-9620-8136e41f9413" = Chicken Invaders 3 - Revenge of the Yolk
"WTA-e7277489-2757-45e1-bbad-1a3680c97916" = Final Drive: Nitro
"WTA-e7cf0314-8ea6-46e7-be7a-c94b2824aea7" = Polar Bowler
"WTA-f4d2c191-df5f-46c2-98b0-ef5dcbd4e420" = Plants vs. Zombies - Game of the Year

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/11/2012 7:52:51 AM | Computer Name = Toshiba-TOSH | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3011

Error - 4/11/2012 7:52:52 AM | Computer Name = Toshiba-TOSH | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 4/11/2012 7:52:52 AM | Computer Name = Toshiba-TOSH | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4009

Error - 4/11/2012 7:52:52 AM | Computer Name = Toshiba-TOSH | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4009

Error - 4/11/2012 7:52:53 AM | Computer Name = Toshiba-TOSH | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 4/11/2012 7:52:53 AM | Computer Name = Toshiba-TOSH | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5023

Error - 4/11/2012 7:52:53 AM | Computer Name = Toshiba-TOSH | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5023

Error - 4/12/2012 5:00:34 AM | Computer Name = Toshiba-TOSH | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 4/12/2012 5:00:34 AM | Computer Name = Toshiba-TOSH | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 76066571

Error - 4/12/2012 5:00:34 AM | Computer Name = Toshiba-TOSH | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 76066571

[ System Events ]
Error - 4/14/2012 2:10:40 AM | Computer Name = Toshiba-TOSH | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2

Error - 4/14/2012 3:18:01 AM | Computer Name = Toshiba-TOSH | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2

Error - 4/14/2012 3:58:01 AM | Computer Name = Toshiba-TOSH | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2

Error - 4/14/2012 4:02:52 AM | Computer Name = Toshiba-TOSH | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2

Error - 4/14/2012 4:38:02 AM | Computer Name = Toshiba-TOSH | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2

Error - 4/14/2012 5:23:03 AM | Computer Name = Toshiba-TOSH | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2

Error - 4/14/2012 6:03:04 AM | Computer Name = Toshiba-TOSH | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2

Error - 4/14/2012 6:23:34 AM | Computer Name = Toshiba-TOSH | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2

Error - 4/14/2012 6:24:54 AM | Computer Name = Toshiba-TOSH | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2

Error - 4/14/2012 6:25:04 AM | Computer Name = Toshiba-TOSH | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2


< End of report >


Attached File  aswMBR.txt   1.74KB   56 downloads
Attached File  Extras.Txt   51.7KB   58 downloads
Attached File  OTL.Txt   196.57KB   50 downloads

Edited by sassa, 27 April 2012 - 04:48 AM.

  • 0

Advertisements


#2
sassa

sassa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
i couldnt do it from internet explorer and hotmail was opened from google chrome plz help me urgently thanx

Edited by sassa, 28 April 2012 - 06:21 AM.

  • 0

#3
sassa

sassa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
hey guys im still waiting for the answer thanking u in advance for ur support
regards
  • 0

#4
sassa

sassa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
Hello Geekstogo,
plz i need ur assistance and help ...
Somehow something happened to my laptop as any hotmail from any browser i open gives me this message: you cant proxy across different domains
i did the necessary otl and aswMBR.exe as i read in a similar post but it seems my system 32 is locked
please help me
thanx and the resultsare:
aswMBR.exe result:


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-26 00:20:40
-----------------------------
00:20:40.172 OS Version: Windows x64 6.1.7601 Service Pack 1
00:20:40.173 Number of processors: 8 586 0x2A07
00:20:40.173 ComputerName: TOSHIBA-TOSH UserName: Toshiba
00:20:41.655 Initialize success
00:20:52.292 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
00:20:52.294 Disk 0 Vendor: TOSHIBA_ GT00 Size: 715404MB BusType: 3
00:20:52.297 Disk 0 MBR read successfully
00:20:52.299 Disk 0 MBR scan
00:20:52.301 Disk 0 Windows 7 default MBR code
00:20:52.308 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 399 MB offset 2048
00:20:52.322 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 356974 MB offset 819200
00:20:52.349 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 358030 MB offset 731901952
00:20:52.378 Disk 0 scanning C:\Windows\system32\drivers
00:20:58.052 Service scanning
00:21:08.249 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
00:21:22.985 Modules scanning
00:21:23.004 Disk 0 trace - called modules:
00:21:23.135 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
00:21:23.156 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8008265060]
00:21:23.176 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8006655050]
00:21:23.210 Scan finished successfully
00:22:17.782 Verifying
00:22:27.861 Disk 0 Windows 601 MBR fixed successfully
00:22:40.804 Disk 0 MBR has been saved successfully to "C:\Users\Toshiba\Documents\MBR.dat"
00:22:40.807 The log file has been saved successfully to "C:\Users\Toshiba\Documents\aswMBR.txt"


whereas OTL result is:

NOTEPAD:

OTL logfile created on: 4/26/2012 12:39:54 AM - Run 1
OTL by OldTimer - Version 3.2.42.0 Folder = C:\Users\Toshiba\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.98 Gb Total Physical Memory | 3.40 Gb Available Physical Memory | 56.78% Memory free
11.96 Gb Paging File | 9.15 Gb Available in Paging File | 76.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 348.61 Gb Total Space | 305.49 Gb Free Space | 87.63% Space Free | Partition Type: NTFS
Drive D: | 349.64 Gb Total Space | 335.83 Gb Free Space | 96.05% Space Free | Partition Type: NTFS
Drive E: | 82.91 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: TOSHIBA-TOSH | User Name: Toshiba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 180 Days

========== Processes (SafeList) ==========

PRC - [2012/04/26 00:22:58 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Toshiba\Downloads\OTL.exe
PRC - [2012/04/12 10:37:36 | 001,224,176 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012/02/23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
PRC - [2012/01/03 05:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/05/11 20:49:32 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/03/29 16:33:08 | 000,598,312 | ---- | M] (Nero AG) -- c:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2010/12/20 20:30:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/12/20 20:30:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/02/28 05:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
PRC - [2009/07/22 15:40:00 | 000,083,336 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
PRC - [2009/03/10 20:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe


========== Modules (No Company Name) ==========

MOD - [2012/04/12 10:37:34 | 000,444,400 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\ppgooglenaclpluginchrome.dll
MOD - [2012/04/12 10:37:33 | 003,915,248 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\pdf.dll
MOD - [2012/04/12 10:36:18 | 000,544,240 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\libglesv2.dll
MOD - [2012/04/12 10:36:17 | 000,117,744 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\libegl.dll
MOD - [2012/04/12 10:36:08 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\avutil-51.dll
MOD - [2012/04/12 10:36:06 | 000,220,672 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\avformat-53.dll
MOD - [2012/04/12 10:36:05 | 001,747,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\avcodec-53.dll
MOD - [2012/04/12 09:51:55 | 008,743,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
MOD - [2011/11/01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/02/28 05:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE


========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe /McCoreSvc -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2011/12/06 17:25:40 | 000,161,168 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2011/12/06 17:16:02 | 000,208,536 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2011/07/01 13:46:14 | 000,828,856 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2011/04/27 17:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011/04/27 17:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/03/02 17:36:16 | 000,266,680 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2010/12/09 19:45:26 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2010/12/08 17:42:54 | 000,137,632 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2010/10/20 16:41:00 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/14 04:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/04/20 23:44:20 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/02/29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/01/03 05:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/05/11 20:49:32 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/03/29 16:33:08 | 000,598,312 | ---- | M] (Nero AG) [Auto | Running] -- c:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) @c:\Program Files (x86)
SRV - [2011/02/10 10:25:36 | 000,112,080 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)
SRV - [2010/12/20 20:30:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/12/20 20:30:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/11/29 16:58:30 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/10/12 20:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/04/12 12:45:00 | 000,196,976 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/28 18:44:40 | 000,249,200 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2009/06/11 00:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/10 20:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/01 09:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/15 12:16:16 | 000,647,080 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2011/10/15 12:16:16 | 000,284,648 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2011/10/15 12:16:16 | 000,229,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2011/10/15 12:16:16 | 000,075,808 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2011/10/15 12:16:16 | 000,065,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2011/10/01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/08/02 17:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/07/08 19:06:08 | 000,307,304 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2011/05/10 19:41:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/04/27 15:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011/03/11 09:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 09:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/08 21:07:00 | 000,038,096 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2011/02/03 21:59:06 | 001,413,680 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/01/27 17:27:04 | 000,067,384 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfusb.sys -- (Tosrfusb)
DRV:64bit: - [2011/01/27 14:34:12 | 001,577,088 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2011/01/12 19:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/12/17 21:46:46 | 002,675,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/12/10 15:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/12/10 15:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/12/01 18:12:06 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/11/21 06:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 06:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 06:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/08 14:44:40 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/10/19 18:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010/10/18 16:14:02 | 000,042,096 | R--- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2010/06/18 18:45:00 | 000,018,872 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfec.sys -- (tosrfec)
DRV:64bit: - [2009/07/30 22:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/14 04:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 04:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 04:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/19 21:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/15 14:58:50 | 000,012,800 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\QIOMem.sys -- (QIOMem)
DRV:64bit: - [2009/06/11 00:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/11 00:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/11 00:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 23:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 23:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 23:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 23:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/07/14 04:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1861668113-2035247836-3707625544-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=TEUA&bmod=TEUA
IE - HKU\S-1-5-21-1861668113-2035247836-3707625544-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.sa/
IE - HKU\S-1-5-21-1861668113-2035247836-3707625544-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-1861668113-2035247836-3707625544-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1861668113-2035247836-3707625544-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7TEUA_enSA461
IE - HKU\S-1-5-21-1861668113-2035247836-3707625544-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1861668113-2035247836-3707625544-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/02/28 15:45:40 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U20 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - Extension: SiteAdvisor = C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\

O1 HOSTS File: ([2009/06/11 00:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-1861668113-2035247836-3707625544-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant systems, Inc.)
O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [NBAgent] c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe (TOSHIBA)
O4 - HKU\.DEFAULT..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-18..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-21-1861668113-2035247836-3707625544-1000..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKU\S-1-5-21-1861668113-2035247836-3707625544-1000..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe (TOSHIBA)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk = C:\Program Files (x86)\BBC iPlayer Desktop\BBC iPlayer Desktop.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8:64bit: - Extra context menu item: Add to TOSHIBA Bulletin Board - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O8 - Extra context menu item: Add to TOSHIBA Bulletin Board - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O9:64bit: - Extra Button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom64.dll (TODO: <会社名>)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom64.dll (TODO: <会社名>)
O9 - Extra Button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O9 - Extra 'Tools' menuitem : @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{58E04B8C-7262-4B15-9283-D716421EDB1F}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BFFF8AD4-A82B-458C-8709-85D1DE6C2357}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/03/12 18:19:10 | 000,000,044 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{7e3aa425-0484-11e1-a7fa-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{7e3aa425-0484-11e1-a7fa-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -- [2008/03/12 18:19:10 | 000,217,187 | R--- | M] (THOMSON Telecom Belgium)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 180 Days ==========

[2012/04/25 17:27:15 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\Desktop\CV
[2012/04/23 13:53:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/04/23 13:53:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/04/23 11:54:05 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{C4824836-FA80-4634-AA29-CAFE0319A7A0}
[2012/04/22 23:53:41 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{6E2A59A2-7A70-466F-9421-3F7627E66F89}
[2012/04/22 11:53:15 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{480A257F-02AB-4E3F-83F1-3BEB1948AF66}
[2012/04/21 23:52:51 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{CEE59D3F-058F-4FD2-8AB0-1B75FD348C25}
[2012/04/21 11:43:50 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{8A7BAFDA-AFFF-4997-80BC-3A8B98EFDA84}
[2012/04/20 23:44:20 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/04/20 23:44:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/04/20 23:43:18 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{3B58691B-F67A-4C51-B45D-A5373B09EDB6}
[2012/04/20 23:43:07 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{7E685F98-A34C-42E9-8A91-A45348CBDC87}
[2012/04/18 12:56:45 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{5EE94C51-F181-4169-8497-56916F81179A}
[2012/04/18 12:56:35 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{28864D65-EA55-49D5-A420-EC27E4318721}
[2012/04/18 12:27:03 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012/04/18 12:26:16 | 000,000,000 | ---D | C] -- C:\Windows\ar
[2012/04/18 12:26:14 | 000,000,000 | ---D | C] -- C:\Windows\fr
[2012/04/18 12:26:08 | 000,000,000 | ---D | C] -- C:\Windows\tr
[2012/04/18 12:20:30 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{C3D96398-BAAE-44BA-9721-F934FA41D752}
[2012/04/18 12:20:17 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{E5867A72-61F5-4F47-AA33-E3860118F828}
[2012/04/14 03:22:57 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{78C75A20-C526-4D05-8173-656596D7A5D1}
[2012/04/14 03:02:14 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/04/14 03:02:14 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/04/14 03:02:13 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/04/14 03:02:13 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/04/14 03:02:12 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/04/14 03:02:12 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/04/14 03:02:12 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/04/14 03:02:11 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/04/14 03:02:11 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/04/14 03:02:11 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/04/14 03:02:11 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/04/14 03:01:53 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/04/14 03:01:53 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/04/14 03:01:53 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/04/14 03:00:25 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/04/14 03:00:25 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/04/14 03:00:23 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/04/13 22:43:01 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\ElevatedDiagnostics
[2012/04/07 16:37:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/04/07 16:36:27 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/04/07 16:36:26 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/04/07 16:36:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/03/29 18:54:31 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{FF1A45C1-3C5E-4D32-9C36-5874E20372C9}
[2012/03/25 16:33:05 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\Desktop\New folder
[2012/03/24 23:14:59 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\Windows Live
[2012/03/24 23:14:59 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{1F051DDE-0A0B-40D7-AEC1-FAED98A16A16}
[2012/03/24 23:14:49 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{DAFF7997-A68F-4437-AAFF-60AE292903AA}
[2012/03/24 23:14:49 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{D675B993-52CE-4BBA-B54C-6F2AB8EE7C15}
[2012/03/24 23:14:36 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\Tracing
[2012/03/24 16:47:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012/03/24 16:46:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/03/24 14:32:08 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012/03/24 11:51:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Safari
[2012/03/24 11:35:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/03/24 11:35:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012/03/17 13:45:07 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\Desktop\livre
[2012/03/17 12:35:23 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/03/17 12:34:38 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/03/17 12:34:38 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/03/17 12:34:36 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/03/17 12:34:36 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/03/17 12:34:36 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/03/17 12:30:41 | 000,070,304 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/03/08 18:37:20 | 000,302,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[2012/02/26 10:34:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BBC iPlayer Desktop
[2012/02/21 23:57:07 | 000,000,000 | ---D | C] -- C:\ProgramData\TOSHIBA Tempro
[2012/02/21 23:57:07 | 000,000,000 | ---D | C] -- C:\ProgramData\IsolatedStorage
[2012/02/21 13:05:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012/02/21 12:49:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/02/21 12:49:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/02/21 00:43:45 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2012/02/21 00:43:43 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012/02/21 00:43:43 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012/02/21 00:43:43 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012/02/21 00:43:43 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012/02/21 00:43:42 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012/02/21 00:43:42 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012/02/21 00:43:42 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012/02/21 00:43:41 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012/02/21 00:43:40 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012/02/21 00:43:36 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012/02/21 00:43:36 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012/02/21 00:43:34 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/02/21 00:43:33 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/02/21 00:43:33 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/02/21 00:43:33 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/02/21 00:43:29 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/02/21 00:43:26 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2012/02/21 00:43:26 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2012/02/21 00:43:26 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2012/02/21 00:43:25 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2012/02/21 00:43:25 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2012/02/21 00:43:24 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2012/02/21 00:43:23 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2012/02/21 00:43:23 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2012/02/21 00:43:23 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2012/02/21 00:43:23 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2012/02/21 00:43:22 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2012/02/21 00:43:22 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2012/02/21 00:43:21 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2012/02/21 00:43:18 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/02/21 00:43:17 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/02/21 00:43:17 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/02/21 00:43:17 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/02/21 00:43:17 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/02/21 00:43:17 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/02/21 00:43:15 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012/02/21 00:43:13 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/02/21 00:43:12 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/02/21 00:43:07 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012/02/21 00:43:06 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/02/21 00:32:54 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Apple Computer
[2012/02/21 00:32:54 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\Apple Computer
[2012/02/21 00:32:47 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2012/02/21 00:32:47 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2012/02/21 00:32:47 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2012/02/21 00:32:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2012/02/21 00:31:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012/02/21 00:31:58 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012/02/21 00:31:14 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\Apple
[2012/02/21 00:31:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012/02/21 00:30:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012/02/21 00:30:28 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012/02/21 00:30:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012/02/21 00:29:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012/02/21 00:29:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012/02/21 00:19:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Toshiba
[2012/02/20 18:52:34 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/02/20 18:52:34 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/02/20 18:52:34 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/02/20 18:52:34 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/02/20 18:52:34 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/02/20 18:52:33 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/02/20 18:52:33 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/02/20 18:52:33 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/02/20 18:52:33 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/02/20 18:52:33 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/02/20 18:52:33 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/02/20 18:52:33 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/02/20 18:52:33 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/02/20 18:52:33 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/02/20 18:52:33 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/02/20 18:52:33 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/02/20 18:52:33 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/02/20 18:52:33 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/02/20 18:52:33 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/02/20 18:52:33 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/02/20 18:52:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/02/20 18:52:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/02/20 18:52:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/02/20 18:52:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/02/20 18:52:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/02/20 18:52:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/02/20 18:52:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/02/20 18:52:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/02/20 18:52:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/02/20 18:52:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/02/20 18:52:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/02/20 18:52:19 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012/02/20 18:52:19 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012/02/20 18:52:14 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/02/20 18:52:11 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012/02/20 18:52:11 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012/02/20 18:52:10 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012/02/20 18:52:10 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012/02/20 18:52:04 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/02/20 18:51:35 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012/02/20 18:51:35 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012/02/20 18:51:35 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012/02/20 18:51:35 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012/02/20 18:24:40 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Skype
[2012/02/20 17:18:25 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Nero
[2012/02/20 17:16:38 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\WinBatch
[2012/02/19 14:10:21 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\Diagnostics
[2012/02/16 13:08:04 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/02/16 13:08:04 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/02/16 12:24:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Wild Tangent
[2012/02/16 11:37:20 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\TOSHIBA Online Product Information
[2012/01/01 19:02:08 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications
[2012/01/01 16:50:03 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\SoftGrid Client
[2012/01/01 16:50:03 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\SoftGrid Client
[2012/01/01 16:49:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)
[2012/01/01 16:49:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012/01/01 16:49:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/01/01 16:49:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Application Virtualization Client
[2012/01/01 16:49:12 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\TP
[2011/12/20 20:10:46 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\Nero_AG
[2011/12/20 20:10:28 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\Nero
[2011/12/07 23:30:23 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Google
[2011/12/07 20:01:28 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\Google
[2011/12/07 20:01:22 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2011/12/07 14:13:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay
[2011/12/07 14:13:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2011/12/07 14:13:25 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Macromedia
[2011/12/07 14:13:24 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\Adobe
[2011/12/07 14:13:23 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Adobe
[2011/12/07 14:13:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon
[2011/12/07 14:13:12 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Toshiba
[2011/12/07 14:12:48 | 000,000,000 | R--D | C] -- C:\Users\Toshiba\Searches
[2011/12/07 14:12:48 | 000,000,000 | R--D | C] -- C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/12/07 14:12:48 | 000,000,000 | -H-D | C] -- C:\Users\Toshiba\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2011/12/07 14:12:41 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Identities
[2011/12/07 14:12:39 | 000,000,000 | R--D | C] -- C:\Users\Toshiba\Contacts
[2011/12/07 14:12:37 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\VirtualStore
[2011/12/07 13:54:39 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\Toshiba
[2011/12/07 13:49:00 | 000,000,000 | ---D | C] -- C:\ProgramData\ToshibaEurope
[2011/12/07 13:48:37 | 000,000,000 | --SD | C] -- C:\Users\Toshiba\AppData\Roaming\Microsoft
[2011/12/07 13:48:37 | 000,000,000 | R--D | C] -- C:\Users\Toshiba\Videos
[2011/12/07 13:48:37 | 000,000,000 | R--D | C] -- C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/12/07 13:48:37 | 000,000,000 | R--D | C] -- C:\Users\Toshiba\Saved Games
[2011/12/07 13:48:37 | 000,000,000 | R--D | C] -- C:\Users\Toshiba\Pictures
[2011/12/07 13:48:37 | 000,000,000 | R--D | C] -- C:\Users\Toshiba\Music
[2011/12/07 13:48:37 | 000,000,000 | R--D | C] -- C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/12/07 13:48:37 | 000,000,000 | R--D | C] -- C:\Users\Toshiba\Links
[2011/12/07 13:48:37 | 000,000,000 | R--D | C] -- C:\Users\Toshiba\Favorites
[2011/12/07 13:48:37 | 000,000,000 | R--D | C] -- C:\Users\Toshiba\Downloads
[2011/12/07 13:48:37 | 000,000,000 | R--D | C] -- C:\Users\Toshiba\Documents
[2011/12/07 13:48:37 | 000,000,000 | R--D | C] -- C:\Users\Toshiba\Desktop
[2011/12/07 13:48:37 | 000,000,000 | R--D | C] -- C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/12/07 13:48:37 | 000,000,000 | -HSD | C] -- C:\Users\Toshiba\AppData\Local\Temporary Internet Files
[2011/12/07 13:48:37 | 000,000,000 | -HSD | C] -- C:\Users\Toshiba\Templates
[2011/12/07 13:48:37 | 000,000,000 | -HSD | C] -- C:\Users\Toshiba\Start Menu
[2011/12/07 13:48:37 | 000,000,000 | -HSD | C] -- C:\Users\Toshiba\SendTo
[2011/12/07 13:48:37 | 000,000,000 | -HSD | C] -- C:\Users\Toshiba\Recent
[2011/12/07 13:48:37 | 000,000,000 | -HSD | C] -- C:\Users\Toshiba\PrintHood
[2011/12/07 13:48:37 | 000,000,000 | -HSD | C] -- C:\Users\Toshiba\NetHood
[2011/12/07 13:48:37 | 000,000,000 | -HSD | C] -- C:\Users\Toshiba\Documents\My Videos
[2011/12/07 13:48:37 | 000,000,000 | -HSD | C] -- C:\Users\Toshiba\Documents\My Pictures
[2011/12/07 13:48:37 | 000,000,000 | -HSD | C] -- C:\Users\Toshiba\Documents\My Music
[2011/12/07 13:48:37 | 000,000,000 | -HSD | C] -- C:\Users\Toshiba\My Documents
[2011/12/07 13:48:37 | 000,000,000 | -HSD | C] -- C:\Users\Toshiba\Local Settings
[2011/12/07 13:48:37 | 000,000,000 | -HSD | C] -- C:\Users\Toshiba\AppData\Local\History
[2011/12/07 13:48:37 | 000,000,000 | -HSD | C] -- C:\Users\Toshiba\Cookies
[2011/12/07 13:48:37 | 000,000,000 | -HSD | C] -- C:\Users\Toshiba\Application Data
[2011/12/07 13:48:37 | 000,000,000 | -HSD | C] -- C:\Users\Toshiba\AppData\Local\Application Data
[2011/12/07 13:48:37 | 000,000,000 | -H-D | C] -- C:\Users\Toshiba\AppData
[2011/12/07 13:48:37 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\Temp
[2011/12/07 13:48:37 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\Microsoft
[2011/12/07 13:48:37 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Media Center Programs
[2011/11/01 16:01:15 | 000,000,000 | ---D | C] -- C:\Windows\OemDrv
[2011/11/01 15:58:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2011/11/01 15:55:04 | 000,038,096 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\drivers\PGEffect.sys
[2011/11/01 15:49:18 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2011/11/01 15:45:36 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sda
[2011/11/01 15:45:32 | 009,888,360 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysWow64\RtsUStoricon.dll
[2011/11/01 15:45:32 | 000,422,504 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtsUStor.dll
[2011/11/01 15:45:32 | 000,307,304 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\rtsuvstor.sys
[2011/11/01 15:45:32 | 000,250,984 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtsUStor.sys
[2011/11/01 15:45:32 | 000,018,024 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\rtcrfilt64.sys
[2011/11/01 15:45:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2011/11/01 15:45:03 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Atheros_L1e
[2011/11/01 15:44:25 | 000,040,832 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\SysNative\drivers\TosBtCi.dll
[2011/11/01 15:43:37 | 000,042,096 | R--- | C] (Atheros) -- C:\Windows\SysNative\drivers\btfilter.sys
[2011/11/01 15:43:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TOH Class Filter
[2011/11/01 15:42:15 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2011/11/01 15:41:57 | 000,827,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100.dll
[2011/11/01 15:41:57 | 000,607,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp100.dll
[2011/11/01 15:41:57 | 000,099,320 | ---- | C] (TOSHIBA CORPORATION) -- C:\Windows\SysNative\tosWirelessLANIndicatorCP.dll
[2011/11/01 15:38:26 | 002,675,712 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2011/11/01 15:38:26 | 000,000,000 | ---D | C] -- C:\Windows\Options
[2011/11/01 15:38:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\nn-NO
[2011/11/01 15:38:25 | 000,443,040 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvs.dll
[2011/11/01 15:38:25 | 000,063,648 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvui.dll
[2011/11/01 15:38:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atheros
[2011/11/01 15:38:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2011/11/01 15:31:53 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2011/11/01 15:30:02 | 001,426,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco642040.dll
[2011/11/01 15:30:02 | 000,174,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2011/11/01 15:30:02 | 000,029,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2011/11/01 15:29:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Renesas Electronics
[2011/11/01 15:29:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2011/11/01 15:25:43 | 000,024,576 | ---- | C] (Toshiba) -- C:\Windows\SysWow64\TSCI.dll
[2011/11/01 15:25:43 | 000,024,576 | ---- | C] (Toshiba) -- C:\Windows\SysWow64\THCI.dll
[2011/11/01 15:24:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2011/11/01 15:23:53 | 000,439,320 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys
[2011/11/01 15:21:43 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011/11/01 15:21:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2011/11/01 15:21:00 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2011/11/01 15:20:43 | 020,460,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2011/11/01 15:20:43 | 018,580,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2011/11/01 15:20:43 | 015,051,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2011/11/01 15:20:43 | 013,011,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2011/11/01 15:20:43 | 012,840,552 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2011/11/01 15:20:43 | 010,059,880 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2011/11/01 15:20:43 | 008,106,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2011/11/01 15:20:43 | 006,597,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2011/11/01 15:20:43 | 006,029,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2011/11/01 15:20:43 | 004,936,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2011/11/01 15:20:43 | 003,182,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2011/11/01 15:20:43 | 002,954,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2011/11/01 15:20:43 | 002,871,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2011/11/01 15:20:43 | 002,579,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2011/11/01 15:20:43 | 002,206,824 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2011/11/01 15:20:43 | 001,969,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2011/11/01 15:20:43 | 001,625,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6420140.dll
[2011/11/01 15:20:43 | 001,368,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco642050.dll
[2011/11/01 15:20:43 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011/11/01 15:20:43 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011/11/01 15:20:43 | 000,011,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd
[2011/11/01 15:20:34 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011/11/01 15:20:29 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2011/11/01 15:19:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2011/11/01 15:18:27 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

========== Files - Modified Within 180 Days ==========

[2012/04/26 00:22:40 | 000,000,512 | ---- | M] () -- C:\Users\Toshiba\Documents\MBR.dat
[2012/04/26 00:09:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/25 23:54:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/04/25 18:09:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/25 14:54:51 | 000,015,508 | ---- | M] () -- C:\Users\Toshiba\Desktop\lol.jpg
[2012/04/24 14:06:26 | 000,747,590 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/04/24 14:06:26 | 000,639,174 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/04/24 14:06:26 | 000,111,932 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/04/24 14:05:33 | 000,110,992 | ---- | M] () -- C:\Users\Toshiba\Desktop\581390_10150669526080756_710895755_9727010_1943381955_n.jpg
[2012/04/24 14:04:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/22 17:49:41 | 009,473,591 | ---- | M] () -- C:\Users\Toshiba\Desktop\april2012_14th_issue_flyer.pdf
[2012/04/22 15:06:23 | 000,069,511 | ---- | M] () -- C:\Users\Toshiba\Desktop\rorito.jpg
[2012/04/22 00:07:34 | 000,025,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/22 00:07:34 | 000,025,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/21 00:37:46 | 000,381,258 | ---- | M] () -- C:\Users\Toshiba\Desktop\P2-HCG-Gourmet-Cookbook.pdf
[2012/04/21 00:31:22 | 001,274,044 | ---- | M] () -- C:\Users\Toshiba\Desktop\HCG-ebook-preview.pdf
[2012/04/20 23:44:20 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/04/20 23:44:20 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/04/20 23:42:47 | 000,001,100 | ---- | M] () -- C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk
[2012/04/20 23:41:48 | 522,604,543 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/14 04:10:00 | 000,002,343 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/04/14 03:34:46 | 000,002,026 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/04/07 16:39:43 | 000,002,515 | ---- | M] () -- C:\Users\Toshiba\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2012/04/07 16:39:43 | 000,002,491 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2012/04/07 16:37:24 | 000,001,790 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/03/28 18:49:25 | 000,002,748 | ---- | M] () -- C:\Users\Public\Desktop\WildTangent Games App - toshiba.lnk
[2012/03/24 16:47:35 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/03/24 16:47:01 | 000,761,436 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/03/24 14:54:32 | 000,191,573 | ---- | M] () -- C:\Users\Toshiba\Desktop\Formulaire_candidature_contrat_local.pdf
[2012/03/24 14:54:19 | 000,067,483 | ---- | M] () -- C:\Users\Toshiba\Desktop\Recrut_Contr_Local_pieces_a_fournir.pdf
[2012/03/24 11:46:23 | 000,000,628 | ---- | M] () -- C:\Windows\SysNative\mapisvc.inf
[2012/03/24 11:35:27 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/03/17 13:53:27 | 000,274,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/03/08 18:37:20 | 000,302,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[2012/03/06 09:53:37 | 005,559,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/03/06 08:59:47 | 003,968,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/03/06 08:59:41 | 003,913,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/03/01 09:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/03/01 09:38:27 | 000,220,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/03/01 09:33:50 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/02/28 09:56:48 | 002,311,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/02/28 09:48:57 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/02/28 09:48:36 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/02/28 09:45:47 | 000,818,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/02/28 09:43:16 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/02/28 09:39:50 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/02/28 04:11:21 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/02/28 04:09:51 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/02/28 04:06:48 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/02/28 04:03:31 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/02/28 03:59:59 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/02/26 10:34:34 | 000,000,988 | ---- | M] () -- C:\Users\Public\Desktop\BBC iPlayer Desktop.lnk
[2012/02/21 00:35:23 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/02/20 19:16:44 | 000,002,242 | ---- | M] () -- C:\Users\Toshiba\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/02/20 17:16:49 | 000,001,006 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Toshiba Places Icon Utility.lnk
[2012/02/17 09:38:26 | 001,031,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/02/17 08:34:22 | 000,826,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/02/16 12:04:27 | 000,000,355 | ---- | M] () -- C:\Users\Toshiba\Desktop\Computer.lnk
[2012/02/10 09:36:07 | 001,544,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/02/08 22:35:02 | 030,809,792 | ---- | M] () -- C:\Users\Toshiba\Desktop\BlackBerry Bold 9700 (220C4D55) (February 8, 2012) SARAH.ipd
[2012/01/25 09:38:39 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/01/25 09:38:38 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/01/25 09:33:30 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/01/04 13:44:20 | 000,509,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2011/12/30 09:26:08 | 000,515,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2011/12/30 08:27:56 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2011/12/16 11:46:06 | 000,634,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2011/12/07 23:30:16 | 000,001,448 | ---- | M] () -- C:\Users\Toshiba\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/12/07 14:13:35 | 000,000,514 | ---- | M] () -- C:\Users\Public\Desktop\eBay.lnk
[2011/12/07 14:13:35 | 000,000,420 | ---- | M] () -- C:\Users\Public\Desktop\Toshiba Places.lnk
[2011/12/07 12:47:12 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011/12/07 12:47:12 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011/12/07 12:37:50 | 000,000,000 | RHS- | M] () -- C:\Windows\SysWow64\drivers\TOSHIBA_Satellite L755_15158-AR_PSK2YE-0M302.MRK
[2011/12/06 17:25:40 | 000,161,168 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\mfevtps.exe
[2011/11/19 17:58:00 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2011/11/19 17:01:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2011/11/17 09:41:18 | 001,731,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2011/11/17 09:35:28 | 000,395,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2011/11/17 09:35:26 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2011/11/17 09:35:26 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2011/11/17 09:35:25 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2011/11/17 09:35:19 | 001,447,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2011/11/17 08:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2011/11/01 15:59:23 | 000,000,000 | ---- | M] () -- C:\Windows\NDSTray.INI
[2011/11/01 15:59:13 | 000,002,041 | ---- | M] () -- C:\Users\Public\Desktop\Manual.lnk
[2011/11/01 15:42:16 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf

========== Files Created - No Company Name ==========

[2012/04/26 00:22:40 | 000,000,512 | ---- | C] () -- C:\Users\Toshiba\Documents\MBR.dat
[2012/04/25 14:54:57 | 000,015,508 | ---- | C] () -- C:\Users\Toshiba\Desktop\lol.jpg
[2012/04/24 14:05:37 | 000,110,992 | ---- | C] () -- C:\Users\Toshiba\Desktop\581390_10150669526080756_710895755_9727010_1943381955_n.jpg
[2012/04/22 17:49:44 | 009,473,591 | ---- | C] () -- C:\Users\Toshiba\Desktop\april2012_14th_issue_flyer.pdf
[2012/04/22 15:06:33 | 000,069,511 | ---- | C] () -- C:\Users\Toshiba\Desktop\rorito.jpg
[2012/04/21 00:37:49 | 000,381,258 | ---- | C] () -- C:\Users\Toshiba\Desktop\P2-HCG-Gourmet-Cookbook.pdf
[2012/04/21 00:31:28 | 001,274,044 | ---- | C] () -- C:\Users\Toshiba\Desktop\HCG-ebook-preview.pdf
[2012/04/20 23:44:21 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/04/07 16:37:24 | 000,001,790 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/03/24 16:47:35 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012/03/24 16:46:59 | 000,001,904 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/03/24 14:54:34 | 000,191,573 | ---- | C] () -- C:\Users\Toshiba\Desktop\Formulaire_candidature_contrat_local.pdf
[2012/03/24 14:54:28 | 000,067,483 | ---- | C] () -- C:\Users\Toshiba\Desktop\Recrut_Contr_Local_pieces_a_fournir.pdf
[2012/03/24 11:51:33 | 000,002,515 | ---- | C] () -- C:\Users\Toshiba\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2012/03/24 11:51:33 | 000,002,503 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
[2012/03/24 11:51:33 | 000,002,491 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk
[2012/03/24 11:46:22 | 000,000,628 | ---- | C] () -- C:\Windows\SysNative\mapisvc.inf
[2012/03/24 11:35:27 | 000,001,852 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/02/22 12:26:41 | 000,002,026 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/02/21 00:53:46 | 030,809,792 | ---- | C] () -- C:\Users\Toshiba\Desktop\BlackBerry Bold 9700 (220C4D55) (February 8, 2012) SARAH.ipd
[2012/02/21 00:35:23 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/02/21 00:31:12 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/02/16 12:04:27 | 000,000,355 | ---- | C] () -- C:\Users\Toshiba\Desktop\Computer.lnk
[2012/01/01 16:49:45 | 000,761,436 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/12/07 23:30:16 | 000,001,448 | ---- | C] () -- C:\Users\Toshiba\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/12/07 20:01:23 | 000,001,100 | ---- | C] () -- C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk
[2011/12/07 14:13:35 | 000,000,514 | ---- | C] () -- C:\Users\Public\Desktop\eBay.lnk
[2011/12/07 14:13:35 | 000,000,424 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toshiba Places.lnk
[2011/12/07 14:13:35 | 000,000,420 | ---- | C] () -- C:\Users\Public\Desktop\Toshiba Places.lnk
[2011/12/07 14:13:33 | 000,001,000 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BBC iPlayer Desktop.lnk
[2011/12/07 14:13:33 | 000,000,988 | ---- | C] () -- C:\Users\Public\Desktop\BBC iPlayer Desktop.lnk
[2011/12/07 14:12:49 | 000,001,454 | ---- | C] () -- C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/12/07 13:48:37 | 000,002,242 | ---- | C] () -- C:\Users\Toshiba\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/12/07 13:48:37 | 000,000,290 | ---- | C] () -- C:\Users\Toshiba\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/12/07 13:48:37 | 000,000,272 | ---- | C] () -- C:\Users\Toshiba\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/12/07 12:37:50 | 000,000,000 | RHS- | C] () -- C:\Windows\SysWow64\drivers\TOSHIBA_Satellite L755_15158-AR_PSK2YE-0M302.MRK
[2011/11/01 15:59:23 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2011/11/01 15:59:13 | 000,002,041 | ---- | C] () -- C:\Users\Public\Desktop\Manual.lnk
[2011/11/01 15:42:16 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2011/11/01 15:20:43 | 000,007,621 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2011/11/01 15:19:26 | 000,008,192 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2011/11/01 15:15:16 | 522,604,543 | -HS- | C] () -- C:\hiberfil.sys
[2011/02/03 21:56:58 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll

========== LOP Check ==========

[2011/12/07 20:01:22 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2012/04/18 12:18:04 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\SoftGrid Client
[2012/02/22 00:00:21 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Toshiba
[2012/02/21 18:57:40 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\TOSHIBA Online Product Information
[2012/01/01 16:50:10 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\TP
[2012/02/20 17:16:38 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\WinBatch
[2012/04/20 23:41:56 | 000,032,552 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011/02/26 08:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 09:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 09:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 09:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 06:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 08:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 08:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 06:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 04:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2011/03/01 11:10:51 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=635455A95EB8EC47AC72142E501465ED -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.21671_none_14271b75353e4391\svchost.exe
[2011/03/01 11:07:49 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=6F68F63794097E54F36474ED4384B759 -- C:\Windows\SysNative\svchost.exe
[2011/03/01 11:07:49 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=6F68F63794097E54F36474ED4384B759 -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.17568_none_13af509c1c123937\svchost.exe
[2011/03/01 11:07:49 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=A91A288C91F9D9F1CFA4FAA9893C4D55 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.21671_none_b8087ff17ce0d25b\svchost.exe
[2009/07/14 04:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
[2011/03/01 11:05:31 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=ECDB182F885292145826C58252B53000 -- C:\Windows\SysWOW64\svchost.exe
[2011/03/01 11:05:31 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=ECDB182F885292145826C58252B53000 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.17568_none_b790b51863b4c801\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/21 06:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 06:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 06:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 06:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/21 06:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 06:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2012/04/12 10:37:36 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2012/04/12 10:37:36 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/04/12 10:37:36 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2012/04/12 10:37:36 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/08/03 12:57:18 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/08/03 12:57:18 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/08/03 12:57:18 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2011/08/03 12:57:18 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2011/08/03 12:57:18 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Safari\Safari.exe" /reinstall [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /hideicons [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /showicons [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files (x86)\Safari\Safari.exe" [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2012/04/12 10:37:36 | 001,224,176 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2012/04/12 10:37:36 | 001,224,176 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2012/04/12 10:37:36 | 001,224,176 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2012/04/12 10:37:36 | 001,224,176 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011/08/03 12:57:18 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011/08/03 12:57:18 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011/08/03 12:57:18 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2011/08/03 12:57:18 | 000,748,336 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2011/08/03 12:57:18 | 000,748,336 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /REINSTALL [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /HIDEICONS [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /SHOWICONS [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.)

< End of report >


EXTRAS.TXT
OTL Extras logfile created on: 4/26/2012 12:39:54 AM - Run 1
OTL by OldTimer - Version 3.2.42.0 Folder = C:\Users\Toshiba\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.98 Gb Total Physical Memory | 3.40 Gb Available Physical Memory | 56.78% Memory free
11.96 Gb Paging File | 9.15 Gb Available in Paging File | 76.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 348.61 Gb Total Space | 305.49 Gb Free Space | 87.63% Space Free | Partition Type: NTFS
Drive D: | 349.64 Gb Total Space | 335.83 Gb Free Space | 96.05% Space Free | Partition Type: NTFS
Drive E: | 82.91 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: TOSHIBA-TOSH | User Name: Toshiba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 180 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1861668113-2035247836-3707625544-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{43DBC64B-3DD1-47E2-8788-D3C3B110C574}" = TOSHIBA Bulletin Board
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{65486209-5C54-439C-8383-8AC9BBE25932}" = Atheros Bluetooth Filter Driver Package
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8B485965-8EFE-464A-842F-CF8F18C3DFD7}" = iCloud
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 268.57
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 268.57
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 268.57
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.23.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}" = TOSHIBA Hardware Setup
"{CBD6B23D-41D5-4A46-8019-6208516C9712}" = TOSHIBA Supervisor Password
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02FCAA8F-59D3-4198-822E-135C61EE4F0B}" = NeroKwikMedia Help (CHM)
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{07035AB3-5C70-3315-35A9-CFFECA140880}" = BBC iPlayer Desktop
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F7D9F37-C39C-486C-BDF8-8F440FFB3352}" = Nero Kwik Media
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2063D199-D79F-471A-9019-9E647296394D}" = Nero Multimedia Suite 10 Essentials
"{2290A680-4083-410A-ADCC-7092C67FC052}" = TOSHIBA Online Product Information
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{241E7104-937A-4366-AD57-8FDDDB003939}" = Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 20
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2C303EE0-A595-3543-A71A-931C7AC40EDE}" = Microsoft Primary Interoperability Assemblies 2005
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{443B561F-DE1B-4DEF-ADD9-484B684653C7}" = Windows Live Messenger
"{461F6F0D-7173-4902-9604-AB1A29108AF2}" = TOSHIBA Places Icon Utility
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{58CB9A9A-1EFB-4EA8-B50C-3097E754AC21}" = High-Definition Video Playback
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{654F7484-88C5-46DC-AB32-C66BCB0E2102}" = TOSHIBA Sleep Utility
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6D172D0A-B9F1-4046-AFAB-8599288545BF}" = Safari
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba" = WildTangent Games App (Toshiba Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78DBE8CE-61F6-4D6C-806C-A0FFF65F5E1D}" = Windows Live Messenger
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = Toshiba Manuals
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.3) MUI
"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}" = TOSHIBA Assist
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CDADE9BC-612C-42B8-B929-5C6A823E7FF9}" = TOSHIBA Wireless LAN Indicator
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5AEEAA2-184E-4A2A-BAA3-6225EA4B9516}" = TOSHIBA ConfigFree
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E18B30AA-6E2D-480C-B918-AF61009F4010}" = عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F082CB11-4794-4259-99A1-D91BA762AD15}" = TOSHIBA TEMPRO
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"Adobe AIR" = Adobe AIR
"BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1" = BBC iPlayer Desktop
"Google Chrome" = Google Chrome
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"InstallShield_{43DBC64B-3DD1-47E2-8788-D3C3B110C574}" = TOSHIBA Bulletin Board
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}" = TOSHIBA Hardware Setup
"InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}" = TOSHIBA Supervisor Password
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"MSC" = McAfee Internet Security
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"WildTangent toshiba Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"WTA-16320503-2a70-46ed-a7bc-a0a70fec690f" = Wedding Dash 2 - Rings Around the World
"WTA-1ca3e216-095f-4126-808d-1c67f171c6d2" = Zuma Deluxe
"WTA-2770ed66-c48a-4579-9e3e-53f21c3f3cad" = Diner Dash 2 Restaurant Rescue
"WTA-437b8b20-2048-4f54-982c-c0c5af0ba4c3" = Penguins!
"WTA-5ada7e1f-82f9-4f17-b7bd-c5d127a614a4" = Insaniquarium Deluxe
"WTA-762800e6-32f8-42eb-8515-28488523cfef" = Bejeweled 2 Deluxe
"WTA-89be1bed-a478-430b-a05c-a628d6507473" = Slingo Deluxe
"WTA-8d78ed6a-16b5-4564-bb44-08294988e845" = Chuzzle Deluxe
"WTA-a9cc7b98-c8fe-4292-b3aa-1adc77270b4b" = FATE
"WTA-b46daead-2810-4a1f-baf8-a925b5772436" = Bejeweled 3
"WTA-de9647da-e2d9-48dc-9620-8136e41f9413" = Chicken Invaders 3 - Revenge of the Yolk
"WTA-e7277489-2757-45e1-bbad-1a3680c97916" = Final Drive: Nitro
"WTA-e7cf0314-8ea6-46e7-be7a-c94b2824aea7" = Polar Bowler
"WTA-f4d2c191-df5f-46c2-98b0-ef5dcbd4e420" = Plants vs. Zombies - Game of the Year

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/11/2012 7:52:51 AM | Computer Name = Toshiba-TOSH | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3011

Error - 4/11/2012 7:52:52 AM | Computer Name = Toshiba-TOSH | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 4/11/2012 7:52:52 AM | Computer Name = Toshiba-TOSH | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4009

Error - 4/11/2012 7:52:52 AM | Computer Name = Toshiba-TOSH | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4009

Error - 4/11/2012 7:52:53 AM | Computer Name = Toshiba-TOSH | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 4/11/2012 7:52:53 AM | Computer Name = Toshiba-TOSH | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5023

Error - 4/11/2012 7:52:53 AM | Computer Name = Toshiba-TOSH | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5023

Error - 4/12/2012 5:00:34 AM | Computer Name = Toshiba-TOSH | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 4/12/2012 5:00:34 AM | Computer Name = Toshiba-TOSH | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 76066571

Error - 4/12/2012 5:00:34 AM | Computer Name = Toshiba-TOSH | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 76066571

[ System Events ]
Error - 4/14/2012 2:10:40 AM | Computer Name = Toshiba-TOSH | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2

Error - 4/14/2012 3:18:01 AM | Computer Name = Toshiba-TOSH | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2

Error - 4/14/2012 3:58:01 AM | Computer Name = Toshiba-TOSH | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2

Error - 4/14/2012 4:02:52 AM | Computer Name = Toshiba-TOSH | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2

Error - 4/14/2012 4:38:02 AM | Computer Name = Toshiba-TOSH | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2

Error - 4/14/2012 5:23:03 AM | Computer Name = Toshiba-TOSH | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2

Error - 4/14/2012 6:03:04 AM | Computer Name = Toshiba-TOSH | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2

Error - 4/14/2012 6:23:34 AM | Computer Name = Toshiba-TOSH | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2

Error - 4/14/2012 6:24:54 AM | Computer Name = Toshiba-TOSH | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2

Error - 4/14/2012 6:25:04 AM | Computer Name = Toshiba-TOSH | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2


< End of report >


Attached File  aswMBR.txt   1.74KB   50 downloads
Attached File  Extras.Txt   51.7KB   44 downloads
Attached File  OTL.Txt   196.57KB   37 downloads
  • 0

#5
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hi Sassa
:welcome: . I'm Michael and I'm going to help you fix your computer :)

Note: Before we start the process you should:
  • POST your logs, don't attach them, as it makes it harder to read. Also please don't edit any log in any case
  • Disable ANY programs that offer real-time protection features while executing my instructions. That includes your antivirus, antispyware, windows defender or any other program that offers protection. When you're clean or waiting for my next set of instructions, re-enable them .If you need any help disabling them, ask.
  • Topics that are idle for 4 days after I post instructions will be closed, unless I'm notified of the delay.
  • Last, as most of the tools we use here need administrative rights in order to function properly, I expect that you will be running them from an administrator account.


Sorry for the late reply. Thanks for waiting. :)

You are infected with a rootkit.

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.


Next:

Please download MBRCheck.exe to your Desktop. Run the application.

If no infection is found, it will produce a report on the desktop. Post that report in your next reply.

If an infection is found, you will be presented with the following dialog:

Enter 'Y' and hit ENTER for more options, or 'N' to exit:


Type N and press Enter. A report will be produced on the desktop. Post that report in your next reply.

Next:

Please uninstall Java™ 6 Update 20 to prevent further re-infection, as it's outdated.
I can see some strange named programs installed (in a strange language), like:

ActiveX الخاص بـ Windows Live Mesh

If you don't recognise them, then uninstall them
  • 0

#6
sassa

sassa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
Thanx for ur reply
the TDX result is as follows and i have 2 threats i skipped


16:28:22.0421 8688 TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:43
16:28:23.0048 8688 ============================================================
16:28:23.0048 8688 Current date / time: 2012/04/29 16:28:23.0048
16:28:23.0048 8688 SystemInfo:
16:28:23.0048 8688
16:28:23.0048 8688 OS Version: 6.1.7601 ServicePack: 1.0
16:28:23.0048 8688 Product type: Workstation
16:28:23.0048 8688 ComputerName: TOSHIBA-TOSH
16:28:23.0049 8688 UserName: Toshiba
16:28:23.0049 8688 Windows directory: C:\Windows
16:28:23.0049 8688 System windows directory: C:\Windows
16:28:23.0049 8688 Running under WOW64
16:28:23.0049 8688 Processor architecture: Intel x64
16:28:23.0049 8688 Number of processors: 8
16:28:23.0049 8688 Page size: 0x1000
16:28:23.0049 8688 Boot type: Normal boot
16:28:23.0049 8688 ============================================================
16:28:24.0154 8688 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:28:24.0159 8688 ============================================================
16:28:24.0159 8688 \Device\Harddisk0\DR0:
16:28:24.0159 8688 MBR partitions:
16:28:24.0159 8688 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xC8000, BlocksNum 0x2B937000
16:28:24.0159 8688 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2B9FF000, BlocksNum 0x2BB47000
16:28:24.0159 8688 ============================================================
16:28:24.0234 8688 C: <-> \Device\Harddisk0\DR0\Partition0
16:28:24.0316 8688 D: <-> \Device\Harddisk0\DR0\Partition1
16:28:24.0316 8688 ============================================================
16:28:24.0316 8688 Initialize success
16:28:24.0316 8688 ============================================================
16:29:08.0735 8196 ============================================================
16:29:08.0735 8196 Scan started
16:29:08.0735 8196 Mode: Manual; SigCheck; TDLFS;
16:29:08.0735 8196 ============================================================
16:29:09.0147 8196 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

Attached File  TDSSKiller.2.7.33.0_29.04.2012_16.28.22_log.txt   4.32KB   46 downloads
  • 0

#7
sassa

sassa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
The MBRCheck result:



MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: Intel Corp.
BIOS Manufacturer: INSYDE
System Manufacturer: TOSHIBA
System Product Name: Satellite L755
Logical Drives Mask: 0x0001001c

Kernel Drivers (total 201):
0x03415000 \SystemRoot\system32\ntoskrnl.exe
0x039FD000 \SystemRoot\system32\hal.dll
0x00BCD000 \SystemRoot\system32\kdcom.dll
0x00C63000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00CB2000 \SystemRoot\system32\PSHED.dll
0x00CC6000 \SystemRoot\system32\CLFS.SYS
0x00D24000 \SystemRoot\system32\CI.dll
0x00E59000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00EFD000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00F0C000 \SystemRoot\system32\drivers\ACPI.sys
0x00F63000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00F6C000 \SystemRoot\system32\drivers\msisadrv.sys
0x00F76000 \SystemRoot\system32\drivers\pci.sys
0x00FA9000 \SystemRoot\system32\drivers\vdrvroot.sys
0x00FB6000 \SystemRoot\System32\drivers\partmgr.sys
0x00FCB000 \SystemRoot\system32\drivers\compbatt.sys
0x00FD4000 \SystemRoot\system32\drivers\BATTC.SYS
0x00FE0000 \SystemRoot\system32\drivers\volmgr.sys
0x00C00000 \SystemRoot\System32\drivers\volmgrx.sys
0x00E00000 \SystemRoot\System32\drivers\mountmgr.sys
0x00E1A000 \SystemRoot\system32\DRIVERS\pciide.sys
0x00E21000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x01043000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x01197000 \SystemRoot\system32\drivers\atapi.sys
0x011A0000 \SystemRoot\system32\drivers\ataport.SYS
0x011CA000 \SystemRoot\system32\DRIVERS\msahci.sys
0x011D5000 \SystemRoot\system32\drivers\amdxata.sys
0x01250000 \SystemRoot\system32\drivers\fltmgr.sys
0x0129C000 \SystemRoot\system32\drivers\fileinfo.sys
0x012B0000 \SystemRoot\system32\DRIVERS\MpFilter.sys
0x012E5000 \SystemRoot\system32\drivers\mfehidk.sys
0x0143C000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01381000 \SystemRoot\System32\Drivers\msrpc.sys
0x015DF000 \SystemRoot\System32\Drivers\ksecdd.sys
0x016B7000 \SystemRoot\System32\Drivers\cng.sys
0x01729000 \SystemRoot\System32\drivers\pcw.sys
0x0173A000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x018E3000 \SystemRoot\system32\drivers\ndis.sys
0x01800000 \SystemRoot\system32\drivers\NETIO.SYS
0x01860000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01A6F000 \SystemRoot\System32\drivers\tcpip.sys
0x01C73000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01CBD000 \SystemRoot\system32\drivers\mfewfpk.sys
0x01D01000 \SystemRoot\system32\drivers\wd.sys
0x01D09000 \SystemRoot\system32\drivers\volsnap.sys
0x01D55000 \SystemRoot\system32\DRIVERS\TVALZ_O.SYS
0x01D5A000 \SystemRoot\System32\Drivers\spldr.sys
0x01D62000 \SystemRoot\System32\drivers\rdyboost.sys
0x01D9C000 \SystemRoot\System32\Drivers\mup.sys
0x01DAE000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01DB7000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01A00000 \SystemRoot\system32\drivers\disk.sys
0x01A16000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x04600000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x0462A000 \SystemRoot\System32\Drivers\Null.SYS
0x04633000 \SystemRoot\System32\Drivers\Beep.SYS
0x0463A000 \SystemRoot\System32\drivers\vga.sys
0x04648000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x0466D000 \SystemRoot\System32\drivers\watchdog.sys
0x0467D000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x04686000 \SystemRoot\system32\drivers\rdpencdd.sys
0x01A54000 \SystemRoot\system32\drivers\rdprefmp.sys
0x01A5D000 \SystemRoot\System32\Drivers\Msfs.SYS
0x0188B000 \SystemRoot\System32\Drivers\Npfs.SYS
0x0189C000 \SystemRoot\system32\DRIVERS\tdx.sys
0x01DF1000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x01744000 \SystemRoot\System32\DRIVERS\netbt.sys
0x01600000 \SystemRoot\system32\drivers\afd.sys
0x018BE000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x019D6000 \SystemRoot\system32\DRIVERS\pacer.sys
0x018C7000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x01689000 \SystemRoot\system32\DRIVERS\mfenlfk.sys
0x0169A000 \SystemRoot\system32\DRIVERS\netbios.sys
0x01789000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x017A4000 \SystemRoot\system32\drivers\termdd.sys
0x030FA000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x0314B000 \SystemRoot\system32\drivers\nsiproxy.sys
0x03157000 \SystemRoot\system32\drivers\mssmbios.sys
0x03162000 \SystemRoot\System32\drivers\discache.sys
0x03171000 \SystemRoot\System32\Drivers\dfsc.sys
0x0318F000 \SystemRoot\system32\drivers\blbdrive.sys
0x031A0000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x0F4CD000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x10144000 \SystemRoot\System32\Drivers\nvBridge.kmd
0x03000000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x10146000 \SystemRoot\System32\drivers\dxgmms1.sys
0x1018C000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x101B0000 \SystemRoot\system32\DRIVERS\HECIx64.sys
0x101C1000 \SystemRoot\system32\drivers\usbehci.sys
0x0F400000 \SystemRoot\system32\drivers\USBPORT.SYS
0x0F456000 \SystemRoot\system32\DRIVERS\nusb3xhc.sys
0x0F487000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x04C7B000 \SystemRoot\system32\DRIVERS\athrx.sys
0x04F0E000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x04F1B000 \SystemRoot\system32\DRIVERS\L1C62x64.sys
0x04F30000 \SystemRoot\system32\drivers\i8042prt.sys
0x04F4E000 \SystemRoot\system32\drivers\kbdclass.sys
0x05080000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x051DF000 \SystemRoot\system32\drivers\mouclass.sys
0x051EE000 \SystemRoot\system32\DRIVERS\tdcmdpst.sys
0x05000000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x0500D000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x05023000 \SystemRoot\system32\drivers\CmBatt.sys
0x05028000 \SystemRoot\system32\DRIVERS\tosrfec.sys
0x05030000 \SystemRoot\system32\drivers\QIOMem.sys
0x0503A000 \SystemRoot\system32\DRIVERS\TVALZFL.sys
0x05041000 \SystemRoot\system32\drivers\wmiacpi.sys
0x0504A000 \SystemRoot\system32\drivers\CompositeBus.sys
0x0505A000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x04F5D000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x05070000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x04F81000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x04FB0000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x04FCB000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x04C00000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x0507C000 \SystemRoot\system32\drivers\swenum.sys
0x04C1A000 \SystemRoot\system32\drivers\ks.sys
0x04C5D000 \SystemRoot\system32\DRIVERS\umbus.sys
0x05406000 \SystemRoot\system32\drivers\usbhub.sys
0x05460000 \SystemRoot\system32\DRIVERS\nusb3hub.sys
0x05479000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x0548E000 \SystemRoot\system32\drivers\nvhda64v.sys
0x054BB000 \SystemRoot\system32\drivers\portcls.sys
0x054F8000 \SystemRoot\system32\drivers\drmk.sys
0x0551A000 \SystemRoot\system32\drivers\ksthunk.sys
0x05C2F000 \SystemRoot\system32\drivers\CHDRT64.sys
0x05DBE000 \SystemRoot\system32\drivers\mfeavfk.sys
0x05C00000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x05C1D000 \SystemRoot\System32\Drivers\crashdmp.sys
0x0468F000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x05520000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x000D0000 \SystemRoot\System32\win32k.sys
0x05DF4000 \SystemRoot\System32\drivers\Dxapi.sys
0x05533000 \SystemRoot\system32\DRIVERS\monitor.sys
0x004B0000 \SystemRoot\System32\TSDDD.dll
0x00650000 \SystemRoot\System32\cdd.dll
0x05541000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x0555E000 \SystemRoot\system32\drivers\luafv.sys
0x05581000 \SystemRoot\system32\DRIVERS\Sftvollh.sys
0x0558C000 \SystemRoot\system32\drivers\WudfPf.sys
0x055AD000 \SystemRoot\System32\Drivers\usbvideo.sys
0x055DB000 \SystemRoot\system32\DRIVERS\pgeffect.sys
0x055E3000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x03CEB000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x03D3E000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x03D51000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x03C00000 \SystemRoot\system32\drivers\HTTP.sys
0x03CC9000 \SystemRoot\system32\DRIVERS\bowser.sys
0x03D69000 \SystemRoot\System32\drivers\mpsdrv.sys
0x03D81000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x03DAE000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x0F489000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x088C3000 \SystemRoot\system32\drivers\peauth.sys
0x08969000 \SystemRoot\System32\Drivers\secdrv.SYS
0x08800000 \SystemRoot\system32\DRIVERS\Sftfslh.sys
0x08974000 \SystemRoot\system32\DRIVERS\Sftplaylh.sys
0x089C1000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x04FEC000 \SystemRoot\System32\drivers\tcpipreg.sys
0x096C5000 \SystemRoot\System32\DRIVERS\srv2.sys
0x0972E000 \SystemRoot\System32\DRIVERS\srv.sys
0x097C6000 \SystemRoot\system32\DRIVERS\Sftredirlh.sys
0x09600000 \SystemRoot\system32\drivers\spsys.sys
0x77360000 \Windows\System32\ntdll.dll
0x47AC0000 \Windows\System32\smss.exe
0xFF680000 \Windows\System32\apisetschema.dll
0xFF480000 \Windows\System32\autochk.exe
0xFF660000 \Windows\System32\nsi.dll
0x77530000 \Windows\System32\normaliz.dll
0x77260000 \Windows\System32\user32.dll
0xFF550000 \Windows\System32\msctf.dll
0xFF4F0000 \Windows\System32\Wldap32.dll
0xFF4C0000 \Windows\System32\imm32.dll
0xFF4A0000 \Windows\System32\sechost.dll
0x77110000 \Windows\System32\urlmon.dll
0xFF370000 \Windows\System32\rpcrt4.dll
0xFF2D0000 \Windows\System32\msvcrt.dll
0xFF200000 \Windows\System32\usp10.dll
0x76FF0000 \Windows\System32\kernel32.dll
0xFF180000 \Windows\System32\difxapi.dll
0xFF170000 \Windows\System32\lpk.dll
0xFEF90000 \Windows\System32\setupapi.dll
0xFEEB0000 \Windows\System32\oleaut32.dll
0xFEE60000 \Windows\System32\ws2_32.dll
0xFEDC0000 \Windows\System32\comdlg32.dll
0xFED40000 \Windows\System32\shlwapi.dll
0xFEB30000 \Windows\System32\ole32.dll
0xFEA90000 \Windows\System32\clbcatq.dll
0x76DE0000 \Windows\System32\iertutil.dll
0xFEA70000 \Windows\System32\imagehlp.dll
0x77520000 \Windows\System32\psapi.dll
0x76C80000 \Windows\System32\wininet.dll
0xFE990000 \Windows\System32\advapi32.dll
0xFE920000 \Windows\System32\gdi32.dll
0xFDB90000 \Windows\System32\shell32.dll
0xFDB20000 \Windows\System32\KernelBase.dll
0xFDA80000 \Windows\System32\comctl32.dll
0xFDA60000 \Windows\System32\devobj.dll
0xFDA20000 \Windows\System32\cfgmgr32.dll
0xFD8B0000 \Windows\System32\crypt32.dll
0xFD870000 \Windows\System32\wintrust.dll
0xFD860000 \Windows\System32\msasn1.dll

Processes (total 104):
0 System Idle Process
4 System
388 C:\Windows\System32\smss.exe
612 csrss.exe
688 C:\Windows\System32\wininit.exe
712 csrss.exe
752 C:\Windows\System32\services.exe
768 C:\Windows\System32\lsass.exe
776 C:\Windows\System32\lsm.exe
876 C:\Windows\System32\svchost.exe
936 C:\Windows\System32\nvvsvc.exe
988 C:\Windows\System32\svchost.exe
144 C:\Program Files\Microsoft Security Client\MsMpEng.exe
404 C:\Windows\System32\winlogon.exe
716 C:\Windows\System32\svchost.exe
1044 C:\Windows\System32\svchost.exe
1088 C:\Windows\System32\svchost.exe
1156 C:\Windows\System32\audiodg.exe
1200 C:\Windows\System32\svchost.exe
1292 C:\Windows\System32\svchost.exe
1400 C:\Windows\System32\wlanext.exe
1408 C:\Windows\System32\conhost.exe
1536 C:\Windows\System32\spoolsv.exe
1580 C:\Windows\System32\svchost.exe
1608 C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
1620 C:\Windows\System32\nvvsvc.exe
1924 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
2028 C:\Windows\System32\taskeng.exe
1148 C:\Windows\System32\taskhost.exe
1320 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
2052 C:\Windows\System32\dwm.exe
2076 C:\Windows\explorer.exe
2332 C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
2384 C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
2420 C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
2428 C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
2436 C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
2452 C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
2500 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
2516 C:\Program Files\TOSHIBA\TECO\Teco.exe
2764 C:\Program Files\Microsoft Security Client\msseces.exe
2776 C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
2804 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
2848 C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
2876 C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
1084 C:\Program Files\Bonjour\mDNSResponder.exe
1740 C:\Windows\System32\mfevtps.exe
1900 C:\Program Files (x86)\Skype\Phone\Skype.exe
2652 C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
3116 C:\Program Files (x86)\BBC iPlayer Desktop\BBC iPlayer Desktop.exe
3220 C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
3248 C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
3292 C:\Program Files (x86)\iTunes\iTunesHelper.exe
3368 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
3708 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
3756 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
3888 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
3896 C:\Windows\System32\conhost.exe
3940 C:\Windows\System32\svchost.exe
3964 C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
4036 C:\Windows\System32\TODDSrv.exe
4068 C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
3132 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
3228 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
1700 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
4140 C:\Program Files\TOSHIBA\TECO\TecoService.exe
4496 WmiPrvSE.exe
4796 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
4888 C:\Program Files\iPod\bin\iPodService.exe
4944 C:\Windows\System32\SearchIndexer.exe
3040 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
4552 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
5124 C:\Windows\System32\svchost.exe
5204 C:\Program Files\Windows Media Player\wmpnetwk.exe
5280 C:\Windows\System32\svchost.exe
5508 C:\Windows\System32\svchost.exe
5980 C:\Windows\System32\taskeng.exe
6012 C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
5164 C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
5872 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
5348 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
2348 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
5660 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
2796 dllhost.exe
6336 C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
6728 C:\Windows\System32\prevhost.exe
6796 C:\Windows\System32\notepad.exe
500 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
2092 C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
5656 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
6544 C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
4668 C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
6624 C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
5008 C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
2020 C:\Program Files (x86)\Nero\Update\NASvc.exe
5720 C:\Windows\System32\sppsvc.exe
132 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
3284 C:\Windows\System32\SearchProtocolHost.exe
6584 C:\Windows\System32\SearchFilterHost.exe
4616 MpCmdRun.exe
2840 dllhost.exe
2376 dllhost.exe
6060 C:\Users\Toshiba\Downloads\MBRCheck.exe
6248 C:\Windows\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`19000000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000057`3fe00000 (NTFS)
\\.\Q: --> error 5

PhysicalDrive0 Model Number: TOSHIBAMK7575GSX, Rev: GT001M

Size Device Name MBR Status
--------------------------------------------
698 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79


Done!


Attached File  MBRCheck_04.29.12_17.03.26.txt   16.67KB   128 downloads


Thanks a lot for ur help really appreciate it
  • 0

#8
sassa

sassa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
The strange language is arabic as for removing java 6 what can i use instead? and from where can i remove it?
thanx again
  • 0

#9
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hello
If you use arabic programs, then they are ok you can leave them on.

You need to uninstall Java™ 6 Update 20, we will install an updated version after.
To uninstall it, click the Start button, click Control Panel, click Programs, and then click Programs and Features. Find a program named:

Java™ 6 Update 20

and click Uninstall.
A setup will appear and follow the prompts to uninstall java.


Next:

Either you posted the half of tdsskiller's log or tdsskiller didn't run correctly. Make sure that this is the whole log and if it is, re-run tdsskiller and post a fresh log :thumbsup:
thanks
  • 0

#10
sassa

sassa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
oh i gave u the wrong one my laptop freezed so i restarted it and run it again this is the correct log as for java 6 update 31 has been uninstalled


16:52:42.0121 3908 TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:43
16:52:42.0468 3908 ============================================================
16:52:42.0469 3908 Current date / time: 2012/04/29 16:52:42.0468
16:52:42.0469 3908 SystemInfo:
16:52:42.0469 3908
16:52:42.0469 3908 OS Version: 6.1.7601 ServicePack: 1.0
16:52:42.0469 3908 Product type: Workstation
16:52:42.0469 3908 ComputerName: TOSHIBA-TOSH
16:52:42.0469 3908 UserName: Toshiba
16:52:42.0469 3908 Windows directory: C:\Windows
16:52:42.0469 3908 System windows directory: C:\Windows
16:52:42.0469 3908 Running under WOW64
16:52:42.0469 3908 Processor architecture: Intel x64
16:52:42.0469 3908 Number of processors: 8
16:52:42.0469 3908 Page size: 0x1000
16:52:42.0469 3908 Boot type: Normal boot
16:52:42.0469 3908 ============================================================
16:52:44.0778 3908 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:52:44.0784 3908 ============================================================
16:52:44.0784 3908 \Device\Harddisk0\DR0:
16:52:44.0784 3908 MBR partitions:
16:52:44.0784 3908 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xC8000, BlocksNum 0x2B937000
16:52:44.0784 3908 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2B9FF000, BlocksNum 0x2BB47000
16:52:44.0784 3908 ============================================================
16:52:44.0812 3908 C: <-> \Device\Harddisk0\DR0\Partition0
16:52:44.0873 3908 D: <-> \Device\Harddisk0\DR0\Partition1
16:52:44.0873 3908 ============================================================
16:52:44.0873 3908 Initialize success
16:52:44.0873 3908 ============================================================
16:52:54.0180 6400 ============================================================
16:52:54.0180 6400 Scan started
16:52:54.0180 6400 Mode: Manual; SigCheck; TDLFS;
16:52:54.0180 6400 ============================================================
16:52:55.0457 6400 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:52:55.0572 6400 1394ohci - ok
16:52:55.0625 6400 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:52:55.0643 6400 ACPI - ok
16:52:55.0695 6400 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:52:55.0810 6400 AcpiPmi - ok
16:52:55.0899 6400 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:52:55.0921 6400 AdobeARMservice - ok
16:52:56.0041 6400 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:52:56.0067 6400 AdobeFlashPlayerUpdateSvc - ok
16:52:56.0131 6400 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
16:52:56.0162 6400 adp94xx - ok
16:52:56.0205 6400 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
16:52:56.0218 6400 adpahci - ok
16:52:56.0265 6400 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
16:52:56.0292 6400 adpu320 - ok
16:52:56.0326 6400 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:52:56.0477 6400 AeLookupSvc - ok
16:52:56.0539 6400 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:52:56.0607 6400 AFD - ok
16:52:56.0650 6400 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:52:56.0676 6400 agp440 - ok
16:52:56.0722 6400 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:52:56.0788 6400 ALG - ok
16:52:56.0828 6400 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:52:56.0853 6400 aliide - ok
16:52:56.0858 6400 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:52:56.0877 6400 amdide - ok
16:52:56.0902 6400 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
16:52:56.0936 6400 AmdK8 - ok
16:52:56.0940 6400 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
16:52:56.0976 6400 AmdPPM - ok
16:52:57.0012 6400 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:52:57.0022 6400 amdsata - ok
16:52:57.0047 6400 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
16:52:57.0058 6400 amdsbs - ok
16:52:57.0066 6400 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:52:57.0074 6400 amdxata - ok
16:52:57.0103 6400 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:52:57.0269 6400 AppID - ok
16:52:57.0301 6400 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:52:57.0376 6400 AppIDSvc - ok
16:52:57.0418 6400 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:52:57.0460 6400 Appinfo - ok
16:52:57.0574 6400 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:52:57.0586 6400 Apple Mobile Device - ok
16:52:57.0619 6400 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
16:52:57.0635 6400 arc - ok
16:52:57.0642 6400 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
16:52:57.0657 6400 arcsas - ok
16:52:57.0693 6400 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:52:57.0768 6400 AsyncMac - ok
16:52:57.0783 6400 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:52:57.0794 6400 atapi - ok
16:52:57.0933 6400 athr (b2931c83cfb12a3223a47b180473ae1a) C:\Windows\system32\DRIVERS\athrx.sys
16:52:58.0021 6400 athr - ok
16:52:58.0163 6400 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:52:58.0239 6400 AudioEndpointBuilder - ok
16:52:58.0244 6400 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:52:58.0275 6400 AudioSrv - ok
16:52:58.0308 6400 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:52:58.0388 6400 AxInstSV - ok
16:52:58.0474 6400 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
16:52:58.0532 6400 b06bdrv - ok
16:52:58.0571 6400 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:52:58.0620 6400 b57nd60a - ok
16:52:58.0662 6400 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:52:58.0701 6400 BDESVC - ok
16:52:58.0718 6400 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:52:58.0774 6400 Beep - ok
16:52:58.0836 6400 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
16:52:58.0904 6400 BFE - ok
16:52:58.0998 6400 BingDesktopUpdate (1b63f2b7ca6b5290cc124cdd07520bc9) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
16:52:59.0015 6400 BingDesktopUpdate - ok
16:52:59.0060 6400 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
16:52:59.0139 6400 BITS - ok
16:52:59.0194 6400 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
16:52:59.0243 6400 blbdrive - ok
16:52:59.0345 6400 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
16:52:59.0384 6400 Bonjour Service - ok
16:52:59.0435 6400 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:52:59.0480 6400 bowser - ok
16:52:59.0532 6400 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
16:52:59.0580 6400 BrFiltLo - ok
16:52:59.0595 6400 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
16:52:59.0628 6400 BrFiltUp - ok
16:52:59.0669 6400 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:52:59.0731 6400 Browser - ok
16:52:59.0768 6400 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:52:59.0805 6400 Brserid - ok
16:52:59.0822 6400 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:52:59.0847 6400 BrSerWdm - ok
16:52:59.0850 6400 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:52:59.0877 6400 BrUsbMdm - ok
16:52:59.0908 6400 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:52:59.0933 6400 BrUsbSer - ok
16:52:59.0970 6400 BtFilter (2347abbd13bada65826fdab4caafe357) C:\Windows\system32\DRIVERS\btfilter.sys
16:52:59.0995 6400 BtFilter - ok
16:53:00.0014 6400 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
16:53:00.0037 6400 BTHMODEM - ok
16:53:00.0077 6400 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:53:00.0128 6400 bthserv - ok
16:53:00.0158 6400 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:53:00.0195 6400 cdfs - ok
16:53:00.0232 6400 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
16:53:00.0244 6400 cdrom - ok
16:53:00.0272 6400 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:53:00.0318 6400 CertPropSvc - ok
16:53:00.0373 6400 cfwids (ed0263b2eb24f0f4e3898036fa1d28a1) C:\Windows\system32\drivers\cfwids.sys
16:53:00.0381 6400 cfwids - ok
16:53:00.0511 6400 cfWiMAXService (41e7c4fa6491747402cfca77cc1c7aab) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
16:53:00.0540 6400 cfWiMAXService - ok
16:53:00.0569 6400 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
16:53:00.0594 6400 circlass - ok
16:53:00.0645 6400 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:53:00.0674 6400 CLFS - ok
16:53:00.0757 6400 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:53:00.0774 6400 clr_optimization_v2.0.50727_32 - ok
16:53:00.0825 6400 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:53:00.0848 6400 clr_optimization_v2.0.50727_64 - ok
16:53:00.0911 6400 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:53:00.0931 6400 clr_optimization_v4.0.30319_32 - ok
16:53:00.0982 6400 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:53:01.0015 6400 clr_optimization_v4.0.30319_64 - ok
16:53:01.0055 6400 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
16:53:01.0100 6400 CmBatt - ok
16:53:01.0115 6400 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:53:01.0129 6400 cmdide - ok
16:53:01.0181 6400 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
16:53:01.0214 6400 CNG - ok
16:53:01.0319 6400 CnxtHdAudService (66847c979893a11cfcc2280e772d7ea1) C:\Windows\system32\drivers\CHDRT64.sys
16:53:01.0353 6400 CnxtHdAudService - ok
16:53:01.0473 6400 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
16:53:01.0501 6400 Compbatt - ok
16:53:01.0537 6400 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
16:53:01.0578 6400 CompositeBus - ok
16:53:01.0592 6400 COMSysApp - ok
16:53:01.0690 6400 ConfigFree Service (cab0eeaf5295fc96ddd3e19dce27e131) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
16:53:01.0712 6400 ConfigFree Service - ok
16:53:01.0736 6400 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
16:53:01.0752 6400 crcdisk - ok
16:53:01.0797 6400 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
16:53:01.0870 6400 CryptSvc - ok
16:53:01.0991 6400 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:53:02.0030 6400 cvhsvc - ok
16:53:02.0102 6400 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:53:02.0170 6400 DcomLaunch - ok
16:53:02.0214 6400 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:53:02.0259 6400 defragsvc - ok
16:53:02.0316 6400 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:53:02.0404 6400 DfsC - ok
16:53:02.0449 6400 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
16:53:02.0495 6400 Dhcp - ok
16:53:02.0532 6400 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:53:02.0581 6400 discache - ok
16:53:02.0625 6400 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
16:53:02.0634 6400 Disk - ok
16:53:02.0659 6400 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
16:53:02.0729 6400 Dnscache - ok
16:53:02.0756 6400 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
16:53:02.0810 6400 dot3svc - ok
16:53:02.0832 6400 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
16:53:02.0886 6400 DPS - ok
16:53:02.0928 6400 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:53:02.0946 6400 drmkaud - ok
16:53:02.0992 6400 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:53:03.0010 6400 DXGKrnl - ok
16:53:03.0035 6400 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:53:03.0070 6400 EapHost - ok
16:53:03.0211 6400 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
16:53:03.0260 6400 ebdrv - ok
16:53:03.0347 6400 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
16:53:03.0398 6400 EFS - ok
16:53:03.0474 6400 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
16:53:03.0569 6400 ehRecvr - ok
16:53:03.0587 6400 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:53:03.0625 6400 ehSched - ok
16:53:03.0712 6400 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
16:53:03.0751 6400 elxstor - ok
16:53:03.0762 6400 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:53:03.0783 6400 ErrDev - ok
16:53:03.0819 6400 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:53:03.0858 6400 EventSystem - ok
16:53:03.0893 6400 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:53:03.0935 6400 exfat - ok
16:53:03.0967 6400 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:53:04.0020 6400 fastfat - ok
16:53:04.0073 6400 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
16:53:04.0123 6400 Fax - ok
16:53:04.0150 6400 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
16:53:04.0188 6400 fdc - ok
16:53:04.0218 6400 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:53:04.0284 6400 fdPHost - ok
16:53:04.0300 6400 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:53:04.0341 6400 FDResPub - ok
16:53:04.0372 6400 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:53:04.0381 6400 FileInfo - ok
16:53:04.0389 6400 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:53:04.0438 6400 Filetrace - ok
16:53:04.0463 6400 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
16:53:04.0489 6400 flpydisk - ok
16:53:04.0512 6400 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:53:04.0524 6400 FltMgr - ok
16:53:04.0582 6400 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
16:53:04.0632 6400 FontCache - ok
16:53:04.0714 6400 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:53:04.0738 6400 FontCache3.0.0.0 - ok
16:53:04.0769 6400 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:53:04.0784 6400 FsDepends - ok
16:53:04.0817 6400 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
16:53:04.0825 6400 Fs_Rec - ok
16:53:04.0861 6400 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:53:04.0882 6400 fvevol - ok
16:53:04.0925 6400 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
16:53:04.0953 6400 gagp30kx - ok
16:53:05.0047 6400 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
16:53:05.0078 6400 GamesAppService - ok
16:53:05.0123 6400 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:53:05.0145 6400 GEARAspiWDM - ok
16:53:05.0215 6400 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
16:53:05.0280 6400 gpsvc - ok
16:53:05.0362 6400 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:53:05.0389 6400 gupdate - ok
16:53:05.0411 6400 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:53:05.0436 6400 gupdatem - ok
16:53:05.0466 6400 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:53:05.0497 6400 gusvc - ok
16:53:05.0543 6400 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:53:05.0596 6400 hcw85cir - ok
16:53:05.0624 6400 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
16:53:05.0661 6400 HdAudAddService - ok
16:53:05.0696 6400 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:53:05.0722 6400 HDAudBus - ok
16:53:05.0725 6400 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
16:53:05.0764 6400 HidBatt - ok
16:53:05.0788 6400 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
16:53:05.0819 6400 HidBth - ok
16:53:05.0856 6400 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
16:53:05.0873 6400 HidIr - ok
16:53:05.0899 6400 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
16:53:05.0950 6400 hidserv - ok
16:53:05.0974 6400 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
16:53:05.0984 6400 HidUsb - ok
16:53:06.0020 6400 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
16:53:06.0072 6400 hkmsvc - ok
16:53:06.0096 6400 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
16:53:06.0139 6400 HomeGroupListener - ok
16:53:06.0161 6400 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
16:53:06.0189 6400 HomeGroupProvider - ok
16:53:06.0227 6400 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:53:06.0240 6400 HpSAMD - ok
16:53:06.0295 6400 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:53:06.0375 6400 HTTP - ok
16:53:06.0389 6400 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:53:06.0397 6400 hwpolicy - ok
16:53:06.0448 6400 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
16:53:06.0462 6400 i8042prt - ok
16:53:06.0507 6400 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\DRIVERS\iaStor.sys
16:53:06.0519 6400 iaStor - ok
16:53:06.0561 6400 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:53:06.0576 6400 iaStorV - ok
16:53:06.0689 6400 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
16:53:06.0716 6400 IDriverT ( UnsignedFile.Multi.Generic ) - warning
16:53:06.0716 6400 IDriverT - detected UnsignedFile.Multi.Generic (1)
16:53:06.0832 6400 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:53:06.0870 6400 idsvc - ok
16:53:06.0966 6400 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
16:53:06.0994 6400 iirsp - ok
16:53:07.0064 6400 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
16:53:07.0118 6400 IKEEXT - ok
16:53:07.0122 6400 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:53:07.0131 6400 intelide - ok
16:53:07.0158 6400 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:53:07.0182 6400 intelppm - ok
16:53:07.0220 6400 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:53:07.0265 6400 IPBusEnum - ok
16:53:07.0292 6400 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:53:07.0333 6400 IpFilterDriver - ok
16:53:07.0390 6400 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
16:53:07.0443 6400 iphlpsvc - ok
16:53:07.0460 6400 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:53:07.0481 6400 IPMIDRV - ok
16:53:07.0499 6400 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:53:07.0535 6400 IPNAT - ok
16:53:07.0630 6400 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
16:53:07.0661 6400 iPod Service - ok
16:53:07.0683 6400 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:53:07.0709 6400 IRENUM - ok
16:53:07.0728 6400 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:53:07.0738 6400 isapnp - ok
16:53:07.0754 6400 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:53:07.0770 6400 iScsiPrt - ok
16:53:07.0796 6400 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
16:53:07.0804 6400 kbdclass - ok
16:53:07.0812 6400 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
16:53:07.0837 6400 kbdhid - ok
16:53:07.0869 6400 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:53:07.0879 6400 KeyIso - ok
16:53:07.0898 6400 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
16:53:07.0907 6400 KSecDD - ok
16:53:07.0927 6400 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
16:53:07.0937 6400 KSecPkg - ok
16:53:07.0964 6400 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:53:07.0991 6400 ksthunk - ok
16:53:08.0029 6400 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:53:08.0072 6400 KtmRm - ok
16:53:08.0121 6400 L1C (ebed8b3ff4a823c1a6eebeed7b29353f) C:\Windows\system32\DRIVERS\L1C62x64.sys
16:53:08.0128 6400 L1C - ok
16:53:08.0207 6400 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
16:53:08.0262 6400 LanmanServer - ok
16:53:08.0295 6400 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
16:53:08.0345 6400 LanmanWorkstation - ok
16:53:08.0376 6400 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:53:08.0412 6400 lltdio - ok
16:53:08.0447 6400 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:53:08.0479 6400 lltdsvc - ok
16:53:08.0502 6400 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:53:08.0544 6400 lmhosts - ok
16:53:08.0637 6400 LMS (2ed1786b7542cda261029f6b526edf44) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
16:53:08.0654 6400 LMS - ok
16:53:08.0688 6400 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
16:53:08.0702 6400 LSI_FC - ok
16:53:08.0722 6400 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
16:53:08.0736 6400 LSI_SAS - ok
16:53:08.0741 6400 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
16:53:08.0754 6400 LSI_SAS2 - ok
16:53:08.0770 6400 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
16:53:08.0780 6400 LSI_SCSI - ok
16:53:08.0792 6400 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:53:08.0834 6400 luafv - ok
16:53:08.0870 6400 McAfee SiteAdvisor Service - ok
16:53:08.0902 6400 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
16:53:08.0928 6400 Mcx2Svc - ok
16:53:08.0951 6400 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
16:53:08.0962 6400 megasas - ok
16:53:08.0990 6400 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
16:53:09.0015 6400 MegaSR - ok
16:53:09.0057 6400 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
16:53:09.0078 6400 MEIx64 - ok
16:53:09.0130 6400 mfeavfk (e7a60bdb4365b561d896019b82fb7dd0) C:\Windows\system32\drivers\mfeavfk.sys
16:53:09.0149 6400 mfeavfk - ok
16:53:09.0214 6400 mfefire (c53b7aba204d9f7e9568ec147a1485c5) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
16:53:09.0227 6400 mfefire - ok
16:53:09.0354 6400 mfehidk (1892616b7f9291fd77c3fa0a5811fe9f) C:\Windows\system32\drivers\mfehidk.sys
16:53:09.0371 6400 mfehidk - ok
16:53:09.0414 6400 mfenlfk (1721261c77f6e7a9e0cb51b7d9f31b60) C:\Windows\system32\DRIVERS\mfenlfk.sys
16:53:09.0421 6400 mfenlfk - ok
16:53:09.0437 6400 mfevtp (8f3b3c3625e3aaa11d6d4db8423e1721) C:\Windows\system32\mfevtps.exe
16:53:09.0446 6400 mfevtp - ok
16:53:09.0470 6400 mfewfpk (4f17d8b85b903d96ef7033bb6ef50516) C:\Windows\system32\drivers\mfewfpk.sys
16:53:09.0481 6400 mfewfpk - ok
16:53:09.0496 6400 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:53:09.0539 6400 MMCSS - ok
16:53:09.0567 6400 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:53:09.0602 6400 Modem - ok
16:53:09.0623 6400 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:53:09.0651 6400 monitor - ok
16:53:09.0672 6400 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
16:53:09.0680 6400 mouclass - ok
16:53:09.0725 6400 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
16:53:09.0769 6400 mouhid - ok
16:53:09.0797 6400 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:53:09.0814 6400 mountmgr - ok
16:53:09.0865 6400 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
16:53:09.0884 6400 MpFilter - ok
16:53:09.0912 6400 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:53:09.0923 6400 mpio - ok
16:53:09.0944 6400 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:53:09.0978 6400 mpsdrv - ok
16:53:10.0034 6400 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
16:53:10.0097 6400 MpsSvc - ok
16:53:10.0105 6400 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:53:10.0169 6400 MRxDAV - ok
16:53:10.0208 6400 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:53:10.0252 6400 mrxsmb - ok
16:53:10.0280 6400 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:53:10.0320 6400 mrxsmb10 - ok
16:53:10.0338 6400 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:53:10.0367 6400 mrxsmb20 - ok
16:53:10.0393 6400 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\DRIVERS\msahci.sys
16:53:10.0407 6400 msahci - ok
16:53:10.0424 6400 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:53:10.0441 6400 msdsm - ok
16:53:10.0477 6400 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:53:10.0514 6400 MSDTC - ok
16:53:10.0534 6400 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:53:10.0566 6400 Msfs - ok
16:53:10.0578 6400 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:53:10.0615 6400 mshidkmdf - ok
16:53:10.0644 6400 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:53:10.0652 6400 msisadrv - ok
16:53:10.0683 6400 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:53:10.0743 6400 MSiSCSI - ok
16:53:10.0745 6400 msiserver - ok
16:53:10.0773 6400 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:53:10.0844 6400 MSKSSRV - ok
16:53:10.0934 6400 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) C:\Program Files\Microsoft Security Client\MsMpEng.exe
16:53:10.0956 6400 MsMpSvc - ok
16:53:10.0977 6400 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:53:11.0024 6400 MSPCLOCK - ok
16:53:11.0050 6400 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:53:11.0086 6400 MSPQM - ok
16:53:11.0110 6400 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:53:11.0123 6400 MsRPC - ok
16:53:11.0140 6400 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:53:11.0149 6400 mssmbios - ok
16:53:11.0169 6400 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:53:11.0202 6400 MSTEE - ok
16:53:11.0258 6400 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
16:53:11.0310 6400 MTConfig - ok
16:53:11.0381 6400 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:53:11.0404 6400 Mup - ok
16:53:11.0475 6400 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
16:53:11.0551 6400 napagent - ok
16:53:11.0634 6400 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:53:11.0676 6400 NativeWifiP - ok
16:53:12.0085 6400 NAUpdate (13aa2130f2a104dd775ead0f0ee5417b) c:\Program Files (x86)\Nero\Update\NASvc.exe
16:53:12.0101 6400 NAUpdate - ok
16:53:12.0155 6400 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:53:12.0178 6400 NDIS - ok
16:53:12.0218 6400 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:53:12.0257 6400 NdisCap - ok
16:53:12.0293 6400 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:53:12.0328 6400 NdisTapi - ok
16:53:12.0349 6400 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:53:12.0403 6400 Ndisuio - ok
16:53:12.0426 6400 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:53:12.0474 6400 NdisWan - ok
16:53:12.0511 6400 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:53:12.0576 6400 NDProxy - ok
16:53:12.0605 6400 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:53:12.0646 6400 NetBIOS - ok
16:53:12.0668 6400 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:53:12.0719 6400 NetBT - ok
16:53:12.0758 6400 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:53:12.0785 6400 Netlogon - ok
16:53:12.0836 6400 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:53:12.0910 6400 Netman - ok
16:53:12.0927 6400 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:53:12.0972 6400 netprofm - ok
16:53:13.0034 6400 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:53:13.0054 6400 NetTcpPortSharing - ok
16:53:13.0096 6400 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
16:53:13.0108 6400 nfrd960 - ok
16:53:13.0137 6400 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:53:13.0163 6400 NisDrv - ok
16:53:13.0271 6400 NisSrv (10a43829a9e606af3eef25a1c1665923) C:\Program Files\Microsoft Security Client\NisSrv.exe
16:53:13.0297 6400 NisSrv - ok
16:53:13.0342 6400 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
16:53:13.0411 6400 NlaSvc - ok
16:53:13.0428 6400 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:53:13.0456 6400 Npfs - ok
16:53:13.0470 6400 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:53:13.0506 6400 nsi - ok
16:53:13.0529 6400 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:53:13.0556 6400 nsiproxy - ok
16:53:13.0642 6400 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:53:13.0711 6400 Ntfs - ok
16:53:13.0805 6400 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:53:13.0843 6400 Null - ok
16:53:13.0887 6400 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\Windows\system32\DRIVERS\nusb3hub.sys
16:53:13.0939 6400 nusb3hub - ok
16:53:13.0966 6400 nusb3xhc (d40a13b2c0891e218f9523b376955db6) C:\Windows\system32\DRIVERS\nusb3xhc.sys
16:53:13.0995 6400 nusb3xhc - ok
16:53:14.0079 6400 NVHDA (960e39a54e525df58cb29193147dffa1) C:\Windows\system32\drivers\nvhda64v.sys
16:53:14.0105 6400 NVHDA - ok
16:53:14.0582 6400 nvlddmkm (fb2dc1985ac763aac1b293441695ba34) C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:53:14.0736 6400 nvlddmkm - ok
16:53:14.0857 6400 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:53:14.0872 6400 nvraid - ok
16:53:14.0893 6400 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:53:14.0904 6400 nvstor - ok
16:53:14.0983 6400 NVSvc (0c0ee3e423ae115363e6c497d6d430e1) C:\Windows\system32\nvvsvc.exe
16:53:15.0020 6400 NVSvc - ok
16:53:15.0028 6400 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:53:15.0038 6400 nv_agp - ok
16:53:15.0064 6400 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:53:15.0088 6400 ohci1394 - ok
16:53:15.0177 6400 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:53:15.0196 6400 ose - ok
16:53:15.0424 6400 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:53:15.0582 6400 osppsvc - ok
16:53:15.0684 6400 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:53:15.0727 6400 p2pimsvc - ok
16:53:15.0755 6400 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:53:15.0788 6400 p2psvc - ok
16:53:15.0848 6400 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
16:53:15.0878 6400 Parport - ok
16:53:15.0896 6400 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
16:53:15.0915 6400 partmgr - ok
16:53:15.0949 6400 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:53:15.0988 6400 PcaSvc - ok
16:53:16.0009 6400 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:53:16.0024 6400 pci - ok
16:53:16.0048 6400 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
16:53:16.0056 6400 pciide - ok
16:53:16.0081 6400 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
16:53:16.0093 6400 pcmcia - ok
16:53:16.0107 6400 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:53:16.0116 6400 pcw - ok
16:53:16.0148 6400 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:53:16.0195 6400 PEAUTH - ok
16:53:16.0265 6400 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:53:16.0301 6400 PerfHost - ok
16:53:16.0354 6400 PGEffect (91111cebbde8015e822c46120ed9537c) C:\Windows\system32\DRIVERS\pgeffect.sys
16:53:16.0377 6400 PGEffect - ok
16:53:16.0453 6400 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
16:53:16.0541 6400 pla - ok
16:53:16.0587 6400 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
16:53:16.0643 6400 PlugPlay - ok
16:53:16.0675 6400 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:53:16.0708 6400 PNRPAutoReg - ok
16:53:16.0739 6400 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:53:16.0758 6400 PNRPsvc - ok
16:53:16.0795 6400 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
16:53:16.0864 6400 PolicyAgent - ok
16:53:16.0902 6400 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:53:16.0948 6400 Power - ok
16:53:17.0009 6400 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:53:17.0066 6400 PptpMiniport - ok
16:53:17.0080 6400 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
16:53:17.0100 6400 Processor - ok
16:53:17.0133 6400 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
16:53:17.0221 6400 ProfSvc - ok
16:53:17.0247 6400 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:53:17.0269 6400 ProtectedStorage - ok
16:53:17.0316 6400 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:53:17.0371 6400 Psched - ok
16:53:17.0415 6400 QIOMem (c8fcb4899f8b70cc34e0d9876a80963c) C:\Windows\system32\drivers\QIOMem.sys
16:53:17.0452 6400 QIOMem - ok
16:53:17.0534 6400 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
16:53:17.0590 6400 ql2300 - ok
16:53:17.0694 6400 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
16:53:17.0714 6400 ql40xx - ok
16:53:17.0744 6400 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:53:17.0774 6400 QWAVE - ok
16:53:17.0784 6400 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:53:17.0809 6400 QWAVEdrv - ok
16:53:17.0821 6400 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:53:17.0861 6400 RasAcd - ok
16:53:17.0891 6400 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:53:17.0918 6400 RasAgileVpn - ok
16:53:17.0941 6400 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:53:17.0980 6400 RasAuto - ok
16:53:18.0009 6400 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:53:18.0053 6400 Rasl2tp - ok
16:53:18.0077 6400 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
16:53:18.0120 6400 RasMan - ok
16:53:18.0144 6400 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:53:18.0187 6400 RasPppoe - ok
16:53:18.0217 6400 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:53:18.0257 6400 RasSstp - ok
16:53:18.0295 6400 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:53:18.0336 6400 rdbss - ok
16:53:18.0346 6400 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
16:53:18.0370 6400 rdpbus - ok
16:53:18.0398 6400 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:53:18.0425 6400 RDPCDD - ok
16:53:18.0434 6400 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:53:18.0474 6400 RDPENCDD - ok
16:53:18.0494 6400 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:53:18.0530 6400 RDPREFMP - ok
16:53:18.0564 6400 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
16:53:18.0621 6400 RDPWD - ok
16:53:18.0653 6400 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:53:18.0673 6400 rdyboost - ok
16:53:18.0709 6400 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:53:18.0758 6400 RemoteAccess - ok
16:53:18.0799 6400 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:53:18.0840 6400 RemoteRegistry - ok
16:53:18.0862 6400 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:53:18.0903 6400 RpcEptMapper - ok
16:53:18.0924 6400 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:53:18.0935 6400 RpcLocator - ok
16:53:18.0978 6400 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:53:19.0008 6400 RpcSs - ok
16:53:19.0045 6400 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:53:19.0092 6400 rspndr - ok
16:53:19.0144 6400 RSUSBSTOR (135a64530d7699ad48f29d73a658dd11) C:\Windows\system32\Drivers\RtsUStor.sys
16:53:19.0173 6400 RSUSBSTOR - ok
16:53:19.0207 6400 RSUSBVSTOR (e5dc911d0feb72caff2bbdd6e7c3672f) C:\Windows\system32\Drivers\RTSUVSTOR.sys
16:53:19.0224 6400 RSUSBVSTOR - ok
16:53:19.0248 6400 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:53:19.0260 6400 SamSs - ok
16:53:19.0279 6400 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:53:19.0293 6400 sbp2port - ok
16:53:19.0324 6400 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:53:19.0378 6400 SCardSvr - ok
16:53:19.0408 6400 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:53:19.0472 6400 scfilter - ok
16:53:19.0518 6400 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
16:53:19.0570 6400 Schedule - ok
16:53:19.0595 6400 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:53:19.0627 6400 SCPolicySvc - ok
16:53:19.0656 6400 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
16:53:19.0676 6400 SDRSVC - ok
16:53:19.0736 6400 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:53:19.0792 6400 secdrv - ok
16:53:19.0817 6400 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
16:53:19.0844 6400 seclogon - ok
16:53:19.0863 6400 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
16:53:19.0891 6400 SENS - ok
16:53:19.0918 6400 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:53:19.0959 6400 SensrSvc - ok
16:53:19.0983 6400 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
16:53:20.0013 6400 Serenum - ok
16:53:20.0046 6400 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
16:53:20.0074 6400 Serial - ok
16:53:20.0086 6400 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
16:53:20.0113 6400 sermouse - ok
16:53:20.0146 6400 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
16:53:20.0194 6400 SessionEnv - ok
16:53:20.0218 6400 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:53:20.0242 6400 sffdisk - ok
16:53:20.0244 6400 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:53:20.0266 6400 sffp_mmc - ok
16:53:20.0269 6400 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:53:20.0284 6400 sffp_sd - ok
16:53:20.0287 6400 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
16:53:20.0307 6400 sfloppy - ok
16:53:20.0371 6400 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
16:53:20.0395 6400 Sftfs - ok
16:53:20.0500 6400 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
16:53:20.0519 6400 sftlist - ok
16:53:20.0566 6400 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
16:53:20.0590 6400 Sftplay - ok
16:53:20.0609 6400 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
16:53:20.0622 6400 Sftredir - ok
16:53:20.0645 6400 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
16:53:20.0657 6400 Sftvol - ok
16:53:20.0709 6400 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
16:53:20.0726 6400 sftvsa - ok
16:53:20.0766 6400 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:53:20.0813 6400 SharedAccess - ok
16:53:20.0863 6400 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
16:53:20.0939 6400 ShellHWDetection - ok
16:53:20.0976 6400 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
16:53:21.0004 6400 SiSRaid2 - ok
16:53:21.0013 6400 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
16:53:21.0035 6400 SiSRaid4 - ok
16:53:21.0097 6400 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe
16:53:21.0115 6400 SkypeUpdate - ok
16:53:21.0147 6400 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:53:21.0192 6400 Smb - ok
16:53:21.0255 6400 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:53:21.0272 6400 SNMPTRAP - ok
16:53:21.0315 6400 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:53:21.0323 6400 spldr - ok
16:53:21.0405 6400 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
16:53:21.0438 6400 Spooler - ok
16:53:25.0878 6400 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
16:53:26.0063 6400 sppsvc - ok
16:53:26.0196 6400 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:53:26.0242 6400 sppuinotify - ok
16:53:27.0988 6400 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:53:28.0039 6400 srv - ok
16:53:28.0061 6400 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:53:28.0114 6400 srv2 - ok
16:53:28.0188 6400 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
16:53:28.0202 6400 SrvHsfHDA - ok
16:53:28.0307 6400 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
16:53:28.0353 6400 SrvHsfV92 - ok
16:53:28.0454 6400 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
16:53:28.0488 6400 SrvHsfWinac - ok
16:53:28.0509 6400 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:53:28.0529 6400 srvnet - ok
16:53:28.0570 6400 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:53:28.0611 6400 SSDPSRV - ok
16:53:28.0632 6400 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:53:28.0669 6400 SstpSvc - ok
16:53:28.0786 6400 Stereo Service (5b0acff02cabf365f312143f6e0da694) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:53:28.0815 6400 Stereo Service - ok
16:53:28.0843 6400 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
16:53:28.0855 6400 stexstor - ok
16:53:28.0989 6400 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
16:53:29.0042 6400 stisvc - ok
16:53:29.0062 6400 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:53:29.0070 6400 swenum - ok
16:53:29.0117 6400 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:53:29.0152 6400 swprv - ok
16:53:29.0238 6400 SynTP (f5b46df59feaa48a442aed7eeb754d4b) C:\Windows\system32\DRIVERS\SynTP.sys
16:53:29.0271 6400 SynTP - ok
16:53:29.0425 6400 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
16:53:29.0466 6400 SysMain - ok
16:53:29.0550 6400 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
16:53:29.0579 6400 TabletInputService - ok
16:53:29.0607 6400 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
16:53:29.0663 6400 TapiSrv - ok
16:53:29.0682 6400 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:53:29.0725 6400 TBS - ok
16:53:29.0859 6400 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
16:53:29.0918 6400 Tcpip - ok
16:53:30.0096 6400 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
16:53:30.0137 6400 TCPIP6 - ok
16:53:30.0239 6400 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:53:30.0317 6400 tcpipreg - ok
16:53:30.0373 6400 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\Windows\system32\DRIVERS\tdcmdpst.sys
16:53:30.0396 6400 tdcmdpst - ok
16:53:30.0416 6400 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:53:30.0443 6400 TDPIPE - ok
16:53:30.0462 6400 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
16:53:30.0484 6400 TDTCP - ok
16:53:30.0517 6400 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:53:30.0576 6400 tdx - ok
16:53:30.0664 6400 TemproMonitoringService (1b709733a04dcc41a63f9cd1f76a4ebe) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
16:53:30.0690 6400 TemproMonitoringService - ok
16:53:30.0718 6400 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
16:53:30.0737 6400 TermDD - ok
16:53:30.0778 6400 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
16:53:30.0850 6400 TermService - ok
16:53:30.0862 6400 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:53:30.0895 6400 Themes - ok
16:53:30.0920 6400 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:53:30.0962 6400 THREADORDER - ok
16:53:31.0032 6400 TMachInfo (83e91963c4452be6899503cf9ebfd3ed) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
16:53:31.0059 6400 TMachInfo - ok
16:53:31.0102 6400 TODDSrv (8e2c799d3476eac32c3ba0df7ce6af19) C:\Windows\system32\TODDSrv.exe
16:53:31.0120 6400 TODDSrv - ok
16:53:31.0224 6400 TosCoSrv (cdc97fa5c42b07fb0d4600e17c32f582) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
16:53:31.0251 6400 TosCoSrv - ok
16:53:31.0288 6400 TOSHIBA Bluetooth Service (8f099be5db17d025e19652851399b9f1) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
16:53:31.0302 6400 TOSHIBA Bluetooth Service - ok
16:53:31.0361 6400 TOSHIBA eco Utility Service (d0f868a67cb4d817a3f7abef8c42f49c) C:\Program Files\TOSHIBA\TECO\TecoService.exe
16:53:31.0383 6400 TOSHIBA eco Utility Service - ok
16:53:31.0430 6400 TOSHIBA HDD SSD Alert Service (edb4b432db13ea3d1eb2356310d33263) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
16:53:31.0440 6400 TOSHIBA HDD SSD Alert Service - ok
16:53:31.0476 6400 Tosrfcom - ok
16:53:31.0516 6400 tosrfec (f5e3ac4cbcd154ee80849b21887fd0b0) C:\Windows\system32\DRIVERS\tosrfec.sys
16:53:31.0525 6400 tosrfec - ok
16:53:31.0539 6400 Tosrfusb (7a0048693f98460ff537be31c741b927) C:\Windows\system32\DRIVERS\tosrfusb.sys
16:53:31.0550 6400 Tosrfusb - ok
16:53:31.0628 6400 TPCHSrv (098b8a408c17e125a3d9a8e1166780c8) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
16:53:31.0660 6400 TPCHSrv - ok
16:53:31.0689 6400 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:53:31.0737 6400 TrkWks - ok
16:53:31.0799 6400 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
16:53:31.0865 6400 TrustedInstaller - ok
16:53:31.0885 6400 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:53:31.0928 6400 tssecsrv - ok
16:53:31.0955 6400 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:53:31.0980 6400 TsUsbFlt - ok
16:53:31.0983 6400 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
16:53:32.0007 6400 TsUsbGD - ok
16:53:32.0053 6400 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:53:32.0139 6400 tunnel - ok
16:53:32.0179 6400 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
16:53:32.0187 6400 TVALZ - ok
16:53:32.0206 6400 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\Windows\system32\DRIVERS\TVALZFL.sys
16:53:32.0214 6400 TVALZFL - ok
16:53:32.0236 6400 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
16:53:32.0248 6400 uagp35 - ok
16:53:32.0284 6400 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:53:32.0345 6400 udfs - ok
16:53:32.0378 6400 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:53:32.0389 6400 UI0Detect - ok
16:53:32.0406 6400 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:53:32.0416 6400 uliagpkx - ok
16:53:32.0452 6400 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
16:53:32.0463 6400 umbus - ok
16:53:32.0486 6400 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
16:53:32.0496 6400 UmPass - ok
16:53:32.0705 6400 UNS (7e5e1603d0ff2d240ae70295c5c3fefc) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
16:53:32.0792 6400 UNS - ok
16:53:32.0890 6400 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:53:32.0945 6400 upnphost - ok
16:53:33.0018 6400 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
16:53:33.0072 6400 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
16:53:33.0072 6400 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
16:53:33.0108 6400 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
16:53:33.0154 6400 usbccgp - ok
16:53:33.0184 6400 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:53:33.0212 6400 usbcir - ok
16:53:33.0244 6400 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
16:53:33.0274 6400 usbehci - ok
16:53:33.0315 6400 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
16:53:33.0350 6400 usbhub - ok
16:53:33.0360 6400 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
16:53:33.0390 6400 usbohci - ok
16:53:33.0423 6400 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
16:53:33.0457 6400 usbprint - ok
16:53:33.0474 6400 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:53:33.0509 6400 USBSTOR - ok
16:53:33.0513 6400 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
16:53:33.0536 6400 usbuhci - ok
16:53:33.0581 6400 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
16:53:33.0631 6400 usbvideo - ok
16:53:33.0658 6400 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:53:33.0740 6400 UxSms - ok
16:53:33.0771 6400 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:53:33.0784 6400 VaultSvc - ok
16:53:33.0811 6400 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:53:33.0823 6400 vdrvroot - ok
16:53:33.0848 6400 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
16:53:33.0891 6400 vds - ok
16:53:33.0919 6400 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:53:33.0932 6400 vga - ok
16:53:33.0947 6400 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:53:33.0985 6400 VgaSave - ok
16:53:33.0994 6400 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:53:34.0005 6400 vhdmp - ok
16:53:34.0009 6400 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:53:34.0017 6400 viaide - ok
16:53:34.0034 6400 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:53:34.0043 6400 volmgr - ok
16:53:34.0071 6400 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:53:34.0084 6400 volmgrx - ok
16:53:34.0112 6400 volsnap (df8126bd41180351a093a3ad2fc8903b) C:\Windows\system32\drivers\volsnap.sys
16:53:34.0124 6400 volsnap - ok
16:53:34.0168 6400 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
16:53:34.0183 6400 vsmraid - ok
16:53:34.0309 6400 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
16:53:34.0394 6400 VSS - ok
16:53:34.0484 6400 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:53:34.0518 6400 vwifibus - ok
16:53:34.0553 6400 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:53:34.0586 6400 vwififlt - ok
16:53:34.0640 6400 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:53:34.0695 6400 W32Time - ok
16:53:34.0727 6400 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
16:53:34.0757 6400 WacomPen - ok
16:53:34.0793 6400 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:53:34.0840 6400 WANARP - ok
16:53:34.0843 6400 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:53:34.0869 6400 Wanarpv6 - ok
16:53:34.0967 6400 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
16:53:35.0011 6400 WatAdminSvc - ok
16:53:35.0092 6400 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
16:53:35.0160 6400 wbengine - ok
16:53:35.0242 6400 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:53:35.0286 6400 WbioSrvc - ok
16:53:35.0315 6400 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
16:53:35.0355 6400 wcncsvc - ok
16:53:35.0378 6400 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:53:35.0417 6400 WcsPlugInService - ok
16:53:35.0462 6400 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
16:53:35.0490 6400 Wd - ok
16:53:35.0528 6400 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:53:35.0555 6400 Wdf01000 - ok
16:53:35.0567 6400 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:53:35.0668 6400 WdiServiceHost - ok
16:53:35.0673 6400 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:53:35.0700 6400 WdiSystemHost - ok
16:53:35.0737 6400 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
16:53:35.0775 6400 WebClient - ok
16:53:35.0800 6400 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:53:35.0872 6400 Wecsvc - ok
16:53:35.0890 6400 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:53:35.0927 6400 wercplsupport - ok
16:53:35.0966 6400 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:53:36.0006 6400 WerSvc - ok
16:53:36.0137 6400 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:53:36.0182 6400 WfpLwf - ok
16:53:36.0393 6400 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:53:36.0421 6400 WIMMount - ok
16:53:36.0590 6400 WinDefend - ok
16:53:36.0603 6400 WinHttpAutoProxySvc - ok
16:53:36.0774 6400 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:53:36.0844 6400 Winmgmt - ok
16:53:37.0075 6400 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
16:53:37.0150 6400 WinRM - ok
16:53:37.0284 6400 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
16:53:37.0317 6400 WinUsb - ok
16:53:37.0372 6400 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:53:37.0429 6400 Wlansvc - ok
16:53:37.0524 6400 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:53:37.0544 6400 wlcrasvc - ok
16:53:37.0669 6400 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:53:37.0710 6400 wlidsvc - ok
16:53:37.0823 6400 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:53:37.0844 6400 WmiAcpi - ok
16:53:37.0911 6400 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:53:37.0953 6400 wmiApSrv - ok
16:53:38.0024 6400 WMPNetworkSvc - ok
16:53:38.0063 6400 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:53:38.0096 6400 WPCSvc - ok
16:53:38.0116 6400 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
16:53:38.0133 6400 WPDBusEnum - ok
16:53:38.0156 6400 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:53:38.0193 6400 ws2ifsl - ok
16:53:38.0228 6400 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
16:53:38.0243 6400 wscsvc - ok
16:53:38.0246 6400 WSearch - ok
16:53:38.0348 6400 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
16:53:38.0427 6400 wuauserv - ok
16:53:38.0540 6400 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:53:38.0640 6400 WudfPf - ok
16:53:38.0758 6400 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:53:38.0841 6400 WUDFRd - ok
16:53:38.0862 6400 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
16:53:38.0890 6400 wudfsvc - ok
16:53:38.0904 6400 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:53:38.0921 6400 WwanSvc - ok
16:53:38.0959 6400 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:53:39.0537 6400 \Device\Harddisk0\DR0 - ok
16:53:39.0570 6400 Boot (0x1200) (fa77338c7e9114435ca834f9dc24dd58) \Device\Harddisk0\DR0\Partition0
16:53:39.0572 6400 \Device\Harddisk0\DR0\Partition0 - ok
16:53:39.0597 6400 Boot (0x1200) (20642302bedb8c025baa1ac7d4bf3334) \Device\Harddisk0\DR0\Partition1
16:53:39.0599 6400 \Device\Harddisk0\DR0\Partition1 - ok
16:53:39.0600 6400 ============================================================
16:53:39.0600 6400 Scan finished
16:53:39.0600 6400 ============================================================
16:53:39.0616 6432 Detected object count: 2
16:53:39.0616 6432 Actual detected object count: 2
16:55:01.0612 6432 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
16:55:01.0612 6432 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:55:01.0615 6432 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
16:55:01.0615 6432 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:55:48.0949 4928 ============================================================
16:55:48.0949 4928 Scan started
16:55:48.0949 4928 Mode: Manual; SigCheck; TDLFS;
16:55:48.0949 4928 ============================================================
16:55:49.0093 4928 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:55:49.0110 4928 1394ohci - ok
16:55:49.0149 4928 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:55:49.0164 4928 ACPI - ok
16:55:49.0183 4928 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:55:49.0195 4928 AcpiPmi - ok
16:55:49.0266 4928 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:55:49.0290 4928 AdobeARMservice - ok
16:55:49.0398 4928 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:55:49.0416 4928 AdobeFlashPlayerUpdateSvc - ok
16:55:49.0492 4928 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
16:55:49.0519 4928 adp94xx - ok
16:55:49.0553 4928 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
16:55:49.0565 4928 adpahci - ok
16:55:49.0655 4928 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
16:55:49.0679 4928 adpu320 - ok
16:55:49.0726 4928 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:55:49.0754 4928 AeLookupSvc - ok
16:55:49.0808 4928 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:55:49.0830 4928 AFD - ok
16:55:49.0858 4928 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:55:49.0866 4928 agp440 - ok
16:55:49.0886 4928 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:55:49.0897 4928 ALG - ok
16:55:49.0899 4928 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:55:49.0907 4928 aliide - ok
16:55:49.0909 4928 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:55:49.0917 4928 amdide - ok
16:55:49.0934 4928 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
16:55:49.0943 4928 AmdK8 - ok
16:55:49.0947 4928 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
16:55:49.0956 4928 AmdPPM - ok
16:55:49.0962 4928 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:55:49.0970 4928 amdsata - ok
16:55:49.0992 4928 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
16:55:50.0002 4928 amdsbs - ok
16:55:50.0019 4928 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:55:50.0027 4928 amdxata - ok
16:55:50.0031 4928 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:55:50.0057 4928 AppID - ok
16:55:50.0077 4928 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:55:50.0104 4928 AppIDSvc - ok
16:55:50.0115 4928 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:55:50.0141 4928 Appinfo - ok
16:55:50.0240 4928 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:55:50.0265 4928 Apple Mobile Device - ok
16:55:50.0317 4928 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
16:55:50.0343 4928 arc - ok
16:55:50.0349 4928 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
16:55:50.0363 4928 arcsas - ok
16:55:50.0380 4928 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:55:50.0407 4928 AsyncMac - ok
16:55:50.0425 4928 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:55:50.0433 4928 atapi - ok
16:55:50.0563 4928 athr (b2931c83cfb12a3223a47b180473ae1a) C:\Windows\system32\DRIVERS\athrx.sys
16:55:50.0602 4928 athr - ok
16:55:50.0705 4928 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:55:50.0764 4928 AudioEndpointBuilder - ok
16:55:50.0768 4928 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:55:50.0799 4928 AudioSrv - ok
16:55:50.0816 4928 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:55:50.0830 4928 AxInstSV - ok
16:55:50.0871 4928 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
16:55:50.0885 4928 b06bdrv - ok
16:55:50.0902 4928 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:55:50.0914 4928 b57nd60a - ok
16:55:50.0937 4928 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:55:50.0947 4928 BDESVC - ok
16:55:50.0961 4928 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:55:50.0988 4928 Beep - ok
16:55:51.0020 4928 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
16:55:51.0051 4928 BFE - ok
16:55:51.0121 4928 BingDesktopUpdate (1b63f2b7ca6b5290cc124cdd07520bc9) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
16:55:51.0149 4928 BingDesktopUpdate - ok
16:55:51.0193 4928 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
16:55:51.0233 4928 BITS - ok
16:55:51.0281 4928 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
16:55:51.0306 4928 blbdrive - ok
16:55:51.0372 4928 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
16:55:51.0392 4928 Bonjour Service - ok
16:55:51.0412 4928 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:55:51.0421 4928 bowser - ok
16:55:51.0453 4928 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
16:55:51.0464 4928 BrFiltLo - ok
16:55:51.0471 4928 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
16:55:51.0482 4928 BrFiltUp - ok
16:55:51.0513 4928 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:55:51.0539 4928 Browser - ok
16:55:51.0556 4928 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:55:51.0567 4928 Brserid - ok
16:55:51.0571 4928 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:55:51.0582 4928 BrSerWdm - ok
16:55:51.0584 4928 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:55:51.0595 4928 BrUsbMdm - ok
16:55:51.0614 4928 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:55:51.0623 4928 BrUsbSer - ok
16:55:51.0647 4928 BtFilter (2347abbd13bada65826fdab4caafe357) C:\Windows\system32\DRIVERS\btfilter.sys
16:55:51.0659 4928 BtFilter - ok
16:55:51.0662 4928 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
16:55:51.0674 4928 BTHMODEM - ok
16:55:51.0686 4928 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:55:51.0714 4928 bthserv - ok
16:55:51.0725 4928 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:55:51.0751 4928 cdfs - ok
16:55:51.0752 4928 Scan interrupted by user!
16:55:51.0752 4928 Scan interrupted by user!
16:55:51.0752 4928 Scan interrupted by user!
16:55:51.0752 4928 ============================================================
16:55:51.0752 4928 Scan finished
16:55:51.0752 4928 ============================================================
16:55:51.0756 4924 Detected object count: 0
16:55:51.0756 4924 Actual detected object count: 0
16:55:55.0249 3636 ============================================================
16:55:55.0249 3636 Scan started
16:55:55.0249 3636 Mode: Manual; SigCheck; TDLFS;
16:55:55.0249 3636 ============================================================
16:55:55.0358 3636 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:55:55.0397 3636 1394ohci - ok
16:55:55.0436 3636 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:55:55.0457 3636 ACPI - ok
16:55:55.0484 3636 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:55:55.0505 3636 AcpiPmi - ok
16:55:55.0588 3636 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:55:55.0604 3636 AdobeARMservice - ok
16:55:55.0683 3636 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:55:55.0705 3636 AdobeFlashPlayerUpdateSvc - ok
16:55:55.0749 3636 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
16:55:55.0770 3636 adp94xx - ok
16:55:55.0783 3636 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
16:55:55.0794 3636 adpahci - ok
16:55:55.0802 3636 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
16:55:55.0811 3636 adpu320 - ok
16:55:55.0837 3636 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:55:55.0864 3636 AeLookupSvc - ok
16:55:55.0903 3636 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:55:55.0916 3636 AFD - ok
16:55:55.0937 3636 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:55:55.0946 3636 agp440 - ok
16:55:55.0965 3636 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:55:55.0975 3636 ALG - ok
16:55:55.0977 3636 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:55:55.0985 3636 aliide - ok
16:55:55.0988 3636 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:55:55.0996 3636 amdide - ok
16:55:56.0013 3636 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
16:55:56.0022 3636 AmdK8 - ok
16:55:56.0026 3636 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
16:55:56.0035 3636 AmdPPM - ok
16:55:56.0040 3636 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:55:56.0049 3636 amdsata - ok
16:55:56.0074 3636 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
16:55:56.0084 3636 amdsbs - ok
16:55:56.0098 3636 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:55:56.0106 3636 amdxata - ok
16:55:56.0110 3636 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:55:56.0136 3636 AppID - ok
16:55:56.0155 3636 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:55:56.0182 3636 AppIDSvc - ok
16:55:56.0193 3636 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:55:56.0219 3636 Appinfo - ok
16:55:56.0318 3636 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:55:56.0340 3636 Apple Mobile Device - ok
16:55:56.0361 3636 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
16:55:56.0374 3636 arc - ok
16:55:56.0380 3636 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
16:55:56.0394 3636 arcsas - ok
16:55:56.0403 3636 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:55:56.0429 3636 AsyncMac - ok
16:55:56.0448 3636 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:55:56.0456 3636 atapi - ok
16:55:56.0591 3636 athr (b2931c83cfb12a3223a47b180473ae1a) C:\Windows\system32\DRIVERS\athrx.sys
16:55:56.0632 3636 athr - ok
16:55:56.0744 3636 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:55:56.0795 3636 AudioEndpointBuilder - ok
16:55:56.0800 3636 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:55:56.0830 3636 AudioSrv - ok
16:55:56.0853 3636 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:55:56.0866 3636 AxInstSV - ok
16:55:56.0919 3636 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
16:55:56.0938 3636 b06bdrv - ok
16:55:56.0960 3636 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:55:56.0972 3636 b57nd60a - ok
16:55:56.0993 3636 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:55:57.0003 3636 BDESVC - ok
16:55:57.0017 3636 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:55:57.0043 3636 Beep - ok
16:55:57.0078 3636 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
16:55:57.0110 3636 BFE - ok
16:55:57.0177 3636 BingDesktopUpdate (1b63f2b7ca6b5290cc124cdd07520bc9) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
16:55:57.0199 3636 BingDesktopUpdate - ok
16:55:57.0250 3636 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
16:55:57.0293 3636 BITS - ok
16:55:57.0338 3636 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
16:55:57.0361 3636 blbdrive - ok
16:55:57.0432 3636 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
16:55:57.0456 3636 Bonjour Service - ok
16:55:57.0479 3636 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:55:57.0488 3636 bowser - ok
16:55:57.0520 3636 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
16:55:57.0531 3636 BrFiltLo - ok
16:55:57.0538 3636 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
16:55:57.0549 3636 BrFiltUp - ok
16:55:57.0581 3636 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:55:57.0606 3636 Browser - ok
16:55:57.0635 3636 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:55:57.0646 3636 Brserid - ok
16:55:57.0672 3636 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:55:57.0683 3636 BrSerWdm - ok
16:55:57.0685 3636 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:55:57.0696 3636 BrUsbMdm - ok
16:55:57.0698 3636 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:55:57.0707 3636 BrUsbSer - ok
16:55:57.0736 3636 BtFilter (2347abbd13bada65826fdab4caafe357) C:\Windows\system32\DRIVERS\btfilter.sys
16:55:57.0743 3636 BtFilter - ok
16:55:57.0747 3636 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
16:55:57.0758 3636 BTHMODEM - ok
16:55:57.0774 3636 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:55:57.0801 3636 bthserv - ok
16:55:57.0812 3636 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:55:57.0839 3636 cdfs - ok
16:55:57.0852 3636 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
16:55:57.0861 3636 cdrom - ok
16:55:57.0883 3636 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:55:57.0909 3636 CertPropSvc - ok
16:55:57.0938 3636 cfwids (ed0263b2eb24f0f4e3898036fa1d28a1) C:\Windows\system32\drivers\cfwids.sys
16:55:57.0946 3636 cfwids - ok
16:55:58.0042 3636 cfWiMAXService (41e7c4fa6491747402cfca77cc1c7aab) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
16:55:58.0069 3636 cfWiMAXService - ok
16:55:58.0090 3636 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
16:55:58.0107 3636 circlass - ok
16:55:58.0142 3636 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:55:58.0165 3636 CLFS - ok
16:55:58.0268 3636 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:55:58.0292 3636 clr_optimization_v2.0.50727_32 - ok
16:55:58.0347 3636 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:55:58.0373 3636 clr_optimization_v2.0.50727_64 - ok
16:55:58.0421 3636 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:55:58.0436 3636 clr_optimization_v4.0.30319_32 - ok
16:55:58.0481 3636 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:55:58.0506 3636 clr_optimization_v4.0.30319_64 - ok
16:55:58.0532 3636 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
16:55:58.0550 3636 CmBatt - ok
16:55:58.0569 3636 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:55:58.0584 3636 cmdide - ok
16:55:58.0625 3636 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
16:55:58.0655 3636 CNG - ok
16:55:58.0739 3636 CnxtHdAudService (66847c979893a11cfcc2280e772d7ea1) C:\Windows\system32\drivers\CHDRT64.sys
16:55:58.0777 3636 CnxtHdAudService - ok
16:55:58.0873 3636 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
16:55:58.0893 3636 Compbatt - ok
16:55:58.0936 3636 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
16:55:58.0947 3636 CompositeBus - ok
16:55:58.0949 3636 COMSysApp - ok
16:55:59.0045 3636 ConfigFree Service (cab0eeaf5295fc96ddd3e19dce27e131) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
16:55:59.0067 3636 ConfigFree Service - ok
16:55:59.0091 3636 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
16:55:59.0105 3636 crcdisk - ok
16:55:59.0131 3636 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
16:55:59.0167 3636 CryptSvc - ok
16:55:59.0271 3636 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:55:59.0306 3636 cvhsvc - ok
16:55:59.0360 3636 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:55:59.0422 3636 DcomLaunch - ok
16:55:59.0448 3636 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:55:59.0477 3636 defragsvc - ok
16:55:59.0525 3636 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:55:59.0569 3636 DfsC - ok
16:55:59.0594 3636 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
16:55:59.0622 3636 Dhcp - ok
16:55:59.0631 3636 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:55:59.0657 3636 discache - ok
16:55:59.0669 3636 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
16:55:59.0678 3636 Disk - ok
16:55:59.0704 3636 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
16:55:59.0713 3636 Dnscache - ok
16:55:59.0734 3636 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
16:55:59.0762 3636 dot3svc - ok
16:55:59.0776 3636 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
16:55:59.0802 3636 DPS - ok
16:55:59.0827 3636 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:55:59.0838 3636 drmkaud - ok
16:55:59.0879 3636 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:55:59.0903 3636 DXGKrnl - ok
16:55:59.0935 3636 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:55:59.0962 3636 EapHost - ok
16:56:00.0091 3636 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
16:56:00.0126 3636 ebdrv - ok
16:56:00.0201 3636 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
16:56:00.0215 3636 EFS - ok
16:56:00.0294 3636 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
16:56:00.0317 3636 ehRecvr - ok
16:56:00.0331 3636 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:56:00.0346 3636 ehSched - ok
16:56:00.0421 3636 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
16:56:00.0446 3636 elxstor - ok
16:56:00.0461 3636 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:56:00.0470 3636 ErrDev - ok
16:56:00.0513 3636 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:56:00.0570 3636 EventSystem - ok
16:56:00.0594 3636 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:56:00.0622 3636 exfat - ok
16:56:00.0663 3636 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:56:00.0719 3636 fastfat - ok
16:56:00.0752 3636 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
16:56:00.0767 3636 Fax - ok
16:56:00.0770 3636 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
16:56:00.0779 3636 fdc - ok
16:56:00.0795 3636 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:56:00.0821 3636 fdPHost - ok
16:56:00.0832 3636 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:56:00.0858 3636 FDResPub - ok
16:56:00.0883 3636 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:56:00.0891 3636 FileInfo - ok
16:56:00.0899 3636 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:56:00.0925 3636 Filetrace - ok
16:56:00.0940 3636 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
16:56:00.0949 3636 flpydisk - ok
16:56:00.0966 3636 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:56:00.0977 3636 FltMgr - ok
16:56:01.0035 3636 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
16:56:01.0059 3636 FontCache - ok
16:56:01.0135 3636 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:56:01.0155 3636 FontCache3.0.0.0 - ok
16:56:01.0190 3636 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:56:01.0204 3636 FsDepends - ok
16:56:01.0227 3636 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
16:56:01.0242 3636 Fs_Rec - ok
16:56:01.0259 3636 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:56:01.0282 3636 fvevol - ok
16:56:01.0300 3636 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
16:56:01.0309 3636 gagp30kx - ok
16:56:01.0391 3636 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
16:56:01.0413 3636 GamesAppService - ok
16:56:01.0444 3636 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:56:01.0462 3636 GEARAspiWDM - ok
16:56:01.0510 3636 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
16:56:01.0542 3636 gpsvc - ok
16:56:01.0604 3636 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:56:01.0624 3636 gupdate - ok
16:56:01.0627 3636 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:56:01.0637 3636 gupdatem - ok
16:56:01.0652 3636 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:56:01.0659 3636 gusvc - ok
16:56:01.0686 3636 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:56:01.0695 3636 hcw85cir - ok
16:56:01.0713 3636 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
16:56:01.0727 3636 HdAudAddService - ok
16:56:01.0747 3636 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:56:01.0758 3636 HDAudBus - ok
16:56:01.0761 3636 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
16:56:01.0770 3636 HidBatt - ok
16:56:01.0775 3636 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
16:56:01.0787 3636 HidBth - ok
16:56:01.0791 3636 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
16:56:01.0801 3636 HidIr - ok
16:56:01.0821 3636 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
16:56:01.0848 3636 hidserv - ok
16:56:01.0867 3636 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
16:56:01.0876 3636 HidUsb - ok
16:56:01.0920 3636 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
16:56:01.0982 3636 hkmsvc - ok
16:56:02.0010 3636 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
16:56:02.0021 3636 HomeGroupListener - ok
16:56:02.0049 3636 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
16:56:02.0059 3636 HomeGroupProvider - ok
16:56:02.0064 3636 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:56:02.0073 3636 HpSAMD - ok
16:56:02.0117 3636 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:56:02.0149 3636 HTTP - ok
16:56:02.0166 3636 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:56:02.0174 3636 hwpolicy - ok
16:56:02.0196 3636 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
16:56:02.0206 3636 i8042prt - ok
16:56:02.0269 3636 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\DRIVERS\iaStor.sys
16:56:02.0299 3636 iaStor - ok
16:56:02.0327 3636 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:56:02.0341 3636 iaStorV - ok
16:56:02.0433 3636 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
16:56:02.0444 3636 IDriverT ( UnsignedFile.Multi.Generic ) - warning
16:56:02.0444 3636 IDriverT - detected UnsignedFile.Multi.Generic (1)
16:56:02.0556 3636 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:56:02.0585 3636 idsvc - ok
16:56:02.0664 3636 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
16:56:02.0676 3636 iirsp - ok
16:56:02.0724 3636 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
16:56:02.0766 3636 IKEEXT - ok
16:56:02.0770 3636 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:56:02.0778 3636 intelide - ok
16:56:02.0789 3636 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:56:02.0798 3636 intelppm - ok
16:56:02.0820 3636 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:56:02.0847 3636 IPBusEnum - ok
16:56:02.0852 3636 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:56:02.0878 3636 IpFilterDriver - ok
16:56:02.0914 3636 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
16:56:02.0959 3636 iphlpsvc - ok
16:56:02.0981 3636 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:56:02.0991 3636 IPMIDRV - ok
16:56:03.0009 3636 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:56:03.0037 3636 IPNAT - ok
16:56:03.0120 3636 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
16:56:03.0144 3636 iPod Service - ok
16:56:03.0160 3636 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:56:03.0173 3636 IRENUM - ok
16:56:03.0193 3636 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:56:03.0201 3636 isapnp - ok
16:56:03.0218 3636 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:56:03.0229 3636 iScsiPrt - ok
16:56:03.0239 3636 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
16:56:03.0248 3636 kbdclass - ok
16:56:03.0251 3636 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
16:56:03.0260 3636 kbdhid - ok
16:56:03.0279 3636 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:56:03.0289 3636 KeyIso - ok
16:56:03.0307 3636 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
16:56:03.0316 3636 KSecDD - ok
16:56:03.0336 3636 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
16:56:03.0346 3636 KSecPkg - ok
16:56:03.0374 3636 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:56:03.0400 3636 ksthunk - ok
16:56:03.0439 3636 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:56:03.0468 3636 KtmRm - ok
16:56:03.0497 3636 L1C (ebed8b3ff4a823c1a6eebeed7b29353f) C:\Windows\system32\DRIVERS\L1C62x64.sys
16:56:03.0504 3636 L1C - ok
16:56:03.0538 3636 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
16:56:03.0602 3636 LanmanServer - ok
16:56:03.0629 3636 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
16:56:03.0674 3636 LanmanWorkstation - ok
16:56:03.0687 3636 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:56:03.0714 3636 lltdio - ok
16:56:03.0747 3636 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:56:03.0776 3636 lltdsvc - ok
16:56:03.0790 3636 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:56:03.0817 3636 lmhosts - ok
16:56:03.0906 3636 LMS (2ed1786b7542cda261029f6b526edf44) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
16:56:03.0932 3636 LMS - ok
16:56:03.0953 3636 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
16:56:03.0963 3636 LSI_FC - ok
16:56:03.0976 3636 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
16:56:03.0985 3636 LSI_SAS - ok
16:56:03.0989 3636 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
16:56:03.0998 3636 LSI_SAS2 - ok
16:56:04.0013 3636 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
16:56:04.0022 3636 LSI_SCSI - ok
16:56:04.0036 3636 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:56:04.0063 3636 luafv - ok
16:56:04.0091 3636 McAfee SiteAdvisor Service - ok
16:56:04.0122 3636 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
16:56:04.0132 3636 Mcx2Svc - ok
16:56:04.0173 3636 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
16:56:04.0200 3636 megasas - ok
16:56:04.0212 3636 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
16:56:04.0226 3636 MegaSR - ok
16:56:04.0256 3636 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
16:56:04.0274 3636 MEIx64 - ok
16:56:04.0321 3636 mfeavfk (e7a60bdb4365b561d896019b82fb7dd0) C:\Windows\system32\drivers\mfeavfk.sys
16:56:04.0351 3636 mfeavfk - ok
16:56:04.0415 3636 mfefire (c53b7aba204d9f7e9568ec147a1485c5) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
16:56:04.0441 3636 mfefire - ok
16:56:04.0483 3636 mfehidk (1892616b7f9291fd77c3fa0a5811fe9f) C:\Windows\system32\drivers\mfehidk.sys
16:56:04.0503 3636 mfehidk - ok
16:56:04.0524 3636 mfenlfk (1721261c77f6e7a9e0cb51b7d9f31b60) C:\Windows\system32\DRIVERS\mfenlfk.sys
16:56:04.0532 3636 mfenlfk - ok
16:56:04.0548 3636 mfevtp (8f3b3c3625e3aaa11d6d4db8423e1721) C:\Windows\system32\mfevtps.exe
16:56:04.0557 3636 mfevtp - ok
16:56:04.0583 3636 mfewfpk (4f17d8b85b903d96ef7033bb6ef50516) C:\Windows\system32\drivers\mfewfpk.sys
16:56:04.0593 3636 mfewfpk - ok
16:56:04.0619 3636 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:56:04.0646 3636 MMCSS - ok
16:56:04.0678 3636 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:56:04.0734 3636 Modem - ok
16:56:04.0745 3636 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:56:04.0756 3636 monitor - ok
16:56:04.0770 3636 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
16:56:04.0779 3636 mouclass - ok
16:56:04.0782 3636 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
16:56:04.0791 3636 mouhid - ok
16:56:04.0807 3636 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:56:04.0816 3636 mountmgr - ok
16:56:04.0853 3636 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
16:56:04.0864 3636 MpFilter - ok
16:56:04.0890 3636 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:56:04.0900 3636 mpio - ok
16:56:04.0921 3636 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:56:04.0948 3636 mpsdrv - ok
16:56:05.0014 3636 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
16:56:05.0059 3636 MpsSvc - ok
16:56:05.0068 3636 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:56:05.0082 3636 MRxDAV - ok
16:56:05.0107 3636 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:56:05.0117 3636 mrxsmb - ok
16:56:05.0145 3636 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:56:05.0155 3636 mrxsmb10 - ok
16:56:05.0204 3636 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:56:05.0230 3636 mrxsmb20 - ok
16:56:05.0259 3636 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\DRIVERS\msahci.sys
16:56:05.0271 3636 msahci - ok
16:56:05.0290 3636 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:56:05.0303 3636 msdsm - ok
16:56:05.0343 3636 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:56:05.0374 3636 MSDTC - ok
16:56:05.0388 3636 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:56:05.0429 3636 Msfs - ok
16:56:05.0444 3636 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:56:05.0471 3636 mshidkmdf - ok
16:56:05.0498 3636 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:56:05.0506 3636 msisadrv - ok
16:56:05.0535 3636 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:56:05.0563 3636 MSiSCSI - ok
16:56:05.0566 3636 msiserver - ok
16:56:05.0583 3636 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:56:05.0609 3636 MSKSSRV - ok
16:56:05.0667 3636 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) C:\Program Files\Microsoft Security Client\MsMpEng.exe
16:56:05.0694 3636 MsMpSvc - ok
16:56:05.0709 3636 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:56:05.0741 3636 MSPCLOCK - ok
16:56:05.0760 3636 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:56:05.0787 3636 MSPQM - ok
16:56:05.0812 3636 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:56:05.0823 3636 MsRPC - ok
16:56:05.0840 3636 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:56:05.0848 3636 mssmbios - ok
16:56:05.0857 3636 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:56:05.0883 3636 MSTEE - ok
16:56:05.0900 3636 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
16:56:05.0909 3636 MTConfig - ok
16:56:05.0921 3636 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:56:05.0930 3636 Mup - ok
16:56:05.0968 3636 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
16:56:06.0016 3636 napagent - ok
16:56:06.0049 3636 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:56:06.0065 3636 NativeWifiP - ok
16:56:06.0168 3636 NAUpdate (13aa2130f2a104dd775ead0f0ee5417b) c:\Program Files (x86)\Nero\Update\NASvc.exe
16:56:06.0187 3636 NAUpdate - ok
16:56:06.0244 3636 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:56:06.0276 3636 NDIS - ok
16:56:06.0295 3636 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:56:06.0322 3636 NdisCap - ok
16:56:06.0337 3636 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:56:06.0363 3636 NdisTapi - ok
16:56:06.0373 3636 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:56:06.0399 3636 Ndisuio - ok
16:56:06.0414 3636 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:56:06.0440 3636 NdisWan - ok
16:56:06.0466 3636 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:56:06.0492 3636 NDProxy - ok
16:56:06.0504 3636 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:56:06.0530 3636 NetBIOS - ok
16:56:06.0557 3636 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:56:06.0585 3636 NetBT - ok
16:56:06.0612 3636 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:56:06.0621 3636 Netlogon - ok
16:56:06.0656 3636 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:56:06.0694 3636 Netman - ok
16:56:06.0711 3636 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:56:06.0741 3636 netprofm - ok
16:56:06.0811 3636 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:56:06.0838 3636 NetTcpPortSharing - ok
16:56:06.0862 3636 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
16:56:06.0875 3636 nfrd960 - ok
16:56:06.0903 3636 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:56:06.0916 3636 NisDrv - ok
16:56:06.0997 3636 NisSrv (10a43829a9e606af3eef25a1c1665923) C:\Program Files\Microsoft Security Client\NisSrv.exe
16:56:07.0024 3636 NisSrv - ok
16:56:07.0050 3636 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
16:56:07.0079 3636 NlaSvc - ok
16:56:07.0094 3636 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:56:07.0121 3636 Npfs - ok
16:56:07.0136 3636 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:56:07.0162 3636 nsi - ok
16:56:07.0184 3636 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:56:07.0210 3636 nsiproxy - ok
16:56:07.0288 3636 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:56:07.0329 3636 Ntfs - ok
16:56:07.0415 3636 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:56:07.0459 3636 Null - ok
16:56:07.0497 3636 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\Windows\system32\DRIVERS\nusb3hub.sys
16:56:07.0517 3636 nusb3hub - ok
16:56:07.0541 3636 nusb3xhc (d40a13b2c0891e218f9523b376955db6) C:\Windows\system32\DRIVERS\nusb3xhc.sys
16:56:07.0555 3636 nusb3xhc - ok
16:56:07.0579 3636 NVHDA (960e39a54e525df58cb29193147dffa1) C:\Windows\system32\drivers\nvhda64v.sys
16:56:07.0593 3636 NVHDA - ok
16:56:08.0066 3636 nvlddmkm (fb2dc1985ac763aac1b293441695ba34) C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:56:08.0220 3636 nvlddmkm - ok
16:56:08.0320 3636 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:56:08.0336 3636 nvraid - ok
16:56:08.0358 3636 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:56:08.0368 3636 nvstor - ok
16:56:08.0439 3636 NVSvc (0c0ee3e423ae115363e6c497d6d430e1) C:\Windows\system32\nvvsvc.exe
16:56:08.0475 3636 NVSvc - ok
16:56:08.0481 3636 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:56:08.0492 3636 nv_agp - ok
16:56:08.0516 3636 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:56:08.0526 3636 ohci1394 - ok
16:56:08.0598 3636 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:56:08.0625 3636 ose - ok
16:56:08.0857 3636 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:56:08.0920 3636 osppsvc - ok
16:56:09.0018 3636 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:56:09.0047 3636 p2pimsvc - ok
16:56:09.0077 3636 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:56:09.0103 3636 p2psvc - ok
16:56:09.0157 3636 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
16:56:09.0171 3636 Parport - ok
16:56:09.0184 3636 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
16:56:09.0195 3636 partmgr - ok
16:56:09.0224 3636 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:56:09.0244 3636 PcaSvc - ok
16:56:09.0264 3636 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:56:09.0278 3636 pci - ok
16:56:09.0291 3636 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
16:56:09.0302 3636 pciide - ok
16:56:09.0325 3636 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
16:56:09.0340 3636 pcmcia - ok
16:56:09.0351 3636 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:56:09.0363 3636 pcw - ok
16:56:09.0390 3636 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:56:09.0433 3636 PEAUTH - ok
16:56:09.0497 3636 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:56:09.0521 3636 PerfHost - ok
16:56:09.0563 3636 PGEffect (91111cebbde8015e822c46120ed9537c) C:\Windows\system32\DRIVERS\pgeffect.sys
16:56:09.0575 3636 PGEffect - ok
16:56:09.0649 3636 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
16:56:09.0692 3636 pla - ok
16:56:09.0731 3636 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
16:56:09.0744 3636 PlugPlay - ok
16:56:09.0752 3636 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:56:09.0761 3636 PNRPAutoReg - ok
16:56:09.0793 3636 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:56:09.0805 3636 PNRPsvc - ok
16:56:09.0839 3636 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
16:56:09.0876 3636 PolicyAgent - ok
16:56:09.0912 3636 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:56:09.0941 3636 Power - ok
16:56:09.0997 3636 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:56:10.0040 3636 PptpMiniport - ok
16:56:10.0056 3636 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
16:56:10.0066 3636 Processor - ok
16:56:10.0096 3636 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
16:56:10.0125 3636 ProfSvc - ok
16:56:10.0147 3636 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:56:10.0155 3636 ProtectedStorage - ok
16:56:10.0168 3636 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:56:10.0195 3636 Psched - ok
16:56:10.0225 3636 QIOMem (c8fcb4899f8b70cc34e0d9876a80963c) C:\Windows\system32\drivers\QIOMem.sys
16:56:10.0233 3636 QIOMem - ok
16:56:10.0323 3636 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
16:56:10.0356 3636 ql2300 - ok
16:56:10.0462 3636 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
16:56:10.0480 3636 ql40xx - ok
16:56:10.0508 3636 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:56:10.0530 3636 QWAVE - ok
16:56:10.0549 3636 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:56:10.0562 3636 QWAVEdrv - ok
16:56:10.0576 3636 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:56:10.0602 3636 RasAcd - ok
16:56:10.0624 3636 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:56:10.0650 3636 RasAgileVpn - ok
16:56:10.0664 3636 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:56:10.0690 3636 RasAuto - ok
16:56:10.0721 3636 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:56:10.0748 3636 Rasl2tp - ok
16:56:10.0776 3636 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
16:56:10.0805 3636 RasMan - ok
16:56:10.0820 3636 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:56:10.0848 3636 RasPppoe - ok
16:56:10.0859 3636 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:56:10.0885 3636 RasSstp - ok
16:56:10.0916 3636 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:56:10.0944 3636 rdbss - ok
16:56:10.0967 3636 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
16:56:10.0978 3636 rdpbus - ok
16:56:10.0997 3636 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:56:11.0024 3636 RDPCDD - ok
16:56:11.0033 3636 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:56:11.0059 3636 RDPENCDD - ok
16:56:11.0071 3636 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:56:11.0097 3636 RDPREFMP - ok
16:56:11.0133 3636 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
16:56:11.0143 3636 RDPWD - ok
16:56:11.0164 3636 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:56:11.0174 3636 rdyboost - ok
16:56:11.0208 3636 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:56:11.0236 3636 RemoteAccess - ok
16:56:11.0264 3636 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:56:11.0292 3636 RemoteRegistry - ok
16:56:11.0304 3636 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:56:11.0331 3636 RpcEptMapper - ok
16:56:11.0345 3636 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:56:11.0355 3636 RpcLocator - ok
16:56:11.0388 3636 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:56:11.0418 3636 RpcSs - ok
16:56:11.0444 3636 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:56:11.0471 3636 rspndr - ok
16:56:11.0508 3636 RSUSBSTOR (135a64530d7699ad48f29d73a658dd11) C:\Windows\system32\Drivers\RtsUStor.sys
16:56:11.0518 3636 RSUSBSTOR - ok
16:56:11.0538 3636 RSUSBVSTOR (e5dc911d0feb72caff2bbdd6e7c3672f) C:\Windows\system32\Drivers\RTSUVSTOR.sys
16:56:11.0549 3636 RSUSBVSTOR - ok
16:56:11.0569 3636 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:56:11.0578 3636 SamSs - ok
16:56:11.0601 3636 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:56:11.0610 3636 sbp2port - ok
16:56:11.0648 3636 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:56:11.0690 3636 SCardSvr - ok
16:56:11.0718 3636 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:56:11.0745 3636 scfilter - ok
16:56:11.0798 3636 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
16:56:11.0844 3636 Schedule - ok
16:56:11.0874 3636 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:56:11.0900 3636 SCPolicySvc - ok
16:56:11.0934 3636 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
16:56:11.0944 3636 SDRSVC - ok
16:56:12.0002 3636 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:56:12.0057 3636 secdrv - ok
16:56:12.0071 3636 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
16:56:12.0098 3636 seclogon - ok
16:56:12.0116 3636 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
16:56:12.0144 3636 SENS - ok
16:56:12.0161 3636 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:56:12.0170 3636 SensrSvc - ok
16:56:12.0182 3636 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
16:56:12.0191 3636 Serenum - ok
16:56:12.0211 3636 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
16:56:12.0221 3636 Serial - ok
16:56:12.0224 3636 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
16:56:12.0233 3636 sermouse - ok
16:56:12.0267 3636 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
16:56:12.0295 3636 SessionEnv - ok
16:56:12.0298 3636 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:56:12.0309 3636 sffdisk - ok
16:56:12.0312 3636 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:56:12.0323 3636 sffp_mmc - ok
16:56:12.0326 3636 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:56:12.0336 3636 sffp_sd - ok
16:56:12.0339 3636 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
16:56:12.0348 3636 sfloppy - ok
16:56:12.0397 3636 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
16:56:12.0418 3636 Sftfs - ok
16:56:12.0515 3636 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
16:56:12.0544 3636 sftlist - ok
16:56:12.0575 3636 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
16:56:12.0585 3636 Sftplay - ok
16:56:12.0597 3636 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
16:56:12.0604 3636 Sftredir - ok
16:56:12.0632 3636 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
16:56:12.0639 3636 Sftvol - ok
16:56:12.0651 3636 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
16:56:12.0661 3636 sftvsa - ok
16:56:12.0697 3636 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:56:12.0752 3636 SharedAccess - ok
16:56:12.0794 3636 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
16:56:12.0846 3636 ShellHWDetection - ok
16:56:12.0887 3636 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
16:56:12.0895 3636 SiSRaid2 - ok
16:56:12.0900 3636 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
16:56:12.0908 3636 SiSRaid4 - ok
16:56:12.0939 3636 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe
16:56:12.0947 3636 SkypeUpdate - ok
16:56:12.0954 3636 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:56:12.0981 3636 Smb - ok
16:56:13.0010 3636 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:56:13.0020 3636 SNMPTRAP - ok
16:56:13.0025 3636 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:56:13.0033 3636 spldr - ok
16:56:13.0069 3636 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
16:56:13.0100 3636 Spooler - ok
16:56:13.0239 3636 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
16:56:13.0299 3636 sppsvc - ok
16:56:13.0386 3636 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:56:13.0443 3636 sppuinotify - ok
16:56:13.0485 3636 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:56:13.0497 3636 srv - ok
16:56:13.0513 3636 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:56:13.0528 3636 srv2 - ok
16:56:13.0553 3636 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
16:56:13.0565 3636 SrvHsfHDA - ok
16:56:13.0619 3636 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
16:56:13.0640 3636 SrvHsfV92 - ok
16:56:13.0762 3636 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
16:56:13.0795 3636 SrvHsfWinac - ok
16:56:13.0822 3636 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:56:13.0831 3636 srvnet - ok
16:56:13.0871 3636 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:56:13.0917 3636 SSDPSRV - ok
16:56:13.0933 3636 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:56:13.0961 3636 SstpSvc - ok
16:56:14.0057 3636 Stereo Service (5b0acff02cabf365f312143f6e0da694) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:56:14.0079 3636 Stereo Service - ok
16:56:14.0098 3636 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
16:56:14.0108 3636 stexstor - ok
16:56:14.0164 3636 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
16:56:14.0195 3636 stisvc - ok
16:56:14.0216 3636 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:56:14.0224 3636 swenum - ok
16:56:14.0260 3636 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:56:14.0291 3636 swprv - ok
16:56:14.0376 3636 SynTP (f5b46df59feaa48a442aed7eeb754d4b) C:\Windows\system32\DRIVERS\SynTP.sys
16:56:14.0404 3636 SynTP - ok
16:56:14.0554 3636 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
16:56:14.0592 3636 SysMain - ok
16:56:14.0696 3636 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
16:56:14.0725 3636 TabletInputService - ok
16:56:14.0751 3636 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
16:56:14.0780 3636 TapiSrv - ok
16:56:14.0792 3636 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:56:14.0819 3636 TBS - ok
16:56:14.0949 3636 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
16:56:14.0992 3636 Tcpip - ok
16:56:15.0180 3636 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
16:56:15.0241 3636 TCPIP6 - ok
16:56:15.0371 3636 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:56:15.0436 3636 tcpipreg - ok
16:56:15.0471 3636 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\Windows\system32\DRIVERS\tdcmdpst.sys
16:56:15.0480 3636 tdcmdpst - ok
16:56:15.0492 3636 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:56:15.0505 3636 TDPIPE - ok
16:56:15.0527 3636 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
16:56:15.0540 3636 TDTCP - ok
16:56:15.0561 3636 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:56:15.0599 3636 tdx - ok
16:56:15.0675 3636 TemproMonitoringService (1b709733a04dcc41a63f9cd1f76a4ebe) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
16:56:15.0698 3636 TemproMonitoringService - ok
16:56:15.0718 3636 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
16:56:15.0741 3636 TermDD - ok
16:56:15.0797 3636 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
16:56:15.0847 3636 TermService - ok
16:56:15.0862 3636 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:56:15.0876 3636 Themes - ok
16:56:15.0899 3636 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:56:15.0926 3636 THREADORDER - ok
16:56:15.0986 3636 TMachInfo (83e91963c4452be6899503cf9ebfd3ed) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
16:56:16.0008 3636 TMachInfo - ok
16:56:16.0047 3636 TODDSrv (8e2c799d3476eac32c3ba0df7ce6af19) C:\Windows\system32\TODDSrv.exe
16:56:16.0065 3636 TODDSrv - ok
16:56:16.0159 3636 TosCoSrv (cdc97fa5c42b07fb0d4600e17c32f582) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
16:56:16.0189 3636 TosCoSrv - ok
16:56:16.0246 3636 TOSHIBA Bluetooth Service (8f099be5db17d025e19652851399b9f1) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
16:56:16.0270 3636 TOSHIBA Bluetooth Service - ok
16:56:16.0314 3636 TOSHIBA eco Utility Service (d0f868a67cb4d817a3f7abef8c42f49c) C:\Program Files\TOSHIBA\TECO\TecoService.exe
16:56:16.0335 3636 TOSHIBA eco Utility Service - ok
16:56:16.0375 3636 TOSHIBA HDD SSD Alert Service (edb4b432db13ea3d1eb2356310d33263) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
16:56:16.0391 3636 TOSHIBA HDD SSD Alert Service - ok
16:56:16.0420 3636 Tosrfcom - ok
16:56:16.0447 3636 tosrfec (f5e3ac4cbcd154ee80849b21887fd0b0) C:\Windows\system32\DRIVERS\tosrfec.sys
16:56:16.0461 3636 tosrfec - ok
16:56:16.0482 3636 Tosrfusb (7a0048693f98460ff537be31c741b927) C:\Windows\system32\DRIVERS\tosrfusb.sys
16:56:16.0491 3636 Tosrfusb - ok
16:56:16.0566 3636 TPCHSrv (098b8a408c17e125a3d9a8e1166780c8) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
16:56:16.0597 3636 TPCHSrv - ok
16:56:16.0633 3636 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:56:16.0661 3636 TrkWks - ok
16:56:16.0720 3636 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
16:56:16.0778 3636 TrustedInstaller - ok
16:56:16.0805 3636 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:56:16.0831 3636 tssecsrv - ok
16:56:16.0842 3636 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:56:16.0851 3636 TsUsbFlt - ok
16:56:16.0854 3636 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
16:56:16.0863 3636 TsUsbGD - ok
16:56:16.0886 3636 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:56:16.0913 3636 tunnel - ok
16:56:16.0933 3636 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
16:56:16.0939 3636 TVALZ - ok
16:56:16.0959 3636 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\Windows\system32\DRIVERS\TVALZFL.sys
16:56:16.0975 3636 TVALZFL - ok
16:56:16.0990 3636 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
16:56:17.0004 3636 uagp35 - ok
16:56:17.0038 3636 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:56:17.0079 3636 udfs - ok
16:56:17.0109 3636 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:56:17.0119 3636 UI0Detect - ok
16:56:17.0137 3636 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:56:17.0146 3636 uliagpkx - ok
16:56:17.0162 3636 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
16:56:17.0171 3636 umbus - ok
16:56:17.0184 3636 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
16:56:17.0193 3636 UmPass - ok
16:56:17.0370 3636 UNS (7e5e1603d0ff2d240ae70295c5c3fefc) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
16:56:17.0407 3636 UNS - ok
16:56:17.0511 3636 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:56:17.0558 3636 upnphost - ok
16:56:17.0604 3636 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
16:56:17.0607 3636 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
16:56:17.0607 3636 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
16:56:17.0639 3636 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
16:56:17.0670 3636 usbccgp - ok
16:56:17.0694 3636 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:56:17.0713 3636 usbcir - ok
16:56:17.0731 3636 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
16:56:17.0745 3636 usbehci - ok
16:56:17.0768 3636 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
16:56:17.0787 3636 usbhub - ok
16:56:17.0803 3636 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
16:56:17.0811 3636 usbohci - ok
16:56:17.0832 3636 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
16:56:17.0843 3636 usbprint - ok
16:56:17.0862 3636 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:56:17.0871 3636 USBSTOR - ok
16:56:17.0874 3636 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
16:56:17.0883 3636 usbuhci - ok
16:56:17.0902 3636 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
16:56:17.0914 3636 usbvideo - ok
16:56:17.0934 3636 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:56:17.0961 3636 UxSms - ok
16:56:17.0980 3636 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:56:17.0989 3636 VaultSvc - ok
16:56:17.0999 3636 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:56:18.0007 3636 vdrvroot - ok
16:56:18.0037 3636 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
16:56:18.0066 3636 vds - ok
16:56:18.0085 3636 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:56:18.0097 3636 vga - ok
16:56:18.0111 3636 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:56:18.0137 3636 VgaSave - ok
16:56:18.0148 3636 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:56:18.0158 3636 vhdmp - ok
16:56:18.0161 3636 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:56:18.0169 3636 viaide - ok
16:56:18.0186 3636 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:56:18.0195 3636 volmgr - ok
16:56:18.0213 3636 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:56:18.0225 3636 volmgrx - ok
16:56:18.0245 3636 volsnap (df8126bd41180351a093a3ad2fc8903b) C:\Windows\system32\drivers\volsnap.sys
16:56:18.0256 3636 volsnap - ok
16:56:18.0278 3636 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
16:56:18.0288 3636 vsmraid - ok
16:56:18.0364 3636 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
16:56:18.0410 3636 VSS - ok
16:56:18.0505 3636 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:56:18.0528 3636 vwifibus - ok
16:56:18.0534 3636 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:56:18.0550 3636 vwififlt - ok
16:56:18.0582 3636 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:56:18.0624 3636 W32Time - ok
16:56:18.0647 3636 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
16:56:18.0656 3636 WacomPen - ok
16:56:18.0680 3636 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:56:18.0706 3636 WANARP - ok
16:56:18.0709 3636 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:56:18.0735 3636 Wanarpv6 - ok
16:56:18.0823 3636 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
16:56:18.0856 3636 WatAdminSvc - ok
16:56:18.0937 3636 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
16:56:18.0969 3636 wbengine - ok
16:56:19.0062 3636 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:56:19.0084 3636 WbioSrvc - ok
16:56:19.0113 3636 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
16:56:19.0129 3636 wcncsvc - ok
16:56:19.0143 3636 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:56:19.0152 3636 WcsPlugInService - ok
16:56:19.0204 3636 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
16:56:19.0228 3636 Wd - ok
16:56:19.0258 3636 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:56:19.0285 3636 Wdf01000 - ok
16:56:19.0299 3636 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:56:19.0314 3636 WdiServiceHost - ok
16:56:19.0316 3636 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:56:19.0330 3636 WdiSystemHost - ok
16:56:19.0357 3636 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
16:56:19.0372 3636 WebClient - ok
16:56:19.0401 3636 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:56:19.0430 3636 Wecsvc - ok
16:56:19.0446 3636 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:56:19.0473 3636 wercplsupport - ok
16:56:19.0488 3636 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:56:19.0516 3636 WerSvc - ok
16:56:19.0568 3636 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:56:19.0622 3636 WfpLwf - ok
16:56:19.0635 3636 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:56:19.0643 3636 WIMMount - ok
16:56:19.0688 3636 WinDefend - ok
16:56:19.0704 3636 WinHttpAutoProxySvc - ok
16:56:19.0779 3636 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:56:19.0834 3636 Winmgmt - ok
16:56:19.0941 3636 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
16:56:20.0005 3636 WinRM - ok
16:56:20.0105 3636 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
16:56:20.0138 3636 WinUsb - ok
16:56:20.0206 3636 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:56:20.0233 3636 Wlansvc - ok
16:56:20.0299 3636 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:56:20.0316 3636 wlcrasvc - ok
16:56:20.0437 3636 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:56:20.0480 3636 wlidsvc - ok
16:56:20.0576 3636 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:56:20.0607 3636 WmiAcpi - ok
16:56:20.0677 3636 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:56:20.0715 3636 wmiApSrv - ok
16:56:20.0755 3636 WMPNetworkSvc - ok
16:56:20.0783 3636 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:56:20.0800 3636 WPCSvc - ok
16:56:20.0824 3636 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
16:56:20.0845 3636 WPDBusEnum - ok
16:56:20.0876 3636 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:56:20.0923 3636 ws2ifsl - ok
16:56:20.0939 3636 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
16:56:20.0952 3636 wscsvc - ok
16:56:20.0955 3636 WSearch - ok
16:56:21.0056 3636 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
16:56:21.0102 3636 wuauserv - ok
16:56:21.0203 3636 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:56:21.0258 3636 WudfPf - ok
16:56:21.0277 3636 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:56:21.0305 3636 WUDFRd - ok
16:56:21.0328 3636 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
16:56:21.0355 3636 wudfsvc - ok
16:56:21.0372 3636 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:56:21.0387 3636 WwanSvc - ok
16:56:21.0401 3636 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:56:22.0201 3636 \Device\Harddisk0\DR0 - ok
16:56:22.0235 3636 Boot (0x1200) (fa77338c7e9114435ca834f9dc24dd58) \Device\Harddisk0\DR0\Partition0
16:56:22.0237 3636 \Device\Harddisk0\DR0\Partition0 - ok
16:56:22.0261 3636 Boot (0x1200) (20642302bedb8c025baa1ac7d4bf3334) \Device\Harddisk0\DR0\Partition1
16:56:22.0263 3636 \Device\Harddisk0\DR0\Partition1 - ok
16:56:22.0265 3636 ============================================================
16:56:22.0266 3636 Scan finished
16:56:22.0266 3636 ============================================================
16:56:22.0288 3548 Detected object count: 2
16:56:22.0288 3548 Actual detected object count: 2
16:56:26.0521 3548 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
16:56:26.0521 3548 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:56:26.0523 3548 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
16:56:26.0523 3548 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:56:38.0856 2952 ============================================================
16:56:38.0856 2952 Scan started
16:56:38.0856 2952 Mode: Manual; SigCheck; TDLFS;
16:56:38.0856 2952 ============================================================
16:56:38.0975 2952 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:56:39.0003 2952 1394ohci - ok
16:56:39.0040 2952 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:56:39.0051 2952 ACPI - ok
16:56:39.0064 2952 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:56:39.0076 2952 AcpiPmi - ok
16:56:39.0190 2952 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:56:39.0210 2952 AdobeARMservice - ok
16:56:39.0360 2952 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:56:39.0386 2952 AdobeFlashPlayerUpdateSvc - ok
16:56:39.0452 2952 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
16:56:39.0482 2952 adp94xx - ok
16:56:39.0519 2952 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
16:56:39.0530 2952 adpahci - ok
16:56:39.0538 2952 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
16:56:39.0548 2952 adpu320 - ok
16:56:39.0573 2952 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:56:39.0599 2952 AeLookupSvc - ok
16:56:39.0639 2952 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:56:39.0651 2952 AFD - ok
16:56:39.0672 2952 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:56:39.0681 2952 agp440 - ok
16:56:39.0701 2952 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:56:39.0711 2952 ALG - ok
16:56:39.0713 2952 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:56:39.0721 2952 aliide - ok
16:56:39.0723 2952 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:56:39.0730 2952 amdide - ok
16:56:39.0748 2952 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
16:56:39.0757 2952 AmdK8 - ok
16:56:39.0761 2952 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
16:56:39.0770 2952 AmdPPM - ok
16:56:39.0775 2952 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:56:39.0784 2952 amdsata - ok
16:56:39.0807 2952 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
16:56:39.0817 2952 amdsbs - ok
16:56:39.0834 2952 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:56:39.0843 2952 amdxata - ok
16:56:39.0846 2952 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:56:39.0872 2952 AppID - ok
16:56:39.0891 2952 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:56:39.0917 2952 AppIDSvc - ok
16:56:39.0930 2952 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:56:39.0955 2952 Appinfo - ok
16:56:40.0054 2952 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:56:40.0072 2952 Apple Mobile Device - ok
16:56:40.0097 2952 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
16:56:40.0109 2952 arc - ok
16:56:40.0115 2952 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
16:56:40.0127 2952 arcsas - ok
16:56:40.0138 2952 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:56:40.0174 2952 AsyncMac - ok
16:56:40.0185 2952 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:56:40.0192 2952 atapi - ok
16:56:40.0314 2952 athr (b2931c83cfb12a3223a47b180473ae1a) C:\Windows\system32\DRIVERS\athrx.sys
16:56:40.0345 2952 athr - ok
16:56:40.0462 2952 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:56:40.0517 2952 AudioEndpointBuilder - ok
16:56:40.0523 2952 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:56:40.0556 2952 AudioSrv - ok
16:56:40.0578 2952 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:56:40.0591 2952 AxInstSV - ok
16:56:40.0643 2952 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
16:56:40.0655 2952 b06bdrv - ok
16:56:40.0684 2952 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:56:40.0695 2952 b57nd60a - ok
16:56:40.0719 2952 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:56:40.0728 2952 BDESVC - ok
16:56:40.0741 2952 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:56:40.0768 2952 Beep - ok
16:56:40.0804 2952 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
16:56:40.0845 2952 BFE - ok
16:56:40.0912 2952 BingDesktopUpdate (1b63f2b7ca6b5290cc124cdd07520bc9) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
16:56:40.0932 2952 BingDesktopUpdate - ok
16:56:41.0033 2952 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
16:56:41.0081 2952 BITS - ok
16:56:41.0128 2952 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
16:56:41.0148 2952 blbdrive - ok
16:56:41.0209 2952 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
16:56:41.0230 2952 Bonjour Service - ok
16:56:41.0260 2952 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:56:41.0277 2952 bowser - ok
16:56:41.0311 2952 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
16:56:41.0343 2952 BrFiltLo - ok
16:56:41.0351 2952 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
16:56:41.0365 2952 BrFiltUp - ok
16:56:41.0406 2952 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:56:41.0461 2952 Browser - ok
16:56:41.0482 2952 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:56:41.0496 2952 Brserid - ok
16:56:41.0518 2952 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:56:41.0536 2952 BrSerWdm - ok
16:56:41.0539 2952 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:56:41.0554 2952 BrUsbMdm - ok
16:56:41.0556 2952 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:56:41.0565 2952 BrUsbSer - ok
16:56:41.0593 2952 BtFilter (2347abbd13bada65826fdab4caafe357) C:\Windows\system32\DRIVERS\btfilter.sys
16:56:41.0600 2952 BtFilter - ok
16:56:41.0604 2952 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
16:56:41.0615 2952 BTHMODEM - ok
16:56:41.0633 2952 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:56:41.0660 2952 bthserv - ok
16:56:41.0671 2952 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:56:41.0697 2952 cdfs - ok
16:56:41.0710 2952 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
16:56:41.0719 2952 cdrom - ok
16:56:41.0740 2952 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:56:41.0766 2952 CertPropSvc - ok
16:56:41.0797 2952 cfwids (ed0263b2eb24f0f4e3898036fa1d28a1) C:\Windows\system32\drivers\cfwids.sys
16:56:41.0804 2952 cfwids - ok
16:56:41.0898 2952 cfWiMAXService (41e7c4fa6491747402cfca77cc1c7aab) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
16:56:41.0914 2952 cfWiMAXService - ok
16:56:41.0925 2952 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
16:56:41.0942 2952 circlass - ok
16:56:41.0978 2952 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:56:41.0989 2952 CLFS - ok
16:56:42.0069 2952 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:56:42.0080 2952 clr_optimization_v2.0.50727_32 - ok
16:56:42.0125 2952 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:56:42.0136 2952 clr_optimization_v2.0.50727_64 - ok
16:56:42.0179 2952 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:56:42.0192 2952 clr_optimization_v4.0.30319_32 - ok
16:56:42.0237 2952 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:56:42.0251 2952 clr_optimization_v4.0.30319_64 - ok
16:56:42.0278 2952 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
16:56:42.0293 2952 CmBatt - ok
16:56:42.0304 2952 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:56:42.0317 2952 cmdide - ok
16:56:42.0349 2952 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
16:56:42.0377 2952 CNG - ok
16:56:42.0459 2952 CnxtHdAudService (66847c979893a11cfcc2280e772d7ea1) C:\Windows\system32\drivers\CHDRT64.sys
16:56:42.0491 2952 CnxtHdAudService - ok
16:56:42.0596 2952 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
16:56:42.0608 2952 Compbatt - ok
16:56:42.0615 2952 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
16:56:42.0630 2952 CompositeBus - ok
16:56:42.0632 2952 COMSysApp - ok
16:56:42.0724 2952 ConfigFree Service (cab0eeaf5295fc96ddd3e19dce27e131) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
16:56:42.0741 2952 ConfigFree Service - ok
16:56:42.0760 2952 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
16:56:42.0773 2952 crcdisk - ok
16:56:42.0799 2952 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
16:56:42.0849 2952 CryptSvc - ok
16:56:42.0945 2952 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:56:42.0970 2952 cvhsvc - ok
16:56:43.0011 2952 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:56:43.0041 2952 DcomLaunch - ok
16:56:43.0072 2952 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:56:43.0101 2952 defragsvc - ok
16:56:43.0148 2952 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:56:43.0175 2952 DfsC - ok
16:56:43.0195 2952 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
16:56:43.0223 2952 Dhcp - ok
16:56:43.0233 2952 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:56:43.0259 2952 discache - ok
16:56:43.0271 2952 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
16:56:43.0279 2952 Disk - ok
16:56:43.0304 2952 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
16:56:43.0314 2952 Dnscache - ok
16:56:43.0338 2952 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
16:56:43.0365 2952 dot3svc - ok
16:56:43.0387 2952 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
16:56:43.0413 2952 DPS - ok
16:56:43.0440 2952 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:56:43.0470 2952 drmkaud - ok
16:56:43.0515 2952 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:56:43.0533 2952 DXGKrnl - ok
16:56:43.0559 2952 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:56:43.0587 2952 EapHost - ok
16:56:43.0716 2952 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
16:56:43.0756 2952 ebdrv - ok
16:56:43.0838 2952 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
16:56:43.0860 2952 EFS - ok
16:56:43.0936 2952 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
16:56:43.0967 2952 ehRecvr - ok
16:56:43.0990 2952 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:56:44.0009 2952 ehSched - ok
16:56:44.0091 2952 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
16:56:44.0122 2952 elxstor - ok
16:56:44.0141 2952 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:56:44.0151 2952 ErrDev - ok
16:56:44.0189 2952 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:56:44.0225 2952 EventSystem - ok
16:56:44.0251 2952 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:56:44.0278 2952 exfat - ok
16:56:44.0316 2952 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:56:44.0368 2952 fastfat - ok
16:56:44.0416 2952 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
16:56:44.0444 2952 Fax - ok
16:56:44.0448 2952 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
16:56:44.0461 2952 fdc - ok
16:56:44.0476 2952 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:56:44.0502 2952 fdPHost - ok
16:56:44.0514 2952 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:56:44.0540 2952 FDResPub - ok
16:56:44.0562 2952 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:56:44.0570 2952 FileInfo - ok
16:56:44.0581 2952 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:56:44.0607 2952 Filetrace - ok
16:56:44.0621 2952 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
16:56:44.0630 2952 flpydisk - ok
16:56:44.0649 2952 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:56:44.0660 2952 FltMgr - ok
16:56:44.0725 2952 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
16:56:44.0756 2952 FontCache - ok
16:56:44.0827 2952 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:56:44.0850 2952 FontCache3.0.0.0 - ok
16:56:44.0882 2952 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:56:44.0896 2952 FsDepends - ok
16:56:44.0919 2952 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
16:56:44.0932 2952 Fs_Rec - ok
16:56:44.0952 2952 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:56:44.0973 2952 fvevol - ok
16:56:44.0992 2952 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
16:56:45.0007 2952 gagp30kx - ok
16:56:45.0094 2952 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
16:56:45.0120 2952 GamesAppService - ok
16:56:45.0158 2952 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:56:45.0168 2952 GEARAspiWDM - ok
16:56:45.0230 2952 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
16:56:45.0280 2952 gpsvc - ok
16:56:45.0341 2952 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:56:45.0364 2952 gupdate - ok
16:56:45.0369 2952 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:56:45.0387 2952 gupdatem - ok
16:56:45.0410 2952 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:56:45.0418 2952 gusvc - ok
16:56:45.0445 2952 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:56:45.0453 2952 hcw85cir - ok
16:56:45.0471 2952 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
16:56:45.0485 2952 HdAudAddService - ok
16:56:45.0506 2952 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:56:45.0518 2952 HDAudBus - ok
16:56:45.0521 2952 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
16:56:45.0530 2952 HidBatt - ok
16:56:45.0536 2952 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
16:56:45.0547 2952 HidBth - ok
16:56:45.0551 2952 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
16:56:45.0562 2952 HidIr - ok
16:56:45.0579 2952 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
16:56:45.0606 2952 hidserv - ok
16:56:45.0615 2952 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
16:56:45.0624 2952 HidUsb - ok
16:56:45.0656 2952 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
16:56:45.0682 2952 hkmsvc - ok
16:56:45.0702 2952 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
16:56:45.0713 2952 HomeGroupListener - ok
16:56:45.0742 2952 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
16:56:45.0753 2952 HomeGroupProvider - ok
16:56:45.0757 2952 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:56:45.0765 2952 HpSAMD - ok
16:56:45.0813 2952 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:56:45.0855 2952 HTTP - ok
16:56:45.0868 2952 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:56:45.0876 2952 hwpolicy - ok
16:56:45.0895 2952 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
16:56:45.0904 2952 i8042prt - ok
16:56:45.0944 2952 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\DRIVERS\iaStor.sys
16:56:45.0955 2952 iaStor - ok
16:56:45.0987 2952 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:56:46.0004 2952 iaStorV - ok
16:56:46.0102 2952 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
16:56:46.0112 2952 IDriverT ( UnsignedFile.Multi.Generic ) - warning
16:56:46.0112 2952 IDriverT - detected UnsignedFile.Multi.Generic (1)
16:56:46.0232 2952 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:56:46.0265 2952 idsvc - ok
16:56:46.0356 2952 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
16:56:46.0381 2952 iirsp - ok
16:56:46.0427 2952 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
16:56:46.0464 2952 IKEEXT - ok
16:56:46.0468 2952 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:56:46.0476 2952 intelide - ok
16:56:46.0492 2952 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:56:46.0502 2952 intelppm - ok
16:56:46.0523 2952 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:56:46.0549 2952 IPBusEnum - ok
16:56:46.0554 2952 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:56:46.0579 2952 IpFilterDriver - ok
16:56:46.0615 2952 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
16:56:46.0645 2952 iphlpsvc - ok
16:56:46.0663 2952 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:56:46.0672 2952 IPMIDRV - ok
16:56:46.0690 2952 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:56:46.0718 2952 IPNAT - ok
16:56:46.0800 2952 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
16:56:46.0823 2952 iPod Service - ok
16:56:46.0840 2952 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:56:46.0853 2952 IRENUM - ok
16:56:46.0874 2952 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:56:46.0885 2952 isapnp - ok
16:56:46.0901 2952 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:56:46.0916 2952 iScsiPrt - ok
16:56:46.0932 2952 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
16:56:46.0940 2952 kbdclass - ok
16:56:46.0943 2952 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
16:56:46.0952 2952 kbdhid - ok
16:56:46.0971 2952 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:56:46.0980 2952 KeyIso - ok
16:56:47.0000 2952 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
16:56:47.0008 2952 KSecDD - ok
16:56:47.0030 2952 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
16:56:47.0039 2952 KSecPkg - ok
16:56:47.0066 2952 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:56:47.0112 2952 ksthunk - ok
16:56:47.0152 2952 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:56:47.0182 2952 KtmRm - ok
16:56:47.0211 2952 L1C (ebed8b3ff4a823c1a6eebeed7b29353f) C:\Windows\system32\DRIVERS\L1C62x64.sys
16:56:47.0218 2952 L1C - ok
16:56:47.0253 2952 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
16:56:47.0306 2952 LanmanServer - ok
16:56:47.0332 2952 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
16:56:47.0360 2952 LanmanWorkstation - ok
16:56:47.0378 2952 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:56:47.0404 2952 lltdio - ok
16:56:47.0441 2952 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:56:47.0470 2952 lltdsvc - ok
16:56:47.0482 2952 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:56:47.0508 2952 lmhosts - ok
16:56:47.0600 2952 LMS (2ed1786b7542cda261029f6b526edf44) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
16:56:47.0624 2952 LMS - ok
16:56:47.0647 2952 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
16:56:47.0658 2952 LSI_FC - ok
16:56:47.0679 2952 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
16:56:47.0690 2952 LSI_SAS - ok
16:56:47.0695 2952 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
16:56:47.0704 2952 LSI_SAS2 - ok
16:56:47.0727 2952 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
16:56:47.0737 2952 LSI_SCSI - ok
16:56:47.0750 2952 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:56:47.0776 2952 luafv - ok
16:56:47.0806 2952 McAfee SiteAdvisor Service - ok
16:56:47.0836 2952 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
16:56:47.0859 2952 Mcx2Svc - ok
16:56:47.0886 2952 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
16:56:47.0899 2952 megasas - ok
16:56:47.0914 2952 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
16:56:47.0931 2952 MegaSR - ok
16:56:47.0959 2952 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
16:56:47.0966 2952 MEIx64 - ok
16:56:47.0988 2952 mfeavfk (e7a60bdb4365b561d896019b82fb7dd0) C:\Windows\system32\drivers\mfeavfk.sys
16:56:47.0997 2952 mfeavfk - ok
16:56:48.0052 2952 mfefire (c53b7aba204d9f7e9568ec147a1485c5) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
16:56:48.0074 2952 mfefire - ok
16:56:48.0120 2952 mfehidk (1892616b7f9291fd77c3fa0a5811fe9f) C:\Windows\system32\drivers\mfehidk.sys
16:56:48.0147 2952 mfehidk - ok
16:56:48.0160 2952 mfenlfk (1721261c77f6e7a9e0cb51b7d9f31b60) C:\Windows\system32\DRIVERS\mfenlfk.sys
16:56:48.0167 2952 mfenlfk - ok
16:56:48.0187 2952 mfevtp (8f3b3c3625e3aaa11d6d4db8423e1721) C:\Windows\system32\mfevtps.exe
16:56:48.0195 2952 mfevtp - ok
16:56:48.0222 2952 mfewfpk (4f17d8b85b903d96ef7033bb6ef50516) C:\Windows\system32\drivers\mfewfpk.sys
16:56:48.0232 2952 mfewfpk - ok
16:56:48.0278 2952 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:56:48.0330 2952 MMCSS - ok
16:56:48.0358 2952 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:56:48.0422 2952 Modem - ok
16:56:48.0437 2952 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:56:48.0448 2952 monitor - ok
16:56:48.0463 2952 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
16:56:48.0471 2952 mouclass - ok
16:56:48.0474 2952 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
16:56:48.0483 2952 mouhid - ok
16:56:48.0499 2952 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:56:48.0507 2952 mountmgr - ok
16:56:48.0547 2952 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
16:56:48.0576 2952 MpFilter - ok
16:56:48.0602 2952 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:56:48.0617 2952 mpio - ok
16:56:48.0635 2952 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:56:48.0670 2952 mpsdrv - ok
16:56:48.0716 2952 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
16:56:48.0756 2952 MpsSvc - ok
16:56:48.0763 2952 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:56:48.0776 2952 MRxDAV - ok
16:56:48.0802 2952 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:56:48.0812 2952 mrxsmb - ok
16:56:48.0854 2952 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:56:48.0876 2952 mrxsmb10 - ok
16:56:48.0896 2952 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:56:48.0908 2952 mrxsmb20 - ok
16:56:48.0917 2952 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\DRIVERS\msahci.sys
16:56:48.0926 2952 msahci - ok
16:56:48.0948 2952 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:56:48.0957 2952 msdsm - ok
16:56:48.0989 2952 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:56:49.0022 2952 MSDTC - ok
16:56:49.0058 2952 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:56:49.0092 2952 Msfs - ok
16:56:49.0102 2952 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:56:49.0129 2952 mshidkmdf - ok
16:56:49.0135 2952 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:56:49.0142 2952 msisadrv - ok
16:56:49.0175 2952 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:56:49.0202 2952 MSiSCSI - ok
16:56:49.0204 2952 msiserver - ok
16:56:49.0220 2952 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:56:49.0246 2952 MSKSSRV - ok
16:56:49.0303 2952 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) C:\Program Files\Microsoft Security Client\MsMpEng.exe
16:56:49.0324 2952 MsMpSvc - ok
16:56:49.0335 2952 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:56:49.0366 2952 MSPCLOCK - ok
16:56:49.0385 2952 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:56:49.0411 2952 MSPQM - ok
16:56:49.0436 2952 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:56:49.0447 2952 MsRPC - ok
16:56:49.0465 2952 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:56:49.0472 2952 mssmbios - ok
16:56:49.0482 2952 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:56:49.0508 2952 MSTEE - ok
16:56:49.0526 2952 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
16:56:49.0535 2952 MTConfig - ok
16:56:49.0548 2952 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:56:49.0556 2952 Mup - ok
16:56:49.0602 2952 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
16:56:49.0631 2952 napagent - ok
16:56:49.0667 2952 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:56:49.0682 2952 NativeWifiP - ok
16:56:49.0789 2952 NAUpdate (13aa2130f2a104dd775ead0f0ee5417b) c:\Program Files (x86)\Nero\Update\NASvc.exe
16:56:49.0817 2952 NAUpdate - ok
16:56:49.0871 2952 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:56:49.0904 2952 NDIS - ok
16:56:49.0920 2952 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:56:49.0959 2952 NdisCap - ok
16:56:49.0974 2952 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:56:50.0000 2952 NdisTapi - ok
16:56:50.0007 2952 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:56:50.0032 2952 Ndisuio - ok
16:56:50.0050 2952 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:56:50.0076 2952 NdisWan - ok
16:56:50.0102 2952 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:56:50.0128 2952 NDProxy - ok
16:56:50.0140 2952 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:56:50.0166 2952 NetBIOS - ok
16:56:50.0193 2952 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:56:50.0220 2952 NetBT - ok
16:56:50.0238 2952 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:56:50.0247 2952 Netlogon - ok
16:56:50.0290 2952 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:56:50.0341 2952 Netman - ok
16:56:50.0360 2952 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:56:50.0390 2952 netprofm - ok
16:56:50.0481 2952 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:56:50.0504 2952 NetTcpPortSharing - ok
16:56:50.0532 2952 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
16:56:50.0545 2952 nfrd960 - ok
16:56:50.0572 2952 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:56:50.0585 2952 NisDrv - ok
16:56:50.0653 2952 NisSrv (10a43829a9e606af3eef25a1c1665923) C:\Program Files\Microsoft Security Client\NisSrv.exe
16:56:50.0672 2952 NisSrv - ok
16:56:50.0697 2952 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
16:56:50.0726 2952 NlaSvc - ok
16:56:50.0742 2952 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:56:50.0768 2952 Npfs - ok
16:56:50.0784 2952 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:56:50.0811 2952 nsi - ok
16:56:50.0832 2952 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:56:50.0858 2952 nsiproxy - ok
16:56:50.0935 2952 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:56:50.0963 2952 Ntfs - ok
16:56:51.0052 2952 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:56:51.0102 2952 Null - ok
16:56:51.0135 2952 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\Windows\system32\DRIVERS\nusb3hub.sys
16:56:51.0143 2952 nusb3hub - ok
16:56:51.0167 2952 nusb3xhc (d40a13b2c0891e218f9523b376955db6) C:\Windows\system32\DRIVERS\nusb3xhc.sys
16:56:51.0175 2952 nusb3xhc - ok
16:56:51.0196 2952 NVHDA (960e39a54e525df58cb29193147dffa1) C:\Windows\system32\drivers\nvhda64v.sys
16:56:51.0204 2952 NVHDA - ok
16:56:51.0688 2952 nvlddmkm (fb2dc1985ac763aac1b293441695ba34) C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:56:51.0843 2952 nvlddmkm - ok
16:56:51.0936 2952 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:56:51.0961 2952 nvraid - ok
16:56:51.0985 2952 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:56:52.0005 2952 nvstor - ok
16:56:52.0065 2952 NVSvc (0c0ee3e423ae115363e6c497d6d430e1) C:\Windows\system32\nvvsvc.exe
16:56:52.0089 2952 NVSvc - ok
16:56:52.0096 2952 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:56:52.0105 2952 nv_agp - ok
16:56:52.0133 2952 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:56:52.0142 2952 ohci1394 - ok
16:56:52.0213 2952 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:56:52.0227 2952 ose - ok
16:56:52.0444 2952 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:56:52.0515 2952 osppsvc - ok
16:56:52.0620 2952 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:56:52.0644 2952 p2pimsvc - ok
16:56:52.0677 2952 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:56:52.0692 2952 p2psvc - ok
16:56:52.0749 2952 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
16:56:52.0773 2952 Parport - ok
16:56:52.0786 2952 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
16:56:52.0798 2952 partmgr - ok
16:56:52.0839 2952 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:56:52.0874 2952 PcaSvc - ok
16:56:52.0887 2952 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:56:52.0898 2952 pci - ok
16:56:52.0915 2952 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
16:56:52.0923 2952 pciide - ok
16:56:52.0950 2952 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
16:56:52.0960 2952 pcmcia - ok
16:56:52.0976 2952 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:56:52.0984 2952 pcw - ok
16:56:53.0015 2952 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:56:53.0046 2952 PEAUTH - ok
16:56:53.0110 2952 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:56:53.0133 2952 PerfHost - ok
16:56:53.0164 2952 PGEffect (91111cebbde8015e822c46120ed9537c) C:\Windows\system32\DRIVERS\pgeffect.sys
16:56:53.0171 2952 PGEffect - ok
16:56:53.0232 2952 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
16:56:53.0269 2952 pla - ok
16:56:53.0313 2952 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
16:56:53.0346 2952 PlugPlay - ok
16:56:53.0365 2952 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:56:53.0378 2952 PNRPAutoReg - ok
16:56:53.0417 2952 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:56:53.0433 2952 PNRPsvc - ok
16:56:53.0474 2952 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
16:56:53.0508 2952 PolicyAgent - ok
16:56:53.0548 2952 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:56:53.0602 2952 Power - ok
16:56:53.0654 2952 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:56:53.0707 2952 PptpMiniport - ok
16:56:53.0725 2952 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
16:56:53.0734 2952 Processor - ok
16:56:53.0766 2952 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
16:56:53.0794 2952 ProfSvc - ok
16:56:53.0815 2952 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:56:53.0825 2952 ProtectedStorage - ok
16:56:53.0839 2952 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:56:53.0865 2952 Psched - ok
16:56:53.0894 2952 QIOMem (c8fcb4899f8b70cc34e0d9876a80963c) C:\Windows\system32\drivers\QIOMem.sys
16:56:53.0901 2952 QIOMem - ok
16:56:53.0981 2952 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
16:56:54.0015 2952 ql2300 - ok
16:56:54.0118 2952 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
16:56:54.0149 2952 ql40xx - ok
16:56:54.0197 2952 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:56:54.0219 2952 QWAVE - ok
16:56:54.0229 2952 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:56:54.0245 2952 QWAVEdrv - ok
16:56:54.0255 2952 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:56:54.0281 2952 RasAcd - ok
16:56:54.0314 2952 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:56:54.0340 2952 RasAgileVpn - ok
16:56:54.0355 2952 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:56:54.0381 2952 RasAuto - ok
16:56:54.0408 2952 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:56:54.0434 2952 Rasl2tp - ok
16:56:54.0471 2952 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
16:56:54.0499 2952 RasMan - ok
16:56:54.0512 2952 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:56:54.0538 2952 RasPppoe - ok
16:56:54.0549 2952 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:56:54.0576 2952 RasSstp - ok
16:56:54.0607 2952 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:56:54.0635 2952 rdbss - ok
16:56:54.0658 2952 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
16:56:54.0669 2952 rdpbus - ok
16:56:54.0688 2952 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:56:54.0714 2952 RDPCDD - ok
16:56:54.0724 2952 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:56:54.0750 2952 RDPENCDD - ok
16:56:54.0762 2952 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:56:54.0788 2952 RDPREFMP - ok
16:56:54.0824 2952 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
16:56:54.0834 2952 RDPWD - ok
16:56:54.0854 2952 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:56:54.0864 2952 rdyboost - ok
16:56:54.0901 2952 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:56:54.0951 2952 RemoteAccess - ok
16:56:54.0978 2952 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:56:55.0006 2952 RemoteRegistry - ok
16:56:55.0018 2952 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:56:55.0045 2952 RpcEptMapper - ok
16:56:55.0058 2952 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:56:55.0067 2952 RpcLocator - ok
16:56:55.0100 2952 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:56:55.0130 2952 RpcSs - ok
16:56:55.0157 2952 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:56:55.0184 2952 rspndr - ok
16:56:55.0221 2952 RSUSBSTOR (135a64530d7699ad48f29d73a658dd11) C:\Windows\system32\Drivers\RtsUStor.sys
16:56:55.0230 2952 RSUSBSTOR - ok
16:56:55.0255 2952 RSUSBVSTOR (e5dc911d0feb72caff2bbdd6e7c3672f) C:\Windows\system32\Drivers\RTSUVSTOR.sys
16:56:55.0264 2952 RSUSBVSTOR - ok
16:56:55.0293 2952 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:56:55.0301 2952 SamSs - ok
16:56:55.0316 2952 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:56:55.0325 2952 sbp2port - ok
16:56:55.0358 2952 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:56:55.0387 2952 SCardSvr - ok
16:56:55.0409 2952 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:56:55.0435 2952 scfilter - ok
16:56:55.0492 2952 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
16:56:55.0533 2952 Schedule - ok
16:56:55.0554 2952 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:56:55.0580 2952 SCPolicySvc - ok
16:56:55.0617 2952 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
16:56:55.0627 2952 SDRSVC - ok
16:56:55.0682 2952 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:56:55.0737 2952 secdrv - ok
16:56:55.0752 2952 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
16:56:55.0778 2952 seclogon - ok
16:56:55.0797 2952 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
16:56:55.0824 2952 SENS - ok
16:56:55.0841 2952 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:56:55.0850 2952 SensrSvc - ok
16:56:55.0862 2952 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
16:56:55.0871 2952 Serenum - ok
16:56:55.0891 2952 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
16:56:55.0900 2952 Serial - ok
16:56:55.0903 2952 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
16:56:55.0912 2952 sermouse - ok
16:56:55.0935 2952 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
16:56:55.0961 2952 SessionEnv - ok
16:56:55.0964 2952 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:56:55.0975 2952 sffdisk - ok
16:56:55.0977 2952 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:56:55.0988 2952 sffp_mmc - ok
16:56:55.0991 2952 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:56:56.0001 2952 sffp_sd - ok
16:56:56.0004 2952 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
16:56:56.0013 2952 sfloppy - ok
16:56:56.0058 2952 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
16:56:56.0073 2952 Sftfs - ok
16:56:56.0169 2952 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
16:56:56.0195 2952 sftlist - ok
16:56:56.0232 2952 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
16:56:56.0249 2952 Sftplay - ok
16:56:56.0266 2952 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
16:56:56.0273 2952 Sftredir - ok
16:56:56.0301 2952 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
16:56:56.0308 2952 Sftvol - ok
16:56:56.0334 2952 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
16:56:56.0343 2952 sftvsa - ok
16:56:56.0397 2952 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:56:56.0451 2952 SharedAccess - ok
16:56:56.0495 2952 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
16:56:56.0529 2952 ShellHWDetection - ok
16:56:56.0556 2952 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
16:56:56.0564 2952 SiSRaid2 - ok
16:56:56.0569 2952 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
16:56:56.0577 2952 SiSRaid4 - ok
16:56:56.0606 2952 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe
16:56:56.0622 2952 SkypeUpdate - ok
16:56:56.0633 2952 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:56:56.0670 2952 Smb - ok
16:56:56.0701 2952 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:56:56.0730 2952 SNMPTRAP - ok
16:56:56.0738 2952 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:56:56.0749 2952 spldr - ok
16:56:56.0783 2952 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
16:56:56.0825 2952 Spooler - ok
16:56:56.0967 2952 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
16:56:57.0030 2952 sppsvc - ok
16:56:57.0110 2952 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:56:57.0163 2952 sppuinotify - ok
16:56:57.0222 2952 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:56:57.0250 2952 srv - ok
16:56:57.0267 2952 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:56:57.0279 2952 srv2 - ok
16:56:57.0305 2952 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
16:56:57.0316 2952 SrvHsfHDA - ok
16:56:57.0380 2952 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
16:56:57.0405 2952 SrvHsfV92 - ok
16:56:57.0542 2952 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
16:56:57.0575 2952 SrvHsfWinac - ok
16:56:57.0600 2952 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:56:57.0610 2952 srvnet - ok
16:56:57.0638 2952 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:56:57.0666 2952 SSDPSRV - ok
16:56:57.0679 2952 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:56:57.0706 2952 SstpSvc - ok
16:56:57.0792 2952 Stereo Service (5b0acff02cabf365f312143f6e0da694) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:56:57.0818 2952 Stereo Service - ok
16:56:57.0833 2952 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
16:56:57.0843 2952 stexstor - ok
16:56:57.0897 2952 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
16:56:57.0923 2952 stisvc - ok
16:56:57.0940 2952 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:56:57.0949 2952 swenum - ok
16:56:57.0984 2952 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:56:58.0015 2952 swprv - ok
16:56:58.0100 2952 SynTP (f5b46df59feaa48a442aed7eeb754d4b) C:\Windows\system32\DRIVERS\SynTP.sys
16:56:58.0135 2952 SynTP - ok
16:56:58.0379 2952 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
16:56:58.0418 2952 SysMain - ok
16:56:58.0509 2952 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
16:56:58.0540 2952 TabletInputService - ok
16:56:58.0565 2952 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
16:56:58.0602 2952 TapiSrv - ok
16:56:58.0618 2952 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:56:58.0645 2952 TBS - ok
16:56:58.0778 2952 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
16:56:58.0820 2952 Tcpip - ok
16:56:59.0027 2952 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
16:56:59.0061 2952 TCPIP6 - ok
16:56:59.0151 2952 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:56:59.0209 2952 tcpipreg - ok
16:56:59.0240 2952 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\Windows\system32\DRIVERS\tdcmdpst.sys
16:56:59.0246 2952 tdcmdpst - ok
16:56:59.0261 2952 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:56:59.0269 2952 TDPIPE - ok
16:56:59.0296 2952 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
16:56:59.0305 2952 TDTCP - ok
16:56:59.0319 2952 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:56:59.0345 2952 tdx - ok
16:56:59.0422 2952 TemproMonitoringService (1b709733a04dcc41a63f9cd1f76a4ebe) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
16:56:59.0437 2952 TemproMonitoringService - ok
16:56:59.0453 2952 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
16:56:59.0466 2952 TermDD - ok
16:56:59.0514 2952 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
16:56:59.0560 2952 TermService - ok
16:56:59.0575 2952 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:56:59.0588 2952 Themes - ok
16:56:59.0611 2952 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:56:59.0638 2952 THREADORDER - ok
16:56:59.0699 2952 TMachInfo (83e91963c4452be6899503cf9ebfd3ed) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
16:56:59.0720 2952 TMachInfo - ok
16:56:59.0759 2952 TODDSrv (8e2c799d3476eac32c3ba0df7ce6af19) C:\Windows\system32\TODDSrv.exe
16:56:59.0785 2952 TODDSrv - ok
16:56:59.0883 2952 TosCoSrv (cdc97fa5c42b07fb0d4600e17c32f582) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
16:56:59.0910 2952 TosCoSrv - ok
16:56:59.0959 2952 TOSHIBA Bluetooth Service (8f099be5db17d025e19652851399b9f1) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
16:56:59.0986 2952 TOSHIBA Bluetooth Service - ok
16:57:00.0038 2952 TOSHIBA eco Utility Service (d0f868a67cb4d817a3f7abef8c42f49c) C:\Program Files\TOSHIBA\TECO\TecoService.exe
16:57:00.0054 2952 TOSHIBA eco Utility Service - ok
16:57:00.0099 2952 TOSHIBA HDD SSD Alert Service (edb4b432db13ea3d1eb2356310d33263) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
16:57:00.0121 2952 TOSHIBA HDD SSD Alert Service - ok
16:57:00.0167 2952 Tosrfcom - ok
16:57:00.0194 2952 tosrfec (f5e3ac4cbcd154ee80849b21887fd0b0) C:\Windows\system32\DRIVERS\tosrfec.sys
16:57:00.0205 2952 tosrfec - ok
16:57:00.0217 2952 Tosrfusb (7a0048693f98460ff537be31c741b927) C:\Windows\system32\DRIVERS\tosrfusb.sys
16:57:00.0228 2952 Tosrfusb - ok
16:57:00.0293 2952 TPCHSrv (098b8a408c17e125a3d9a8e1166780c8) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
16:57:00.0319 2952 TPCHSrv - ok
16:57:00.0355 2952 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:57:00.0383 2952 TrkWks - ok
16:57:00.0434 2952 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
16:57:00.0486 2952 TrustedInstaller - ok
16:57:00.0507 2952 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:57:00.0533 2952 tssecsrv - ok
16:57:00.0545 2952 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:57:00.0553 2952 TsUsbFlt - ok
16:57:00.0557 2952 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
16:57:00.0565 2952 TsUsbGD - ok
16:57:00.0585 2952 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:57:00.0611 2952 tunnel - ok
16:57:00.0635 2952 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
16:57:00.0641 2952 TVALZ - ok
16:57:00.0661 2952 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\Windows\system32\DRIVERS\TVALZFL.sys
16:57:00.0667 2952 TVALZFL - ok
16:57:00.0681 2952 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
16:57:00.0689 2952 uagp35 - ok
16:57:00.0718 2952 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:57:00.0747 2952 udfs - ok
16:57:00.0777 2952 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:57:00.0788 2952 UI0Detect - ok
16:57:00.0806 2952 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:57:00.0814 2952 uliagpkx - ok
16:57:00.0830 2952 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
16:57:00.0839 2952 umbus - ok
16:57:00.0853 2952 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
16:57:00.0862 2952 UmPass - ok
16:57:01.0052 2952 UNS (7e5e1603d0ff2d240ae70295c5c3fefc) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
16:57:01.0096 2952 UNS - ok
16:57:01.0189 2952 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:57:01.0228 2952 upnphost - ok
16:57:01.0274 2952 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
16:57:01.0284 2952 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
16:57:01.0284 2952 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
16:57:01.0321 2952 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
16:57:01.0352 2952 usbccgp - ok
16:57:01.0376 2952 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:57:01.0402 2952 usbcir - ok
16:57:01.0423 2952 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
16:57:01.0434 2952 usbehci - ok
16:57:01.0464 2952 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
16:57:01.0484 2952 usbhub - ok
16:57:01.0506 2952 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
16:57:01.0521 2952 usbohci - ok
16:57:01.0546 2952 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
16:57:01.0566 2952 usbprint - ok
16:57:01.0586 2952 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:57:01.0603 2952 USBSTOR - ok
16:57:01.0609 2952 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
16:57:01.0622 2952 usbuhci - ok
16:57:01.0651 2952 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
16:57:01.0662 2952 usbvideo - ok
16:57:01.0682 2952 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:57:01.0709 2952 UxSms - ok
16:57:01.0728 2952 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:57:01.0736 2952 VaultSvc - ok
16:57:01.0746 2952 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:57:01.0754 2952 vdrvroot - ok
16:57:01.0787 2952 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
16:57:01.0818 2952 vds - ok
16:57:01.0842 2952 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:57:01.0852 2952 vga - ok
16:57:01.0871 2952 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:57:01.0897 2952 VgaSave - ok
16:57:01.0907 2952 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:57:01.0916 2952 vhdmp - ok
16:57:01.0919 2952 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:57:01.0927 2952 viaide - ok
16:57:01.0947 2952 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:57:01.0955 2952 volmgr - ok
16:57:01.0985 2952 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:57:01.0996 2952 volmgrx - ok
16:57:02.0017 2952 volsnap (df8126bd41180351a093a3ad2fc8903b) C:\Windows\system32\drivers\volsnap.sys
16:57:02.0028 2952 volsnap - ok
16:57:02.0050 2952 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
16:57:02.0059 2952 vsmraid - ok
16:57:02.0133 2952 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
16:57:02.0180 2952 VSS - ok
16:57:02.0275 2952 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:57:02.0306 2952 vwifibus - ok
16:57:02.0313 2952 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:57:02.0326 2952 vwififlt - ok
16:57:02.0363 2952 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:57:02.0393 2952 W32Time - ok
16:57:02.0405 2952 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
16:57:02.0414 2952 WacomPen - ok
16:57:02.0439 2952 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:57:02.0465 2952 WANARP - ok
16:57:02.0467 2952 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:57:02.0492 2952 Wanarpv6 - ok
16:57:02.0567 2952 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
16:57:02.0589 2952 WatAdminSvc - ok
16:57:02.0669 2952 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
16:57:02.0702 2952 wbengine - ok
16:57:02.0788 2952 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:57:02.0815 2952 WbioSrvc - ok
16:57:02.0838 2952 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
16:57:02.0855 2952 wcncsvc - ok
16:57:02.0868 2952 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:57:02.0877 2952 WcsPlugInService - ok
16:57:02.0940 2952 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
16:57:02.0954 2952 Wd - ok
16:57:02.0982 2952 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:57:02.0997 2952 Wdf01000 - ok
16:57:03.0014 2952 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:57:03.0028 2952 WdiServiceHost - ok
16:57:03.0031 2952 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:57:03.0044 2952 WdiSystemHost - ok
16:57:03.0076 2952 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
16:57:03.0091 2952 WebClient - ok
16:57:03.0112 2952 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:57:03.0141 2952 Wecsvc - ok
16:57:03.0160 2952 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:57:03.0187 2952 wercplsupport - ok
16:57:03.0203 2952 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:57:03.0230 2952 WerSvc - ok
16:57:03.0282 2952 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:57:03.0341 2952 WfpLwf - ok
16:57:03.0361 2952 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:57:03.0369 2952 WIMMount - ok
16:57:03.0412 2952 WinDefend - ok
16:57:03.0416 2952 WinHttpAutoProxySvc - ok
16:57:03.0483 2952 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:57:03.0528 2952 Winmgmt - ok
16:57:03.0637 2952 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
16:57:03.0686 2952 WinRM - ok
16:57:03.0785 2952 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
16:57:03.0815 2952 WinUsb - ok
16:57:03.0871 2952 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:57:03.0902 2952 Wlansvc - ok
16:57:03.0969 2952 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:57:03.0991 2952 wlcrasvc - ok
16:57:04.0112 2952 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:57:04.0158 2952 wlidsvc - ok
16:57:04.0257 2952 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:57:04.0280 2952 WmiAcpi - ok
16:57:04.0347 2952 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:57:04.0377 2952 wmiApSrv - ok
16:57:04.0414 2952 WMPNetworkSvc - ok
16:57:04.0442 2952 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:57:04.0473 2952 WPCSvc - ok
16:57:04.0495 2952 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
16:57:04.0516 2952 WPDBusEnum - ok
16:57:04.0545 2952 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:57:04.0572 2952 ws2ifsl - ok
16:57:04.0585 2952 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
16:57:04.0599 2952 wscsvc - ok
16:57:04.0601 2952 WSearch - ok
16:57:04.0694 2952 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
16:57:04.0739 2952 wuauserv - ok
16:57:04.0841 2952 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:57:04.0894 2952 WudfPf - ok
16:57:04.0919 2952 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:57:04.0945 2952 WUDFRd - ok
16:57:04.0964 2952 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
16:57:04.0991 2952 wudfsvc - ok
16:57:05.0007 2952 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:57:05.0021 2952 WwanSvc - ok
16:57:05.0038 2952 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:57:05.0849 2952 \Device\Harddisk0\DR0 - ok
16:57:05.0882 2952 Boot (0x1200) (fa77338c7e9114435ca834f9dc24dd58) \Device\Harddisk0\DR0\Partition0
16:57:05.0885 2952 \Device\Harddisk0\DR0\Partition0 - ok
16:57:05.0909 2952 Boot (0x1200) (20642302bedb8c025baa1ac7d4bf3334) \Device\Harddisk0\DR0\Partition1
16:57:05.0911 2952 \Device\Harddisk0\DR0\Partition1 - ok
16:57:05.0912 2952 ============================================================
16:57:05.0912 2952 Scan finished
16:57:05.0912 2952 ============================================================
16:57:05.0926 6228 Detected object count: 2
16:57:05.0926 6228 Actual detected object count: 2
16:57:15.0951 6228 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
16:57:15.0951 6228 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:57:15.0954 6228 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
16:57:15.0954 6228 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:57:20.0117 3616 Deinitialize success


Thanx a lot really
Attached File  TDSSKiller.2.7.33.0_29.04.2012_16.52.42_log.txt   404.55KB   29 downloads
  • 0

Advertisements


#11
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hello :)

I made a wrong diagnosis before, you weren't infected with a rootkit.

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :processes
    killallprocesses

    :OTL
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
    O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
    O32 - AutoRun File - [2008/03/12 18:19:10 | 000,000,044 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
    O33 - MountPoints2\{7e3aa425-0484-11e1-a7fa-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{7e3aa425-0484-11e1-a7fa-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -- [2008/03/12 18:19:10 | 000,217,187 | R--- | M] (THOMSON Telecom Belgium)

    :Services

    :Reg

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [EMPTYFLASH]
    [EMPTYJAVA]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    /md5start
    MpNWMon.sys
    /md5stop

  • Click the Quick Scan button. Post the log it produces in your next reply.


Next:

Upgrading Java:
  • Go here and click Free Java Download
  • It will offer you the latest version of java, download it and install it


Next:

What browser are you using?
Can you try again and tell me if the problem persists?

As I read here, the problem isn't malware related but we'll see what we can do :thumbsup:
  • 0

#12
sassa

sassa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
Hey Thanx for ur response again ok i did the first OTL and did a reboot this is what i got


========== PROCESSES ==========
All processes killed
========== OTL ==========
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
File move failed. E:\autorun.inf scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e3aa425-0484-11e1-a7fa-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7e3aa425-0484-11e1-a7fa-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e3aa425-0484-11e1-a7fa-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7e3aa425-0484-11e1-a7fa-806e6f6e6963}\ not found.
File move failed. E:\setup.exe scheduled to be moved on reboot.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Toshiba\Downloads\cmd.bat deleted successfully.
C:\Users\Toshiba\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 56466 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: Toshiba
->Flash cache emptied: 67220 bytes

Total Flash Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Public

User: Toshiba
->Java cache emptied: 650911 bytes

Total Java Files Cleaned = 1.00 mb


OTL by OldTimer - Version 3.2.42.0 log created on 05012012_185428

Files\Folders moved on Reboot...
File move failed. E:\autorun.inf scheduled to be moved on reboot.
File move failed. E:\setup.exe scheduled to be moved on reboot.

Registry entries deleted on Reboot...
  • 0

#13
sassa

sassa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
Hey thanx for ur help again and again... I did the OTL and reboot the program and this is the result:


========== PROCESSES ==========
All processes killed
========== OTL ==========
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
File move failed. E:\autorun.inf scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e3aa425-0484-11e1-a7fa-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7e3aa425-0484-11e1-a7fa-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e3aa425-0484-11e1-a7fa-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7e3aa425-0484-11e1-a7fa-806e6f6e6963}\ not found.
File move failed. E:\setup.exe scheduled to be moved on reboot.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Toshiba\Downloads\cmd.bat deleted successfully.
C:\Users\Toshiba\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 56466 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: Toshiba
->Flash cache emptied: 67220 bytes

Total Flash Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Public

User: Toshiba
->Java cache emptied: 650911 bytes

Total Java Files Cleaned = 1.00 mb


OTL by OldTimer - Version 3.2.42.0 log created on 05012012_185428

Files\Folders moved on Reboot...
File move failed. E:\autorun.inf scheduled to be moved on reboot.
File move failed. E:\setup.exe scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Now going for the second OTL thing will shortly post the second report
  • 0

#14
sassa

sassa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
Im using Google Chrome mainly but it happens with all browser and any hotmail account.. well it happened and directly after my emails were hacked and weired email has been sent from my email stating ive been robbed in spain and i need 3000 euros... I got back my mail
and can u tell me which antivirus is the best? thx again
  • 0

#15
sassa

sassa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
Here is the second OTL:


OTL logfile created on: 5/1/2012 7:15:33 PM - Run 3
OTL by OldTimer - Version 3.2.42.0 Folder = C:\Users\Toshiba\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.98 Gb Total Physical Memory | 4.22 Gb Available Physical Memory | 70.60% Memory free
11.96 Gb Paging File | 9.97 Gb Available in Paging File | 83.36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 348.61 Gb Total Space | 305.68 Gb Free Space | 87.69% Space Free | Partition Type: NTFS
Drive D: | 349.64 Gb Total Space | 335.40 Gb Free Space | 95.93% Space Free | Partition Type: NTFS
Drive E: | 82.91 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: TOSHIBA-TOSH | User Name: Toshiba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/04/26 00:22:58 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Toshiba\Downloads\OTL.exe
PRC - [2012/04/12 10:37:36 | 001,224,176 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012/03/30 14:41:46 | 000,151,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
PRC - [2012/03/07 03:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/03/07 03:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/02/23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
PRC - [2012/01/03 05:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/05/11 20:49:32 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/03/29 16:33:08 | 000,598,312 | ---- | M] (Nero AG) -- c:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2010/12/20 20:30:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/12/20 20:30:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/12/03 16:57:16 | 000,304,560 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2010/11/21 06:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2009/07/28 22:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009/07/22 15:40:00 | 000,083,336 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
PRC - [2009/03/10 20:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe


========== Modules (No Company Name) ==========

MOD - [2012/04/12 10:37:34 | 000,444,400 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\ppgooglenaclpluginchrome.dll
MOD - [2012/04/12 10:37:33 | 003,915,248 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\pdf.dll
MOD - [2012/04/12 10:36:08 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\avutil-51.dll
MOD - [2012/04/12 10:36:06 | 000,220,672 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\avformat-53.dll
MOD - [2012/04/12 10:36:05 | 001,747,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\avcodec-53.dll
MOD - [2011/11/01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe /McCoreSvc -- (McAfee SiteAdvisor Service)
SRV:64bit: - File not found [Disabled | Unknown] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/03/26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2012/03/07 03:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/12/06 17:25:40 | 000,161,168 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2011/12/06 17:16:02 | 000,208,536 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2011/07/01 13:46:14 | 000,828,856 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2011/03/02 17:36:16 | 000,266,680 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2010/12/09 19:45:26 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2010/12/08 17:42:54 | 000,137,632 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2010/10/20 16:41:00 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/14 04:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/04/20 23:44:20 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/03/30 14:41:46 | 000,151,656 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)
SRV - [2012/02/29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/01/03 05:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/05/11 20:49:32 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/03/29 16:33:08 | 000,598,312 | ---- | M] (Nero AG) [Auto | Running] -- c:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) @c:\Program Files (x86)
SRV - [2011/02/10 10:25:36 | 000,112,080 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)
SRV - [2010/12/20 20:30:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/12/20 20:30:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/11/29 16:58:30 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/10/12 20:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/04/12 12:45:00 | 000,196,976 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/28 18:44:40 | 000,249,200 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2009/06/11 00:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/10 20:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/07 03:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/03/07 03:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/03/07 03:02:45 | 000,028,504 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2012/03/07 03:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/03/07 03:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/03/07 03:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/03/07 03:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/03/01 09:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/15 12:16:16 | 000,647,080 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2011/10/15 12:16:16 | 000,284,648 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2011/10/15 12:16:16 | 000,229,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2011/10/15 12:16:16 | 000,075,808 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2011/10/15 12:16:16 | 000,065,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2011/10/01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/08/02 17:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/07/08 19:06:08 | 000,307,304 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2011/05/10 19:41:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/03/11 09:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 09:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/08 21:07:00 | 000,038,096 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2011/02/03 21:59:06 | 001,413,680 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/01/27 17:27:04 | 000,067,384 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfusb.sys -- (Tosrfusb)
DRV:64bit: - [2011/01/27 14:34:12 | 001,577,088 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2011/01/12 19:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/12/17 21:46:46 | 002,675,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/12/10 15:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/12/10 15:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/12/01 18:12:06 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/11/21 06:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 06:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 06:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/08 14:44:40 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/10/19 18:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010/10/18 16:14:02 | 000,042,096 | R--- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2010/06/18 18:45:00 | 000,018,872 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfec.sys -- (tosrfec)
DRV:64bit: - [2009/07/30 22:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/14 04:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 04:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 04:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/19 21:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/15 14:58:50 | 000,012,800 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\QIOMem.sys -- (QIOMem)
DRV:64bit: - [2009/06/11 00:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/11 00:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/11 00:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 23:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 23:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 23:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 23:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/07/14 04:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1861668113-2035247836-3707625544-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=TEUA&bmod=TEUA
IE - HKU\S-1-5-21-1861668113-2035247836-3707625544-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.sa/
IE - HKU\S-1-5-21-1861668113-2035247836-3707625544-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-1861668113-2035247836-3707625544-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1861668113-2035247836-3707625544-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7TEUA_enSA461
IE - HKU\S-1-5-21-1861668113-2035247836-3707625544-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1861668113-2035247836-3707625544-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/02/28 15:45:40 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\NPAPIFlash\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Zylom Plugin (Enabled) = C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
CHR - Extension: SiteAdvisor = C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\
CHR - Extension: avast! WebRep = C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\

O1 HOSTS File: ([2009/06/11 00:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-1861668113-2035247836-3707625544-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant systems, Inc.)
O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [NBAgent] c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe (TOSHIBA)
O4 - HKU\.DEFAULT..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-18..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-21-1861668113-2035247836-3707625544-1000..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKU\S-1-5-21-1861668113-2035247836-3707625544-1000..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe (TOSHIBA)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk = C:\Program Files (x86)\BBC iPlayer Desktop\BBC iPlayer Desktop.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8:64bit: - Extra context menu item: Add to TOSHIBA Bulletin Board - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O8 - Extra context menu item: Add to TOSHIBA Bulletin Board - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O9:64bit: - Extra Button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom64.dll (TODO: <会社名>)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom64.dll (TODO: <会社名>)
O9 - Extra Button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O9 - Extra 'Tools' menuitem : @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BFFF8AD4-A82B-458C-8709-85D1DE6C2357}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/03/12 18:19:10 | 000,000,044 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/01 18:54:28 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/05/01 12:18:50 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{87994488-F44F-42FE-A0E5-C4F4072A7F72}
[2012/05/01 12:12:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Pro Antivirus
[2012/05/01 00:18:21 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{8E8FB756-1A2E-4EE7-A057-8F045DCE86C1}
[2012/05/01 00:18:07 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{C541298E-CEF3-4EC6-B7D4-1F7AD3227E21}
[2012/04/30 13:56:12 | 000,337,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/04/30 13:56:12 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/04/30 13:55:56 | 000,819,032 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/04/30 13:55:56 | 000,059,224 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/04/30 13:55:56 | 000,053,080 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/04/30 13:55:56 | 000,028,504 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2012/04/30 13:55:55 | 000,069,976 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/04/30 13:55:31 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/04/30 13:55:31 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/04/30 12:17:41 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{4CB9AE4C-22F2-4C39-AC86-9268AFE1B191}
[2012/04/30 00:17:15 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{159EDA0E-073B-4775-8C16-3DFA02DA1C09}
[2012/04/30 00:17:04 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{C5B0367D-2ACF-4FEE-9239-E00FEF98ECD8}
[2012/04/29 16:27:58 | 000,258,520 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/04/29 16:27:19 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/04/29 16:27:19 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/04/29 12:16:34 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{38E2F4D6-FB67-4F85-B8F7-A6D45A99ACCD}
[2012/04/29 00:16:11 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{86E7A9F1-E74A-4E8B-ACAC-B88CF3AC2AD7}
[2012/04/28 12:15:42 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{F28F889B-6485-4EDD-9E73-0EDD4222192C}
[2012/04/28 12:15:27 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{6E4245A2-6616-420E-A3C8-15B0BA8E8180}
[2012/04/27 00:14:36 | 000,000,000 | ---D | C] -- C:\ProgramData\InterAction studios
[2012/04/27 00:03:20 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\Microsoft Games
[2012/04/26 16:19:13 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{68E29AAB-124A-48A7-89DC-577FA573CE79}
[2012/04/26 16:19:01 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{0C0A1C71-016D-4364-AA9E-39BF572B8EC1}
[2012/04/26 12:16:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zylom Games
[2012/04/26 12:16:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Zylom
[2012/04/26 02:49:15 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{53E84137-CFCE-4B45-8DB1-922F269E408D}
[2012/04/26 02:49:04 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{E836197D-E779-4F95-8E8A-04ECD48DA885}
[2012/04/26 02:41:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012/04/26 02:37:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing Desktop
[2012/04/26 02:37:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2012/04/25 17:27:15 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\Desktop\CV
[2012/04/23 13:53:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/04/23 13:53:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/04/23 11:54:05 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{C4824836-FA80-4634-AA29-CAFE0319A7A0}
[2012/04/22 23:53:41 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{6E2A59A2-7A70-466F-9421-3F7627E66F89}
[2012/04/22 11:53:15 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{480A257F-02AB-4E3F-83F1-3BEB1948AF66}
[2012/04/21 23:52:51 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{CEE59D3F-058F-4FD2-8AB0-1B75FD348C25}
[2012/04/21 11:43:50 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{8A7BAFDA-AFFF-4997-80BC-3A8B98EFDA84}
[2012/04/20 23:44:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/04/20 23:43:18 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{3B58691B-F67A-4C51-B45D-A5373B09EDB6}
[2012/04/20 23:43:07 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{7E685F98-A34C-42E9-8A91-A45348CBDC87}
[2012/04/18 12:56:45 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{5EE94C51-F181-4169-8497-56916F81179A}
[2012/04/18 12:56:35 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{28864D65-EA55-49D5-A420-EC27E4318721}
[2012/04/18 12:27:03 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012/04/18 12:26:16 | 000,000,000 | ---D | C] -- C:\Windows\ar
[2012/04/18 12:26:14 | 000,000,000 | ---D | C] -- C:\Windows\fr
[2012/04/18 12:26:08 | 000,000,000 | ---D | C] -- C:\Windows\tr
[2012/04/18 12:20:30 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{C3D96398-BAAE-44BA-9721-F934FA41D752}
[2012/04/18 12:20:17 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{E5867A72-61F5-4F47-AA33-E3860118F828}
[2012/04/14 03:22:57 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\{78C75A20-C526-4D05-8173-656596D7A5D1}
[2012/04/13 22:43:01 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\ElevatedDiagnostics
[2012/04/07 16:37:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/04/07 16:36:27 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/04/07 16:36:26 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/04/07 16:36:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes

========== Files - Modified Within 30 Days ==========

[2012/05/01 19:13:37 | 000,001,100 | ---- | M] () -- C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk
[2012/05/01 19:12:54 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/01 19:12:22 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/01 19:11:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/01 19:11:48 | 522,604,543 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/01 19:04:05 | 000,025,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/01 19:04:05 | 000,025,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/01 18:54:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/01 13:26:04 | 000,049,197 | ---- | M] () -- C:\Users\Toshiba\Desktop\Jeep.jpg
[2012/05/01 12:12:16 | 000,001,848 | ---- | M] () -- C:\Users\Public\Desktop\avast! Pro Antivirus.lnk
[2012/05/01 12:12:15 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/04/28 16:58:53 | 000,747,590 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/04/28 16:58:53 | 000,639,174 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/04/28 16:58:53 | 000,111,932 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/04/28 01:14:31 | 009,000,590 | ---- | M] () -- C:\Users\Toshiba\Desktop\saco.pdf
[2012/04/27 00:24:56 | 000,002,748 | ---- | M] () -- C:\Users\Public\Desktop\WildTangent Games App - toshiba.lnk
[2012/04/26 02:41:51 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/04/26 02:41:41 | 000,761,436 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/04/26 00:22:40 | 000,000,512 | ---- | M] () -- C:\Users\Toshiba\Documents\MBR.dat
[2012/04/25 14:54:51 | 000,015,508 | ---- | M] () -- C:\Users\Toshiba\Desktop\lol.jpg
[2012/04/24 14:05:33 | 000,110,992 | ---- | M] () -- C:\Users\Toshiba\Desktop\581390_10150669526080756_710895755_9727010_1943381955_n.jpg
[2012/04/22 17:49:41 | 009,473,591 | ---- | M] () -- C:\Users\Toshiba\Desktop\april2012_14th_issue_flyer.pdf
[2012/04/22 15:06:23 | 000,069,511 | ---- | M] () -- C:\Users\Toshiba\Desktop\rorito.jpg
[2012/04/21 00:37:46 | 000,381,258 | ---- | M] () -- C:\Users\Toshiba\Desktop\P2-HCG-Gourmet-Cookbook.pdf
[2012/04/21 00:31:22 | 001,274,044 | ---- | M] () -- C:\Users\Toshiba\Desktop\HCG-ebook-preview.pdf
[2012/04/14 04:10:00 | 000,002,343 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/04/14 03:34:46 | 000,002,026 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/04/07 16:39:43 | 000,002,515 | ---- | M] () -- C:\Users\Toshiba\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2012/04/07 16:39:43 | 000,002,491 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2012/04/07 16:37:24 | 000,001,790 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

========== Files Created - No Company Name ==========

[2012/05/01 13:26:12 | 000,049,197 | ---- | C] () -- C:\Users\Toshiba\Desktop\Jeep.jpg
[2012/05/01 12:12:16 | 000,001,848 | ---- | C] () -- C:\Users\Public\Desktop\avast! Pro Antivirus.lnk
[2012/04/29 16:28:00 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012/04/28 01:14:35 | 009,000,590 | ---- | C] () -- C:\Users\Toshiba\Desktop\saco.pdf
[2012/04/26 00:22:40 | 000,000,512 | ---- | C] () -- C:\Users\Toshiba\Documents\MBR.dat
[2012/04/25 14:54:57 | 000,015,508 | ---- | C] () -- C:\Users\Toshiba\Desktop\lol.jpg
[2012/04/24 14:05:37 | 000,110,992 | ---- | C] () -- C:\Users\Toshiba\Desktop\581390_10150669526080756_710895755_9727010_1943381955_n.jpg
[2012/04/22 17:49:44 | 009,473,591 | ---- | C] () -- C:\Users\Toshiba\Desktop\april2012_14th_issue_flyer.pdf
[2012/04/22 15:06:33 | 000,069,511 | ---- | C] () -- C:\Users\Toshiba\Desktop\rorito.jpg
[2012/04/21 00:37:49 | 000,381,258 | ---- | C] () -- C:\Users\Toshiba\Desktop\P2-HCG-Gourmet-Cookbook.pdf
[2012/04/21 00:31:28 | 001,274,044 | ---- | C] () -- C:\Users\Toshiba\Desktop\HCG-ebook-preview.pdf
[2012/04/20 23:44:21 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/04/07 16:37:24 | 000,001,790 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/01/01 16:49:45 | 000,761,436 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/11/01 15:59:23 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2011/02/03 21:56:58 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll

========== LOP Check ==========

[2011/12/07 20:01:22 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2012/05/01 18:54:34 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\SoftGrid Client
[2012/02/22 00:00:21 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Toshiba
[2012/02/21 18:57:40 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\TOSHIBA Online Product Information
[2012/01/01 16:50:10 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\TP
[2012/02/20 17:16:38 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\WinBatch
[2012/04/20 23:41:56 | 000,032,552 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< End of report >
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP