Hello,
So I hit a couple of snags. First, when running aswMBR, I neglected to say yes to downloading the latest definitions. When I ran a scan anyways I got the blue screen of death. Then I tried it a second time, after changing the name to iexplore.exe, as instructed, but still not getting the new definitions. Again, I was blue screen'd. Then I checked the instructions again, and saw the bit about the definitions, tried again after updating and the scan went ahead without any problems.
Second, while the aswMBR scan was running my anti-virus software from Symantec kept popping up to tell me it had detected a bunch of infected files, had quarantined them, and that an analysis was pending. The only option available was to close the popup, which I did.
Third, in TDSSKiller, in the "change parameters" menu I also had check boxes for "system memory" and "loaded modules", which are not listed in the instructions. I left them unchecked.
Fourth, TDSSKiller never asked me to re-boot. I did not do it manually.
Finally, OTL went fine, but VirSCAN.org gave me trouble. I could not paste, or even type, into the "suspicious files to scan" box. I tried to paste the text into another field and it worked, so the copying was not the problem. I tried to drill down through the folders by clicking the browse button, but after succesfully finding the folder I could not find the file. Also, I had clicked the "show hidden files box" and the apply button in the view tab of the folder options menu under the Tools menu.
Thanks again for getting back to me so quick. Logs to follow.
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-20 20:33:15
-----------------------------
20:33:15.044 OS Version: Windows x64 6.1.7601 Service Pack 1
20:33:15.044 Number of processors: 4 586 0x2505
20:33:15.045 ComputerName: DAVID-PC UserName: mc
20:33:16.467 Initialize success
20:35:27.581 AVAST engine defs: 12082000
20:35:37.165 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
20:35:37.169 Disk 0 Vendor: ST950042 0001 Size: 476940MB BusType: 3
20:35:37.186 Disk 0 MBR read successfully
20:35:37.190 Disk 0 MBR scan
20:35:37.199 Disk 0 Windows VISTA default MBR code
20:35:37.213 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
20:35:37.232 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 463567 MB offset 3074048
20:35:37.276 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 11872 MB offset 952459264
20:35:37.345 Disk 0 scanning C:\windows\system32\drivers
20:36:00.086 Service scanning
20:36:35.093 Modules scanning
20:36:35.105 Disk 0 trace - called modules:
20:36:35.126 ntoskrnl.exe CLASSPNP.SYS disk.sys thpdrv.sys iaStor.sys hal.dll
20:36:35.463 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004cac060]
20:36:35.471 3 CLASSPNP.SYS[fffff880018ec43f] -> nt!IofCallDriver -> \Device\THPDRV1[0xfffffa8004cab060]
20:36:35.479 5 thpdrv.sys[fffff88001dc0cc0] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80049c6050]
20:36:38.369 AVAST engine scan C:\windows
20:36:44.026 AVAST engine scan C:\windows\system32
20:41:31.908 AVAST engine scan C:\windows\system32\drivers
20:41:53.400 AVAST engine scan C:\Users\mc
20:51:15.952 AVAST engine scan C:\ProgramData
20:52:22.459 File: C:\ProgramData\Microsoft\Windows\DRM\5A74.tmp **INFECTED** Win32:Malware-gen
20:52:22.508 File: C:\ProgramData\Microsoft\Windows\DRM\5A75.tmp **INFECTED** Win32:Malware-gen
20:57:19.393 Scan finished successfully
20:57:53.446 Disk 0 MBR has been saved successfully to "C:\Users\mc\Desktop\MBR.dat"
20:57:53.452 The log file has been saved successfully to "C:\Users\mc\Desktop\aswMBR.txt"
21:01:31.0701 7756 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
21:01:31.0934 7756 ============================================================
21:01:31.0934 7756 Current date / time: 2012/08/20 21:01:31.0934
21:01:31.0934 7756 SystemInfo:
21:01:31.0934 7756
21:01:31.0934 7756 OS Version: 6.1.7601 ServicePack: 1.0
21:01:31.0934 7756 Product type: Workstation
21:01:31.0934 7756 ComputerName: DAVID-PC
21:01:31.0935 7756 UserName: mc
21:01:31.0935 7756 Windows directory: C:\windows
21:01:31.0935 7756 System windows directory: C:\windows
21:01:31.0935 7756 Running under WOW64
21:01:31.0935 7756 Processor architecture: Intel x64
21:01:31.0935 7756 Number of processors: 4
21:01:31.0935 7756 Page size: 0x1000
21:01:31.0935 7756 Boot type: Normal boot
21:01:31.0935 7756 ============================================================
21:01:32.0561 7756 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:01:32.0568 7756 ============================================================
21:01:32.0568 7756 \Device\Harddisk0\DR0:
21:01:32.0581 7756 MBR partitions:
21:01:32.0581 7756 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38967800
21:01:32.0581 7756 ============================================================
21:01:32.0615 7756 C: <-> \Device\Harddisk0\DR0\Partition1
21:01:32.0615 7756 ============================================================
21:01:32.0615 7756 Initialize success
21:01:32.0615 7756 ============================================================
21:02:32.0440 7916 ============================================================
21:02:32.0440 7916 Scan started
21:02:32.0440 7916 Mode: Manual; SigCheck; TDLFS;
21:02:32.0440 7916 ============================================================
21:02:33.0508 7916 ================ Scan services =============================
21:02:33.0740 7916 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
21:02:33.0874 7916 1394ohci - ok
21:02:33.0922 7916 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
21:02:33.0961 7916 ACPI - ok
21:02:33.0990 7916 [ 12C5274CD87449A2A37A607CDB321922 ] acpials C:\windows\system32\DRIVERS\acpials.sys
21:02:34.0062 7916 acpials - ok
21:02:34.0097 7916 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
21:02:34.0205 7916 AcpiPmi - ok
21:02:34.0308 7916 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:02:34.0326 7916 AdobeARMservice - ok
21:02:34.0463 7916 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:02:34.0536 7916 AdobeFlashPlayerUpdateSvc - ok
21:02:34.0574 7916 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
21:02:34.0611 7916 adp94xx - ok
21:02:34.0636 7916 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
21:02:34.0666 7916 adpahci - ok
21:02:34.0687 7916 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
21:02:34.0703 7916 adpu320 - ok
21:02:34.0725 7916 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
21:02:34.0858 7916 AeLookupSvc - ok
21:02:34.0897 7916 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
21:02:34.0955 7916 AFD - ok
21:02:34.0998 7916 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
21:02:35.0029 7916 agp440 - ok
21:02:35.0046 7916 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
21:02:35.0097 7916 ALG - ok
21:02:35.0126 7916 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
21:02:35.0151 7916 aliide - ok
21:02:35.0167 7916 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
21:02:35.0182 7916 amdide - ok
21:02:35.0218 7916 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
21:02:35.0277 7916 AmdK8 - ok
21:02:35.0292 7916 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
21:02:35.0330 7916 AmdPPM - ok
21:02:35.0352 7916 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
21:02:35.0371 7916 amdsata - ok
21:02:35.0391 7916 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
21:02:35.0409 7916 amdsbs - ok
21:02:35.0418 7916 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
21:02:35.0428 7916 amdxata - ok
21:02:35.0491 7916 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
21:02:35.0688 7916 AppID - ok
21:02:35.0713 7916 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
21:02:35.0785 7916 AppIDSvc - ok
21:02:35.0826 7916 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
21:02:35.0875 7916 Appinfo - ok
21:02:35.0943 7916 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:02:35.0953 7916 Apple Mobile Device - ok
21:02:36.0003 7916 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\windows\System32\appmgmts.dll
21:02:36.0079 7916 AppMgmt - ok
21:02:36.0117 7916 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
21:02:36.0147 7916 arc - ok
21:02:36.0166 7916 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
21:02:36.0195 7916 arcsas - ok
21:02:36.0216 7916 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
21:02:36.0272 7916 AsyncMac - ok
21:02:36.0323 7916 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
21:02:36.0350 7916 atapi - ok
21:02:36.0401 7916 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
21:02:36.0493 7916 AudioEndpointBuilder - ok
21:02:36.0518 7916 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
21:02:36.0561 7916 AudioSrv - ok
21:02:36.0619 7916 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
21:02:36.0719 7916 AxInstSV - ok
21:02:36.0755 7916 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
21:02:36.0810 7916 b06bdrv - ok
21:02:36.0834 7916 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
21:02:36.0891 7916 b57nd60a - ok
21:02:36.0922 7916 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
21:02:36.0972 7916 BDESVC - ok
21:02:36.0985 7916 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
21:02:37.0037 7916 Beep - ok
21:02:37.0108 7916 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
21:02:37.0195 7916 BFE - ok
21:02:37.0223 7916 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
21:02:37.0288 7916 BITS - ok
21:02:37.0310 7916 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
21:02:37.0341 7916 blbdrive - ok
21:02:37.0418 7916 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:02:37.0433 7916 Bonjour Service - ok
21:02:37.0461 7916 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
21:02:37.0490 7916 bowser - ok
21:02:37.0532 7916 [ F46DD257FAD7D2D097EF32E72220A06C ] bpenum C:\windows\system32\DRIVERS\bpenum.sys
21:02:37.0593 7916 bpenum - ok
21:02:37.0604 7916 [ E82060AED0F28ED8909F2B07FA276185 ] bpmp C:\windows\system32\DRIVERS\bpmp.sys
21:02:37.0661 7916 bpmp - ok
21:02:37.0682 7916 [ FC6313A5A45C1AE53D0491F0057D5A4D ] bpusb C:\windows\system32\Drivers\bpusb.sys
21:02:37.0717 7916 bpusb - ok
21:02:37.0745 7916 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
21:02:37.0823 7916 BrFiltLo - ok
21:02:37.0855 7916 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
21:02:37.0890 7916 BrFiltUp - ok
21:02:37.0922 7916 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
21:02:37.0954 7916 Browser - ok
21:02:37.0974 7916 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
21:02:38.0043 7916 Brserid - ok
21:02:38.0063 7916 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
21:02:38.0094 7916 BrSerWdm - ok
21:02:38.0119 7916 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
21:02:38.0160 7916 BrUsbMdm - ok
21:02:38.0181 7916 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
21:02:38.0202 7916 BrUsbSer - ok
21:02:38.0255 7916 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
21:02:38.0334 7916 BthEnum - ok
21:02:38.0345 7916 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
21:02:38.0371 7916 BTHMODEM - ok
21:02:38.0388 7916 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
21:02:38.0415 7916 BthPan - ok
21:02:38.0468 7916 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
21:02:38.0537 7916 BTHPORT - ok
21:02:38.0574 7916 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
21:02:38.0636 7916 bthserv - ok
21:02:38.0664 7916 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
21:02:38.0690 7916 BTHUSB - ok
21:02:38.0714 7916 [ 2641A3FE3D7B0646308F33B67F3B5300 ] btusbflt C:\windows\system32\drivers\btusbflt.sys
21:02:38.0731 7916 btusbflt - ok
21:02:38.0800 7916 [ A0DFB69ADE3444C78B17636FCF28E898 ] BTWAMPFL C:\windows\system32\DRIVERS\btwampfl.sys
21:02:38.0842 7916 BTWAMPFL - ok
21:02:38.0856 7916 [ 7CF028CE78696882B327FF13D2DFA534 ] btwaudio C:\windows\system32\drivers\btwaudio.sys
21:02:38.0874 7916 btwaudio - ok
21:02:38.0892 7916 [ 3DEF2370E414B4E299673558BA171A51 ] btwavdt C:\windows\system32\drivers\btwavdt.sys
21:02:38.0905 7916 btwavdt - ok
21:02:38.0973 7916 [ 1AD3A2BAF31C4327DCBB2B0ECA4A23BB ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
21:02:39.0011 7916 btwdins - ok
21:02:39.0043 7916 [ 346B4051B3D7FF70E8F027869B8ECA6E ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
21:02:39.0065 7916 btwl2cap - ok
21:02:39.0085 7916 [ 9937E0E4DFC0030560A6DFE9D3A94B39 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
21:02:39.0097 7916 btwrchid - ok
21:02:39.0152 7916 [ F3E5C6CEEC35C3F65221100B00AFB5F9 ] ccEvtMgr C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
21:02:39.0168 7916 ccEvtMgr - ok
21:02:39.0183 7916 [ F3E5C6CEEC35C3F65221100B00AFB5F9 ] ccSetMgr C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
21:02:39.0195 7916 ccSetMgr - ok
21:02:39.0220 7916 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
21:02:39.0291 7916 cdfs - ok
21:02:39.0346 7916 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\drivers\cdrom.sys
21:02:39.0393 7916 cdrom - ok
21:02:39.0445 7916 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
21:02:39.0511 7916 CertPropSvc - ok
21:02:39.0543 7916 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
21:02:39.0585 7916 circlass - ok
21:02:39.0611 7916 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
21:02:39.0628 7916 CLFS - ok
21:02:39.0690 7916 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:02:39.0740 7916 clr_optimization_v2.0.50727_32 - ok
21:02:39.0770 7916 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:02:39.0788 7916 clr_optimization_v2.0.50727_64 - ok
21:02:39.0841 7916 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:02:39.0884 7916 clr_optimization_v4.0.30319_32 - ok
21:02:39.0914 7916 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:02:39.0926 7916 clr_optimization_v4.0.30319_64 - ok
21:02:39.0952 7916 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
21:02:39.0978 7916 CmBatt - ok
21:02:40.0024 7916 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
21:02:40.0046 7916 cmdide - ok
21:02:40.0092 7916 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
21:02:40.0169 7916 CNG - ok
21:02:40.0196 7916 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
21:02:40.0210 7916 Compbatt - ok
21:02:40.0238 7916 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
21:02:40.0276 7916 CompositeBus - ok
21:02:40.0280 7916 COMSysApp - ok
21:02:40.0300 7916 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
21:02:40.0325 7916 crcdisk - ok
21:02:40.0359 7916 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\windows\system32\cryptsvc.dll
21:02:40.0386 7916 CryptSvc - ok
21:02:40.0440 7916 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\windows\system32\drivers\csc.sys
21:02:40.0531 7916 CSC - ok
21:02:40.0555 7916 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\windows\System32\cscsvc.dll
21:02:40.0597 7916 CscService - ok
21:02:40.0622 7916 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
21:02:40.0672 7916 DcomLaunch - ok
21:02:40.0698 7916 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
21:02:40.0758 7916 defragsvc - ok
21:02:40.0785 7916 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
21:02:40.0839 7916 DfsC - ok
21:02:40.0860 7916 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
21:02:40.0908 7916 Dhcp - ok
21:02:40.0938 7916 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
21:02:40.0987 7916 discache - ok
21:02:41.0005 7916 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
21:02:41.0021 7916 Disk - ok
21:02:41.0077 7916 [ 61458C120CDDFE7514E2DB125568CA59 ] DMAgent C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
21:02:41.0108 7916 DMAgent ( UnsignedFile.Multi.Generic ) - warning
21:02:41.0108 7916 DMAgent - detected UnsignedFile.Multi.Generic (1)
21:02:41.0135 7916 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
21:02:41.0183 7916 Dnscache - ok
21:02:41.0219 7916 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
21:02:41.0283 7916 dot3svc - ok
21:02:41.0297 7916 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
21:02:41.0340 7916 DPS - ok
21:02:41.0370 7916 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
21:02:41.0400 7916 drmkaud - ok
21:02:41.0446 7916 [ 50AAD2A07BD8B90A8CFB4F6D7A4D165A ] DSI_SiUSBXp_3_1 C:\windows\system32\drivers\DSI_SiUSBXp_3_1.sys
21:02:41.0512 7916 DSI_SiUSBXp_3_1 - ok
21:02:41.0562 7916 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
21:02:41.0618 7916 DXGKrnl - ok
21:02:41.0654 7916 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
21:02:41.0701 7916 EapHost - ok
21:02:41.0768 7916 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
21:02:41.0867 7916 ebdrv - ok
21:02:41.0920 7916 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
21:02:41.0948 7916 eeCtrl - ok
21:02:41.0976 7916 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
21:02:42.0018 7916 EFS - ok
21:02:42.0071 7916 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
21:02:42.0159 7916 ehRecvr - ok
21:02:42.0181 7916 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
21:02:42.0244 7916 ehSched - ok
21:02:42.0282 7916 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
21:02:42.0339 7916 elxstor - ok
21:02:42.0382 7916 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
21:02:42.0407 7916 EraserUtilRebootDrv - ok
21:02:42.0441 7916 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
21:02:42.0476 7916 ErrDev - ok
21:02:42.0519 7916 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
21:02:42.0562 7916 EventSystem - ok
21:02:42.0651 7916 [ BDFCB7E8C108D042B213957D2B044E7E ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
21:02:42.0715 7916 EvtEng - ok
21:02:42.0745 7916 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
21:02:42.0786 7916 exfat - ok
21:02:42.0799 7916 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
21:02:42.0862 7916 fastfat - ok
21:02:42.0912 7916 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
21:02:42.0978 7916 Fax - ok
21:02:42.0993 7916 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
21:02:43.0021 7916 fdc - ok
21:02:43.0052 7916 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
21:02:43.0113 7916 fdPHost - ok
21:02:43.0128 7916 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
21:02:43.0168 7916 FDResPub - ok
21:02:43.0174 7916 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
21:02:43.0189 7916 FileInfo - ok
21:02:43.0201 7916 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
21:02:43.0252 7916 Filetrace - ok
21:02:43.0270 7916 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
21:02:43.0299 7916 flpydisk - ok
21:02:43.0324 7916 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
21:02:43.0343 7916 FltMgr - ok
21:02:43.0396 7916 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
21:02:43.0453 7916 FontCache - ok
21:02:43.0494 7916 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:02:43.0510 7916 FontCache3.0.0.0 - ok
21:02:43.0521 7916 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
21:02:43.0537 7916 FsDepends - ok
21:02:43.0571 7916 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
21:02:43.0586 7916 Fs_Rec - ok
21:02:43.0619 7916 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
21:02:43.0635 7916 fvevol - ok
21:02:43.0653 7916 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
21:02:43.0669 7916 gagp30kx - ok
21:02:43.0709 7916 [ CE16683CFD11FE70BDE435DDA5EA1FCA ] GameConsoleService C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
21:02:43.0741 7916 GameConsoleService - ok
21:02:43.0768 7916 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
21:02:43.0775 7916 GEARAspiWDM - ok
21:02:43.0859 7916 [ 5334D3450B55FC929D50143F530597F0 ] GFIBackupAdministrationConsole C:\Program Files (x86)\GFI\GFI Backup Administration Console\apache\bin\httpd.exe
21:02:43.0878 7916 GFIBackupAdministrationConsole ( UnsignedFile.Multi.Generic ) - warning
21:02:43.0878 7916 GFIBackupAdministrationConsole - detected UnsignedFile.Multi.Generic (1)
21:02:43.0952 7916 [ B392DE1E2185CD3C0E698D5FFFFAB112 ] GFIBckBAtt C:\PROGRA~2\GFI\GFIBAC~2\GFIBInst.exe
21:02:43.0990 7916 GFIBckBAtt - ok
21:02:44.0041 7916 [ 8D8AC0E5283D7F1133F4792859070FC8 ] GFIBckBSched C:\PROGRA~2\GFI\GFIBAC~2\GFIBSC~1.EXE
21:02:44.0117 7916 GFIBckBSched - ok
21:02:44.0192 7916 [ 6792EA982BFF9B5F1153B0EA8443E74F ] GFIBckDiskImage C:\PROGRA~2\GFI\GFIBAC~2\DiskImage\x64\oodiag.exe
21:02:44.0418 7916 GFIBckDiskImage ( UnsignedFile.Multi.Generic ) - warning
21:02:44.0418 7916 GFIBckDiskImage - detected UnsignedFile.Multi.Generic (1)
21:02:44.0453 7916 [ 5B29CBC9B233C7CE69CAAF5124F8078B ] gfi_backup_mcs C:\Program Files (x86)\GFI\GFI Backup Administration Console\backupmcs.exe
21:02:44.0474 7916 gfi_backup_mcs ( UnsignedFile.Multi.Generic ) - warning
21:02:44.0475 7916 gfi_backup_mcs - detected UnsignedFile.Multi.Generic (1)
21:02:44.0520 7916 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
21:02:44.0579 7916 gpsvc - ok
21:02:44.0636 7916 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:02:44.0654 7916 gupdate - ok
21:02:44.0686 7916 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:02:44.0702 7916 gupdatem - ok
21:02:44.0728 7916 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:02:44.0761 7916 gusvc - ok
21:02:44.0782 7916 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
21:02:44.0842 7916 hcw85cir - ok
21:02:44.0894 7916 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
21:02:44.0941 7916 HdAudAddService - ok
21:02:44.0954 7916 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
21:02:44.0988 7916 HDAudBus - ok
21:02:45.0011 7916 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\windows\system32\DRIVERS\HECIx64.sys
21:02:45.0028 7916 HECIx64 - ok
21:02:45.0041 7916 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
21:02:45.0070 7916 HidBatt - ok
21:02:45.0089 7916 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
21:02:45.0125 7916 HidBth - ok
21:02:45.0144 7916 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
21:02:45.0177 7916 HidIr - ok
21:02:45.0200 7916 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
21:02:45.0256 7916 hidserv - ok
21:02:45.0298 7916 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\drivers\hidusb.sys
21:02:45.0331 7916 HidUsb - ok
21:02:45.0384 7916 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
21:02:45.0462 7916 hkmsvc - ok
21:02:45.0500 7916 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
21:02:45.0561 7916 HomeGroupListener - ok
21:02:45.0596 7916 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
21:02:45.0617 7916 HomeGroupProvider - ok
21:02:45.0655 7916 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
21:02:45.0679 7916 HpSAMD - ok
21:02:45.0713 7916 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
21:02:45.0784 7916 HTTP - ok
21:02:45.0812 7916 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
21:02:45.0821 7916 hwpolicy - ok
21:02:45.0862 7916 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
21:02:45.0892 7916 i8042prt - ok
21:02:45.0915 7916 [ 85977CD13FC16069CE0AF7943A811775 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
21:02:45.0932 7916 iaStor - ok
21:02:45.0963 7916 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
21:02:45.0992 7916 iaStorV - ok
21:02:46.0038 7916 [ 2A63036283B36B3B68CDC6F85A7D53ED ] IDMWFP C:\windows\system32\DRIVERS\idmwfp.sys
21:02:46.0073 7916 IDMWFP - ok
21:02:46.0103 7916 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:02:46.0150 7916 idsvc - ok
21:02:46.0390 7916 [ C02B4A9988A5BE86348C74D6F8CC7E81 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
21:02:46.0673 7916 igfx - ok
21:02:46.0697 7916 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
21:02:46.0712 7916 iirsp - ok
21:02:46.0749 7916 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
21:02:46.0793 7916 IKEEXT - ok
21:02:46.0825 7916 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\windows\system32\DRIVERS\Impcd.sys
21:02:46.0867 7916 Impcd - ok
21:02:46.0926 7916 [ 490947A9AFF7CA31EF2E08F5776105EB ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
21:02:46.0998 7916 IntcAzAudAddService - ok
21:02:47.0033 7916 [ 4429B91B0FE91F9BE8E24E93CC960368 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
21:02:47.0090 7916 IntcDAud - ok
21:02:47.0132 7916 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
21:02:47.0159 7916 intelide - ok
21:02:47.0191 7916 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
21:02:47.0223 7916 intelppm - ok
21:02:47.0260 7916 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
21:02:47.0337 7916 IPBusEnum - ok
21:02:47.0372 7916 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
21:02:47.0426 7916 IpFilterDriver - ok
21:02:47.0448 7916 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
21:02:47.0503 7916 iphlpsvc - ok
21:02:47.0533 7916 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
21:02:47.0566 7916 IPMIDRV - ok
21:02:47.0584 7916 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
21:02:47.0640 7916 IPNAT - ok
21:02:47.0696 7916 [ 755E4BA6DCE627A2683BB7640553C8D6 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:02:47.0748 7916 iPod Service - ok
21:02:47.0767 7916 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
21:02:47.0855 7916 IRENUM - ok
21:02:47.0886 7916 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
21:02:47.0913 7916 isapnp - ok
21:02:47.0954 7916 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
21:02:47.0974 7916 iScsiPrt - ok
21:02:48.0004 7916 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
21:02:48.0012 7916 IviRegMgr - ok
21:02:48.0057 7916 [ 25D602AE635A0443458FBED1A8B6E4E9 ] JMCR C:\windows\system32\DRIVERS\jmcr.sys
21:02:48.0077 7916 JMCR - ok
21:02:48.0098 7916 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
21:02:48.0128 7916 kbdclass - ok
21:02:48.0147 7916 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
21:02:48.0158 7916 kbdhid - ok
21:02:48.0172 7916 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
21:02:48.0184 7916 KeyIso - ok
21:02:48.0213 7916 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
21:02:48.0229 7916 KSecDD - ok
21:02:48.0261 7916 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
21:02:48.0280 7916 KSecPkg - ok
21:02:48.0297 7916 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
21:02:48.0354 7916 ksthunk - ok
21:02:48.0382 7916 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
21:02:48.0449 7916 KtmRm - ok
21:02:48.0484 7916 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
21:02:48.0530 7916 LanmanServer - ok
21:02:48.0565 7916 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
21:02:48.0600 7916 LanmanWorkstation - ok
21:02:48.0730 7916 [ 6ABE9ECAAB7DD0CC6F46EC830E0FE8FC ] LiveUpdate C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
21:02:48.0785 7916 LiveUpdate - ok
21:02:48.0801 7916 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
21:02:48.0852 7916 lltdio - ok
21:02:48.0879 7916 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
21:02:48.0934 7916 lltdsvc - ok
21:02:48.0948 7916 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
21:02:48.0994 7916 lmhosts - ok
21:02:49.0066 7916 [ 23DE5B62B0445A6F874BE633C95B483E ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
21:02:49.0089 7916 LMS - ok
21:02:49.0112 7916 [ 41E122F6D1448C94CC05196BC41D6BFB ] LPCFilter C:\windows\system32\DRIVERS\LPCFilter.sys
21:02:49.0118 7916 LPCFilter - ok
21:02:49.0142 7916 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
21:02:49.0158 7916 LSI_FC - ok
21:02:49.0168 7916 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
21:02:49.0185 7916 LSI_SAS - ok
21:02:49.0203 7916 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
21:02:49.0218 7916 LSI_SAS2 - ok
21:02:49.0234 7916 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
21:02:49.0251 7916 LSI_SCSI - ok
21:02:49.0281 7916 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
21:02:49.0316 7916 luafv - ok
21:02:49.0353 7916 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
21:02:49.0386 7916 Mcx2Svc - ok
21:02:49.0411 7916 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
21:02:49.0427 7916 megasas - ok
21:02:49.0474 7916 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
21:02:49.0522 7916 MegaSR - ok
21:02:49.0616 7916 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
21:02:49.0651 7916 Microsoft Office Groove Audit Service - ok
21:02:49.0671 7916 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
21:02:49.0729 7916 MMCSS - ok
21:02:49.0747 7916 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
21:02:49.0799 7916 Modem - ok
21:02:49.0824 7916 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
21:02:49.0854 7916 monitor - ok
21:02:49.0884 7916 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\drivers\mouclass.sys
21:02:49.0894 7916 mouclass - ok
21:02:49.0918 7916 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
21:02:49.0947 7916 mouhid - ok
21:02:50.0000 7916 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
21:02:50.0031 7916 mountmgr - ok
21:02:50.0085 7916 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:02:50.0137 7916 MozillaMaintenance - ok
21:02:50.0171 7916 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
21:02:50.0189 7916 mpio - ok
21:02:50.0203 7916 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
21:02:50.0245 7916 mpsdrv - ok
21:02:50.0295 7916 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
21:02:50.0385 7916 MpsSvc - ok
21:02:50.0413 7916 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
21:02:50.0441 7916 MRxDAV - ok
21:02:50.0476 7916 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
21:02:50.0552 7916 mrxsmb - ok
21:02:50.0589 7916 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
21:02:50.0647 7916 mrxsmb10 - ok
21:02:50.0668 7916 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
21:02:52.0297 7916 mrxsmb20 - ok
21:02:52.0341 7916 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
21:02:52.0352 7916 msahci - ok
21:02:52.0384 7916 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
21:02:52.0400 7916 msdsm - ok
21:02:52.0416 7916 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
21:02:52.0451 7916 MSDTC - ok
21:02:52.0502 7916 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
21:02:52.0559 7916 Msfs - ok
21:02:52.0581 7916 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
21:02:52.0631 7916 mshidkmdf - ok
21:02:52.0645 7916 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
21:02:52.0660 7916 msisadrv - ok
21:02:52.0678 7916 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
21:02:52.0734 7916 MSiSCSI - ok
21:02:52.0738 7916 msiserver - ok
21:02:52.0757 7916 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
21:02:52.0807 7916 MSKSSRV - ok
21:02:52.0827 7916 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
21:02:52.0867 7916 MSPCLOCK - ok
21:02:52.0881 7916 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
21:02:52.0929 7916 MSPQM - ok
21:02:52.0963 7916 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
21:02:52.0985 7916 MsRPC - ok
21:02:53.0017 7916 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
21:02:53.0032 7916 mssmbios - ok
21:02:53.0045 7916 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
21:02:53.0100 7916 MSTEE - ok
21:02:53.0119 7916 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
21:02:53.0146 7916 MTConfig - ok
21:02:53.0161 7916 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
21:02:53.0181 7916 Mup - ok
21:02:53.0215 7916 [ 93CD1C4ECB8658A35E5E6EBA02D43E4F ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
21:02:53.0241 7916 MyWiFiDHCPDNS - ok
21:02:53.0282 7916 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
21:02:53.0337 7916 napagent - ok
21:02:53.0367 7916 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
21:02:53.0401 7916 NativeWifiP - ok
21:02:53.0515 7916 [ 8043D41F881D6ACE40B854AD6E32217F ] NAVENG C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120820.002\ENG64.SYS
21:02:53.0541 7916 NAVENG - ok
21:02:53.0600 7916 [ 9A9AB2FC45D701DAED465D14980F1305 ] NAVEX15 C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120820.002\EX64.SYS
21:02:53.0686 7916 NAVEX15 - ok
21:02:53.0741 7916 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\windows\system32\drivers\ndis.sys
21:02:53.0794 7916 NDIS - ok
21:02:53.0810 7916 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
21:02:53.0848 7916 NdisCap - ok
21:02:53.0875 7916 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
21:02:53.0931 7916 NdisTapi - ok
21:02:53.0966 7916 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
21:02:54.0019 7916 Ndisuio - ok
21:02:54.0054 7916 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
21:02:54.0111 7916 NdisWan - ok
21:02:54.0154 7916 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
21:02:54.0205 7916 NDProxy - ok
21:02:54.0220 7916 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
21:02:54.0259 7916 NetBIOS - ok
21:02:54.0303 7916 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
21:02:54.0337 7916 NetBT - ok
21:02:54.0354 7916 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
21:02:54.0366 7916 Netlogon - ok
21:02:54.0402 7916 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
21:02:54.0459 7916 Netman - ok
21:02:54.0486 7916 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
21:02:54.0539 7916 netprofm - ok
21:02:54.0567 7916 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:02:54.0584 7916 NetTcpPortSharing - ok
21:02:54.0744 7916 [ 18555F48844C2861D9DCE8F2B7223AE5 ] NETw5s64 C:\windows\system32\DRIVERS\NETw5s64.sys
21:02:54.0967 7916 NETw5s64 - ok
21:02:55.0122 7916 [ EB43840BABF5589E33186D094DE7381D ] NETwNs64 C:\windows\system32\DRIVERS\NETwNs64.sys
21:02:55.0357 7916 NETwNs64 - ok
21:02:55.0383 7916 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
21:02:55.0399 7916 nfrd960 - ok
21:02:55.0442 7916 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
21:02:55.0495 7916 NlaSvc - ok
21:02:55.0539 7916 Norton PC Checkup Application Launcher - ok
21:02:55.0555 7916 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
21:02:55.0594 7916 Npfs - ok
21:02:55.0633 7916 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
21:02:55.0691 7916 nsi - ok
21:02:55.0705 7916 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
21:02:55.0739 7916 nsiproxy - ok
21:02:55.0797 7916 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
21:02:55.0863 7916 Ntfs - ok
21:02:55.0873 7916 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
21:02:55.0912 7916 Null - ok
21:02:55.0950 7916 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
21:02:55.0967 7916 nvraid - ok
21:02:55.0983 7916 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
21:02:56.0000 7916 nvstor - ok
21:02:56.0011 7916 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
21:02:56.0028 7916 nv_agp - ok
21:02:56.0071 7916 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:02:56.0116 7916 odserv - ok
21:02:56.0148 7916 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
21:02:56.0195 7916 ohci1394 - ok
21:02:56.0215 7916 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:02:56.0269 7916 ose - ok
21:02:56.0302 7916 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
21:02:56.0350 7916 p2pimsvc - ok
21:02:56.0377 7916 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
21:02:56.0422 7916 p2psvc - ok
21:02:56.0443 7916 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
21:02:56.0477 7916 Parport - ok
21:02:56.0506 7916 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
21:02:56.0524 7916 partmgr - ok
21:02:56.0534 7916 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
21:02:56.0568 7916 PcaSvc - ok
21:02:56.0624 7916 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe
21:02:56.0639 7916 PCCUJobMgr - ok
21:02:56.0675 7916 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
21:02:56.0706 7916 pci - ok
21:02:56.0721 7916 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
21:02:56.0731 7916 pciide - ok
21:02:56.0746 7916 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
21:02:56.0765 7916 pcmcia - ok
21:02:56.0777 7916 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
21:02:56.0791 7916 pcw - ok
21:02:56.0812 7916 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
21:02:56.0878 7916 PEAUTH - ok
21:02:56.0920 7916 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\windows\system32\peerdistsvc.dll
21:02:57.0005 7916 PeerDistSvc - ok
21:02:57.0085 7916 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
21:02:57.0120 7916 PerfHost - ok
21:02:57.0146 7916 [ 663962900E7FEA522126BA287715BB4A ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
21:02:57.0154 7916 PGEffect - ok
21:02:57.0207 7916 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
21:02:57.0298 7916 pla - ok
21:02:57.0344 7916 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
21:02:57.0395 7916 PlugPlay - ok
21:02:57.0415 7916 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
21:02:57.0441 7916 PNRPAutoReg - ok
21:02:57.0465 7916 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
21:02:57.0477 7916 PNRPsvc - ok
21:02:57.0496 7916 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
21:02:57.0549 7916 PolicyAgent - ok
21:02:57.0581 7916 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
21:02:57.0626 7916 Power - ok
21:02:57.0671 7916 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
21:02:57.0724 7916 PptpMiniport - ok
21:02:57.0766 7916 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
21:02:57.0796 7916 Processor - ok
21:02:57.0838 7916 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
21:02:57.0888 7916 ProfSvc - ok
21:02:57.0902 7916 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
21:02:57.0913 7916 ProtectedStorage - ok
21:02:57.0953 7916 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
21:02:58.0002 7916 Psched - ok
21:02:58.0024 7916 [ F036CFB275D0C55F4E45FBBF5F98B3C8 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
21:02:58.0033 7916 PSI_SVC_2 - ok
21:02:58.0071 7916 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
21:02:58.0133 7916 ql2300 - ok
21:02:58.0146 7916 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
21:02:58.0162 7916 ql40xx - ok
21:02:58.0187 7916 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
21:02:58.0211 7916 QWAVE - ok
21:02:58.0218 7916 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
21:02:58.0255 7916 QWAVEdrv - ok
21:02:58.0266 7916 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
21:02:58.0310 7916 RasAcd - ok
21:02:58.0338 7916 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
21:02:58.0378 7916 RasAgileVpn - ok
21:02:58.0390 7916 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
21:02:58.0437 7916 RasAuto - ok
21:02:58.0467 7916 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
21:02:58.0532 7916 Rasl2tp - ok
21:02:58.0565 7916 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
21:02:58.0629 7916 RasMan - ok
21:02:58.0654 7916 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
21:02:58.0703 7916 RasPppoe - ok
21:02:58.0727 7916 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
21:02:58.0783 7916 RasSstp - ok
21:02:58.0800 7916 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
21:02:58.0865 7916 rdbss - ok
21:02:58.0886 7916 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
21:02:58.0898 7916 rdpbus - ok
21:02:58.0911 7916 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
21:02:58.0945 7916 RDPCDD - ok
21:02:58.0986 7916 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\windows\system32\drivers\rdpdr.sys
21:02:59.0017 7916 RDPDR - ok
21:02:59.0039 7916 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
21:02:59.0085 7916 RDPENCDD - ok
21:02:59.0101 7916 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
21:02:59.0152 7916 RDPREFMP - ok
21:02:59.0186 7916 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
21:02:59.0254 7916 RDPWD - ok
21:02:59.0300 7916 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
21:02:59.0327 7916 rdyboost - ok
21:02:59.0342 7916 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi C:\windows\system32\drivers\regi.sys
21:02:59.0355 7916 regi - ok
21:02:59.0430 7916 [ A6BAEA839CC888D4961AB5FE16BB8C4A ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
21:02:59.0479 7916 RegSrvc - ok
21:02:59.0497 7916 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
21:02:59.0556 7916 RemoteAccess - ok
21:02:59.0583 7916 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
21:02:59.0638 7916 RemoteRegistry - ok
21:02:59.0661 7916 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
21:02:59.0683 7916 RFCOMM - ok
21:02:59.0702 7916 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
21:02:59.0755 7916 RpcEptMapper - ok
21:02:59.0778 7916 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
21:02:59.0807 7916 RpcLocator - ok
21:02:59.0859 7916 [ 3297445BB9FD3E8363E7559010ED2AE7 ] rpcnet C:\windows\SysWOW64\rpcnet.exe
21:02:59.0874 7916 rpcnet - ok
21:02:59.0915 7916 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
21:02:59.0972 7916 RpcSs - ok
21:02:59.0988 7916 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
21:03:00.0029 7916 rspndr - ok
21:03:00.0071 7916 [ BA3E57C89E6F63808D3F2B11E1A2AD3C ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
21:03:00.0087 7916 RTL8167 - ok
21:03:00.0127 7916 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\windows\system32\drivers\vms3cap.sys
21:03:00.0195 7916 s3cap - ok
21:03:00.0204 7916 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
21:03:00.0222 7916 SamSs - ok
21:03:00.0243 7916 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
21:03:00.0258 7916 sbp2port - ok
21:03:00.0282 7916 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
21:03:00.0331 7916 SCardSvr - ok
21:03:00.0361 7916 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
21:03:00.0400 7916 scfilter - ok
21:03:00.0447 7916 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
21:03:00.0537 7916 Schedule - ok
21:03:00.0568 7916 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
21:03:00.0605 7916 SCPolicySvc - ok
21:03:00.0625 7916 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\windows\system32\drivers\sdbus.sys
21:03:00.0648 7916 sdbus - ok
21:03:00.0681 7916 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
21:03:00.0744 7916 SDRSVC - ok
21:03:00.0767 7916 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
21:03:00.0825 7916 secdrv - ok
21:03:00.0839 7916 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
21:03:00.0888 7916 seclogon - ok
21:03:00.0910 7916 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
21:03:00.0957 7916 SENS - ok
21:03:00.0971 7916 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
21:03:01.0000 7916 SensrSvc - ok
21:03:01.0023 7916 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
21:03:01.0057 7916 Serenum - ok
21:03:01.0082 7916 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
21:03:01.0100 7916 Serial - ok
21:03:01.0135 7916 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
21:03:01.0163 7916 sermouse - ok
21:03:01.0195 7916 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
21:03:01.0244 7916 SessionEnv - ok
21:03:01.0272 7916 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
21:03:01.0325 7916 sffdisk - ok
21:03:01.0336 7916 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
21:03:01.0367 7916 sffp_mmc - ok
21:03:01.0371 7916 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
21:03:01.0390 7916 sffp_sd - ok
21:03:01.0415 7916 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
21:03:01.0444 7916 sfloppy - ok
21:03:01.0469 7916 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
21:03:01.0521 7916 SharedAccess - ok
21:03:01.0533 7916 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
21:03:01.0586 7916 ShellHWDetection - ok
21:03:01.0600 7916 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
21:03:01.0615 7916 SiSRaid2 - ok
21:03:01.0626 7916 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
21:03:01.0642 7916 SiSRaid4 - ok
21:03:01.0688 7916 [ C70AEBD3608ED9FCEA2A1BAE83567FFC ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:03:01.0802 7916 SkypeUpdate - ok
21:03:01.0825 7916 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
21:03:01.0875 7916 Smb - ok
21:03:01.0997 7916 [ 13FFB1D55C2710ABC3119474A83C0A44 ] SmcService C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
21:03:02.0099 7916 SmcService - ok
21:03:02.0142 7916 [ 0BDEF6DADB43601FDCB031B4B0383580 ] SNAC C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE
21:03:02.0190 7916 SNAC - ok
21:03:02.0224 7916 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
21:03:02.0247 7916 SNMPTRAP - ok
21:03:02.0270 7916 [ 7455ED832A33FEF453407F5411C3342D ] speedfan C:\windows\syswow64\speedfan.sys
21:03:02.0290 7916 speedfan - ok
21:03:02.0308 7916 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
21:03:02.0323 7916 spldr - ok
21:03:02.0371 7916 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
21:03:02.0456 7916 Spooler - ok
21:03:02.0550 7916 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
21:03:02.0641 7916 sppsvc - ok
21:03:02.0662 7916 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
21:03:02.0710 7916 sppuinotify - ok
21:03:02.0748 7916 [ 83834EBC0786CCF5EE64FBBB6A89CF3A ] SRTSP C:\windows\system32\Drivers\SRTSP64.SYS
21:03:02.0778 7916 SRTSP - ok
21:03:02.0810 7916 [ E47D5D68917E0D70E3730263D41CEFA3 ] SRTSPL C:\windows\system32\Drivers\SRTSPL64.SYS
21:03:02.0839 7916 SRTSPL - ok
21:03:02.0873 7916 [ EA2051FF6A40C89EAA98C1769AD68597 ] SRTSPX C:\windows\system32\Drivers\SRTSPX64.SYS
21:03:02.0900 7916 SRTSPX - ok
21:03:02.0932 7916 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
21:03:02.0996 7916 srv - ok
21:03:03.0023 7916 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
21:03:03.0059 7916 srv2 - ok
21:03:03.0106 7916 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
21:03:03.0147 7916 srvnet - ok
21:03:03.0179 7916 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
21:03:03.0257 7916 SSDPSRV - ok
21:03:03.0276 7916 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
21:03:03.0335 7916 SstpSvc - ok
21:03:03.0359 7916 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
21:03:03.0373 7916 stexstor - ok
21:03:03.0416 7916 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
21:03:03.0470 7916 stisvc - ok
21:03:03.0506 7916 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\windows\system32\drivers\vmstorfl.sys
21:03:03.0529 7916 storflt - ok
21:03:03.0563 7916 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\windows\system32\storsvc.dll
21:03:03.0613 7916 StorSvc - ok
21:03:03.0630 7916 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\windows\system32\drivers\storvsc.sys
21:03:03.0648 7916 storvsc - ok
21:03:03.0660 7916 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
21:03:03.0671 7916 swenum - ok
21:03:03.0701 7916 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
21:03:03.0773 7916 swprv - ok
21:03:03.0816 7916 [ 4402CF4959A30CB6A008099ABA8F22A9 ] Symantec AntiVirus C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
21:03:03.0851 7916 Symantec AntiVirus - ok
21:03:03.0893 7916 [ D1F1A5E72E33D6BE449F5F1F4A513DD1 ] SymEvent C:\windows\system32\Drivers\SYMEVENT64x86.SYS
21:03:03.0909 7916 SymEvent - ok
21:03:03.0941 7916 [ 470C47DABA9CA3966F0AB3F835D7D135 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
21:03:03.0967 7916 SynTP - ok
21:03:04.0026 7916 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
21:03:04.0117 7916 SysMain - ok
21:03:04.0149 7916 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
21:03:04.0188 7916 TabletInputService - ok
21:03:04.0205 7916 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
21:03:04.0249 7916 TapiSrv - ok
21:03:04.0274 7916 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
21:03:04.0327 7916 TBS - ok
21:03:04.0393 7916 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\windows\system32\drivers\tcpip.sys
21:03:04.0467 7916 Tcpip - ok
21:03:04.0509 7916 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
21:03:04.0544 7916 TCPIP6 - ok
21:03:04.0578 7916 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
21:03:04.0651 7916 tcpipreg - ok
21:03:04.0676 7916 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
21:03:04.0683 7916 tdcmdpst - ok
21:03:04.0700 7916 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
21:03:04.0725 7916 TDPIPE - ok
21:03:04.0753 7916 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
21:03:04.0786 7916 TDTCP - ok
21:03:04.0821 7916 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
21:03:04.0889 7916 tdx - ok
21:03:04.0918 7916 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
21:03:04.0933 7916 TermDD - ok
21:03:04.0956 7916 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
21:03:05.0025 7916 TermService - ok
21:03:05.0042 7916 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
21:03:05.0068 7916 Themes - ok
21:03:05.0094 7916 [ C013F6ACAA9761F571BD28DADA7C157D ] Thpdrv C:\windows\system32\DRIVERS\thpdrv.sys
21:03:05.0101 7916 Thpdrv - ok
21:03:05.0114 7916 [ B4E609047434ED948AF7BDEF2FA66E38 ] Thpevm C:\windows\system32\DRIVERS\Thpevm.SYS
21:03:05.0120 7916 Thpevm - ok
21:03:05.0152 7916 [ F6927BBA3B09AFF26A53A9191F7378F9 ] Thpsrv C:\windows\system32\ThpSrv.exe
21:03:05.0170 7916 Thpsrv - ok
21:03:05.0191 7916 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
21:03:05.0225 7916 THREADORDER - ok
21:03:05.0271 7916 [ F120967184A27E927052E8DDBB727851 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
21:03:05.0293 7916 TMachInfo - ok
21:03:05.0316 7916 [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv C:\Windows\system32\TODDSrv.exe
21:03:05.0331 7916 TODDSrv - ok
21:03:05.0385 7916 [ BDBE7A21E1DE76D92F566AA80546AA4C ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
21:03:05.0413 7916 TosCoSrv - ok
21:03:05.0457 7916 [ 895F6972480306CB2A2A246991E34C68 ] TOSHIBA Bluetooth Service C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
21:03:05.0496 7916 TOSHIBA Bluetooth Service - ok
21:03:05.0536 7916 [ 152DA63A2843E7E63ECA8AE90D853763 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
21:03:05.0549 7916 TOSHIBA eco Utility Service - ok
21:03:05.0587 7916 [ 74C2FA8C3765EE71A9C22182EC108457 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
21:03:05.0597 7916 TOSHIBA HDD SSD Alert Service - ok
21:03:05.0619 7916 Tosrfcom - ok
21:03:05.0657 7916 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys
21:03:05.0697 7916 tos_sps64 - ok
21:03:05.0732 7916 [ 6F9E17819BFA53CFF67CB1E16669500F ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
21:03:05.0769 7916 TPCHSrv - ok
21:03:05.0787 7916 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
21:03:05.0837 7916 TrkWks - ok
21:03:05.0896 7916 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
21:03:05.0950 7916 TrustedInstaller - ok
21:03:05.0986 7916 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
21:03:06.0060 7916 tssecsrv - ok
21:03:06.0096 7916 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
21:03:06.0127 7916 TsUsbFlt - ok
21:03:06.0173 7916 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
21:03:06.0216 7916 tunnel - ok
21:03:06.0242 7916 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
21:03:06.0248 7916 TVALZ - ok
21:03:06.0285 7916 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
21:03:06.0292 7916 TVALZFL - ok
21:03:06.0313 7916 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
21:03:06.0329 7916 uagp35 - ok
21:03:06.0364 7916 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
21:03:06.0416 7916 udfs - ok
21:03:06.0443 7916 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
21:03:06.0478 7916 UI0Detect - ok
21:03:06.0491 7916 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
21:03:06.0507 7916 uliagpkx - ok
21:03:06.0537 7916 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\drivers\umbus.sys
21:03:06.0547 7916 umbus - ok
21:03:06.0557 7916 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
21:03:06.0587 7916 UmPass - ok
21:03:06.0638 7916 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\windows\System32\umrdp.dll
21:03:06.0666 7916 UmRdpService - ok
21:03:06.0766 7916 [ CC3775100ABA633984F73DFAE1F55CAE ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
21:03:06.0851 7916 UNS - ok
21:03:06.0872 7916 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
21:03:06.0911 7916 upnphost - ok
21:03:06.0946 7916 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
21:03:06.0967 7916 usbccgp - ok
21:03:07.0009 7916 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
21:03:07.0057 7916 usbcir - ok
21:03:07.0090 7916 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys
21:03:07.0119 7916 usbehci - ok
21:03:07.0139 7916 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
21:03:07.0180 7916 usbhub - ok
21:03:07.0207 7916 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
21:03:07.0237 7916 usbohci - ok
21:03:07.0258 7916 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
21:03:07.0279 7916 usbprint - ok
21:03:07.0288 7916 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
21:03:07.0333 7916 USBSTOR - ok
21:03:07.0346 7916 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
21:03:07.0364 7916 usbuhci - ok
21:03:07.0391 7916 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
21:03:07.0422 7916 usbvideo - ok
21:03:07.0439 7916 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
21:03:07.0483 7916 UxSms - ok
21:03:07.0506 7916 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
21:03:07.0516 7916 VaultSvc - ok
21:03:07.0535 7916 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
21:03:07.0550 7916 vdrvroot - ok
21:03:07.0587 7916 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
21:03:07.0632 7916 vds - ok
21:03:07.0656 7916 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
21:03:07.0674 7916 vga - ok
21:03:07.0688 7916 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
21:03:07.0738 7916 VgaSave - ok
21:03:07.0774 7916 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
21:03:07.0793 7916 vhdmp - ok
21:03:07.0832 7916 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
21:03:07.0846 7916 viaide - ok
21:03:07.0862 7916 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\windows\system32\drivers\vmbus.sys
21:03:07.0883 7916 vmbus - ok
21:03:07.0924 7916 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\windows\system32\drivers\VMBusHID.sys
21:03:07.0952 7916 VMBusHID - ok
21:03:07.0969 7916 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
21:03:07.0983 7916 volmgr - ok
21:03:08.0018 7916 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
21:03:08.0034 7916 volmgrx - ok
21:03:08.0049 7916 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
21:03:08.0063 7916 volsnap - ok
21:03:08.0077 7916 [ B4A73CA4EF9A02B9738CEA9AD5FE5917 ] vpcbus C:\windows\system32\DRIVERS\vpchbus.sys
21:03:08.0096 7916 vpcbus - ok
21:03:08.0138 7916 [ E675FB2B48C54F09895482E2253B289C ] vpcnfltr C:\windows\system32\DRIVERS\vpcnfltr.sys
21:03:08.0180 7916 vpcnfltr - ok
21:03:08.0195 7916 [ 5FB42082B0D19A0268705F1DD343DF20 ] vpcusb C:\windows\system32\DRIVERS\vpcusb.sys
21:03:08.0219 7916 vpcusb - ok
21:03:08.0242 7916 [ 207B6539799CC1C112661A9B620DD233 ] vpcvmm C:\windows\system32\drivers\vpcvmm.sys
21:03:08.0258 7916 vpcvmm - ok
21:03:08.0288 7916 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
21:03:08.0307 7916 vsmraid - ok
21:03:08.0344 7916 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
21:03:08.0428 7916 VSS - ok
21:03:08.0432 7916 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
21:03:08.0452 7916 vwifibus - ok
21:03:08.0466 7916 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
21:03:08.0486 7916 vwififlt - ok
21:03:08.0506 7916 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
21:03:08.0539 7916 vwifimp - ok
21:03:08.0575 7916 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
21:03:08.0613 7916 W32Time - ok
21:03:08.0623 7916 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
21:03:08.0653 7916 WacomPen - ok
21:03:08.0696 7916 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
21:03:08.0763 7916 WANARP - ok
21:03:08.0780 7916 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
21:03:08.0814 7916 Wanarpv6 - ok
21:03:08.0881 7916 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
21:03:08.0961 7916 WatAdminSvc - ok
21:03:09.0012 7916 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
21:03:09.0098 7916 wbengine - ok
21:03:09.0110 7916 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
21:03:09.0136 7916 WbioSrvc - ok
21:03:09.0167 7916 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
21:03:09.0211 7916 wcncsvc - ok
21:03:09.0227 7916 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
21:03:09.0259 7916 WcsPlugInService - ok
21:03:09.0275 7916 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
21:03:09.0290 7916 Wd - ok
21:03:09.0312 7916 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
21:03:09.0352 7916 Wdf01000 - ok
21:03:09.0361 7916 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
21:03:09.0480 7916 WdiServiceHost - ok
21:03:09.0485 7916 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
21:03:09.0509 7916 WdiSystemHost - ok
21:03:09.0530 7916 [ FE31110E39A0B11ABAE1BA43A2DC94F9 ] wdkmd C:\windows\system32\DRIVERS\WDKMD.sys
21:03:09.0540 7916 wdkmd - ok
21:03:09.0575 7916 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
21:03:09.0631 7916 WebClient - ok
21:03:09.0652 7916 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
21:03:09.0717 7916 Wecsvc - ok
21:03:09.0733 7916 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
21:03:09.0768 7916 wercplsupport - ok
21:03:09.0790 7916 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
21:03:09.0844 7916 WerSvc - ok
21:03:09.0865 7916 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
21:03:09.0909 7916 WfpLwf - ok
21:03:09.0980 7916 [ 8686E96E13F41AC9806A79CA8004FEEE ] WiMAXAppSrv C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
21:03:10.0017 7916 WiMAXAppSrv ( UnsignedFile.Multi.Generic ) - warning
21:03:10.0017 7916 WiMAXAppSrv - detected UnsignedFile.Multi.Generic (1)
21:03:10.0034 7916 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
21:03:10.0061 7916 WIMMount - ok
21:03:10.0072 7916 WinDefend - ok
21:03:10.0076 7916 WinHttpAutoProxySvc - ok
21:03:10.0117 7916 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
21:03:10.0178 7916 Winmgmt - ok
21:03:10.0269 7916 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
21:03:10.0370 7916 WinRM - ok
21:03:10.0409 7916 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
21:03:10.0448 7916 Wlansvc - ok
21:03:10.0544 7916 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:03:10.0635 7916 wlidsvc - ok
21:03:10.0668 7916 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
21:03:10.0682 7916 WmiAcpi - ok
21:03:10.0699 7916 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
21:03:10.0727 7916 wmiApSrv - ok
21:03:10.0760 7916 WMPNetworkSvc - ok
21:03:10.0777 7916 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
21:03:10.0830 7916 WPCSvc - ok
21:03:10.0867 7916 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
21:03:10.0914 7916 WPDBusEnum - ok
21:03:10.0936 7916 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
21:03:11.0010 7916 ws2ifsl - ok
21:03:11.0031 7916 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
21:03:11.0059 7916 wscsvc - ok
21:03:11.0063 7916 WSearch - ok
21:03:11.0137 7916 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
21:03:11.0210 7916 wuauserv - ok
21:03:11.0244 7916 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
21:03:11.0309 7916 WudfPf - ok
21:03:11.0330 7916 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
21:03:11.0368 7916 WUDFRd - ok
21:03:11.0398 7916 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
21:03:11.0433 7916 wudfsvc - ok
21:03:11.0445 7916 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
21:03:11.0480 7916 WwanSvc - ok
21:03:11.0555 7916 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
21:03:11.0582 7916 YahooAUService - ok
21:03:11.0610 7916 ================ Scan global ===============================
21:03:11.0631 7916 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
21:03:11.0663 7916 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
21:03:11.0675 7916 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
21:03:11.0694 7916 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
21:03:11.0722 7916 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
21:03:11.0728 7916 [Global] - ok
21:03:11.0728 7916 ================ Scan MBR ==================================
21:03:11.0743 7916 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
21:03:12.0186 7916 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
21:03:12.0186 7916 \Device\Harddisk0\DR0 - detected TDSS File System (1)
21:03:12.0186 7916 ================ Scan VBR ==================================
21:03:12.0200 7916 [ A8F8977726A41BAB98304B299FCB4A46 ] \Device\Harddisk0\DR0\Partition1
21:03:12.0203 7916 \Device\Harddisk0\DR0\Partition1 - ok
21:03:12.0205 7916 ============================================================
21:03:12.0205 7916 Scan finished
21:03:12.0205 7916 ============================================================
21:03:12.0222 6500 Detected object count: 6
21:03:12.0222 6500 Actual detected object count: 6
21:03:33.0755 6500 DMAgent ( UnsignedFile.Multi.Generic ) - skipped by user
21:03:33.0755 6500 DMAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:03:33.0757 6500 GFIBackupAdministrationConsole ( UnsignedFile.Multi.Generic ) - skipped by user
21:03:33.0757 6500 GFIBackupAdministrationConsole ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:03:33.0758 6500 GFIBckDiskImage ( UnsignedFile.Multi.Generic ) - skipped by user
21:03:33.0758 6500 GFIBckDiskImage ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:03:33.0760 6500 gfi_backup_mcs ( UnsignedFile.Multi.Generic ) - skipped by user
21:03:33.0760 6500 gfi_backup_mcs ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:03:33.0762 6500 WiMAXAppSrv ( UnsignedFile.Multi.Generic ) - skipped by user
21:03:33.0762 6500 WiMAXAppSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:03:33.0764 6500 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
21:03:33.0764 6500 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
21:04:55.0241 7760 Deinitialize success
OTL logfile created on: 8/20/2012 9:09:21 PM - Run 3
OTL by OldTimer - Version 3.2.58.0 Folder = C:\Users\mc\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.80 Gb Total Physical Memory | 1.90 Gb Available Physical Memory | 50.11% Memory free
7.60 Gb Paging File | 5.39 Gb Available in Paging File | 70.89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.70 Gb Total Space | 318.43 Gb Free Space | 70.34% Space Free | Partition Type: NTFS
Computer Name: DAVID-PC | User Name: mc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012/08/18 17:58:15 | 000,598,016 | ---- | M] (OldTimer Tools) -- C:\Users\mc\Desktop\OTL.exe
PRC - [2012/08/14 18:21:51 | 000,686,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_271_ActiveX.exe
PRC - [2012/07/30 01:21:28 | 000,131,512 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe
PRC - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/06/07 01:15:36 | 003,491,264 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2012/05/12 12:08:49 | 000,932,528 | ---- | M] () -- C:\Users\mc\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012/04/14 01:30:11 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWOW64\rpcnet.exe
PRC - [2011/10/11 12:49:14 | 001,179,648 | ---- | M] (W3i, LLC) -- C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe
PRC - [2011/07/28 19:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/05/24 12:45:58 | 002,266,992 | ---- | M] (GFI Software Ltd.) -- C:\Program Files (x86)\GFI\GFI Backup\GFIAgent.exe
PRC - [2011/05/24 12:45:56 | 002,613,616 | ---- | M] (GFI Software Ltd.) -- C:\Program Files (x86)\GFI\GFI Backup\GFIBSched.exe
PRC - [2011/05/24 12:45:56 | 000,945,520 | ---- | M] (GFI Software Ltd.) -- C:\Program Files (x86)\GFI\GFI Backup\GFIBInst.exe
PRC - [2011/03/24 11:11:18 | 000,107,800 | ---- | M] (Octoshape ApS) -- C:\Users\mc\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
PRC - [2011/02/04 09:46:44 | 000,115,560 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
PRC - [2011/02/04 09:46:44 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2011/02/04 09:46:40 | 001,839,776 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
PRC - [2011/02/04 09:46:38 | 000,050,544 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
PRC - [2010/08/23 12:11:28 | 000,206,240 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
PRC - [2010/07/22 04:16:04 | 000,024,645 | ---- | M] (Apache Software Foundation) -- C:\Program Files (x86)\GFI\GFI Backup Administration Console\apache\bin\httpd.exe
PRC - [2010/05/25 08:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
PRC - [2010/04/27 05:54:50 | 000,099,840 | ---- | M] (GFI Software, Ltd.) -- C:\Program Files (x86)\GFI\GFI Backup Administration Console\backupmcs.exe
PRC - [2010/04/16 08:11:12 | 000,705,848 | ---- | M] (Yahoo!) -- C:\Program Files (x86)\Delicious Add-on for Internet Explorer\DeliciousManager.exe
PRC - [2010/03/11 18:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2010/03/03 18:42:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/03/03 18:41:58 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/12/25 19:21:16 | 000,034,160 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
PRC - [2009/08/24 18:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/06/12 11:31:34 | 000,806,912 | ---- | M] (Answers Corporation) -- C:\Program Files (x86)\1-Click Answers\answers.exe
PRC - [2008/06/12 11:30:40 | 000,020,480 | ---- | M] (Answers Corporation) -- C:\Program Files (x86)\1-Click Answers\agtserv.exe
PRC - [2007/01/04 23:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
========== Modules (No Company Name) ========== MOD - [2012/05/12 12:08:49 | 000,932,528 | ---- | M] () -- C:\Users\mc\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
MOD - [2011/07/28 19:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 19:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/08/11 08:30:08 | 000,544,768 | ---- | M] () -- C:\Program Files (x86)\GFI\GFI Backup Administration Console\php\ext\ioncube_loader_win_5.3.dll
MOD - [2010/08/11 08:30:08 | 000,462,848 | ---- | M] () -- C:\Program Files (x86)\GFI\GFI Backup Administration Console\php\ext\php_gfi.dll
MOD - [2010/07/22 04:16:06 | 000,073,782 | ---- | M] () -- C:\Program Files (x86)\GFI\GFI Backup Administration Console\apache\bin\zlib1.dll
MOD - [2010/04/16 08:11:10 | 000,070,968 | ---- | M] () -- C:\Program Files (x86)\Delicious Add-on for Internet Explorer\DeliciousManagerPS.dll
========== Win32 Services (SafeList) ========== SRV:
64bit: - [2011/03/25 17:19:08 | 000,956,192 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:
64bit: - [2010/07/28 14:27:16 | 000,267,192 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:
64bit: - [2010/07/22 20:36:16 | 000,822,192 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:
64bit: - [2010/07/19 19:08:30 | 001,429,776 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:
64bit: - [2010/07/19 18:48:36 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:
64bit: - [2010/07/19 18:46:54 | 000,838,928 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:
64bit: - [2010/06/29 15:05:02 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:
64bit: - [2010/06/07 19:39:40 | 000,911,872 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe -- (WiMAXAppSrv)
SRV:
64bit: - [2010/06/07 19:34:20 | 000,408,576 | ---- | M] (Red Bend Ltd.) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe -- (DMAgent)
SRV:
64bit: - [2010/02/05 20:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:
64bit: - [2009/10/21 13:30:36 | 000,531,520 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)
SRV:
64bit: - [2009/07/28 18:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:
64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:
64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/08/14 19:12:18 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/30 01:21:28 | 000,131,512 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)
SRV - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/06/05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/14 07:46:58 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/04/14 01:30:11 | 000,058,288 | ---- | M] (Absolute Software Corp.) [Auto | Running] -- C:\Windows\SysWOW64\rpcnet.exe -- (rpcnet)
SRV - [2011/05/24 12:45:56 | 002,613,616 | ---- | M] (GFI Software Ltd.) [Auto | Running] -- C:\Program Files (x86)\GFI\GFI Backup\GFIBSched.exe -- (GFIBckBSched)
SRV - [2011/05/24 12:45:56 | 000,945,520 | ---- | M] (GFI Software Ltd.) [Auto | Running] -- C:\Program Files (x86)\GFI\GFI Backup\GFIBInst.exe -- (GFIBckBAtt)
SRV - [2011/05/18 13:16:58 | 003,949,056 | ---- | M] (GFI Software Ltd.) [Auto | Running] -- C:\Program Files (x86)\GFI\GFI Backup\DiskImage\x64\oodiag.exe -- (GFIBckDiskImage)
SRV - [2011/02/11 13:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2011/02/04 09:46:44 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2011/02/04 09:46:44 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2011/02/04 09:46:42 | 000,428,912 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE -- (SNAC)
SRV - [2011/02/04 09:46:40 | 003,249,768 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2011/02/04 09:46:40 | 001,839,776 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2010/09/07 16:05:51 | 003,093,880 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2010/07/22 04:16:04 | 000,024,645 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files (x86)\GFI\GFI Backup Administration Console\apache\bin\httpd.exe -- (GFIBackupAdministrationConsole)
SRV - [2010/04/27 05:54:50 | 000,099,840 | ---- | M] (GFI Software, Ltd.) [Auto | Running] -- C:\Program Files (x86)\GFI\GFI Backup Administration Console\backupmcs.exe -- (gfi_backup_mcs)
SRV - [2010/04/03 19:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/18 16:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/11 18:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010/03/03 18:42:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/03/03 18:41:58 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/02/25 13:07:14 | 000,196,464 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2009/08/24 18:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe -- (PCCUJobMgr)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/01/04 23:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2012/04/23 07:26:26 | 000,154,272 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:
64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2011/05/26 09:21:28 | 000,174,680 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:
64bit: - [2011/05/25 17:42:01 | 000,173,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:
64bit: - [2011/05/24 00:32:10 | 000,349,736 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL)
DRV:
64bit: - [2011/05/24 00:32:10 | 000,138,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:
64bit: - [2011/05/24 00:32:10 | 000,107,560 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:
64bit: - [2011/05/24 00:32:10 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:
64bit: - [2011/05/24 00:32:10 | 000,021,416 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:
64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2011/02/04 09:46:46 | 000,482,352 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\srtspl64.sys -- (SRTSPL)
DRV:
64bit: - [2011/02/04 09:46:46 | 000,449,072 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\srtsp64.sys -- (SRTSP)
DRV:
64bit: - [2011/02/04 09:46:46 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\srtspx64.sys -- (SRTSPX)
DRV:
64bit: - [2011/01/13 03:18:40 | 010,627,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:
64bit: - [2010/11/20 09:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:
64bit: - [2010/11/20 09:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:
64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2010/11/20 07:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:
64bit: - [2010/11/20 07:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:
64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:
64bit: - [2010/11/20 05:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:
64bit: - [2010/08/31 22:07:06 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:
64bit: - [2010/07/28 12:46:18 | 007,821,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:
64bit: - [2010/06/18 14:38:06 | 000,039,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:
64bit: - [2010/05/31 16:05:06 | 007,689,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64)
DRV:
64bit: - [2010/05/16 21:28:38 | 000,175,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpmp.sys -- (bpmp)
DRV:
64bit: - [2010/05/16 21:28:30 | 000,081,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpusb.sys -- (bpusb)
DRV:
64bit: - [2010/05/16 21:28:28 | 000,071,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpenum.sys -- (bpenum)
DRV:
64bit: - [2010/05/08 22:38:56 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:
64bit: - [2010/05/03 18:44:02 | 000,331,880 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:
64bit: - [2010/04/14 04:01:44 | 000,054,824 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:
64bit: - [2010/03/10 22:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:
64bit: - [2010/02/26 20:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:
64bit: - [2010/01/15 16:22:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:
64bit: - [2009/09/17 16:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:
64bit: - [2009/07/31 01:02:36 | 000,044,912 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:
64bit: - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:
64bit: - [2009/07/14 19:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:
64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2009/07/13 20:00:24 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpials.sys -- (acpials)
DRV:
64bit: - [2009/06/29 20:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)
DRV:
64bit: - [2009/06/29 14:25:22 | 000,034,880 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\thpdrv.sys -- (Thpdrv)
DRV:
64bit: - [2009/06/22 21:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:
64bit: - [2009/06/19 23:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:
64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:
64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:
64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:
64bit: - [2007/09/06 17:53:00 | 000,016,384 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DSI_SiUSBXp_3_1.sys -- (DSI_SiUSBXp_3_1)
DRV:
64bit: - [2007/04/17 15:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV - [2012/08/20 19:15:50 | 002,068,600 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20120820.002\ex64.sys -- (NAVEX15)
DRV - [2012/08/20 19:15:50 | 000,120,440 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20120820.002\eng64.sys -- (NAVENG)
DRV - [2012/08/10 04:00:00 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/08/10 04:00:00 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/02/04 09:46:46 | 000,482,352 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\srtspl64.sys -- (SRTSPL)
DRV - [2011/02/04 09:46:46 | 000,449,072 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysWOW64\drivers\srtsp64.sys -- (SRTSP)
DRV - [2011/02/04 09:46:46 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\srtspx64.sys -- (SRTSPX)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007/04/18 00:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\regi.sys -- (regi)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {78C6F4A9-9B1E-405F-B910-B481A579DA2A}
IE:
64bit: - HKLM\..\SearchScopes\{78C6F4A9-9B1E-405F-B910-B481A579DA2A}: "URL" =
http://www.google.co...ng}&rlz=1I7TSNDIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.google.co...=TSND&bmod=TSNDIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.co...=TSND&bmod=TSNDIE - HKLM\..\SearchScopes,DefaultScope = {457C9896-7CFE-4E4C-82FB-F34417EBAE79}
IE - HKLM\..\SearchScopes\{457C9896-7CFE-4E4C-82FB-F34417EBAE79}: "URL" =
http://www.google.co...ng}&rlz=1I7TSND IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2367826360-3942094746-2088260218-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\mc\Desktop
IE - HKU\S-1-5-21-2367826360-3942094746-2088260218-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.google.co...=TSND&bmod=TSNDIE - HKU\S-1-5-21-2367826360-3942094746-2088260218-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2367826360-3942094746-2088260218-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.wikipedia.org/IE - HKU\S-1-5-21-2367826360-3942094746-2088260218-1000\..\SearchScopes,DefaultScope = {8C17BC3A-457A-48B3-8F71-F9587B495644}
IE - HKU\S-1-5-21-2367826360-3942094746-2088260218-1000\..\SearchScopes\{2A696BCE-44CF-45a4-B905-59CDFA08531A}: "URL" =
http://del.icio.us/s...Terms}&type=allIE - HKU\S-1-5-21-2367826360-3942094746-2088260218-1000\..\SearchScopes\{457C9896-7CFE-4E4C-82FB-F34417EBAE79}: "URL" =
http://www.google.co...ng}&rlz=1I7TSNDIE - HKU\S-1-5-21-2367826360-3942094746-2088260218-1000\..\SearchScopes\{8C17BC3A-457A-48B3-8F71-F9587B495644}: "URL" =
http://www.google.co...ND_enUS433US433IE - HKU\S-1-5-21-2367826360-3942094746-2088260218-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2367826360-3942094746-2088260218-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "
https://mail.google....ily World News" FF:
64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\mc\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll (Octoshape ApS)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\mc\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\mc\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\mc\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\mc\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/12/24 22:26:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/12 09:36:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/08/18 17:20:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Users\mc\AppData\Roaming\IDM\idmmzcc5 [2012/07/14 10:21:34 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\
[email protected]: C:\Users\mc\AppData\Roaming\IDM\idmmzcc5 [2012/07/14 10:21:34 | 000,000,000 | ---D | M]
[2011/05/23 20:35:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mc\AppData\Roaming\mozilla\Extensions
[2012/05/21 08:34:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mc\AppData\Roaming\mozilla\Firefox\Profiles\4kmwp3vt.default\extensions
[2012/05/21 08:34:03 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\mc\AppData\Roaming\mozilla\Firefox\Profiles\4kmwp3vt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/05/23 20:35:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/07/14 10:21:34 | 000,000,000 | ---D | M] (IDM CC) -- C:\USERS\MC\APPDATA\ROAMING\IDM\IDMMZCC5
[2012/05/14 07:46:58 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/02/25 10:51:04 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/02/25 10:51:04 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ========== CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage:
http://www.google.co...=TSND&bmod=TSNDCHR - Extension: YouTube = C:\Users\mc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google Search = C:\Users\mc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\mc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\mc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:
64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:
64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (CDelHotkeys Object) - {78875F5C-A685-4405-8DC5-D48DC65452B0} - C:\Program Files (x86)\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3:
64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:
64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Delicious Toolbar) - {61D1C847-DF80-423A-8C6D-DC03B97E6EBE} - C:\Program Files (x86)\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:
64bit: - HKU\S-1-5-21-2367826360-3942094746-2088260218-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-2367826360-3942094746-2088260218-1000\..\Toolbar\WebBrowser: (Delicious Toolbar) - {61D1C847-DF80-423A-8C6D-DC03B97E6EBE} - C:\Program Files (x86)\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!)
O4:
64bit: - HKLM..\Run: [] File not found
O4:
64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:
64bit: - HKLM..\Run: [IntelWirelessWiMAX] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe (Intel® Corporation)
O4:
64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:
64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:
64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ccApp] C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [GFI Backup] C:\Program Files (x86)\GFI\GFI Backup\GFIAgent.exe (GFI Software Ltd.)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe (TOSHIBA)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2367826360-3942094746-2088260218-1000..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-2367826360-3942094746-2088260218-1000..\Run: [InstallIQUpdater] C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe (W3i, LLC)
O4 - HKU\S-1-5-21-2367826360-3942094746-2088260218-1000..\Run: [Octoshape Streaming Services] C:\Users\mc\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
O4 - HKU\S-1-5-21-2367826360-3942094746-2088260218-1000..\Run: [Spotify Web Helper] C:\Users\mc\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: UseDefaultTile = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKU\S-1-5-21-2367826360-3942094746-2088260218-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0
O7 - HKU\S-1-5-21-2367826360-3942094746-2088260218-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-21-2367826360-3942094746-2088260218-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKU\S-1-5-21-2367826360-3942094746-2088260218-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKU\S-1-5-21-2367826360-3942094746-2088260218-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O7 - HKU\S-1-5-21-2367826360-3942094746-2088260218-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-2367826360-3942094746-2088260218-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegedit = 0
O8:
64bit: - Extra context menu item: Answers... - C:\Program Files (x86)\1-Click Answers\Html\atiemenu.htm ()
O8:
64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:
64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8:
64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8:
64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:
64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Answers... - C:\Program Files (x86)\1-Click Answers\Html\atiemenu.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:
64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:
64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Delicious - {2C887991-08F0-11DC-A9B2-0012F0B227DD} - C:\Program Files (x86)\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!)
O9 - Extra Button: Bookmarks - {2C887992-08F0-11DC-A9B2-0012F0B227DD} - C:\Program Files (x86)\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!)
O9 - Extra Button: Tag - {2C887993-08F0-11DC-A9B2-0012F0B227DD} - C:\Program Files (x86)\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13
64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2367826360-3942094746-2088260218-1000\..Trusted Domains: blank ([]about in Trusted sites)
O15 - HKU\S-1-5-21-2367826360-3942094746-2088260218-1000\..Trusted Domains: real.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKU\S-1-5-21-2367826360-3942094746-2088260218-1000\..Trusted Domains: real.com ([rhapreg] https in Trusted sites)
O15 - HKU\S-1-5-21-2367826360-3942094746-2088260218-1000\..Trusted Domains: rhapsody.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKU\S-1-5-21-2367826360-3942094746-2088260218-1000\..Trusted Domains: rhapsody.com ([rhapreg] https in Trusted sites)
O15 - HKU\S-1-5-21-2367826360-3942094746-2088260218-1000\..Trusted Ranges: Range1 ([http] in Trusted sites)
O15 - HKU\S-1-5-21-2367826360-3942094746-2088260218-1000\..Trusted Ranges: Range1 ([https] in Trusted sites)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616}
http://download.divx...owserPlugin.cab (DivXBrowserPlugin Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B5B8CBD-A9B9-4E14-94CE-E41945D91CB1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{707D592C-00F0-4857-A50D-F6D42A9EEACB}: NameServer = 0.0.0.0
O18:
64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:
64bit: - Protocol\Handler\livecall - No CLSID value found
O18:
64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:
64bit: - Protocol\Handler\msnim - No CLSID value found
O18:
64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:
64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:
64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\S-1-5-19 Winlogon: Shell - (Explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-20 Winlogon: Shell - (Explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-2367826360-3942094746-2088260218-1000 Winlogon: Shell - (Explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:
64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ========== [2012/08/20 21:01:06 | 002,212,440 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\mc\Desktop\tdsskiller.exe
[2012/08/20 20:19:16 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\mc\Desktop\iexplore.exe.exe
[2012/08/20 19:15:41 | 000,000,000 | ---D | C] -- C:\Users\mc\Desktop\Old Geeks to Go Reports
[2012/08/19 12:32:18 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/08/18 17:58:12 | 000,598,016 | ---- | C] (OldTimer Tools) -- C:\Users\mc\Desktop\OTL.exe
[2012/08/18 17:01:54 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2012/08/18 17:01:53 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2012/08/18 17:01:50 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2012/08/18 17:01:48 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2012/08/18 17:01:39 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2012/08/18 17:01:38 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2012/08/18 17:01:38 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2012/08/18 17:01:37 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2012/08/18 17:01:35 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2012/08/18 17:01:34 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2012/08/18 17:01:34 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2012/08/18 17:01:31 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2012/08/18 17:01:30 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2012/08/14 19:12:10 | 009,826,504 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe
[2012/08/14 18:35:17 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srcore.dll
[2012/08/14 18:35:11 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll
[2012/08/14 18:35:10 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32spl.dll
[2012/08/14 18:35:09 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\splwow64.exe
[2012/08/14 18:35:07 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\browcli.dll
[2012/08/14 18:35:06 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netapi32.dll
[2012/08/14 18:35:05 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\browcli.dll
[2012/08/14 18:35:00 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localspl.dll
[2012/07/30 01:22:15 | 000,000,000 | ---D | C] -- C:\Users\mc\AppData\Local\Chromium
[2012/07/30 01:19:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Checkup
[2012/07/30 01:19:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Checkup
[2012/07/26 13:19:33 | 001,397,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\utilman.exe
[2012/07/26 13:19:31 | 001,402,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\utilman.exe
========== Files - Modified Within 30 Days ========== [2012/08/20 21:12:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/08/20 21:09:00 | 000,000,896 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2367826360-3942094746-2088260218-1000UA.job
[2012/08/20 21:08:01 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/20 21:08:00 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/20 21:01:06 | 002,212,440 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\mc\Desktop\tdsskiller.exe
[2012/08/20 20:57:53 | 000,000,512 | ---- | M] () -- C:\Users\mc\Desktop\MBR.dat
[2012/08/20 20:37:04 | 000,020,368 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/20 20:37:04 | 000,020,368 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/20 20:35:27 | 000,726,444 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/08/20 20:35:27 | 000,626,024 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/08/20 20:35:27 | 000,107,358 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/08/20 20:29:39 | 000,017,920 | ---- | M] () -- C:\windows\SysNative\rpcnetp.exe
[2012/08/20 20:29:37 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\windows\SysWow64\rpcnet.dll
[2012/08/20 20:29:18 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/08/20 20:28:59 | 512,420,695 | ---- | M] () -- C:\windows\MEMORY.DMP
[2012/08/20 20:28:40 | 3059,748,864 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/20 20:19:51 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\mc\Desktop\iexplore.exe.exe
[2012/08/20 19:06:59 | 000,000,844 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2367826360-3942094746-2088260218-1000Core.job
[2012/08/18 17:58:15 | 000,598,016 | ---- | M] (OldTimer Tools) -- C:\Users\mc\Desktop\OTL.exe
[2012/08/18 17:14:21 | 000,416,224 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/08/14 19:12:17 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2012/08/14 19:12:17 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/08/14 19:12:10 | 009,826,504 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe
[2012/07/30 01:19:39 | 000,001,967 | ---- | M] () -- C:\Users\Public\Desktop\PC Checkup.lnk
[2012/07/26 14:59:27 | 000,017,920 | ---- | M] () -- C:\windows\SysWow64\rpcnetp.dll
[2012/07/26 14:58:57 | 000,017,920 | ---- | M] () -- C:\windows\SysWow64\rpcnetp.exe
========== Files Created - No Company Name ========== [2012/08/20 20:57:53 | 000,000,512 | ---- | C] () -- C:\Users\mc\Desktop\MBR.dat
[2012/07/30 01:19:39 | 000,001,967 | ---- | C] () -- C:\Users\Public\Desktop\PC Checkup.lnk
[2012/04/06 21:51:37 | 000,017,920 | ---- | C] () -- C:\windows\SysWow64\rpcnetp.dll
[2012/04/06 21:50:37 | 000,017,920 | ---- | C] () -- C:\windows\SysWow64\rpcnetp.exe
[2011/10/05 08:59:58 | 000,339,968 | ---- | C] () -- C:\windows\SysWow64\vistaesr.exe
[2011/06/15 15:23:28 | 000,103,784 | ---- | C] () -- C:\Users\mc\GoToAssistDownloadHelper.exe
[2011/05/25 19:11:46 | 000,000,031 | ---- | C] () -- C:\windows\WebUpdateSvc4.INI
[2011/05/25 18:32:49 | 000,194,128 | ---- | C] () -- C:\windows\jgzr.dat
[2011/01/13 03:16:56 | 000,874,048 | ---- | C] () -- C:\windows\SysWow64\igkrng575.bin
[2011/01/13 03:16:56 | 000,127,868 | ---- | C] () -- C:\windows\SysWow64\igcompkrng575.bin
[2011/01/13 03:16:56 | 000,104,796 | ---- | C] () -- C:\windows\SysWow64\igfcg575m.bin
========== Custom Scans ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1
< End of report >
No VirScan report was created because the target file could not be found, as explained above.
Thanks!