Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Win64-Sirefef (Windows 7 - 64bit) [Solved]

Started by AnthonyOhio , Aug 27 2012 06:28 PM

  • This topic is locked This topic is locked

#46
AnthonyOhio
Posted 17 September 2012 - 07:26 PM

AnthonyOhio

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Good to hear that everything seems fine, WhiteHat.

Here are the results:

OTL logfile created on: 9/17/2012 9:14:57 PM - Run 4
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\A\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.98 Gb Total Physical Memory | 6.15 Gb Available Physical Memory | 77.04% Memory free
15.95 Gb Paging File | 13.89 Gb Available in Paging File | 87.07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450.21 Gb Total Space | 341.82 Gb Free Space | 75.93% Space Free | Partition Type: NTFS
Drive D: | 698.63 Gb Total Space | 13.68 Gb Free Space | 1.96% Space Free | Partition Type: NTFS
Drive G: | 7.59 Gb Total Space | 7.53 Gb Free Space | 99.24% Space Free | Partition Type: FAT32

Computer Name: A-QOSMIO | User Name: A | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/27 20:02:38 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\A\Desktop\OTL.exe
PRC - [2011/11/15 23:37:48 | 000,097,792 | ---- | M] (Sage Software, Inc) -- C:\Program Files (x86)\ACT\Act for Windows\Sage.ACT.Integration.exe
PRC - [2011/11/15 23:37:46 | 000,018,432 | ---- | M] (Sage Software, Inc.) -- C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook.Service.exe
PRC - [2011/11/15 23:34:52 | 000,018,432 | ---- | M] (Microsoft) -- C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe
PRC - [2011/09/05 11:04:54 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/05/06 13:06:08 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/03/26 12:38:38 | 000,251,256 | ---- | M] (BUFFALO INC.) -- C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe
PRC - [2011/03/26 12:38:38 | 000,206,128 | ---- | M] (BUFFALO INC.) -- C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe
PRC - [2011/03/26 12:38:37 | 001,906,152 | ---- | M] (BUFFALO INC.) -- C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe
PRC - [2011/03/11 17:14:58 | 000,030,064 | ---- | M] () -- c:\Program Files (x86)\Common Files\Ulead Systems\UDSS\UDSS.exe
PRC - [2011/03/10 13:20:00 | 000,701,856 | ---- | M] (TOSHIBA Corporation.) -- C:\Program Files\TOSHIBA\HDMICtrlMan\HCMSoundChanger.exe
PRC - [2011/03/02 14:07:04 | 002,745,760 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2011/02/03 15:50:10 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
PRC - [2011/02/01 16:24:42 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011/02/01 16:24:40 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/12/02 22:03:02 | 000,251,832 | ---- | M] (arvato digital services llc) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2010/09/06 19:18:00 | 000,746,384 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
PRC - [2010/08/23 19:12:00 | 000,677,264 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2010/08/23 19:12:00 | 000,087,440 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2010/08/16 13:54:50 | 000,034,160 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\Utilities\KeNotify.exe
PRC - [2010/05/20 19:15:00 | 000,110,736 | R--- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2009/09/17 02:00:02 | 000,292,128 | ---- | M] (SafeNet, Inc.) -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
PRC - [2009/04/03 21:17:00 | 000,447,816 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/16 11:45:43 | 001,670,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll
MOD - [2012/06/16 11:44:56 | 000,517,120 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Genghis\4e3a0d6f9570bc81924486c703bdba65\Genghis.ni.dll
MOD - [2012/06/16 11:43:50 | 001,823,232 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Act.UI.SyncSetup\a40b656d5100aa264aeb3f5d6c5b62b5\Act.UI.SyncSetup.ni.dll
MOD - [2012/06/16 11:43:08 | 004,320,768 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Act.Shared.Windows.#\69a95b04a99487191f87d22f249572b6\Act.Shared.Windows.Forms.ni.dll
MOD - [2012/06/16 11:43:06 | 000,724,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Act.Shared.Win32\45d0667df571c08b39c39564c3e251dc\Act.Shared.Win32.ni.dll
MOD - [2012/06/16 11:43:05 | 000,107,520 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Act.Shared.Localiza#\46c20b62fbce3d554b6acd08df49b93f\Act.Shared.Localization.ni.dll
MOD - [2012/06/16 11:43:04 | 006,611,456 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Act.Shared.Images\a91fb4e9eb2c3c3d674cee468df4f633\Act.Shared.Images.ni.dll
MOD - [2012/06/16 11:43:04 | 001,463,296 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Act.Shared.LicProvi#\894ee51d832627079ca9bee980c8d216\Act.Shared.LicProvider.ni.dll
MOD - [2012/06/16 11:43:00 | 000,841,728 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Act.Outlook.Sync.Co#\e80e0b0d4a3c3e01ca8a231cc5e17b71\Act.Outlook.Sync.Common.ni.dll
MOD - [2012/06/16 11:42:58 | 000,570,880 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Act.Outlook.Service#\90d112491863ad5e32f38540dcfd638a\Act.Outlook.Service.Desktop.ni.dll
MOD - [2012/06/16 11:42:58 | 000,528,896 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Act.Outlook.Service#\0690b81f98d02c3f26111a712f7a0244\Act.Outlook.Service.Shared.ni.dll
MOD - [2012/06/16 11:42:58 | 000,064,000 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Act.Outlook.Service#\956d3368f00e0ff83fe19bea3827c3bd\Act.Outlook.Service.Interfaces.ni.dll
MOD - [2012/06/16 11:42:57 | 000,298,496 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Act.Outlook.Integra#\3ee34da6f3f0eb6da2eae0ed01651b82\Act.Outlook.Integration.ni.dll
MOD - [2012/06/16 11:42:57 | 000,095,232 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Act.Outlook.Service#\f95a67c10276ca9f13058f5ef51555d7\Act.Outlook.Service.AppCommon.ni.dll
MOD - [2012/06/16 11:42:56 | 001,406,976 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Act.Framework.Synch#\e26cec2a56ea273ddf0e2bbedc94addb\Act.Framework.Synchronization.ni.dll
MOD - [2012/06/16 11:42:47 | 010,360,320 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Act.Framework\338114e9930b7dc5c090037c5aed1cc8\Act.Framework.ni.dll
MOD - [2012/06/15 13:58:51 | 011,833,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012/06/15 13:58:28 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/15 13:58:22 | 001,591,808 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/05/14 09:59:26 | 000,292,352 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\de2de3d7f9c615105fdabbec198daeae\Microsoft.Practices.ObjectBuilder2.ni.dll
MOD - [2012/05/14 09:59:26 | 000,197,632 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\9a43844e4e35fe6db84ac14c5b2973fd\Microsoft.Practices.Unity.ni.dll
MOD - [2012/05/14 09:59:26 | 000,100,864 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\8106b732c785eeb00542cee8caf1e0ef\Microsoft.Practices.Unity.Configuration.ni.dll
MOD - [2012/05/14 09:58:57 | 000,126,976 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Interop.ADChronopher\30a1cac4082d12567b9d51d6c2a82b56\Interop.ADChronopher.ni.dll
MOD - [2012/05/14 09:41:33 | 001,083,392 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\2ce8210219c7123610072357358df470\System.IdentityModel.ni.dll
MOD - [2012/05/14 09:41:32 | 002,347,008 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\72a24b45e11d64eb2bc840aae9419ba5\System.Runtime.Serialization.ni.dll
MOD - [2012/05/14 09:41:31 | 000,256,000 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\9e7bf69d97febe4ed1a288c787e5d9ca\SMDiagnostics.ni.dll
MOD - [2012/05/14 09:41:30 | 017,478,656 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\8d735346f3a8a7123a1533637e980211\System.ServiceModel.ni.dll
MOD - [2012/05/14 09:39:11 | 000,031,232 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Act.Shared.Licensing\259ad73826f3ea1a8e1915838c0f0b38\Act.Shared.Licensing.ni.dll
MOD - [2012/05/14 09:39:09 | 000,080,384 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Act.Shared.Config\cc2a54ac2fb8384c9705f12de3a1045b\Act.Shared.Config.ni.dll
MOD - [2012/05/14 09:39:05 | 000,373,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Act.Outlook.Message#\ca1ef22daec0169e3840f8fa63b9cce1\Act.Outlook.Message.Reader.ni.dll
MOD - [2012/05/14 09:38:47 | 002,297,856 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll
MOD - [2012/05/14 09:38:42 | 002,079,744 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Act.Data.Resources\912a0f673707ddb95b5b809d4106366b\Act.Data.Resources.ni.dll
MOD - [2012/05/14 09:38:42 | 000,118,272 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Act.Data\77f960fdbc3ee26d933aa0fc345623a5\Act.Data.ni.dll
MOD - [2012/05/14 09:38:42 | 000,088,576 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Act.Data.ActDb\f9e152e75a1660a470ecdddd703b20d3\Act.Data.ActDb.ni.dll
MOD - [2012/05/14 09:38:41 | 000,036,864 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Act.CompositeExtens#\4a8cccfdfcd729d9d79cf8943442f8f7\Act.CompositeExtensions.Unity.ni.dll
MOD - [2012/05/14 07:42:29 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/14 07:42:28 | 000,628,224 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\168755d010e5a96ac940b0ddd27616a4\System.EnterpriseServices.ni.dll
MOD - [2012/05/14 07:42:28 | 000,627,200 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\80fae9f16f80075535e72458ef293f7a\System.Transactions.ni.dll
MOD - [2012/05/14 07:42:27 | 006,610,944 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\eaeca46457a0c33b93f6f4be08990cab\System.Data.ni.dll
MOD - [2012/05/14 07:41:51 | 005,452,800 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/14 07:41:48 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/14 07:41:47 | 007,967,232 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/14 07:41:42 | 011,492,864 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2011/12/14 15:29:19 | 000,237,568 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Act.Shared.Sync\14.1.108.0__ebf6b2ff4d0a08aa\Act.Shared.Sync.dll
MOD - [2011/12/14 15:29:19 | 000,136,192 | ---- | M] () -- C:\windows\assembly\GAC_32\Act.Outlook.Message.Reader\14.1.108.0__ebf6b2ff4d0a08aa\Act.Outlook.Message.Reader.dll
MOD - [2011/12/14 15:29:19 | 000,090,112 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Act.Outlook.Win.Integration\14.1.108.0__ebf6b2ff4d0a08aa\Act.Outlook.Win.Integration.dll
MOD - [2011/12/14 15:29:19 | 000,057,344 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Act.Shared.Utilities\14.1.108.0__ebf6b2ff4d0a08aa\Act.Shared.Utilities.dll
MOD - [2011/12/14 15:29:19 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Act.Shared.Diagnostics\14.1.108.0__ebf6b2ff4d0a08aa\Act.Shared.Diagnostics.dll
MOD - [2011/12/14 15:29:19 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Act.Outlook.Service.Interfaces\14.1.108.0__ebf6b2ff4d0a08aa\Act.Outlook.Service.Interfaces.dll
MOD - [2011/08/18 01:41:34 | 000,550,328 | ---- | M] () -- C:\Program Files (x86)\ACT\Act for Windows\PSIClient.dll
MOD - [2010/11/20 23:24:08 | 002,927,616 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009/06/10 17:23:19 | 000,261,632 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011/08/05 12:53:12 | 000,467,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV:64bit: - [2011/08/05 12:53:12 | 000,306,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV:64bit: - [2011/08/05 12:53:06 | 008,277,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV:64bit: - [2011/04/20 14:45:38 | 000,480,256 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2011/04/07 16:59:32 | 000,294,328 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2011/04/05 22:38:16 | 000,828,336 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2010/12/24 23:14:38 | 000,526,848 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)
SRV:64bit: - [2010/12/08 18:42:54 | 000,137,632 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2010/10/20 17:41:00 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2010/09/22 21:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/06/14 12:31:21 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011/11/15 23:42:52 | 000,081,920 | ---- | M] (Sage Software, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\ACT\Act for Windows\Act.Scheduler.exe -- (Sage ACT! Scheduler)
SRV - [2011/11/15 23:34:52 | 000,018,432 | ---- | M] (Microsoft) [Auto | Running] -- C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe -- (ActService)
SRV - [2011/09/05 11:04:54 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/05/06 13:06:08 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/03/26 12:38:38 | 000,251,256 | ---- | M] (BUFFALO INC.) [Auto | Running] -- C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe -- (NasPmService)
SRV - [2011/03/11 17:14:58 | 000,030,064 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Common Files\Ulead Systems\UDSS\UDSS.exe -- (UDSS)
SRV - [2011/02/11 13:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2011/02/03 15:50:10 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe -- (PCCUJobMgr)
SRV - [2011/02/01 16:24:42 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/02/01 16:24:40 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/12/02 22:03:02 | 000,251,832 | ---- | M] (arvato digital services llc) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/05/20 19:15:00 | 000,110,736 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2010/04/12 13:45:00 | 000,196,976 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Running] -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/17 02:00:02 | 000,292,128 | ---- | M] (SafeNet, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe -- (SentinelSecurityRuntime)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/05/31 18:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 18:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/04/09 22:51:37 | 000,676,968 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/06/21 06:23:38 | 000,020,592 | ---- | M] (Compal Electronics, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CeKbFilter.sys -- (CeKbFilter)
DRV:64bit: - [2011/05/02 20:45:04 | 000,175,192 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2011/04/25 23:51:04 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2011/03/28 01:54:02 | 000,122,472 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/23 14:03:42 | 000,291,120 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfbd.sys -- (tosrfbd)
DRV:64bit: - [2011/02/10 17:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011/02/10 17:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011/02/08 22:07:00 | 000,038,096 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2011/02/03 22:59:06 | 001,413,680 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/02/01 15:13:38 | 000,173,160 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/01/27 18:27:04 | 000,067,384 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfusb.sys -- (Tosrfusb)
DRV:64bit: - [2011/01/12 20:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/12/17 22:46:46 | 002,675,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/11/29 14:47:00 | 000,082,224 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tosrfcom.sys -- (Tosrfcom)
DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 23:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/11 13:27:00 | 000,050,864 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV:64bit: - [2010/10/19 19:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/18 17:14:02 | 000,042,096 | R--- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2010/08/30 13:48:00 | 000,094,528 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV:64bit: - [2010/06/18 19:45:00 | 000,018,872 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfec.sys -- (tosrfec)
DRV:64bit: - [2010/04/26 14:48:00 | 000,063,488 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV:64bit: - [2010/03/22 13:55:20 | 000,046,192 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:64bit: - [2009/09/17 08:05:02 | 000,145,448 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\sentinel64.sys -- (Sentinel64)
DRV:64bit: - [2009/09/17 08:05:02 | 000,058,792 | ---- | M] (SafeNet, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SNTUSB64.SYS -- (SNTUSB64)
DRV:64bit: - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/24 14:33:00 | 000,026,472 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfnds.sys -- (tosrfnds)
DRV:64bit: - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/13 20:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/07/13 20:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/06/29 19:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)
DRV:64bit: - [2009/06/29 13:25:22 | 000,034,880 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\thpdrv.sys -- (Thpdrv)
DRV:64bit: - [2009/06/19 22:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/17 15:01:00 | 000,054,664 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosporte.sys -- (tosporte)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007/04/17 14:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9ACCAD01-BA01-474A-A8FD-C08247EEFC69}
IE:64bit: - HKLM\..\SearchScopes\{9ACCAD01-BA01-474A-A8FD-C08247EEFC69}: "URL" = http://www.google.co...ng}&rlz=1I7TSNF
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {8C45CDBE-C348-4FF1-80F0-6DDBA9D3F3C2}
IE - HKLM\..\SearchScopes\{8C45CDBE-C348-4FF1-80F0-6DDBA9D3F3C2}: "URL" = http://www.google.co...ng}&rlz=1I7TSNF


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3698114078-3187318532-2637875445-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/g/
IE - HKU\S-1-5-21-3698114078-3187318532-2637875445-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3698114078-3187318532-2637875445-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-3698114078-3187318532-2637875445-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-3698114078-3187318532-2637875445-1000\..\SearchScopes,DefaultScope = {5DA2F69C-745A-4B12-9EE0-3A68BCEB3004}
IE - HKU\S-1-5-21-3698114078-3187318532-2637875445-1000\..\SearchScopes\{5DA2F69C-745A-4B12-9EE0-3A68BCEB3004}: "URL" = http://www.google.co...utputEncoding?}
IE - HKU\S-1-5-21-3698114078-3187318532-2637875445-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/14 12:31:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011/11/26 15:03:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2011/11/26 14:56:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\A\AppData\Roaming\Mozilla\Extensions
[2012/06/14 12:33:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\8ior70wh.default\extensions
[2012/06/14 12:31:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/06/14 12:31:22 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/06/14 12:31:20 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/06/14 12:31:20 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/09/11 08:20:10 | 000,000,855 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\Toshiba\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3698114078-3187318532-2637875445-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-3698114078-3187318532-2637875445-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe (TOSHIBA Corporation.)
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TOSHIBA Face Recognition] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Act! Preloader] C:\Program Files (x86)\ACT\Act for Windows\ActSage.exe (Sage Software, Inc.)
O4 - HKLM..\Run: [Act.Outlook.Service] C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook.Service.exe (Sage Software, Inc.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe (Toshiba)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [ToshibaAppPlace] C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe (Toshiba)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TSleepSrv] C:\Program Files (x86)\Toshiba\TOSHIBA Sleep Utility\TSleepSrv.exe (TOSHIBA)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BUFFALO NAS Navigator2.lnk = C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe (BUFFALO INC.)
O4 - Startup: C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NAS Scheduler.lnk = C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe (BUFFALO INC.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-3698114078-3187318532-2637875445-1000\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O9 - Extra Button: @C:\windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3698114078-3187318532-2637875445-1000\..Trusted Domains: sagenorthamerica.com ([customers] https in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0DF71199-81F0-4677-8F61-0E8F1650B2FE}: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{47D494E9-2091-40A0-A646-3445BF0CF09E}: DhcpNameServer = 192.168.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{97AC5ECE-6469-4A87-8DB5-895F53418260}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2c4c865d-1502-11e1-9156-b870f4be643c}\Shell - "" = AutoRun
O33 - MountPoints2\{2c4c865d-1502-11e1-9156-b870f4be643c}\Shell\AutoRun\command - "" = F:\EasySuite.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/09/13 18:20:48 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10level9.dll
[2012/09/13 18:20:48 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\netio.sys
[2012/09/13 18:20:48 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\FWPKCLNT.SYS
[2012/09/13 18:20:48 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\rndismpx.sys
[2012/09/13 18:20:48 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\RNDISMP.sys
[2012/09/11 08:32:10 | 000,693,235 | ---- | C] (Farbar) -- C:\Users\A\Desktop\FSS.exe
[2012/09/11 08:22:55 | 000,000,000 | ---D | C] -- C:\windows\temp
[2012/09/11 08:21:19 | 000,000,000 | ---D | C] -- C:\windows\SoftwareDistribution
[2012/09/11 08:09:12 | 000,000,000 | ---D | C] -- C:\RegBackup
[2012/09/11 07:57:57 | 000,000,000 | ---D | C] -- C:\Users\A\Documents\GT-Tech
[2012/09/08 00:57:43 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/09/08 00:57:19 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\A\Desktop\OTL.exe
[2012/09/07 08:13:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Apps Sync
[2012/09/05 14:01:16 | 000,181,064 | ---- | C] (Sysinternals) -- C:\windows\PSEXESVC.EXE
[2012/09/05 14:01:11 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\subinacl.exe
[2012/09/05 13:45:35 | 000,000,000 | ---D | C] -- C:\Tweaking.com_Windows_Repair_Logs
[2012/09/05 13:45:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2012/09/05 13:45:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tweaking.com
[2012/09/05 03:02:13 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2012/09/05 03:02:12 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2012/09/05 03:02:12 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2012/09/05 03:02:12 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2012/09/05 03:02:12 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2012/09/05 03:02:11 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2012/09/05 03:02:11 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2012/09/05 03:02:11 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2012/09/05 03:02:11 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2012/09/05 03:02:11 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2012/09/05 03:02:11 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2012/09/05 03:02:10 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2012/09/05 03:02:10 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2012/09/04 22:10:06 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srcore.dll
[2012/09/04 22:10:01 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll
[2012/09/04 22:10:01 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32spl.dll
[2012/09/04 22:10:01 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\splwow64.exe
[2012/09/04 22:09:47 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netapi32.dll
[2012/09/04 22:09:47 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\browcli.dll
[2012/09/04 22:09:47 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\browcli.dll
[2012/09/04 22:09:30 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localspl.dll
[2012/09/04 21:46:51 | 000,000,000 | ---D | C] -- C:\Users\Public\Desktop\CC Support
[2012/09/04 08:27:36 | 000,000,000 | ---D | C] -- C:\Users\A\Desktop\RK_Quarantine
[2012/08/30 02:27:15 | 000,000,000 | ---D | C] -- C:\FRST
[2012/08/29 22:12:15 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/08/28 10:20:15 | 000,000,000 | ---D | C] -- C:\Users\A\AppData\Local\{AE2A952C-3585-4DDF-B231-28FBF95CBFB9}
[2012/08/27 19:26:08 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.69392835565CCA1A
[2012/08/27 19:22:56 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.1EECBA2799552935
[2012/08/27 19:13:43 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.9E29FCA1DC23C527
[2012/08/27 19:10:39 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.6BBE8A9D50016F6C
[2012/08/27 18:58:21 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.1D20D55258697088
[2012/08/27 18:54:54 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.D2572B6840421C42
[2012/08/27 18:51:50 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.0B553932B6A5B2D8
[2012/08/27 18:39:14 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.18A4B8C3421E4888
[2012/08/27 18:36:10 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.9A262E1D8E227D5D
[2012/08/27 18:26:59 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.BB3F9B495DFB2ABC
[2012/08/27 18:23:33 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.82F482C2A89FA5B4
[2012/08/27 18:17:06 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.7DDC24E20A9F023C
[2012/08/27 18:14:03 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.F1B5ED1E93CA0949
[2012/08/27 17:13:43 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.0299C3CA1BBE3CDC
[2012/08/27 16:54:38 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.9360E5CC7ED5733F
[2012/08/27 16:51:35 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.1F45FBBDFC8374F7
[2012/08/27 16:23:48 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.52345588DE7A9EFE
[2012/08/27 16:20:42 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.28AEC47ADB4C8F4D
[2012/08/27 16:11:27 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.DA2054E67E3D7D7F
[2012/08/27 16:08:22 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.92E62C29B9380C15
[2012/08/27 16:02:14 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.A462F3A0FABE2EAC
[2012/08/27 15:34:44 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/08/20 11:05:12 | 000,000,000 | ---D | C] -- C:\Users\A\AppData\Local\{7CA147FB-B26F-4750-9439-D249947B6F10}
[2011/12/05 22:03:27 | 011,104,216 | ---- | C] (Sage Software ) -- C:\Users\A\AppData\Roaming\ACT2012HotFix_SS.exe

========== Files - Modified Within 30 Days ==========

[2012/09/17 21:16:02 | 000,000,888 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/17 21:16:00 | 000,822,644 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/09/17 21:16:00 | 000,692,534 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/09/17 21:16:00 | 000,132,388 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/09/17 21:16:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/17 21:12:52 | 000,030,288 | ---- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/17 21:12:52 | 000,030,288 | ---- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/17 21:07:40 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/09/17 21:07:35 | 2129,149,951 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/17 15:43:28 | 000,089,882 | ---- | M] () -- C:\Users\A\Desktop\Draft.jpg
[2012/09/17 13:57:27 | 000,007,609 | ---- | M] () -- C:\Users\A\AppData\Local\Resmon.ResmonCfg
[2012/09/15 08:29:58 | 016,727,071 | ---- | M] () -- C:\Users\A\Desktop\CCI09152012_00003.jpg
[2012/09/15 08:28:02 | 071,735,314 | ---- | M] () -- C:\Users\A\Desktop\CCI09152012_00002.jpg
[2012/09/15 08:23:45 | 019,837,654 | ---- | M] () -- C:\Users\A\Desktop\CCI09152012_00001.jpg
[2012/09/15 08:21:09 | 016,811,103 | ---- | M] () -- C:\Users\A\Desktop\CCI09152012_00000.jpg
[2012/09/11 08:23:24 | 000,465,176 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/09/11 08:21:28 | 000,181,064 | ---- | M] (Sysinternals) -- C:\windows\PSEXESVC.EXE
[2012/09/11 08:20:10 | 000,000,855 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2012/09/11 08:19:33 | 000,822,644 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/09/11 08:09:39 | 000,000,207 | ---- | M] () -- C:\windows\tweaking.com-regbackup-A-QOSMIO-Microsoft-Windows-7-Professional-(64-bit).dat
[2012/09/05 14:40:03 | 000,001,148 | ---- | M] () -- C:\Users\A\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2012/09/05 14:09:57 | 000,000,855 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts_bak_149
[2012/09/05 13:45:29 | 000,002,302 | ---- | M] () -- C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2012/09/04 21:45:54 | 004,009,167 | ---- | M] () -- C:\Users\A\Desktop\ServicesRepair.exe
[2012/09/04 19:10:32 | 000,693,235 | ---- | M] (Farbar) -- C:\Users\A\Desktop\FSS.exe
[2012/09/04 08:16:36 | 001,378,816 | ---- | M] () -- C:\Users\A\Desktop\RogueKiller.exe
[2012/08/29 22:13:41 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\services.exe
[2012/08/29 10:28:25 | 000,021,261 | ---- | M] () -- C:\Users\A\Documents\Longboard instructions.odt
[2012/08/27 20:02:38 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\A\Desktop\OTL.exe
[2012/08/27 19:26:08 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.69392835565CCA1A
[2012/08/27 19:22:56 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.1EECBA2799552935
[2012/08/27 19:13:43 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.9E29FCA1DC23C527
[2012/08/27 19:10:39 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.6BBE8A9D50016F6C
[2012/08/27 18:58:21 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.1D20D55258697088
[2012/08/27 18:54:54 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.D2572B6840421C42
[2012/08/27 18:51:50 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.0B553932B6A5B2D8
[2012/08/27 18:39:14 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.18A4B8C3421E4888
[2012/08/27 18:36:10 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.9A262E1D8E227D5D
[2012/08/27 18:26:59 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.BB3F9B495DFB2ABC
[2012/08/27 18:23:33 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.82F482C2A89FA5B4
[2012/08/27 18:17:06 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.7DDC24E20A9F023C
[2012/08/27 18:14:03 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.F1B5ED1E93CA0949
[2012/08/27 17:13:43 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.0299C3CA1BBE3CDC
[2012/08/27 16:54:38 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.9360E5CC7ED5733F
[2012/08/27 16:51:35 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.1F45FBBDFC8374F7
[2012/08/27 16:23:48 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.52345588DE7A9EFE
[2012/08/27 16:20:42 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.28AEC47ADB4C8F4D
[2012/08/27 16:11:27 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.DA2054E67E3D7D7F
[2012/08/27 16:08:22 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.92E62C29B9380C15
[2012/08/27 16:02:14 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\services.exe.A462F3A0FABE2EAC
[2012/08/22 14:12:40 | 000,376,688 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\netio.sys
[2012/08/22 14:12:33 | 000,288,624 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\FWPKCLNT.SYS
[2012/08/21 14:42:17 | 000,337,944 | ---- | M] () -- C:\Users\A\Desktop\third-party-drive-kit_rev10-ajax-web-large.jpg
[2012/08/21 14:20:01 | 001,502,126 | ---- | M] () -- C:\Users\A\Desktop\L010739 - Estun EML 180mm.pdf

========== Files Created - No Company Name ==========

[2012/09/17 15:43:28 | 000,089,882 | ---- | C] () -- C:\Users\A\Desktop\Draft.jpg
[2012/09/15 08:34:07 | 071,735,314 | ---- | C] () -- C:\Users\A\Desktop\CCI09152012_00002.jpg
[2012/09/15 08:34:07 | 016,727,071 | ---- | C] () -- C:\Users\A\Desktop\CCI09152012_00003.jpg
[2012/09/15 08:25:30 | 019,837,654 | ---- | C] () -- C:\Users\A\Desktop\CCI09152012_00001.jpg
[2012/09/15 08:25:30 | 016,811,103 | ---- | C] () -- C:\Users\A\Desktop\CCI09152012_00000.jpg
[2012/09/11 08:09:39 | 000,000,207 | ---- | C] () -- C:\windows\tweaking.com-regbackup-A-QOSMIO-Microsoft-Windows-7-Professional-(64-bit).dat
[2012/09/05 14:08:26 | 000,303,616 | ---- | C] ( ) -- C:\SetACL.exe
[2012/09/05 13:45:29 | 000,002,302 | ---- | C] () -- C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2012/09/04 21:46:38 | 004,009,167 | ---- | C] () -- C:\Users\A\Desktop\ServicesRepair.exe
[2012/09/04 08:18:05 | 001,378,816 | ---- | C] () -- C:\Users\A\Desktop\RogueKiller.exe
[2012/08/29 10:28:23 | 000,021,261 | ---- | C] () -- C:\Users\A\Documents\Longboard instructions.odt
[2012/08/27 15:38:35 | 000,001,926 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/08/21 14:50:25 | 000,337,944 | ---- | C] () -- C:\Users\A\Desktop\third-party-drive-kit_rev10-ajax-web-large.jpg
[2012/08/21 14:20:01 | 001,502,126 | ---- | C] () -- C:\Users\A\Desktop\L010739 - Estun EML 180mm.pdf
[2012/07/03 09:32:44 | 000,036,394 | ---- | C] () -- C:\Users\A\AppData\Roaming\Comma Separated Values (Windows).ADR
[2012/04/20 08:49:16 | 000,060,304 | ---- | C] () -- C:\Users\A\g2mdlhlpx.exe
[2012/04/19 09:06:20 | 000,000,000 | ---- | C] () -- C:\windows\ABC_mru.ini
[2012/04/11 09:41:54 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2012/01/23 18:14:54 | 000,007,609 | ---- | C] () -- C:\Users\A\AppData\Local\Resmon.ResmonCfg
[2011/12/14 15:04:47 | 000,103,784 | ---- | C] () -- C:\Users\A\GoToAssistDownloadHelper.exe
[2011/12/02 09:24:40 | 000,822,644 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011/12/01 13:40:01 | 000,000,126 | ---- | C] () -- C:\windows\QUICKEN.INI
[2011/12/01 08:56:04 | 000,000,376 | ---- | C] () -- C:\windows\ODBC.INI
[2011/11/26 10:32:00 | 000,000,255 | ---- | C] () -- C:\windows\Brpfx04a.ini
[2011/11/26 10:32:00 | 000,000,094 | ---- | C] () -- C:\windows\brpcfx.ini
[2011/11/26 10:31:50 | 000,000,426 | ---- | C] () -- C:\windows\BRWMARK.INI
[2011/11/26 10:31:50 | 000,000,034 | ---- | C] () -- C:\windows\SysWow64\BD8460N.DAT
[2011/11/26 10:30:57 | 000,106,496 | ---- | C] () -- C:\windows\SysWow64\BrMuSNMP.dll
[2011/11/26 10:30:57 | 000,000,066 | ---- | C] () -- C:\windows\Brfaxrx.ini
[2011/11/26 10:30:57 | 000,000,000 | ---- | C] () -- C:\windows\brdfxspd.dat
[2011/11/26 10:30:56 | 000,045,056 | ---- | C] () -- C:\windows\SysWow64\BRTCPCON.DLL
[2011/11/26 10:30:55 | 000,000,114 | ---- | C] () -- C:\windows\SysWow64\BRLMW03A.INI
[2011/08/18 01:42:42 | 000,266,327 | ---- | C] () -- C:\windows\SysWow64\ADErrorHandling.dll
[2011/02/03 22:56:58 | 000,066,856 | ---- | C] () -- C:\windows\SysWow64\SynTPEnhPS.dll
[2010/11/09 15:09:58 | 000,028,672 | ---- | C] () -- C:\windows\SysWow64\SPCtl.dll

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2010/11/20 23:23:51 | 000,383,786 | RHS- | M] () -- C:\bootmgr
[2011/05/13 17:50:09 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012/09/17 21:07:35 | 2129,149,951 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/17 21:07:37 | 4270,522,367 | -HS- | M] () -- C:\pagefile.sys
[2008/05/08 01:03:22 | 000,303,616 | ---- | M] ( ) -- C:\SetACL.exe
[2004/06/11 19:33:28 | 000,290,304 | ---- | M] (Microsoft Corporation) -- C:\subinacl.exe
[2012/08/29 09:03:29 | 000,146,712 | ---- | M] () -- C:\TDSSKiller.2.8.8.0_29.08.2012_08.58.51_log.txt
[2012/08/29 22:13:06 | 000,147,800 | ---- | M] () -- C:\TDSSKiller.2.8.8.0_29.08.2012_22.11.02_log.txt
[2012/08/29 22:17:26 | 000,146,068 | ---- | M] () -- C:\TDSSKiller.2.8.8.0_29.08.2012_22.14.20_log.txt

< %systemdrive%\drivers\*.exe >

< %systemroot%\system32\drivers\*.* /90 >

< %PROGRAMFILES%\*.* >
[2009/07/14 00:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< MD5 for: EXPLORER.EXE >
[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 02:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 23:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 23:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2011/03/01 04:10:51 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=635455A95EB8EC47AC72142E501465ED -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.21671_none_14271b75353e4391\svchost.exe
[2011/03/01 04:07:49 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=6F68F63794097E54F36474ED4384B759 -- C:\windows\SysNative\svchost.exe
[2011/03/01 04:07:49 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=6F68F63794097E54F36474ED4384B759 -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.17568_none_13af509c1c123937\svchost.exe
[2011/03/01 04:07:49 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=A91A288C91F9D9F1CFA4FAA9893C4D55 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.21671_none_b8087ff17ce0d25b\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
[2011/03/01 04:05:31 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=ECDB182F885292145826C58252B53000 -- C:\Windows\SysWOW64\svchost.exe
[2011/03/01 04:05:31 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=ECDB182F885292145826C58252B53000 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.17568_none_b790b51863b4c801\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 23:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 23:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 23:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010/11/20 23:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 23:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe
[2010/11/20 23:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< %systemdrive%\$Recycle.Bin|@;true;true;true >

< HKLM\SOFTWARE\CLIENTS\Startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/06/14 12:31:20 | 000,866,992 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/06/14 12:31:20 | 000,866,992 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/06/14 12:31:20 | 000,866,992 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2012/06/14 12:31:21 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2012/06/14 12:31:21 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2012/06/14 12:31:21 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/11/23 10:00:15 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/11/23 10:00:15 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/11/23 10:00:15 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2012/06/28 21:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2012/06/28 21:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation)

< HKLM\SOFTWARE\CLIENTS\Startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2012/06/14 12:31:20 | 000,866,992 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2012/06/14 12:31:20 | 000,866,992 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2012/06/14 12:31:20 | 000,866,992 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE [2012/06/14 12:31:21 | 000,924,600 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2012/06/14 12:31:21 | 000,924,600 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2012/06/14 12:31:21 | 000,924,600 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011/11/23 10:00:15 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011/11/23 10:00:15 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011/11/23 10:00:15 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2012/06/28 21:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2012/06/28 21:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation)

< End of report >
  • 0

Advertisements

#47
WhiteHat
Posted 17 September 2012 - 10:04 PM

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
Download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • Get the report by selecting Reports

    Posted Image


A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
  • 0

#48
AnthonyOhio
Posted 18 September 2012 - 06:13 AM

AnthonyOhio

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Good Morning WhiteHat,

Here are the results:

08:04:14.0050 2228 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
08:04:14.0378 2228 ============================================================
08:04:14.0378 2228 Current date / time: 2012/09/18 08:04:14.0378
08:04:14.0378 2228 SystemInfo:
08:04:14.0378 2228
08:04:14.0378 2228 OS Version: 6.1.7601 ServicePack: 1.0
08:04:14.0378 2228 Product type: Workstation
08:04:14.0378 2228 ComputerName: A-QOSMIO
08:04:14.0378 2228 UserName: A
08:04:14.0378 2228 Windows directory: C:\windows
08:04:14.0378 2228 System windows directory: C:\windows
08:04:14.0378 2228 Running under WOW64
08:04:14.0378 2228 Processor architecture: Intel x64
08:04:14.0378 2228 Number of processors: 8
08:04:14.0378 2228 Page size: 0x1000
08:04:14.0378 2228 Boot type: Normal boot
08:04:14.0378 2228 ============================================================
08:04:14.0784 2228 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:04:15.0127 2228 Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:04:15.0127 2228 Drive \Device\Harddisk2\DR2 - Size: 0x1E6C60000 (7.61 Gb), SectorSize: 0x200, Cylinders: 0x3E0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:04:15.0142 2228 ============================================================
08:04:15.0142 2228 \Device\Harddisk0\DR0:
08:04:15.0142 2228 MBR partitions:
08:04:15.0142 2228 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38469000
08:04:15.0142 2228 \Device\Harddisk1\DR1:
08:04:15.0142 2228 MBR partitions:
08:04:15.0142 2228 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x1000, BlocksNum 0x57545000
08:04:15.0142 2228 \Device\Harddisk2\DR2:
08:04:15.0142 2228 MBR partitions:
08:04:15.0142 2228 \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x2D78, BlocksNum 0xF33588
08:04:15.0142 2228 ============================================================
08:04:15.0158 2228 C: <-> \Device\Harddisk0\DR0\Partition1
08:04:15.0189 2228 D: <-> \Device\Harddisk1\DR1\Partition1
08:04:15.0189 2228 ============================================================
08:04:15.0189 2228 Initialize success
08:04:15.0189 2228 ============================================================
08:06:57.0320 4524 ============================================================
08:06:57.0320 4524 Scan started
08:06:57.0320 4524 Mode: Manual; SigCheck; TDLFS;
08:06:57.0320 4524 ============================================================
08:06:57.0508 4524 ================ Scan system memory ========================
08:06:57.0508 4524 System memory - ok
08:06:57.0508 4524 ================ Scan services =============================
08:06:57.0695 4524 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
08:06:57.0773 4524 1394ohci - ok
08:06:57.0788 4524 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
08:06:57.0804 4524 ACPI - ok
08:06:57.0835 4524 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
08:06:57.0882 4524 AcpiPmi - ok
08:06:57.0960 4524 [ 861D18775087A286F53ADE05D0F31396 ] ActService C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe
08:06:57.0991 4524 ActService ( UnsignedFile.Multi.Generic ) - warning
08:06:57.0991 4524 ActService - detected UnsignedFile.Multi.Generic (1)
08:06:58.0022 4524 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:06:58.0038 4524 AdobeARMservice - ok
08:06:58.0069 4524 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
08:06:58.0085 4524 adp94xx - ok
08:06:58.0100 4524 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
08:06:58.0116 4524 adpahci - ok
08:06:58.0132 4524 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
08:06:58.0132 4524 adpu320 - ok
08:06:58.0147 4524 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
08:06:58.0272 4524 AeLookupSvc - ok
08:06:58.0303 4524 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
08:06:58.0334 4524 AFD - ok
08:06:58.0366 4524 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
08:06:58.0366 4524 agp440 - ok
08:06:58.0381 4524 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
08:06:58.0397 4524 ALG - ok
08:06:58.0412 4524 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
08:06:58.0412 4524 aliide - ok
08:06:58.0444 4524 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
08:06:58.0444 4524 amdide - ok
08:06:58.0459 4524 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
08:06:58.0475 4524 AmdK8 - ok
08:06:58.0506 4524 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
08:06:58.0537 4524 AmdPPM - ok
08:06:58.0568 4524 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
08:06:58.0584 4524 amdsata - ok
08:06:58.0615 4524 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
08:06:58.0631 4524 amdsbs - ok
08:06:58.0631 4524 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
08:06:58.0646 4524 amdxata - ok
08:06:58.0662 4524 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
08:06:58.0849 4524 AppID - ok
08:06:58.0849 4524 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
08:06:58.0912 4524 AppIDSvc - ok
08:06:58.0912 4524 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
08:06:58.0990 4524 Appinfo - ok
08:06:59.0052 4524 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\windows\System32\appmgmts.dll
08:06:59.0068 4524 AppMgmt - ok
08:06:59.0099 4524 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
08:06:59.0099 4524 arc - ok
08:06:59.0114 4524 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
08:06:59.0130 4524 arcsas - ok
08:06:59.0130 4524 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
08:06:59.0177 4524 AsyncMac - ok
08:06:59.0192 4524 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
08:06:59.0192 4524 atapi - ok
08:06:59.0255 4524 [ B2931C83CFB12A3223A47B180473AE1A ] athr C:\windows\system32\DRIVERS\athrx.sys
08:06:59.0333 4524 athr - ok
08:06:59.0348 4524 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
08:06:59.0395 4524 AudioEndpointBuilder - ok
08:06:59.0411 4524 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
08:06:59.0442 4524 AudioSrv - ok
08:06:59.0442 4524 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
08:06:59.0536 4524 AxInstSV - ok
08:06:59.0567 4524 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
08:06:59.0598 4524 b06bdrv - ok
08:06:59.0629 4524 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
08:06:59.0660 4524 b57nd60a - ok
08:06:59.0676 4524 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
08:06:59.0692 4524 BDESVC - ok
08:06:59.0692 4524 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
08:06:59.0754 4524 Beep - ok
08:06:59.0832 4524 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
08:06:59.0863 4524 BFE - ok
08:06:59.0910 4524 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
08:06:59.0972 4524 BITS - ok
08:06:59.0972 4524 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\drivers\blbdrive.sys
08:06:59.0988 4524 blbdrive - ok
08:06:59.0988 4524 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
08:07:00.0019 4524 bowser - ok
08:07:00.0050 4524 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
08:07:00.0082 4524 BrFiltLo - ok
08:07:00.0082 4524 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
08:07:00.0097 4524 BrFiltUp - ok
08:07:00.0128 4524 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
08:07:00.0144 4524 Browser - ok
08:07:00.0160 4524 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
08:07:00.0191 4524 Brserid - ok
08:07:00.0206 4524 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
08:07:00.0253 4524 BrSerWdm - ok
08:07:00.0253 4524 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
08:07:00.0269 4524 BrUsbMdm - ok
08:07:00.0284 4524 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
08:07:00.0300 4524 BrUsbSer - ok
08:07:00.0331 4524 [ 2347ABBD13BADA65826FDAB4CAAFE357 ] BtFilter C:\windows\system32\DRIVERS\btfilter.sys
08:07:00.0347 4524 BtFilter - ok
08:07:00.0347 4524 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
08:07:00.0362 4524 BTHMODEM - ok
08:07:00.0362 4524 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
08:07:00.0409 4524 bthserv - ok
08:07:00.0440 4524 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
08:07:00.0472 4524 cdfs - ok
08:07:00.0487 4524 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
08:07:00.0503 4524 cdrom - ok
08:07:00.0534 4524 [ A965B206921C55F2D1481789D609B711 ] CeKbFilter C:\windows\system32\DRIVERS\CeKbFilter.sys
08:07:00.0534 4524 CeKbFilter - ok
08:07:00.0550 4524 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
08:07:00.0596 4524 CertPropSvc - ok
08:07:00.0596 4524 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
08:07:00.0612 4524 circlass - ok
08:07:00.0643 4524 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
08:07:00.0659 4524 CLFS - ok
08:07:00.0674 4524 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:07:00.0690 4524 clr_optimization_v2.0.50727_32 - ok
08:07:00.0706 4524 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:07:00.0721 4524 clr_optimization_v2.0.50727_64 - ok
08:07:00.0752 4524 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:07:00.0768 4524 clr_optimization_v4.0.30319_32 - ok
08:07:00.0784 4524 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:07:00.0784 4524 clr_optimization_v4.0.30319_64 - ok
08:07:00.0784 4524 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\drivers\CmBatt.sys
08:07:00.0815 4524 CmBatt - ok
08:07:00.0846 4524 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
08:07:00.0846 4524 cmdide - ok
08:07:00.0862 4524 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
08:07:00.0893 4524 CNG - ok
08:07:00.0924 4524 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
08:07:00.0924 4524 Compbatt - ok
08:07:00.0924 4524 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
08:07:00.0955 4524 CompositeBus - ok
08:07:00.0971 4524 COMSysApp - ok
08:07:00.0971 4524 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
08:07:00.0971 4524 crcdisk - ok
08:07:01.0002 4524 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\windows\system32\cryptsvc.dll
08:07:01.0018 4524 CryptSvc - ok
08:07:01.0064 4524 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\windows\system32\drivers\csc.sys
08:07:01.0096 4524 CSC - ok
08:07:01.0142 4524 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\windows\System32\cscsvc.dll
08:07:01.0189 4524 CscService - ok
08:07:01.0205 4524 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
08:07:01.0236 4524 DcomLaunch - ok
08:07:01.0252 4524 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
08:07:01.0283 4524 defragsvc - ok
08:07:01.0283 4524 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
08:07:01.0330 4524 DfsC - ok
08:07:01.0345 4524 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
08:07:01.0408 4524 Dhcp - ok
08:07:01.0408 4524 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
08:07:01.0439 4524 discache - ok
08:07:01.0439 4524 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
08:07:01.0454 4524 Disk - ok
08:07:01.0454 4524 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
08:07:01.0470 4524 Dnscache - ok
08:07:01.0501 4524 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
08:07:01.0517 4524 dot3svc - ok
08:07:01.0532 4524 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
08:07:01.0564 4524 DPS - ok
08:07:01.0564 4524 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
08:07:01.0610 4524 drmkaud - ok
08:07:01.0642 4524 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
08:07:01.0657 4524 DXGKrnl - ok
08:07:01.0673 4524 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
08:07:01.0704 4524 EapHost - ok
08:07:01.0766 4524 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
08:07:01.0860 4524 ebdrv - ok
08:07:01.0860 4524 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
08:07:01.0891 4524 EFS - ok
08:07:01.0922 4524 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
08:07:01.0969 4524 ehRecvr - ok
08:07:01.0969 4524 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
08:07:01.0985 4524 ehSched - ok
08:07:02.0000 4524 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
08:07:02.0016 4524 elxstor - ok
08:07:02.0016 4524 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
08:07:02.0047 4524 ErrDev - ok
08:07:02.0063 4524 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
08:07:02.0094 4524 EventSystem - ok
08:07:02.0125 4524 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
08:07:02.0156 4524 exfat - ok
08:07:02.0156 4524 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
08:07:02.0188 4524 fastfat - ok
08:07:02.0219 4524 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
08:07:02.0250 4524 Fax - ok
08:07:02.0250 4524 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
08:07:02.0281 4524 fdc - ok
08:07:02.0281 4524 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
08:07:02.0312 4524 fdPHost - ok
08:07:02.0312 4524 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
08:07:02.0344 4524 FDResPub - ok
08:07:02.0344 4524 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
08:07:02.0359 4524 FileInfo - ok
08:07:02.0359 4524 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
08:07:02.0422 4524 Filetrace - ok
08:07:02.0422 4524 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
08:07:02.0422 4524 flpydisk - ok
08:07:02.0437 4524 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
08:07:02.0453 4524 FltMgr - ok
08:07:02.0484 4524 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
08:07:02.0515 4524 FontCache - ok
08:07:02.0515 4524 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:07:02.0515 4524 FontCache3.0.0.0 - ok
08:07:02.0531 4524 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
08:07:02.0546 4524 FsDepends - ok
08:07:02.0546 4524 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
08:07:02.0546 4524 Fs_Rec - ok
08:07:02.0562 4524 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
08:07:02.0578 4524 fvevol - ok
08:07:02.0578 4524 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
08:07:02.0578 4524 gagp30kx - ok
08:07:02.0640 4524 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
08:07:02.0640 4524 GamesAppService - ok
08:07:02.0671 4524 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
08:07:02.0702 4524 gpsvc - ok
08:07:02.0749 4524 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:07:02.0749 4524 gupdate - ok
08:07:02.0749 4524 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:07:02.0765 4524 gupdatem - ok
08:07:02.0765 4524 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
08:07:02.0796 4524 hcw85cir - ok
08:07:02.0827 4524 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
08:07:02.0858 4524 HdAudAddService - ok
08:07:02.0858 4524 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
08:07:02.0890 4524 HDAudBus - ok
08:07:02.0905 4524 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
08:07:02.0921 4524 HidBatt - ok
08:07:02.0921 4524 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
08:07:02.0952 4524 HidBth - ok
08:07:02.0952 4524 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
08:07:02.0968 4524 HidIr - ok
08:07:02.0968 4524 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
08:07:03.0030 4524 hidserv - ok
08:07:03.0030 4524 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
08:07:03.0046 4524 HidUsb - ok
08:07:03.0046 4524 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
08:07:03.0108 4524 hkmsvc - ok
08:07:03.0124 4524 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
08:07:03.0139 4524 HomeGroupListener - ok
08:07:03.0139 4524 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
08:07:03.0155 4524 HomeGroupProvider - ok
08:07:03.0170 4524 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
08:07:03.0170 4524 HpSAMD - ok
08:07:03.0202 4524 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
08:07:03.0264 4524 HTTP - ok
08:07:03.0264 4524 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
08:07:03.0264 4524 hwpolicy - ok
08:07:03.0311 4524 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
08:07:03.0311 4524 i8042prt - ok
08:07:03.0326 4524 [ D469B77687E12FE43E344806740B624D ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
08:07:03.0342 4524 iaStor - ok
08:07:03.0358 4524 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
08:07:03.0373 4524 iaStorV - ok
08:07:03.0420 4524 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
08:07:03.0451 4524 IDriverT ( UnsignedFile.Multi.Generic ) - warning
08:07:03.0451 4524 IDriverT - detected UnsignedFile.Multi.Generic (1)
08:07:03.0482 4524 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:07:03.0498 4524 idsvc - ok
08:07:03.0514 4524 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
08:07:03.0514 4524 iirsp - ok
08:07:03.0560 4524 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
08:07:03.0623 4524 IKEEXT - ok
08:07:03.0670 4524 [ A1FA448078C94E4D011EBD241821FF9E ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
08:07:03.0716 4524 IntcAzAudAddService - ok
08:07:03.0732 4524 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
08:07:03.0748 4524 intelide - ok
08:07:03.0748 4524 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
08:07:03.0779 4524 intelppm - ok
08:07:03.0810 4524 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
08:07:03.0857 4524 IPBusEnum - ok
08:07:03.0857 4524 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
08:07:03.0888 4524 IpFilterDriver - ok
08:07:03.0919 4524 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
08:07:03.0966 4524 iphlpsvc - ok
08:07:03.0966 4524 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
08:07:04.0013 4524 IPMIDRV - ok
08:07:04.0013 4524 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
08:07:04.0044 4524 IPNAT - ok
08:07:04.0044 4524 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
08:07:04.0060 4524 IRENUM - ok
08:07:04.0060 4524 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
08:07:04.0075 4524 isapnp - ok
08:07:04.0091 4524 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
08:07:04.0106 4524 iScsiPrt - ok
08:07:04.0106 4524 [ F415A88162D23977B5EDAE4F0410E903 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
08:07:04.0122 4524 IviRegMgr - ok
08:07:04.0122 4524 [ 935301DD8306CEEAEF0B84DD6ABFFDC6 ] JMCR C:\windows\system32\DRIVERS\jmcr.sys
08:07:04.0138 4524 JMCR - ok
08:07:04.0138 4524 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
08:07:04.0138 4524 kbdclass - ok
08:07:04.0153 4524 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
08:07:04.0184 4524 kbdhid - ok
08:07:04.0184 4524 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
08:07:04.0184 4524 KeyIso - ok
08:07:04.0200 4524 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
08:07:04.0200 4524 KSecDD - ok
08:07:04.0216 4524 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
08:07:04.0216 4524 KSecPkg - ok
08:07:04.0216 4524 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
08:07:04.0247 4524 ksthunk - ok
08:07:04.0278 4524 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
08:07:04.0309 4524 KtmRm - ok
08:07:04.0309 4524 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
08:07:04.0356 4524 LanmanServer - ok
08:07:04.0372 4524 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
08:07:04.0387 4524 LanmanWorkstation - ok
08:07:04.0403 4524 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
08:07:04.0450 4524 lltdio - ok
08:07:04.0465 4524 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
08:07:04.0528 4524 lltdsvc - ok
08:07:04.0528 4524 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
08:07:04.0559 4524 lmhosts - ok
08:07:04.0559 4524 [ 50C7CE53EF461870410355F1F2E7D515 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
08:07:04.0574 4524 LMS - ok
08:07:04.0574 4524 [ 2825A71E7501CB33B3B9F856610C729D ] LPCFilter C:\windows\system32\DRIVERS\LPCFilter.sys
08:07:04.0590 4524 LPCFilter - ok
08:07:04.0606 4524 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
08:07:04.0621 4524 LSI_FC - ok
08:07:04.0621 4524 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
08:07:04.0637 4524 LSI_SAS - ok
08:07:04.0637 4524 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
08:07:04.0637 4524 LSI_SAS2 - ok
08:07:04.0637 4524 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
08:07:04.0652 4524 LSI_SCSI - ok
08:07:04.0652 4524 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
08:07:04.0699 4524 luafv - ok
08:07:04.0730 4524 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
08:07:04.0746 4524 Mcx2Svc - ok
08:07:04.0746 4524 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
08:07:04.0762 4524 MDM - ok
08:07:04.0793 4524 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
08:07:04.0808 4524 megasas - ok
08:07:04.0808 4524 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
08:07:04.0824 4524 MegaSR - ok
08:07:04.0824 4524 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
08:07:04.0840 4524 MEIx64 - ok
08:07:04.0840 4524 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
08:07:04.0886 4524 MMCSS - ok
08:07:04.0886 4524 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
08:07:04.0918 4524 Modem - ok
08:07:04.0918 4524 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
08:07:04.0933 4524 monitor - ok
08:07:04.0949 4524 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
08:07:04.0949 4524 mouclass - ok
08:07:04.0949 4524 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
08:07:04.0964 4524 mouhid - ok
08:07:04.0964 4524 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
08:07:04.0980 4524 mountmgr - ok
08:07:05.0011 4524 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:07:05.0027 4524 MozillaMaintenance - ok
08:07:05.0027 4524 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys
08:07:05.0042 4524 MpFilter - ok
08:07:05.0058 4524 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
08:07:05.0074 4524 mpio - ok
08:07:05.0074 4524 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
08:07:05.0105 4524 mpsdrv - ok
08:07:05.0136 4524 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
08:07:05.0167 4524 MpsSvc - ok
08:07:05.0198 4524 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
08:07:05.0245 4524 MRxDAV - ok
08:07:05.0245 4524 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
08:07:05.0261 4524 mrxsmb - ok
08:07:05.0292 4524 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
08:07:05.0308 4524 mrxsmb10 - ok
08:07:05.0323 4524 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
08:07:05.0323 4524 mrxsmb20 - ok
08:07:05.0323 4524 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\DRIVERS\msahci.sys
08:07:05.0339 4524 msahci - ok
08:07:05.0339 4524 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
08:07:05.0354 4524 msdsm - ok
08:07:05.0354 4524 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
08:07:05.0386 4524 MSDTC - ok
08:07:05.0401 4524 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
08:07:05.0417 4524 Msfs - ok
08:07:05.0417 4524 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
08:07:05.0448 4524 mshidkmdf - ok
08:07:05.0448 4524 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
08:07:05.0464 4524 msisadrv - ok
08:07:05.0479 4524 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
08:07:05.0510 4524 MSiSCSI - ok
08:07:05.0510 4524 msiserver - ok
08:07:05.0557 4524 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
08:07:05.0573 4524 MSKSSRV - ok
08:07:05.0620 4524 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
08:07:05.0651 4524 MSPCLOCK - ok
08:07:05.0666 4524 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
08:07:05.0682 4524 MSPQM - ok
08:07:05.0744 4524 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
08:07:05.0760 4524 MsRPC - ok
08:07:05.0760 4524 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
08:07:05.0776 4524 mssmbios - ok
08:07:05.0791 4524 MSSQL$ACT7 - ok
08:07:05.0822 4524 [ 8E8E74C953EB0C4F8828D99D6F27FD6F ] MSSQLServerADHelper100 C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
08:07:05.0822 4524 MSSQLServerADHelper100 - ok
08:07:05.0838 4524 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
08:07:05.0869 4524 MSTEE - ok
08:07:05.0916 4524 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
08:07:05.0916 4524 MTConfig - ok
08:07:05.0916 4524 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
08:07:05.0932 4524 Mup - ok
08:07:05.0947 4524 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
08:07:05.0994 4524 napagent - ok
08:07:06.0041 4524 NasPmService - ok
08:07:06.0056 4524 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
08:07:06.0072 4524 NativeWifiP - ok
08:07:06.0103 4524 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
08:07:06.0134 4524 NDIS - ok
08:07:06.0150 4524 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
08:07:06.0197 4524 NdisCap - ok
08:07:06.0197 4524 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
08:07:06.0212 4524 NdisTapi - ok
08:07:06.0228 4524 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
08:07:06.0244 4524 Ndisuio - ok
08:07:06.0259 4524 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
08:07:06.0290 4524 NdisWan - ok
08:07:06.0290 4524 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
08:07:06.0322 4524 NDProxy - ok
08:07:06.0322 4524 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
08:07:06.0353 4524 NetBIOS - ok
08:07:06.0353 4524 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
08:07:06.0384 4524 NetBT - ok
08:07:06.0400 4524 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
08:07:06.0400 4524 Netlogon - ok
08:07:06.0415 4524 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
08:07:06.0446 4524 Netman - ok
08:07:06.0462 4524 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
08:07:06.0509 4524 netprofm - ok
08:07:06.0524 4524 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:07:06.0524 4524 NetTcpPortSharing - ok
08:07:06.0540 4524 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
08:07:06.0540 4524 nfrd960 - ok
08:07:06.0571 4524 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys
08:07:06.0587 4524 NisDrv - ok
08:07:06.0602 4524 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
08:07:06.0602 4524 NisSrv - ok
08:07:06.0634 4524 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
08:07:06.0680 4524 NlaSvc - ok
08:07:06.0680 4524 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
08:07:06.0712 4524 Npfs - ok
08:07:06.0712 4524 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
08:07:06.0743 4524 nsi - ok
08:07:06.0758 4524 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
08:07:06.0774 4524 nsiproxy - ok
08:07:06.0836 4524 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
08:07:06.0868 4524 Ntfs - ok
08:07:06.0883 4524 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
08:07:06.0899 4524 Null - ok
08:07:06.0914 4524 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\windows\system32\DRIVERS\nusb3hub.sys
08:07:06.0914 4524 nusb3hub - ok
08:07:06.0930 4524 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\windows\system32\DRIVERS\nusb3xhc.sys
08:07:06.0930 4524 nusb3xhc - ok
08:07:06.0946 4524 [ F12E3EA0386EBC284C893611107C6A96 ] NVHDA C:\windows\system32\drivers\nvhda64v.sys
08:07:06.0946 4524 NVHDA - ok
08:07:07.0148 4524 [ 24E1BF08E1FDDBE2398EE38F59274E75 ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
08:07:07.0304 4524 nvlddmkm - ok
08:07:07.0336 4524 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
08:07:07.0351 4524 nvraid - ok
08:07:07.0367 4524 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
08:07:07.0367 4524 nvstor - ok
08:07:07.0382 4524 [ 6099EBAE6545719A601410CB25234746 ] NvStUSB C:\windows\system32\DRIVERS\nvstusb.sys
08:07:07.0382 4524 NvStUSB - ok
08:07:07.0429 4524 [ B2B419D2C55ED6ED560E662BBE7D29F3 ] NVSvc C:\windows\system32\nvvsvc.exe
08:07:07.0460 4524 NVSvc - ok
08:07:07.0476 4524 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
08:07:07.0476 4524 nv_agp - ok
08:07:07.0476 4524 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
08:07:07.0492 4524 ohci1394 - ok
08:07:07.0523 4524 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:07:07.0523 4524 ose - ok
08:07:07.0538 4524 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
08:07:07.0570 4524 p2pimsvc - ok
08:07:07.0601 4524 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
08:07:07.0616 4524 p2psvc - ok
08:07:07.0632 4524 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
08:07:07.0632 4524 Parport - ok
08:07:07.0648 4524 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
08:07:07.0648 4524 partmgr - ok
08:07:07.0663 4524 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
08:07:07.0694 4524 PcaSvc - ok
08:07:07.0710 4524 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
08:07:07.0710 4524 PCCUJobMgr - ok
08:07:07.0741 4524 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
08:07:07.0757 4524 pci - ok
08:07:07.0772 4524 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
08:07:07.0772 4524 pciide - ok
08:07:07.0788 4524 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
08:07:07.0804 4524 pcmcia - ok
08:07:07.0804 4524 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
08:07:07.0819 4524 pcw - ok
08:07:07.0850 4524 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
08:07:07.0882 4524 PEAUTH - ok
08:07:07.0975 4524 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\windows\system32\peerdistsvc.dll
08:07:08.0038 4524 PeerDistSvc - ok
08:07:08.0116 4524 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
08:07:08.0131 4524 PerfHost - ok
08:07:08.0131 4524 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
08:07:08.0147 4524 PGEffect - ok
08:07:08.0178 4524 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
08:07:08.0256 4524 pla - ok
08:07:08.0303 4524 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
08:07:08.0334 4524 PlugPlay - ok
08:07:08.0350 4524 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
08:07:08.0381 4524 PNRPAutoReg - ok
08:07:08.0396 4524 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
08:07:08.0412 4524 PNRPsvc - ok
08:07:08.0428 4524 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
08:07:08.0459 4524 PolicyAgent - ok
08:07:08.0490 4524 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
08:07:08.0552 4524 Power - ok
08:07:08.0599 4524 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
08:07:08.0630 4524 PptpMiniport - ok
08:07:08.0662 4524 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
08:07:08.0662 4524 Processor - ok
08:07:08.0677 4524 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
08:07:08.0708 4524 ProfSvc - ok
08:07:08.0708 4524 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
08:07:08.0724 4524 ProtectedStorage - ok
08:07:08.0724 4524 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
08:07:08.0755 4524 Psched - ok
08:07:08.0771 4524 [ 7712267DBAD69820E0766B17D8F6543E ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
08:07:08.0786 4524 PSI_SVC_2 - ok
08:07:08.0833 4524 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
08:07:08.0864 4524 ql2300 - ok
08:07:08.0880 4524 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
08:07:08.0880 4524 ql40xx - ok
08:07:08.0896 4524 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
08:07:08.0911 4524 QWAVE - ok
08:07:08.0927 4524 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
08:07:08.0927 4524 QWAVEdrv - ok
08:07:08.0958 4524 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\windows\WindowsMobile\rapimgr.dll
08:07:08.0974 4524 RapiMgr - ok
08:07:08.0974 4524 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
08:07:09.0005 4524 RasAcd - ok
08:07:09.0005 4524 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
08:07:09.0036 4524 RasAgileVpn - ok
08:07:09.0052 4524 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
08:07:09.0098 4524 RasAuto - ok
08:07:09.0098 4524 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
08:07:09.0130 4524 Rasl2tp - ok
08:07:09.0176 4524 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
08:07:09.0208 4524 RasMan - ok
08:07:09.0223 4524 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
08:07:09.0239 4524 RasPppoe - ok
08:07:09.0270 4524 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
08:07:09.0286 4524 RasSstp - ok
08:07:09.0301 4524 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
08:07:09.0332 4524 rdbss - ok
08:07:09.0332 4524 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
08:07:09.0364 4524 rdpbus - ok
08:07:09.0364 4524 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
08:07:09.0395 4524 RDPCDD - ok
08:07:09.0410 4524 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\windows\system32\drivers\rdpdr.sys
08:07:09.0426 4524 RDPDR - ok
08:07:09.0426 4524 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
08:07:09.0473 4524 RDPENCDD - ok
08:07:09.0473 4524 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
08:07:09.0504 4524 RDPREFMP - ok
08:07:09.0535 4524 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
08:07:09.0535 4524 RDPWD - ok
08:07:09.0566 4524 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
08:07:09.0566 4524 rdyboost - ok
08:07:09.0582 4524 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi C:\windows\system32\drivers\regi.sys
08:07:09.0582 4524 regi - ok
08:07:09.0582 4524 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
08:07:09.0613 4524 RemoteAccess - ok
08:07:09.0629 4524 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
08:07:09.0660 4524 RemoteRegistry - ok
08:07:09.0691 4524 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\windows\system32\Drivers\RootMdm.sys
08:07:09.0722 4524 ROOTMODEM - ok
08:07:09.0722 4524 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
08:07:09.0769 4524 RpcEptMapper - ok
08:07:09.0769 4524 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
08:07:09.0785 4524 RpcLocator - ok
08:07:09.0800 4524 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
08:07:09.0832 4524 RpcSs - ok
08:07:09.0832 4524 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
08:07:09.0863 4524 rspndr - ok
08:07:09.0910 4524 [ 39A719875F572241C585A629EE62EB14 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
08:07:09.0910 4524 RTL8167 - ok
08:07:09.0941 4524 [ 50BC0E3FF1C61FEA769949AB5355FD2A ] Sage ACT! Scheduler C:\Program Files (x86)\ACT\Act for Windows\Act.Scheduler.exe
08:07:09.0941 4524 Sage ACT! Scheduler ( UnsignedFile.Multi.Generic ) - warning
08:07:09.0941 4524 Sage ACT! Scheduler - detected UnsignedFile.Multi.Generic (1)
08:07:09.0956 4524 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
08:07:09.0956 4524 SamSs - ok
08:07:09.0972 4524 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
08:07:09.0988 4524 sbp2port - ok
08:07:10.0003 4524 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
08:07:10.0034 4524 SCardSvr - ok
08:07:10.0050 4524 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
08:07:10.0097 4524 scfilter - ok
08:07:10.0159 4524 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
08:07:10.0206 4524 Schedule - ok
08:07:10.0268 4524 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
08:07:10.0284 4524 SCPolicySvc - ok
08:07:10.0284 4524 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\windows\system32\DRIVERS\sdbus.sys
08:07:10.0315 4524 sdbus - ok
08:07:10.0315 4524 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
08:07:10.0331 4524 SDRSVC - ok
08:07:10.0346 4524 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
08:07:10.0393 4524 secdrv - ok
08:07:10.0424 4524 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
08:07:10.0440 4524 seclogon - ok
08:07:10.0471 4524 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
08:07:10.0502 4524 SENS - ok
08:07:10.0518 4524 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
08:07:10.0518 4524 SensrSvc - ok
08:07:10.0549 4524 [ 255476B54C82A89416EFDF09FD62F107 ] Sentinel64 C:\windows\System32\Drivers\Sentinel64.sys
08:07:10.0549 4524 Sentinel64 - ok
08:07:10.0565 4524 [ E80B91AEC007711B1EEC9C83487754E2 ] SentinelSecurityRuntime C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
08:07:10.0565 4524 SentinelSecurityRuntime - ok
08:07:10.0580 4524 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
08:07:10.0596 4524 Serenum - ok
08:07:10.0627 4524 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
08:07:10.0658 4524 Serial - ok
08:07:10.0658 4524 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
08:07:10.0674 4524 sermouse - ok
08:07:10.0705 4524 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
08:07:10.0752 4524 SessionEnv - ok
08:07:10.0768 4524 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
08:07:10.0768 4524 sffdisk - ok
08:07:10.0768 4524 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
08:07:10.0814 4524 sffp_mmc - ok
08:07:10.0814 4524 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
08:07:10.0830 4524 sffp_sd - ok
08:07:10.0830 4524 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
08:07:10.0846 4524 sfloppy - ok
08:07:10.0846 4524 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
08:07:10.0877 4524 SharedAccess - ok
08:07:10.0924 4524 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
08:07:10.0955 4524 ShellHWDetection - ok
08:07:10.0955 4524 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
08:07:10.0955 4524 SiSRaid2 - ok
08:07:10.0986 4524 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
08:07:10.0986 4524 SiSRaid4 - ok
08:07:11.0002 4524 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
08:07:11.0017 4524 Smb - ok
08:07:11.0064 4524 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
08:07:11.0095 4524 SNMPTRAP - ok
08:07:11.0111 4524 [ 2D5576C01C8A34AA614870E745FE8F19 ] SNTUSB64 C:\windows\system32\DRIVERS\SNTUSB64.SYS
08:07:11.0126 4524 SNTUSB64 - ok
08:07:11.0126 4524 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
08:07:11.0126 4524 spldr - ok
08:07:11.0158 4524 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
08:07:11.0173 4524 Spooler - ok
08:07:11.0220 4524 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
08:07:11.0314 4524 sppsvc - ok
08:07:11.0314 4524 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
08:07:11.0345 4524 sppuinotify - ok
08:07:11.0392 4524 [ 37761F6BE2EBAED72CC0D43BD4C8C2A6 ] SQLAgent$ACT7 C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ACT7\MSSQL\Binn\SQLAGENT.EXE
08:07:11.0392 4524 SQLAgent$ACT7 - ok
08:07:11.0407 4524 [ 7D67C07C63796775CC5492BCFEAFF125 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
08:07:11.0423 4524 SQLBrowser - ok
08:07:11.0423 4524 [ F98DDFBFE0EE66D4C4B00693512B9527 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
08:07:11.0438 4524 SQLWriter - ok
08:07:11.0454 4524 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
08:07:11.0470 4524 srv - ok
08:07:11.0485 4524 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
08:07:11.0516 4524 srv2 - ok
08:07:11.0532 4524 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
08:07:11.0532 4524 srvnet - ok
08:07:11.0563 4524 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
08:07:11.0594 4524 SSDPSRV - ok
08:07:11.0594 4524 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
08:07:11.0626 4524 SstpSvc - ok
08:07:11.0657 4524 [ C7C4B2E29B2E9F757929868278BE3235 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
08:07:11.0672 4524 Stereo Service - ok
08:07:11.0704 4524 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
08:07:11.0719 4524 stexstor - ok
08:07:11.0719 4524 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\windows\system32\DRIVERS\serscan.sys
08:07:11.0735 4524 StillCam - ok
08:07:11.0782 4524 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
08:07:11.0797 4524 stisvc - ok
08:07:11.0828 4524 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\windows\system32\storsvc.dll
08:07:11.0860 4524 StorSvc - ok
08:07:11.0875 4524 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
08:07:11.0875 4524 swenum - ok
08:07:11.0891 4524 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
08:07:11.0938 4524 swprv - ok
08:07:12.0000 4524 [ F5B46DF59FEAA48A442AED7EEB754D4B ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
08:07:12.0016 4524 SynTP - ok
08:07:12.0062 4524 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
08:07:12.0125 4524 SysMain - ok
08:07:12.0140 4524 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
08:07:12.0156 4524 TabletInputService - ok
08:07:12.0187 4524 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
08:07:12.0234 4524 TapiSrv - ok
08:07:12.0234 4524 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
08:07:12.0265 4524 TBS - ok
08:07:12.0312 4524 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\windows\system32\drivers\tcpip.sys
08:07:12.0359 4524 Tcpip - ok
08:07:12.0406 4524 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
08:07:12.0437 4524 TCPIP6 - ok
08:07:12.0452 4524 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
08:07:12.0484 4524 tcpipreg - ok
08:07:12.0530 4524 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
08:07:12.0546 4524 tdcmdpst - ok
08:07:12.0562 4524 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
08:07:12.0562 4524 TDPIPE - ok
08:07:12.0577 4524 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
08:07:12.0593 4524 TDTCP - ok
08:07:12.0593 4524 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
08:07:12.0624 4524 tdx - ok
08:07:12.0624 4524 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
08:07:12.0640 4524 TermDD - ok
08:07:12.0671 4524 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
08:07:12.0718 4524 TermService - ok
08:07:12.0718 4524 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
08:07:12.0733 4524 Themes - ok
08:07:12.0764 4524 [ C013F6ACAA9761F571BD28DADA7C157D ] Thpdrv C:\windows\system32\DRIVERS\thpdrv.sys
08:07:12.0764 4524 Thpdrv - ok
08:07:12.0764 4524 [ B4E609047434ED948AF7BDEF2FA66E38 ] Thpevm C:\windows\system32\DRIVERS\Thpevm.SYS
08:07:12.0780 4524 Thpevm - ok
08:07:12.0796 4524 [ 9B032A63A0553A2D872815C64A0288BE ] Thpsrv C:\windows\system32\ThpSrv.exe
08:07:12.0811 4524 Thpsrv ( UnsignedFile.Multi.Generic ) - warning
08:07:12.0811 4524 Thpsrv - detected UnsignedFile.Multi.Generic (1)
08:07:12.0811 4524 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
08:07:12.0842 4524 THREADORDER - ok
08:07:12.0858 4524 [ F120967184A27E927052E8DDBB727851 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
08:07:12.0858 4524 TMachInfo - ok
08:07:12.0889 4524 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\windows\system32\TODDSrv.exe
08:07:12.0889 4524 TODDSrv - ok
08:07:12.0936 4524 [ 63B379F8885CB1C557771BB8B16162E3 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
08:07:12.0936 4524 TosCoSrv ( UnsignedFile.Multi.Generic ) - warning
08:07:12.0936 4524 TosCoSrv - detected UnsignedFile.Multi.Generic (1)
08:07:12.0967 4524 [ 8F099BE5DB17D025E19652851399B9F1 ] TOSHIBA Bluetooth Service C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
08:07:12.0967 4524 TOSHIBA Bluetooth Service - ok
08:07:12.0983 4524 [ 2ECC833EA37CECE0052D4D9ADC184177 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
08:07:12.0983 4524 TOSHIBA eco Utility Service - ok
08:07:12.0998 4524 [ EDB4B432DB13EA3D1EB2356310D33263 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
08:07:12.0998 4524 TOSHIBA HDD SSD Alert Service - ok
08:07:13.0014 4524 [ 8021F63311797085949FA387F7C83583 ] tosporte C:\windows\system32\DRIVERS\tosporte.sys
08:07:13.0014 4524 tosporte - ok
08:07:13.0061 4524 [ 09CF82C0068C7CFF7E2B3797BE7F5CC2 ] tosrfbd C:\windows\system32\DRIVERS\tosrfbd.sys
08:07:13.0076 4524 tosrfbd - ok
08:07:13.0076 4524 [ 90F0B1745ABF13F44C2A6ED79F7CE9FB ] tosrfbnp C:\windows\system32\Drivers\tosrfbnp.sys
08:07:13.0092 4524 tosrfbnp - ok
08:07:13.0092 4524 [ 9E4E65EA51E34647340BD6007467AC54 ] Tosrfcom C:\windows\system32\Drivers\tosrfcom.sys
08:07:13.0108 4524 Tosrfcom - ok
08:07:13.0108 4524 [ F5E3AC4CBCD154EE80849B21887FD0B0 ] tosrfec C:\windows\system32\DRIVERS\tosrfec.sys
08:07:13.0108 4524 tosrfec - ok
08:07:13.0108 4524 [ 7D2467D3EB9BAA4B69AE4A28C83DE57A ] Tosrfhid C:\windows\system32\DRIVERS\Tosrfhid.sys
08:07:13.0123 4524 Tosrfhid - ok
08:07:13.0123 4524 [ B6FDC3C76FFE9C5171EEA9C37EA367C2 ] tosrfnds C:\windows\system32\DRIVERS\tosrfnds.sys
08:07:13.0139 4524 tosrfnds - ok
08:07:13.0139 4524 [ 7052B10E54B48AF12BD5606596A8E039 ] TosRfSnd C:\windows\system32\drivers\tosrfsnd.sys
08:07:13.0170 4524 TosRfSnd - ok
08:07:13.0170 4524 [ 7A0048693F98460FF537BE31C741B927 ] Tosrfusb C:\windows\system32\DRIVERS\tosrfusb.sys
08:07:13.0170 4524 Tosrfusb - ok
08:07:13.0217 4524 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys
08:07:13.0232 4524 tos_sps64 - ok
08:07:13.0279 4524 [ 9F8410CCC72B3470C96DA415BE0CF423 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
08:07:13.0295 4524 TPCHSrv - ok
08:07:13.0310 4524 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
08:07:13.0357 4524 TrkWks - ok
08:07:13.0373 4524 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
08:07:13.0420 4524 TrustedInstaller - ok
08:07:13.0420 4524 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
08:07:13.0466 4524 tssecsrv - ok
08:07:13.0513 4524 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
08:07:13.0513 4524 TsUsbFlt - ok
08:07:13.0529 4524 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
08:07:13.0544 4524 TsUsbGD - ok
08:07:13.0544 4524 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
08:07:13.0591 4524 tunnel - ok
08:07:13.0591 4524 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
08:07:13.0607 4524 TVALZ - ok
08:07:13.0607 4524 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
08:07:13.0622 4524 TVALZFL - ok
08:07:13.0622 4524 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
08:07:13.0638 4524 uagp35 - ok
08:07:13.0654 4524 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
08:07:13.0700 4524 udfs - ok
08:07:13.0732 4524 [ D2B2AB4235B360A9CCAE8E891350A474 ] UDSS c:\Program Files (x86)\Common Files\Ulead Systems\UDSS\UDSS.exe
08:07:13.0732 4524 UDSS - ok
08:07:13.0747 4524 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
08:07:13.0747 4524 UI0Detect - ok
08:07:13.0778 4524 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
08:07:13.0778 4524 uliagpkx - ok
08:07:13.0794 4524 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
08:07:13.0825 4524 umbus - ok
08:07:13.0841 4524 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
08:07:13.0872 4524 UmPass - ok
08:07:13.0919 4524 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\windows\System32\umrdp.dll
08:07:13.0950 4524 UmRdpService - ok
08:07:14.0012 4524 [ 374EBDA379A8F38E0CFC2211611E7167 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
08:07:14.0075 4524 UNS - ok
08:07:14.0090 4524 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
08:07:14.0137 4524 upnphost - ok
08:07:14.0137 4524 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
08:07:14.0153 4524 usbccgp - ok
08:07:14.0153 4524 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
08:07:14.0168 4524 usbcir - ok
08:07:14.0168 4524 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys
08:07:14.0215 4524 usbehci - ok
08:07:14.0231 4524 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
08:07:14.0278 4524 usbhub - ok
08:07:14.0293 4524 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
08:07:14.0324 4524 usbohci - ok
08:07:14.0340 4524 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\drivers\usbprint.sys
08:07:14.0356 4524 usbprint - ok
08:07:14.0356 4524 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
08:07:14.0371 4524 USBSTOR - ok
08:07:14.0387 4524 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
08:07:14.0418 4524 usbuhci - ok
08:07:14.0434 4524 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
08:07:14.0449 4524 usbvideo - ok
08:07:14.0449 4524 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\windows\system32\drivers\usb8023x.sys
08:07:14.0465 4524 usb_rndisx - ok
08:07:14.0465 4524 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
08:07:14.0496 4524 UxSms - ok
08:07:14.0636 4524 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
08:07:14.0636 4524 VaultSvc - ok
08:07:14.0652 4524 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
08:07:14.0652 4524 vdrvroot - ok
08:07:14.0714 4524 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
08:07:14.0777 4524 vds - ok
08:07:14.0792 4524 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
08:07:14.0824 4524 vga - ok
08:07:14.0824 4524 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
08:07:14.0855 4524 VgaSave - ok
08:07:14.0917 4524 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
08:07:14.0933 4524 vhdmp - ok
08:07:14.0933 4524 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
08:07:14.0948 4524 viaide - ok
08:07:14.0964 4524 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
08:07:14.0964 4524 volmgr - ok
08:07:14.0995 4524 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
08:07:15.0011 4524 volmgrx - ok
08:07:15.0026 4524 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
08:07:15.0042 4524 volsnap - ok
08:07:15.0058 4524 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
08:07:15.0073 4524 vsmraid - ok
08:07:15.0120 4524 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
08:07:15.0198 4524 VSS - ok
08:07:15.0198 4524 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
08:07:15.0214 4524 vwifibus - ok
08:07:15.0214 4524 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
08:07:15.0245 4524 vwififlt - ok
08:07:15.0276 4524 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
08:07:15.0292 4524 vwifimp - ok
08:07:15.0307 4524 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
08:07:15.0338 4524 W32Time - ok
08:07:15.0338 4524 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
08:07:15.0370 4524 WacomPen - ok
08:07:15.0385 4524 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
08:07:15.0416 4524 WANARP - ok
08:07:15.0416 4524 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
08:07:15.0448 4524 Wanarpv6 - ok
08:07:15.0510 4524 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
08:07:15.0557 4524 WatAdminSvc - ok
08:07:15.0604 4524 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
08:07:15.0666 4524 wbengine - ok
08:07:15.0682 4524 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
08:07:15.0697 4524 WbioSrvc - ok
08:07:15.0744 4524 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\windows\WindowsMobile\wcescomm.dll
08:07:15.0760 4524 WcesComm - ok
08:07:15.0775 4524 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
08:07:15.0791 4524 wcncsvc - ok
08:07:15.0791 4524 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
08:07:15.0806 4524 WcsPlugInService - ok
08:07:15.0822 4524 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
08:07:15.0838 4524 Wd - ok
08:07:15.0853 4524 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
08:07:15.0869 4524 Wdf01000 - ok
08:07:15.0884 4524 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
08:07:15.0962 4524 WdiServiceHost - ok
08:07:15.0978 4524 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
08:07:15.0978 4524 WdiSystemHost - ok
08:07:16.0009 4524 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
08:07:16.0040 4524 WebClient - ok
08:07:16.0072 4524 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
08:07:16.0103 4524 Wecsvc - ok
08:07:16.0118 4524 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
08:07:16.0150 4524 wercplsupport - ok
08:07:16.0150 4524 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
08:07:16.0196 4524 WerSvc - ok
08:07:16.0196 4524 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
08:07:16.0228 4524 WfpLwf - ok
08:07:16.0243 4524 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
08:07:16.0243 4524 WIMMount - ok
08:07:16.0259 4524 WinDefend - ok
08:07:16.0259 4524 WinHttpAutoProxySvc - ok
08:07:16.0290 4524 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
08:07:16.0321 4524 Winmgmt - ok
08:07:16.0368 4524 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
08:07:16.0430 4524 WinRM - ok
08:07:16.0462 4524 [ FE88B288356E7B47B74B13372ADD906D ] winusb C:\windows\system32\DRIVERS\winusb.sys
08:07:16.0477 4524 winusb - ok
08:07:16.0493 4524 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
08:07:16.0540 4524 Wlansvc - ok
08:07:16.0586 4524 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:07:16.0586 4524 wlcrasvc - ok
08:07:16.0664 4524 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:07:16.0727 4524 wlidsvc - ok
08:07:16.0727 4524 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
08:07:16.0742 4524 WmiAcpi - ok
08:07:16.0758 4524 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
08:07:16.0774 4524 wmiApSrv - ok
08:07:16.0774 4524 WMPNetworkSvc - ok
08:07:16.0789 4524 [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm C:\Program Files\Zune\WMZuneComm.exe
08:07:16.0805 4524 WMZuneComm - ok
08:07:16.0805 4524 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
08:07:16.0820 4524 WPCSvc - ok
08:07:16.0820 4524 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
08:07:16.0836 4524 WPDBusEnum - ok
08:07:16.0836 4524 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
08:07:16.0867 4524 ws2ifsl - ok
08:07:16.0867 4524 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\system32\wscsvc.dll
08:07:16.0898 4524 wscsvc - ok
08:07:16.0898 4524 WSearch - ok
08:07:16.0976 4524 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
08:07:17.0039 4524 wuauserv - ok
08:07:17.0039 4524 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
08:07:17.0086 4524 WudfPf - ok
08:07:17.0117 4524 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
08:07:17.0164 4524 WUDFRd - ok
08:07:17.0164 4524 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
08:07:17.0195 4524 wudfsvc - ok
08:07:17.0226 4524 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
08:07:17.0257 4524 WwanSvc - ok
08:07:17.0382 4524 [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc C:\Program Files\Zune\ZuneNss.exe
08:07:17.0585 4524 ZuneNetworkSvc - ok
08:07:17.0632 4524 [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc C:\Program Files\Zune\ZuneWlanCfgSvc.exe
08:07:17.0647 4524 ZuneWlanCfgSvc - ok
08:07:17.0678 4524 ================ Scan global ===============================
08:07:17.0694 4524 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
08:07:17.0694 4524 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
08:07:17.0710 4524 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
08:07:17.0710 4524 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
08:07:17.0725 4524 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
08:07:17.0725 4524 [Global] - ok
08:07:17.0725 4524 ================ Scan MBR ==================================
08:07:17.0725 4524 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
08:07:18.0334 4524 \Device\Harddisk0\DR0 - ok
08:07:18.0334 4524 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
08:07:19.0457 4524 \Device\Harddisk1\DR1 - ok
08:07:19.0457 4524 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
08:07:21.0204 4524 \Device\Harddisk2\DR2 - ok
08:07:21.0204 4524 ================ Scan VBR ==================================
08:07:21.0204 4524 [ 28DCF8208E1A6185114F40292BEA3DAF ] \Device\Harddisk0\DR0\Partition1
08:07:21.0204 4524 \Device\Harddisk0\DR0\Partition1 - ok
08:07:21.0235 4524 [ D2BFF469E7347C10C7D873494137D024 ] \Device\Harddisk1\DR1\Partition1
08:07:21.0251 4524 \Device\Harddisk1\DR1\Partition1 - ok
08:07:21.0251 4524 [ 7DC61D6FE2E2C8AAF8B400C259F2DA35 ] \Device\Harddisk2\DR2\Partition1
08:07:21.0251 4524 \Device\Harddisk2\DR2\Partition1 - ok
08:07:21.0251 4524 ============================================================
08:07:21.0251 4524 Scan finished
08:07:21.0251 4524 ============================================================
08:07:21.0251 4308 Detected object count: 5
08:07:21.0251 4308 Actual detected object count: 5
08:09:08.0173 4308 ActService ( UnsignedFile.Multi.Generic ) - skipped by user
08:09:08.0173 4308 ActService ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:09:08.0173 4308 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
08:09:08.0173 4308 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:09:08.0173 4308 Sage ACT! Scheduler ( UnsignedFile.Multi.Generic ) - skipped by user
08:09:08.0173 4308 Sage ACT! Scheduler ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:09:08.0173 4308 Thpsrv ( UnsignedFile.Multi.Generic ) - skipped by user
08:09:08.0173 4308 Thpsrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:09:08.0189 4308 TosCoSrv ( UnsignedFile.Multi.Generic ) - skipped by user
08:09:08.0189 4308 TosCoSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
  • 0

#49
WhiteHat
Posted 18 September 2012 - 09:35 PM

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
Hi,

Hold on the Windows + R keys on your keyboard. This will open the run dialogue box.

Type Services.msc and press ENTER

Click with the right-button under the WinDefend service and select the option Start.

Tell me the result. :thumbsup:
  • 0

#50
AnthonyOhio
Posted 19 September 2012 - 05:42 AM

AnthonyOhio

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Good morning WhiteHat,

I get a window that pops up with the following message:

The Windows Defender service on Local Computer started and then
stopped. Somes services stop automatically if they are not in use by other
services or programs.
  • 0

#51
WhiteHat
Posted 19 September 2012 - 09:01 PM

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
Finally I know why Windows Defender not started. You have Microsoft Security Essentials installed and by default he disables the Windows Defender, so, nothing to worry about.

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean

The following will implement some cleanup procedures as well as reset System Restore points:

Remove OTL

Run OTL and hit the Posted Image cleanup button. It will remove all the programmes we have used plus itself.

Posted Image Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:
  • Go to this site and click Do I have Java
  • It will check your current version and then offer to update to the latest version

SPRING CLEAN

To manually create a new Restore Point
  • (If you use Windows 7/Vista)
  • Go to Control Panel and select System
  • Select System
  • On the left select System Protection and accept the warning if you get one
  • Select System Protection Tab
  • Select Create at the bottom
  • Type in a name i.e. Clean
  • Select Create

  • (If you use Windows XP)
  • Go to Start > All Programs > Acessories > System Tools > System Restore.
  • Select the option Create a restore point and click in Next.
  • Type in a name i.e. Clean
  • Select Create

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
Posted Image Malwarebytes. Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place??

Keep safe.
  • 0

#52
AnthonyOhio
Posted 20 September 2012 - 06:18 AM

AnthonyOhio

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Good morning , WhiteHat.

It is great to hear that I am almost cleaned up.

My icons are still a mess, a result of Win64-Sirefef. Everytime that I reboot they move to the left.
  • 0

#53
WhiteHat
Posted 20 September 2012 - 08:17 PM

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
  • Download RogueKiller and save it on your desktop.
  • Quit all programs
  • Start RogueKiller.exe.
  • Wait until Prescan has finished ...
  • Click on Scan
Posted Image

  • Next click on the ShortcutsFix
    Posted Image
  • The report has been created on the desktop.

Please post: All RKreport.txt text files located on your desktop.
  • 0

#54
AnthonyOhio
Posted 20 September 2012 - 09:36 PM

AnthonyOhio

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Thank you, whiteHat.

Report 1:

RogueKiller V8.0.2 [08/31/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : A [Admin rights]
Mode : Scan -- Date : 09/20/2012 23:29:01

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 6 ¤¤¤
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\Users\A\AppData\Local\{a486cfc5-6118-a1ec-04a1-c8635ee18d0e}\n.) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Seagate ST95005620AS +++++
--- User ---
[MBR] 7e41b9b220840e53479af199657ec43b
[BSP] 043484c3b9126deab5df41705fa6fa64 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 461010 Mo
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 947222528 | Size: 14429 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: TOSHIBA MK7575GSX +++++
--- User ---
[MBR] 4967f38a7e382545a4c1487c0b66fc75
[BSP] ee6117e6635ec72348fabcbc75883941 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 2048 | Size: 715403 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt



Report 2

RogueKiller V8.0.2 [08/31/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : A [Admin rights]
Mode : Shortcuts HJfix -- Date : 09/20/2012 23:31:40

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ File attributes restored: ¤¤¤
Desktop: Success 0 / Fail 0
Quick launch: Success 0 / Fail 0
Programs: Success 10 / Fail 0
Start menu: Success 0 / Fail 0
User folder: Success 83 / Fail 0
My documents: Success 3 / Fail 3
My favorites: Success 0 / Fail 0
My pictures: Success 0 / Fail 0
My music: Success 14 / Fail 0
My videos: Success 0 / Fail 0
Local drives: Success 5172 / Fail 0
Backup: [NOT FOUND]

Drives:
[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[D:] \Device\HarddiskVolume4 -- 0x3 --> Restored
[E:] \Device\CdRom0 -- 0x5 --> Skipped

¤¤¤ Infection : ¤¤¤

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
  • 0

#55
WhiteHat
Posted 22 September 2012 - 09:00 AM

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts

My icons are still a mess, a result of Win64-Sirefef. Everytime that I reboot they move to the left.

How is your computer?
  • 0

Advertisements

#56
AnthonyOhio
Posted 22 September 2012 - 09:58 AM

AnthonyOhio

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Good Morning, WhiteHat.

I worked with my computer a little more yesterday and was able to get Microsoft Security Essentials working by reinstalling the software. A complete scan revealed some remaining Sirefef threats here the following results:







Category: Exploit

Description: This program is dangerous and exploits the computer on which it is run.

Recommended action: Remove this software immediately.

Items:
containerfile:D:\A-QOSMIO\Backup Set 2012-05-29 091517\Backup Files 2012-07-23 111333\Backup files 1.zip
containerfile:D:\A-QOSMIO\Backup Set 2012-08-06 152337\Backup Files 2012-08-06 152337\Backup files 17.zip
containerfile:D:\A-QOSMIO\Backup Set 2012-08-27 201458\Backup Files 2012-08-27 201458\Backup files 17.zip
file:D:\A-QOSMIO\Backup Set 2012-05-29 091517\Backup Files 2012-07-23 111333\Backup files 1.zip->C\Users\A\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\283e3b62-7ed6c58a->CL3.class
file:D:\A-QOSMIO\Backup Set 2012-08-06 152337\Backup Files 2012-08-06 152337\Backup files 17.zip->C\Users\A\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\283e3b62-7ed6c58a->CL3.class
file:D:\A-QOSMIO\Backup Set 2012-08-27 201458\Backup Files 2012-08-27 201458\Backup files 17.zip->C\Users\A\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\283e3b62-7ed6c58a->CL3.class


I quarantined these files and everything seems to be working fine, except the issue with the desktop icon arrangement. I have not removed the software that we installed for the clean-up, yet. Any thoughts on this last isssue?

Thank You,

Anthony
  • 0

#57
WhiteHat
Posted 23 September 2012 - 07:49 PM

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts

A complete scan revealed some remaining Sirefef threats here the following results:

This is not sirefef. Just remove them.

except the issue with the desktop icon arrangement.

On the desktop, right click on the page (not the bar on the bottom) and the dropdown box will give you the option under 'arrange icons by' to 'align to grid'.

Posted Image
  • 0

#58
AnthonyOhio
Posted 24 September 2012 - 08:04 AM

AnthonyOhio

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Good Morning, WhiteHat.

The Align to grid option has always been selected. I deselected, and selected again. No change.

Thank You,

Anthony
  • 0

#59
WhiteHat
Posted 24 September 2012 - 10:01 PM

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
Try again and select the option Auto arrange.

See if that works.
  • 0

#60
AnthonyOhio
Posted 25 September 2012 - 06:21 AM

AnthonyOhio

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Good Morning WhiteHat,

With the Auto-Arrange option checked the icons stay on the left, as they are. when I restart the computer the icons stay on the left and the Auto-Arrange option is not checked.

So whenever I restart the computer Align to Grid is checked, Auto-Arrange is unchecked, and the icons stay on the left; regardless of the settings from my last session.

Thank You,

Anthony
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP