Welcome to Smokey's Security Forums.
As a guest you only have limited access to the board and it's features, please consider registering to gain full access!
Registration is free and it only takes a few moments to complete.

Smokey's Security Forums

Please login or register.

Login with username, password and session length
Advanced search  

News:

Microsoft Word Vuln Went Unnoticed for 17 Years: Report

Researchers claim Microsoft Word vulnerability, patched today, has existed for 17 years.

Microsoft Word Vuln Went Unnoticed for 17 Years: Report

Malware Log Analysis & Removal Help * Ransomware Encryption & Decrytion Techniques * Official Jetico Inc. Support Forums

Share this topic on FacebookShare this topic on MySpaceShare this topic on RedditShare this topic on TwitterAuthorTopic: slow computer  (Read 4544 times)

0 Members and 1 Guest are viewing this topic.

etavares

  • Substitute Leader Malware Analysis & Removal Team
  • Administrator
  • *
  • Offline Offline
  • Posts: 213
  • .: 1st Responder
Re: slow computer
« Reply #17 on: February 21, 2013, 03:03:56 PM »
Hi,

ACDaemon.exe is related to Arcsoft Connection service...do you have any of these products in the link below installed on that computer?
http://www.arcsoft.com/store/win.html


mobsync.exe is the microsoft synchronization manager to sync offline files and webpages.  I'm not that familiar with it, but you could try turning it off...see this link:
http://support.microsoft.com/kb/314512

That may help, unless you need to sync.

-etavares

jena4ytTopic starter

  • Full Member
  • **
  • Offline Offline
  • Posts: 12
Re: slow computer
« Reply #16 on: February 20, 2013, 06:29:02 PM »
Spoke too soon.  Problem persists with dropbox shut down.

jena4ytTopic starter

  • Full Member
  • **
  • Offline Offline
  • Posts: 12
Re: slow computer
« Reply #15 on: February 20, 2013, 04:37:37 PM »
Thanks! Updated java.

The I/O reads is heavily dominated by dropbox.exe!  followed byACDaemon.exe and mobsync.exe

The writes have much smaller numbers and topping the list is audiodg.exe, and CCC.exe, ACDaemon

I exited dropbox and the computer seems much! quieter!

etavares

  • Substitute Leader Malware Analysis & Removal Team
  • Administrator
  • *
  • Offline Offline
  • Posts: 213
  • .: 1st Responder
Re: slow computer
« Reply #14 on: February 20, 2013, 12:51:44 PM »
Hello, jena4yt.


Step 1

Next, we need to update Java.
Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update:
  • Download the latest version of  Java Runtime Environment (JRE) 7 Update 13 32-bit version.  Note that if you have 64-bit windows, the default is to use a 32-bit browser.  If you modified your IE to use the 64-bit version, make sure to also download the 64-bit version.
  • Save it to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) or Java(TM) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java version(s) shown below:
Anything that says Java 6 Update...
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on the java file you downloaded to install the newest version.  If you downloaded the 64-bit version, make sure to install that as well.
.


Step 2


Please download   Download Process Explorer.

Double-click to open the ZIP file.  Extract it to your desktop or another folder. 

When the computer starts to show excessive hard drive activity, double-click procexp.exe to run it.  Allow it to run if windows asks.  Click agree on the license screen.

Click View --> Select columns.  Click Process I/O tabs.  Check Reads and then check Writes.  Click OK.  Don't touch anything for a few minutes, let it run so it counts the hard drive activity.

Then, click the column header for I/O Reads to sort.  Look at the highest amount...what programs are there?  Ditto for I/O Writes?

etavares

jena4ytTopic starter

  • Full Member
  • **
  • Offline Offline
  • Posts: 12
Re: slow computer
« Reply #13 on: February 20, 2013, 06:24:15 AM »
Well, after going online and browsing for a few minutes, the disk activity picked up and continues to constantly work... write...on something.  Definately out of the norm for any computer I have ever used.  I'm thinking I will suggest re-installing windows. I hate to suggest it because I know I will be the one she wants to do it!!!!  but im kinda feeling like its the best route with all the abnormal activity on the drive.  I shut the computer down because it doesn't 'feel' safe with all of that unexplained disk activity.   Maybe the drive is dying?

Anyone else get annoyed at family members wreckless internet habits!?!?!?!? 

Let me know if you think that it is a lost cause or if there is some way to find out what it causing all of the hard drive chatter.  I'm usually pretty good at figuring out stuff like that, but this one is getting to me.

thanks again,
Jennifer

jena4ytTopic starter

  • Full Member
  • **
  • Offline Offline
  • Posts: 12
Re: slow computer
« Reply #12 on: February 20, 2013, 05:41:08 AM »
Disk activity seems to have quietened down a lot.  Still a little more activity than Im used too, but I am not very familiar with this computer. it could jsut be that the hd is louder than i am used to.. not sure.  It definately seems quicker overall.

Thanks so much for all of your help!  Any more recommendations ?

etavares

  • Substitute Leader Malware Analysis & Removal Team
  • Administrator
  • *
  • Offline Offline
  • Posts: 213
  • .: 1st Responder
Re: slow computer
« Reply #11 on: February 20, 2013, 04:08:54 AM »
That's looking better overall.  The detections are from poisoned webpages it appears.   Nothing too major.

Are you still having a high level of disk activity?

-etavares

jena4ytTopic starter

  • Full Member
  • **
  • Offline Offline
  • Posts: 12
Re: slow computer
« Reply #10 on: February 19, 2013, 09:50:29 PM »
eset results


C:\Users\tashay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0RZD8XP1\czftn4kx[1].htm   JS/Agent.NEY trojan   cleaned by deleting - quarantined
C:\Users\tashay\AppData\Local\Temp\Low\jar_cache12344.tmp   multiple threats   deleted - quarantined

jena4ytTopic starter

  • Full Member
  • **
  • Offline Offline
  • Posts: 12
Re: slow computer
« Reply #9 on: February 19, 2013, 06:11:19 PM »
Just saw where the TDS log was cut off again.  I checked the bottom of the log and the detected object counts were 0

jena4ytTopic starter

  • Full Member
  • **
  • Offline Offline
  • Posts: 12
Re: slow computer
« Reply #8 on: February 19, 2013, 05:37:01 PM »
OTL logfile created on: 2/19/2013 10:16:28 AM - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\tashay\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1.87 Gb Total Physical Memory | 1.21 Gb Available Physical Memory | 64.44% Memory free
4.75 Gb Paging File | 3.86 Gb Available in Paging File | 81.14% Paging File free
Paging file location(s): c:\pagefile.sys 3000 3000 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 147.58 Gb Total Space | 69.69 Gb Free Space | 47.22% Space Free | Partition Type: NTFS
 
Computer Name: TASHAY-PC | User Name: tashay | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\tashay\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\tashay\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
PRC - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Program Files\Kodak\KODAK Share Button App\Listener.exe (Eastman Kodak Company)
PRC - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
PRC - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
PRC - C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe ()
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\TomTom HOME 2\HOMERunner.exe (TomTom)
PRC - C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
PRC - C:\Program Files\Synaptics\SynTP\SynToshiba.exe (Synaptics, Inc.)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
PRC - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
PRC - c:\Toshiba\IVP\swupdate\swupdtmr.exe ()
PRC - C:\Toshiba\IVP\ISM\pinger.exe ()
PRC - C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
PRC - C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\421cb77e6a4c21f94e3c5ddf766de23b\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e64304962098e90f0d3f4c33c1b080a6\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f042f66c2ad8fd5b8c34fa22cd22079e\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\004bc6615f9c06df5c98859d35149fe6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\8d9e9637288c38ba02a244a8c12064da\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaAdapter.esx ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCom.dll ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\ESSkin.esx ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaCDBackup.esx ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\ESEmail.esx ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnline.dll ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaControls.esx ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCliWicMDRW.esx ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnlineHelper40.dll ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\KFx.dll ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\keml40.dll ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\AppCore.dll ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\Atlas.dll ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\SpiffyExt.dll ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\IStorageMediaStore.esx ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\LocCamBack.dll ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\LocAcqMod.dll ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\UpdateChecker.esx ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\kpries40.dll ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\LocUpdateCheck.dll ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxXML2V.dll ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxImV.dll ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxProcV.dll ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxFFV.dll ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxZipV.dll ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCmpV.dll ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCommonV.dll ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxBaseV.dll ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\KPCDInterface.dll ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\DibLibIP.dll ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\areaifdll.dll ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaPrintOnline.esx ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\Pcd.esx ()
MOD - C:\Program Files\Kodak\Kodak EasyShare software\bin\DXRawFormatHandler.esx ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2764.39480__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2764.39489__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2764.39718__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2764.39446__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2764.39503__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2764.39709__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Runtime\2.0.2764.39502__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2764.39601__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2764.39466__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2764.39668__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2764.39745__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2764.39752__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2764.39682__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2764.39459__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2764.39676__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2764.39675__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.2764.39738__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2764.39611__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2764.39695__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2764.39609__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2764.39711__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2764.39516__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2764.39467__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2764.39655__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2764.39522__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2764.39509__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2764.39634__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2764.39601__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2764.39521__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2764.39633__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2764.39654__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2764.39603__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2764.39609__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2729.30202__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2729.30197__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2729.30224__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2729.30212__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2729.30222__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2729.30178__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2729.30199__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2729.30231__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2729.30264__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2729.30174__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2729.30313__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2729.30184__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2729.30262__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2729.30259__90ba9c70f846762e\DEM.OS.I0602.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2729.30211__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2729.30199__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2729.30185__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2729.30207__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2729.30242__90ba9c70f846762e\DEM.OS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2729.30256__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2729.30203__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2729.30216__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2729.30241__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2729.30231__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Shared\2.0.2729.30219__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2729.30226__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2729.30227__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2729.30225__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2729.30230__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2729.30213__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2729.30219__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2729.30259__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2729.30228__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2729.30212__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2729.30176__90ba9c70f846762e\AEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2729.30216__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2729.30208__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2729.30201__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2764.39475__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2764.39730__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2764.39729__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2729.30193__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2764.39776__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2729.30188__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2729.30258__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2729.30211__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2764.39436__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2764.39454__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2764.39438__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2764.39438__90ba9c70f846762e\ATIDEMOS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2764.39437__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2764.39436__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2729.30209__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2729.30205__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2764.39730__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2729.30214__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2729.30243__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\Windows\System32\atitmmxx.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (QBCFMonitorService) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
SRV - (QBVSS) -- C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe ()
SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (QBFCService) -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (TNaviSrv) -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
SRV - (TosCoSrv) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV - (TOSHIBA Bluetooth Service) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (Swupdtmr) -- c:\Toshiba\IVP\swupdate\swupdtmr.exe ()
SRV - (pinger) -- C:\Toshiba\IVP\ISM\pinger.exe ()
SRV - (CFSvcs) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (NWADI) -- C:\Windows\System32\drivers\NWADIenum.sys (Novatel Wireless Inc)
DRV - (NWUSBPort2_000) -- C:\Windows\System32\drivers\nwusbser2_000.sys (Novatel Wireless Inc.)
DRV - (NWUSBPort_000) -- C:\Windows\System32\drivers\nwusbser_000.sys (Novatel Wireless Inc.)
DRV - (NWUSBModem_000) -- C:\Windows\System32\drivers\nwusbmdm_000.sys (Novatel Wireless Inc.)
DRV - (NWUSBCDFIL) -- C:\Windows\System32\drivers\NwUsbCdFil.sys (Novatel Wireless Inc.)
DRV - (X4HSX32) -- C:\Program Files\GameTap Web Player\bin\release\X4HSX32.sys (Exent Technologies Ltd.)
DRV - (pavboot) -- C:\Windows\System32\drivers\pavboot.sys (Panda Security, S.L.)
DRV - (PTDMWWAN) -- C:\Windows\System32\drivers\PTDMWWAN.sys (DEVGURU Co,LTD.)
DRV - (PTDMVsp) -- C:\Windows\System32\drivers\PTDMVsp.sys (DEVGURU Co,LTD.)
DRV - (PTDMMdm) -- C:\Windows\System32\drivers\PTDMMdm.sys (DEVGURU Co,LTD.)
DRV - (PTDMBus) -- C:\Windows\System32\drivers\PTDMBus.sys (DEVGURU Co,LTD.)
DRV - (tos_sps32) -- C:\Windows\System32\drivers\tos_sps32.sys (TOSHIBA Corporation)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (RTL8187B) -- C:\Windows\System32\drivers\rtl8187B.sys (Realtek Semiconductor Corporation                           )
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (winbondcir) -- C:\Windows\System32\drivers\winbondcir.sys (Winbond Electronics Corporation)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (KR3NPXP) -- C:\Windows\System32\drivers\kr3npxp.sys (TOSHIBA CORPORATION)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (FwLnk) -- C:\Windows\System32\drivers\FwLnk.sys (TOSHIBA Corporation)
DRV - (KR10I) -- C:\Windows\System32\drivers\KR10I.sys (TOSHIBA CORPORATION)
DRV - (KR10N) -- C:\Windows\System32\drivers\KR10N.sys (TOSHIBA CORPORATION)
DRV - (AtiPcie) -- C:\Windows\System32\drivers\AtiPcie.sys (ATI Technologies Inc.)
DRV - (tosrfec) -- C:\Windows\System32\drivers\tosrfec.sys (TOSHIBA Corporation)
DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV - (TVALZ) -- C:\Windows\System32\drivers\TVALZ_O.SYS (TOSHIBA Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {8A7DABF5-730E-4D94-AE2D-E2CBC03BEFED}
IE - HKLM\..\SearchScopes\{8A7DABF5-730E-4D94-AE2D-E2CBC03BEFED}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage};
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
 
 
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3362793252-3370582600-557581704-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?PC=msnHomeST&OCID=msnHomepage
IE - HKU\S-1-5-21-3362793252-3370582600-557581704-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3362793252-3370582600-557581704-1000\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKU\S-1-5-21-3362793252-3370582600-557581704-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-3362793252-3370582600-557581704-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-3362793252-3370582600-557581704-1000\..\SearchScopes\{86429EDB-760A-46B3-8B45-6B3D33390D5B}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3362793252-3370582600-557581704-1000\..\SearchScopes\{8A7DABF5-730E-4D94-AE2D-E2CBC03BEFED}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7TSHB_en
IE - HKU\S-1-5-21-3362793252-3370582600-557581704-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\tashay\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/05/16 19:43:42 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\module@com.arcadesafari.firefox: C:\Users\tashay\AppData\Local\Arcadesafari\module@com.arcadesafari.firefox [2013/01/12 20:55:37 | 000,000,000 | ---D | M]
 
[2010/04/06 19:39:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\tashay\AppData\Roaming\Mozilla\Extensions
[2008/12/28 17:45:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\tashay\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
 
========== Chrome  ==========
 
CHR - homepage: http://search.conduit.com/?ctid=CT3240727&SearchSource=48&sspv=,\r\n
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://search.conduit.com/?ctid=CT3240727&SearchSource=48&sspv=,\r\n
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\tashay\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: PlaySushi Textlinks Plugin (Enabled) = C:\Users\tashay\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnhgoncokajlafhnhjmccgcmgggiehjm\nppstl.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpplugin.dll
CHR - plugin: Zylom Plugin (Enabled) = C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\tashay\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.7.1 (Enabled) = C:\Users\tashay\AppData\Local\Yahoo!\BrowserPlus\2.7.1\Plugins\npybrowserplus_2.7.1.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprjplug.dll
CHR - Extension: findr = C:\Users\tashay\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopfcgphfmlgalncbfagpgcgonmfmcb\10.14.40.128_0\
CHR - Extension: YouTube = C:\Users\tashay\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Search = C:\Users\tashay\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Arcadesafari = C:\Users\tashay\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmeemomfelpigklppifflheakfpkfjjg\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\tashay\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Gmail = C:\Users\tashay\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2008/08/12 13:30:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-3362793252-3370582600-557581704-1000\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [HSON] C:\Program Files\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.)
O4 - HKU\S-1-5-18..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3362793252-3370582600-557581704-1000..\Run: [KGShareApp] C:\Program Files\Kodak\KODAK Share Button App\KGShare_App.exe (Eastman Kodak Company)
O4 - HKU\S-1-5-21-3362793252-3370582600-557581704-1000..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\HOMERunner.exe (TomTom)
O4 - Startup: C:\Users\tashay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\tashay\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\tashay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Users\tashay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote Table Of Contents.onetoc2 ()
O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.20.1.32 172.20.1.31
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0642EFCB-8E53-40C6-82BB-3788A1190ACD}: DhcpNameServer = 192.168.62.1 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2490DCF6-F73B-47E9-B39C-8397048B32EE}: DhcpNameServer = 172.20.1.32 172.20.1.31
O18 - Protocol\Handler\intu-help-qb4 {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Forest.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Forest.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 15:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{24438bbd-9ca5-11de-851f-00a0d18ce379}\Shell - "" = AutoRun
O33 - MountPoints2\{24438bbd-9ca5-11de-851f-00a0d18ce379}\Shell\AutoRun\command - "" = E:\VZAccess_Manager.exe /z detect
O33 - MountPoints2\{3b814ea4-9f0b-11de-9867-001644806ad4}\Shell - "" = AutoRun
O33 - MountPoints2\{3b814ea4-9f0b-11de-9867-001644806ad4}\Shell\AutoRun\command - "" = J:\VZAccess_Manager.exe /z detect
O33 - MountPoints2\{86ca01a3-c962-11dc-afdb-7a8020000200}\Shell\AutoRun\command - "" = C:\Windows\System32\setupSNK.exe -- [2008/01/19 01:33:29 | 000,013,312 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{86ca01a9-c962-11dc-afdb-7a8020000200}\Shell - "" = AutoRun
O33 - MountPoints2\{86ca01a9-c962-11dc-afdb-7a8020000200}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{901610c2-2573-11e0-8352-00a0d18ce379}\Shell\AutoRun\command - "" = I:\PMBP_Win.exe
O33 - MountPoints2\{a71001a4-c92a-11dd-9860-7a8020000200}\Shell\AutoRun\command - "" = F:\InstallTomTomHOME.exe
O33 - MountPoints2\{e9e0ebd7-3b2a-11dd-99ed-7a8020000200}\Shell - "" = AutoRun
O33 - MountPoints2\{e9e0ebd7-3b2a-11dd-99ed-7a8020000200}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\VZAccess_Manager.exe /z detect
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\VZAccess_Manager.exe /z detect
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/02/19 10:03:33 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/02/19 09:56:46 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2013/02/19 09:55:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2013/02/19 09:55:21 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2013/02/19 09:47:41 | 000,791,393 | ---- | C] (Lars Hederer                                                ) -- C:\Users\tashay\Desktop\erunt-setup.exe
[2013/02/17 17:51:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\tashay\Desktop\OTL.exe
[2013/02/17 15:01:52 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2013/02/17 14:45:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013/02/17 14:44:20 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2013/02/17 13:14:10 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\pavboot.sys
[2013/02/17 13:14:07 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2013/02/14 12:22:22 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/02/14 12:22:20 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/02/14 12:22:20 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/02/14 12:22:20 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/02/14 12:22:20 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/02/14 12:22:18 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/02/14 12:22:18 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/02/14 12:22:16 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/02/14 10:59:19 | 002,048,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/02/14 10:59:07 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2013/02/14 10:31:20 | 000,000,000 | ---D | C] -- C:\Users\tashay\AppData\Roaming\VSRevoGroup
[2013/02/13 19:42:57 | 003,602,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/02/13 19:42:57 | 003,550,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/01/29 07:02:24 | 000,000,000 | ---D | C] -- C:\Users\tashay\AppData\Local\Novatel Wireless
[2013/01/22 19:01:23 | 000,000,000 | ---D | C] -- C:\Users\tashay\Desktop\norman rockwell fig
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/02/19 10:06:50 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/02/19 10:06:49 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/02/19 10:06:49 | 000,000,380 | ---- | M] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_tashay.job
[2013/02/19 10:06:42 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/19 10:06:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/02/19 10:06:16 | 2011,217,920 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/19 10:03:37 | 000,642,480 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/02/19 10:03:37 | 000,119,704 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/02/19 09:56:02 | 000,000,884 | ---- | M] () -- C:\Users\tashay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2013/02/19 09:55:24 | 000,000,704 | ---- | M] () -- C:\Users\tashay\Desktop\NTREGOPT.lnk
[2013/02/19 09:55:24 | 000,000,685 | ---- | M] () -- C:\Users\tashay\Desktop\ERUNT.lnk
[2013/02/19 09:50:10 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/19 09:47:41 | 000,791,393 | ---- | M] (Lars Hederer                                                ) -- C:\Users\tashay\Desktop\erunt-setup.exe
[2013/02/18 18:27:45 | 000,000,470 | ---- | M] () -- C:\Windows\tasks\Arcadesafari.job
[2013/02/17 18:25:02 | 000,000,512 | ---- | M] () -- C:\Users\tashay\Desktop\MBR.dat
[2013/02/17 16:53:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\tashay\Desktop\OTL.exe
[2013/02/17 16:26:10 | 000,000,963 | ---- | M] () -- C:\Users\tashay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/02/17 15:02:12 | 000,001,946 | ---- | M] () -- C:\Users\Public\Desktop\Kodak EasyShare.lnk
[2013/02/17 14:46:36 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/02/17 13:07:35 | 000,000,374 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateFiles_tashay.job
[2013/02/17 13:00:31 | 213,657,415 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/02/17 12:25:04 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateXML_tashay.job
[2013/02/14 13:22:26 | 000,374,760 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/02/14 12:55:49 | 000,001,942 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/02/14 11:02:05 | 000,000,877 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/02/14 10:19:25 | 000,001,356 | ---- | M] () -- C:\Users\tashay\AppData\Local\d3d9caps.dat
[2013/01/30 04:53:21 | 000,232,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2013/01/25 20:05:22 | 000,000,933 | ---- | M] () -- C:\Users\tashay\Desktop\Dropbox.lnk
[2013/01/22 19:06:04 | 010,417,152 | R--- | M] () -- C:\Users\Public\Documents\ESBK.mb
[2013/01/22 19:06:03 | 019,173,376 | R--- | M] () -- C:\Users\Public\Documents\ESBK.mbb
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/02/19 09:56:02 | 000,000,884 | ---- | C] () -- C:\Users\tashay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2013/02/19 09:55:24 | 000,000,704 | ---- | C] () -- C:\Users\tashay\Desktop\NTREGOPT.lnk
[2013/02/19 09:55:24 | 000,000,685 | ---- | C] () -- C:\Users\tashay\Desktop\ERUNT.lnk
[2013/02/17 18:25:02 | 000,000,512 | ---- | C] () -- C:\Users\tashay\Desktop\MBR.dat
[2013/02/17 15:02:12 | 000,001,946 | ---- | C] () -- C:\Users\Public\Desktop\Kodak EasyShare.lnk
[2013/02/17 14:46:36 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif
[2013/02/17 14:46:25 | 000,001,797 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2013/02/17 13:07:25 | 2011,217,920 | -HS- | C] () -- C:\hiberfil.sys
[2013/02/14 11:02:05 | 000,000,877 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/12/20 22:21:53 | 000,002,314 | ---- | C] () -- C:\Users\tashay\AppData\Roaming\SAS7_000.DAT
[2012/05/23 16:23:40 | 000,000,095 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2010/03/07 20:33:51 | 000,001,356 | ---- | C] () -- C:\Users\tashay\AppData\Local\d3d9caps.dat
[2008/11/25 21:11:11 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008/08/12 09:06:39 | 000,000,691 | ---- | C] () -- C:\Users\tashay\AppData\Roaming\GetValue.vbs
[2008/08/12 09:06:39 | 000,000,035 | ---- | C] () -- C:\Users\tashay\AppData\Roaming\SetValue.bat
[2008/01/31 21:43:13 | 000,000,000 | ---- | C] () -- C:\Users\tashay\AppData\Roaming\wklnhst.dat
[2007/12/19 20:37:03 | 000,014,848 | ---- | C] () -- C:\Users\tashay\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2006/11/02 06:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 11:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 00:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 00:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 184 bytes -> C:\ProgramData\TEMP:0FF263E8
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:45FE2B4E
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:CB0AACC9
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:6468C896

< End of report >

jena4ytTopic starter

  • Full Member
  • **
  • Offline Offline
  • Posts: 12
Re: slow computer
« Reply #7 on: February 19, 2013, 05:09:53 PM »
OTL FIX LOG


========== OTL ==========
Service Tosrfcom stopped successfully!
Service Tosrfcom deleted successfully!
File   File not found not found.
Service NwlnkFwd stopped successfully!
Service NwlnkFwd deleted successfully!
File  system32\DRIVERS\nwlnkfwd.sys File not found not found.
Service NwlnkFlt stopped successfully!
Service NwlnkFlt deleted successfully!
File  system32\DRIVERS\nwlnkflt.sys File not found not found.
Service IpInIp stopped successfully!
Service IpInIp deleted successfully!
File  system32\DRIVERS\ipinip.sys File not found not found.
Service IO_Memory stopped successfully!
Service IO_Memory deleted successfully!
File  C:\WINDOWS\SYSTEM32\SYSPREP\Drivers\ioport.sys File not found not found.
Service blbdrive stopped successfully!
Service blbdrive deleted successfully!
File  C:\Windows\system32\drivers\blbdrive.sys File not found not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{D8278076-BC68-4484-9233-6E7F1628B56C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4153492D-5341-5400-76A7-7A786E7484D7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4153492D-5341-5400-76A7-7A786E7484D7}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NDSTray.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ROC_roc_dec12 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ROC_ROC_JULY_P1 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SMessaging deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ISUSPM deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\TOSCDSPD deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EBD24BD3-E272-4FA3-A8BA-C5D709757CAB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBD24BD3-E272-4FA3-A8BA-C5D709757CAB}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\Windows\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
File oft XML Parser for Java file:///C:/Windows/Java/classes/xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpFolder\C:^Users^tashay^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk\ deleted successfully.
C:\Windows\pss\LimeWire On Startup.lnk.Startup moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\DW6\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Messenger\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Use Chrome's Settings page to change the HomePage.
Use Chrome's Settings page to change the HomePage.
 
OTL by OldTimer - Version 3.2.69.0 log created on 02192013_100333

jena4ytTopic starter

  • Full Member
  • **
  • Offline Offline
  • Posts: 12
Re: slow computer
« Reply #6 on: February 19, 2013, 05:01:02 PM »
Here is the missing log, also mse picked up some java exploit today.  got a picture.  Did the ERUNT backup no problems. working on the OTL part, but the computer is really not playing nice online. i am using a usb stick to do the work offline.



17:23:03.0816 5028  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:23:05.0656 5028  ============================================================
17:23:05.0656 5028  Current date / time: 2013/02/18 17:23:05.0656
17:23:05.0656 5028  SystemInfo:
17:23:05.0656 5028 
17:23:05.0672 5028  OS Version: 6.0.6002 ServicePack: 2.0
17:23:05.0672 5028  Product type: Workstation
17:23:05.0672 5028  ComputerName: TASHAY-PC
17:23:05.0672 5028  UserName: tashay
17:23:05.0672 5028  Windows directory: C:\Windows
17:23:05.0672 5028  System windows directory: C:\Windows
17:23:05.0672 5028  Processor architecture: Intel x86
17:23:05.0672 5028  Number of processors: 2
17:23:05.0672 5028  Page size: 0x1000
17:23:05.0672 5028  Boot type: Normal boot
17:23:05.0672 5028  ============================================================
17:23:09.0931 5028  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:23:09.0946 5028  Drive \Device\Harddisk1\DR1 - Size: 0x200 (0.00 Gb), SectorSize: 0x200, Cylinders: 0x1, SectorsPerTrack: 0x1, TracksPerCylinder: 0x1, Type 'W'
17:23:09.0978 5028  ============================================================
17:23:09.0978 5028  \Device\Harddisk0\DR0:
17:23:09.0978 5028  MBR partitions:
17:23:09.0978 5028  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x12729800
17:23:09.0978 5028  \Device\Harddisk1\DR1:
17:23:09.0978 5028  Invalid mbr signature
17:23:09.0978 5028  ============================================================
17:23:10.0087 5028  C: <-> \Device\Harddisk0\DR0\Partition1
17:23:10.0087 5028  ============================================================
17:23:10.0087 5028  Initialize success
17:23:10.0087 5028  ============================================================
17:23:39.0243 4108  ============================================================
17:23:39.0243 4108  Scan started
17:23:39.0243 4108  Mode: Manual;
17:23:39.0243 4108  ============================================================
17:23:58.0634 4108  ================ Scan system memory ========================
17:23:58.0634 4108  System memory - ok
17:23:58.0634 4108  ================ Scan services =============================
17:23:59.0133 4108  [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon        C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
17:23:59.0133 4108  ACDaemon - ok
17:23:59.0991 4108  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
17:24:00.0054 4108  ACPI - ok
17:24:00.0116 4108  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
17:24:00.0163 4108  adp94xx - ok
17:24:00.0194 4108  [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci         C:\Windows\system32\drivers\adpahci.sys
17:24:00.0210 4108  adpahci - ok
17:24:00.0241 4108  [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
17:24:00.0241 4108  adpu160m - ok
17:24:00.0288 4108  [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320         C:\Windows\system32\drivers\adpu320.sys
17:24:00.0303 4108  adpu320 - ok
17:24:00.0334 4108  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:24:00.0334 4108  AeLookupSvc - ok
17:24:00.0553 4108  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
17:24:00.0802 4108  AFD - ok
17:24:00.0849 4108  [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
17:24:00.0849 4108  AgereModemAudio - ok
17:24:01.0348 4108  [ CE91B158FA490CF4C4D487A4130F4660 ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
17:24:01.0504 4108  AgereSoftModem - ok
17:24:01.0551 4108  [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440          C:\Windows\system32\drivers\agp440.sys
17:24:01.0551 4108  agp440 - ok
17:24:01.0614 4108  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
17:24:01.0629 4108  aic78xx - ok
17:24:01.0707 4108  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
17:24:01.0707 4108  ALG - ok
17:24:01.0816 4108  [ 90395B64600EBB4552E26E178C94B2E4 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:24:01.0816 4108  aliide - ok
17:24:01.0832 4108  [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
17:24:01.0848 4108  amdagp - ok
17:24:01.0879 4108  [ 0577DF1D323FE75A739C787893D300EA ] amdide          C:\Windows\system32\drivers\amdide.sys
17:24:01.0879 4108  amdide - ok
17:24:01.0926 4108  [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
17:24:01.0988 4108  AmdK7 - ok
17:24:02.0035 4108  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
17:24:02.0035 4108  AmdK8 - ok
17:24:02.0113 4108  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
17:24:02.0113 4108  Appinfo - ok
17:24:02.0175 4108  [ 4B5AE15E5C73EB4DC8DBEC2788230D41 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
17:24:02.0206 4108  Apple Mobile Device - ok
17:24:02.0253 4108  [ 5F673180268BB1FDB69C99B6619FE379 ] arc             C:\Windows\system32\drivers\arc.sys
17:24:02.0253 4108  arc - ok
17:24:02.0284 4108  [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
17:24:02.0284 4108  arcsas - ok
17:24:02.0596 4108  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:24:02.0612 4108  aspnet_state - ok
17:24:02.0659 4108  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:24:02.0659 4108  AsyncMac - ok
17:24:02.0690 4108  [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi           C:\Windows\system32\drivers\atapi.sys
17:24:02.0690 4108  atapi - ok
17:24:02.0768 4108  [ 581B9BE9E92A0F3856CC85EC011EDC6F ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
17:24:02.0799 4108  Ati External Event Utility - ok
17:24:03.0361 4108  [ 22D300F835600C9C634860CF2912F9CF ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
17:24:03.0470 4108  atikmdag - ok
17:24:03.0486 4108  [ 4AA1EB65481C392955939E735D27118B ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
17:24:03.0517 4108  AtiPcie - ok
17:24:03.0595 4108  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:24:03.0595 4108  AudioEndpointBuilder - ok
17:24:03.0610 4108  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
17:24:03.0610 4108  Audiosrv - ok
17:24:03.0657 4108  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:24:03.0673 4108  Beep - ok
17:24:03.0735 4108  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
17:24:03.0735 4108  BFE - ok
17:24:03.0844 4108  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
17:24:03.0860 4108  BITS - ok
17:24:03.0860 4108  blbdrive - ok
17:24:03.0922 4108  [ 3F56903E124E820AEECE6D471583C6C1 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:24:03.0922 4108  Bonjour Service - ok
17:24:03.0969 4108  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:24:04.0016 4108  bowser - ok
17:24:04.0078 4108  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
17:24:04.0141 4108  BrFiltLo - ok
17:24:04.0156 4108  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
17:24:04.0219 4108  BrFiltUp - ok
17:24:04.0312 4108  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
17:24:04.0344 4108  Browser - ok
17:24:04.0484 4108  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
17:24:04.0531 4108  Brserid - ok
17:24:04.0562 4108  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
17:24:04.0656 4108  BrSerWdm - ok
17:24:04.0671 4108  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
17:24:04.0734 4108  BrUsbMdm - ok
17:24:04.0765 4108  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
17:24:04.0812 4108  BrUsbSer - ok
17:24:04.0843 4108  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
17:24:04.0890 4108  BTHMODEM - ok
17:24:04.0983 4108  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:24:04.0983 4108  cdfs - ok
17:24:05.0030 4108  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:24:05.0170 4108  cdrom - ok
17:24:05.0217 4108  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
17:24:05.0217 4108  CertPropSvc - ok
17:24:05.0248 4108  [ C82162949BBA6CC5D006C7BD008F3CF1 ] CFSvcs          C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
17:24:05.0248 4108  CFSvcs - ok
17:24:05.0295 4108  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
17:24:05.0326 4108  circlass - ok
17:24:05.0389 4108  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
17:24:05.0389 4108  CLFS - ok
17:24:05.0436 4108  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:24:05.0436 4108  clr_optimization_v2.0.50727_32 - ok
17:24:05.0482 4108  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:24:05.0529 4108  clr_optimization_v4.0.30319_32 - ok
17:24:05.0592 4108  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
17:24:05.0623 4108  CmBatt - ok
17:24:05.0670 4108  [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:24:05.0670 4108  cmdide - ok
17:24:05.0732 4108  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
17:24:05.0732 4108  Compbatt - ok
17:24:05.0748 4108  COMSysApp - ok
17:24:05.0763 4108  [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
17:24:05.0763 4108  crcdisk - ok
17:24:05.0779 4108  [ 22A7F883508176489F559EE745B5BF5D ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
17:24:05.0810 4108  Crusoe - ok
17:24:05.0904 4108  [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:24:05.0904 4108  CryptSvc - ok
17:24:05.0966 4108  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:24:05.0982 4108  DcomLaunch - ok
17:24:06.0013 4108  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:24:06.0138 4108  DfsC - ok
17:24:06.0231 4108  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
17:24:06.0309 4108  DFSR - ok
17:24:06.0356 4108  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
17:24:06.0372 4108  Dhcp - ok
17:24:06.0387 4108  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
17:24:06.0387 4108  disk - ok
17:24:06.0434 4108  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:24:06.0465 4108  Dnscache - ok
17:24:06.0496 4108  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:24:06.0512 4108  dot3svc - ok
17:24:06.0543 4108  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
17:24:06.0543 4108  DPS - ok
17:24:06.0574 4108  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:24:06.0590 4108  drmkaud - ok
17:24:06.0637 4108  [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:24:06.0652 4108  DXGKrnl - ok
17:24:06.0684 4108  [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
17:24:06.0746 4108  E1G60 - ok
17:24:06.0777 4108  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
17:24:06.0777 4108  EapHost - ok
17:24:06.0824 4108  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
17:24:06.0840 4108  Ecache - ok
17:24:06.0886 4108  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:24:06.0902 4108  ehRecvr - ok
17:24:06.0980 4108  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
17:24:06.0980 4108  ehSched - ok
17:24:07.0027 4108  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
17:24:07.0027 4108  ehstart - ok
17:24:07.0074 4108  [ E8F3F21A71720C84BCF423B80028359F ] elxstor         C:\Windows\system32\drivers\elxstor.sys
17:24:07.0074 4108  elxstor - ok
17:24:07.0120 4108  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
17:24:07.0136 4108  EMDMgmt - ok
17:24:07.0198 4108  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
17:24:07.0214 4108  EventSystem - ok
17:24:07.0276 4108  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
17:24:07.0323 4108  exfat - ok
17:24:07.0386 4108  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:24:07.0417 4108  fastfat - ok
17:24:07.0448 4108  [ 63BDADA84951B9C03E641800E176898A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
17:24:07.0479 4108  fdc - ok
17:24:07.0526 4108  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
17:24:07.0526 4108  fdPHost - ok
17:24:07.0557 4108  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:24:07.0557 4108  FDResPub - ok
17:24:07.0588 4108  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:24:07.0588 4108  FileInfo - ok
17:24:07.0635 4108  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:24:07.0666 4108  Filetrace - ok
17:24:07.0698 4108  [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:24:07.0729 4108  flpydisk - ok
17:24:07.0869 4108  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:24:07.0885 4108  FltMgr - ok
17:24:07.0947 4108  [ 452FEAAB2A8DBB42ED751754CB2594F5 ] FontCache       C:\Windows\system32\FntCache.dll
17:24:07.0963 4108  FontCache - ok
17:24:08.0025 4108  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:24:08.0041 4108  FontCache3.0.0.0 - ok
17:24:08.0088 4108  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:24:08.0103 4108  Fs_Rec - ok
17:24:08.0150 4108  [ CBC22823628544735625B280665E434E ] FwLnk           C:\Windows\system32\DRIVERS\FwLnk.sys
17:24:08.0181 4108  FwLnk - ok
17:24:08.0228 4108  [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
17:24:08.0244 4108  gagp30kx - ok
17:24:08.0275 4108  [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM     C:\Windows\system32\Drivers\GEARAspiWDM.sys
17:24:08.0275 4108  GEARAspiWDM - ok
17:24:08.0322 4108  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
17:24:08.0384 4108  gpsvc - ok
17:24:08.0446 4108  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
17:24:08.0446 4108  gupdate - ok
17:24:08.0478 4108  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
17:24:08.0478 4108  gupdatem - ok
17:24:08.0524 4108  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:24:08.0540 4108  gusvc - ok
17:24:08.0587 4108  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:24:08.0634 4108  HdAudAddService - ok
17:24:08.0727 4108  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
17:24:08.0727 4108  HDAudBus - ok
17:24:08.0758 4108  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
17:24:08.0805 4108  HidBth - ok
17:24:08.0852 4108  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
17:24:08.0899 4108  HidIr - ok
17:24:08.0930 4108  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
17:24:08.0961 4108  hidserv - ok
17:24:09.0008 4108  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:24:09.0024 4108  HidUsb - ok
17:24:09.0086 4108  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:24:09.0102 4108  hkmsvc - ok
17:24:09.0133 4108  [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
17:24:09.0133 4108  HpCISSs - ok
17:24:09.0164 4108  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:24:09.0304 4108  HTTP - ok
17:24:09.0351 4108  [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
17:24:09.0367 4108  i2omp - ok
17:24:09.0429 4108  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
17:24:09.0476 4108  i8042prt - ok
17:24:09.0523 4108  [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
17:24:09.0538 4108  iaStorV - ok
17:24:09.0694 4108  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:24:09.0694 4108  IDriverT - ok
17:24:09.0882 4108  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:24:09.0913 4108  idsvc - ok
17:24:09.0975 4108  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
17:24:09.0975 4108  iirsp - ok
17:24:10.0038 4108  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
17:24:10.0053 4108  IKEEXT - ok
17:24:10.0194 4108  [ 97CAC2A7E92FFCB30C15101AB002ED30 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
17:24:10.0272 4108  IntcAzAudAddService - ok
17:24:10.0303 4108  [ 97469037714070E45194ED318D636401 ] intelide        C:\Windows\system32\drivers\intelide.sys
17:24:10.0303 4108  intelide - ok
17:24:10.0350 4108  [ CE44CC04262F28216DD4341E9E36A16F ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:24:10.0381 4108  intelppm - ok
17:24:10.0428 4108  IO_Memory - ok
17:24:10.0459 4108  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:24:10.0459 4108  IPBusEnum - ok
17:24:10.0506 4108  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:24:10.0568 4108  IpFilterDriver - ok
17:24:10.0615 4108  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:24:10.0630 4108  iphlpsvc - ok
17:24:10.0630 4108  IpInIp - ok
17:24:10.0677 4108  [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
17:24:10.0724 4108  IPMIDRV - ok
17:24:10.0818 4108  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
17:24:10.0880 4108  IPNAT - ok
17:24:10.0927 4108  [ 1E6F080D5EDB4C3B4C4EB787A0848DCC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
17:24:11.0005 4108  iPod Service - ok
17:24:11.0067 4108  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:24:11.0098 4108  IRENUM - ok
17:24:11.0130 4108  [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:24:11.0161 4108  isapnp - ok
17:24:11.0208 4108  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
17:24:11.0223 4108  iScsiPrt - ok
17:24:11.0239 4108  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
17:24:11.0254 4108  iteatapi - ok
17:24:11.0270 4108  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
17:24:11.0270 4108  iteraid - ok
17:24:11.0301 4108  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:24:11.0301 4108  kbdclass - ok
17:24:11.0317 4108  [ D2600CB17B7408B4A83F231DC9A11AC3 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
17:24:11.0348 4108  kbdhid - ok
17:24:11.0379 4108  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
17:24:11.0379 4108  KeyIso - ok
17:24:11.0535 4108  [ E8CA038F51F7761BD6E3A3B0B8014263 ] KR10I           C:\Windows\system32\drivers\kr10i.sys
17:24:11.0722 4108  KR10I - ok
17:24:11.0754 4108  [ 6A4ADB9186DD0E114E623DAF57E42B31 ] KR10N           C:\Windows\system32\drivers\kr10n.sys
17:24:11.0878 4108  KR10N - ok
17:24:11.0972 4108  [ 485E005CD51FF502FB16483EB4B69C17 ] KR3NPXP         C:\Windows\system32\drivers\kr3npxp.sys
17:24:12.0128 4108  KR3NPXP - ok
17:24:12.0237 4108  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:24:12.0253 4108  KSecDD - ok
17:24:12.0315 4108  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:24:12.0315 4108  KtmRm - ok
17:24:12.0346 4108  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:24:12.0378 4108  LanmanServer - ok
17:24:12.0440 4108  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:24:12.0440 4108  LanmanWorkstation - ok
17:24:12.0471 4108  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:24:12.0549 4108  lltdio - ok
17:24:12.0596 4108  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:24:12.0627 4108  lltdsvc - ok
17:24:12.0658 4108  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:24:12.0658 4108  lmhosts - ok
17:24:12.0736 4108  [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
17:24:12.0768 4108  LSI_FC - ok
17:24:12.0799 4108  [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
17:24:12.0799 4108  LSI_SAS - ok
17:24:12.0814 4108  [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
17:24:12.0814 4108  LSI_SCSI - ok
17:24:12.0908 4108  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
17:24:12.0908 4108  luafv - ok
17:24:12.0939 4108  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:24:12.0970 4108  Mcx2Svc - ok
17:24:13.0048 4108  [ D153B14FC6598EAE8422A2037553ADCE ] megasas         C:\Windows\system32\drivers\megasas.sys
17:24:13.0048 4108  megasas - ok
17:24:13.0064 4108  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
17:24:13.0064 4108  MMCSS - ok
17:24:13.0158 4108  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
17:24:13.0158 4108  Modem - ok
17:24:13.0236 4108  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:24:13.0236 4108  monitor - ok
17:24:13.0251 4108  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:24:13.0282 4108  mouclass - ok
17:24:13.0345 4108  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:24:13.0407 4108  mouhid - ok
17:24:13.0470 4108  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
17:24:13.0548 4108  MountMgr - ok
17:24:13.0594 4108  [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
17:24:13.0594 4108  MpFilter - ok
17:24:13.0641 4108  [ 583A41F26278D9E0EA548163D6139397 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:24:13.0641 4108  mpio - ok
17:24:13.0672 4108  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:24:13.0688 4108  mpsdrv - ok
17:24:13.0875 4108  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:24:13.0984 4108  MpsSvc - ok
17:24:14.0031 4108  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
17:24:14.0031 4108  Mraid35x - ok
17:24:14.0078 4108  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:24:14.0109 4108  MRxDAV - ok
17:24:14.0156 4108  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:24:14.0218 4108  mrxsmb - ok
17:24:14.0312 4108  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:24:14.0390 4108  mrxsmb10 - ok
17:24:14.0406 4108  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:24:14.0484 4108  mrxsmb20 - ok
17:24:14.0562 4108  [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:24:14.0562 4108  msahci - ok
17:24:14.0593 4108  [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:24:14.0593 4108  msdsm - ok
17:24:14.0640 4108  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
17:24:14.0640 4108  MSDTC - ok
17:24:14.0686 4108  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:24:14.0764 4108  Msfs - ok
17:24:14.0796 4108  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:24:14.0796 4108  msisadrv - ok
17:24:14.0827 4108  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:24:14.0889 4108  MSiSCSI - ok
17:24:14.0905 4108  msiserver - ok
17:24:14.0983 4108  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:24:15.0045 4108  MSKSSRV - ok
17:24:15.0217 4108  [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
17:24:15.0232 4108  MsMpSvc - ok
17:24:15.0295 4108  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:24:15.0310 4108  MSPCLOCK - ok
17:24:15.0342 4108  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:24:15.0357 4108  MSPQM - ok
17:24:15.0451 4108  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:24:15.0560 4108  MsRPC - ok
17:24:15.0591 4108  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
17:24:15.0607 4108  mssmbios - ok
17:24:15.0716 4108  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:24:15.0747 4108  MSTEE - ok
17:24:15.0841 4108  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
17:24:15.0872 4108  Mup - ok
17:24:16.0090 4108  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
17:24:16.0106 4108  napagent - ok
17:24:16.0153 4108  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:24:16.0184 4108  NativeWifiP - ok
17:24:16.0246 4108  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:24:16.0246 4108  NDIS - ok
17:24:16.0262 4108  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:24:16.0293 4108  NdisTapi - ok
17:24:16.0371 4108  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:24:16.0418 4108  Ndisuio - ok
17:24:16.0512 4108  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:24:16.0574 4108  NdisWan - ok
17:24:16.0605 4108  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:24:16.0652 4108  NDProxy - ok
17:24:16.0668 4108  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:24:16.0730 4108  NetBIOS - ok
17:24:16.0777 4108  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
17:24:16.0870 4108  netbt - ok
17:24:16.0902 4108  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
17:24:16.0902 4108  Netlogon - ok
17:24:17.0120 4108  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
17:24:17.0167 4108  Netman - ok
17:24:17.0198 4108  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:24:17.0198 4108  NetMsmqActivator - ok
17:24:17.0198 4108  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:24:17.0214 4108  NetPipeActivator - ok
17:24:17.0307 4108  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
17:24:17.0416 4108  netprofm - ok
17:24:17.0432 4108  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:24:17.0448 4108  NetTcpActivator - ok
17:24:17.0448 4108  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:24:17.0448 4108  NetTcpPortSharing - ok
17:24:17.0494 4108  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
17:24:17.0526 4108  nfrd960 - ok
17:24:17.0572 4108  [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
17:24:17.0588 4108  NisDrv - ok
17:24:17.0760 4108  [ 3B846434055F80D9E89D0742F3ADAD34 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
17:24:17.0822 4108  NisSrv - ok
17:24:17.0869 4108  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:24:17.0900 4108  NlaSvc - ok
17:24:17.0947 4108  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:24:17.0978 4108  Npfs - ok
17:24:18.0087 4108  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
17:24:18.0118 4108  nsi - ok
17:24:18.0165 4108  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:24:18.0196 4108  nsiproxy - ok
17:24:18.0883 4108  [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:24:18.0945 4108  Ntfs - ok
17:24:18.0976 4108  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
17:24:19.0039 4108  ntrigdigi - ok
17:24:19.0101 4108  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
17:24:19.0117 4108  Null - ok
17:24:19.0164 4108  [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:24:19.0179 4108  nvraid - ok
17:24:19.0210 4108  [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:24:19.0210 4108  nvstor - ok
17:24:19.0242 4108  [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:24:19.0242 4108  nv_agp - ok
17:24:19.0273 4108  [ C83766C4A147159254FF16F1A6C9DC6E ] NWADI           C:\Windows\system32\DRIVERS\NWADIenum.sys
17:24:19.0273 4108  NWADI - ok
17:24:19.0288 4108  NwlnkFlt - ok
17:24:19.0304 4108  NwlnkFwd - ok
17:24:19.0366 4108  [ 224131778C92AEE8C13AFAC5FBFF19CA ] NWUSBCDFIL      C:\Windows\system32\DRIVERS\NwUsbCdFil.sys
17:24:19.0429 4108  NWUSBCDFIL - ok
17:24:19.0538 4108  [ C7FB1635508D0009489A0F7E7743468A ] NWUSBModem_000  C:\Windows\system32\DRIVERS\nwusbmdm_000.sys
17:24:19.0725 4108  NWUSBModem_000 - ok
17:24:19.0772 4108  [ C7FB1635508D0009489A0F7E7743468A ] NWUSBPort2_000  C:\Windows\system32\DRIVERS\nwusbser2_000.sys
17:24:19.0819 4108  NWUSBPort2_000 - ok
17:24:19.0866 4108  [ C7FB1635508D0009489A0F7E7743468A ] NWUSBPort_000   C:\Windows\system32\DRIVERS\nwusbser_000.sys
17:24:19.0928 4108  NWUSBPort_000 - ok
17:24:20.0178 4108  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:24:20.0318 4108  odserv - ok
17:24:20.0521 4108  [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
17:24:20.0521 4108  ohci1394 - ok
17:24:20.0817 4108  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:24:20.0880 4108  ose - ok
17:24:20.0926 4108  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
17:24:20.0958 4108  p2pimsvc - ok
17:24:20.0973 4108  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:24:20.0989 4108  p2psvc - ok
17:24:21.0098 4108  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
17:24:21.0254 4108  Parport - ok
17:24:21.0316 4108  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:24:21.0348 4108  partmgr - ok
17:24:21.0379 4108  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
17:24:21.0394 4108  Parvdm - ok
17:24:21.0457 4108  [ 3ADB8BD6154A3EF87496E8FCE9C22493 ] pavboot         C:\Windows\system32\drivers\pavboot.sys
17:24:21.0457 4108  pavboot - ok
17:24:21.0504 4108  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:24:21.0504 4108  PcaSvc - ok
17:24:21.0535 4108  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
17:24:21.0550 4108  pci - ok
17:24:21.0550 4108  [ 1636D43F10416AEB483BC6001097B26C ] pciide          C:\Windows\system32\drivers\pciide.sys
17:24:21.0550 4108  pciide - ok
17:24:21.0597 4108  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
17:24:21.0597 4108  pcmcia - ok
17:24:21.0660 4108  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:24:21.0706 4108  PEAUTH - ok
17:24:21.0800 4108  [ 6DBF2AC2BDAFF355995AB25ECCC4CFE1 ] pinger          C:\Toshiba\IVP\ISM\pinger.exe
17:24:21.0800 4108  pinger - ok
17:24:21.0925 4108  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
17:24:21.0972 4108  pla - ok
17:24:22.0003 4108  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:24:24.0046 4108  PlugPlay - ok
17:24:24.0249 4108  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
17:24:24.0249 4108  PNRPAutoReg - ok
17:24:24.0265 4108  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
17:24:24.0280 4108  PNRPsvc - ok
17:24:24.0514 4108  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:24:24.0670 4108  PolicyAgent - ok
17:24:24.0733 4108  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:24:24.0811 4108  PptpMiniport - ok
17:24:24.0889 4108  [ 0E3CEF5D28B40CF273281D620C50700A ] Processor       C:\Windows\system32\drivers\processr.sys
17:24:24.0936 4108  Processor - ok
17:24:24.0998 4108  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:24:25.0029 4108  ProfSvc - ok
17:24:25.0045 4108  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
17:24:25.0060 4108  ProtectedStorage - ok
17:24:25.0170 4108  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
17:24:25.0170 4108  PSched - ok
17:24:25.0232 4108  [ 785E1032C8F3C8C60AA8E2B7FE377869 ] PTDMBus         C:\Windows\system32\DRIVERS\PTDMBus.sys
17:24:25.0279 4108  PTDMBus - ok
17:24:25.0294 4108  [ 924C2B2DCA76D2BD7D44B3BB968B344F ] PTDMMdm         C:\Windows\system32\DRIVERS\PTDMMdm.sys
17:24:25.0341 4108  PTDMMdm - ok
17:24:25.0419 4108  [ 58AD3CCDD567FA45FD94AF15229ACE7C ] PTDMVsp         C:\Windows\system32\DRIVERS\PTDMVsp.sys
17:24:25.0544 4108  PTDMVsp - ok
17:24:25.0575 4108  [ 49F773DECBCD6A555C7A8694D37D232E ] PTDMWWAN        C:\Windows\system32\DRIVERS\PTDMWWAN.sys
17:24:25.0638 4108  PTDMWWAN - ok
17:24:25.0747 4108  [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
17:24:25.0794 4108  PxHelp20 - ok
17:24:25.0872 4108  [ 56A6210ACA051227EAFEEFA628BB5A9B ] QBCFMonitorService C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
17:24:25.0903 4108  QBCFMonitorService - ok
17:24:26.0012 4108  [ 6BEE1814470DC12FA20C53DFC3C97EBB ] QBFCService     C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
17:24:26.0012 4108  QBFCService - ok
17:24:26.0246 4108  [ D4FF4102640685C69BDC63F1674CE724 ] QBVSS           C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
17:24:26.0277 4108  QBVSS - ok
17:24:26.0355 4108  [ CCDAC889326317792480C0A67156A1EC ] ql2300          C:\Windows\system32\drivers\ql2300.sys
17:24:26.0402 4108  ql2300 - ok
17:24:26.0464 4108  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
17:24:26.0496 4108  ql40xx - ok
17:24:26.0558 4108  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
17:24:26.0589 4108  QWAVE - ok
17:24:26.0652 4108  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:24:26.0698 4108  QWAVEdrv - ok
17:24:26.0745 4108  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:24:26.0761 4108  RasAcd - ok
17:24:26.0792 4108  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
17:24:26.0792 4108  RasAuto - ok
17:24:26.0839 4108  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:24:26.0886 4108  Rasl2tp - ok
17:24:26.0932 4108  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
17:24:26.0932 4108  RasMan - ok
17:24:26.0964 4108  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:24:27.0026 4108  RasPppoe - ok
17:24:27.0104 4108  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:24:27.0198 4108  RasSstp - ok
17:24:27.0244 4108  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:24:27.0338 4108  rdbss - ok
17:24:27.0385 4108  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:24:27.0432 4108  RDPCDD - ok
17:24:27.0525 4108  [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
17:24:27.0603 4108  rdpdr - ok
17:24:27.0634 4108  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:24:27.0650 4108  RDPENCDD - ok
17:24:27.0728 4108  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:24:27.0837 4108  RDPWD - ok
17:24:27.0884 4108  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:24:27.0884 4108  RemoteAccess - ok
17:24:27.0915 4108  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:24:27.0915 4108  RemoteRegistry - ok
17:24:27.0946 4108  [ 355AAC141B214BEF1DBC1483AFD9BD50 ] rimmptsk        C:\Windows\system32\DRIVERS\rimmptsk.sys
17:24:27.0978 4108  rimmptsk - ok
17:24:28.0024 4108  [ A4216C71DD4F60B26418CCFD99CD0815 ] rimsptsk        C:\Windows\system32\DRIVERS\rimsptsk.sys
17:24:28.0071 4108  rimsptsk - ok
17:24:28.0118 4108  [ D231B577024AA324AF13A42F3A807D10 ] rismxdp         C:\Windows\system32\DRIVERS\rixdptsk.sys
17:24:28.0212 4108  rismxdp - ok
17:24:28.0305 4108  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
17:24:28.0352 4108  RpcLocator - ok
17:24:28.0695 4108  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
17:24:28.0711 4108  RpcSs - ok
17:24:28.0992 4108  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:24:29.0070 4108  rspndr - ok
17:24:29.0116 4108  [ B8B159FA669C6386A458FCD468EBB1E6 ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
17:24:29.0163 4108  RTL8169 - ok
17:24:29.0194 4108  [ 67E7822975985016FDCE01635FBDBBF9 ] RTL8187B        C:\Windows\system32\DRIVERS\RTL8187B.sys
17:24:29.0226 4108  RTL8187B - ok
17:24:29.0257 4108  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
17:24:29.0257 4108  SamSs - ok
17:24:29.0319 4108  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:24:29.0350 4108  sbp2port - ok
17:24:29.0397 4108  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:24:29.0397 4108  SCardSvr - ok
17:24:29.0444 4108  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
17:24:29.0460 4108  Schedule - ok
17:24:29.0475 4108  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:24:29.0475 4108  SCPolicySvc - ok
17:24:29.0491 4108  [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
17:24:29.0522 4108  sdbus - ok
17:24:29.0553 4108  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:24:29.0553 4108  SDRSVC - ok
17:24:29.0647 4108  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:24:29.0725 4108  secdrv - ok
17:24:29.0803 4108  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
17:24:29.0943 4108  seclogon - ok
17:24:29.0974 4108  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
17:24:29.0974 4108  SENS - ok
17:24:30.0006 4108  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
17:24:30.0052 4108  Serenum - ok
17:24:30.0084 4108  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
17:24:30.0099 4108  Serial - ok
17:24:30.0115 4108  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
17:24:30.0177 4108  sermouse - ok
17:24:30.0271 4108  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:24:30.0271 4108  SessionEnv - ok
17:24:30.0318 4108  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
17:24:30.0364 4108  sffdisk - ok
17:24:30.0411 4108  [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:24:30.0427 4108  sffp_mmc - ok
17:24:30.0458 4108  [ 9F66A46C55D6F1CCABC79BB7AFCCC545 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
17:24:30.0505 4108  sffp_sd - ok
17:24:30.0520 4108  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
17:24:30.0567 4108  sfloppy - ok
17:24:30.0614 4108  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:24:30.0630 4108  SharedAccess - ok
17:24:30.0754 4108  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:24:30.0832 4108  ShellHWDetection - ok
17:24:30.0848 4108  [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
17:24:30.0864 4108  sisagp - ok
17:24:30.0895 4108  [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
17:24:30.0895 4108  SiSRaid2 - ok
17:24:30.0910 4108  [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
17:24:30.0910 4108  SiSRaid4 - ok
17:24:31.0347 4108  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
17:24:31.0753 4108  slsvc - ok
17:24:31.0800 4108  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
17:24:31.0800 4108  SLUINotify - ok
17:24:31.0831 4108  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:24:31.0909 4108  Smb - ok
17:24:32.0018 4108  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:24:32.0065 4108  SNMPTRAP - ok
17:24:32.0112 4108  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
17:24:32.0143 4108  spldr - ok
17:24:32.0190 4108  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
17:24:32.0190 4108  Spooler - ok
17:24:32.0299 4108  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:24:32.0377 4108  srv - ok
17:24:32.0439 4108  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:24:32.0517 4108  srv2 - ok
17:24:32.0564 4108  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:24:32.0611 4108  srvnet - ok
17:24:32.0673 4108  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:24:32.0704 4108  SSDPSRV - ok
17:24:32.0736 4108  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:24:32.0751 4108  SstpSvc - ok
17:24:32.0782 4108  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
17:24:32.0798 4108  stisvc - ok
17:24:32.0814 4108  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
17:24:32.0814 4108  swenum - ok
17:24:32.0845 4108  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
17:24:32.0845 4108  swprv - ok
17:24:32.0923 4108  [ 327786C5D6BCF284FAB14C2B5751F514 ] Swupdtmr        c:\Toshiba\IVP\swupdate\swupdtmr.exe
17:24:32.0954 4108  Swupdtmr - ok
17:24:32.0985 4108  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
17:24:32.0985 4108  Symc8xx - ok
17:24:33.0016 4108  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
17:24:33.0016 4108  Sym_hi - ok
17:24:33.0032 4108  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
17:24:33.0032 4108  Sym_u3 - ok
17:24:33.0079 4108  [ 11F730BF0D0AA4FE7DE7138A32A52422 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
17:24:33.0079 4108  SynTP - ok
17:24:33.0375 4108  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
17:24:33.0391 4108  SysMain - ok
17:24:33.0422 4108  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:24:33.0453 4108  TabletInputService - ok
17:24:33.0500 4108  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:24:33.0531 4108  TapiSrv - ok
17:24:33.0562 4108  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
17:24:33.0594 4108  TBS - ok
17:24:34.0015 4108  [ 3535CD93F944C00F098E73E12EE7FEB6 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:24:34.0093 4108  Tcpip - ok
17:24:34.0108 4108  [ 3535CD93F944C00F098E73E12EE7FEB6 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
17:24:34.0124 4108  Tcpip6 - ok
17:24:34.0218 4108  [ CD21572F83F7EC6E2C20C465967BEDD9 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:24:34.0280 4108  tcpipreg - ok
17:24:34.0342 4108  [ 1825BCEB47BF41C5A9F0E44DE82FC27A ] tdcmdpst        C:\Windows\system32\DRIVERS\tdcmdpst.sys
17:24:34.0358 4108  tdcmdpst - ok
17:24:34.0420 4108  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:24:34.0467 4108  TDPIPE - ok
17:24:34.0514 4108  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:24:34.0561 4108  TDTCP - ok
17:24:34.0654 4108  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:24:34.0779 4108  tdx - ok
17:24:34.0826 4108  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
17:24:34.0873 4108  TermDD - ok
17:24:35.0091 4108  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
17:24:35.0154 4108  TermService - ok
17:24:35.0169 4108  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
17:24:35.0185 4108  Themes - ok
17:24:35.0216 4108  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
17:24:35.0232 4108  THREADORDER - ok
17:24:35.0403 4108  [ 804FED244FC47642CC635236D47A67D4 ] TNaviSrv        C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
17:24:35.0403 4108  TNaviSrv - ok
17:24:35.0419 4108  [ D540858E65BFA6FDED41AD2495ECE344 ] TODDSrv         C:\Windows\system32\TODDSrv.exe
17:24:35.0450 4108  TODDSrv - ok
17:24:35.0512 4108  [ 6A54C28B53C6B50D333C8EE974C6B208 ] TosCoSrv        C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
17:24:35.0512 4108  TosCoSrv - ok
17:24:35.0590 4108  [ 87843B2DA99051BC66E2D6C211E3D6A4 ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
17:24:35.0590 4108  TOSHIBA Bluetooth Service - ok
17:24:35.0606 4108  Tosrfcom - ok
17:24:35.0653 4108  [ 5C4103544612E5011EF46301B93D1AA6 ] tosrfec         C:\Windows\system32\DRIVERS\tosrfec.sys
17:24:35.0715 4108  tosrfec - ok
17:24:35.0778 4108  [ 1EA5F27C29405BF49799FECA77186DA9 ] tos_sps32       C:\Windows\system32\DRIVERS\tos_sps32.sys
17:24:35.0840 4108  tos_sps32 - ok
17:24:35.0871 4108  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
17:24:35.0871 4108  TrkWks - ok
17:24:35.0918 4108  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:24:35.0934 4108  TrustedInstaller - ok
17:24:35.0996 4108  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:24:36.0027 4108  tssecsrv - ok
17:24:36.0090 4108  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
17:24:36.0105 4108  tunmp - ok
17:24:36.0121 4108  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:24:36.0121 4108  tunnel - ok
17:24:36.0152 4108  [ 521C5F398298

etavares

  • Substitute Leader Malware Analysis & Removal Team
  • Administrator
  • *
  • Offline Offline
  • Posts: 213
  • .: 1st Responder
Re: slow computer
« Reply #5 on: February 19, 2013, 12:38:33 PM »
    Hello,
jena4yt.

I'm not sure why there is a 0MB partition...that is odd, but not necessarily indicative of a virus.  Did TDSS Killer complete?  Did it find anything?  The log was cut off in your post.

Step 1

Install ERUNT
This tool will create a complete backup of your registry. After every reboot, a new backup is created to ensure we have a safety net after each step. Do not delete these backups until we are finished.
  • Please download erunt-setup.exe to your desktop.
       
  • Double click erunt-setup.exe. Follow the prompts and allow ERUNT to be installed with the settings at default. If you do not want a Desktop icon, feel free to uncheck that. When asked if you want to create an ERUNT entry in the startup folder, answer Yes. You can delete the installation file after use.
       
  • Erunt will open when the installation is finished. Check all items to be backed up in the default location and click OK.
The automatic part won't work with Vista or W7. Please backup manually using ERUNT with the following instructions:
  • Please locate the ERUNT icon on the desktop.  If it is not there, click Start and type ERUNT into the search box.
  • Right click the ERUNT icon in the desktop or the Start menu, and select Run as Administrator
  • Click OK at the first message box.
  • Ensure the checkboxes for both "system registry" and "current user registry" are checked.  Leave the default save location in there.
  • Click OK.
  • Click Yes to create the new folder.
  • You'll get a window saying "registry backup complete" once it's done.  Click OK.  If you get an error message, please STOP here and let me know.  Do not proceed with any additional instructions until you check back with me.
Step 2

We need run an OTL Script
  • Please download OTL from one of the following mirrors if you do not still have it.
  • Save it to your desktop.
  • Double click on the icon on your desktop.
  • Paste the following code under the Custom Scans/Fixes box at the bottom.
[/list]
Code: [Select]
:OTL
DRV - (Tosrfcom) --  File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (IO_Memory) -- C:\WINDOWS\SYSTEM32\SYSPREP\Drivers\ioport.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
IE - HKCU\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - No CLSID value found
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4153492D-5341-5400-76A7-7A786E7484D7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O4 - HKLM..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 File not found
O4 - HKLM..\Run: [ROC_ROC_JULY_P1] "C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1 File not found
O4 - HKLM..\Run: [SMessaging] C:\Users\tashay\AppData\Local\Strongvault Online Backup\SMessaging.exe File not found
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler File not found
O4 - HKCU..\Run: [TOSCDSPD] TOSCDSPD.EXE File not found
O9 - Extra Button: Go to PlaySushi web site - {EBD24BD3-E272-4FA3-A8BA-C5D709757CAB} - Reg Error: Key error. File not found
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file:///C:/Windows/Java/classes/xmldso.cab (Reg Error: Key error.)
MsConfig - StartUpFolder: C:^Users^tashay^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk -  - File not found
MsConfig - StartUpReg: DW6 - hkey= - key= -  File not found
MsConfig - StartUpReg: Messenger - hkey= - key= -  File not found
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2644241
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2644241
CHR - homepage: http://search.conduit.com/?ctid=CT3240727&SearchSource=48&sspv=,\r\n
CHR - homepage: http://search.conduit.com/?ctid=CT3240727&SearchSource=48&sspv=,\r\n
  • Click the Run Fix button at the top.
  • let the program run unhindered and reboot[/color] when it is done.
  • You will get a log when it is done, please post that in your reply.[/b]
  • Please then create a new OTL report....
  • Click the "Scan All Users" checkbox.
  • Push the button.
  • A report will open, copy and paste it in a reply here.
Step 3

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
  • Click the button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.
    • Check
    • Click the button.
    • Accept any security warnings from your browser.
    • Check
    • Push the Start button.
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    • When the scan completes, push
    • Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    • Push the button.
    • Push
    etavares

    jena4ytTopic starter

    • Full Member
    • **
    • Offline Offline
    • Posts: 12
    Re: slow computer
    « Reply #4 on: February 19, 2013, 12:39:10 AM »
    partition info .  Hope this helps!  Thanks again!

    jena4ytTopic starter

    • Full Member
    • **
    • Offline Offline
    • Posts: 12
    Re: slow computer
    « Reply #3 on: February 19, 2013, 12:31:38 AM »
    Thanks for your help.  I ran the scans requested. I have no idea what the partitions on the computer are. (will come back to this, in a time-crunch right now.)

    here are the logs



    ----------------------------
    17:23:03.0816 5028  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
    17:23:05.0656 5028  ============================================================
    17:23:05.0656 5028  Current date / time: 2013/02/18 17:23:05.0656
    17:23:05.0656 5028  SystemInfo:
    17:23:05.0656 5028 
    17:23:05.0672 5028  OS Version: 6.0.6002 ServicePack: 2.0
    17:23:05.0672 5028  Product type: Workstation
    17:23:05.0672 5028  ComputerName: TASHAY-PC
    17:23:05.0672 5028  UserName: tashay
    17:23:05.0672 5028  Windows directory: C:\Windows
    17:23:05.0672 5028  System windows directory: C:\Windows
    17:23:05.0672 5028  Processor architecture: Intel x86
    17:23:05.0672 5028  Number of processors: 2
    17:23:05.0672 5028  Page size: 0x1000
    17:23:05.0672 5028  Boot type: Normal boot
    17:23:05.0672 5028  ============================================================
    17:23:09.0931 5028  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
    17:23:09.0946 5028  Drive \Device\Harddisk1\DR1 - Size: 0x200 (0.00 Gb), SectorSize: 0x200, Cylinders: 0x1, SectorsPerTrack: 0x1, TracksPerCylinder: 0x1, Type 'W'
    17:23:09.0978 5028  ============================================================
    17:23:09.0978 5028  \Device\Harddisk0\DR0:
    17:23:09.0978 5028  MBR partitions:
    17:23:09.0978 5028  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x12729800
    17:23:09.0978 5028  \Device\Harddisk1\DR1:
    17:23:09.0978 5028  Invalid mbr signature
    17:23:09.0978 5028  ============================================================
    17:23:10.0087 5028  C: <-> \Device\Harddisk0\DR0\Partition1
    17:23:10.0087 5028  ============================================================
    17:23:10.0087 5028  Initialize success
    17:23:10.0087 5028  ============================================================
    17:23:39.0243 4108  ============================================================
    17:23:39.0243 4108  Scan started
    17:23:39.0243 4108  Mode: Manual;
    17:23:39.0243 4108  ============================================================
    17:23:58.0634 4108  ================ Scan system memory ========================
    17:23:58.0634 4108  System memory - ok
    17:23:58.0634 4108  ================ Scan services =============================
    17:23:59.0133 4108  [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon        C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    17:23:59.0133 4108  ACDaemon - ok
    17:23:59.0991 4108  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
    17:24:00.0054 4108  ACPI - ok
    17:24:00.0116 4108  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
    17:24:00.0163 4108  adp94xx - ok
    17:24:00.0194 4108  [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci         C:\Windows\system32\drivers\adpahci.sys
    17:24:00.0210 4108  adpahci - ok
    17:24:00.0241 4108  [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
    17:24:00.0241 4108  adpu160m - ok
    17:24:00.0288 4108  [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320         C:\Windows\system32\drivers\adpu320.sys
    17:24:00.0303 4108  adpu320 - ok
    17:24:00.0334 4108  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
    17:24:00.0334 4108  AeLookupSvc - ok
    17:24:00.0553 4108  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
    17:24:00.0802 4108  AFD - ok
    17:24:00.0849 4108  [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
    17:24:00.0849 4108  AgereModemAudio - ok
    17:24:01.0348 4108  [ CE91B158FA490CF4C4D487A4130F4660 ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
    17:24:01.0504 4108  AgereSoftModem - ok
    17:24:01.0551 4108  [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440          C:\Windows\system32\drivers\agp440.sys
    17:24:01.0551 4108  agp440 - ok
    17:24:01.0614 4108  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
    17:24:01.0629 4108  aic78xx - ok
    17:24:01.0707 4108  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
    17:24:01.0707 4108  ALG - ok
    17:24:01.0816 4108  [ 90395B64600EBB4552E26E178C94B2E4 ] aliide          C:\Windows\system32\drivers\aliide.sys
    17:24:01.0816 4108  aliide - ok
    17:24:01.0832 4108  [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
    17:24:01.0848 4108  amdagp - ok
    17:24:01.0879 4108  [ 0577DF1D323FE75A739C787893D300EA ] amdide          C:\Windows\system32\drivers\amdide.sys
    17:24:01.0879 4108  amdide - ok
    17:24:01.0926 4108  [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
    17:24:01.0988 4108  AmdK7 - ok
    17:24:02.0035 4108  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
    17:24:02.0035 4108  AmdK8 - ok
    17:24:02.0113 4108  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
    17:24:02.0113 4108  Appinfo - ok
    17:24:02.0175 4108  [ 4B5AE15E5C73EB4DC8DBEC2788230D41 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    17:24:02.0206 4108  Apple Mobile Device - ok
    17:24:02.0253 4108  [ 5F673180268BB1FDB69C99B6619FE379 ] arc             C:\Windows\system32\drivers\arc.sys
    17:24:02.0253 4108  arc - ok
    17:24:02.0284 4108  [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
    17:24:02.0284 4108  arcsas - ok
    17:24:02.0596 4108  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
    17:24:02.0612 4108  aspnet_state - ok
    17:24:02.0659 4108  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
    17:24:02.0659 4108  AsyncMac - ok
    17:24:02.0690 4108  [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi           C:\Windows\system32\drivers\atapi.sys
    17:24:02.0690 4108  atapi - ok
    17:24:02.0768 4108  [ 581B9BE9E92A0F3856CC85EC011EDC6F ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
    17:24:02.0799 4108  Ati External Event Utility - ok
    17:24:03.0361 4108  [ 22D300F835600C9C634860CF2912F9CF ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
    17:24:03.0470 4108  atikmdag - ok
    17:24:03.0486 4108  [ 4AA1EB65481C392955939E735D27118B ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
    17:24:03.0517 4108  AtiPcie - ok
    17:24:03.0595 4108  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
    17:24:03.0595 4108  AudioEndpointBuilder - ok
    17:24:03.0610 4108  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
    17:24:03.0610 4108  Audiosrv - ok
    17:24:03.0657 4108  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
    17:24:03.0673 4108  Beep - ok
    17:24:03.0735 4108  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
    17:24:03.0735 4108  BFE - ok
    17:24:03.0844 4108  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
    17:24:03.0860 4108  BITS - ok
    17:24:03.0860 4108  blbdrive - ok
    17:24:03.0922 4108  [ 3F56903E124E820AEECE6D471583C6C1 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
    17:24:03.0922 4108  Bonjour Service - ok
    17:24:03.0969 4108  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
    17:24:04.0016 4108  bowser - ok
    17:24:04.0078 4108  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
    17:24:04.0141 4108  BrFiltLo - ok
    17:24:04.0156 4108  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
    17:24:04.0219 4108  BrFiltUp - ok
    17:24:04.0312 4108  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
    17:24:04.0344 4108  Browser - ok
    17:24:04.0484 4108  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
    17:24:04.0531 4108  Brserid - ok
    17:24:04.0562 4108  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
    17:24:04.0656 4108  BrSerWdm - ok
    17:24:04.0671 4108  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
    17:24:04.0734 4108  BrUsbMdm - ok
    17:24:04.0765 4108  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
    17:24:04.0812 4108  BrUsbSer - ok
    17:24:04.0843 4108  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
    17:24:04.0890 4108  BTHMODEM - ok
    17:24:04.0983 4108  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
    17:24:04.0983 4108  cdfs - ok
    17:24:05.0030 4108  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
    17:24:05.0170 4108  cdrom - ok
    17:24:05.0217 4108  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
    17:24:05.0217 4108  CertPropSvc - ok
    17:24:05.0248 4108  [ C82162949BBA6CC5D006C7BD008F3CF1 ] CFSvcs          C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    17:24:05.0248 4108  CFSvcs - ok
    17:24:05.0295 4108  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
    17:24:05.0326 4108  circlass - ok
    17:24:05.0389 4108  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
    17:24:05.0389 4108  CLFS - ok
    17:24:05.0436 4108  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    17:24:05.0436 4108  clr_optimization_v2.0.50727_32 - ok
    17:24:05.0482 4108  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    17:24:05.0529 4108  clr_optimization_v4.0.30319_32 - ok
    17:24:05.0592 4108  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
    17:24:05.0623 4108  CmBatt - ok
    17:24:05.0670 4108  [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
    17:24:05.0670 4108  cmdide - ok
    17:24:05.0732 4108  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
    17:24:05.0732 4108  Compbatt - ok
    17:24:05.0748 4108  COMSysApp - ok
    17:24:05.0763 4108  [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
    17:24:05.0763 4108  crcdisk - ok
    17:24:05.0779 4108  [ 22A7F883508176489F559EE745B5BF5D ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
    17:24:05.0810 4108  Crusoe - ok
    17:24:05.0904 4108  [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
    17:24:05.0904 4108  CryptSvc - ok
    17:24:05.0966 4108  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
    17:24:05.0982 4108  DcomLaunch - ok
    17:24:06.0013 4108  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
    17:24:06.0138 4108  DfsC - ok
    17:24:06.0231 4108  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
    17:24:06.0309 4108  DFSR - ok
    17:24:06.0356 4108  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
    17:24:06.0372 4108  Dhcp - ok
    17:24:06.0387 4108  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
    17:24:06.0387 4108  disk - ok
    17:24:06.0434 4108  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
    17:24:06.0465 4108  Dnscache - ok
    17:24:06.0496 4108  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
    17:24:06.0512 4108  dot3svc - ok
    17:24:06.0543 4108  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
    17:24:06.0543 4108  DPS - ok
    17:24:06.0574 4108  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
    17:24:06.0590 4108  drmkaud - ok
    17:24:06.0637 4108  [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
    17:24:06.0652 4108  DXGKrnl - ok
    17:24:06.0684 4108  [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
    17:24:06.0746 4108  E1G60 - ok
    17:24:06.0777 4108  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
    17:24:06.0777 4108  EapHost - ok
    17:24:06.0824 4108  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
    17:24:06.0840 4108  Ecache - ok
    17:24:06.0886 4108  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
    17:24:06.0902 4108  ehRecvr - ok
    17:24:06.0980 4108  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
    17:24:06.0980 4108  ehSched - ok
    17:24:07.0027 4108  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
    17:24:07.0027 4108  ehstart - ok
    17:24:07.0074 4108  [ E8F3F21A71720C84BCF423B80028359F ] elxstor         C:\Windows\system32\drivers\elxstor.sys
    17:24:07.0074 4108  elxstor - ok
    17:24:07.0120 4108  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
    17:24:07.0136 4108  EMDMgmt - ok
    17:24:07.0198 4108  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
    17:24:07.0214 4108  EventSystem - ok
    17:24:07.0276 4108  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
    17:24:07.0323 4108  exfat - ok
    17:24:07.0386 4108  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
    17:24:07.0417 4108  fastfat - ok
    17:24:07.0448 4108  [ 63BDADA84951B9C03E641800E176898A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
    17:24:07.0479 4108  fdc - ok
    17:24:07.0526 4108  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
    17:24:07.0526 4108  fdPHost - ok
    17:24:07.0557 4108  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
    17:24:07.0557 4108  FDResPub - ok
    17:24:07.0588 4108  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
    17:24:07.0588 4108  FileInfo - ok
    17:24:07.0635 4108  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
    17:24:07.0666 4108  Filetrace - ok
    17:24:07.0698 4108  [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
    17:24:07.0729 4108  flpydisk - ok
    17:24:07.0869 4108  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
    17:24:07.0885 4108  FltMgr - ok
    17:24:07.0947 4108  [ 452FEAAB2A8DBB42ED751754CB2594F5 ] FontCache       C:\Windows\system32\FntCache.dll
    17:24:07.0963 4108  FontCache - ok
    17:24:08.0025 4108  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    17:24:08.0041 4108  FontCache3.0.0.0 - ok
    17:24:08.0088 4108  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
    17:24:08.0103 4108  Fs_Rec - ok
    17:24:08.0150 4108  [ CBC22823628544735625B280665E434E ] FwLnk           C:\Windows\system32\DRIVERS\FwLnk.sys
    17:24:08.0181 4108  FwLnk - ok
    17:24:08.0228 4108  [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
    17:24:08.0244 4108  gagp30kx - ok
    17:24:08.0275 4108  [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM     C:\Windows\system32\Drivers\GEARAspiWDM.sys
    17:24:08.0275 4108  GEARAspiWDM - ok
    17:24:08.0322 4108  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
    17:24:08.0384 4108  gpsvc - ok
    17:24:08.0446 4108  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
    17:24:08.0446 4108  gupdate - ok
    17:24:08.0478 4108  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
    17:24:08.0478 4108  gupdatem - ok
    17:24:08.0524 4108  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    17:24:08.0540 4108  gusvc - ok
    17:24:08.0587 4108  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
    17:24:08.0634 4108  HdAudAddService - ok
    17:24:08.0727 4108  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
    17:24:08.0727 4108  HDAudBus - ok
    17:24:08.0758 4108  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
    17:24:08.0805 4108  HidBth - ok
    17:24:08.0852 4108  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
    17:24:08.0899 4108  HidIr - ok
    17:24:08.0930 4108  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
    17:24:08.0961 4108  hidserv - ok
    17:24:09.0008 4108  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
    17:24:09.0024 4108  HidUsb - ok
    17:24:09.0086 4108  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
    17:24:09.0102 4108  hkmsvc - ok
    17:24:09.0133 4108  [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
    17:24:09.0133 4108  HpCISSs - ok
    17:24:09.0164 4108  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
    17:24:09.0304 4108  HTTP - ok
    17:24:09.0351 4108  [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
    17:24:09.0367 4108  i2omp - ok
    17:24:09.0429 4108  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
    17:24:09.0476 4108  i8042prt - ok
    17:24:09.0523 4108  [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
    17:24:09.0538 4108  iaStorV - ok
    17:24:09.0694 4108  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    17:24:09.0694 4108  IDriverT - ok
    17:24:09.0882 4108  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    17:24:09.0913 4108  idsvc - ok
    17:24:09.0975 4108  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
    17:24:09.0975 4108  iirsp - ok
    17:24:10.0038 4108  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
    17:24:10.0053 4108  IKEEXT - ok
    17:24:10.0194 4108  [ 97CAC2A7E92FFCB30C15101AB002ED30 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
    17:24:10.0272 4108  IntcAzAudAddService - ok
    17:24:10.0303 4108  [ 97469037714070E45194ED318D636401 ] intelide        C:\Windows\system32\drivers\intelide.sys
    17:24:10.0303 4108  intelide - ok
    17:24:10.0350 4108  [ CE44CC04262F28216DD4341E9E36A16F ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
    17:24:10.0381 4108  intelppm - ok
    17:24:10.0428 4108  IO_Memory - ok
    17:24:10.0459 4108  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
    17:24:10.0459 4108  IPBusEnum - ok
    17:24:10.0506 4108  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
    17:24:10.0568 4108  IpFilterDriver - ok
    17:24:10.0615 4108  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
    17:24:10.0630 4108  iphlpsvc - ok
    17:24:10.0630 4108  IpInIp - ok
    17:24:10.0677 4108  [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
    17:24:10.0724 4108  IPMIDRV - ok
    17:24:10.0818 4108  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
    17:24:10.0880 4108  IPNAT - ok
    17:24:10.0927 4108  [ 1E6F080D5EDB4C3B4C4EB787A0848DCC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
    17:24:11.0005 4108  iPod Service - ok
    17:24:11.0067 4108  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
    17:24:11.0098 4108  IRENUM - ok
    17:24:11.0130 4108  [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
    17:24:11.0161 4108  isapnp - ok
    17:24:11.0208 4108  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
    17:24:11.0223 4108  iScsiPrt - ok
    17:24:11.0239 4108  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
    17:24:11.0254 4108  iteatapi - ok
    17:24:11.0270 4108  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
    17:24:11.0270 4108  iteraid - ok
    17:24:11.0301 4108  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
    17:24:11.0301 4108  kbdclass - ok
    17:24:11.0317 4108  [ D2600CB17B7408B4A83F231DC9A11AC3 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
    17:24:11.0348 4108  kbdhid - ok
    17:24:11.0379 4108  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
    17:24:11.0379 4108  KeyIso - ok
    17:24:11.0535 4108  [ E8CA038F51F7761BD6E3A3B0B8014263 ] KR10I           C:\Windows\system32\drivers\kr10i.sys
    17:24:11.0722 4108  KR10I - ok
    17:24:11.0754 4108  [ 6A4ADB9186DD0E114E623DAF57E42B31 ] KR10N           C:\Windows\system32\drivers\kr10n.sys
    17:24:11.0878 4108  KR10N - ok
    17:24:11.0972 4108  [ 485E005CD51FF502FB16483EB4B69C17 ] KR3NPXP         C:\Windows\system32\drivers\kr3npxp.sys
    17:24:12.0128 4108  KR3NPXP - ok
    17:24:12.0237 4108  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
    17:24:12.0253 4108  KSecDD - ok
    17:24:12.0315 4108  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
    17:24:12.0315 4108  KtmRm - ok
    17:24:12.0346 4108  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
    17:24:12.0378 4108  LanmanServer - ok
    17:24:12.0440 4108  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
    17:24:12.0440 4108  LanmanWorkstation - ok
    17:24:12.0471 4108  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
    17:24:12.0549 4108  lltdio - ok
    17:24:12.0596 4108  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
    17:24:12.0627 4108  lltdsvc - ok
    17:24:12.0658 4108  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
    17:24:12.0658 4108  lmhosts - ok
    17:24:12.0736 4108  [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
    17:24:12.0768 4108  LSI_FC - ok
    17:24:12.0799 4108  [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
    17:24:12.0799 4108  LSI_SAS - ok
    17:24:12.0814 4108  [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
    17:24:12.0814 4108  LSI_SCSI - ok
    17:24:12.0908 4108  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
    17:24:12.0908 4108  luafv - ok
    17:24:12.0939 4108  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
    17:24:12.0970 4108  Mcx2Svc - ok
    17:24:13.0048 4108  [ D153B14FC6598EAE8422A2037553ADCE ] megasas         C:\Windows\system32\drivers\megasas.sys
    17:24:13.0048 4108  megasas - ok
    17:24:13.0064 4108  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
    17:24:13.0064 4108  MMCSS - ok
    17:24:13.0158 4108  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
    17:24:13.0158 4108  Modem - ok
    17:24:13.0236 4108  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
    17:24:13.0236 4108  monitor - ok
    17:24:13.0251 4108  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
    17:24:13.0282 4108  mouclass - ok
    17:24:13.0345 4108  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
    17:24:13.0407 4108  mouhid - ok
    17:24:13.0470 4108  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
    17:24:13.0548 4108  MountMgr - ok
    17:24:13.0594 4108  [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
    17:24:13.0594 4108  MpFilter - ok
    17:24:13.0641 4108  [ 583A41F26278D9E0EA548163D6139397 ] mpio            C:\Windows\system32\drivers\mpio.sys
    17:24:13.0641 4108  mpio - ok
    17:24:13.0672 4108  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
    17:24:13.0688 4108  mpsdrv - ok
    17:24:13.0875 4108  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
    17:24:13.0984 4108  MpsSvc - ok
    17:24:14.0031 4108  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
    17:24:14.0031 4108  Mraid35x - ok
    17:24:14.0078 4108  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
    17:24:14.0109 4108  MRxDAV - ok
    17:24:14.0156 4108  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
    17:24:14.0218 4108  mrxsmb - ok
    17:24:14.0312 4108  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
    17:24:14.0390 4108  mrxsmb10 - ok
    17:24:14.0406 4108  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
    17:24:14.0484 4108  mrxsmb20 - ok
    17:24:14.0562 4108  [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci          C:\Windows\system32\drivers\msahci.sys
    17:24:14.0562 4108  msahci - ok
    17:24:14.0593 4108  [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
    17:24:14.0593 4108  msdsm - ok
    17:24:14.0640 4108  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
    17:24:14.0640 4108  MSDTC - ok
    17:24:14.0686 4108  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
    17:24:14.0764 4108  Msfs - ok
    17:24:14.0796 4108  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
    17:24:14.0796 4108  msisadrv - ok
    17:24:14.0827 4108  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
    17:24:14.0889 4108  MSiSCSI - ok
    17:24:14.0905 4108  msiserver - ok
    17:24:14.0983 4108  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
    17:24:15.0045 4108  MSKSSRV - ok
    17:24:15.0217 4108  [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
    17:24:15.0232 4108  MsMpSvc - ok
    17:24:15.0295 4108  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
    17:24:15.0310 4108  MSPCLOCK - ok
    17:24:15.0342 4108  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
    17:24:15.0357 4108  MSPQM - ok
    17:24:15.0451 4108  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
    17:24:15.0560 4108  MsRPC - ok
    17:24:15.0591 4108  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
    17:24:15.0607 4108  mssmbios - ok
    17:24:15.0716 4108  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
    17:24:15.0747 4108  MSTEE - ok
    17:24:15.0841 4108  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
    17:24:15.0872 4108  Mup - ok
    17:24:16.0090 4108  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
    17:24:16.0106 4108  napagent - ok
    17:24:16.0153 4108  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
    17:24:16.0184 4108  NativeWifiP - ok
    17:24:16.0246 4108  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
    17:24:16.0246 4108  NDIS - ok
    17:24:16.0262 4108  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
    17:24:16.0293 4108  NdisTapi - ok
    17:24:16.0371 4108  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
    17:24:16.0418 4108  Ndisuio - ok
    17:24:16.0512 4108  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
    17:24:16.0574 4108  NdisWan - ok
    17:24:16.0605 4108  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
    17:24:16.0652 4108  NDProxy - ok
    17:24:16.0668 4108  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
    17:24:16.0730 4108  NetBIOS - ok
    17:24:16.0777 4108  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
    17:24:16.0870 4108  netbt - ok
    17:24:16.0902 4108  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
    17:24:16.0902 4108  Netlogon - ok
    17:24:17.0120 4108  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
    17:24:17.0167 4108  Netman - ok
    17:24:17.0198 4108  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    17:24:17.0198 4108  NetMsmqActivator - ok
    17:24:17.0198 4108  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    17:24:17.0214 4108  NetPipeActivator - ok
    17:24:17.0307 4108  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
    17:24:17.0416 4108  netprofm - ok
    17:24:17.0432 4108  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    17:24:17.0448 4108  NetTcpActivator - ok
    17:24:17.0448 4108  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    17:24:17.0448 4108  NetTcpPortSharing - ok
    17:24:17.0494 4108  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
    17:24:17.0526 4108  nfrd960 - ok
    17:24:17.0572 4108  [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
    17:24:17.0588 4108  NisDrv - ok
    17:24:17.0760 4108  [ 3B846434055F80D9E89D0742F3ADAD34 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
    17:24:17.0822 4108  NisSrv - ok
    17:24:17.0869 4108  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
    17:24:17.0900 4108  NlaSvc - ok
    17:24:17.0947 4108  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
    17:24:17.0978 4108  Npfs - ok
    17:24:18.0087 4108  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
    17:24:18.0118 4108  nsi - ok
    17:24:18.0165 4108  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
    17:24:18.0196 4108  nsiproxy - ok
    17:24:18.0883 4108  [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
    17:24:18.0945 4108  Ntfs - ok
    17:24:18.0976 4108  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
    17:24:19.0039 4108  ntrigdigi - ok
    17:24:19.0101 4108  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
    17:24:19.0117 4108  Null - ok
    17:24:19.0164 4108  [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
    17:24:19.0179 4108  nvraid - ok
    17:24:19.0210 4108  [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
    17:24:19.0210 4108  nvstor - ok
    17:24:19.0242 4108  [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
    17:24:19.0242 4108  nv_agp - ok
    17:24:19.0273 4108  [ C83766C4A147159254FF16F1A6C9DC6E ] NWADI           C:\Windows\system32\DRIVERS\NWADIenum.sys
    17:24:19.0273 4108  NWADI - ok
    17:24:19.0288 4108  NwlnkFlt - ok
    17:24:19.0304 4108  NwlnkFwd - ok
    17:24:19.0366 4108  [ 224131778C92AEE8C13AFAC5FBFF19CA ] NWUSBCDFIL      C:\Windows\system32\DRIVERS\NwUsbCdFil.sys
    17:24:19.0429 4108  NWUSBCDFIL - ok
    17:24:19.0538 4108  [ C7FB1635508D0009489A0F7E7743468A ] NWUSBModem_000  C:\Windows\system32\DRIVERS\nwusbmdm_000.sys
    17:24:19.0725 4108  NWUSBModem_000 - ok
    17:24:19.0772 4108  [ C7FB1635508D0009489A0F7E7743468A ] NWUSBPort2_000  C:\Windows\system32\DRIVERS\nwusbser2_000.sys
    17:24:19.0819 4108  NWUSBPort2_000 - ok
    17:24:19.0866 4108  [ C7FB1635508D0009489A0F7E7743468A ] NWUSBPort_000   C:\Windows\system32\DRIVERS\nwusbser_000.sys
    17:24:19.0928 4108  NWUSBPort_000 - ok
    17:24:20.0178 4108  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
    17:24:20.0318 4108  odserv - ok
    17:24:20.0521 4108  [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
    17:24:20.0521 4108  ohci1394 - ok
    17:24:20.0817 4108  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    17:24:20.0880 4108  ose - ok
    17:24:20.0926 4108  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
    17:24:20.0958 4108  p2pimsvc - ok
    17:24:20.0973 4108  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
    17:24:20.0989 4108  p2psvc - ok
    17:24:21.0098 4108  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
    17:24:21.0254 4108  Parport - ok
    17:24:21.0316 4108  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
    17:24:21.0348 4108  partmgr - ok
    17:24:21.0379 4108  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
    17:24:21.0394 4108  Parvdm - ok
    17:24:21.0457 4108  [ 3ADB8BD6154A3EF87496E8FCE9C22493 ] pavboot         C:\Windows\system32\drivers\pavboot.sys
    17:24:21.0457 4108  pavboot - ok
    17:24:21.0504 4108  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
    17:24:21.0504 4108  PcaSvc - ok
    17:24:21.0535 4108  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
    17:24:21.0550 4108  pci - ok
    17:24:21.0550 4108  [ 1636D43F10416AEB483BC6001097B26C ] pciide          C:\Windows\system32\drivers\pciide.sys
    17:24:21.0550 4108  pciide - ok
    17:24:21.0597 4108  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
    17:24:21.0597 4108  pcmcia - ok
    17:24:21.0660 4108  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
    17:24:21.0706 4108  PEAUTH - ok
    17:24:21.0800 4108  [ 6DBF2AC2BDAFF355995AB25ECCC4CFE1 ] pinger          C:\Toshiba\IVP\ISM\pinger.exe
    17:24:21.0800 4108  pinger - ok
    17:24:21.0925 4108  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
    17:24:21.0972 4108  pla - ok
    17:24:22.0003 4108  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
    17:24:24.0046 4108  PlugPlay - ok
    17:24:24.0249 4108  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
    17:24:24.0249 4108  PNRPAutoReg - ok
    17:24:24.0265 4108  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
    17:24:24.0280 4108  PNRPsvc - ok
    17:24:24.0514 4108  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
    17:24:24.0670 4108  PolicyAgent - ok
    17:24:24.0733 4108  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
    17:24:24.0811 4108  PptpMiniport - ok
    17:24:24.0889 4108  [ 0E3CEF5D28B40CF273281D620C50700A ] Processor       C:\Windows\system32\drivers\processr.sys
    17:24:24.0936 4108  Processor - ok
    17:24:24.0998 4108  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
    17:24:25.0029 4108  ProfSvc - ok
    17:24:25.0045 4108  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
    17:24:25.0060 4108  ProtectedStorage - ok
    17:24:25.0170 4108  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
    17:24:25.0170 4108  PSched - ok
    17:24:25.0232 4108  [ 785E1032C8F3C8C60AA8E2B7FE377869 ] PTDMBus         C:\Windows\system32\DRIVERS\PTDMBus.sys
    17:24:25.0279 4108  PTDMBus - ok
    17:24:25.0294 4108  [ 924C2B2DCA76D2BD7D44B3BB968B344F ] PTDMMdm         C:\Windows\system32\DRIVERS\PTDMMdm.sys
    17:24:25.0341 4108  PTDMMdm - ok
    17:24:25.0419 4108  [ 58AD3CCDD567FA45FD94AF15229ACE7C ] PTDMVsp         C:\Windows\system32\DRIVERS\PTDMVsp.sys
    17:24:25.0544 4108  PTDMVsp - ok
    17:24:25.0575 4108  [ 49F773DECBCD6A555C7A8694D37D232E ] PTDMWWAN        C:\Windows\system32\DRIVERS\PTDMWWAN.sys
    17:24:25.0638 4108  PTDMWWAN - ok
    17:24:25.0747 4108  [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
    17:24:25.0794 4108  PxHelp20 - ok
    17:24:25.0872 4108  [ 56A6210ACA051227EAFEEFA628BB5A9B ] QBCFMonitorService C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
    17:24:25.0903 4108  QBCFMonitorService - ok
    17:24:26.0012 4108  [ 6BEE1814470DC12FA20C53DFC3C97EBB ] QBFCService     C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
    17:24:26.0012 4108  QBFCService - ok
    17:24:26.0246 4108  [ D4FF4102640685C69BDC63F1674CE724 ] QBVSS           C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
    17:24:26.0277 4108  QBVSS - ok
    17:24:26.0355 4108  [ CCDAC889326317792480C0A67156A1EC ] ql2300          C:\Windows\system32\drivers\ql2300.sys
    17:24:26.0402 4108  ql2300 - ok
    17:24:26.0464 4108  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
    17:24:26.0496 4108  ql40xx - ok
    17:24:26.0558 4108  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
    17:24:26.0589 4108  QWAVE - ok
    17:24:26.0652 4108  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
    17:24:26.0698 4108  QWAVEdrv - ok
    17:24:26.0745 4108  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
    17:24:26.0761 4108  RasAcd - ok
    17:24:26.0792 4108  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
    17:24:26.0792 4108  RasAuto - ok
    17:24:26.0839 4108  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
    17:24:26.0886 4108  Rasl2tp - ok
    17:24:26.0932 4108  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
    17:24:26.0932 4108  RasMan - ok
    17:24:26.0964 4108  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
    17:24:27.0026 4108  RasPppoe - ok
    17:24:27.0104 4108  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
    17:24:27.0198 4108  RasSstp - ok
    17:24:27.0244 4108  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
    17:24:27.0338 4108  rdbss - ok
    17:24:27.0385 4108  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
    17:24:27.0432 4108  RDPCDD - ok
    17:24:27.0525 4108  [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
    17:24:27.0603 4108  rdpdr - ok
    17:24:27.0634 4108  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
    17:24:27.0650 4108  RDPENCDD - ok
    17:24:27.0728 4108  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
    17:24:27.0837 4108  RDPWD - ok
    17:24:27.0884 4108  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
    17:24:27.0884 4108  RemoteAccess - ok
    17:24:27.0915 4108  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
    17:24:27.0915 4108  RemoteRegistry - ok
    17:24:27.0946 4108  [ 355AAC141B214BEF1DBC1483AFD9BD50 ] rimmptsk        C:\Windows\system32\DRIVERS\rimmptsk.sys
    17:24:27.0978 4108  rimmptsk - ok
    17:24:28.0024 4108  [ A4216C71DD4F60B26418CCFD99CD0815 ] rimsptsk        C:\Windows\system32\DRIVERS\rimsptsk.sys
    17:24:28.0071 4108  rimsptsk - ok
    17:24:28.0118 4108  [ D231B577024AA324AF13A42F3A807D10 ] rismxdp         C:\Windows\system32\DRIVERS\rixdptsk.sys
    17:24:28.0212 4108  rismxdp - ok
    17:24:28.0305 4108  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
    17:24:28.0352 4108  RpcLocator - ok
    17:24:28.0695 4108  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
    17:24:28.0711 4108  RpcSs - ok
    17:24:28.0992 4108  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
    17:24:29.0070 4108  rspndr - ok
    17:24:29.0116 4108  [ B8B159FA669C6386A458FCD468EBB1E6 ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
    17:24:29.0163 4108  RTL8169 - ok
    17:24:29.0194 4108  [ 67E7822975985016FDCE01635FBDBBF9 ] RTL8187B        C:\Windows\system32\DRIVERS\RTL8187B.sys
    17:24:29.0226 4108  RTL8187B - ok
    17:24:29.0257 4108  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
    17:24:29.0257 4108  SamSs - ok
    17:24:29.0319 4108  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
    17:24:29.0350 4108  sbp2port - ok
    17:24:29.0397 4108  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
    17:24:29.0397 4108  SCardSvr - ok
    17:24:29.0444 4108  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
    17:24:29.0460 4108  Schedule - ok
    17:24:29.0475 4108  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
    17:24:29.0475 4108  SCPolicySvc - ok
    17:24:29.0491 4108  [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
    17:24:29.0522 4108  sdbus - ok
    17:24:29.0553 4108  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
    17:24:29.0553 4108  SDRSVC - ok
    17:24:29.0647 4108  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
    17:24:29.0725 4108  secdrv - ok
    17:24:29.0803 4108  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
    17:24:29.0943 4108  seclogon - ok
    17:24:29.0974 4108  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
    17:24:29.0974 4108  SENS - ok
    17:24:30.0006 4108  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
    17:24:30.0052 4108  Serenum - ok
    17:24:30.0084 4108  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
    17:24:30.0099 4108  Serial - ok
    17:24:30.0115 4108  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
    17:24:30.0177 4108  sermouse - ok
    17:24:30.0271 4108  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
    17:24:30.0271 4108  SessionEnv - ok
    17:24:30.0318 4108  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
    17:24:30.0364 4108  sffdisk - ok
    17:24:30.0411 4108  [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
    17:24:30.0427 4108  sffp_mmc - ok
    17:24:30.0458 4108  [ 9F66A46C55D6F1CCABC79BB7AFCCC545 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
    17:24:30.0505 4108  sffp_sd - ok
    17:24:30.0520 4108  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
    17:24:30.0567 4108  sfloppy - ok
    17:24:30.0614 4108  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
    17:24:30.0630 4108  SharedAccess - ok
    17:24:30.0754 4108  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
    17:24:30.0832 4108  ShellHWDetection - ok
    17:24:30.0848 4108  [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
    17:24:30.0864 4108  sisagp - ok
    17:24:30.0895 4108  [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
    17:24:30.0895 4108  SiSRaid2 - ok
    17:24:30.0910 4108  [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
    17:24:30.0910 4108  SiSRaid4 - ok
    17:24:31.0347 4108  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
    17:24:31.0753 4108  slsvc - ok
    17:24:31.0800 4108  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
    17:24:31.0800 4108  SLUINotify - ok
    17:24:31.0831 4108  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
    17:24:31.0909 4108  Smb - ok
    17:24:32.0018 4108  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
    17:24:32.0065 4108  SNMPTRAP - ok
    17:24:32.0112 4108  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
    17:24:32.0143 4108  spldr - ok
    17:24:32.0190 4108  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
    17:24:32.0190 4108  Spooler - ok
    17:24:32.0299 4108  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
    17:24:32.0377 4108  srv - ok
    17:24:32.0439 4108  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
    17:24:32.0517 4108  srv2 - ok
    17:24:32.0564 4108  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
    17:24:32.0611 4108  srvnet - ok
    17:24:32.0673 4108  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
    17:24:32.0704 4108  SSDPSRV - ok
    17:24:32.0736 4108  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
    17:24:32.0751 4108  SstpSvc - ok
    17:24:32.0782 4108  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
    17:24:32.0798 4108  stisvc - ok
    17:24:32.0814 4108  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
    17:24:32.0814 4108  swenum - ok
    17:24:32.0845 4108  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
    17:24:32.0845 4108  swprv - ok
    17:24:32.0923 4108  [ 327786C5D6BCF284FAB14C2B5751F514 ] Swupdtmr        c:\Toshiba\IVP\swupdate\swupdtmr.exe
    17:24:32.0954 4108  Swupdtmr - ok
    17:24:32.0985 4108  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
    17:24:32.0985 4108  Symc8xx - ok
    17:24:33.0016 4108  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
    17:24:33.0016 4108  Sym_hi - ok
    17:24:33.0032 4108  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
    17:24:33.0032 4108  Sym_u3 - ok
    17:24:33.0079 4108  [ 11F730BF0D0AA4FE7DE7138A32A52422 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
    17:24:33.0079 4108  SynTP - ok
    17:24:33.0375 4108  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
    17:24:33.0391 4108  SysMain - ok
    17:24:33.0422 4108  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
    17:24:33.0453 4108  TabletInputService - ok
    17:24:33.0500 4108  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
    17:24:33.0531 4108  TapiSrv - ok
    17:24:33.0562 4108  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
    17:24:33.0594 4108  TBS - ok
    17:24:34.0015 4108  [ 3535CD93F944C00F098E73E12EE7FEB6 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
    17:24:34.0093 4108  Tcpip - ok
    17:24:34.0108 4108  [ 3535CD93F944C00F098E73E12EE7FEB6 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
    17:24:34.0124 4108  Tcpip6 - ok
    17:24:34.0218 4108  [ CD21572F83F7EC6E2C20C465967BEDD9 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
    17:24:34.0280 4108  tcpipreg - ok
    17:24:34.0342 4108  [ 1825BCEB47BF41C5A9F0E44DE82FC27A ] tdcmdpst        C:\Windows\system32\DRIVERS\tdcmdpst.sys
    17:24:34.0358 4108  tdcmdpst - ok
    17:24:34.0420 4108  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
    17:24:34.0467 4108  TDPIPE - ok
    17:24:34.0514 4108  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
    17:24:34.0561 4108  TDTCP - ok
    17:24:34.0654 4108  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
    17:24:34.0779 4108  tdx - ok
    17:24:34.0826 4108  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
    17:24:34.0873 4108  TermDD - ok
    17:24:35.0091 4108  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
    17:24:35.0154 4108  TermService - ok
    17:24:35.0169 4108  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
    17:24:35.0185 4108  Themes - ok
    17:24:35.0216 4108  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
    17:24:35.0232 4108  THREADORDER - ok
    17:24:35.0403 4108  [ 804FED244FC47642CC635236D47A67D4 ] TNaviSrv        C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
    17:24:35.0403 4108  TNaviSrv - ok
    17:24:35.0419 4108  [ D540858E65BFA6FDED41AD2495ECE344 ] TODDSrv         C:\Windows\system32\TODDSrv.exe
    17:24:35.0450 4108  TODDSrv - ok
    17:24:35.0512 4108  [ 6A54C28B53C6B50D333C8EE974C6B208 ] TosCoSrv        C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
    17:24:35.0512 4108  TosCoSrv - ok
    17:24:35.0590 4108  [ 87843B2DA99051BC66E2D6C211E3D6A4 ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
    17:24:35.0590 4108  TOSHIBA Bluetooth Service - ok
    17:24:35.0606 4108  Tosrfcom - ok
    17:24:35.0653 4108  [ 5C4103544612E5011EF46301B93D1AA6 ] tosrfec         C:\Windows\system32\DRIVERS\tosrfec.sys
    17:24:35.0715 4108  tosrfec - ok
    17:24:35.0778 4108  [ 1EA5F27C29405BF49799FECA77186DA9 ] tos_sps32       C:\Windows\system32\DRIVERS\tos_sps32.sys
    17:24:35.0840 4108  tos_sps32 - ok
    17:24:35.0871 4108  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
    17:24:35.0871 4108  TrkWks - ok
    17:24:35.0918 4108  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
    17:24:35.0934 4108  TrustedInstaller - ok
    17:24:35.0996 4108  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
    17:24:36.0027 4108  tssecsrv - ok
    17:24:36.0090 4108  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
    17:24:36.0105 4108  tunmp - ok
    17:24:36.0121 4108  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
    17:24:36.0121 4108  tunnel - ok
    17:24:36.0152 4108  [ 521C5F39829875ADF5466DD94C6282C7 ] TVALZ           C:\Windows\system32\DRIVERS\TVALZ_O.SYS
    17:24:36.0199 4108  TVALZ -
     

    * Permissions
    You can't post new topics.
    You can't post replies.
    You can't post attachments.
    You can't modify your posts.
    BBCode Enabled
    Smilies Enabled
    [img] Enabled
    HTML Disabled


    Except where otherwise stated, all content, graphics, banners and images included © 2006 - 2017 Smokey Services™ -- All rights reserved
    Design board graphics, banners and images by Meg&Millie - Emma aka Tinker

    This site does not store profiling-, tracking-, third-party and/or any other non-essential cookie(s) on client computers and is fully compliant with the EU ePrivacy Directive
    Smokey's does not use any Web Analytics/Analysis Service, and also does not use any browser fingerprinting techniques

        

      

    Smokey's also provides free fully qualified FRST (Farbar Recovery Scan Tool) Log / Malware Analysis & Removal Help and System Health Checks
    rifle
    rifle
    rifle
    rifle