ManMich

Members

View Profile See their activity

Posts
5
Joined
January 6, 2013
Last visited
January 12, 2013

Reputation

0 Neutral

About ManMich

Birthday November 6

LiveSearchNow has taken over search engines

ManMich replied to ManMich's topic in Resolved Malware Removal Logs

No issues remain. I appreciate all your help.
- January 12, 2013
- 8 replies
LiveSearchNow has taken over search engines

ManMich replied to ManMich's topic in Resolved Malware Removal Logs

After running Combofix, the live search was gone. I really appreciate all your help. Here are the logs you requested: TDSSKiller Log 13:53:27.0720 5236 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 13:53:28.0547 5236 ============================================================ 13:53:28.0547 5236 Current date / time: 2013/01/10 13:53:28.0547 13:53:28.0547 5236 SystemInfo: 13:53:28.0547 5236 13:53:28.0547 5236 OS Version: 6.1.7601 ServicePack: 1.0 13:53:28.0547 5236 Product type: Workstation 13:53:28.0547 5236 ComputerName: BRITTANY-PC 13:53:28.0547 5236 UserName: Brittany 13:53:28.0547 5236 Windows directory: C:\windows 13:53:28.0547 5236 System windows directory: C:\windows 13:53:28.0547 5236 Running under WOW64 13:53:28.0547 5236 Processor architecture: Intel x64 13:53:28.0547 5236 Number of processors: 4 13:53:28.0547 5236 Page size: 0x1000 13:53:28.0547 5236 Boot type: Normal boot 13:53:28.0547 5236 ============================================================ 13:53:30.0980 5236 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 13:53:30.0980 5236 ============================================================ 13:53:30.0980 5236 \Device\Harddisk0\DR0: 13:53:30.0980 5236 MBR partitions: 13:53:30.0980 5236 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x48737800 13:53:30.0980 5236 ============================================================ 13:53:31.0011 5236 C: <-> \Device\Harddisk0\DR0\Partition1 13:53:31.0011 5236 ============================================================ 13:53:31.0011 5236 Initialize success 13:53:31.0011 5236 ============================================================ 13:54:11.0727 6052 ============================================================ 13:54:11.0727 6052 Scan started 13:54:11.0727 6052 Mode: Manual; 13:54:11.0727 6052 ============================================================ 13:54:11.0946 6052 ================ Scan system memory ======================== 13:54:11.0946 6052 System memory - ok 13:54:11.0946 6052 ================ Scan services ============================= 13:54:12.0149 6052 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys 13:54:12.0180 6052 1394ohci - ok 13:54:12.0227 6052 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys 13:54:12.0227 6052 ACPI - ok 13:54:12.0273 6052 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys 13:54:12.0289 6052 AcpiPmi - ok 13:54:12.0414 6052 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 13:54:12.0476 6052 AdobeARMservice - ok 13:54:12.0601 6052 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 13:54:12.0601 6052 AdobeFlashPlayerUpdateSvc - ok 13:54:12.0663 6052 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys 13:54:12.0663 6052 adp94xx - ok 13:54:12.0726 6052 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys 13:54:12.0726 6052 adpahci - ok 13:54:12.0741 6052 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys 13:54:12.0741 6052 adpu320 - ok 13:54:12.0788 6052 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll 13:54:12.0788 6052 AeLookupSvc - ok 13:54:12.0851 6052 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys 13:54:12.0866 6052 AFD - ok 13:54:12.0897 6052 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys 13:54:12.0897 6052 agp440 - ok 13:54:12.0944 6052 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe 13:54:12.0944 6052 ALG - ok 13:54:12.0975 6052 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys 13:54:12.0975 6052 aliide - ok 13:54:12.0975 6052 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys 13:54:12.0975 6052 amdide - ok 13:54:13.0007 6052 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys 13:54:13.0007 6052 AmdK8 - ok 13:54:13.0038 6052 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys 13:54:13.0038 6052 AmdPPM - ok 13:54:13.0069 6052 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys 13:54:13.0069 6052 amdsata - ok 13:54:13.0100 6052 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys 13:54:13.0116 6052 amdsbs - ok 13:54:13.0131 6052 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys 13:54:13.0131 6052 amdxata - ok 13:54:13.0163 6052 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys 13:54:13.0163 6052 AppID - ok 13:54:13.0194 6052 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll 13:54:13.0209 6052 AppIDSvc - ok 13:54:13.0225 6052 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll 13:54:13.0225 6052 Appinfo - ok 13:54:13.0350 6052 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 13:54:13.0350 6052 Apple Mobile Device - ok 13:54:13.0443 6052 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys 13:54:13.0459 6052 arc - ok 13:54:13.0490 6052 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys 13:54:13.0490 6052 arcsas - ok 13:54:13.0521 6052 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys 13:54:13.0521 6052 AsyncMac - ok 13:54:13.0553 6052 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys 13:54:13.0553 6052 atapi - ok 13:54:13.0599 6052 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll 13:54:13.0615 6052 AudioEndpointBuilder - ok 13:54:13.0646 6052 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll 13:54:13.0646 6052 AudioSrv - ok 13:54:13.0709 6052 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll 13:54:13.0709 6052 AxInstSV - ok 13:54:13.0771 6052 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys 13:54:13.0802 6052 b06bdrv - ok 13:54:13.0880 6052 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys 13:54:13.0880 6052 b57nd60a - ok 13:54:13.0943 6052 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll 13:54:13.0958 6052 BDESVC - ok 13:54:13.0989 6052 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys 13:54:13.0989 6052 Beep - ok 13:54:14.0036 6052 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll 13:54:14.0067 6052 BFE - ok 13:54:14.0114 6052 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\system32\qmgr.dll 13:54:14.0145 6052 BITS - ok 13:54:14.0177 6052 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\drivers\blbdrive.sys 13:54:14.0177 6052 blbdrive - ok 13:54:14.0239 6052 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 13:54:14.0255 6052 Bonjour Service - ok 13:54:14.0286 6052 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys 13:54:14.0301 6052 bowser - ok 13:54:14.0317 6052 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys 13:54:14.0333 6052 BrFiltLo - ok 13:54:14.0348 6052 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys 13:54:14.0348 6052 BrFiltUp - ok 13:54:14.0379 6052 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys 13:54:14.0379 6052 BridgeMP - ok 13:54:14.0426 6052 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll 13:54:14.0426 6052 Browser - ok 13:54:14.0442 6052 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys 13:54:14.0473 6052 Brserid - ok 13:54:14.0473 6052 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys 13:54:14.0489 6052 BrSerWdm - ok 13:54:14.0489 6052 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys 13:54:14.0489 6052 BrUsbMdm - ok 13:54:14.0504 6052 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys 13:54:14.0504 6052 BrUsbSer - ok 13:54:14.0520 6052 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys 13:54:14.0520 6052 BTHMODEM - ok 13:54:14.0551 6052 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll 13:54:14.0551 6052 bthserv - ok 13:54:14.0567 6052 catchme - ok 13:54:14.0598 6052 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys 13:54:14.0613 6052 cdfs - ok 13:54:14.0645 6052 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys 13:54:14.0645 6052 cdrom - ok 13:54:14.0676 6052 [ A965B206921C55F2D1481789D609B711 ] CeKbFilter C:\windows\system32\DRIVERS\CeKbFilter.sys 13:54:14.0691 6052 CeKbFilter - ok 13:54:14.0738 6052 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll 13:54:14.0738 6052 CertPropSvc - ok 13:54:14.0785 6052 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys 13:54:14.0785 6052 circlass - ok 13:54:14.0832 6052 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys 13:54:14.0847 6052 CLFS - ok 13:54:14.0972 6052 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 13:54:14.0972 6052 clr_optimization_v2.0.50727_32 - ok 13:54:15.0066 6052 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 13:54:15.0081 6052 clr_optimization_v2.0.50727_64 - ok 13:54:15.0175 6052 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 13:54:15.0206 6052 clr_optimization_v4.0.30319_32 - ok 13:54:15.0253 6052 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 13:54:15.0253 6052 clr_optimization_v4.0.30319_64 - ok 13:54:15.0315 6052 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\drivers\CmBatt.sys 13:54:15.0331 6052 CmBatt - ok 13:54:15.0347 6052 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys 13:54:15.0347 6052 cmdide - ok 13:54:15.0393 6052 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys 13:54:15.0393 6052 CNG - ok 13:54:15.0440 6052 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys 13:54:15.0440 6052 Compbatt - ok 13:54:15.0456 6052 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys 13:54:15.0471 6052 CompositeBus - ok 13:54:15.0487 6052 COMSysApp - ok 13:54:15.0503 6052 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys 13:54:15.0503 6052 crcdisk - ok 13:54:15.0549 6052 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll 13:54:15.0549 6052 CryptSvc - ok 13:54:15.0659 6052 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 13:54:15.0674 6052 cvhsvc - ok 13:54:15.0752 6052 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll 13:54:15.0752 6052 DcomLaunch - ok 13:54:15.0799 6052 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll 13:54:15.0815 6052 defragsvc - ok 13:54:15.0846 6052 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys 13:54:15.0846 6052 DfsC - ok 13:54:15.0877 6052 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll 13:54:15.0893 6052 Dhcp - ok 13:54:15.0893 6052 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys 13:54:15.0893 6052 discache - ok 13:54:15.0924 6052 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys 13:54:15.0924 6052 Disk - ok 13:54:15.0971 6052 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll 13:54:15.0986 6052 Dnscache - ok 13:54:16.0017 6052 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll 13:54:16.0017 6052 dot3svc - ok 13:54:16.0033 6052 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll 13:54:16.0033 6052 DPS - ok 13:54:16.0080 6052 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys 13:54:16.0080 6052 drmkaud - ok 13:54:16.0127 6052 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys 13:54:16.0142 6052 DXGKrnl - ok 13:54:16.0189 6052 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll 13:54:16.0205 6052 EapHost - ok 13:54:16.0345 6052 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys 13:54:16.0454 6052 ebdrv - ok 13:54:16.0470 6052 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe 13:54:16.0470 6052 EFS - ok 13:54:16.0548 6052 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe 13:54:16.0563 6052 ehRecvr - ok 13:54:16.0579 6052 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe 13:54:16.0579 6052 ehSched - ok 13:54:16.0641 6052 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys 13:54:16.0657 6052 elxstor - ok 13:54:16.0719 6052 [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe 13:54:16.0782 6052 EpsonBidirectionalService - ok 13:54:16.0844 6052 [ 20ECD0A490A121CB34F553FAD1DBBD39 ] EpsonScanSvc C:\windows\system32\EscSvc64.exe 13:54:16.0844 6052 EpsonScanSvc - ok 13:54:16.0860 6052 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys 13:54:16.0875 6052 ErrDev - ok 13:54:16.0922 6052 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll 13:54:16.0922 6052 EventSystem - ok 13:54:17.0094 6052 [ 57E61DC4F7980D57C0B162FC5B9F0B38 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 13:54:17.0125 6052 EvtEng - ok 13:54:17.0172 6052 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys 13:54:17.0172 6052 exfat - ok 13:54:17.0203 6052 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys 13:54:17.0234 6052 fastfat - ok 13:54:17.0297 6052 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe 13:54:17.0312 6052 Fax - ok 13:54:17.0328 6052 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys 13:54:17.0343 6052 fdc - ok 13:54:17.0375 6052 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll 13:54:17.0375 6052 fdPHost - ok 13:54:17.0406 6052 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll 13:54:17.0406 6052 FDResPub - ok 13:54:17.0437 6052 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys 13:54:17.0437 6052 FileInfo - ok 13:54:17.0453 6052 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys 13:54:17.0453 6052 Filetrace - ok 13:54:17.0499 6052 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 13:54:17.0640 6052 FLEXnet Licensing Service - ok 13:54:17.0655 6052 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys 13:54:17.0655 6052 flpydisk - ok 13:54:17.0671 6052 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys 13:54:17.0671 6052 FltMgr - ok 13:54:17.0733 6052 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll 13:54:17.0749 6052 FontCache - ok 13:54:17.0796 6052 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 13:54:17.0811 6052 FontCache3.0.0.0 - ok 13:54:17.0858 6052 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys 13:54:17.0858 6052 FsDepends - ok 13:54:17.0889 6052 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys 13:54:17.0889 6052 Fs_Rec - ok 13:54:17.0921 6052 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys 13:54:17.0921 6052 fvevol - ok 13:54:17.0952 6052 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys 13:54:17.0952 6052 gagp30kx - ok 13:54:17.0999 6052 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys 13:54:17.0999 6052 GEARAspiWDM - ok 13:54:18.0045 6052 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll 13:54:18.0077 6052 gpsvc - ok 13:54:18.0108 6052 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 13:54:18.0123 6052 gupdate - ok 13:54:18.0139 6052 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 13:54:18.0139 6052 gupdatem - ok 13:54:18.0186 6052 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 13:54:18.0186 6052 gusvc - ok 13:54:18.0217 6052 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys 13:54:18.0217 6052 hcw85cir - ok 13:54:18.0264 6052 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys 13:54:18.0279 6052 HdAudAddService - ok 13:54:18.0311 6052 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys 13:54:18.0311 6052 HDAudBus - ok 13:54:18.0311 6052 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys 13:54:18.0326 6052 HidBatt - ok 13:54:18.0342 6052 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys 13:54:18.0342 6052 HidBth - ok 13:54:18.0342 6052 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys 13:54:18.0357 6052 HidIr - ok 13:54:18.0373 6052 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll 13:54:18.0373 6052 hidserv - ok 13:54:18.0420 6052 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\drivers\hidusb.sys 13:54:18.0420 6052 HidUsb - ok 13:54:18.0435 6052 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll 13:54:18.0451 6052 hkmsvc - ok 13:54:18.0451 6052 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll 13:54:18.0467 6052 HomeGroupListener - ok 13:54:18.0498 6052 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll 13:54:18.0513 6052 HomeGroupProvider - ok 13:54:18.0513 6052 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys 13:54:18.0513 6052 HpSAMD - ok 13:54:18.0623 6052 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys 13:54:18.0654 6052 HTTP - ok 13:54:18.0654 6052 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys 13:54:18.0654 6052 hwpolicy - ok 13:54:18.0685 6052 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys 13:54:18.0685 6052 i8042prt - ok 13:54:18.0779 6052 [ D469B77687E12FE43E344806740B624D ] iaStor C:\windows\system32\DRIVERS\iaStor.sys 13:54:18.0794 6052 iaStor - ok 13:54:18.0857 6052 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys 13:54:18.0872 6052 iaStorV - ok 13:54:18.0935 6052 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 13:54:18.0950 6052 idsvc - ok 13:54:19.0247 6052 [ 93C8115D4BAEB1BD047AB0A9B265EE7A ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys 13:54:19.0496 6052 igfx - ok 13:54:19.0543 6052 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys 13:54:19.0543 6052 iirsp - ok 13:54:19.0605 6052 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll 13:54:19.0621 6052 IKEEXT - ok 13:54:19.0683 6052 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\windows\system32\drivers\intelaud.sys 13:54:19.0699 6052 intaud_WaveExtensible - ok 13:54:19.0855 6052 [ AC9AAFD18E4D52084C4AA8A38795B7E4 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys 13:54:19.0886 6052 IntcAzAudAddService - ok 13:54:19.0933 6052 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys 13:54:19.0949 6052 IntcDAud - ok 13:54:19.0964 6052 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys 13:54:19.0964 6052 intelide - ok 13:54:20.0011 6052 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys 13:54:20.0011 6052 intelppm - ok 13:54:20.0042 6052 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll 13:54:20.0042 6052 IPBusEnum - ok 13:54:20.0058 6052 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys 13:54:20.0058 6052 IpFilterDriver - ok 13:54:20.0120 6052 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll 13:54:20.0136 6052 iphlpsvc - ok 13:54:20.0167 6052 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys 13:54:20.0167 6052 IPMIDRV - ok 13:54:20.0183 6052 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys 13:54:20.0183 6052 IPNAT - ok 13:54:20.0245 6052 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 13:54:20.0261 6052 iPod Service - ok 13:54:20.0276 6052 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys 13:54:20.0292 6052 IRENUM - ok 13:54:20.0323 6052 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys 13:54:20.0323 6052 isapnp - ok 13:54:20.0339 6052 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys 13:54:20.0354 6052 iScsiPrt - ok 13:54:20.0401 6052 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\windows\system32\DRIVERS\iwdbus.sys 13:54:20.0401 6052 iwdbus - ok 13:54:20.0432 6052 [ 25D602AE635A0443458FBED1A8B6E4E9 ] JMCR C:\windows\system32\DRIVERS\jmcr.sys 13:54:20.0448 6052 JMCR - ok 13:54:20.0463 6052 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys 13:54:20.0463 6052 kbdclass - ok 13:54:20.0510 6052 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys 13:54:20.0510 6052 kbdhid - ok 13:54:20.0541 6052 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe 13:54:20.0541 6052 KeyIso - ok 13:54:20.0573 6052 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys 13:54:20.0573 6052 KSecDD - ok 13:54:20.0604 6052 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys 13:54:20.0604 6052 KSecPkg - ok 13:54:20.0619 6052 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys 13:54:20.0619 6052 ksthunk - ok 13:54:20.0666 6052 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll 13:54:20.0682 6052 KtmRm - ok 13:54:20.0713 6052 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\System32\srvsvc.dll 13:54:20.0729 6052 LanmanServer - ok 13:54:20.0775 6052 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll 13:54:20.0775 6052 LanmanWorkstation - ok 13:54:20.0838 6052 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys 13:54:20.0838 6052 lltdio - ok 13:54:20.0869 6052 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll 13:54:20.0885 6052 lltdsvc - ok 13:54:20.0900 6052 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll 13:54:20.0900 6052 lmhosts - ok 13:54:20.0978 6052 [ 50C7CE53EF461870410355F1F2E7D515 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 13:54:20.0994 6052 LMS - ok 13:54:21.0025 6052 [ 2825A71E7501CB33B3B9F856610C729D ] LPCFilter C:\windows\system32\DRIVERS\LPCFilter.sys 13:54:21.0025 6052 LPCFilter - ok 13:54:21.0056 6052 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys 13:54:21.0072 6052 LSI_FC - ok 13:54:21.0087 6052 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys 13:54:21.0103 6052 LSI_SAS - ok 13:54:21.0103 6052 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys 13:54:21.0103 6052 LSI_SAS2 - ok 13:54:21.0134 6052 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys 13:54:21.0134 6052 LSI_SCSI - ok 13:54:21.0150 6052 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys 13:54:21.0165 6052 luafv - ok 13:54:21.0197 6052 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll 13:54:21.0212 6052 Mcx2Svc - ok 13:54:21.0212 6052 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys 13:54:21.0212 6052 megasas - ok 13:54:21.0259 6052 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys 13:54:21.0275 6052 MegaSR - ok 13:54:21.0321 6052 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys 13:54:21.0321 6052 MEIx64 - ok 13:54:21.0415 6052 Microsoft SharePoint Workspace Audit Service - ok 13:54:21.0462 6052 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll 13:54:21.0493 6052 MMCSS - ok 13:54:21.0524 6052 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys 13:54:21.0524 6052 Modem - ok 13:54:21.0571 6052 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys 13:54:21.0571 6052 monitor - ok 13:54:21.0587 6052 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\drivers\mouclass.sys 13:54:21.0587 6052 mouclass - ok 13:54:21.0602 6052 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\drivers\mouhid.sys 13:54:21.0602 6052 mouhid - ok 13:54:21.0618 6052 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys 13:54:21.0618 6052 mountmgr - ok 13:54:21.0680 6052 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys 13:54:21.0680 6052 MpFilter - ok 13:54:21.0711 6052 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys 13:54:21.0727 6052 mpio - ok 13:54:21.0821 6052 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys 13:54:21.0852 6052 mpsdrv - ok 13:54:21.0914 6052 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll 13:54:21.0930 6052 MpsSvc - ok 13:54:21.0961 6052 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys 13:54:21.0961 6052 MRxDAV - ok 13:54:22.0008 6052 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys 13:54:22.0008 6052 mrxsmb - ok 13:54:22.0055 6052 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys 13:54:22.0055 6052 mrxsmb10 - ok 13:54:22.0070 6052 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys 13:54:22.0070 6052 mrxsmb20 - ok 13:54:22.0086 6052 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\DRIVERS\msahci.sys 13:54:22.0086 6052 msahci - ok 13:54:22.0101 6052 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys 13:54:22.0117 6052 msdsm - ok 13:54:22.0148 6052 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe 13:54:22.0148 6052 MSDTC - ok 13:54:22.0179 6052 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys 13:54:22.0195 6052 Msfs - ok 13:54:22.0226 6052 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys 13:54:22.0226 6052 mshidkmdf - ok 13:54:22.0226 6052 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys 13:54:22.0226 6052 msisadrv - ok 13:54:22.0257 6052 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll 13:54:22.0273 6052 MSiSCSI - ok 13:54:22.0273 6052 msiserver - ok 13:54:22.0304 6052 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys 13:54:22.0320 6052 MSKSSRV - ok 13:54:22.0398 6052 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe 13:54:22.0398 6052 MsMpSvc - ok 13:54:22.0429 6052 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys 13:54:22.0429 6052 MSPCLOCK - ok 13:54:22.0476 6052 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys 13:54:22.0476 6052 MSPQM - ok 13:54:22.0507 6052 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys 13:54:22.0523 6052 MsRPC - ok 13:54:22.0523 6052 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys 13:54:22.0523 6052 mssmbios - ok 13:54:22.0554 6052 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys 13:54:22.0554 6052 MSTEE - ok 13:54:22.0554 6052 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys 13:54:22.0569 6052 MTConfig - ok 13:54:22.0569 6052 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys 13:54:22.0569 6052 Mup - ok 13:54:22.0632 6052 [ 50B99D53BC013458381C6476D790C9F3 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 13:54:22.0647 6052 MyWiFiDHCPDNS - ok 13:54:22.0679 6052 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll 13:54:22.0694 6052 napagent - ok 13:54:22.0803 6052 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys 13:54:22.0850 6052 NativeWifiP - ok 13:54:22.0913 6052 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys 13:54:22.0928 6052 NDIS - ok 13:54:22.0975 6052 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys 13:54:22.0991 6052 NdisCap - ok 13:54:23.0022 6052 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys 13:54:23.0022 6052 NdisTapi - ok 13:54:23.0037 6052 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys 13:54:23.0037 6052 Ndisuio - ok 13:54:23.0037 6052 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys 13:54:23.0053 6052 NdisWan - ok 13:54:23.0053 6052 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys 13:54:23.0053 6052 NDProxy - ok 13:54:23.0069 6052 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys 13:54:23.0069 6052 NetBIOS - ok 13:54:23.0100 6052 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys 13:54:23.0115 6052 NetBT - ok 13:54:23.0147 6052 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe 13:54:23.0162 6052 Netlogon - ok 13:54:23.0209 6052 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll 13:54:23.0225 6052 Netman - ok 13:54:23.0240 6052 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll 13:54:23.0256 6052 netprofm - ok 13:54:23.0303 6052 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 13:54:23.0303 6052 NetTcpPortSharing - ok 13:54:23.0568 6052 [ AC69618DE5BCCE8747C9AB0AAE1003C1 ] NETwNs64 C:\windows\system32\DRIVERS\NETwNs64.sys 13:54:23.0771 6052 NETwNs64 - ok 13:54:23.0817 6052 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys 13:54:23.0817 6052 nfrd960 - ok 13:54:23.0864 6052 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys 13:54:23.0864 6052 NisDrv - ok 13:54:23.0927 6052 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe 13:54:23.0942 6052 NisSrv - ok 13:54:24.0005 6052 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll 13:54:24.0005 6052 NlaSvc - ok 13:54:24.0036 6052 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys 13:54:24.0036 6052 Npfs - ok 13:54:24.0067 6052 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll 13:54:24.0067 6052 nsi - ok 13:54:24.0083 6052 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys 13:54:24.0083 6052 nsiproxy - ok 13:54:24.0192 6052 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys 13:54:24.0254 6052 Ntfs - ok 13:54:24.0270 6052 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys 13:54:24.0285 6052 Null - ok 13:54:24.0332 6052 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\windows\system32\DRIVERS\nusb3hub.sys 13:54:24.0332 6052 nusb3hub - ok 13:54:24.0348 6052 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\windows\system32\DRIVERS\nusb3xhc.sys 13:54:24.0363 6052 nusb3xhc - ok 13:54:24.0395 6052 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys 13:54:24.0395 6052 nvraid - ok 13:54:24.0426 6052 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys 13:54:24.0426 6052 nvstor - ok 13:54:24.0457 6052 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys 13:54:24.0457 6052 nv_agp - ok 13:54:24.0473 6052 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys 13:54:24.0473 6052 ohci1394 - ok 13:54:24.0519 6052 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 13:54:24.0535 6052 ose - ok 13:54:24.0707 6052 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 13:54:24.0863 6052 osppsvc - ok 13:54:24.0894 6052 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll 13:54:24.0894 6052 p2pimsvc - ok 13:54:24.0909 6052 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll 13:54:24.0925 6052 p2psvc - ok 13:54:24.0941 6052 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys 13:54:24.0956 6052 Parport - ok 13:54:24.0972 6052 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys 13:54:24.0972 6052 partmgr - ok 13:54:25.0003 6052 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll 13:54:25.0003 6052 PcaSvc - ok 13:54:25.0034 6052 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys 13:54:25.0050 6052 pci - ok 13:54:25.0050 6052 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys 13:54:25.0050 6052 pciide - ok 13:54:25.0081 6052 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys 13:54:25.0081 6052 pcmcia - ok 13:54:25.0097 6052 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys 13:54:25.0097 6052 pcw - ok 13:54:25.0128 6052 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys 13:54:25.0143 6052 PEAUTH - ok 13:54:25.0221 6052 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe 13:54:25.0221 6052 PerfHost - ok 13:54:25.0268 6052 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys 13:54:25.0268 6052 PGEffect - ok 13:54:25.0331 6052 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll 13:54:25.0362 6052 pla - ok 13:54:25.0393 6052 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll 13:54:25.0409 6052 PlugPlay - ok 13:54:25.0424 6052 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll 13:54:25.0440 6052 PNRPAutoReg - ok 13:54:25.0440 6052 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll 13:54:25.0455 6052 PNRPsvc - ok 13:54:25.0487 6052 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll 13:54:25.0502 6052 PolicyAgent - ok 13:54:25.0518 6052 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll 13:54:25.0533 6052 Power - ok 13:54:25.0565 6052 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys 13:54:25.0565 6052 PptpMiniport - ok 13:54:25.0596 6052 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys 13:54:25.0596 6052 Processor - ok 13:54:25.0643 6052 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll 13:54:25.0643 6052 ProfSvc - ok 13:54:25.0658 6052 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe 13:54:25.0674 6052 ProtectedStorage - ok 13:54:25.0705 6052 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys 13:54:25.0705 6052 Psched - ok 13:54:25.0830 6052 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys 13:54:25.0861 6052 ql2300 - ok 13:54:25.0877 6052 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys 13:54:25.0877 6052 ql40xx - ok 13:54:25.0923 6052 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll 13:54:25.0923 6052 QWAVE - ok 13:54:25.0939 6052 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys 13:54:25.0939 6052 QWAVEdrv - ok 13:54:25.0955 6052 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys 13:54:25.0955 6052 RasAcd - ok 13:54:25.0986 6052 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys 13:54:26.0001 6052 RasAgileVpn - ok 13:54:26.0017 6052 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll 13:54:26.0033 6052 RasAuto - ok 13:54:26.0033 6052 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys 13:54:26.0048 6052 Rasl2tp - ok 13:54:26.0079 6052 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll 13:54:26.0095 6052 RasMan - ok 13:54:26.0126 6052 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys 13:54:26.0142 6052 RasPppoe - ok 13:54:26.0142 6052 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys 13:54:26.0142 6052 RasSstp - ok 13:54:26.0157 6052 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys 13:54:26.0173 6052 rdbss - ok 13:54:26.0204 6052 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys 13:54:26.0204 6052 rdpbus - ok 13:54:26.0235 6052 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys 13:54:26.0235 6052 RDPCDD - ok 13:54:26.0267 6052 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys 13:54:26.0267 6052 RDPENCDD - ok 13:54:26.0267 6052 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys 13:54:26.0282 6052 RDPREFMP - ok 13:54:26.0345 6052 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys 13:54:26.0376 6052 RDPWD - ok 13:54:26.0423 6052 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys 13:54:26.0423 6052 rdyboost - ok 13:54:26.0501 6052 [ 18505D90FEE940EE9EAE4C5B421F22B4 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 13:54:26.0532 6052 RegSrvc - ok 13:54:26.0547 6052 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll 13:54:26.0563 6052 RemoteAccess - ok 13:54:26.0579 6052 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll 13:54:26.0594 6052 RemoteRegistry - ok 13:54:26.0610 6052 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll 13:54:26.0610 6052 RpcEptMapper - ok 13:54:26.0625 6052 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe 13:54:26.0641 6052 RpcLocator - ok 13:54:26.0672 6052 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll 13:54:26.0672 6052 RpcSs - ok 13:54:26.0719 6052 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys 13:54:26.0719 6052 rspndr - ok 13:54:26.0766 6052 [ 6D3C7E7D82D3DC92DC2A8B0DF9F20F8A ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys 13:54:26.0781 6052 RTL8167 - ok 13:54:26.0781 6052 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe 13:54:26.0781 6052 SamSs - ok 13:54:26.0813 6052 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys 13:54:26.0813 6052 sbp2port - ok 13:54:26.0844 6052 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll 13:54:26.0859 6052 SCardSvr - ok 13:54:26.0875 6052 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys 13:54:26.0875 6052 scfilter - ok 13:54:26.0922 6052 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll 13:54:26.0953 6052 Schedule - ok 13:54:26.0984 6052 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll 13:54:26.0984 6052 SCPolicySvc - ok 13:54:27.0015 6052 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\windows\system32\DRIVERS\sdbus.sys 13:54:27.0015 6052 sdbus - ok 13:54:27.0047 6052 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll 13:54:27.0047 6052 SDRSVC - ok 13:54:27.0078 6052 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys 13:54:27.0078 6052 secdrv - ok 13:54:27.0093 6052 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll 13:54:27.0109 6052 seclogon - ok 13:54:27.0125 6052 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll 13:54:27.0140 6052 SENS - ok 13:54:27.0171 6052 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll 13:54:27.0171 6052 SensrSvc - ok 13:54:27.0203 6052 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys 13:54:27.0218 6052 Serenum - ok 13:54:27.0234 6052 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys 13:54:27.0234 6052 Serial - ok 13:54:27.0249 6052 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys 13:54:27.0265 6052 sermouse - ok 13:54:27.0296 6052 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll 13:54:27.0296 6052 SessionEnv - ok 13:54:27.0312 6052 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys 13:54:27.0312 6052 sffdisk - ok 13:54:27.0327 6052 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys 13:54:27.0327 6052 sffp_mmc - ok 13:54:27.0343 6052 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys 13:54:27.0343 6052 sffp_sd - ok 13:54:27.0343 6052 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys 13:54:27.0343 6052 sfloppy - ok 13:54:27.0437 6052 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys 13:54:27.0452 6052 Sftfs - ok 13:54:27.0530 6052 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 13:54:27.0546 6052 sftlist - ok 13:54:27.0593 6052 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys 13:54:27.0593 6052 Sftplay - ok 13:54:27.0624 6052 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys 13:54:27.0624 6052 Sftredir - ok 13:54:27.0624 6052 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys 13:54:27.0624 6052 Sftvol - ok 13:54:27.0655 6052 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 13:54:27.0686 6052 sftvsa - ok 13:54:27.0717 6052 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll 13:54:27.0733 6052 SharedAccess - ok 13:54:27.0827 6052 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll 13:54:27.0827 6052 ShellHWDetection - ok 13:54:27.0858 6052 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys 13:54:27.0858 6052 SiSRaid2 - ok 13:54:27.0889 6052 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys 13:54:27.0889 6052 SiSRaid4 - ok 13:54:27.0951 6052 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 13:54:27.0951 6052 SkypeUpdate - ok 13:54:27.0983 6052 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys 13:54:27.0983 6052 Smb - ok 13:54:28.0045 6052 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe 13:54:28.0045 6052 SNMPTRAP - ok 13:54:28.0076 6052 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys 13:54:28.0076 6052 spldr - ok 13:54:28.0139 6052 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe 13:54:28.0154 6052 Spooler - ok 13:54:28.0263 6052 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe 13:54:28.0326 6052 sppsvc - ok 13:54:28.0341 6052 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll 13:54:28.0341 6052 sppuinotify - ok 13:54:28.0388 6052 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys 13:54:28.0404 6052 srv - ok 13:54:28.0419 6052 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys 13:54:28.0435 6052 srv2 - ok 13:54:28.0451 6052 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys 13:54:28.0451 6052 srvnet - ok 13:54:28.0482 6052 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll 13:54:28.0497 6052 SSDPSRV - ok 13:54:28.0513 6052 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll 13:54:28.0513 6052 SstpSvc - ok 13:54:28.0529 6052 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys 13:54:28.0529 6052 stexstor - ok 13:54:28.0591 6052 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll 13:54:28.0622 6052 stisvc - ok 13:54:28.0669 6052 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys 13:54:28.0669 6052 swenum - ok 13:54:28.0778 6052 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll 13:54:28.0825 6052 swprv - ok 13:54:28.0919 6052 [ F5B46DF59FEAA48A442AED7EEB754D4B ] SynTP C:\windows\system32\DRIVERS\SynTP.sys 13:54:28.0934 6052 SynTP - ok 13:54:29.0012 6052 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll 13:54:29.0043 6052 SysMain - ok 13:54:29.0075 6052 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll 13:54:29.0075 6052 TabletInputService - ok 13:54:29.0090 6052 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll 13:54:29.0090 6052 TapiSrv - ok 13:54:29.0106 6052 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll 13:54:29.0121 6052 TBS - ok 13:54:29.0215 6052 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\windows\system32\drivers\tcpip.sys 13:54:29.0246 6052 Tcpip - ok 13:54:29.0309 6052 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys 13:54:29.0324 6052 TCPIP6 - ok 13:54:29.0371 6052 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys 13:54:29.0371 6052 tcpipreg - ok 13:54:29.0402 6052 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys 13:54:29.0402 6052 tdcmdpst - ok 13:54:29.0449 6052 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys 13:54:29.0449 6052 TDPIPE - ok 13:54:29.0480 6052 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys 13:54:29.0480 6052 TDTCP - ok 13:54:29.0496 6052 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys 13:54:29.0511 6052 tdx - ok 13:54:29.0511 6052 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys 13:54:29.0511 6052 TermDD - ok 13:54:29.0558 6052 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll 13:54:29.0574 6052 TermService - ok 13:54:29.0589 6052 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll 13:54:29.0589 6052 Themes - ok 13:54:29.0636 6052 [ 7F35CA8296A52C7161088EB1D952E8ED ] Thpdrv C:\windows\system32\DRIVERS\thpdrv.sys 13:54:29.0636 6052 Thpdrv - ok 13:54:29.0699 6052 [ B4E609047434ED948AF7BDEF2FA66E38 ] Thpevm C:\windows\system32\DRIVERS\Thpevm.SYS 13:54:29.0699 6052 Thpevm - ok 13:54:29.0855 6052 [ 0B4734AE9EC70B843DF02E7B1C056377 ] Thpsrv C:\windows\system32\ThpSrv.exe 13:54:29.0870 6052 Thpsrv - ok 13:54:29.0886 6052 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll 13:54:29.0886 6052 THREADORDER - ok 13:54:29.0964 6052 [ 71C321649B28638EE80A2EEB164C1DC8 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe 13:54:29.0964 6052 TMachInfo - ok 13:54:30.0011 6052 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\windows\system32\TODDSrv.exe 13:54:30.0011 6052 TODDSrv - ok 13:54:30.0089 6052 [ 1C73689B900428C7D054A41C4687F55C ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe 13:54:30.0089 6052 TosCoSrv - ok 13:54:30.0167 6052 [ 63AAFCF3EA5DBB17123E0BAE9AFE4D58 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe 13:54:30.0167 6052 TOSHIBA eco Utility Service - ok 13:54:30.0213 6052 [ 29D0886CF250FCEF1BF9E65AB8D2C0C8 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe 13:54:30.0213 6052 TOSHIBA HDD SSD Alert Service - ok 13:54:30.0260 6052 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys 13:54:30.0260 6052 tos_sps64 - ok 13:54:30.0323 6052 [ 098B8A408C17E125A3D9A8E1166780C8 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe 13:54:30.0338 6052 TPCHSrv - ok 13:54:30.0369 6052 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll 13:54:30.0369 6052 TrkWks - ok 13:54:30.0432 6052 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe 13:54:30.0432 6052 TrustedInstaller - ok 13:54:30.0463 6052 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys 13:54:30.0463 6052 tssecsrv - ok 13:54:30.0494 6052 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys 13:54:30.0494 6052 TsUsbFlt - ok 13:54:30.0510 6052 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys 13:54:30.0525 6052 TsUsbGD - ok 13:54:30.0541 6052 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys 13:54:30.0541 6052 tunnel - ok 13:54:30.0572 6052 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS 13:54:30.0572 6052 TVALZ - ok 13:54:30.0603 6052 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys 13:54:30.0603 6052 TVALZFL - ok 13:54:30.0619 6052 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys 13:54:30.0619 6052 uagp35 - ok 13:54:30.0650 6052 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys 13:54:30.0650 6052 udfs - ok 13:54:30.0681 6052 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe 13:54:30.0681 6052 UI0Detect - ok 13:54:30.0713 6052 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys 13:54:30.0713 6052 uliagpkx - ok 13:54:30.0744 6052 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys 13:54:30.0744 6052 umbus - ok 13:54:30.0744 6052 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys 13:54:30.0759 6052 UmPass - ok 13:54:30.0884 6052 [ 374EBDA379A8F38E0CFC2211611E7167 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 13:54:30.0931 6052 UNS - ok 13:54:30.0978 6052 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll 13:54:30.0993 6052 upnphost - ok 13:54:31.0025 6052 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys 13:54:31.0025 6052 USBAAPL64 - ok 13:54:31.0056 6052 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys 13:54:31.0056 6052 usbccgp - ok 13:54:31.0087 6052 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys 13:54:31.0087 6052 usbcir - ok 13:54:31.0103 6052 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys 13:54:31.0103 6052 usbehci - ok 13:54:31.0118 6052 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\drivers\usbhub.sys 13:54:31.0134 6052 usbhub - ok 13:54:31.0149 6052 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys 13:54:31.0149 6052 usbohci - ok 13:54:31.0181 6052 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\drivers\usbprint.sys 13:54:31.0196 6052 usbprint - ok 13:54:31.0212 6052 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS 13:54:31.0212 6052 USBSTOR - ok 13:54:31.0227 6052 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys 13:54:31.0227 6052 usbuhci - ok 13:54:31.0274 6052 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys 13:54:31.0290 6052 usbvideo - ok 13:54:31.0321 6052 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll 13:54:31.0321 6052 UxSms - ok 13:54:31.0337 6052 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe 13:54:31.0352 6052 VaultSvc - ok 13:54:31.0399 6052 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys 13:54:31.0415 6052 vdrvroot - ok 13:54:31.0461 6052 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe 13:54:31.0477 6052 vds - ok 13:54:31.0508 6052 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys 13:54:31.0524 6052 vga - ok 13:54:31.0524 6052 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys 13:54:31.0524 6052 VgaSave - ok 13:54:31.0539 6052 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys 13:54:31.0539 6052 vhdmp - ok 13:54:31.0555 6052 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys 13:54:31.0555 6052 viaide - ok 13:54:31.0571 6052 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys 13:54:31.0571 6052 volmgr - ok 13:54:31.0586 6052 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys 13:54:31.0602 6052 volmgrx - ok 13:54:31.0617 6052 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys 13:54:31.0617 6052 volsnap - ok 13:54:31.0649 6052 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys 13:54:31.0649 6052 vsmraid - ok 13:54:31.0773 6052 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe 13:54:31.0805 6052 VSS - ok 13:54:31.0836 6052 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys 13:54:31.0836 6052 vwifibus - ok 13:54:31.0851 6052 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys 13:54:31.0851 6052 vwififlt - ok 13:54:31.0867 6052 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys 13:54:31.0883 6052 vwifimp - ok 13:54:31.0898 6052 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll 13:54:31.0898 6052 W32Time - ok 13:54:31.0929 6052 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys 13:54:31.0929 6052 WacomPen - ok 13:54:31.0961 6052 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys 13:54:31.0961 6052 WANARP - ok 13:54:31.0976 6052 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys 13:54:31.0976 6052 Wanarpv6 - ok 13:54:32.0054 6052 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe 13:54:32.0085 6052 WatAdminSvc - ok 13:54:32.0148 6052 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe 13:54:32.0179 6052 wbengine - ok 13:54:32.0195 6052 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll 13:54:32.0195 6052 WbioSrvc - ok 13:54:32.0210 6052 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll 13:54:32.0210 6052 wcncsvc - ok 13:54:32.0226 6052 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll 13:54:32.0226 6052 WcsPlugInService - ok 13:54:32.0257 6052 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys 13:54:32.0257 6052 Wd - ok 13:54:32.0319 6052 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys 13:54:32.0319 6052 Wdf01000 - ok 13:54:32.0351 6052 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll 13:54:32.0351 6052 WdiServiceHost - ok 13:54:32.0366 6052 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll 13:54:32.0366 6052 WdiSystemHost - ok 13:54:32.0397 6052 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll 13:54:32.0413 6052 WebClient - ok 13:54:32.0429 6052 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll 13:54:32.0444 6052 Wecsvc - ok 13:54:32.0460 6052 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll 13:54:32.0460 6052 wercplsupport - ok 13:54:32.0475 6052 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll 13:54:32.0491 6052 WerSvc - ok 13:54:32.0522 6052 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys 13:54:32.0522 6052 WfpLwf - ok 13:54:32.0553 6052 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys 13:54:32.0553 6052 WIMMount - ok 13:54:32.0569 6052 WinDefend - ok 13:54:32.0585 6052 WinHttpAutoProxySvc - ok 13:54:32.0631 6052 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll 13:54:32.0663 6052 Winmgmt - ok 13:54:32.0834 6052 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll 13:54:32.0959 6052 WinRM - ok 13:54:33.0006 6052 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys 13:54:33.0006 6052 WinUsb - ok 13:54:33.0115 6052 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll 13:54:33.0131 6052 Wlansvc - ok 13:54:33.0193 6052 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 13:54:33.0209 6052 wlcrasvc - ok 13:54:33.0380 6052 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 13:54:33.0411 6052 wlidsvc - ok 13:54:33.0443 6052 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys 13:54:33.0443 6052 WmiAcpi - ok 13:54:33.0489 6052 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe 13:54:33.0489 6052 wmiApSrv - ok 13:54:33.0521 6052 WMPNetworkSvc - ok 13:54:33.0552 6052 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll 13:54:33.0552 6052 WPCSvc - ok 13:54:33.0567 6052 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll 13:54:33.0583 6052 WPDBusEnum - ok 13:54:33.0614 6052 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys 13:54:33.0614 6052 ws2ifsl - ok 13:54:33.0630 6052 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\system32\wscsvc.dll 13:54:33.0630 6052 wscsvc - ok 13:54:33.0630 6052 WSearch - ok 13:54:33.0723 6052 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll 13:54:33.0770 6052 wuauserv - ok 13:54:33.0801 6052 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys 13:54:33.0801 6052 WudfPf - ok 13:54:33.0817 6052 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys 13:54:33.0817 6052 WUDFRd - ok 13:54:33.0848 6052 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll 13:54:33.0848 6052 wudfsvc - ok 13:54:33.0879 6052 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll 13:54:33.0895 6052 WwanSvc - ok 13:54:33.0911 6052 ================ Scan global =============================== 13:54:33.0926 6052 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll 13:54:33.0973 6052 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\windows\system32\winsrv.dll 13:54:33.0989 6052 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\windows\system32\winsrv.dll 13:54:34.0020 6052 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll 13:54:34.0051 6052 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe 13:54:34.0067 6052 [Global] - ok 13:54:34.0067 6052 ================ Scan MBR ================================== 13:54:34.0082 6052 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0 13:54:34.0379 6052 \Device\Harddisk0\DR0 - ok 13:54:34.0379 6052 ================ Scan VBR ================================== 13:54:34.0410 6052 [ 2410D28DC9439690F8EB468DB187AE40 ] \Device\Harddisk0\DR0\Partition1 13:54:34.0410 6052 \Device\Harddisk0\DR0\Partition1 - ok 13:54:34.0410 6052 ============================================================ 13:54:34.0410 6052 Scan finished 13:54:34.0410 6052 ============================================================ 13:54:34.0425 4068 Detected object count: 0 13:54:34.0425 4068 Actual detected object count: 0 13:55:39.0540 5304 Deinitialize success No threats found on ESET online scanner. ADWcleaner # AdwCleaner v2.105 - Logfile created 01/10/2013 at 15:27:12 # Updated 08/01/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Brittany - BRITTANY-PC # Boot Mode : Normal # Running from : C:\Users\Brittany\Desktop\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** ***** [Registry] ***** Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Found : HKLM\SOFTWARE\Software ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16457 [OK] Registry is clean. -\\ Mozilla Firefox v9.0.1 (en-US) File : C:\Users\Brittany\AppData\Roaming\Mozilla\Firefox\Profiles\uvri6fme.default\prefs.js [OK] File is clean. ************************* AdwCleaner[R1].txt - [814 octets] - [10/01/2013 15:27:12] ########## EOF - C:\AdwCleaner[R1].txt - [873 octets] ########## SecurityCheck Results of screen317's Security Check version 0.99.56 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Microsoft Security Essentials Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.70.0.1100 Java 6 Update 25 Java version out of Date! Adobe Flash Player 11.5.502.146 Adobe Reader 10.1.5 Adobe Reader out of Date! Mozilla Firefox (9.0.1) ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe Microsoft Security Essentials msseces.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 11% Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log``````````````````````
- January 10, 2013
- 8 replies
ManMich

Thankful for the awesome help I found here!
- January 6, 2013
LiveSearchNow has taken over search engines

ManMich replied to ManMich's topic in Resolved Malware Removal Logs

ComboFix 13-01-05.01 - Brittany 01/06/2013 10:53:17.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6051.4470 [GMT -6:00] Running from: c:\users\Brittany\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C} SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\Roaming c:\users\Brittany\AppData\Local\Apple\Adobe\cbgfw.dll c:\windows\wininit.ini . . ((((((((((((((((((((((((( Files Created from 2012-12-06 to 2013-01-06 ))))))))))))))))))))))))))))))) . . 2013-01-06 16:57 . 2013-01-06 16:57 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-01-05 17:31 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E192458A-3048-4D61-A651-69D0809A5912}\mpengine.dll 2013-01-05 15:26 . 2013-01-05 15:26 -------- d-----w- c:\users\Brittany\AppData\Local\Programs 2013-01-04 19:50 . 2007-04-10 07:06 10752 ----a-w- c:\windows\system32\E_GCINST.DLL 2013-01-04 19:50 . 2011-04-20 09:03 120320 ----a-w- c:\windows\system32\E_ILMIEE.DLL 2013-01-04 19:50 . 2011-04-20 09:03 120320 ----a-w- c:\windows\system32\E_ILMIEA.DLL 2013-01-04 19:50 . 2011-03-15 09:03 83968 ----a-w- c:\windows\system32\E_ID4BIEE.DLL 2013-01-04 19:50 . 2011-03-15 09:03 83968 ----a-w- c:\windows\system32\E_ID4BIEA.DLL 2013-01-04 15:50 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-12-27 03:04 . 2012-12-27 03:04 -------- d-----w- c:\program files\iPod 2012-12-27 03:04 . 2012-12-27 03:05 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69 2012-12-27 03:04 . 2012-12-27 03:05 -------- d-----w- c:\program files\iTunes 2012-12-27 03:04 . 2012-12-27 03:05 -------- d-----w- c:\program files (x86)\iTunes 2012-12-27 02:34 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll 2012-12-27 02:34 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2012-12-27 02:34 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll 2012-12-27 02:34 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll 2012-12-25 20:12 . 2012-12-25 20:12 -------- d-----w- c:\users\Brittany\AppData\Roaming\Canon 2012-12-25 19:58 . 2012-12-25 19:58 -------- d-----w- c:\program files (x86)\Canon 2012-12-25 19:57 . 2012-05-18 11:23 49664 ----a-w- c:\windows\system32\cnyscp1s.dll 2012-12-25 19:57 . 2012-05-18 11:23 49152 ----a-w- c:\windows\system32\cnyscp1r.dll 2012-12-25 19:57 . 2012-05-18 11:23 47104 ----a-w- c:\windows\system32\cnyscp1k.dll 2012-12-25 19:57 . 2012-05-18 11:23 47104 ----a-w- c:\windows\system32\cnyscp1j.dll 2012-12-25 19:57 . 2012-05-18 11:22 49152 ----a-w- c:\windows\system32\cnyscp1i.dll 2012-12-25 19:57 . 2012-05-18 11:22 49664 ----a-w- c:\windows\system32\cnyscp1g.dll 2012-12-25 19:57 . 2012-05-18 11:22 49152 ----a-w- c:\windows\system32\cnyscp1f.dll 2012-12-25 19:57 . 2012-05-18 11:21 48640 ----a-w- c:\windows\system32\cnyscp1e.dll 2012-12-25 19:57 . 2012-05-18 11:21 46592 ----a-w- c:\windows\system32\cnyscp1c.dll 2012-12-25 19:57 . 2012-05-18 09:59 70656 ----a-w- c:\windows\system32\cnyscp01.exe 2012-12-25 19:57 . 2012-05-11 11:10 68608 ----a-w- c:\windows\system32\cnylcp01.dll 2012-12-25 19:56 . 2012-06-18 19:16 179712 ----a-r- c:\windows\system32\CNYNPUI.dll 2012-12-25 19:56 . 2012-06-18 19:14 163328 ----a-r- c:\windows\system32\CNYNPPM.dll 2012-12-25 19:56 . 2012-12-25 19:56 -------- d--h--w- c:\programdata\CanonCP 2012-12-25 19:55 . 2012-12-25 19:55 -------- d-----w- c:\program files (x86)\Common Files\Canon 2012-12-20 02:51 . 2012-12-20 02:51 -------- d-----w- c:\program files (x86)\Common Files\Skype 2012-12-20 02:51 . 2012-12-20 02:51 -------- d-----r- c:\program files (x86)\Skype 2012-12-15 20:05 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll 2012-12-15 20:05 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-12-31 18:10 . 2012-08-12 17:07 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-12-31 18:10 . 2011-07-27 07:11 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-12-20 02:56 . 2012-01-27 13:06 67413224 ----a-w- c:\windows\system32\MRT.exe 2012-12-14 22:49 . 2012-01-02 22:04 24176 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-12-01 04:01 . 2012-12-01 04:01 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5FAE9ED3-245F-427A-B7CC-1ED9BBB89B20}\gapaengine.dll 2012-10-25 09:12 . 2012-10-25 09:12 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx 2012-10-25 09:12 . 2012-10-25 09:12 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts 2012-10-16 08:38 . 2012-12-01 03:44 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2012-10-16 08:38 . 2012-12-01 03:44 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2012-10-16 07:39 . 2012-12-01 03:44 561664 ----a-w- c:\windows\apppatch\AcLayers.dll 2012-10-09 18:17 . 2012-11-19 16:15 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll 2012-10-09 18:17 . 2012-11-19 16:15 226816 ----a-w- c:\windows\system32\dhcpcore6.dll 2012-10-09 17:40 . 2012-11-19 16:15 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll 2012-10-09 17:40 . 2012-11-19 16:15 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-11-24 39408] "EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\x64\3\E_IATIIEE.EXE" [2012-02-29 283232] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2010-11-09 532480] "HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2011-03-10 423936] "KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2010-08-16 34160] "ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2011-07-12 1298816] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-12-12 152544] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ SELPHY Photo Print Launcher.lnk - c:\program files (x86)\Canon\SELPHY Photo Print\CIC_SPPhelper.exe [2012-5-10 781824] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Best Buy pc app.lnk - c:\programdata\Best Buy pc app\ClickOnceSetup.exe [2011-2-25 15776] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944] R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2011-06-21 34200] R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2011-05-26 174680] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-06-01 340240] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-31 128456] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-13 368896] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-01-13 1255736] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys [2011-03-24 36992] S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS [2009-06-30 14784] S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [2011-06-10 482384] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe [2011-12-12 135824] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2011-05-24 294848] S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-20 14472] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280] S3 CeKbFilter;CeKbFilter;c:\windows\system32\DRIVERS\CeKbFilter.sys [2011-11-24 20592] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-16 317440] S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2011-06-21 25496] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-02-10 82432] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-02-10 181760] S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2011-02-09 38096] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-01-14 413800] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] S3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-07-12 57216] S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-06-10 138152] S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2011-07-01 828856] . . Contents of the 'Scheduled Tasks' folder . 2013-01-06 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-12 18:10] . 2013-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-24 10:55] . 2013-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-24 10:55] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ThpSrv"="c:\windows\system32\thpsrv" [X] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-07-02 167704] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-07-02 392472] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-07-02 416024] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-26 11775592] "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-01-18 2188904] "IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-06-01 1935120] "TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2011-06-10 710560] "TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-13 1289704] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = <local>;*.local IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 192.168.254.254 FF - ProfilePath - c:\users\Brittany\AppData\Roaming\Mozilla\Firefox\Profiles\uvri6fme.default\ FF - ExtSQL: 2012-11-21 11:22; e-webprint@epson.com; c:\program files (x86)\Epson Software\E-Web Print\Firefox Add-on . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) Wow6432Node-HKLM-Run-TSleepSrv - %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe Toolbar-Locked - (no file) HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe HKLM-Run-TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2013-01-06 11:00:02 ComboFix-quarantined-files.txt 2013-01-06 17:00 . Pre-Run: 551,036,207,104 bytes free Post-Run: 550,693,015,552 bytes free . - - End Of File - - AB6CD2B1B81477E8BB3FC09B23C90F9D DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16457 Run by Brittany at 11:04:03 on 2013-01-06 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6051.4179 [GMT -6:00] . AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C} SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k NetworkService C:\windows\system32\WLANExt.exe C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\windows\system32\svchost.exe -k imgsvc C:\windows\system32\ThpSrv.exe C:\windows\system32\TODDSrv.exe C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\windows\system32\EscSvc64.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\TOSHIBA\TECO\TecoService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\windows\system32\wbem\unsecapp.exe C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\windows\system32\SearchIndexer.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\windows\system32\taskhost.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\ThpSrv.exe C:\Program Files\TOSHIBA\TECO\Teco.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Program Files\TOSHIBA\FlashCards\Hotkey\TcrdKBB.exe C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\System32\spool\drivers\x64\3\E_IATIIEE.EXE C:\windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\windows\system32\SearchProtocolHost.exe C:\windows\system32\SearchFilterHost.exe C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe C:\windows\system32\igfxsrvc.exe C:\windows\system32\wbem\wmiprvse.exe C:\windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uProxyOverride = <local>;*.local BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: E-Web Print: {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: E-Web Print: {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll EB: E-Web Print: {A60C1DC7-64B3-4AD9-8E67-035D11B8B2B0} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [EPLTarget\P0000000000000000] C:\windows\System32\spool\DRIVERS\x64\3\E_IATIIEE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-200 Series" mRun: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL mRun: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP mRun: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SELPHY~1.LNK - C:\Program Files (x86)\Canon\SELPHY Photo Print\CIC_SPPhelper.exe uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab TCP: NameServer = 192.168.254.254 TCP: Interfaces\{4090FBAC-384A-4CE3-916F-ECCE9F2CED30} : DHCPNameServer = 192.168.254.254 TCP: Interfaces\{C5389018-F26B-4317-859E-8A96E48C7DA9} : DHCPNameServer = 192.168.254.254 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL x64-mStart Page = hxxp://start.toshiba.com/ x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe x64-Run: [Persistence] C:\windows\System32\igfxpers.exe x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 /MAXX3 x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [ThpSrv] C:\windows\System32\thpsrv /logon x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r x64-Run: [intelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Brittany\AppData\Roaming\Mozilla\Firefox\Profiles\uvri6fme.default\ FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll FF - ExtSQL: 2012-11-21 11:22; e-webprint@epson.com; C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2012-8-30 228768] R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\windows\System32\drivers\thpdrv.sys [2011-3-23 36992] R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\windows\System32\drivers\Thpevm.sys [2009-6-29 14784] R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\drivers\tos_sps64.sys [2011-11-24 482384] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 EpsonScanSvc;Epson Scanner Service;C:\windows\System32\escsvc64.exe [2012-11-19 135824] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2011-5-24 294848] R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-11-24 2656280] R3 CeKbFilter;CeKbFilter;C:\windows\System32\drivers\CeKbFilter.sys [2011-11-24 20592] R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2010-10-15 317440] R3 iwdbus;IWD Bus Enumerator;C:\windows\System32\drivers\iwdbus.sys [2011-6-21 25496] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\System32\drivers\nusb3hub.sys [2011-2-10 82432] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\System32\drivers\nusb3xhc.sys [2011-2-10 181760] R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2011-11-24 38096] R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-11-24 413800] R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2011-10-1 764264] R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648] R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960] R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2011-10-1 22376] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-11-24 57216] R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-6-9 138152] R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2011-7-1 828856] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944] S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\windows\System32\drivers\intelaud.sys [2011-6-21 34200] S3 JMCR;JMCR;C:\windows\System32\drivers\jmcr.sys [2011-5-26 174680] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-6-1 340240] S3 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2011-4-27 128456] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896] S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-9-28 53760] S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-1-13 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2013-01-06 16:51:53 98816 ----a-w- C:\windows\sed.exe 2013-01-06 16:51:53 256000 ----a-w- C:\windows\PEV.exe 2013-01-06 16:51:53 208896 ----a-w- C:\windows\MBR.exe 2013-01-05 17:31:37 9125352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E192458A-3048-4D61-A651-69D0809A5912}\mpengine.dll 2013-01-05 15:26:06 -------- d-----w- C:\Users\Brittany\AppData\Local\Programs 2013-01-04 19:50:30 10752 ----a-w- C:\windows\System32\E_GCINST.DLL 2013-01-04 19:50:26 120320 ----a-w- C:\windows\System32\E_ILMIEE.DLL 2013-01-04 19:50:26 120320 ----a-w- C:\windows\System32\E_ILMIEA.DLL 2013-01-04 19:50:25 83968 ----a-w- C:\windows\System32\E_ID4BIEE.DLL 2013-01-04 19:50:25 83968 ----a-w- C:\windows\System32\E_ID4BIEA.DLL 2013-01-04 15:50:27 9125352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-12-27 03:04:59 -------- d-----w- C:\Program Files\iPod 2012-12-27 03:04:58 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2012-12-27 03:04:58 -------- d-----w- C:\Program Files\iTunes 2012-12-27 03:04:58 -------- d-----w- C:\Program Files (x86)\iTunes 2012-12-27 02:34:19 46080 ----a-w- C:\windows\System32\atmlib.dll 2012-12-27 02:34:19 34304 ----a-w- C:\windows\SysWow64\atmlib.dll 2012-12-27 02:34:18 367616 ----a-w- C:\windows\System32\atmfd.dll 2012-12-27 02:34:16 295424 ----a-w- C:\windows\SysWow64\atmfd.dll 2012-12-25 19:58:24 -------- d-----w- C:\Program Files (x86)\Canon 2012-12-25 19:57:16 70656 ----a-w- C:\windows\System32\cnyscp01.exe 2012-12-25 19:57:16 68608 ----a-w- C:\windows\System32\cnylcp01.dll 2012-12-25 19:57:16 49664 ----a-w- C:\windows\System32\cnyscp1s.dll 2012-12-25 19:57:16 49664 ----a-w- C:\windows\System32\cnyscp1g.dll 2012-12-25 19:57:16 49152 ----a-w- C:\windows\System32\cnyscp1r.dll 2012-12-25 19:57:16 49152 ----a-w- C:\windows\System32\cnyscp1i.dll 2012-12-25 19:57:16 49152 ----a-w- C:\windows\System32\cnyscp1f.dll 2012-12-25 19:57:16 48640 ----a-w- C:\windows\System32\cnyscp1e.dll 2012-12-25 19:57:16 47104 ----a-w- C:\windows\System32\cnyscp1k.dll 2012-12-25 19:57:16 47104 ----a-w- C:\windows\System32\cnyscp1j.dll 2012-12-25 19:57:16 46592 ----a-w- C:\windows\System32\cnyscp1c.dll 2012-12-25 19:56:03 179712 ----a-r- C:\windows\System32\CNYNPUI.dll 2012-12-25 19:56:03 163328 ----a-r- C:\windows\System32\CNYNPPM.dll 2012-12-25 19:56:01 -------- d--h--w- C:\ProgramData\CanonCP 2012-12-25 19:55:19 -------- d-----w- C:\Program Files (x86)\Common Files\Canon 2012-12-20 02:51:19 -------- d-----r- C:\Program Files (x86)\Skype 2012-12-15 20:05:55 478208 ----a-w- C:\windows\System32\dpnet.dll 2012-12-15 20:05:55 376832 ----a-w- C:\windows\SysWow64\dpnet.dll . ==================== Find3M ==================== . 2012-12-31 18:10:16 73656 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-12-31 18:10:16 697272 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe 2012-12-14 22:49:28 24176 ----a-w- C:\windows\System32\drivers\mbam.sys 2012-11-22 03:26:40 3149824 ----a-w- C:\windows\System32\win32k.sys 2012-11-14 06:11:44 2312704 ----a-w- C:\windows\System32\jscript9.dll 2012-11-14 06:04:11 1392128 ----a-w- C:\windows\System32\wininet.dll 2012-11-14 06:02:49 1494528 ----a-w- C:\windows\System32\inetcpl.cpl 2012-11-14 05:57:46 599040 ----a-w- C:\windows\System32\vbscript.dll 2012-11-14 05:57:35 173056 ----a-w- C:\windows\System32\ieUnatt.exe 2012-11-14 05:52:40 2382848 ----a-w- C:\windows\System32\mshtml.tlb 2012-11-14 02:09:22 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll 2012-11-14 01:58:15 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl 2012-11-14 01:57:37 1129472 ----a-w- C:\windows\SysWow64\wininet.dll 2012-11-14 01:49:25 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe 2012-11-14 01:48:27 420864 ----a-w- C:\windows\SysWow64\vbscript.dll 2012-11-14 01:44:42 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb 2012-11-09 05:45:09 2048 ----a-w- C:\windows\System32\tzres.dll 2012-11-09 04:42:49 2048 ----a-w- C:\windows\SysWow64\tzres.dll 2012-10-25 09:12:26 94208 ----a-w- C:\windows\SysWow64\QuickTimeVR.qtx 2012-10-25 09:12:26 69632 ----a-w- C:\windows\SysWow64\QuickTime.qts 2012-10-16 08:38:37 135168 ----a-w- C:\windows\apppatch\AppPatch64\AcXtrnal.dll 2012-10-16 08:38:34 350208 ----a-w- C:\windows\apppatch\AppPatch64\AcLayers.dll 2012-10-16 07:39:52 561664 ----a-w- C:\windows\apppatch\AcLayers.dll 2012-10-09 18:17:13 55296 ----a-w- C:\windows\System32\dhcpcsvc6.dll 2012-10-09 18:17:13 226816 ----a-w- C:\windows\System32\dhcpcore6.dll 2012-10-09 17:40:31 44032 ----a-w- C:\windows\SysWow64\dhcpcsvc6.dll 2012-10-09 17:40:31 193536 ----a-w- C:\windows\SysWow64\dhcpcore6.dll . ============= FINISH: 11:04:11.03 ===============
- January 6, 2013
- 8 replies
LiveSearchNow has taken over search engines

ManMich replied to ManMich's topic in Resolved Malware Removal Logs

Malwarebytes new quick scan. It is the updated version. Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Database version: v2013.01.06.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Brittany :: BRITTANY-PC [administrator] 1/6/2013 10:33:11 AM mbam-log-2013-01-06 (10-33-11).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 208125 Time elapsed: 2 minute(s), 11 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
- January 6, 2013
- 8 replies
LiveSearchNow has taken over search engines

ManMich posted a topic in Resolved Malware Removal Logs

Hello. Something called LiveSearchNow.com has taken over my search engines. It started doing all this today. I ran malwarebytes fullscan and it found Trojan.Hapilli that I had it delete but that didn't correct it. I have the logs from Malwarebytes quickscan, attach.txt, and dds.txt. I will post them in that order respectively. I really appreciate help on this. Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Database version: v2013.01.05.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Brittany :: BRITTANY-PC [administrator] 1/5/2013 7:52:19 PM mbam-log-2013-01-05 (19-52-19).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 207852 Time elapsed: 2 minute(s), 44 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) ------------------------------------------------------------------------------------------------------------ . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 1/2/2012 3:02:47 PM System Uptime: 1/5/2013 7:15:12 PM (0 hours ago) . Motherboard: TOSHIBA | | PEQAA Processor: Intel® Core i3-2330M CPU @ 2.20GHz | CPU 1 | 792/400mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 580 GiB total, 513.512 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP66: 11/20/2012 10:18:10 AM - Windows Update RP67: 11/21/2012 10:51:09 AM - Installed Download Navigator RP68: 11/21/2012 11:21:21 AM - Device Driver Package Install: EPSON Printers RP69: 11/23/2012 3:54:36 PM - Windows Update RP70: 11/30/2012 10:00:57 PM - Windows Update RP72: 12/9/2012 6:15:55 PM - Windows Modules Installer RP73: 12/9/2012 6:40:40 PM - Windows Update RP74: 12/19/2012 8:52:56 PM - Windows Update RP75: 12/25/2012 1:49:31 PM - Windows Update RP76: 12/25/2012 1:57:20 PM - Device Driver Package Install: Canon Printers RP77: 12/26/2012 8:33:52 PM - Windows Update RP78: 12/31/2012 10:24:33 AM - Windows Update RP79: 1/4/2013 9:50:03 AM - Windows Update RP80: 1/4/2013 1:35:45 PM - Installed Download Navigator . ==== Installed Programs ====================== . Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Photoshop Elements 7.0 Adobe Reader X (10.1.4) MUI Apple Application Support Apple Mobile Device Support Apple Software Update Best Buy pc app Bonjour Canon SELPHY CP900 Canon Utilities SELPHY Photo Print Canon Utilities SELPHY Print Contents 1.3.0 CCleaner D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Download Navigator Epson Connect Epson Connect Printer Setup Epson E-Web Print EPSON Printer Finder EPSON Remote Print Uninstall EPSON Scan EPSON XP-200 Series Printer Uninstall EpsonNet Print Google Toolbar for Internet Explorer Google Update Helper iCloud Intel PROSet Wireless Intel® Management Engine Components Intel® Processor Graphics Intel® PROSet/Wireless WiFi Software Intel® Rapid Storage Technology Intel® WiDi Intel® Wireless Display iTunes Java Auto Updater Java 6 Update 25 JMicron Flash Media Controller Driver Junk Mail filter update Label@Once 1.0 Malwarebytes Anti-Malware version 1.70.0.1100 Mesh Runtime Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2010 Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Click-to-Run 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Mozilla Firefox 9.0.1 (x86 en-US) MSVCRT MSVCRT_amd64 PlayReady PC Runtime amd64 PlayReady PC Runtime x86 QuickTime Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Renesas Electronics USB 3.0 Host Controller Driver Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft Visio 2010 (KB2687508) 32-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition Skype™ 6.0 Synaptics Pointing Device Driver TOSHIBA Application Installer TOSHIBA Assist Toshiba Book Place TOSHIBA Bulletin Board TOSHIBA Disc Creator TOSHIBA eco Utility TOSHIBA Face Recognition TOSHIBA Flash Cards Support Utility TOSHIBA Hardware Setup TOSHIBA HDD Protection TOSHIBA HDD/SSD Alert TOSHIBA Media Controller TOSHIBA Media Controller Plug-in TOSHIBA PC Health Monitor TOSHIBA Quality Application TOSHIBA Recovery Media Creator TOSHIBA ReelTime TOSHIBA Resolution+ Plug-in for Windows Media Player TOSHIBA Service Station TOSHIBA Sleep Utility TOSHIBA Supervisor Password TOSHIBA Value Added Package TOSHIBA VIDEO PLAYER TOSHIBA Web Camera Application TOSHIBA Wireless Display Monitor TOSHIBA Wireless LAN Indicator TOSHIBARegistration Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition Utility Common Driver Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources . ==== Event Viewer Messages From Past Week ======== . 12/31/2012 10:11:24 AM, Error: ACPI [13] - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly. 1/5/2013 5:03:34 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1. 1/3/2013 10:41:14 AM, Error: Schannel [36888] - The following fatal alert was generated: 40. The internal error state is 107. 1/3/2013 10:41:14 AM, Error: Schannel [36874] - An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed. . ==== End Of File =========================== -------------------------------------------------------------------------------------------------------------------------- DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16457 Run by Brittany at 19:56:48 on 2013-01-05 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6051.4250 [GMT -6:00] . AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C} SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k NetworkService C:\windows\system32\WLANExt.exe C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\windows\system32\svchost.exe -k imgsvc C:\windows\system32\ThpSrv.exe C:\windows\system32\TODDSrv.exe C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\windows\system32\EscSvc64.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\TOSHIBA\TECO\TecoService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE c:\Program Files\Microsoft Security Client\NisSrv.exe C:\windows\system32\wbem\unsecapp.exe C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\windows\system32\SearchIndexer.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\windows\system32\taskhost.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\ThpSrv.exe C:\Program Files\TOSHIBA\TECO\Teco.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Program Files\TOSHIBA\FlashCards\Hotkey\TcrdKBB.exe C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\spool\drivers\x64\3\E_IATIIEE.EXE C:\windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\windows\SysWOW64\rundll32.exe C:\Program Files\iPod\bin\iPodService.exe C:\windows\System32\svchost.exe -k LocalServicePeerNet C:\windows\system32\taskeng.exe C:\Program Files (x86)\TOSHIBA\widimon\widimon.exe C:\windows\system32\igfxext.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\windows\System32\WUDFHost.exe C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\windows\system32\SearchProtocolHost.exe c:\Program Files\Microsoft Security Client\MpCmdRun.exe C:\windows\system32\SearchFilterHost.exe C:\windows\system32\igfxsrvc.exe C:\windows\system32\wbem\wmiprvse.exe C:\windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uDefault_Page_URL = hxxp://start.toshiba.com/?cid=C001B2Y uProxyOverride = <local>;*.local mWinlogon: Userinit = userinit.exe, BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: E-Web Print: {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: E-Web Print: {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll EB: E-Web Print: {A60C1DC7-64B3-4AD9-8E67-035D11B8B2B0} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [Adobe] rundll32 "C:\Users\Brittany\AppData\Local\Apple\Adobe\cbgfw.dll",DllRegisterServerW uRun: [EPLTarget\P0000000000000000] C:\windows\System32\spool\DRIVERS\x64\3\E_IATIIEE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-200 Series" mRun: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL mRun: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP mRun: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM mRun: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SELPHY~1.LNK - C:\Program Files (x86)\Canon\SELPHY Photo Print\CIC_SPPhelper.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab TCP: NameServer = 192.168.254.254 TCP: Interfaces\{4090FBAC-384A-4CE3-916F-ECCE9F2CED30} : DHCPNameServer = 192.168.254.254 TCP: Interfaces\{C5389018-F26B-4317-859E-8A96E48C7DA9} : DHCPNameServer = 192.168.254.254 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL x64-mStart Page = hxxp://start.toshiba.com/ x64-mDefault_Page_URL = hxxp://start.toshiba.com/ x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe x64-Run: [Persistence] C:\windows\System32\igfxpers.exe x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 /MAXX3 x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [ThpSrv] C:\windows\System32\thpsrv /logon x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r x64-Run: [intelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Brittany\AppData\Roaming\Mozilla\Firefox\Profiles\uvri6fme.default\ FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll FF - ExtSQL: 2012-11-21 11:22; e-webprint@epson.com; C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2012-8-30 228768] R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\windows\System32\drivers\thpdrv.sys [2011-3-23 36992] R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\windows\System32\drivers\Thpevm.sys [2009-6-29 14784] R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\drivers\tos_sps64.sys [2011-11-24 482384] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 EpsonScanSvc;Epson Scanner Service;C:\windows\System32\escsvc64.exe [2012-11-19 135824] R2 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2011-4-27 128456] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2011-5-24 294848] R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-11-24 2656280] R3 CeKbFilter;CeKbFilter;C:\windows\System32\drivers\CeKbFilter.sys [2011-11-24 20592] R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2010-10-15 317440] R3 iwdbus;IWD Bus Enumerator;C:\windows\System32\drivers\iwdbus.sys [2011-6-21 25496] R3 JMCR;JMCR;C:\windows\System32\drivers\jmcr.sys [2011-5-26 174680] R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\System32\drivers\nusb3hub.sys [2011-2-10 82432] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\System32\drivers\nusb3xhc.sys [2011-2-10 181760] R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2011-11-24 38096] R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-11-24 413800] R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2011-10-1 764264] R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648] R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960] R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2011-10-1 22376] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-11-24 57216] R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-6-9 138152] R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2011-7-1 828856] R3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-9-28 53760] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944] S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\windows\System32\drivers\intelaud.sys [2011-6-21 34200] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-6-1 340240] S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-1-13 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2013-01-05 17:31:37 9125352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E192458A-3048-4D61-A651-69D0809A5912}\mpengine.dll 2013-01-05 15:26:06 -------- d-----w- C:\Users\Brittany\AppData\Local\Programs 2013-01-04 19:50:30 10752 ----a-w- C:\windows\System32\E_GCINST.DLL 2013-01-04 19:50:26 120320 ----a-w- C:\windows\System32\E_ILMIEE.DLL 2013-01-04 19:50:26 120320 ----a-w- C:\windows\System32\E_ILMIEA.DLL 2013-01-04 19:50:25 83968 ----a-w- C:\windows\System32\E_ID4BIEE.DLL 2013-01-04 19:50:25 83968 ----a-w- C:\windows\System32\E_ID4BIEA.DLL 2013-01-04 15:50:27 9125352 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-12-27 03:04:59 -------- d-----w- C:\Program Files\iPod 2012-12-27 03:04:58 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2012-12-27 03:04:58 -------- d-----w- C:\Program Files\iTunes 2012-12-27 03:04:58 -------- d-----w- C:\Program Files (x86)\iTunes 2012-12-27 02:34:19 46080 ----a-w- C:\windows\System32\atmlib.dll 2012-12-27 02:34:19 34304 ----a-w- C:\windows\SysWow64\atmlib.dll 2012-12-27 02:34:18 367616 ----a-w- C:\windows\System32\atmfd.dll 2012-12-27 02:34:16 295424 ----a-w- C:\windows\SysWow64\atmfd.dll 2012-12-25 19:58:24 -------- d-----w- C:\Program Files (x86)\Canon 2012-12-25 19:57:16 70656 ----a-w- C:\windows\System32\cnyscp01.exe 2012-12-25 19:57:16 68608 ----a-w- C:\windows\System32\cnylcp01.dll 2012-12-25 19:57:16 49664 ----a-w- C:\windows\System32\cnyscp1s.dll 2012-12-25 19:57:16 49664 ----a-w- C:\windows\System32\cnyscp1g.dll 2012-12-25 19:57:16 49152 ----a-w- C:\windows\System32\cnyscp1r.dll 2012-12-25 19:57:16 49152 ----a-w- C:\windows\System32\cnyscp1i.dll 2012-12-25 19:57:16 49152 ----a-w- C:\windows\System32\cnyscp1f.dll 2012-12-25 19:57:16 48640 ----a-w- C:\windows\System32\cnyscp1e.dll 2012-12-25 19:57:16 47104 ----a-w- C:\windows\System32\cnyscp1k.dll 2012-12-25 19:57:16 47104 ----a-w- C:\windows\System32\cnyscp1j.dll 2012-12-25 19:57:16 46592 ----a-w- C:\windows\System32\cnyscp1c.dll 2012-12-25 19:56:03 179712 ----a-r- C:\windows\System32\CNYNPUI.dll 2012-12-25 19:56:03 163328 ----a-r- C:\windows\System32\CNYNPPM.dll 2012-12-25 19:56:01 -------- d--h--w- C:\ProgramData\CanonCP 2012-12-25 19:55:19 -------- d-----w- C:\Program Files (x86)\Common Files\Canon 2012-12-20 02:51:19 -------- d-----r- C:\Program Files (x86)\Skype 2012-12-15 20:05:55 478208 ----a-w- C:\windows\System32\dpnet.dll 2012-12-15 20:05:55 376832 ----a-w- C:\windows\SysWow64\dpnet.dll . ==================== Find3M ==================== . 2012-12-31 18:10:16 73656 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-12-31 18:10:16 697272 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe 2012-12-14 22:49:28 24176 ----a-w- C:\windows\System32\drivers\mbam.sys 2012-11-22 03:26:40 3149824 ----a-w- C:\windows\System32\win32k.sys 2012-11-14 06:11:44 2312704 ----a-w- C:\windows\System32\jscript9.dll 2012-11-14 06:04:11 1392128 ----a-w- C:\windows\System32\wininet.dll 2012-11-14 06:02:49 1494528 ----a-w- C:\windows\System32\inetcpl.cpl 2012-11-14 05:57:46 599040 ----a-w- C:\windows\System32\vbscript.dll 2012-11-14 05:57:35 173056 ----a-w- C:\windows\System32\ieUnatt.exe 2012-11-14 05:52:40 2382848 ----a-w- C:\windows\System32\mshtml.tlb 2012-11-14 02:09:22 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll 2012-11-14 01:58:15 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl 2012-11-14 01:57:37 1129472 ----a-w- C:\windows\SysWow64\wininet.dll 2012-11-14 01:49:25 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe 2012-11-14 01:48:27 420864 ----a-w- C:\windows\SysWow64\vbscript.dll 2012-11-14 01:44:42 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb 2012-11-09 05:45:09 2048 ----a-w- C:\windows\System32\tzres.dll 2012-11-09 04:42:49 2048 ----a-w- C:\windows\SysWow64\tzres.dll 2012-10-25 09:12:26 94208 ----a-w- C:\windows\SysWow64\QuickTimeVR.qtx 2012-10-25 09:12:26 69632 ----a-w- C:\windows\SysWow64\QuickTime.qts 2012-10-16 08:38:37 135168 ----a-w- C:\windows\apppatch\AppPatch64\AcXtrnal.dll 2012-10-16 08:38:34 350208 ----a-w- C:\windows\apppatch\AppPatch64\AcLayers.dll 2012-10-16 07:39:52 561664 ----a-w- C:\windows\apppatch\AcLayers.dll 2012-10-09 18:17:13 55296 ----a-w- C:\windows\System32\dhcpcsvc6.dll 2012-10-09 18:17:13 226816 ----a-w- C:\windows\System32\dhcpcore6.dll 2012-10-09 17:40:31 44032 ----a-w- C:\windows\SysWow64\dhcpcsvc6.dll 2012-10-09 17:40:31 193536 ----a-w- C:\windows\SysWow64\dhcpcore6.dll . ============= FINISH: 19:57:14.22 ===============
- January 6, 2013
- 8 replies

Sign In

ManMich

Posts

Joined

Last visited

Reputation

About ManMich

LiveSearchNow has taken over search engines

LiveSearchNow has taken over search engines

ManMich

LiveSearchNow has taken over search engines

LiveSearchNow has taken over search engines

LiveSearchNow has taken over search engines

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information