im infected

[suttonsoft]

im infected, and cant install malwarebytes protection, please help!

[MrCharlie]

Welcome to the forum, please start at the link below:

http://forums.malwarebytes.org/index.php?showtopic=9573

Post back the 2 logs.

MrC

[suttonsoft]

.thanks

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 8.0.7600.16385

Run by danger at 15:06:02 on 2012-03-27

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3964.2317 [GMT -7:00]

.

AV: Kaspersky Internet Security *Enabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Kaspersky Internet Security *Enabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}

FW: Kaspersky Internet Security *Enabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}

.

============== Running Processes ===============

.

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\windows\system32\ThpSrv.exe

C:\Windows\system32\TODDSrv.exe

C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

C:\Program Files\TOSHIBA\TECO\TecoService.exe

C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\windows\system32\taskhost.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Windows\System32\ThpSrv.exe

C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe

C:\windows\system32\igfxsrvc.exe

C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

C:\windows\system32\taskeng.exe

C:\Program Files\TOSHIBA\TECO\Teco.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

C:\windows\system32\igfxext.exe

C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe

C:\windows\system32\svchost.exe -k HPService

C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe

C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

C:\windows\System32\svchost.exe -k secsvcs

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtblfs.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\windows\system32\wuauclt.exe

C:\windows\SysWOW64\cmd.exe

C:\windows\system32\conhost.exe

C:\windows\SysWOW64\cscript.exe

C:\windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll

BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll

TB: @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

{555d4d79-4bd2-4094-a395-cfc534424a05}

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [Google Update] "C:\Users\danger\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount

uRunOnce: [FlashPlayerUpdate] C:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p

mRun: [TUSBSleepChargeSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe

mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED

mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"

mRun: [Auto Run Software for Photo Frame]

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [<NO NAME>]

mRun: [bing Bar] "C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe"

mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

StartupFolder: C:\Users\danger\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\PMBMED~1.LNK - C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDDMST~1.LNK - C:\Program Files (x86)\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDSMAR~1.LNK - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll

IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL

IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll

DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab

TCP: DhcpNameServer = 216.170.112.1 216.170.112.30 11.0.0.1

TCP: Interfaces\{3C92850D-A192-4F23-983F-19D123081ADB} : DhcpNameServer = 216.170.112.1 216.170.112.30 11.0.0.1

TCP: Interfaces\{3C92850D-A192-4F23-983F-19D123081ADB}\7596562737D616 : DhcpNameServer = 192.168.1.254

TCP: Interfaces\{3C92850D-A192-4F23-983F-19D123081ADB}\B4E656368647E45647 : DhcpNameServer = 216.170.112.1 216.170.112.30 11.0.0.1

TCP: Interfaces\{3C92850D-A192-4F23-983F-19D123081ADB}\C696E6B6379737 : DhcpNameServer = 216.170.112.1 216.170.112.30 11.0.0.1

Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files (x86)\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll

Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\System32\mscoree.dll

AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~2\MZVKBD3.DLL, C:\PROGRA~2\KASPER~1\KASPER~2\SBHOOK.DLL C:\PROGRA~2\GOOGLE\GOOGLE~3\GO36F4~1.DLL

mASetup: {01250B8F-D947-4F8A-9408-FE8E3EE2EC92} - C:\Program Files (x86)\TOSHIBA\My Toshiba\MyToshiba.exe /SETUP

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll

BHO-X64: IEVkbdBHO - No File

BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO-X64: Search Helper - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll

BHO-X64: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll

BHO-X64: link filter bho - No File

TB-X64: @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File

mRun-x64: [TUSBSleepChargeSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe

mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED

mRun-x64: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"

mRun-x64: [Auto Run Software for Photo Frame]

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun-x64: [(Default)]

mRun-x64: [bing Bar] "C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe"

mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

AppInit_DLLs-X64: C:\PROGRA~2\KASPER~1\KASPER~2\MZVKBD3.DLL, C:\PROGRA~2\KASPER~1\KASPER~2\SBHOOK.DLL C:\PROGRA~2\GOOGLE\GOOGLE~3\GO36F4~1.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\danger\AppData\Roaming\Mozilla\Firefox\Profiles\a4n5j32w.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IP2TDF&PC=IP2TDF&q=

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IP2TDF&PC=IP2TDF&q=

FF - prefs.js: network.proxy.type - 4

FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll

FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru\components\abhelperxpcom.dll

FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.23\npGoogleOneClick8.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\danger\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: C:\Users\danger\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Kaspersky URL Advisor: linkfilter@kaspersky.ru - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru

FF - Ext: Skype extension for Firefox: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}

FF - Ext: Anti-Banner: KavAntiBanner@Kaspersky.ru - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru

.

============= SERVICES / DRIVERS ===============

.

R0 PxHlpa64;PxHlpa64;C:\windows\system32\Drivers\PxHlpa64.sys --> C:\windows\system32\Drivers\PxHlpa64.sys [?]

R1 kl2;kl2;C:\windows\system32\DRIVERS\kl2.sys --> C:\windows\system32\DRIVERS\kl2.sys [?]

R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\windows\system32\DRIVERS\klim6.sys --> C:\windows\system32\DRIVERS\klim6.sys [?]

R2 rimspci;rimspci;C:\windows\system32\DRIVERS\rimspe64.sys --> C:\windows\system32\DRIVERS\rimspe64.sys [?]

R2 risdpcie;risdpcie;C:\windows\system32\DRIVERS\risdpe64.sys --> C:\windows\system32\DRIVERS\risdpe64.sys [?]

R2 rixdpcie;rixdpcie;C:\windows\system32\DRIVERS\rixdpe64.sys --> C:\windows\system32\DRIVERS\rixdpe64.sys [?]

R3 FwLnk;FwLnk Driver;C:\windows\system32\DRIVERS\FwLnk.sys --> C:\windows\system32\DRIVERS\FwLnk.sys [?]

R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\windows\system32\drivers\IntcHdmi.sys --> C:\windows\system32\drivers\IntcHdmi.sys [?]

R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys --> C:\windows\system32\DRIVERS\pgeffect.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?]

R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\windows\system32\DRIVERS\rtl8192se.sys --> C:\windows\system32\DRIVERS\rtl8192se.sys [?]

S3 klmouflt;Kaspersky Lab KLMOUFLT;C:\windows\system32\DRIVERS\klmouflt.sys --> C:\windows\system32\DRIVERS\klmouflt.sys [?]

.

=============== Created Last 30 ================

.

2012-03-27 21:13:51 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5D7ADE78-F0B6-4D2D-8F54-88D56E0763AC}\mpengine.dll

2012-03-14 17:16:30 3143168 ----a-w- C:\windows\System32\win32k.sys

2012-03-14 17:16:21 902656 ----a-w- C:\windows\System32\d2d1.dll

2012-03-14 17:16:21 1837568 ----a-w- C:\windows\System32\d3d10warp.dll

2012-03-14 17:16:21 1170944 ----a-w- C:\windows\SysWow64\d3d10warp.dll

2012-03-14 17:16:20 739840 ----a-w- C:\windows\SysWow64\d2d1.dll

2012-03-14 17:16:19 320512 ----a-w- C:\windows\System32\d3d10_1core.dll

2012-03-14 17:16:19 1541120 ----a-w- C:\windows\System32\DWrite.dll

2012-03-14 17:16:19 1074176 ----a-w- C:\windows\SysWow64\DWrite.dll

2012-03-14 17:16:18 218624 ----a-w- C:\windows\SysWow64\d3d10_1core.dll

2012-03-14 17:16:18 197120 ----a-w- C:\windows\System32\d3d10_1.dll

2012-03-14 17:16:18 161792 ----a-w- C:\windows\SysWow64\d3d10_1.dll

2012-03-14 17:12:56 826368 ----a-w- C:\windows\SysWow64\rdpcore.dll

2012-03-14 17:12:56 23552 ----a-w- C:\windows\System32\drivers\tdtcp.sys

2012-03-14 17:12:56 204800 ----a-w- C:\windows\System32\drivers\rdpwd.sys

2012-03-14 17:12:56 1031680 ----a-w- C:\windows\System32\rdpcore.dll

2012-03-14 17:12:45 9216 ----a-w- C:\windows\System32\rdrmemptylst.exe

2012-03-14 17:12:45 76288 ----a-w- C:\windows\System32\rdpwsx.dll

2012-03-14 17:12:45 149504 ----a-w- C:\windows\System32\rdpcorekmts.dll

.

==================== Find3M ====================

.

2012-02-23 16:18:36 279656 ------w- C:\windows\System32\MpSigStub.exe

.

============= FINISH: 15:07:26.65 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 12/28/2009 5:06:55 PM

System Uptime: 3/27/2012 1:58:55 PM (2 hours ago)

.

Motherboard: TOSHIBA | | Portable PC

Processor: Intel® Core2 Duo CPU T6600 @ 2.20GHz | CPU | 2200/800mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 454 GiB total, 337.525 GiB free.

D: is CDROM (CDFS)

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID:

Description: Officejet Pro 8500 A910

Device ID: ROOT\MULTIFUNCTION\0000

Manufacturer:

Name: Officejet Pro 8500 A910

PNP Device ID: ROOT\MULTIFUNCTION\0000

Service:

.

Class GUID:

Description: Officejet Pro 8500 A910

Device ID: ROOT\MULTIFUNCTION\0001

Manufacturer:

Name: Officejet Pro 8500 A910

PNP Device ID: ROOT\MULTIFUNCTION\0001

Service:

.

Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}

Description: Officejet Pro 8500 A910

Device ID: ROOT\MULTIFUNCTION\0002

Manufacturer: HP

Name: Officejet Pro 8500 A910

PNP Device ID: ROOT\MULTIFUNCTION\0002

Service:

.

Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}

Description: Deskjet 6940 series

Device ID: ROOT\MULTIFUNCTION\0003

Manufacturer: HP

Name: Deskjet 6940 series

PNP Device ID: ROOT\MULTIFUNCTION\0003

Service:

.

==== System Restore Points ===================

.

RP320: 3/3/2012 12:39:23 PM - Windows Update

RP321: 3/8/2012 7:03:44 AM - Windows Update

RP322: 3/9/2012 4:35:42 PM - Windows Update

RP323: 3/11/2012 5:05:51 PM - Windows Update

RP324: 3/14/2012 10:14:17 AM - Windows Update

RP325: 3/15/2012 9:21:04 AM - Windows Update

RP326: 3/15/2012 10:37:31 PM - Windows Update

RP327: 3/17/2012 10:49:18 AM - Windows Update

RP328: 3/17/2012 10:53:36 AM - Windows Update

RP329: 3/17/2012 11:16:08 PM - Windows Update

RP330: 3/20/2012 8:48:25 AM - Windows Update

RP331: 3/20/2012 5:34:29 PM - Windows Update

RP332: 3/21/2012 2:02:13 PM - Windows Update

RP333: 3/22/2012 8:38:37 PM - Windows Update

RP334: 3/22/2012 11:31:38 PM - Windows Update

RP335: 3/23/2012 10:22:32 PM - Windows Update

RP336: 3/23/2012 10:33:41 PM - Windows Update

RP337: 3/24/2012 10:10:55 PM - Windows Update

RP338: 3/25/2012 1:44:48 PM - Windows Update

RP339: 3/25/2012 10:16:04 PM - Windows Update

RP340: 3/27/2012 2:10:08 PM - Windows Update

RP341: 3/27/2012 2:12:43 PM - Windows Update

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

1600

1600_Help

1600Trb

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 9.2

AIO_CDB_ProductContext

AIO_CDB_Software

AIO_Scan

Apple Application Support

Apple Software Update

Bing Bar

Bing Bar Platform

BufferChm

Cactus Ropes Championship ArenaPack

Classic Championships ArenaPack

Compatibility Pack for the 2007 Office system

Direct DiscRecorder

DocProc

DVD MovieFactory for TOSHIBA

Google Chrome

Google Desktop

Google Earth Plug-in

Google Toolbar for Internet Explorer

Google Update Helper

HP Officejet Pro 8500 A910 Help

HP Update

HPPhotoGadget

HPSSupply

I.R.I.S. OCR

Java 6 Update 14

Junk Mail filter update

Kaspersky Internet Security 2011

Marketsplash Shortcuts

Microsoft Choice Guard

Microsoft Default Manager

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Excel MUI (English) 2007

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Suite Activation Assistant

Microsoft Office Word MUI (English) 2007

Microsoft Search Enhancement Pack

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Works

Mozilla Firefox (3.6.28)

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 Parser and SDK

MyToshiba

PC Ropes ArenaPack

Philips Photo Manager 1.1

Primo

QuickBooks Pro 2008

QuickTime

Realtek Ethernet Controller Driver

Realtek High Definition Audio Driver

Realtek WLAN Driver

RICOH R5U230 Media Driver ver.2.06.03.02

Runtime

Scan

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Skype Launcher

Skype Toolbars

Sony Picture Utility

Spelling Dictionaries Support For Adobe Reader 9

Spin To Win ArenaPack

SupportSoft Assisted Service

Toolbox

Toshiba Application Installer

TOSHIBA Assist

TOSHIBA ConfigFree

TOSHIBA DVD PLAYER

TOSHIBA eco Utility

TOSHIBA Extended Tiles for Windows Mobility Center

TOSHIBA Face Recognition

TOSHIBA Hardware Setup

TOSHIBA HDD/SSD Alert

Toshiba Online Backup

Toshiba Quality Application

TOSHIBA Service Station

TOSHIBA Speech System Applications

TOSHIBA Speech System SR Engine(U.S.) Version1.0

TOSHIBA Speech System TTS Engine(U.S.) Version1.0

TOSHIBA Supervisor Password

TOSHIBA USB Sleep and Charge Utility

TOSHIBA Value Added Package

TOSHIBA Web Camera Application

ToshibaRegistration

TRSim

TRSim Bonus

TRSim Bonus Patch 109

UnloadSupport

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition

Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition

WebReg

WildTangent Games

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Mail

Windows Live Messenger

Windows Live Photo Gallery

Windows Live Sync

Windows Live Upload Tool

Windows Live Writer

Windows Media Player Firefox Plugin

Yahoo! BrowserPlus 2.9.8

.

==== Event Viewer Messages From Past Week ========

.

3/27/2012 2:11:51 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Windows Internet Explorer 9 for Windows 7 for x64-based Systems.

3/27/2012 2:09:40 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.

3/26/2012 7:24:32 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

3/25/2012 9:54:15 PM, Error: Microsoft-Windows-DistributedCOM [10000] - Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. The error: "5" Happened while starting this command: C:\windows\system32\wbem\wmiprvse.exe -secured -Embedding

3/25/2012 9:53:06 PM, Error: Service Control Manager [7023] - The Security Center service terminated with the following error: Access is denied.

3/25/2012 9:53:01 PM, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: Access is denied.

3/25/2012 9:52:31 PM, Error: Service Control Manager [7000] - The Software Protection service failed to start due to the following error: Access is denied.

3/25/2012 9:52:16 PM, Error: Service Control Manager [7023] - The Function Discovery Provider Host service terminated with the following error: Access is denied.

3/25/2012 9:52:16 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: Access is denied.

3/25/2012 9:49:46 PM, Error: Service Control Manager [7023] - The SSDP Discovery service terminated with the following error: Access is denied.

3/25/2012 9:49:46 PM, Error: Service Control Manager [7000] - The IPsec Policy Agent service failed to start due to the following error: Access is denied.

3/25/2012 9:49:44 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the IPsec Policy Agent service to connect.

3/25/2012 9:49:44 PM, Error: Service Control Manager [7000] - The IPsec Policy Agent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

3/25/2012 9:38:30 PM, Error: Service Control Manager [7022] - The HP Network Devices Support service hung on starting.

3/25/2012 9:03:35 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.

3/25/2012 9:03:35 PM, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

3/25/2012 3:28:44 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

3/23/2012 9:18:32 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AVP service.

3/23/2012 10:27:57 PM, Error: Service Control Manager [7022] - The Kaspersky Anti-Virus Service service hung on starting.

.

==== End Of File ===========================

[MrCharlie]

Can you explain in more detail what's happen with MBAM.

--------------------------

Please remove any usb or external drives from the computer before you run these scan!

Please download Farbar Service Scanner and run it on the computer with the issue.

• Make sure the following options are checked:
  
  • Internet Services
    
  • Windows Firewall
    
  • System Restore
    
  • Security Center
    
  • Windows Update
    

  [*]Press "Scan".

  [*]It will create a log (FSS.txt) in the same directory the tool is run.

  [*]Please copy and paste the log to your reply.

-------------

Next..........

Please download and run RogueKiller.

Click Scan to scan the system (don't run any other options)

Post back the report.

MrC

[suttonsoft]

initially, i could not shut down my computer, and it was running super slow. when i went to install malwarebytes, it would not allow me to do this. also, some abnormal activity was occurring on my email account. now i can shut down my computer, but still cannot install malwarebytes. thanks

Farbar Service Scanner Version: 01-03-2012

Ran by danger (administrator) on 29-03-2012 at 07:57:40

Running from "C:\Users\danger\Downloads"

Microsoft Windows 7 Home Premium (X64)

Boot Mode: Normal

****************************************************************

Internet Services:

============

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Yahoo IP is accessible.

Windows Firewall:

=============

Firewall Disabled Policy:

==================

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall"=DWORD:0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall"=DWORD:0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall"=DWORD:0

System Restore:

============

System Restore Disabled Policy:

========================

Action Center:

============

Windows Update:

============

File Check:

========

C:\Windows\System32\nsisvc.dll => MD5 is legit

C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit

C:\Windows\System32\dhcpcore.dll => MD5 is legit

C:\Windows\System32\drivers\afd.sys

[2012-02-15 09:27] - [2011-12-27 20:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E

C:\Windows\System32\drivers\tdx.sys => MD5 is legit

C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit

C:\Windows\System32\dnsrslvr.dll => MD5 is legit

C:\Windows\System32\mpssvc.dll

[2009-07-13 17:09] - [2009-07-13 18:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit

C:\Windows\System32\SDRSVC.dll

[2009-07-13 16:36] - [2009-07-13 18:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit

C:\Windows\System32\wscsvc.dll => MD5 is legit

C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit

C:\Windows\System32\wuaueng.dll

[2009-07-13 17:36] - [2009-07-13 18:41] - 2418176 ____A (Microsoft Corporation) 38340204A2D0228F1E87740FC5E554A7

C:\Windows\System32\qmgr.dll => MD5 is legit

C:\Windows\System32\es.dll => MD5 is legit

C:\Windows\System32\cryptsvc.dll => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

RogueKiller V7.3.2 [03/20/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7600 ) 64 bits version

Started in : Normal mode

User: danger [Admin rights]

Mode: Scan -- Date: 03/29/2012 08:05:52

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 2 ¤¤¤

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS545050B9A300 +++++

--- User ---

[MBR] 3dc58bf13bf1226d28ff04fef707c91f

[bSP] 6b81a4f7bbdb87c02bc9f654358bd723 : Windows Vista MBR Code

Partition table:

0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 464503 Mo

2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 954376192 | Size: 10936 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

[MrCharlie]

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

------------------------

Click the Start Scan button.

-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

MrC

[suttonsoft]

11:44:41.0726 5740 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18

11:44:43.0754 5740 ============================================================

11:44:43.0754 5740 Current date / time: 2012/03/29 11:44:43.0754

11:44:43.0754 5740 SystemInfo:

11:44:43.0754 5740

11:44:43.0754 5740 OS Version: 6.1.7600 ServicePack: 0.0

11:44:43.0754 5740 Product type: Workstation

11:44:43.0754 5740 ComputerName: DANGER-PC

11:44:43.0754 5740 UserName: danger

11:44:43.0754 5740 Windows directory: C:\windows

11:44:43.0754 5740 System windows directory: C:\windows

11:44:43.0754 5740 Running under WOW64

11:44:43.0754 5740 Processor architecture: Intel x64

11:44:43.0754 5740 Number of processors: 2

11:44:43.0754 5740 Page size: 0x1000

11:44:43.0754 5740 Boot type: Normal boot

11:44:43.0754 5740 ============================================================

11:44:44.0284 5740 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

11:44:44.0300 5740 \Device\Harddisk0\DR0:

11:44:44.0300 5740 MBR used

11:44:44.0300 5740 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38B3B800

11:44:44.0347 5740 Initialize success

11:44:44.0347 5740 ============================================================

11:45:26.0186 4512 ============================================================

11:45:26.0186 4512 Scan started

11:45:26.0186 4512 Mode: Manual; SigCheck; TDLFS;

11:45:26.0186 4512 ============================================================

11:45:26.0748 4512 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\windows\system32\DRIVERS\1394ohci.sys

11:45:26.0888 4512 1394ohci - ok

11:45:27.0013 4512 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\windows\system32\DRIVERS\ACPI.sys

11:45:27.0044 4512 ACPI - ok

11:45:27.0106 4512 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\windows\system32\DRIVERS\acpipmi.sys

11:45:27.0231 4512 AcpiPmi - ok

11:45:27.0340 4512 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys

11:45:27.0372 4512 adp94xx - ok

11:45:27.0465 4512 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys

11:45:27.0496 4512 adpahci - ok

11:45:27.0559 4512 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys

11:45:27.0574 4512 adpu320 - ok

11:45:27.0637 4512 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll

11:45:27.0746 4512 AeLookupSvc - ok

11:45:27.0855 4512 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\windows\system32\drivers\afd.sys

11:45:27.0933 4512 AFD - ok

11:45:28.0058 4512 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\windows\system32\DRIVERS\agrsm64.sys

11:45:28.0152 4512 AgereSoftModem - ok

11:45:28.0261 4512 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\DRIVERS\agp440.sys

11:45:28.0292 4512 agp440 - ok

11:45:28.0323 4512 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe

11:45:28.0370 4512 ALG - ok

11:45:28.0464 4512 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\DRIVERS\aliide.sys

11:45:28.0479 4512 aliide - ok

11:45:28.0604 4512 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\DRIVERS\amdide.sys

11:45:28.0620 4512 amdide - ok

11:45:28.0651 4512 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys

11:45:28.0682 4512 AmdK8 - ok

11:45:28.0776 4512 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys

11:45:28.0822 4512 AmdPPM - ok

11:45:28.0932 4512 amdsata (7a4b413614c055935567cf88a9734d38) C:\windows\system32\DRIVERS\amdsata.sys

11:45:28.0947 4512 amdsata - ok

11:45:28.0978 4512 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys

11:45:28.0994 4512 amdsbs - ok

11:45:29.0119 4512 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\windows\system32\DRIVERS\amdxata.sys

11:45:29.0134 4512 amdxata - ok

11:45:29.0244 4512 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\windows\system32\drivers\appid.sys

11:45:29.0322 4512 AppID - ok

11:45:29.0400 4512 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll

11:45:29.0462 4512 AppIDSvc - ok

11:45:29.0556 4512 Appinfo (d065be66822847b7f127d1f90158376e) C:\windows\System32\appinfo.dll

11:45:29.0634 4512 Appinfo - ok

11:45:29.0743 4512 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys

11:45:29.0758 4512 arc - ok

11:45:29.0774 4512 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys

11:45:29.0790 4512 arcsas - ok

11:45:29.0852 4512 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys

11:45:29.0914 4512 AsyncMac - ok

11:45:29.0992 4512 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\DRIVERS\atapi.sys

11:45:30.0008 4512 atapi - ok

11:45:30.0086 4512 athr (e857eee6b92aaa473ebb3465add8f7e7) C:\windows\system32\DRIVERS\athrx.sys

11:45:30.0133 4512 athr - ok

11:45:30.0242 4512 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\windows\System32\Audiosrv.dll

11:45:30.0304 4512 AudioEndpointBuilder - ok

11:45:30.0336 4512 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\windows\System32\Audiosrv.dll

11:45:30.0382 4512 AudioSrv - ok

11:45:30.0445 4512 AVP - ok

11:45:30.0570 4512 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\windows\System32\AxInstSV.dll

11:45:30.0632 4512 AxInstSV - ok

11:45:30.0741 4512 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys

11:45:30.0788 4512 b06bdrv - ok

11:45:30.0882 4512 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys

11:45:30.0928 4512 b57nd60a - ok

11:45:31.0022 4512 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll

11:45:31.0084 4512 BDESVC - ok

11:45:31.0178 4512 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys

11:45:31.0209 4512 Beep - ok

11:45:31.0318 4512 BFE (4992c609a6315671463e30f6512bc022) C:\windows\System32\bfe.dll

11:45:31.0396 4512 BFE - ok

11:45:31.0506 4512 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\windows\System32\qmgr.dll

11:45:31.0568 4512 BITS - ok

11:45:31.0677 4512 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys

11:45:31.0708 4512 blbdrive - ok

11:45:31.0802 4512 bowser (19d20159708e152267e53b66677a4995) C:\windows\system32\DRIVERS\bowser.sys

11:45:31.0864 4512 bowser - ok

11:45:31.0958 4512 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys

11:45:32.0020 4512 BrFiltLo - ok

11:45:32.0052 4512 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys

11:45:32.0083 4512 BrFiltUp - ok

11:45:32.0161 4512 Browser (94fbc06f294d58d02361918418f996e3) C:\windows\System32\browser.dll

11:45:32.0254 4512 Browser - ok

11:45:32.0317 4512 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys

11:45:32.0348 4512 Brserid - ok

11:45:32.0426 4512 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys

11:45:32.0473 4512 BrSerWdm - ok

11:45:32.0520 4512 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys

11:45:32.0566 4512 BrUsbMdm - ok

11:45:32.0629 4512 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys

11:45:32.0676 4512 BrUsbSer - ok

11:45:32.0800 4512 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\drivers\BthEnum.sys

11:45:32.0847 4512 BthEnum - ok

11:45:32.0878 4512 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys

11:45:32.0941 4512 BTHMODEM - ok

11:45:33.0034 4512 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys

11:45:33.0081 4512 BthPan - ok

11:45:33.0222 4512 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\windows\System32\Drivers\BTHport.sys

11:45:33.0268 4512 BTHPORT - ok

11:45:33.0362 4512 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll

11:45:33.0456 4512 bthserv - ok

11:45:33.0565 4512 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\windows\System32\Drivers\BTHUSB.sys

11:45:33.0627 4512 BTHUSB - ok

11:45:33.0674 4512 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys

11:45:33.0721 4512 cdfs - ok

11:45:33.0814 4512 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\windows\system32\DRIVERS\cdrom.sys

11:45:33.0877 4512 cdrom - ok

11:45:33.0986 4512 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\windows\System32\certprop.dll

11:45:34.0048 4512 CertPropSvc - ok

11:45:34.0126 4512 cfWiMAXService (837ff2d497880198c918e6954dbd170c) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe

11:45:34.0158 4512 cfWiMAXService - ok

11:45:34.0251 4512 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys

11:45:34.0329 4512 circlass - ok

11:45:34.0392 4512 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys

11:45:34.0423 4512 CLFS - ok

11:45:34.0470 4512 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

11:45:34.0501 4512 clr_optimization_v2.0.50727_32 - ok

11:45:34.0548 4512 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

11:45:34.0563 4512 clr_optimization_v2.0.50727_64 - ok

11:45:34.0641 4512 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys

11:45:34.0688 4512 CmBatt - ok

11:45:34.0735 4512 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\DRIVERS\cmdide.sys

11:45:34.0750 4512 cmdide - ok

11:45:34.0828 4512 CNG (937beb186a735aca91d717044a49d17e) C:\windows\system32\Drivers\cng.sys

11:45:34.0875 4512 CNG - ok

11:45:34.0969 4512 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys

11:45:34.0984 4512 Compbatt - ok

11:45:35.0031 4512 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\windows\system32\DRIVERS\CompositeBus.sys

11:45:35.0062 4512 CompositeBus - ok

11:45:35.0140 4512 COMSysApp - ok

11:45:35.0218 4512 ConfigFree Gadget Service (d252c53bcdfc199bba55eeb10cdb266e) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe

11:45:35.0234 4512 ConfigFree Gadget Service - ok

11:45:35.0265 4512 ConfigFree Service (cab0eeaf5295fc96ddd3e19dce27e131) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe

11:45:35.0281 4512 ConfigFree Service - ok

11:45:35.0359 4512 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys

11:45:35.0374 4512 crcdisk - ok

11:45:35.0452 4512 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\windows\system32\cryptsvc.dll

11:45:35.0530 4512 CryptSvc - ok

11:45:35.0608 4512 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\windows\system32\rpcss.dll

11:45:35.0686 4512 DcomLaunch - ok

11:45:35.0780 4512 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll

11:45:35.0842 4512 defragsvc - ok

11:45:35.0936 4512 DfsC (9c253ce7311ca60fc11c774692a13208) C:\windows\system32\Drivers\dfsc.sys

11:45:35.0998 4512 DfsC - ok

11:45:36.0076 4512 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\windows\system32\dhcpcore.dll

11:45:36.0186 4512 Dhcp - ok

11:45:36.0279 4512 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys

11:45:36.0342 4512 discache - ok

11:45:36.0388 4512 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys

11:45:36.0404 4512 Disk - ok

11:45:36.0482 4512 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\windows\System32\dnsrslvr.dll

11:45:36.0529 4512 Dnscache - ok

11:45:36.0576 4512 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\windows\System32\dot3svc.dll

11:45:36.0638 4512 dot3svc - ok

11:45:36.0747 4512 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\windows\system32\DRIVERS\Dot4.sys

11:45:36.0778 4512 Dot4 - ok

11:45:36.0903 4512 Dot4Print (85135ad27e79b689335c08167d917cde) C:\windows\system32\DRIVERS\Dot4Prt.sys

11:45:36.0934 4512 Dot4Print - ok

11:45:36.0950 4512 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\windows\system32\DRIVERS\dot4usb.sys

11:45:36.0981 4512 dot4usb - ok

11:45:37.0075 4512 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\windows\system32\dps.dll

11:45:37.0137 4512 DPS - ok

11:45:37.0231 4512 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys

11:45:37.0278 4512 drmkaud - ok

11:45:37.0324 4512 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\windows\System32\drivers\dxgkrnl.sys

11:45:37.0356 4512 DXGKrnl - ok

11:45:37.0449 4512 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll

11:45:37.0496 4512 EapHost - ok

11:45:37.0605 4512 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys

11:45:37.0730 4512 ebdrv - ok

11:45:37.0839 4512 EFS (156f6159457d0aa7e59b62681b56eb90) C:\windows\System32\lsass.exe

11:45:37.0902 4512 EFS - ok

11:45:37.0964 4512 ehRecvr (b91d81b3b54a54ccafc03733dbc2e29e) C:\windows\ehome\ehRecvr.exe

11:45:38.0058 4512 ehRecvr - ok

11:45:38.0136 4512 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe

11:45:38.0182 4512 ehSched - ok

11:45:38.0245 4512 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys

11:45:38.0276 4512 elxstor - ok

11:45:38.0354 4512 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\DRIVERS\errdev.sys

11:45:38.0416 4512 ErrDev - ok

11:45:38.0541 4512 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll

11:45:38.0635 4512 EventSystem - ok

11:45:38.0682 4512 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys

11:45:38.0744 4512 exfat - ok

11:45:38.0822 4512 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys

11:45:38.0916 4512 fastfat - ok

11:45:39.0009 4512 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\windows\system32\fxssvc.exe

11:45:39.0072 4512 Fax - ok

11:45:39.0165 4512 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys

11:45:39.0228 4512 fdc - ok

11:45:39.0321 4512 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll

11:45:39.0368 4512 fdPHost - ok

11:45:39.0399 4512 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll

11:45:39.0462 4512 FDResPub - ok

11:45:39.0524 4512 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys

11:45:39.0555 4512 FileInfo - ok

11:45:39.0602 4512 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys

11:45:39.0664 4512 Filetrace - ok

11:45:39.0727 4512 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys

11:45:39.0774 4512 flpydisk - ok

11:45:39.0883 4512 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\windows\system32\drivers\fltmgr.sys

11:45:39.0898 4512 FltMgr - ok

11:45:39.0945 4512 FontCache (8ac4cb4ea61e41009fae9ae7b2b5da3a) C:\windows\system32\FntCache.dll

11:45:40.0023 4512 FontCache - ok

11:45:40.0117 4512 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

11:45:40.0132 4512 FontCache3.0.0.0 - ok

11:45:40.0195 4512 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys

11:45:40.0210 4512 FsDepends - ok

11:45:40.0304 4512 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys

11:45:40.0320 4512 Fs_Rec - ok

11:45:40.0351 4512 fvevol (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\windows\system32\DRIVERS\fvevol.sys

11:45:40.0366 4512 fvevol - ok

11:45:40.0444 4512 FwLnk (60acb128e64c35c2b4e4aab1b0a5c293) C:\windows\system32\DRIVERS\FwLnk.sys

11:45:40.0507 4512 FwLnk - ok

11:45:40.0600 4512 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys

11:45:40.0616 4512 gagp30kx - ok

11:45:40.0694 4512 GameConsoleService (c44d560e441f091ea3b72f778ec60de2) C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe

11:45:40.0725 4512 GameConsoleService - ok

11:45:40.0803 4512 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe

11:45:40.0819 4512 GoogleDesktopManager-051210-111108 - ok

11:45:40.0928 4512 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\windows\System32\gpsvc.dll

11:45:40.0975 4512 gpsvc - ok

11:45:41.0084 4512 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

11:45:41.0100 4512 gupdate - ok

11:45:41.0146 4512 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

11:45:41.0162 4512 gupdatem - ok

11:45:41.0240 4512 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

11:45:41.0271 4512 gusvc - ok

11:45:41.0349 4512 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys

11:45:41.0380 4512 hcw85cir - ok

11:45:41.0412 4512 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\windows\system32\drivers\HdAudio.sys

11:45:41.0458 4512 HdAudAddService - ok

11:45:41.0536 4512 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\windows\system32\DRIVERS\HDAudBus.sys

11:45:41.0568 4512 HDAudBus - ok

11:45:41.0599 4512 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys

11:45:41.0630 4512 HidBatt - ok

11:45:41.0708 4512 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys

11:45:41.0755 4512 HidBth - ok

11:45:41.0786 4512 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys

11:45:41.0802 4512 HidIr - ok

11:45:41.0895 4512 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll

11:45:41.0973 4512 hidserv - ok

11:45:42.0051 4512 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\windows\system32\DRIVERS\hidusb.sys

11:45:42.0082 4512 HidUsb - ok

11:45:42.0114 4512 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\windows\system32\kmsvc.dll

11:45:42.0192 4512 hkmsvc - ok

11:45:42.0285 4512 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\windows\system32\ListSvc.dll

11:45:42.0363 4512 HomeGroupListener - ok

11:45:42.0441 4512 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\windows\system32\provsvc.dll

11:45:42.0488 4512 HomeGroupProvider - ok

11:45:42.0535 4512 HpSAMD (0886d440058f203eba0e1825e4355914) C:\windows\system32\DRIVERS\HpSAMD.sys

11:45:42.0550 4512 HpSAMD - ok

11:45:42.0660 4512 HPSLPSVC (7f57926169c1b8aba9274ea7d4b70f18) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL

11:45:42.0691 4512 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning

11:45:42.0691 4512 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)

11:45:42.0816 4512 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\windows\system32\drivers\HTTP.sys

11:45:42.0878 4512 HTTP - ok

11:45:42.0987 4512 hwpolicy (f17766a19145f111856378df337a5d79) C:\windows\system32\drivers\hwpolicy.sys

11:45:43.0003 4512 hwpolicy - ok

11:45:43.0018 4512 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys

11:45:43.0034 4512 i8042prt - ok

11:45:43.0143 4512 iaStor (bbb3b6df1abb0fe35802ede85cc1c011) C:\windows\system32\DRIVERS\iaStor.sys

11:45:43.0174 4512 iaStor - ok

11:45:43.0299 4512 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\windows\system32\DRIVERS\iaStorV.sys

11:45:43.0330 4512 iaStorV - ok

11:45:43.0408 4512 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

11:45:43.0440 4512 idsvc - ok

11:45:43.0674 4512 igfx (3c3f27002abc69c5afe29cbe6cf7addf) C:\windows\system32\DRIVERS\igdkmd64.sys

11:45:43.0939 4512 igfx - ok

11:45:44.0048 4512 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys

11:45:44.0064 4512 iirsp - ok

11:45:44.0126 4512 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\windows\System32\ikeext.dll

11:45:44.0173 4512 IKEEXT - ok

11:45:44.0298 4512 IntcAzAudAddService (0c3cf4b3bae28e121a1689e3538f8712) C:\windows\system32\drivers\RTKVHD64.sys

11:45:44.0344 4512 IntcAzAudAddService - ok

11:45:44.0454 4512 IntcHdmiAddService (88a20fa54c73ded4e8dac764e9130ae9) C:\windows\system32\drivers\IntcHdmi.sys

11:45:44.0500 4512 IntcHdmiAddService - ok

11:45:44.0594 4512 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\DRIVERS\intelide.sys

11:45:44.0610 4512 intelide - ok

11:45:44.0641 4512 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys

11:45:44.0672 4512 intelppm - ok

11:45:44.0766 4512 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll

11:45:44.0828 4512 IPBusEnum - ok

11:45:44.0875 4512 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\windows\system32\DRIVERS\ipfltdrv.sys

11:45:44.0953 4512 IpFilterDriver - ok

11:45:45.0046 4512 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\windows\System32\iphlpsvc.dll

11:45:45.0140 4512 iphlpsvc - ok

11:45:45.0234 4512 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\windows\system32\DRIVERS\IPMIDrv.sys

11:45:45.0265 4512 IPMIDRV - ok

11:45:45.0296 4512 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys

11:45:45.0358 4512 IPNAT - ok

11:45:45.0452 4512 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys

11:45:45.0499 4512 IRENUM - ok

11:45:45.0608 4512 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\DRIVERS\isapnp.sys

11:45:45.0639 4512 isapnp - ok

11:45:45.0655 4512 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\windows\system32\DRIVERS\msiscsi.sys

11:45:45.0670 4512 iScsiPrt - ok

11:45:45.0686 4512 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys

11:45:45.0702 4512 kbdclass - ok

11:45:45.0795 4512 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\windows\system32\DRIVERS\kbdhid.sys

11:45:45.0826 4512 kbdhid - ok

11:45:45.0873 4512 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe

11:45:45.0889 4512 KeyIso - ok

11:45:45.0982 4512 kl1 (8d7120743a0973ceab548b475c9d4289) C:\windows\system32\DRIVERS\kl1.sys

11:45:45.0998 4512 kl1 - ok

11:45:46.0092 4512 kl2 (cd146d8e525d6eebdcaf24120a8ab9ce) C:\windows\system32\DRIVERS\kl2.sys

11:45:46.0107 4512 kl2 - ok

11:45:46.0154 4512 KLIF (177505577604c94c4be7b9316a90ada1) C:\windows\system32\DRIVERS\klif.sys

11:45:46.0170 4512 KLIF - ok

11:45:46.0263 4512 KLIM6 (2a64b3a9eed93a2e96537b67c079fc96) C:\windows\system32\DRIVERS\klim6.sys

11:45:46.0279 4512 KLIM6 - ok

11:45:46.0341 4512 klmouflt (9468d07e91ba136d82415f5dfc1fe168) C:\windows\system32\DRIVERS\klmouflt.sys

11:45:46.0357 4512 klmouflt - ok

11:45:46.0466 4512 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\windows\system32\Drivers\ksecdd.sys

11:45:46.0497 4512 KSecDD - ok

11:45:46.0544 4512 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\windows\system32\Drivers\ksecpkg.sys

11:45:46.0575 4512 KSecPkg - ok

11:45:46.0669 4512 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys

11:45:46.0747 4512 ksthunk - ok

11:45:46.0825 4512 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll

11:45:46.0887 4512 KtmRm - ok

11:45:46.0950 4512 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\windows\system32\srvsvc.dll

11:45:47.0012 4512 LanmanServer - ok

11:45:47.0090 4512 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\windows\System32\wkssvc.dll

11:45:47.0168 4512 LanmanWorkstation - ok

11:45:47.0230 4512 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys

11:45:47.0308 4512 lltdio - ok

11:45:47.0402 4512 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll

11:45:47.0480 4512 lltdsvc - ok

11:45:47.0511 4512 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll

11:45:47.0558 4512 lmhosts - ok

11:45:47.0620 4512 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys

11:45:47.0636 4512 LSI_FC - ok

11:45:47.0683 4512 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys

11:45:47.0714 4512 LSI_SAS - ok

11:45:47.0776 4512 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys

11:45:47.0792 4512 LSI_SAS2 - ok

11:45:47.0870 4512 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys

11:45:47.0886 4512 LSI_SCSI - ok

11:45:47.0917 4512 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys

11:45:47.0964 4512 luafv - ok

11:45:48.0057 4512 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\windows\system32\Mcx2Svc.dll

11:45:48.0120 4512 Mcx2Svc - ok

11:45:48.0198 4512 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys

11:45:48.0229 4512 megasas - ok

11:45:48.0260 4512 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys

11:45:48.0276 4512 MegaSR - ok

11:45:48.0369 4512 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll

11:45:48.0447 4512 MMCSS - ok

11:45:48.0478 4512 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys

11:45:48.0541 4512 Modem - ok

11:45:48.0619 4512 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys

11:45:48.0666 4512 monitor - ok

11:45:48.0775 4512 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys

11:45:48.0790 4512 mouclass - ok

11:45:48.0822 4512 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys

11:45:48.0853 4512 mouhid - ok

11:45:48.0946 4512 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\windows\system32\drivers\mountmgr.sys

11:45:48.0962 4512 mountmgr - ok

11:45:48.0993 4512 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\windows\system32\DRIVERS\mpio.sys

11:45:49.0009 4512 mpio - ok

11:45:49.0102 4512 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys

11:45:49.0165 4512 mpsdrv - ok

11:45:49.0243 4512 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\windows\system32\mpssvc.dll

11:45:49.0305 4512 MpsSvc - ok

11:45:49.0414 4512 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\windows\system32\drivers\mrxdav.sys

11:45:49.0461 4512 MRxDAV - ok

11:45:49.0508 4512 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\windows\system32\DRIVERS\mrxsmb.sys

11:45:49.0524 4512 mrxsmb - ok

11:45:49.0633 4512 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\windows\system32\DRIVERS\mrxsmb10.sys

11:45:49.0664 4512 mrxsmb10 - ok

11:45:49.0711 4512 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\windows\system32\DRIVERS\mrxsmb20.sys

11:45:49.0742 4512 mrxsmb20 - ok

11:45:49.0836 4512 msahci (5c37497276e3b3a5488b23a326a754b7) C:\windows\system32\DRIVERS\msahci.sys

11:45:49.0867 4512 msahci - ok

11:45:49.0882 4512 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\windows\system32\DRIVERS\msdsm.sys

11:45:49.0898 4512 msdsm - ok

11:45:49.0945 4512 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe

11:45:49.0976 4512 MSDTC - ok

11:45:50.0070 4512 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys

11:45:50.0132 4512 Msfs - ok

11:45:50.0148 4512 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys

11:45:50.0210 4512 mshidkmdf - ok

11:45:50.0288 4512 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\DRIVERS\msisadrv.sys

11:45:50.0304 4512 msisadrv - ok

11:45:50.0350 4512 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll

11:45:50.0413 4512 MSiSCSI - ok

11:45:50.0460 4512 msiserver - ok

11:45:50.0569 4512 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys

11:45:50.0616 4512 MSKSSRV - ok

11:45:50.0631 4512 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys

11:45:50.0678 4512 MSPCLOCK - ok

11:45:50.0772 4512 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys

11:45:50.0850 4512 MSPQM - ok

11:45:50.0881 4512 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\windows\system32\drivers\MsRPC.sys

11:45:50.0896 4512 MsRPC - ok

11:45:50.0990 4512 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys

11:45:51.0006 4512 mssmbios - ok

11:45:51.0115 4512 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys

11:45:51.0177 4512 MSTEE - ok

11:45:51.0208 4512 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys

11:45:51.0240 4512 MTConfig - ok

11:45:51.0333 4512 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys

11:45:51.0364 4512 Mup - ok

11:45:51.0396 4512 napagent (4987e079a4530fa737a128be54b63b12) C:\windows\system32\qagentRT.dll

11:45:51.0489 4512 napagent - ok

11:45:51.0598 4512 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys

11:45:51.0645 4512 NativeWifiP - ok

11:45:51.0770 4512 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\windows\system32\drivers\ndis.sys

11:45:51.0801 4512 NDIS - ok

11:45:51.0895 4512 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys

11:45:51.0957 4512 NdisCap - ok

11:45:52.0051 4512 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys

11:45:52.0098 4512 NdisTapi - ok

11:45:52.0191 4512 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\windows\system32\DRIVERS\ndisuio.sys

11:45:52.0254 4512 Ndisuio - ok

11:45:52.0269 4512 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\windows\system32\DRIVERS\ndiswan.sys

11:45:52.0316 4512 NdisWan - ok

11:45:52.0394 4512 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\windows\system32\drivers\NDProxy.sys

11:45:52.0441 4512 NDProxy - ok

11:45:52.0488 4512 Net Driver HPZ12 (d5ac41ae382738483faffbd7e373d49a) C:\Windows\system32\HPZinw12.dll

11:45:52.0503 4512 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

11:45:52.0503 4512 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

11:45:52.0597 4512 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys

11:45:52.0675 4512 NetBIOS - ok

11:45:52.0706 4512 NetBT (9162b273a44ab9dce5b44362731d062a) C:\windows\system32\DRIVERS\netbt.sys

11:45:52.0753 4512 NetBT - ok

11:45:52.0846 4512 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe

11:45:52.0878 4512 Netlogon - ok

11:45:52.0924 4512 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll

11:45:53.0018 4512 Netman - ok

11:45:53.0080 4512 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll

11:45:53.0158 4512 netprofm - ok

11:45:53.0236 4512 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

11:45:53.0268 4512 NetTcpPortSharing - ok

11:45:53.0330 4512 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys

11:45:53.0346 4512 nfrd960 - ok

11:45:53.0408 4512 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\windows\System32\nlasvc.dll

11:45:53.0486 4512 NlaSvc - ok

11:45:53.0548 4512 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys

11:45:53.0611 4512 Npfs - ok

11:45:53.0658 4512 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll

11:45:53.0736 4512 nsi - ok

11:45:53.0798 4512 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys

11:45:53.0876 4512 nsiproxy - ok

11:45:53.0970 4512 Ntfs (356698a13c4630d5b31c37378d469196) C:\windows\system32\drivers\Ntfs.sys

11:45:54.0032 4512 Ntfs - ok

11:45:54.0110 4512 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys

11:45:54.0204 4512 Null - ok

11:45:54.0297 4512 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\windows\system32\DRIVERS\nvraid.sys

11:45:54.0328 4512 nvraid - ok

11:45:54.0344 4512 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\windows\system32\DRIVERS\nvstor.sys

11:45:54.0360 4512 nvstor - ok

11:45:54.0469 4512 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\DRIVERS\nv_agp.sys

11:45:54.0500 4512 nv_agp - ok

11:45:54.0594 4512 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

11:45:54.0625 4512 odserv - ok

11:45:54.0718 4512 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\DRIVERS\ohci1394.sys

11:45:54.0765 4512 ohci1394 - ok

11:45:54.0843 4512 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

11:45:54.0874 4512 ose - ok

11:45:54.0968 4512 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll

11:45:55.0015 4512 p2pimsvc - ok

11:45:55.0108 4512 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll

11:45:55.0140 4512 p2psvc - ok

11:45:55.0233 4512 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys

11:45:55.0249 4512 Parport - ok

11:45:55.0280 4512 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\windows\system32\drivers\partmgr.sys

11:45:55.0296 4512 partmgr - ok

11:45:55.0374 4512 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll

11:45:55.0405 4512 PcaSvc - ok

11:45:55.0467 4512 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\windows\system32\DRIVERS\pci.sys

11:45:55.0483 4512 pci - ok

11:45:55.0561 4512 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys

11:45:55.0576 4512 pciide - ok

11:45:55.0608 4512 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys

11:45:55.0623 4512 pcmcia - ok

11:45:55.0654 4512 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys

11:45:55.0670 4512 pcw - ok

11:45:55.0764 4512 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys

11:45:55.0842 4512 PEAUTH - ok

11:45:55.0920 4512 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe

11:45:55.0982 4512 PerfHost - ok

11:45:56.0076 4512 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys

11:45:56.0091 4512 PGEffect - ok

11:45:56.0169 4512 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\windows\system32\pla.dll

11:45:56.0278 4512 pla - ok

11:45:56.0403 4512 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\windows\system32\umpnpmgr.dll

11:45:56.0450 4512 PlugPlay - ok

11:45:56.0590 4512 Pml Driver HPZ12 (37f6046cdc630442d7dc087501ff6fc6) C:\Windows\system32\HPZipm12.dll

11:45:56.0622 4512 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

11:45:56.0622 4512 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

11:45:56.0668 4512 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll

11:45:56.0715 4512 PNRPAutoReg - ok

11:45:56.0778 4512 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll

11:45:56.0824 4512 PNRPsvc - ok

11:45:56.0887 4512 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\windows\System32\ipsecsvc.dll

11:45:56.0980 4512 PolicyAgent - ok

11:45:57.0074 4512 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll

11:45:57.0152 4512 Power - ok

11:45:57.0246 4512 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\windows\system32\DRIVERS\raspptp.sys

11:45:57.0308 4512 PptpMiniport - ok

11:45:57.0324 4512 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys

11:45:57.0355 4512 Processor - ok

11:45:57.0464 4512 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\windows\system32\profsvc.dll

11:45:57.0558 4512 ProfSvc - ok

11:45:57.0604 4512 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe

11:45:57.0620 4512 ProtectedStorage - ok

11:45:57.0698 4512 Psched (ee992183bd8eaefd9973f352e587a299) C:\windows\system32\DRIVERS\pacer.sys

11:45:57.0760 4512 Psched - ok

11:45:57.0838 4512 PxHlpa64 (46851bc18322da70f3f2299a1007c479) C:\windows\system32\Drivers\PxHlpa64.sys

11:45:57.0854 4512 PxHlpa64 - ok

11:45:57.0948 4512 QBCFMonitorService (0a2c21b3168f2efc3468b35ff5508cea) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe

11:45:57.0948 4512 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - warning

11:45:57.0948 4512 QBCFMonitorService - detected UnsignedFile.Multi.Generic (1)

11:45:58.0041 4512 QBFCService (bab30d2799754f6ea22f0b9076311793) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe

11:45:58.0057 4512 QBFCService ( UnsignedFile.Multi.Generic ) - warning

11:45:58.0057 4512 QBFCService - detected UnsignedFile.Multi.Generic (1)

11:45:58.0197 4512 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys

11:45:58.0244 4512 ql2300 - ok

11:45:58.0338 4512 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys

11:45:58.0353 4512 ql40xx - ok

11:45:58.0400 4512 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll

11:45:58.0431 4512 QWAVE - ok

11:45:58.0540 4512 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys

11:45:58.0603 4512 QWAVEdrv - ok

11:45:58.0634 4512 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys

11:45:58.0681 4512 RasAcd - ok

11:45:58.0774 4512 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys

11:45:58.0837 4512 RasAgileVpn - ok

11:45:58.0868 4512 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll

11:45:58.0915 4512 RasAuto - ok

11:45:59.0008 4512 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\windows\system32\DRIVERS\rasl2tp.sys

11:45:59.0086 4512 Rasl2tp - ok

11:45:59.0149 4512 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\windows\System32\rasmans.dll

11:45:59.0211 4512 RasMan - ok

11:45:59.0320 4512 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys

11:45:59.0414 4512 RasPppoe - ok

11:45:59.0445 4512 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys

11:45:59.0492 4512 RasSstp - ok

11:45:59.0586 4512 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\windows\system32\DRIVERS\rdbss.sys

11:45:59.0648 4512 rdbss - ok

11:45:59.0664 4512 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys

11:45:59.0695 4512 rdpbus - ok

11:45:59.0773 4512 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys

11:45:59.0820 4512 RDPCDD - ok

11:45:59.0851 4512 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys

11:45:59.0913 4512 RDPENCDD - ok

11:46:00.0007 4512 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys

11:46:00.0054 4512 RDPREFMP - ok

11:46:00.0100 4512 RDPWD (074ac702d8b8b660b0e1371555995386) C:\windows\system32\drivers\RDPWD.sys

11:46:00.0132 4512 RDPWD - ok

11:46:00.0225 4512 rdyboost (634b9a2181d98f15941236886164ec8b) C:\windows\system32\drivers\rdyboost.sys

11:46:00.0256 4512 rdyboost - ok

11:46:00.0288 4512 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll

11:46:00.0334 4512 RemoteAccess - ok

11:46:00.0412 4512 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll

11:46:00.0490 4512 RemoteRegistry - ok

11:46:00.0600 4512 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys

11:46:00.0662 4512 RFCOMM - ok

11:46:00.0756 4512 rimspci (e20b1907fc72a3664ece21e3c20fc63d) C:\windows\system32\DRIVERS\rimspe64.sys

11:46:00.0802 4512 rimspci - ok

11:46:00.0896 4512 risdpcie (7dda2e5cf452dad24b1be704225c18ee) C:\windows\system32\DRIVERS\risdpe64.sys

11:46:00.0927 4512 risdpcie - ok

11:46:01.0021 4512 rixdpcie (6a1cd4674505e6791390a1ab71da1fbe) C:\windows\system32\DRIVERS\rixdpe64.sys

11:46:01.0083 4512 rixdpcie - ok

11:46:01.0177 4512 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll

11:46:01.0239 4512 RpcEptMapper - ok

11:46:01.0270 4512 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe

11:46:01.0302 4512 RpcLocator - ok

11:46:01.0380 4512 RpcSs (7266972e86890e2b30c0c322e906b027) C:\windows\system32\rpcss.dll

11:46:01.0426 4512 RpcSs - ok

11:46:01.0536 4512 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys

11:46:01.0582 4512 rspndr - ok

11:46:01.0676 4512 RTL8167 (f65f171165fbb613f7aa3cc78e8cab42) C:\windows\system32\DRIVERS\Rt64win7.sys

11:46:01.0738 4512 RTL8167 - ok

11:46:01.0863 4512 rtl8192se (7cd14bf5b42931fb80bee5d3e6ba7089) C:\windows\system32\DRIVERS\rtl8192se.sys

11:46:01.0910 4512 rtl8192se - ok

11:46:02.0004 4512 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe

11:46:02.0035 4512 SamSs - ok

11:46:02.0097 4512 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\windows\system32\DRIVERS\sbp2port.sys

11:46:02.0128 4512 sbp2port - ok

11:46:02.0175 4512 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll

11:46:02.0222 4512 SCardSvr - ok

11:46:02.0300 4512 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\windows\system32\DRIVERS\scfilter.sys

11:46:02.0362 4512 scfilter - ok

11:46:02.0472 4512 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\windows\system32\schedsvc.dll

11:46:02.0534 4512 Schedule - ok

11:46:02.0628 4512 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\windows\System32\certprop.dll

11:46:02.0674 4512 SCPolicySvc - ok

11:46:02.0737 4512 sdbus (54e47ad086782d3ae9417c155cdceb9b) C:\windows\system32\DRIVERS\sdbus.sys

11:46:02.0784 4512 sdbus - ok

11:46:02.0846 4512 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\windows\System32\SDRSVC.dll

11:46:02.0908 4512 SDRSVC - ok

11:46:03.0018 4512 SeaPort (4a5809a1d796e2675ac0332bf7b0cb11) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

11:46:03.0049 4512 SeaPort - ok

11:46:03.0142 4512 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys

11:46:03.0189 4512 secdrv - ok

11:46:03.0220 4512 seclogon (463b386ebc70f98da5dff85f7e654346) C:\windows\system32\seclogon.dll

11:46:03.0283 4512 seclogon - ok

11:46:03.0361 4512 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll

11:46:03.0423 4512 SENS - ok

11:46:03.0454 4512 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll

11:46:03.0501 4512 SensrSvc - ok

11:46:03.0564 4512 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys

11:46:03.0626 4512 Serenum - ok

11:46:03.0673 4512 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys

11:46:03.0704 4512 Serial - ok

11:46:03.0766 4512 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys

11:46:03.0813 4512 sermouse - ok

11:46:03.0907 4512 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\windows\system32\sessenv.dll

11:46:03.0938 4512 SessionEnv - ok

11:46:04.0000 4512 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\DRIVERS\sffdisk.sys

11:46:04.0047 4512 sffdisk - ok

11:46:04.0078 4512 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\DRIVERS\sffp_mmc.sys

11:46:04.0125 4512 sffp_mmc - ok

11:46:04.0203 4512 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\windows\system32\DRIVERS\sffp_sd.sys

11:46:04.0234 4512 sffp_sd - ok

11:46:04.0281 4512 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys

11:46:04.0312 4512 sfloppy - ok

11:46:04.0375 4512 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll

11:46:04.0468 4512 SharedAccess - ok

11:46:04.0515 4512 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\windows\System32\shsvcs.dll

11:46:04.0546 4512 ShellHWDetection - ok

11:46:04.0593 4512 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys

11:46:04.0624 4512 SiSRaid2 - ok

11:46:04.0656 4512 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys

11:46:04.0671 4512 SiSRaid4 - ok

11:46:04.0687 4512 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys

11:46:04.0749 4512 Smb - ok

11:46:04.0812 4512 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe

11:46:04.0858 4512 SNMPTRAP - ok

11:46:04.0921 4512 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys

11:46:04.0936 4512 spldr - ok

11:46:05.0014 4512 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\windows\System32\spoolsv.exe

11:46:05.0061 4512 Spooler - ok

11:46:05.0233 4512 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\windows\system32\sppsvc.exe

11:46:05.0295 4512 sppsvc - ok

11:46:05.0389 4512 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll

11:46:05.0467 4512 sppuinotify - ok

11:46:05.0607 4512 sptd (51de15ca5c05bca46d8b110cd00a02fb) C:\windows\system32\Drivers\sptd.sys

11:46:05.0607 4512 Suspicious file (NoAccess): C:\windows\system32\Drivers\sptd.sys. md5: 51de15ca5c05bca46d8b110cd00a02fb

11:46:05.0623 4512 sptd ( LockedFile.Multi.Generic ) - warning

11:46:05.0623 4512 sptd - detected LockedFile.Multi.Generic (1)

11:46:05.0732 4512 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\windows\system32\DRIVERS\srv.sys

11:46:05.0779 4512 srv - ok

11:46:05.0919 4512 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\windows\system32\DRIVERS\srv2.sys

11:46:05.0950 4512 srv2 - ok

11:46:05.0982 4512 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\windows\system32\DRIVERS\srvnet.sys

11:46:06.0044 4512 srvnet - ok

11:46:06.0122 4512 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll

11:46:06.0184 4512 SSDPSRV - ok

11:46:06.0231 4512 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll

11:46:06.0309 4512 SstpSvc - ok

11:46:06.0434 4512 StarWindServiceAE (e5c796b621f6fba8616511063d7f0ffe) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

11:46:06.0450 4512 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - warning

11:46:06.0450 4512 StarWindServiceAE - detected UnsignedFile.Multi.Generic (1)

11:46:06.0543 4512 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys

11:46:06.0574 4512 stexstor - ok

11:46:06.0637 4512 StillCam (decacb6921ded1a38642642685d77dac) C:\windows\system32\DRIVERS\serscan.sys

11:46:06.0699 4512 StillCam - ok

11:46:06.0793 4512 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\windows\System32\wiaservc.dll

11:46:06.0855 4512 stisvc - ok

11:46:06.0933 4512 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys

11:46:06.0949 4512 swenum - ok

11:46:06.0996 4512 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll

11:46:07.0042 4512 swprv - ok

11:46:07.0167 4512 SynTP (be7311da9d6833fa69ed04b744a1c8f8) C:\windows\system32\DRIVERS\SynTP.sys

11:46:07.0198 4512 SynTP - ok

11:46:07.0276 4512 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\windows\system32\sysmain.dll

11:46:07.0339 4512 SysMain - ok

11:46:07.0432 4512 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\windows\System32\TabSvc.dll

11:46:07.0495 4512 TabletInputService - ok

11:46:07.0604 4512 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\windows\System32\tapisrv.dll

11:46:07.0682 4512 TapiSrv - ok

11:46:07.0760 4512 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll

11:46:07.0807 4512 TBS - ok

11:46:07.0901 4512 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\windows\system32\drivers\tcpip.sys

11:46:07.0947 4512 Tcpip - ok

11:46:08.0103 4512 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\windows\system32\DRIVERS\tcpip.sys

11:46:08.0150 4512 TCPIP6 - ok

11:46:08.0213 4512 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\windows\system32\drivers\tcpipreg.sys

11:46:08.0291 4512 tcpipreg - ok

11:46:08.0337 4512 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys

11:46:08.0353 4512 tdcmdpst - ok

11:46:08.0431 4512 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys

11:46:08.0478 4512 TDPIPE - ok

11:46:08.0525 4512 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\windows\system32\drivers\tdtcp.sys

11:46:08.0556 4512 TDTCP - ok

11:46:08.0634 4512 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\windows\system32\DRIVERS\tdx.sys

11:46:08.0727 4512 tdx - ok

11:46:08.0743 4512 TermDD (c448651339196c0e869a355171875522) C:\windows\system32\DRIVERS\termdd.sys

11:46:08.0759 4512 TermDD - ok

11:46:08.0805 4512 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\windows\System32\termsrv.dll

11:46:08.0868 4512 TermService - ok

11:46:08.0946 4512 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll

11:46:09.0008 4512 Themes - ok

11:46:09.0117 4512 Thpdrv (c013f6acaa9761f571bd28dada7c157d) C:\windows\system32\DRIVERS\thpdrv.sys

11:46:09.0133 4512 Thpdrv - ok

11:46:09.0149 4512 Thpevm (b4e609047434ed948af7bdef2fa66e38) C:\windows\system32\DRIVERS\Thpevm.SYS

11:46:09.0164 4512 Thpevm - ok

11:46:09.0258 4512 Thpsrv (6146eac71ae3c9da17b0e33632082b7b) C:\windows\system32\ThpSrv.exe

11:46:09.0289 4512 Thpsrv - ok

11:46:09.0367 4512 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll

11:46:09.0429 4512 THREADORDER - ok

11:46:09.0492 4512 TMachInfo (0497e8e82332aa94df04a78439c358ce) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

11:46:09.0523 4512 TMachInfo - ok

11:46:09.0617 4512 TODDSrv (ed32035bdfeced1ad66d459fd9cc1140) C:\Windows\system32\TODDSrv.exe

11:46:09.0632 4512 TODDSrv - ok

11:46:09.0726 4512 TosCoSrv (4db8c79bcea76063b83b13410366a1f7) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

11:46:09.0741 4512 TosCoSrv - ok

11:46:09.0835 4512 TOSHIBA eco Utility Service (32ff64d06a91daa0331c624aff442679) C:\Program Files\TOSHIBA\TECO\TecoService.exe

11:46:09.0866 4512 TOSHIBA eco Utility Service - ok

11:46:09.0944 4512 TOSHIBA HDD SSD Alert Service (dd58e1250f604cbbadda04575e5e2376) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

11:46:09.0944 4512 TOSHIBA HDD SSD Alert Service - ok

11:46:10.0085 4512 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\windows\system32\DRIVERS\tos_sps64.sys

11:46:10.0100 4512 tos_sps64 - ok

11:46:10.0209 4512 TPCHSrv (de64c52bd0671165cf2eebf2a728a3e2) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

11:46:10.0225 4512 TPCHSrv - ok

11:46:10.0319 4512 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll

11:46:10.0412 4512 TrkWks - ok

11:46:10.0490 4512 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\windows\servicing\TrustedInstaller.exe

11:46:10.0521 4512 TrustedInstaller - ok

11:46:10.0553 4512 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\windows\system32\DRIVERS\tssecsrv.sys

11:46:10.0615 4512 tssecsrv - ok

11:46:10.0709 4512 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\windows\system32\DRIVERS\tunnel.sys

11:46:10.0787 4512 tunnel - ok

11:46:10.0833 4512 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS

11:46:10.0849 4512 TVALZ - ok

11:46:10.0927 4512 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys

11:46:10.0958 4512 TVALZFL - ok

11:46:10.0974 4512 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys

11:46:10.0989 4512 uagp35 - ok

11:46:11.0083 4512 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\windows\system32\DRIVERS\udfs.sys

11:46:11.0130 4512 udfs - ok

11:46:11.0161 4512 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe

11:46:11.0208 4512 UI0Detect - ok

11:46:11.0301 4512 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\DRIVERS\uliagpkx.sys

11:46:11.0317 4512 uliagpkx - ok

11:46:11.0348 4512 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\windows\system32\DRIVERS\umbus.sys

11:46:11.0364 4512 umbus - ok

11:46:11.0395 4512 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys

11:46:11.0426 4512 UmPass - ok

11:46:11.0520 4512 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll

11:46:11.0598 4512 upnphost - ok

11:46:11.0676 4512 usbccgp (b26afb54a534d634523c4fb66765b026) C:\windows\system32\DRIVERS\usbccgp.sys

11:46:11.0738 4512 usbccgp - ok

11:46:11.0801 4512 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\DRIVERS\usbcir.sys

11:46:11.0863 4512 usbcir - ok

11:46:11.0894 4512 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\windows\system32\DRIVERS\usbehci.sys

11:46:11.0941 4512 usbehci - ok

11:46:12.0035 4512 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\windows\system32\DRIVERS\usbhub.sys

11:46:12.0081 4512 usbhub - ok

11:46:12.0128 4512 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\windows\system32\DRIVERS\usbohci.sys

11:46:12.0159 4512 usbohci - ok

11:46:12.0237 4512 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys

11:46:12.0284 4512 usbprint - ok

11:46:12.0362 4512 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys

11:46:12.0409 4512 usbscan - ok

11:46:12.0487 4512 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\windows\system32\DRIVERS\USBSTOR.SYS

11:46:12.0534 4512 USBSTOR - ok

11:46:12.0581 4512 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\windows\system32\DRIVERS\usbuhci.sys

11:46:12.0596 4512 usbuhci - ok

11:46:12.0643 4512 usbvideo (d501e12614b00a3252073101d6a1a74b) C:\windows\system32\Drivers\usbvideo.sys

11:46:12.0690 4512 usbvideo - ok

11:46:12.0737 4512 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll

11:46:12.0799 4512 UxSms - ok

11:46:12.0861 4512 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe

11:46:12.0893 4512 VaultSvc - ok

11:46:12.0971 4512 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\DRIVERS\vdrvroot.sys

11:46:12.0986 4512 vdrvroot - ok

11:46:13.0049 4512 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\windows\System32\vds.exe

11:46:13.0111 4512 vds - ok

11:46:13.0189 4512 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys

11:46:13.0205 4512 vga - ok

11:46:13.0251 4512 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys

11:46:13.0298 4512 VgaSave - ok

11:46:13.0314 4512 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\windows\system32\DRIVERS\vhdmp.sys

11:46:13.0329 4512 vhdmp - ok

11:46:13.0345 4512 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\DRIVERS\viaide.sys

11:46:13.0361 4512 viaide - ok

11:46:13.0376 4512 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\windows\system32\DRIVERS\volmgr.sys

11:46:13.0392 4512 volmgr - ok

11:46:13.0470 4512 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\windows\system32\drivers\volmgrx.sys

11:46:13.0485 4512 volmgrx - ok

11:46:13.0532 4512 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\windows\system32\DRIVERS\volsnap.sys

11:46:13.0548 4512 volsnap - ok

11:46:13.0579 4512 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys

11:46:13.0595 4512 vsmraid - ok

11:46:13.0704 4512 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\windows\system32\vssvc.exe

11:46:13.0751 4512 VSS - ok

11:46:13.0813 4512 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys

11:46:13.0860 4512 vwifibus - ok

11:46:13.0875 4512 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys

11:46:13.0922 4512 vwififlt - ok

11:46:14.0031 4512 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys

11:46:14.0094 4512 vwifimp - ok

11:46:14.0156 4512 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll

11:46:14.0234 4512 W32Time - ok

11:46:14.0328 4512 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys

11:46:14.0375 4512 WacomPen - ok

11:46:14.0406 4512 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys

11:46:14.0437 4512 WANARP - ok

11:46:14.0453 4512 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys

11:46:14.0484 4512 Wanarpv6 - ok

11:46:14.0640 4512 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe

11:46:14.0687 4512 WatAdminSvc - ok

11:46:14.0811 4512 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\windows\system32\wbengine.exe

11:46:14.0889 4512 wbengine - ok

11:46:14.0983 4512 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll

11:46:15.0030 4512 WbioSrvc - ok

11:46:15.0061 4512 wcncsvc (8321c2ca3b62b61b293cda3451984468) C:\windows\System32\wcncsvc.dll

11:46:15.0092 4512 wcncsvc - ok

11:46:15.0170 4512 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll

11:46:15.0233 4512 WcsPlugInService - ok

11:46:15.0264 4512 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys

11:46:15.0279 4512 Wd - ok

11:46:15.0357 4512 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\windows\system32\DRIVERS\wdcsam64.sys

11:46:15.0404 4512 WDC_SAM - ok

11:46:15.0467 4512 WDDMService (fa24fbe15a8036387ecc013d06094f3d) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

11:46:15.0482 4512 WDDMService ( UnsignedFile.Multi.Generic ) - warning

11:46:15.0482 4512 WDDMService - detected UnsignedFile.Multi.Generic (1)

11:46:15.0576 4512 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys

11:46:15.0623 4512 Wdf01000 - ok

11:46:15.0701 4512 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll

11:46:15.0732 4512 WdiServiceHost - ok

11:46:15.0747 4512 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll

11:46:15.0763 4512 WdiSystemHost - ok

11:46:15.0825 4512 WDSmartWareBackgroundService (138ab06adbbf300aa804d7974a5aec82) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

11:46:15.0841 4512 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - warning

11:46:15.0841 4512 WDSmartWareBackgroundService - detected UnsignedFile.Multi.Generic (1)

11:46:15.0935 4512 WebClient (8a438cbb8c032a0c798b0c642ffbe572) C:\windows\System32\webclnt.dll

11:46:15.0997 4512 WebClient - ok

11:46:16.0028 4512 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll

11:46:16.0106 4512 Wecsvc - ok

11:46:16.0184 4512 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll

11:46:16.0278 4512 wercplsupport - ok

11:46:16.0325 4512 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll

11:46:16.0403 4512 WerSvc - ok

11:46:16.0481 4512 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys

11:46:16.0574 4512 WfpLwf - ok

11:46:16.0605 4512 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys

11:46:16.0621 4512 WIMMount - ok

11:46:16.0652 4512 WinDefend - ok

11:46:16.0652 4512 WinHttpAutoProxySvc - ok

11:46:16.0777 4512 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll

11:46:16.0824 4512 Winmgmt - ok

11:46:16.0949 4512 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\windows\system32\WsmSvc.dll

11:46:17.0027 4512 WinRM - ok

11:46:17.0167 4512 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\windows\system32\DRIVERS\WinUsb.sys

11:46:17.0198 4512 WinUsb - ok

11:46:17.0245 4512 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll

11:46:17.0276 4512 Wlansvc - ok

11:46:17.0401 4512 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

11:46:17.0463 4512 wlidsvc - ok

11:46:17.0541 4512 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys

11:46:17.0588 4512 WmiAcpi - ok

11:46:17.0651 4512 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe

11:46:17.0697 4512 wmiApSrv - ok

11:46:17.0744 4512 WMPNetworkSvc - ok

11:46:17.0807 4512 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll

11:46:17.0853 4512 WPCSvc - ok

11:46:17.0869 4512 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\windows\system32\wpdbusenum.dll

11:46:17.0916 4512 WPDBusEnum - ok

11:46:17.0994 4512 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys

11:46:18.0056 4512 ws2ifsl - ok

11:46:18.0087 4512 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll

11:46:18.0119 4512 wscsvc - ok

11:46:18.0212 4512 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\windows\system32\DRIVERS\WSDPrint.sys

11:46:18.0275 4512 WSDPrintDevice - ok

11:46:18.0275 4512 WSearch - ok

11:46:18.0368 4512 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\windows\system32\wuaueng.dll

11:46:18.0446 4512 wuauserv - ok

11:46:18.0524 4512 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\windows\system32\drivers\WudfPf.sys

11:46:18.0602 4512 WudfPf - ok

11:46:18.0649 4512 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\windows\system32\DRIVERS\WUDFRd.sys

11:46:18.0727 4512 WUDFRd - ok

11:46:18.0805 4512 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\windows\System32\WUDFSvc.dll

11:46:18.0852 4512 wudfsvc - ok

11:46:18.0867 4512 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll

11:46:18.0899 4512 WwanSvc - ok

11:46:18.0961 4512 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0

11:46:19.0070 4512 \Device\Harddisk0\DR0 - ok

11:46:19.0117 4512 Boot (0x1200) (98938257e2b2777836945f7021fa03b3) \Device\Harddisk0\DR0\Partition0

11:46:19.0117 4512 \Device\Harddisk0\DR0\Partition0 - ok

11:46:19.0117 4512 ============================================================

11:46:19.0117 4512 Scan finished

11:46:19.0117 4512 ============================================================

11:46:19.0133 2840 Detected object count: 9

11:46:19.0133 2840 Actual detected object count: 9

11:46:50.0691 2840 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user

11:46:50.0691 2840 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip

11:46:50.0691 2840 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

11:46:50.0691 2840 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

11:46:50.0707 2840 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

11:46:50.0707 2840 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

11:46:50.0707 2840 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - skipped by user

11:46:50.0707 2840 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - User select action: Skip

11:46:50.0707 2840 QBFCService ( UnsignedFile.Multi.Generic ) - skipped by user

11:46:50.0707 2840 QBFCService ( UnsignedFile.Multi.Generic ) - User select action: Skip

11:46:50.0707 2840 sptd ( LockedFile.Multi.Generic ) - skipped by user

11:46:50.0707 2840 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

11:46:50.0723 2840 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - skipped by user

11:46:50.0723 2840 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - User select action: Skip

11:46:50.0723 2840 WDDMService ( UnsignedFile.Multi.Generic ) - skipped by user

11:46:50.0723 2840 WDDMService ( UnsignedFile.Multi.Generic ) - User select action: Skip

11:46:50.0723 2840 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - skipped by user

11:46:50.0723 2840 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - User select action: Skip

[MrCharlie]

That's clean, just some unsigned files.

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingc...to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Please include the C:\ComboFix.txt in your next reply for further review.

MrC

[MrCharlie]

How are we doing??

Do you still need help or can I close this post??

MrC

[LDTate]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!