Jump to content

Infected Google Chrome/ PC ?


R2D2
 Share

Recommended Posts

In the last few days i have noticed my computer getting slower, and have noticed when using google chrome, there was a small paper logo in the menu bar, when usually it is secure (https)

I am running Mware Free and AVG, both of which are up to date. A couple of days ago Mware quarantined the following :-

Whilst on Chrome tonight when i opened a new tab a page redirected to this saying hacked ??

Link to post
Share on other sites

Welcome to the forum, please start at the link below:

http://forums.malwar...?showtopic=9573

Post back the 2 logs here.....DDS.txt and Attach.txt

<====><====><====><====><====><====><====><====>

Next.......

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller to your desktop.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

MrC

Link to post
Share on other sites

DDS report >

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1

Run by User at 14:15:38 on 2012-08-07

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.3955.1817 [GMT 10:00]

.

AV: AVG Internet Security 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}

SP: AVG Internet Security 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}

FW: AVG Firewall *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\AVG\AVG2012\avgfws.exe

C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\ThpSrv.exe

C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

C:\Program Files\TOSHIBA\TECO\TecoService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgemca.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\taskeng.exe

C:\Windows\System32\rundll32.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe

C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe

C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe

C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

C:\Windows\System32\ThpSrv.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\TOSHIBA\TECO\Teco.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\TOSHIBA\FlashCards\Hotkey\TcrdKBB.exe

C:\Program Files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe

C:\Program Files (x86)\TOSHIBA\Bluetooth Monitor\BtMon64.exe

C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe

C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe

C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe

C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe

C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

C:\Windows\system32\DllHost.exe

C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe

C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe

C:\Windows\system32\conhost.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe

C:\Windows\system32\conhost.exe

C:\Program Files (x86)\Windows Live\Mail\wlmail.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe

C:\Program Files (x86)\AVG\AVG2012\avgui.exe

C:\Program Files (x86)\AVG\AVG2012\avgcfgex.exe

C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = https://google.com.au/

uInternet Settings,ProxyOverride = *.local

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

BHO: TOSHIBA Media Controller Plug-in: {f3c88694-effa-4d78-b409-54b7b2535b14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

mRun: [iTSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START

mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60

mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

mRun: [TRCMan] C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe

mRun: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL

mRun: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP

mRun: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe

mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~2.LNK - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

TCP: DhcpNameServer = 192.168.2.1 211.29.152.116 198.142.0.51 211.29.132.12

TCP: Interfaces\{31463894-47C5-49DF-A89A-EA8BA3665776} : DhcpNameServer = 192.168.2.1 211.29.152.116 198.142.0.51 211.29.132.12

TCP: Interfaces\{31463894-47C5-49DF-A89A-EA8BA3665776}\2656C6B696E6534376 : DhcpNameServer = 192.168.2.1 211.29.152.116 198.142.0.51 211.29.132.12

TCP: Interfaces\{9E78E34D-D59A-4AD8-8FD9-FBBDFD3C7051} : DhcpNameServer = 192.168.2.1 61.9.194.49 61.9.195.193

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

BHO-X64: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

mRun-x64: [iTSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START

mRun-x64: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60

mRun-x64: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

mRun-x64: [TRCMan] C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe

mRun-x64: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL

mRun-x64: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP

mRun-x64: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe

mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t5wlvxjm.default\

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]

R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\Windows\system32\DRIVERS\thpdrv.sys --> C:\Windows\system32\DRIVERS\thpdrv.sys [?]

R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\Windows\system32\DRIVERS\Thpevm.SYS --> C:\Windows\system32\DRIVERS\Thpevm.SYS [?]

R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\Windows\system32\DRIVERS\tos_sps64.sys --> C:\Windows\system32\DRIVERS\tos_sps64.sys [?]

R1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6a.sys --> C:\Windows\system32\DRIVERS\avgfwd6a.sys [?]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]

R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-9-16 169312]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]

R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]

R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-1-28 249200]

R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-3-10 46448]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-8-6 655944]

R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-4-6 258928]

R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\Windows\system32\DRIVERS\TVALZFL.sys --> C:\Windows\system32\DRIVERS\TVALZFL.sys [?]

R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]

R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]

R3 enecir;ENE CIR Receiver;C:\Windows\system32\DRIVERS\enecir.sys --> C:\Windows\system32\DRIVERS\enecir.sys [?]

R3 enecirhid;ENE CIR HID Receiver;C:\Windows\system32\DRIVERS\enecirhid.sys --> C:\Windows\system32\DRIVERS\enecirhid.sys [?]

R3 enecirhidma;ENE CIR HIDmini Filter;C:\Windows\system32\DRIVERS\enecirhidma.sys --> C:\Windows\system32\DRIVERS\enecirhidma.sys [?]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]

R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]

R3 PGEffect;Pangu effect driver;C:\Windows\system32\DRIVERS\pgeffect.sys --> C:\Windows\system32\DRIVERS\pgeffect.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2012-3-10 54136]

R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]

R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-2-23 835952]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-29 158856]

S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-4-1 183560]

S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-3-13 1038088]

S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-8-6 113120]

S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]

S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2012-08-07 01:41:11 -------- d-----w- C:\Users\User\AppData\Local\{5EB0BD32-955A-4D4E-9617-530CED9C4DE9}

2012-08-07 01:41:06 -------- d-----w- C:\Users\User\AppData\Local\{4CC6186A-A2D4-4157-AFCF-CB644C0334A4}

2012-08-06 05:02:33 9133488 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0AA5427F-5F29-43E0-82E5-AA63BCFAED25}\mpengine.dll

2012-08-06 04:53:16 -------- d-----w- C:\Users\User\AppData\Local\{55B1E213-73F7-4F9A-91E0-E2D34CDB6012}

2012-08-06 04:53:03 -------- d-----w- C:\Users\User\AppData\Local\{2964E180-B0DB-4F1A-AD4E-8E79657C60E5}

2012-08-06 01:48:59 -------- d-----w- C:\Users\User\AppData\Local\Macromedia

2012-08-06 00:36:43 -------- d-----w- C:\Users\User\AppData\Local\Mozilla

2012-08-06 00:36:20 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service

2012-08-05 16:10:09 -------- d-----w- C:\Users\User\AppData\Local\{AF577CB8-ED1A-42A2-B5AD-5FFBF664D481}

2012-08-05 16:09:46 -------- d-----w- C:\Users\User\AppData\Local\{3D73F63E-946A-4068-BFA2-1E83AD35D5A1}

2012-08-05 01:52:46 9133488 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-08-05 01:34:53 -------- d-----w- C:\Users\User\AppData\Local\{3BFEEE9F-E0EE-4D40-BF1E-706F8FBEFBCB}

2012-08-05 01:34:30 -------- d-----w- C:\Users\User\AppData\Local\{2246B0D4-74F0-4F9D-ABC4-83728B88B0F4}

2012-08-04 12:51:58 -------- d-----w- C:\Users\User\AppData\Local\{3035641B-7879-4BC2-B30A-20D9EF51684E}

2012-08-04 12:51:45 -------- d-----w- C:\Users\User\AppData\Local\{564F8EF3-D2C4-4B65-A8BF-815D9E38C5A4}

2012-08-04 00:22:19 -------- d-----w- C:\Users\User\AppData\Local\{82772086-29A3-46FB-8798-5C7B03260C13}

2012-08-04 00:21:36 -------- d-----w- C:\Users\User\AppData\Local\{E98112BC-C832-4D4C-B020-E15420D72916}

2012-08-03 01:40:24 -------- d-----w- C:\Users\User\AppData\Local\{D1051F2E-D7D1-44AE-9E4C-4741C35362A0}

2012-08-03 01:40:02 -------- d-----w- C:\Users\User\AppData\Local\{1B9AD6A3-C169-4801-978E-149087E87E2E}

2012-08-02 13:39:38 -------- d-----w- C:\Users\User\AppData\Local\{80899358-C26F-4D04-BF65-C7500287768A}

2012-08-02 13:39:16 -------- d-----w- C:\Users\User\AppData\Local\{ECC0847D-FCD7-47C8-946A-5ED5DB918837}

2012-08-02 01:38:49 -------- d-----w- C:\Users\User\AppData\Local\{B81577C5-B5B8-4EDD-839A-ECA8A4581E87}

2012-08-02 01:38:28 -------- d-----w- C:\Users\User\AppData\Local\{665569FE-6C21-4C94-AA2D-FB087970DB75}

2012-08-01 13:38:01 -------- d-----w- C:\Users\User\AppData\Local\{8BACE3FF-1D75-43C0-8FB0-B1257A1B563D}

2012-08-01 13:37:39 -------- d-----w- C:\Users\User\AppData\Local\{4534B255-F124-4D13-9642-F81538A17032}

2012-08-01 01:37:09 -------- d-----w- C:\Users\User\AppData\Local\{0D62549F-2992-4A5B-92EF-C1EF0007ADD3}

2012-08-01 01:36:59 -------- d-----w- C:\Users\User\AppData\Local\{9E20DCC6-2060-4F77-89E7-CA89ACED4EDD}

2012-07-31 03:23:42 -------- d-----w- C:\Users\User\AppData\Local\{CD605780-E6DA-4AD9-807E-A23A0A77EA7C}

2012-07-31 03:23:29 -------- d-----w- C:\Users\User\AppData\Local\{091CFC26-07C8-4889-AC92-2A962E42B80E}

2012-07-30 12:42:23 -------- d-----w- C:\Users\User\AppData\Local\{F2212AA4-3F9A-493D-B124-629250C1B9B9}

2012-07-30 12:41:56 -------- d-----w- C:\Users\User\AppData\Local\{9C193D1D-0547-4BB6-ABC2-0265C0EBE64F}

2012-07-30 00:41:31 -------- d-----w- C:\Users\User\AppData\Local\{DA317FDD-BB6B-4D63-8A6D-9419F322CC34}

2012-07-30 00:41:20 -------- d-----w- C:\Users\User\AppData\Local\{386F5D71-1575-4A5F-BE18-368BB8830153}

2012-07-29 06:08:35 -------- d-----w- C:\Users\User\AppData\Local\{BCD01673-FC3A-41B3-9C0F-10FDD4401BE8}

2012-07-29 06:07:44 -------- d-----w- C:\Users\User\AppData\Local\{3AA65123-7898-4C43-BD75-E2E568CFA997}

2012-07-28 11:52:34 -------- d-----w- C:\Users\User\AppData\Local\{9333BF69-C2B1-4D42-BC00-28A3BC8505FE}

2012-07-28 11:52:11 -------- d-----w- C:\Users\User\AppData\Local\{19A32462-0FA2-4C35-8211-7C1FBC0490DF}

2012-07-27 23:51:45 -------- d-----w- C:\Users\User\AppData\Local\{77CF40FC-A8A5-4439-B69A-8E4F1F8971F0}

2012-07-27 23:51:30 -------- d-----w- C:\Users\User\AppData\Local\{33751988-82F4-44AD-B34B-93B46B7DD132}

2012-07-27 03:14:53 -------- d-----w- C:\Users\User\AppData\Local\{D7D5B9B2-8C40-4F5E-9ACF-9C6FC7CFC49C}

2012-07-27 03:14:30 -------- d-----w- C:\Users\User\AppData\Local\{3C5F6E1B-57D0-4B7B-A789-D4C5ED3C2845}

2012-07-26 13:29:57 -------- d-----w- C:\Users\User\AppData\Local\{231021A0-E8D5-4C35-A4B7-279B8FBC5D42}

2012-07-26 13:29:32 -------- d-----w- C:\Users\User\AppData\Local\{3EA9EDB6-453F-425D-948B-91FDD3DBDD1A}

2012-07-26 01:29:07 -------- d-----w- C:\Users\User\AppData\Local\{AB8203C8-8B4C-4F3B-A1A6-B29C1FDD63ED}

2012-07-26 01:28:46 -------- d-----w- C:\Users\User\AppData\Local\{002E2C12-AA40-451F-98D9-14044BBE951E}

2012-07-25 13:28:19 -------- d-----w- C:\Users\User\AppData\Local\{9C2190A8-202D-495D-ABA0-8B617491D819}

2012-07-25 13:27:57 -------- d-----w- C:\Users\User\AppData\Local\{AFF7BE2A-092C-4F57-B9DA-D7390E09258B}

2012-07-25 01:27:33 -------- d-----w- C:\Users\User\AppData\Local\{824074E9-FEFE-4CBB-9C3B-D231F388C69B}

2012-07-25 01:27:22 -------- d-----w- C:\Users\User\AppData\Local\{6CBE16E1-511C-45D9-968C-223564AFF624}

2012-07-24 12:54:50 -------- d-----w- C:\Users\User\AppData\Local\{3C118AB2-B091-4CE9-83DC-7797CD6E7DB9}

2012-07-24 12:54:28 -------- d-----w- C:\Users\User\AppData\Local\{3554D1BE-B24C-4A9B-8BCC-39A8D1B22446}

2012-07-24 00:54:03 -------- d-----w- C:\Users\User\AppData\Local\{F7DB5861-4991-47E2-9D63-9F8853C35CD0}

2012-07-24 00:53:53 -------- d-----w- C:\Users\User\AppData\Local\{357F3FFA-0737-4A92-B651-2ADE5FDFE8B5}

2012-07-23 12:47:41 -------- d-----w- C:\Users\User\AppData\Local\{DD40BA29-836F-40A1-8C4C-20516A131718}

2012-07-23 12:47:18 -------- d-----w- C:\Users\User\AppData\Local\{D17F10D9-62B8-4759-9ACD-26DA2E8EADD7}

2012-07-23 00:46:22 -------- d-----w- C:\Users\User\AppData\Local\{9F1A6D36-C884-4AE5-9FE1-F4F6A7DF1FBA}

2012-07-23 00:45:34 -------- d-----w- C:\Users\User\AppData\Local\{7783D9E7-9B87-4611-833A-936D36E2D3AA}

2012-07-22 05:15:24 -------- d-----w- C:\Users\User\AppData\Local\{BA763B2F-D87D-4E1D-8B99-E622CA73CC71}

2012-07-22 05:15:02 -------- d-----w- C:\Users\User\AppData\Local\{0173D00B-8992-4324-B331-F9F9D754B17B}

2012-07-21 17:14:36 -------- d-----w- C:\Users\User\AppData\Local\{5DEE80CC-20A1-49A0-A959-FFB7C946380A}

2012-07-21 17:14:13 -------- d-----w- C:\Users\User\AppData\Local\{BBAEE834-FB0D-485C-BBA2-1C5EC3D05BFD}

2012-07-21 05:13:49 -------- d-----w- C:\Users\User\AppData\Local\{19540840-CEFF-44A9-A61D-81F09351C4A9}

2012-07-21 05:13:39 -------- d-----w- C:\Users\User\AppData\Local\{AED6286A-001B-4B22-B62B-F18A372F1F10}

2012-07-20 13:55:05 -------- d-----w- C:\Users\User\AppData\Local\{E4387415-5495-4C94-A814-980482933685}

2012-07-20 13:54:42 -------- d-----w- C:\Users\User\AppData\Local\{EEDA77CA-EB4B-472A-BDC4-6A33262CB59C}

2012-07-20 01:54:16 -------- d-----w- C:\Users\User\AppData\Local\{D91D0BB2-33C0-4410-A9F1-12E520BE522B}

2012-07-20 01:54:05 -------- d-----w- C:\Users\User\AppData\Local\{B85720BB-1331-4B9E-A276-9213CBB512AF}

2012-07-19 13:42:26 -------- d-----w- C:\Users\User\AppData\Local\{3B9816C3-1F87-4EB6-A642-917DB136995D}

2012-07-19 13:42:02 -------- d-----w- C:\Users\User\AppData\Local\{3384FE38-55FE-47E4-BC65-43E80E328D63}

2012-07-19 01:41:35 -------- d-----w- C:\Users\User\AppData\Local\{4C5E0CB3-338F-4689-831C-B2ACB57D7BA4}

2012-07-19 01:41:13 -------- d-----w- C:\Users\User\AppData\Local\{93210C70-DA44-4E9F-8492-724AB083ECDC}

2012-07-18 22:53:38 -------- d-----w- C:\PFiles

2012-07-18 13:40:46 -------- d-----w- C:\Users\User\AppData\Local\{738BE42C-5DA2-49F6-9094-36F18CAFFF03}

2012-07-18 13:40:23 -------- d-----w- C:\Users\User\AppData\Local\{A4AD427E-5243-4468-B99F-F391F3618103}

2012-07-18 01:39:57 -------- d-----w- C:\Users\User\AppData\Local\{F69DD8CA-4418-415E-B90C-9F15383D1AE6}

2012-07-18 01:39:46 -------- d-----w- C:\Users\User\AppData\Local\{54C9474B-032A-4E0A-A85D-9F5330F4DCA3}

2012-07-17 05:45:34 -------- d-----w- C:\Users\User\AppData\Local\{7048FA4D-726F-4F3F-8289-972F80D8CE48}

2012-07-17 05:45:24 -------- d-----w- C:\Users\User\AppData\Local\{F58939B2-C5F7-42A2-B060-3BD45403284A}

2012-07-16 13:33:18 -------- d-----w- C:\Users\User\AppData\Local\{EA97EE46-3C9C-4801-8F6B-38431043646E}

2012-07-16 13:32:57 -------- d-----w- C:\Users\User\AppData\Local\{01E0F386-3F5C-4FF9-A347-FD353F93CA25}

2012-07-16 01:32:32 -------- d-----w- C:\Users\User\AppData\Local\{355A9BC6-5045-4790-83E2-199318D1C29A}

2012-07-16 01:32:10 -------- d-----w- C:\Users\User\AppData\Local\{E5795BB7-9043-43B0-A64E-1ACB9E7083AF}

2012-07-15 13:31:42 -------- d-----w- C:\Users\User\AppData\Local\{F4C6D25D-94F4-4E71-96D3-20FFD53C1074}

2012-07-15 13:31:18 -------- d-----w- C:\Users\User\AppData\Local\{16273635-DA31-4E39-A656-08D6C1A353A4}

2012-07-15 01:30:51 -------- d-----w- C:\Users\User\AppData\Local\{3C26654A-EEE8-48AC-BD96-24AA5B3F6E07}

2012-07-15 01:30:28 -------- d-----w- C:\Users\User\AppData\Local\{86B272EB-EF67-4B15-8196-665B8F3F82CD}

2012-07-14 13:30:01 -------- d-----w- C:\Users\User\AppData\Local\{B93BE72E-E41F-46A9-89EB-9815F87DE66B}

2012-07-14 13:29:39 -------- d-----w- C:\Users\User\AppData\Local\{E132F4C0-9F8F-4F0E-A329-BAB96EEA9E75}

2012-07-14 01:29:11 -------- d-----w- C:\Users\User\AppData\Local\{195975BD-EC55-4624-9E24-27BC208A123D}

2012-07-14 01:29:01 -------- d-----w- C:\Users\User\AppData\Local\{8F96178D-87A7-4577-BEBD-3F3F8C23FA62}

2012-07-13 06:10:06 -------- d-----w- C:\Users\User\AppData\Local\{17984A18-D3A9-4093-ADAA-627ABE40DBC3}

2012-07-13 06:09:56 -------- d-----w- C:\Users\User\AppData\Local\{897CF02D-BFF2-4099-BD54-9FFE93DCE626}

2012-07-13 01:04:22 -------- d-----w- C:\Users\User\AppData\Local\{030E0D5A-D0D8-488E-B40F-6E0AD04BAE82}

2012-07-12 02:48:28 -------- d-----w- C:\Users\User\AppData\Local\{DE853974-5263-4D9D-A57D-B26477A8F614}

2012-07-12 02:47:53 -------- d-----w- C:\Users\User\AppData\Local\{90A964D5-ACB8-4EC3-BBDD-041C4B395B4C}

2012-07-11 17:10:41 3148800 ----a-w- C:\Windows\System32\win32k.sys

2012-07-11 14:14:03 -------- d-----w- C:\Users\User\AppData\Local\{910754F8-C070-4AE0-9845-17411C34257A}

2012-07-11 14:13:41 -------- d-----w- C:\Users\User\AppData\Local\{D8903F8A-042D-4BCD-B512-848CB4C4AA92}

2012-07-11 02:13:16 -------- d-----w- C:\Users\User\AppData\Local\{4106F55A-042D-4CE2-92FB-21C6CA306D66}

2012-07-11 02:13:06 -------- d-----w- C:\Users\User\AppData\Local\{602645C6-1BFE-43DA-8B4E-222F9BC188C3}

2012-07-10 13:10:03 -------- d-----w- C:\Users\User\AppData\Local\{2016FFF2-9F44-4AD2-9E50-4D8FB3AC6B79}

2012-07-10 13:09:41 -------- d-----w- C:\Users\User\AppData\Local\{D3A582B9-5C52-413C-A600-EF73AC5EA6EE}

2012-07-10 01:09:17 -------- d-----w- C:\Users\User\AppData\Local\{40307073-BA69-4470-B4F6-8355F137DF5D}

2012-07-10 01:09:07 -------- d-----w- C:\Users\User\AppData\Local\{4D222511-EEAF-4A63-BAEC-876E46DE4530}

2012-07-09 11:58:27 -------- d-----w- C:\Users\User\AppData\Local\{D844996F-8EB7-4259-B96D-84B5C97A23E0}

2012-07-09 11:58:02 -------- d-----w- C:\Users\User\AppData\Local\{4B104D21-74E9-49F6-9A04-E987B759C089}

2012-07-08 23:57:38 -------- d-----w- C:\Users\User\AppData\Local\{323BABB3-1B27-4861-93A4-7E32373B633D}

2012-07-08 23:56:32 -------- d-----w- C:\Users\User\AppData\Local\{95C05EDB-5C0B-4574-827C-C5DC4D438858}

.

==================== Find3M ====================

.

2012-08-06 01:44:43 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-08-06 01:44:43 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-07-03 03:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll

2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll

2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll

2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll

2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll

2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll

2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll

2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll

2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll

2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys

2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll

2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll

2012-06-02 05:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll

2012-06-02 05:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe

2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll

2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll

2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

2012-05-15 09:29:47 889664 ----a-w- C:\Windows\System32\nvvsvc.exe

2012-05-15 09:29:46 63296 ----a-w- C:\Windows\System32\nvshext.dll

2012-05-15 09:29:46 2561856 ----a-w- C:\Windows\System32\nvsvcr.dll

2012-05-15 09:29:46 118080 ----a-w- C:\Windows\System32\nvmctray.dll

2012-05-15 09:29:25 3149632 ----a-w- C:\Windows\System32\nvsvc64.dll

2012-05-15 09:28:42 6151488 ----a-w- C:\Windows\System32\nvcpl.dll

.

============= FINISH: 14:17:00.16 ===============

Attach report >

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 10/03/2012 12:28:34 PM

System Uptime: 7/08/2012 9:36:22 AM (5 hours ago)

.

Motherboard: TOSHIBA | | NWQAA

Processor: Intel® Core i5 CPU M 430 @ 2.27GHz | CPU | 2267/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 466 GiB total, 385.337 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP105: 12/07/2012 3:00:35 AM - Windows Update

RP106: 16/07/2012 11:20:34 AM - Windows Update

RP107: 19/07/2012 8:53:02 AM - Installed Windows Media Player Firefox Plugin

RP108: 20/07/2012 12:01:55 PM - Windows Update

RP109: 24/07/2012 11:02:42 AM - Windows Update

RP110: 27/07/2012 1:24:57 PM - Windows Update

RP111: 31/07/2012 1:27:19 PM - Windows Update

RP112: 3/08/2012 11:08:09 PM - Windows Update

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

Acrobat.com

Adobe After Effects CS4 Third Party Content

Adobe AIR

Adobe Anchor Service CS4

Adobe Bridge CS4

Adobe CMaps CS4

Adobe Color - Photoshop Specific CS4

Adobe Color EU Recommended Settings CS4

Adobe Color JA Extra Settings CS4

Adobe Color NA Extra Settings CS4

Adobe Color Video Profiles CS CS4

Adobe Creative Suite 4 Master Collection

Adobe CS4 American English Speech Analysis Models

Adobe CS4 French Speech Analysis Models

Adobe CS4 German Speech Analysis Models

Adobe CS4 International English Speech Analysis Models

Adobe CS4 Italian Speech Analysis Models

Adobe CS4 Japanese Speech Analysis Models

Adobe CS4 Korean Speech Analysis Models

Adobe CS4 Spanish Speech Analysis Models

Adobe CSI CS4

Adobe Default Language CS4

Adobe Drive CS4

Adobe Dynamiclink Support

Adobe Encore CS4 Codecs

Adobe ExtendScript Toolkit CS4

Adobe Extension Manager CS4

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Fonts All

Adobe Linguistics CS4

Adobe Media Encoder CS4 Exporter

Adobe Media Encoder CS4 Importer

Adobe Output Module

Adobe PDF Library Files CS4

Adobe Photoshop CS4

Adobe Photoshop CS4 Support

Adobe Photoshop Elements 7.0

Adobe Premiere Pro CS4 Third Party Content

Adobe Reader X (10.1.3)

Adobe Search for Help

Adobe Service Manager Extension

Adobe Setup

Adobe Shockwave Player 11.6

Adobe Soundbooth CS4

Adobe Soundbooth CS4 Codecs

Adobe Type Support CS4

Adobe Update Manager CS4

Adobe WinSoft Linguistics Plugin

Adobe XMP Panels CS4

AdobeColorCommonSetCMYK

AdobeColorCommonSetRGB

Apple Application Support

Apple Software Update

Bing Bar

Bluetooth Monitor 4

Boris Graffiti for Corel

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

Common

Connect

Contents

Corel VideoStudio Pro X4 Ultimate

D3DX10

DeviceIO

ICA

Intel® Rapid Storage Technology

IPM_VS_Pro

ISCOM

Java Auto Updater

Java 7 Update 5

JavaFX 2.1.1

JMicron Flash Media Controller Driver

Junk Mail filter update

kuler

Malwarebytes Anti-Malware version 1.62.0.1300

Mesh Runtime

Messenger Companion

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Mozilla Firefox 14.0.1 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

NVIDIA PhysX

PDF Settings CS4

Photoshop Camera Raw

proDAD Mercalli 2.0

PureHD

QuickTime

Realtek Ethernet Controller Driver For Windows 7

Realtek High Definition Audio Driver

Safari

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition

Setup

Share

Skype™ 5.8

SmartSound Common Data

SmartSound Quicktracks 5

Suite Shared Configuration CS4

swMSM

TOSHIBA ConfigFree

TOSHIBA DVD PLAYER

TOSHIBA eco Utility

TOSHIBA Face Recognition

TOSHIBA Flash Cards Support Utility

TOSHIBA Hardware Setup

TOSHIBA HDD/SSD Alert

TOSHIBA Media Controller

TOSHIBA Media Controller Plug-in

TOSHIBA Remote Control Manager

TOSHIBA Service Station

TOSHIBA Sleep Utility

TOSHIBA Speech System Applications

TOSHIBA Speech System SR Engine(U.S.) Version1.0

TOSHIBA Speech System TTS Engine(U.S.) Version1.0

TOSHIBA Supervisor Password

TOSHIBA Value Added Package

TOSHIBA Web Camera Application

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Utility Common Driver

VIO

Visual Studio 2008 x64 Redistributables

VSClassic

VSUltimate

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Media Encoder 9 Series

Windows Media Player Firefox Plugin

.

==== Event Viewer Messages From Past Week ========

.

6/08/2012 4:33:17 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}

6/08/2012 4:33:17 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}

6/08/2012 3:39:43 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.

6/08/2012 3:39:43 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

6/08/2012 3:39:43 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

6/08/2012 3:39:42 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

6/08/2012 3:39:39 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

6/08/2012 3:39:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

6/08/2012 3:38:51 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 21

6/08/2012 3:38:37 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx64 Avgmfx64 discache MpFilter spldr Tosrfcom Wanarpv6

6/08/2012 12:57:16 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

6/08/2012 10:10:24 AM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

6/08/2012 10:09:56 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.

5/08/2012 11:24:50 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

5/08/2012 11:24:50 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

5/08/2012 11:24:18 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Avgfwfd Avgldx64 Avgmfx64 Avgtdia DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx Tosrfcom vwififlt Wanarpv6 WfpLwf

5/08/2012 11:24:17 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

5/08/2012 11:24:17 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

5/08/2012 11:24:17 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

5/08/2012 11:24:17 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

5/08/2012 11:24:17 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

5/08/2012 11:24:17 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

5/08/2012 11:24:17 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

5/08/2012 11:24:17 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

5/08/2012 11:24:17 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

5/08/2012 11:24:17 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

31/07/2012 10:00:39 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{31463894-47C5-49DF-A89A-EA8BA3665776} because another computer on the network has the same name. The server could not start.

31/07/2012 1:18:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

31/07/2012 1:18:22 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

31/07/2012 1:18:22 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

3/08/2012 11:24:58 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.

3/08/2012 11:22:39 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.

.

==== End Of File ===========================

Link to post
Share on other sites

14:27:08.0892 7528 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32

14:27:10.0121 7528 ============================================================

14:27:10.0121 7528 Current date / time: 2012/08/07 14:27:10.0121

14:27:10.0121 7528 SystemInfo:

14:27:10.0121 7528

14:27:10.0121 7528 OS Version: 6.1.7601 ServicePack: 1.0

14:27:10.0121 7528 Product type: Workstation

14:27:10.0122 7528 ComputerName: USER-PC

14:27:10.0122 7528 UserName: User

14:27:10.0122 7528 Windows directory: C:\Windows

14:27:10.0122 7528 System windows directory: C:\Windows

14:27:10.0122 7528 Running under WOW64

14:27:10.0122 7528 Processor architecture: Intel x64

14:27:10.0122 7528 Number of processors: 4

14:27:10.0122 7528 Page size: 0x1000

14:27:10.0122 7528 Boot type: Normal boot

14:27:10.0122 7528 ============================================================

14:27:11.0309 7528 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

14:27:11.0319 7528 ============================================================

14:27:11.0320 7528 \Device\Harddisk0\DR0:

14:27:11.0320 7528 MBR partitions:

14:27:11.0320 7528 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

14:27:11.0320 7528 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000

14:27:11.0320 7528 ============================================================

14:27:11.0356 7528 C: <-> \Device\Harddisk0\DR0\Partition1

14:27:11.0356 7528 ============================================================

14:27:11.0356 7528 Initialize success

14:27:11.0356 7528 ============================================================

14:27:14.0245 5152 ============================================================

14:27:14.0245 5152 Scan started

14:27:14.0245 5152 Mode: Manual;

14:27:14.0245 5152 ============================================================

14:27:15.0060 5152 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

14:27:15.0072 5152 1394ohci - ok

14:27:15.0122 5152 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

14:27:15.0136 5152 ACPI - ok

14:27:15.0157 5152 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

14:27:15.0158 5152 AcpiPmi - ok

14:27:15.0248 5152 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys

14:27:15.0252 5152 adfs - ok

14:27:15.0569 5152 AdobeActiveFileMonitor7.0 (3fd8dc2c9735c2aa70155102cfb93eda) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe

14:27:15.0574 5152 AdobeActiveFileMonitor7.0 - ok

14:27:15.0688 5152 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

14:27:15.0691 5152 AdobeARMservice - ok

14:27:15.0794 5152 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys

14:27:15.0820 5152 adp94xx - ok

14:27:15.0867 5152 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys

14:27:15.0873 5152 adpahci - ok

14:27:15.0906 5152 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys

14:27:15.0911 5152 adpu320 - ok

14:27:15.0947 5152 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

14:27:15.0950 5152 AeLookupSvc - ok

14:27:16.0036 5152 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

14:27:16.0060 5152 AFD - ok

14:27:16.0109 5152 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

14:27:16.0113 5152 agp440 - ok

14:27:16.0144 5152 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

14:27:16.0147 5152 ALG - ok

14:27:16.0165 5152 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

14:27:16.0167 5152 aliide - ok

14:27:16.0182 5152 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

14:27:16.0184 5152 amdide - ok

14:27:16.0196 5152 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys

14:27:16.0199 5152 AmdK8 - ok

14:27:16.0211 5152 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys

14:27:16.0213 5152 AmdPPM - ok

14:27:16.0245 5152 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

14:27:16.0248 5152 amdsata - ok

14:27:16.0275 5152 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys

14:27:16.0279 5152 amdsbs - ok

14:27:16.0290 5152 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

14:27:16.0292 5152 amdxata - ok

14:27:16.0324 5152 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

14:27:16.0326 5152 AppID - ok

14:27:16.0376 5152 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

14:27:16.0378 5152 AppIDSvc - ok

14:27:16.0398 5152 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

14:27:16.0399 5152 Appinfo - ok

14:27:16.0613 5152 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

14:27:16.0616 5152 Apple Mobile Device - ok

14:27:16.0639 5152 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys

14:27:16.0642 5152 arc - ok

14:27:16.0667 5152 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys

14:27:16.0670 5152 arcsas - ok

14:27:16.0682 5152 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

14:27:16.0683 5152 AsyncMac - ok

14:27:16.0701 5152 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

14:27:16.0702 5152 atapi - ok

14:27:16.0775 5152 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

14:27:16.0808 5152 AudioEndpointBuilder - ok

14:27:16.0819 5152 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

14:27:16.0825 5152 AudioSrv - ok

14:27:16.0911 5152 Avgfwfd (96b4456f1dca4eda506ed31c7d2d6b05) C:\Windows\system32\DRIVERS\avgfwd6a.sys

14:27:16.0914 5152 Avgfwfd - ok

14:27:17.0190 5152 avgfws (5cd22eb540f82c70e33e530003f3903b) C:\Program Files (x86)\AVG\AVG2012\avgfws.exe

14:27:17.0210 5152 avgfws - ok

14:27:17.0689 5152 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

14:27:17.0714 5152 AVGIDSAgent - ok

14:27:18.0226 5152 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys

14:27:18.0230 5152 AVGIDSDriver - ok

14:27:18.0260 5152 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys

14:27:18.0262 5152 AVGIDSEH - ok

14:27:18.0275 5152 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys

14:27:18.0278 5152 AVGIDSFilter - ok

14:27:18.0318 5152 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys

14:27:18.0336 5152 Avgldx64 - ok

14:27:18.0349 5152 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys

14:27:18.0351 5152 Avgmfx64 - ok

14:27:18.0403 5152 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys

14:27:18.0405 5152 Avgrkx64 - ok

14:27:18.0454 5152 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys

14:27:18.0472 5152 Avgtdia - ok

14:27:18.0710 5152 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

14:27:18.0713 5152 avgwd - ok

14:27:18.0800 5152 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

14:27:18.0803 5152 AxInstSV - ok

14:27:18.0866 5152 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys

14:27:18.0888 5152 b06bdrv - ok

14:27:18.0941 5152 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

14:27:18.0961 5152 b57nd60a - ok

14:27:19.0045 5152 BBSvc (0d1ea7509f394d8b705b239ee71f5118) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE

14:27:19.0050 5152 BBSvc - ok

14:27:19.0287 5152 BCM43XX (5b5c36b2ec500462a715db6bcbaf5da7) C:\Windows\system32\DRIVERS\bcmwl664.sys

14:27:19.0400 5152 BCM43XX - ok

14:27:19.0766 5152 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

14:27:19.0770 5152 BDESVC - ok

14:27:19.0920 5152 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

14:27:19.0922 5152 Beep - ok

14:27:20.0075 5152 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll

14:27:20.0114 5152 BFE - ok

14:27:20.0174 5152 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll

14:27:20.0216 5152 BITS - ok

14:27:20.0417 5152 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

14:27:20.0420 5152 blbdrive - ok

14:27:20.0598 5152 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe

14:27:20.0602 5152 Bonjour Service - ok

14:27:20.0656 5152 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

14:27:20.0660 5152 bowser - ok

14:27:20.0704 5152 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys

14:27:20.0707 5152 BrFiltLo - ok

14:27:20.0712 5152 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys

14:27:20.0714 5152 BrFiltUp - ok

14:27:20.0754 5152 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

14:27:20.0758 5152 Browser - ok

14:27:20.0792 5152 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

14:27:20.0811 5152 Brserid - ok

14:27:20.0820 5152 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

14:27:20.0823 5152 BrSerWdm - ok

14:27:20.0829 5152 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

14:27:20.0831 5152 BrUsbMdm - ok

14:27:20.0838 5152 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

14:27:20.0840 5152 BrUsbSer - ok

14:27:20.0891 5152 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys

14:27:20.0894 5152 BthEnum - ok

14:27:20.0903 5152 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys

14:27:20.0906 5152 BTHMODEM - ok

14:27:20.0967 5152 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

14:27:20.0970 5152 BthPan - ok

14:27:21.0037 5152 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys

14:27:21.0059 5152 BTHPORT - ok

14:27:21.0104 5152 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

14:27:21.0107 5152 bthserv - ok

14:27:21.0142 5152 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys

14:27:21.0146 5152 BTHUSB - ok

14:27:21.0196 5152 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

14:27:21.0199 5152 cdfs - ok

14:27:21.0226 5152 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

14:27:21.0229 5152 cdrom - ok

14:27:21.0259 5152 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

14:27:21.0262 5152 CertPropSvc - ok

14:27:21.0534 5152 cfWiMAXService (41e7c4fa6491747402cfca77cc1c7aab) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe

14:27:21.0545 5152 cfWiMAXService - ok

14:27:21.0617 5152 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

14:27:21.0620 5152 circlass - ok

14:27:21.0663 5152 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

14:27:21.0680 5152 CLFS - ok

14:27:21.0838 5152 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

14:27:21.0842 5152 clr_optimization_v2.0.50727_32 - ok

14:27:21.0968 5152 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

14:27:21.0972 5152 clr_optimization_v2.0.50727_64 - ok

14:27:22.0182 5152 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

14:27:22.0196 5152 clr_optimization_v4.0.30319_32 - ok

14:27:22.0335 5152 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

14:27:22.0340 5152 clr_optimization_v4.0.30319_64 - ok

14:27:22.0387 5152 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

14:27:22.0390 5152 CmBatt - ok

14:27:22.0395 5152 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

14:27:22.0397 5152 cmdide - ok

14:27:22.0456 5152 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys

14:27:22.0470 5152 CNG - ok

14:27:22.0509 5152 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

14:27:22.0511 5152 Compbatt - ok

14:27:22.0533 5152 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys

14:27:22.0534 5152 CompositeBus - ok

14:27:22.0548 5152 COMSysApp - ok

14:27:22.0781 5152 ConfigFree Service (cab0eeaf5295fc96ddd3e19dce27e131) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe

14:27:22.0784 5152 ConfigFree Service - ok

14:27:22.0819 5152 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys

14:27:22.0822 5152 crcdisk - ok

14:27:22.0896 5152 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll

14:27:22.0900 5152 CryptSvc - ok

14:27:22.0983 5152 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

14:27:23.0007 5152 DcomLaunch - ok

14:27:23.0049 5152 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

14:27:23.0067 5152 defragsvc - ok

14:27:23.0090 5152 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

14:27:23.0094 5152 DfsC - ok

14:27:23.0132 5152 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

14:27:23.0152 5152 Dhcp - ok

14:27:23.0168 5152 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

14:27:23.0170 5152 discache - ok

14:27:23.0206 5152 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys

14:27:23.0209 5152 Disk - ok

14:27:23.0261 5152 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

14:27:23.0266 5152 Dnscache - ok

14:27:23.0327 5152 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

14:27:23.0339 5152 dot3svc - ok

14:27:23.0362 5152 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

14:27:23.0367 5152 DPS - ok

14:27:23.0397 5152 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

14:27:23.0399 5152 drmkaud - ok

14:27:23.0478 5152 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

14:27:23.0515 5152 DXGKrnl - ok

14:27:23.0538 5152 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

14:27:23.0542 5152 EapHost - ok

14:27:23.0747 5152 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys

14:27:23.0839 5152 ebdrv - ok

14:27:24.0157 5152 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

14:27:24.0161 5152 EFS - ok

14:27:24.0274 5152 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

14:27:24.0312 5152 ehRecvr - ok

14:27:24.0335 5152 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

14:27:24.0338 5152 ehSched - ok

14:27:24.0498 5152 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys

14:27:24.0522 5152 elxstor - ok

14:27:24.0600 5152 enecir (524c79054636d2e5751169005006460b) C:\Windows\system32\DRIVERS\enecir.sys

14:27:24.0603 5152 enecir - ok

14:27:24.0614 5152 enecirhid (e17eb95358f396e27d573a1b20f891f8) C:\Windows\system32\DRIVERS\enecirhid.sys

14:27:24.0616 5152 enecirhid - ok

14:27:24.0629 5152 enecirhidma (8492d808c79bd6fe439f77be84956cdf) C:\Windows\system32\DRIVERS\enecirhidma.sys

14:27:24.0632 5152 enecirhidma - ok

14:27:24.0637 5152 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

14:27:24.0639 5152 ErrDev - ok

14:27:24.0720 5152 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

14:27:24.0738 5152 EventSystem - ok

14:27:24.0770 5152 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

14:27:24.0783 5152 exfat - ok

14:27:24.0799 5152 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

14:27:24.0810 5152 fastfat - ok

14:27:24.0875 5152 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

14:27:24.0917 5152 Fax - ok

14:27:24.0940 5152 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys

14:27:24.0942 5152 fdc - ok

14:27:24.0959 5152 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

14:27:24.0962 5152 fdPHost - ok

14:27:24.0978 5152 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

14:27:24.0981 5152 FDResPub - ok

14:27:24.0992 5152 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

14:27:24.0995 5152 FileInfo - ok

14:27:25.0002 5152 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

14:27:25.0004 5152 Filetrace - ok

14:27:25.0178 5152 FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

14:27:25.0219 5152 FLEXnet Licensing Service - ok

14:27:25.0410 5152 FLEXnet Licensing Service 64 (1c3fb052a0bb72edaed90785c34d6eed) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe

14:27:25.0493 5152 FLEXnet Licensing Service 64 - ok

14:27:25.0903 5152 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys

14:27:25.0905 5152 flpydisk - ok

14:27:26.0030 5152 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

14:27:26.0049 5152 FltMgr - ok

14:27:26.0157 5152 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

14:27:26.0232 5152 FontCache - ok

14:27:26.0332 5152 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

14:27:26.0335 5152 FontCache3.0.0.0 - ok

14:27:26.0474 5152 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

14:27:26.0477 5152 FsDepends - ok

14:27:26.0535 5152 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys

14:27:26.0538 5152 fssfltr - ok

14:27:26.0756 5152 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

14:27:26.0826 5152 fsssvc - ok

14:27:27.0262 5152 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys

14:27:27.0265 5152 Fs_Rec - ok

14:27:27.0319 5152 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

14:27:27.0333 5152 fvevol - ok

14:27:27.0355 5152 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys

14:27:27.0358 5152 gagp30kx - ok

14:27:27.0433 5152 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

14:27:27.0436 5152 GEARAspiWDM - ok

14:27:27.0522 5152 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

14:27:27.0557 5152 gpsvc - ok

14:27:27.0577 5152 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

14:27:27.0580 5152 hcw85cir - ok

14:27:27.0633 5152 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

14:27:27.0651 5152 HdAudAddService - ok

14:27:27.0668 5152 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys

14:27:27.0670 5152 HDAudBus - ok

14:27:27.0749 5152 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys

14:27:27.0752 5152 HECIx64 - ok

14:27:27.0761 5152 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys

14:27:27.0764 5152 HidBatt - ok

14:27:27.0795 5152 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys

14:27:27.0812 5152 HidBth - ok

14:27:27.0862 5152 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

14:27:27.0881 5152 HidIr - ok

14:27:27.0910 5152 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

14:27:27.0913 5152 hidserv - ok

14:27:27.0942 5152 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

14:27:27.0944 5152 HidUsb - ok

14:27:27.0959 5152 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

14:27:27.0963 5152 hkmsvc - ok

14:27:27.0993 5152 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

14:27:28.0005 5152 HomeGroupListener - ok

14:27:28.0037 5152 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

14:27:28.0051 5152 HomeGroupProvider - ok

14:27:28.0076 5152 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

14:27:28.0080 5152 HpSAMD - ok

14:27:28.0204 5152 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

14:27:28.0230 5152 HTTP - ok

14:27:28.0250 5152 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

14:27:28.0251 5152 hwpolicy - ok

14:27:28.0282 5152 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

14:27:28.0285 5152 i8042prt - ok

14:27:28.0347 5152 iaStor (85977cd13fc16069ce0af7943a811775) C:\Windows\system32\DRIVERS\iaStor.sys

14:27:28.0353 5152 iaStor - ok

14:27:28.0436 5152 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

14:27:28.0455 5152 iaStorV - ok

14:27:28.0633 5152 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

14:27:28.0679 5152 idsvc - ok

14:27:28.0714 5152 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys

14:27:28.0716 5152 iirsp - ok

14:27:28.0788 5152 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

14:27:28.0812 5152 IKEEXT - ok

14:27:29.0027 5152 IntcAzAudAddService (490947a9aff7ca31ef2e08f5776105eb) C:\Windows\system32\drivers\RTKVHD64.sys

14:27:29.0090 5152 IntcAzAudAddService - ok

14:27:29.0505 5152 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

14:27:29.0508 5152 intelide - ok

14:27:29.0527 5152 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

14:27:29.0529 5152 intelppm - ok

14:27:29.0555 5152 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

14:27:29.0558 5152 IPBusEnum - ok

14:27:29.0571 5152 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

14:27:29.0574 5152 IpFilterDriver - ok

14:27:29.0615 5152 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll

14:27:29.0639 5152 iphlpsvc - ok

14:27:29.0655 5152 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

14:27:29.0673 5152 IPMIDRV - ok

14:27:29.0686 5152 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

14:27:29.0690 5152 IPNAT - ok

14:27:29.0920 5152 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe

14:27:29.0929 5152 iPod Service - ok

14:27:29.0975 5152 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

14:27:29.0977 5152 IRENUM - ok

14:27:29.0984 5152 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

14:27:29.0986 5152 isapnp - ok

14:27:30.0014 5152 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

14:27:30.0033 5152 iScsiPrt - ok

14:27:30.0114 5152 JMCR (25d602ae635a0443458fbed1a8b6e4e9) C:\Windows\system32\DRIVERS\jmcr.sys

14:27:30.0119 5152 JMCR - ok

14:27:30.0154 5152 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

14:27:30.0157 5152 kbdclass - ok

14:27:30.0199 5152 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys

14:27:30.0219 5152 kbdhid - ok

14:27:30.0253 5152 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

14:27:30.0257 5152 KeyIso - ok

14:27:30.0321 5152 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys

14:27:30.0323 5152 KSecDD - ok

14:27:30.0387 5152 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys

14:27:30.0389 5152 KSecPkg - ok

14:27:30.0442 5152 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

14:27:30.0445 5152 ksthunk - ok

14:27:30.0490 5152 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

14:27:30.0509 5152 KtmRm - ok

14:27:30.0559 5152 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll

14:27:30.0580 5152 LanmanServer - ok

14:27:30.0613 5152 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

14:27:30.0618 5152 LanmanWorkstation - ok

14:27:30.0676 5152 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

14:27:30.0679 5152 lltdio - ok

14:27:30.0729 5152 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

14:27:30.0749 5152 lltdsvc - ok

14:27:30.0756 5152 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

14:27:30.0760 5152 lmhosts - ok

14:27:30.0837 5152 LPCFilter (41e122f6d1448c94cc05196bc41d6bfb) C:\Windows\system32\DRIVERS\LPCFilter.sys

14:27:30.0840 5152 LPCFilter - ok

14:27:30.0879 5152 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys

14:27:30.0883 5152 LSI_FC - ok

14:27:30.0912 5152 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys

14:27:30.0915 5152 LSI_SAS - ok

14:27:30.0930 5152 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys

14:27:30.0933 5152 LSI_SAS2 - ok

14:27:30.0950 5152 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys

14:27:30.0952 5152 LSI_SCSI - ok

14:27:30.0987 5152 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

14:27:31.0005 5152 luafv - ok

14:27:31.0092 5152 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys

14:27:31.0093 5152 MBAMProtector - ok

14:27:31.0264 5152 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

14:27:31.0288 5152 MBAMService - ok

14:27:31.0341 5152 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

14:27:31.0346 5152 Mcx2Svc - ok

14:27:31.0370 5152 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys

14:27:31.0374 5152 megasas - ok

14:27:31.0417 5152 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys

14:27:31.0432 5152 MegaSR - ok

14:27:31.0635 5152 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe

14:27:31.0639 5152 Microsoft Office Groove Audit Service - ok

14:27:31.0690 5152 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

14:27:31.0694 5152 MMCSS - ok

14:27:31.0800 5152 mod7700 (551d2ab26007aaeaa246872501ac8c17) C:\Windows\system32\Drivers\dvb7700all.sys

14:27:31.0829 5152 mod7700 - ok

14:27:31.0862 5152 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

14:27:31.0866 5152 Modem - ok

14:27:31.0874 5152 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

14:27:31.0875 5152 monitor - ok

14:27:31.0885 5152 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

14:27:31.0887 5152 mouclass - ok

14:27:31.0902 5152 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

14:27:31.0905 5152 mouhid - ok

14:27:31.0926 5152 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

14:27:31.0943 5152 mountmgr - ok

14:27:32.0136 5152 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

14:27:32.0141 5152 MozillaMaintenance - ok

14:27:32.0275 5152 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys

14:27:32.0280 5152 MpFilter - ok

14:27:32.0317 5152 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

14:27:32.0322 5152 mpio - ok

14:27:32.0339 5152 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

14:27:32.0342 5152 mpsdrv - ok

14:27:32.0402 5152 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll

14:27:32.0436 5152 MpsSvc - ok

14:27:32.0455 5152 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

14:27:32.0459 5152 MRxDAV - ok

14:27:32.0532 5152 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

14:27:32.0538 5152 mrxsmb - ok

14:27:32.0573 5152 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

14:27:32.0595 5152 mrxsmb10 - ok

14:27:32.0619 5152 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

14:27:32.0623 5152 mrxsmb20 - ok

14:27:32.0666 5152 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

14:27:32.0669 5152 msahci - ok

14:27:32.0693 5152 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

14:27:32.0714 5152 msdsm - ok

14:27:32.0744 5152 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

14:27:32.0749 5152 MSDTC - ok

14:27:32.0763 5152 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

14:27:32.0765 5152 Msfs - ok

14:27:32.0772 5152 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

14:27:32.0774 5152 mshidkmdf - ok

14:27:32.0780 5152 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

14:27:32.0782 5152 msisadrv - ok

14:27:32.0813 5152 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

14:27:32.0817 5152 MSiSCSI - ok

14:27:32.0821 5152 msiserver - ok

14:27:32.0852 5152 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

14:27:32.0855 5152 MSKSSRV - ok

14:27:33.0051 5152 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe

14:27:33.0053 5152 MsMpSvc - ok

14:27:33.0071 5152 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

14:27:33.0073 5152 MSPCLOCK - ok

14:27:33.0092 5152 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

14:27:33.0094 5152 MSPQM - ok

14:27:33.0131 5152 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

14:27:33.0150 5152 MsRPC - ok

14:27:33.0161 5152 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

14:27:33.0162 5152 mssmbios - ok

14:27:33.0167 5152 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

14:27:33.0169 5152 MSTEE - ok

14:27:33.0175 5152 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys

14:27:33.0177 5152 MTConfig - ok

14:27:33.0185 5152 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

14:27:33.0187 5152 Mup - ok

14:27:33.0231 5152 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

14:27:33.0250 5152 napagent - ok

14:27:33.0290 5152 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

14:27:33.0312 5152 NativeWifiP - ok

14:27:33.0393 5152 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

14:27:33.0422 5152 NDIS - ok

14:27:33.0446 5152 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

14:27:33.0448 5152 NdisCap - ok

14:27:33.0458 5152 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

14:27:33.0460 5152 NdisTapi - ok

14:27:33.0473 5152 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

14:27:33.0475 5152 Ndisuio - ok

14:27:33.0493 5152 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

14:27:33.0496 5152 NdisWan - ok

14:27:33.0505 5152 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

14:27:33.0507 5152 NDProxy - ok

14:27:33.0514 5152 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

14:27:33.0516 5152 NetBIOS - ok

14:27:33.0569 5152 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

14:27:33.0575 5152 NetBT - ok

14:27:33.0610 5152 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

14:27:33.0612 5152 Netlogon - ok

14:27:33.0677 5152 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

14:27:33.0695 5152 Netman - ok

14:27:33.0728 5152 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

14:27:33.0741 5152 netprofm - ok

14:27:33.0860 5152 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

14:27:33.0864 5152 NetTcpPortSharing - ok

14:27:33.0938 5152 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys

14:27:33.0942 5152 nfrd960 - ok

14:27:33.0981 5152 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys

14:27:33.0984 5152 NisDrv - ok

14:27:34.0178 5152 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe

14:27:34.0200 5152 NisSrv - ok

14:27:34.0258 5152 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

14:27:34.0279 5152 NlaSvc - ok

14:27:34.0291 5152 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

14:27:34.0294 5152 Npfs - ok

14:27:34.0308 5152 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

14:27:34.0312 5152 nsi - ok

14:27:34.0326 5152 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

14:27:34.0327 5152 nsiproxy - ok

14:27:34.0464 5152 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

14:27:34.0512 5152 Ntfs - ok

14:27:34.0925 5152 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

14:27:34.0927 5152 Null - ok

14:27:35.0021 5152 NVHDA (102806b360d0e6bc6e55bf47ef655d43) C:\Windows\system32\drivers\nvhda64v.sys

14:27:35.0026 5152 NVHDA - ok

14:27:35.0914 5152 nvlddmkm (ba0b4889c40380a01ecdf84c227a89c9) C:\Windows\system32\DRIVERS\nvlddmkm.sys

14:27:36.0263 5152 nvlddmkm - ok

14:27:36.0687 5152 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

14:27:36.0692 5152 nvraid - ok

14:27:36.0751 5152 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

14:27:36.0755 5152 nvstor - ok

14:27:36.0887 5152 nvsvc (06633cf95bea62164c3bfca24bce6b11) C:\Windows\system32\nvvsvc.exe

14:27:36.0955 5152 nvsvc - ok

14:27:37.0008 5152 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

14:27:37.0011 5152 nv_agp - ok

14:27:37.0243 5152 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

14:27:37.0264 5152 odserv - ok

14:27:37.0311 5152 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

14:27:37.0314 5152 ohci1394 - ok

14:27:37.0398 5152 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

14:27:37.0402 5152 ose - ok

14:27:37.0455 5152 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

14:27:37.0474 5152 p2pimsvc - ok

14:27:37.0537 5152 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

14:27:37.0559 5152 p2psvc - ok

14:27:37.0591 5152 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys

14:27:37.0595 5152 Parport - ok

14:27:37.0630 5152 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys

14:27:37.0634 5152 partmgr - ok

14:27:37.0656 5152 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

14:27:37.0663 5152 PcaSvc - ok

14:27:37.0688 5152 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

14:27:37.0692 5152 pci - ok

14:27:37.0705 5152 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

14:27:37.0726 5152 pciide - ok

14:27:37.0746 5152 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys

14:27:37.0752 5152 pcmcia - ok

14:27:37.0763 5152 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

14:27:37.0765 5152 pcw - ok

14:27:37.0832 5152 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

14:27:37.0843 5152 PEAUTH - ok

14:27:38.0092 5152 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

14:27:38.0095 5152 PerfHost - ok

14:27:38.0177 5152 PGEffect (663962900e7fea522126ba287715bb4a) C:\Windows\system32\DRIVERS\pgeffect.sys

14:27:38.0180 5152 PGEffect - ok

14:27:38.0301 5152 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

14:27:38.0337 5152 pla - ok

14:27:38.0403 5152 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

14:27:38.0421 5152 PlugPlay - ok

14:27:38.0447 5152 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

14:27:38.0450 5152 PNRPAutoReg - ok

14:27:38.0483 5152 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

14:27:38.0487 5152 PNRPsvc - ok

14:27:38.0695 5152 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys

14:27:38.0698 5152 Point64 - ok

14:27:38.0762 5152 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

14:27:38.0788 5152 PolicyAgent - ok

14:27:38.0822 5152 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

14:27:38.0828 5152 Power - ok

14:27:38.0866 5152 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

14:27:38.0870 5152 PptpMiniport - ok

14:27:38.0890 5152 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys

14:27:38.0893 5152 Processor - ok

14:27:38.0953 5152 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll

14:27:38.0966 5152 ProfSvc - ok

14:27:39.0013 5152 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

14:27:39.0016 5152 ProtectedStorage - ok

14:27:39.0066 5152 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

14:27:39.0069 5152 Psched - ok

14:27:39.0244 5152 PSI_SVC_2 (543a4ef0923bf70d126625b034ef25af) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

14:27:39.0249 5152 PSI_SVC_2 - ok

14:27:39.0320 5152 PxHlpa64 (a6bf0a9b5a30d743623ca0d3be35df05) C:\Windows\system32\Drivers\PxHlpa64.sys

14:27:39.0325 5152 PxHlpa64 - ok

14:27:39.0447 5152 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys

14:27:39.0509 5152 ql2300 - ok

14:27:39.0913 5152 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys

14:27:39.0917 5152 ql40xx - ok

14:27:39.0953 5152 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

14:27:39.0966 5152 QWAVE - ok

14:27:39.0976 5152 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

14:27:39.0979 5152 QWAVEdrv - ok

14:27:39.0984 5152 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

14:27:39.0986 5152 RasAcd - ok

14:27:40.0021 5152 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

14:27:40.0024 5152 RasAgileVpn - ok

14:27:40.0043 5152 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

14:27:40.0048 5152 RasAuto - ok

14:27:40.0071 5152 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

14:27:40.0076 5152 Rasl2tp - ok

14:27:40.0122 5152 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

14:27:40.0140 5152 RasMan - ok

14:27:40.0155 5152 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

14:27:40.0157 5152 RasPppoe - ok

14:27:40.0170 5152 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

14:27:40.0174 5152 RasSstp - ok

14:27:40.0214 5152 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

14:27:40.0232 5152 rdbss - ok

14:27:40.0239 5152 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys

14:27:40.0242 5152 rdpbus - ok

14:27:40.0247 5152 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

14:27:40.0247 5152 RDPCDD - ok

14:27:40.0258 5152 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

14:27:40.0259 5152 RDPENCDD - ok

14:27:40.0269 5152 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

14:27:40.0270 5152 RDPREFMP - ok

14:27:40.0344 5152 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys

14:27:40.0350 5152 RDPWD - ok

14:27:40.0402 5152 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

14:27:40.0407 5152 rdyboost - ok

14:27:40.0433 5152 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

14:27:40.0437 5152 RemoteAccess - ok

14:27:40.0480 5152 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

14:27:40.0495 5152 RemoteRegistry - ok

14:27:40.0555 5152 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

14:27:40.0560 5152 RFCOMM - ok

14:27:40.0605 5152 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

14:27:40.0609 5152 RpcEptMapper - ok

14:27:40.0634 5152 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

14:27:40.0638 5152 RpcLocator - ok

14:27:40.0679 5152 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

14:27:40.0685 5152 RpcSs - ok

14:27:40.0722 5152 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

14:27:40.0725 5152 rspndr - ok

14:27:40.0792 5152 RTL8167 (ba3e57c89e6f63808d3f2b11e1a2ad3c) C:\Windows\system32\DRIVERS\Rt64win7.sys

14:27:40.0813 5152 RTL8167 - ok

14:27:40.0851 5152 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

14:27:40.0853 5152 SamSs - ok

14:27:40.0891 5152 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

14:27:40.0895 5152 sbp2port - ok

14:27:40.0930 5152 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

14:27:40.0945 5152 SCardSvr - ok

14:27:40.0963 5152 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

14:27:40.0966 5152 scfilter - ok

14:27:41.0044 5152 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

14:27:41.0093 5152 Schedule - ok

14:27:41.0111 5152 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

14:27:41.0114 5152 SCPolicySvc - ok

14:27:41.0144 5152 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys

14:27:41.0147 5152 sdbus - ok

14:27:41.0170 5152 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

14:27:41.0185 5152 SDRSVC - ok

14:27:41.0362 5152 SeaPort (78779ee07231c658b483b1f38b5088df) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

14:27:41.0380 5152 SeaPort - ok

14:27:41.0421 5152 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

14:27:41.0424 5152 secdrv - ok

14:27:41.0446 5152 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

14:27:41.0450 5152 seclogon - ok

14:27:41.0477 5152 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

14:27:41.0481 5152 SENS - ok

14:27:41.0497 5152 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

14:27:41.0500 5152 SensrSvc - ok

14:27:41.0509 5152 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys

14:27:41.0511 5152 Serenum - ok

14:27:41.0536 5152 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys

14:27:41.0556 5152 Serial - ok

14:27:41.0577 5152 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys

14:27:41.0579 5152 sermouse - ok

14:27:41.0614 5152 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

14:27:41.0618 5152 SessionEnv - ok

14:27:41.0624 5152 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

14:27:41.0626 5152 sffdisk - ok

14:27:41.0630 5152 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

14:27:41.0632 5152 sffp_mmc - ok

14:27:41.0637 5152 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

14:27:41.0639 5152 sffp_sd - ok

14:27:41.0644 5152 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys

14:27:41.0646 5152 sfloppy - ok

14:27:41.0682 5152 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

14:27:41.0687 5152 SharedAccess - ok

14:27:41.0719 5152 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

14:27:41.0738 5152 ShellHWDetection - ok

14:27:41.0781 5152 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys

14:27:41.0784 5152 SiSRaid2 - ok

14:27:41.0798 5152 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys

14:27:41.0801 5152 SiSRaid4 - ok

14:27:41.0961 5152 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe

14:27:41.0966 5152 SkypeUpdate - ok

14:27:42.0019 5152 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

14:27:42.0022 5152 Smb - ok

14:27:42.0059 5152 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

14:27:42.0062 5152 SNMPTRAP - ok

14:27:42.0073 5152 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

14:27:42.0075 5152 spldr - ok

14:27:42.0125 5152 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

14:27:42.0147 5152 Spooler - ok

14:27:42.0461 5152 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

14:27:42.0563 5152 sppsvc - ok

14:27:42.0891 5152 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

14:27:42.0896 5152 sppuinotify - ok

14:27:43.0053 5152 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

14:27:43.0077 5152 srv - ok

14:27:43.0108 5152 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

14:27:43.0126 5152 srv2 - ok

14:27:43.0150 5152 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

14:27:43.0154 5152 srvnet - ok

14:27:43.0217 5152 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

14:27:43.0230 5152 SSDPSRV - ok

14:27:43.0244 5152 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

14:27:43.0249 5152 SstpSvc - ok

14:27:43.0272 5152 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys

14:27:43.0274 5152 stexstor - ok

14:27:43.0330 5152 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

14:27:43.0353 5152 stisvc - ok

14:27:43.0364 5152 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

14:27:43.0366 5152 swenum - ok

14:27:43.0417 5152 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

14:27:43.0442 5152 swprv - ok

14:27:43.0527 5152 SynTP (470c47daba9ca3966f0ab3f835d7d135) C:\Windows\system32\DRIVERS\SynTP.sys

14:27:43.0548 5152 SynTP - ok

14:27:43.0682 5152 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

14:27:43.0736 5152 SysMain - ok

14:27:44.0027 5152 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

14:27:44.0032 5152 TabletInputService - ok

14:27:44.0070 5152 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

14:27:44.0090 5152 TapiSrv - ok

14:27:44.0107 5152 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

14:27:44.0111 5152 TBS - ok

14:27:44.0383 5152 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys

14:27:44.0435 5152 Tcpip - ok

14:27:44.0977 5152 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys

14:27:44.0992 5152 TCPIP6 - ok

14:27:45.0405 5152 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

14:27:45.0408 5152 tcpipreg - ok

14:27:45.0416 5152 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

14:27:45.0418 5152 TDPIPE - ok

14:27:45.0461 5152 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

14:27:45.0463 5152 TDTCP - ok

14:27:45.0504 5152 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

14:27:45.0508 5152 tdx - ok

14:27:45.0566 5152 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys

14:27:45.0584 5152 TermDD - ok

14:27:45.0648 5152 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

14:27:45.0710 5152 TermService - ok

14:27:45.0730 5152 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

14:27:45.0735 5152 Themes - ok

14:27:45.0780 5152 Thpdrv (c013f6acaa9761f571bd28dada7c157d) C:\Windows\system32\DRIVERS\thpdrv.sys

14:27:45.0783 5152 Thpdrv - ok

14:27:45.0797 5152 Thpevm (b4e609047434ed948af7bdef2fa66e38) C:\Windows\system32\DRIVERS\Thpevm.SYS

14:27:45.0799 5152 Thpevm - ok

14:27:45.0847 5152 Thpsrv (f6927bba3b09aff26a53a9191f7378f9) C:\Windows\system32\ThpSrv.exe

14:27:45.0871 5152 Thpsrv - ok

14:27:45.0908 5152 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

14:27:45.0912 5152 THREADORDER - ok

14:27:46.0158 5152 TMachInfo (f120967184a27e927052e8ddbb727851) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

14:27:46.0161 5152 TMachInfo - ok

14:27:46.0304 5152 TosCoSrv (98c864481d62f86ec8af65be3419a95b) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

14:27:46.0328 5152 TosCoSrv - ok

14:27:46.0492 5152 TOSHIBA Bluetooth Service (8f099be5db17d025e19652851399b9f1) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

14:27:46.0506 5152 TOSHIBA Bluetooth Service - ok

14:27:46.0642 5152 TOSHIBA eco Utility Service (2ab7a4697462edb0c9dfafc529746ba9) C:\Program Files\TOSHIBA\TECO\TecoService.exe

14:27:46.0645 5152 TOSHIBA eco Utility Service - ok

14:27:46.0747 5152 TOSHIBA HDD SSD Alert Service (74c2fa8c3765ee71a9c22182ec108457) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

14:27:46.0771 5152 TOSHIBA HDD SSD Alert Service - ok

14:27:46.0911 5152 tosporte (8021f63311797085949fa387f7c83583) C:\Windows\system32\DRIVERS\tosporte.sys

14:27:46.0914 5152 tosporte - ok

14:27:46.0952 5152 tosrfbd (3fa1857f4a99af19d1f4106697793e0e) C:\Windows\system32\DRIVERS\tosrfbd.sys

14:27:46.0964 5152 tosrfbd - ok

14:27:46.0976 5152 tosrfbnp (62512b5277d88600f8bd4b7aec43569d) C:\Windows\system32\Drivers\tosrfbnp.sys

14:27:46.0978 5152 tosrfbnp - ok

14:27:47.0002 5152 Tosrfcom (c523a9186c39d65cc9adebb2e1b93ccd) C:\Windows\system32\Drivers\tosrfcom.sys

14:27:47.0005 5152 Tosrfcom - ok

14:27:47.0010 5152 tosrfec (f5e3ac4cbcd154ee80849b21887fd0b0) C:\Windows\system32\DRIVERS\tosrfec.sys

14:27:47.0012 5152 tosrfec - ok

14:27:47.0024 5152 Tosrfhid (451b8c1815c6cc39650af916c2a382cd) C:\Windows\system32\DRIVERS\Tosrfhid.sys

14:27:47.0026 5152 Tosrfhid - ok

14:27:47.0043 5152 tosrfnds (b6fdc3c76ffe9c5171eea9c37ea367c2) C:\Windows\system32\DRIVERS\tosrfnds.sys

14:27:47.0046 5152 tosrfnds - ok

14:27:47.0059 5152 TosRfSnd (7052b10e54b48af12bd5606596a8e039) C:\Windows\system32\drivers\tosrfsnd.sys

14:27:47.0062 5152 TosRfSnd - ok

14:27:47.0078 5152 Tosrfusb (8197b0eae0d804ac3466045ddc5da98b) C:\Windows\system32\DRIVERS\tosrfusb.sys

14:27:47.0080 5152 Tosrfusb - ok

14:27:47.0189 5152 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\Windows\system32\DRIVERS\tos_sps64.sys

14:27:47.0211 5152 tos_sps64 - ok

14:27:47.0441 5152 TPCHSrv (97687d094aa597da366e1194b218cc6c) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

14:27:47.0448 5152 TPCHSrv - ok

14:27:47.0765 5152 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

14:27:47.0771 5152 TrkWks - ok

14:27:47.0819 5152 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

14:27:47.0823 5152 TrustedInstaller - ok

14:27:47.0942 5152 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

14:27:47.0946 5152 tssecsrv - ok

14:27:47.0971 5152 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

14:27:47.0974 5152 TsUsbFlt - ok

14:27:47.0982 5152 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys

14:27:47.0984 5152 TsUsbGD - ok

14:27:48.0020 5152 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

14:27:48.0023 5152 tunnel - ok

14:27:48.0086 5152 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\Windows\system32\DRIVERS\TVALZ_O.SYS

14:27:48.0089 5152 TVALZ - ok

14:27:48.0137 5152 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\Windows\system32\DRIVERS\TVALZFL.sys

14:27:48.0140 5152 TVALZFL - ok

14:27:48.0179 5152 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys

14:27:48.0200 5152 uagp35 - ok

14:27:48.0226 5152 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

14:27:48.0242 5152 udfs - ok

14:27:48.0283 5152 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

14:27:48.0288 5152 UI0Detect - ok

14:27:48.0302 5152 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

14:27:48.0305 5152 uliagpkx - ok

14:27:48.0330 5152 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys

14:27:48.0333 5152 umbus - ok

14:27:48.0341 5152 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys

14:27:48.0343 5152 UmPass - ok

14:27:48.0379 5152 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

14:27:48.0398 5152 upnphost - ok

14:27:48.0472 5152 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys

14:27:48.0475 5152 USBAAPL64 - ok

14:27:48.0525 5152 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

14:27:48.0529 5152 usbccgp - ok

14:27:48.0573 5152 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

14:27:48.0578 5152 usbcir - ok

14:27:48.0599 5152 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys

14:27:48.0603 5152 usbehci - ok

14:27:48.0648 5152 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

14:27:48.0666 5152 usbhub - ok

14:27:48.0683 5152 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

14:27:48.0686 5152 usbohci - ok

14:27:48.0758 5152 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

14:27:48.0761 5152 usbprint - ok

14:27:48.0784 5152 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

14:27:48.0788 5152 USBSTOR - ok

14:27:48.0796 5152 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

14:27:48.0798 5152 usbuhci - ok

14:27:48.0839 5152 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys

14:27:48.0853 5152 usbvideo - ok

14:27:48.0880 5152 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

14:27:48.0884 5152 UxSms - ok

14:27:48.0918 5152 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

14:27:48.0919 5152 VaultSvc - ok

14:27:48.0972 5152 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

14:27:48.0976 5152 vdrvroot - ok

14:27:49.0032 5152 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

14:27:49.0078 5152 vds - ok

14:27:49.0088 5152 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

14:27:49.0090 5152 vga - ok

14:27:49.0098 5152 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

14:27:49.0100 5152 VgaSave - ok

14:27:49.0128 5152 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

14:27:49.0143 5152 vhdmp - ok

14:27:49.0149 5152 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

14:27:49.0151 5152 viaide - ok

14:27:49.0162 5152 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

14:27:49.0164 5152 volmgr - ok

14:27:49.0207 5152 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

14:27:49.0224 5152 volmgrx - ok

14:27:49.0247 5152 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

14:27:49.0264 5152 volsnap - ok

14:27:49.0304 5152 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys

14:27:49.0308 5152 vsmraid - ok

14:27:49.0421 5152 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

14:27:49.0471 5152 VSS - ok

14:27:49.0862 5152 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

14:27:49.0865 5152 vwifibus - ok

14:27:49.0876 5152 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

14:27:49.0878 5152 vwififlt - ok

14:27:49.0925 5152 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

14:27:49.0943 5152 W32Time - ok

14:27:49.0954 5152 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys

14:27:49.0957 5152 WacomPen - ok

14:27:49.0989 5152 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

14:27:49.0992 5152 WANARP - ok

14:27:50.0007 5152 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

14:27:50.0008 5152 Wanarpv6 - ok

14:27:50.0138 5152 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

14:27:50.0181 5152 WatAdminSvc - ok

14:27:50.0466 5152 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

14:27:50.0509 5152 wbengine - ok

14:27:50.0808 5152 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

14:27:50.0823 5152 WbioSrvc - ok

14:27:50.0852 5152 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

14:27:50.0862 5152 wcncsvc - ok

14:27:50.0878 5152 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

14:27:50.0883 5152 WcsPlugInService - ok

14:27:51.0011 5152 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys

14:27:51.0014 5152 Wd - ok

14:27:51.0098 5152 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

14:27:51.0123 5152 Wdf01000 - ok

14:27:51.0153 5152 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

14:27:51.0158 5152 WdiServiceHost - ok

14:27:51.0162 5152 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

14:27:51.0165 5152 WdiSystemHost - ok

14:27:51.0190 5152 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

14:27:51.0209 5152 WebClient - ok

14:27:51.0238 5152 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

14:27:51.0252 5152 Wecsvc - ok

14:27:51.0274 5152 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

14:27:51.0278 5152 wercplsupport - ok

14:27:51.0294 5152 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

14:27:51.0300 5152 WerSvc - ok

14:27:51.0439 5152 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

14:27:51.0443 5152 WfpLwf - ok

14:27:51.0450 5152 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

14:27:51.0452 5152 WIMMount - ok

14:27:51.0527 5152 WinDefend - ok

14:27:51.0537 5152 WinHttpAutoProxySvc - ok

14:27:51.0673 5152 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

14:27:51.0684 5152 Winmgmt - ok

14:27:51.0834 5152 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

14:27:51.0887 5152 WinRM - ok

14:27:52.0352 5152 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

14:27:52.0355 5152 WinUsb - ok

14:27:52.0445 5152 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

14:27:52.0478 5152 Wlansvc - ok

14:27:52.0606 5152 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

14:27:52.0609 5152 wlcrasvc - ok

14:27:52.0823 5152 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

14:27:52.0898 5152 wlidsvc - ok

14:27:53.0311 5152 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

14:27:53.0313 5152 WmiAcpi - ok

14:27:53.0444 5152 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

14:27:53.0455 5152 wmiApSrv - ok

14:27:53.0522 5152 WMPNetworkSvc - ok

14:27:53.0566 5152 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

14:27:53.0571 5152 WPCSvc - ok

14:27:53.0588 5152 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

14:27:53.0592 5152 WPDBusEnum - ok

14:27:53.0619 5152 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

14:27:53.0622 5152 ws2ifsl - ok

14:27:53.0637 5152 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll

14:27:53.0642 5152 wscsvc - ok

14:27:53.0647 5152 WSearch - ok

14:27:53.0832 5152 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll

14:27:53.0943 5152 wuauserv - ok

14:27:54.0335 5152 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

14:27:54.0338 5152 WudfPf - ok

14:27:54.0385 5152 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

14:27:54.0389 5152 WUDFRd - ok

14:27:54.0428 5152 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

14:27:54.0433 5152 wudfsvc - ok

14:27:54.0459 5152 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

14:27:54.0472 5152 WwanSvc - ok

14:27:54.0536 5152 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

14:27:54.0827 5152 \Device\Harddisk0\DR0 - ok

14:27:54.0843 5152 Boot (0x1200) (dc14873f50bdfd84089d6c3276678c3e) \Device\Harddisk0\DR0\Partition0

14:27:54.0846 5152 \Device\Harddisk0\DR0\Partition0 - ok

14:27:54.0858 5152 Boot (0x1200) (3099255c8f80232b9785a4ac56e09a80) \Device\Harddisk0\DR0\Partition1

14:27:54.0861 5152 \Device\Harddisk0\DR0\Partition1 - ok

14:27:54.0862 5152 ============================================================

14:27:54.0862 5152 Scan finished

14:27:54.0862 5152 ============================================================

14:27:54.0879 3992 Detected object count: 0

14:27:54.0880 3992 Actual detected object count: 0

Link to post
Share on other sites

RogueKiller V7.6.5 [08/03/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User: User [Admin rights]

Mode: Scan -- Date: 08/07/2012 22:01:34

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 2 ¤¤¤

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST9500325AS +++++

--- User ---

[MBR] cf24b1d48d540a316aa52863d09dcb56

[bSP] 814cb23060c394275cf1c5408872d955 : Windows 7 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

Link to post
Share on other sites

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Give it at least 30-45 minutes to finish if needed.

Please include the C:\ComboFix.txt in your next reply for further review.

---------->NOTE<----------

If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

MrC

Link to post
Share on other sites

ComboFix 12-08-07.02 - User 07/08/2012 22:39:10.1.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.3955.1878 [GMT 10:00]

Running from: c:\users\User\Desktop\ComboFix.exe

AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}

FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}

SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((( Files Created from 2012-07-07 to 2012-08-07 )))))))))))))))))))))))))))))))

.

.

2012-08-07 12:45 . 2012-08-07 12:45 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-08-07 12:35 . 2012-08-07 12:35 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0AA5427F-5F29-43E0-82E5-AA63BCFAED25}\offreg.dll

2012-08-06 05:02 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0AA5427F-5F29-43E0-82E5-AA63BCFAED25}\mpengine.dll

2012-08-06 01:48 . 2012-08-06 01:48 -------- d-----w- c:\users\User\AppData\Local\Macromedia

2012-08-06 00:36 . 2012-08-06 00:36 -------- d-----w- c:\users\User\AppData\Local\Mozilla

2012-08-06 00:36 . 2012-08-06 00:36 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service

2012-08-05 01:52 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-07-18 22:53 . 2012-07-18 22:53 -------- d-----w- C:\PFiles

2012-07-11 17:10 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-06 01:44 . 2012-05-29 11:58 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-08-06 01:44 . 2012-03-11 23:34 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-07-11 17:04 . 2012-03-10 04:04 59701280 ----a-w- c:\windows\system32\MRT.exe

2012-07-03 03:46 . 2012-06-14 01:38 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-06-02 22:19 . 2012-06-09 01:24 38424 ----a-w- c:\windows\system32\wups.dll

2012-06-02 22:19 . 2012-06-09 01:24 2428952 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 22:19 . 2012-06-09 01:24 57880 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 22:19 . 2012-06-09 01:24 44056 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 22:19 . 2012-06-09 01:24 701976 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 22:15 . 2012-06-09 01:24 2622464 ----a-w- c:\windows\system32\wucltux.dll

2012-06-02 22:15 . 2012-06-09 01:24 99840 ----a-w- c:\windows\system32\wudriver.dll

2012-06-02 05:19 . 2012-06-09 01:23 186752 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-02 05:15 . 2012-06-09 01:23 36864 ----a-w- c:\windows\system32\wuapp.exe

2012-05-15 10:48 . 2012-06-10 01:37 8105280 ----a-w- c:\windows\SysWow64\nvwgf2um.dll

2012-05-15 10:48 . 2012-06-10 01:37 25743168 ----a-w- c:\windows\system32\nvoglv64.dll

2012-05-15 10:48 . 2012-06-10 01:37 19607872 ----a-w- c:\windows\SysWow64\nvoglv32.dll

2012-05-15 10:48 . 2012-06-10 01:37 1468224 ----a-w- c:\windows\system32\nvgenco64.dll

2012-05-15 10:48 . 2012-06-10 01:37 14298944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys

2012-05-15 10:48 . 2012-06-10 01:37 18044224 ----a-w- c:\windows\system32\nvd3dumx.dll

2012-05-15 10:48 . 2012-06-10 01:37 1738048 ----a-w- c:\windows\system32\nvdispco64.dll

2012-05-15 10:48 . 2012-06-10 01:37 8139072 ----a-w- c:\windows\system32\nvcuda.dll

2012-05-15 10:48 . 2012-06-10 01:37 5982528 ----a-w- c:\windows\SysWow64\nvcuda.dll

2012-05-15 10:48 . 2012-06-10 01:37 2881856 ----a-w- c:\windows\system32\nvcuvenc.dll

2012-05-15 10:48 . 2012-06-10 01:37 2681664 ----a-w- c:\windows\system32\nvcuvid.dll

2012-05-15 10:48 . 2012-06-10 01:37 2524992 ----a-w- c:\windows\SysWow64\nvcuvid.dll

2012-05-15 10:48 . 2012-06-10 01:37 2445120 ----a-w- c:\windows\SysWow64\nvcuvenc.dll

2012-05-15 10:48 . 2012-06-10 01:37 25248064 ----a-w- c:\windows\system32\nvcompiler.dll

2012-05-15 10:48 . 2012-06-10 01:37 2368832 ----a-w- c:\windows\SysWow64\nvapi.dll

2012-05-15 10:48 . 2012-06-10 01:37 17551680 ----a-w- c:\windows\SysWow64\nvcompiler.dll

2012-05-15 10:48 . 2010-12-17 03:10 68928 ----a-w- c:\windows\system32\OpenCL.dll

2012-05-15 10:48 . 2010-12-17 03:10 61248 ----a-w- c:\windows\SysWow64\OpenCL.dll

2012-05-15 10:48 . 2010-12-17 03:10 2741568 ----a-w- c:\windows\system32\nvapi64.dll

2012-05-15 10:48 . 2010-12-17 03:10 15322432 ----a-w- c:\windows\SysWow64\nvd3dum.dll

2012-05-15 10:48 . 2010-12-17 03:10 10194752 ----a-w- c:\windows\system32\nvwgf2umx.dll

2012-05-15 09:29 . 2010-12-16 12:12 889664 ----a-w- c:\windows\system32\nvvsvc.exe

2012-05-15 09:29 . 2010-12-16 12:12 118080 ----a-w- c:\windows\system32\nvmctray.dll

2012-05-15 09:29 . 2010-12-16 12:12 63296 ----a-w- c:\windows\system32\nvshext.dll

2012-05-15 09:29 . 2010-12-16 12:12 2561856 ----a-w- c:\windows\system32\nvsvcr.dll

2012-05-15 09:29 . 2010-12-16 12:12 3149632 ----a-w- c:\windows\system32\nvsvc64.dll

2012-05-15 09:28 . 2010-12-16 12:12 6151488 ----a-w- c:\windows\system32\nvcpl.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"ITSecMng"="c:\program files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2009-07-22 83336]

"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2011-02-11 1295736]

"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-23 2454840]

"TRCMan"="c:\program files (x86)\TOSHIBA\TRCMan\TRCMan.exe" [2009-07-21 701752]

"SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2010-02-22 352256]

"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2010-03-04 423936]

"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2009-12-25 34160]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]

"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-13 611712]

"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Bluetooth Manager.lnk - c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2010-6-28 2721184]

Bluetooth Monitor.lnk - c:\program files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe [2012-3-10 91464]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

R2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2012\avgfws.exe [2011-11-22 2391832]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-11 4433248]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-28 158856]

R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560]

R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-03-13 1038088]

R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2011-05-25 174680]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-14 113120]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688]

R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-10 1255736]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-10 26704]

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2011-09-12 37456]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2012-03-13 52856]

S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys [2009-06-28 34880]

S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS [2009-06-29 14784]

S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [2010-05-08 482384]

S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [2011-05-22 48992]

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2011-10-06 283728]

S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-08-07 46672]

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2011-07-10 375376]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]

S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-01 192776]

S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]

S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]

S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2010-04-06 258928]

S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]

S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-10 120400]

S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-10 29776]

S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-06-28 70656]

S3 enecirhid;ENE CIR HID Receiver;c:\windows\system32\DRIVERS\enecirhid.sys [2009-05-19 14848]

S3 enecirhidma;ENE CIR HIDmini Filter;c:\windows\system32\DRIVERS\enecirhidma.sys [2008-04-24 6656]

S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-04-18 188736]

S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]

S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-05-03 331880]

S3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-02-11 54136]

S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]

S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - 23354555

*NewlyCreated* - 44601850

*NewlyCreated* - 79119130

*Deregistered* - 23354555

*Deregistered* - 44601850

*Deregistered* - 79119130

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ThpSrv"="c:\windows\system32\thpsrv" [X]

"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-05 709976]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-22 10134560]

"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-03-22 896032]

"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = https://google.com.au/

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.2.1 211.29.152.116 198.142.0.51 211.29.132.12

FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t5wlvxjm.default\

.

- - - - ORPHANS REMOVED - - - -

.

Wow6432Node-HKLM-Run-TSleepSrv - %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe

HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe

HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE

HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe

HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe

HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe

HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe

AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-206819656-3051493563-1221410323-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERS\S-1-5-21-206819656-3051493563-1221410323-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2012-08-07 22:48:57

ComboFix-quarantined-files.txt 2012-08-07 12:48

.

Pre-Run: 429,025,161,216 bytes free

Post-Run: 431,873,097,728 bytes free

.

- - End Of File - - 139721B8EFD4216ACC2358CCE81BB9B9

Link to post
Share on other sites

Not much showing...please do this >>>

Download TFC to your desktop

Close any open windows.

Double click the TFC icon to run the program

TFC will close all open programs itself in order to run,

Click the Start button to begin the process.

Allow TFC to run uninterrupted.

The program should not take long to finish it's job

Once its finished it should automatically reboot your machine,

if it doesn't, manually reboot to ensure a complete clean

-----------------------------------

Then..........

Please Update and run a Quick Scan with MBAM, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how computer is running now, MrC

Link to post
Share on other sites

Ran TFC, then reboot

Updated MBAM and scanned

Malwarebytes Anti-Malware (PRO) 1.62.0.1300

www.malwarebytes.org

Database version: v2012.08.07.05

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

User :: USER-PC [administrator]

Protection: Enabled

7/08/2012 11:35:13 PM

mbam-log-2012-08-07 (23-35-13).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled:

Objects scanned: 202802

Time elapsed: 8 minute(s), 50 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.