zeroaccess trojan

[mjudokick]

so apparently i'm infected with a trojan. i would love to know how to remove it. after reading some forum posts, i know that i'm supposed to run a FRST scan and write down the log. here it is and the dds log

Scan result of Farbar Recovery Scan Tool (FRST written by Farbar) Version: 15-08-2012

Ran by SYSTEM at 17-08-2012 20:59:25

Running from F:\

Windows 7 Home Premium (X86) OS Language: English(US)

The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [] [x]

HKLM\...\Run: [igfxTray] C:\windows\system32\igfxtray.exe [141848 2009-09-02] (Intel Corporation)

HKLM\...\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe [174104 2009-09-02] (Intel Corporation)

HKLM\...\Run: [Persistence] C:\windows\system32\igfxpers.exe [151064 2009-09-02] (Intel Corporation)

HKLM\...\Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe [484920 2009-07-20] (Conexant Systems, Inc.)

HKLM\...\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1545512 2009-07-30] (Synaptics Incorporated)

HKLM\...\Run: [ThpSrv] C:\windows\system32\thpsrv /logon [x]

HKLM\...\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [476512 2009-08-21] (TOSHIBA Corporation)

HKLM\...\Run: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe [460088 2009-07-28] (TOSHIBA Corporation)

HKLM\...\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe [738616 2009-08-05] (TOSHIBA Corporation)

HKLM\...\Run: [ToshibaServiceStation] "C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 [1295736 2011-02-11] (TOSHIBA Corporation)

HKLM\...\Run: [TosWaitSrv] %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe [611672 2009-08-06] (TOSHIBA Corporation)

HKLM\...\Run: [Teco] "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r [1324384 2009-08-26] (TOSHIBA Corporation)

HKLM\...\Run: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun [2446648 2009-08-11] (TOSHIBA CORPORATION.)

HKLM\...\Run: [smartFaceVWatcher] %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [163840 2009-07-29] (TOSHIBA Corporation)

HKLM\...\Run: [ConexantAudioPatch] %ProgramFiles%\ConexantAudioPatch\Audioreset.exe [214328 2009-09-02] ()

HKLM\...\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [611672 2009-09-17] (TOSHIBA Corporation)

HKLM\...\Run: [TUSBSleepChargeSrv] %ProgramFiles%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe [252288 2009-07-02] (TOSHIBA)

HKLM\...\Run: [NortonOnlineBackupReminder] "C:\Program Files\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED [529256 2009-07-16] (Toshiba)

HKLM\...\Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t [307768 2009-07-16] ()

HKLM\...\Run: [Toshiba DetectAC Utility] "C:\Program Files\TOSHIBA\Toshiba DetectAC Utility\DetectAC.exe" [221184 2010-08-18] ()

HKLM\...\Run: [Toshiba DetectAC Utility1] "C:\Program Files\TOSHIBA\Toshiba DetectAC Utility\CollectInfo.exe" [266240 2010-08-03] ()

HKLM\...\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey [161088 2011-01-12] (McAfee, Inc.)

HKLM\...\Run: [shStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE [215360 2011-09-14] (McAfee, Inc.)

HKU\Default\...\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe [1173504 2009-07-13] (Microsoft Corporation)

HKU\Default User\...\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe [1173504 2009-07-13] (Microsoft Corporation)

HKU\MK\...\Run: [MyTOSHIBA] "C:\Program Files\TOSHIBA\My Toshiba\MyToshiba.exe" /AUTO [264048 2009-08-06] (TOSHIBA)

HKU\MK\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-08-31] (Google Inc.)

Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

================================ Services (Whitelisted) ==================

2 cfWiMAXService; "C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe" [185712 2009-08-10] (TOSHIBA CORPORATION)

2 ConfigFree Service; "C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe" [46448 2009-03-10] (TOSHIBA CORPORATION)

2 eventlog; C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [20992 2009-07-13] (Microsoft Corporation)

3 GameConsoleService; "C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe" [250616 2009-05-22] (WildTangent, Inc.)

2 McAfee SiteAdvisor Enterprise Service; C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACore.exe [165440 2011-10-24] (McAfee, Inc.)

2 McAfeeFramework; "C:\Program Files\McAfee\Common Framework\FrameworkService.exe" /ServiceStart [120128 2011-01-12] (McAfee, Inc.)

2 McShield; "C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe" [166024 2012-08-16] (McAfee, Inc.)

2 McTaskManager; "C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe" [209760 2011-09-14] (McAfee, Inc.)

2 mfevtp; "C:\windows\system32\mfevtps.exe" [148520 2012-08-16] (McAfee, Inc.)

3 MozillaMaintenance; "C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe" [113120 2012-07-13] (Mozilla Foundation)

2 Norton Internet Security; "C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe" /s "Norton Internet Security" /m "C:\Program Files\Norton Internet Security\Engine\16.8.3.6\diMaster.dll" /prefetch:1 [135024 2012-08-14] (Symantec Corporation)

3 Partner Service; "C:\ProgramData\Partner\Partner.exe" [332272 2009-08-31] (Google Inc.)

3 RasMan; C:\Windows\System32\svchost.exe -k netsvcs [20992 2009-07-13] (Microsoft Corporation)

3 SensrSvc; C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [20992 2009-07-13] (Microsoft Corporation)

2 taisregispinger; C:\Program Files\TOSHIBA\ToshibaRegistration\TaisRegistPinger.exe [210304 2009-08-13] ()

3 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [54136 2011-02-11] (TOSHIBA Corporation)

2 TosCoSrv; "C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe" [464224 2009-08-21] (TOSHIBA Corporation)

2 TOSHIBA eco Utility Service; "C:\Program Files\TOSHIBA\TECO\TecoService.exe" [185712 2009-08-27] (TOSHIBA Corporation)

3 TOSHIBA HDD SSD Alert Service; "C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe" [111960 2009-09-17] (TOSHIBA Corporation)

3 TPCHSrv; "C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe" [685424 2009-08-06] (TOSHIBA Corporation)

3 WebClient; C:\Windows\System32\svchost.exe -k LocalService [20992 2009-07-13] (Microsoft Corporation)

3 WPDBusEnum; C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [20992 2009-07-13] (Microsoft Corporation)

========================== Drivers (Whitelisted) =============

1 BHDrvx86; C:\Windows\System32\Drivers\NIS\1008030.006\BHDrvx86.sys [259632 2010-01-20] (Symantec Corporation)

1 ccHP; C:\Windows\System32\Drivers\NIS\1008030.006\ccHPx86.sys [467592 2012-08-14] (Symantec Corporation)

1 eeCtrl; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376480 2012-08-13] (Symantec Corporation)

3 EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [106656 2012-08-13] (Symantec Corporation)

1 IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20120817.001\IDSvix86.sys [382624 2012-08-13] (Symantec Corporation)

3 IntcHdmiAddService; C:\Windows\System32\drivers\IntcHdmi.sys [122880 2009-07-10] (Intel® Corporation)

3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [119968 2012-08-16] (McAfee, Inc.)

3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [180072 2012-08-16] (McAfee, Inc.)

3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [59288 2012-08-16] (McAfee, Inc.)

0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [461864 2012-08-16] (McAfee, Inc.)

3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [87808 2012-08-16] (McAfee, Inc.)

0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [164840 2012-08-16] (McAfee, Inc.)

3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20120817.003\NAVENG.SYS [87928 2012-08-13] (Symantec Corporation)

3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20120817.003\NAVEX15.SYS [1589752 2012-08-13] (Symantec Corporation)

3 PGEffect; C:\Windows\System32\DRIVERS\pgeffect.sys [24064 2009-06-22] (TOSHIBA Corporation)

3 QIOMem; C:\Windows\System32\DRIVERS\QIOMem.sys [9216 2009-06-15] (TOSHIBA)

3 RTL8187Se; C:\Windows\System32\DRIVERS\RTL8187Se.sys [359424 2009-07-13] (Realtek Semiconductor Corporation )

3 SRTSP; C:\Windows\System32\Drivers\NIS\1008030.006\SRTSP.SYS [308272 2009-08-31] (Symantec Corporation)

1 SRTSPX; C:\Windows\system32\drivers\NIS\1008030.006\SRTSPX.SYS [43696 2009-08-31] (Symantec Corporation)

0 SymEFA; C:\Windows\System32\drivers\NIS\1008030.006\SYMEFA.SYS [310320 2009-08-31] (Symantec Corporation)

3 SymEvent; \??\C:\windows\system32\Drivers\SYMEVENT.SYS [124976 2012-08-13] (Symantec Corporation)

3 SYMFW; C:\Windows\System32\Drivers\NIS\1008030.006\SYMFW.SYS [89976 2011-09-21] (Symantec Corporation)

1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [25648 2009-08-31] (Symantec Corporation)

3 SYMNDISV; C:\Windows\System32\Drivers\NIS\1008030.006\SYMNDISV.SYS [48760 2011-09-21] (Symantec Corporation)

1 SYMTDI; C:\Windows\System32\Drivers\NIS\1008030.006\SYMTDI.SYS [217464 2011-09-21] (Symantec Corporation)

2 TVALZFL; C:\Windows\System32\DRIVERS\TVALZFL.sys [12920 2009-06-19] (TOSHIBA Corporation)

3 mfeavfk01; [x]

3 RSUSBSTOR; C:\Windows\System32\Drivers\RtsUStor.sys [x]

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2012-08-17 20:59 - 2012-08-17 20:59 - 00000000 ____D C:\FRST

2012-08-17 17:50 - 2012-08-17 17:50 - 00185060 ____A C:\Users\MK\AppData\Roaming\temp26440.txt

2012-08-17 17:50 - 2012-08-17 17:50 - 00185060 ____A C:\Users\MK\AppData\Roaming\temp26404.txt

2012-08-17 17:20 - 2012-08-17 17:42 - 00000000 ____D C:\QUARANTINE

2012-08-17 16:47 - 2012-08-17 16:47 - 00000000 ____D C:\Users\MK\AppData\Local\Adobe

2012-08-17 16:16 - 2012-08-17 16:21 - 00000000 ____D C:\Users\MK\AppData\Roaming\DAEMON Tools Lite

2012-08-17 16:15 - 2012-08-17 16:21 - 00000000 ____D C:\Users\All Users\DAEMON Tools Lite

2012-08-17 15:59 - 2012-08-17 16:00 - 14229744 ____A (DT Soft Ltd) C:\Users\MK\Downloads\DTLite4454-0315.exe

2012-08-17 15:51 - 2012-08-17 16:00 - 00005326 ____A C:\Windows\hhdrvi.log

2012-08-17 15:45 - 2012-08-17 15:48 - 108824192 ____A (Macrovision Corporation) C:\Users\MK\Downloads\VirtualCD101014Demo.exe

2012-08-17 15:40 - 2012-08-17 15:40 - 02690270 ____A C:\Users\MK\Downloads\undisker.exe

2012-08-16 22:03 - 2012-08-17 17:44 - 00001347 ____A C:\Users\MK\Desktop\blank.lnk

2012-08-16 21:43 - 2012-08-16 21:44 - 00000000 ____D C:\Users\MK\AppData\Local\gfie

2012-08-16 21:43 - 2012-08-16 21:43 - 00001105 ____A C:\Users\Public\Desktop\Greenfish Icon Editor Pro.lnk

2012-08-16 21:42 - 2012-08-16 21:43 - 00000000 ____D C:\Program Files\Greenfish Icon Editor Pro 3.1

2012-08-16 21:42 - 2012-08-16 21:42 - 00000000 ____D C:\Users\MK\Downloads\gfiesetup31zip

2012-08-16 21:40 - 2012-08-16 21:40 - 00587432 ____A C:\Users\MK\Downloads\cbsidlm-tr1_5-Greenfish_Icon_Editor_Pro-10773415.exe

2012-08-16 20:44 - 2012-08-17 16:35 - 00001360 ____A C:\Users\MK\Desktop\CITES VPN.lnk

2012-08-16 20:27 - 2012-08-16 20:27 - 00000000 ____D C:\Users\MK\AppData\Roaming\McAfee

2012-08-16 20:21 - 2012-08-16 20:18 - 00074848 ____A (McAfee, Inc.) C:\Windows\System32\MfeOtlkAddin.dll

2012-08-16 20:21 - 2012-08-16 20:18 - 00022816 ____A (McAfee, Inc.) C:\Windows\System32\MFEOtlk.dll

2012-08-16 20:21 - 2012-08-16 20:18 - 00009344 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeclnk.sys

2012-08-16 20:20 - 2012-08-16 20:20 - 00028672 ____A (HydroVision) C:\Users\MK\Downloads\SecurityMacFinder.exe

2012-08-16 20:20 - 2012-08-16 20:18 - 00461864 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfehidk.sys

2012-08-16 20:20 - 2012-08-16 20:18 - 00180072 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeavfk.sys

2012-08-16 20:20 - 2012-08-16 20:18 - 00164840 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfewfpk.sys

2012-08-16 20:20 - 2012-08-16 20:18 - 00148520 ____A (McAfee, Inc.) C:\Windows\System32\mfevtps.exe

2012-08-16 20:20 - 2012-08-16 20:18 - 00119968 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeapfk.sys

2012-08-16 20:20 - 2012-08-16 20:18 - 00087808 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mferkdet.sys

2012-08-16 20:20 - 2012-08-16 20:18 - 00059288 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfebopk.sys

2012-08-16 20:18 - 2012-08-16 20:20 - 00000000 ____D C:\Program Files\Common Files\McAfee

2012-08-16 20:13 - 2012-08-16 20:32 - 00000000 ____D C:\Users\All Users\McAfee

2012-08-16 20:13 - 2012-08-16 20:31 - 00000000 ____D C:\Program Files\McAfee

2012-08-16 20:09 - 2012-08-16 20:10 - 39773240 ____A C:\Users\MK\Downloads\McAfee_VirusScan_88p.exe

2012-08-16 19:44 - 2012-08-16 19:44 - 00000000 ____D C:\Users\MK\AppData\Roaming\InstallShield

2012-08-15 16:30 - 2011-03-24 19:06 - 00284160 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys

2012-08-15 16:30 - 2011-03-24 19:06 - 00258560 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys

2012-08-15 16:30 - 2011-03-24 19:06 - 00075776 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys

2012-08-15 16:30 - 2011-03-24 19:06 - 00043008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys

2012-08-15 16:30 - 2011-03-24 19:06 - 00024064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys

2012-08-15 16:30 - 2011-03-24 19:06 - 00020480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys

2012-08-15 16:30 - 2011-03-24 19:06 - 00005888 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys

2012-08-15 16:30 - 2011-03-10 21:44 - 01210240 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys

2012-08-15 16:30 - 2011-03-10 21:44 - 00146304 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys

2012-08-15 16:30 - 2011-03-10 21:44 - 00143744 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvstor.sys

2012-08-15 16:30 - 2011-03-10 21:44 - 00117120 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvraid.sys

2012-08-15 16:30 - 2011-03-10 21:43 - 00332160 ____A (Intel Corporation) C:\Windows\System32\Drivers\iaStorV.sys

2012-08-15 16:30 - 2011-03-10 21:43 - 00080256 ____A (Advanced Micro Devices) C:\Windows\System32\Drivers\amdsata.sys

2012-08-15 16:30 - 2011-03-10 21:43 - 00022400 ____A (Advanced Micro Devices) C:\Windows\System32\Drivers\amdxata.sys

2012-08-15 16:30 - 2011-03-10 21:39 - 01686016 ____A (Microsoft Corporation) C:\Windows\System32\esent.dll

2012-08-15 16:30 - 2011-03-10 21:37 - 00074240 ____A (Microsoft Corporation) C:\Windows\System32\fsutil.exe

2012-08-15 16:30 - 2011-03-10 20:08 - 00075776 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS

2012-08-14 18:46 - 2012-08-14 18:46 - 09826504 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerInstaller.exe

2012-08-14 15:30 - 2012-02-10 21:44 - 00492032 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll

2012-08-14 15:30 - 2012-02-10 21:41 - 00316928 ____A (Microsoft Corporation) C:\Windows\System32\spoolsv.exe

2012-08-14 15:30 - 2011-02-18 21:33 - 00802304 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll

2012-08-14 15:06 - 2009-09-09 21:52 - 00257024 ____A (Microsoft Corporation) C:\Windows\System32\msv1_0.dll

2012-08-14 15:04 - 2012-08-03 01:46 - 59884088 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe

2012-08-14 14:53 - 2009-11-25 09:47 - 01130824 ____A (Microsoft Corporation) C:\Windows\System32\dfshim.dll

2012-08-14 14:53 - 2009-11-25 09:47 - 00297808 ____A (Microsoft Corporation) C:\Windows\System32\mscoree.dll

2012-08-14 14:53 - 2009-11-25 09:47 - 00295264 ____A (Microsoft Corporation) C:\Windows\System32\PresentationHost.exe

2012-08-14 14:53 - 2009-11-25 09:47 - 00099176 ____A (Microsoft Corporation) C:\Windows\System32\PresentationHostProxy.dll

2012-08-14 14:53 - 2009-11-25 09:47 - 00049472 ____A (Microsoft Corporation) C:\Windows\System32\netfxperf.dll

2012-08-14 14:17 - 2012-02-29 21:53 - 00019312 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys

2012-08-14 14:17 - 2012-02-29 21:49 - 00172544 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll

2012-08-14 14:17 - 2012-02-29 21:45 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll

2012-08-14 14:17 - 2012-02-29 21:40 - 00005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 12317184 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 09737728 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat

2012-08-14 14:16 - 2012-08-14 14:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

2012-08-14 14:16 - 2012-08-14 14:16 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl

2012-08-14 14:16 - 2012-08-14 14:16 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00580608 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00434176 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00367104 ____A (Microsoft Corporation) C:\Windows\System32\html.iec

2012-08-14 14:16 - 2012-08-14 14:16 - 00353792 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00353584 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00227840 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00223232 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00203776 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00162304 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00161792 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00152064 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe

2012-08-14 14:16 - 2012-08-14 14:16 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe

2012-08-14 14:16 - 2012-08-14 14:16 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe

2012-08-14 14:16 - 2012-08-14 14:16 - 00130560 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00123392 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00101888 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00086528 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00078848 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe

2012-08-14 14:16 - 2012-08-14 14:16 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe

2012-08-14 14:16 - 2012-08-14 14:16 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00074240 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe

2012-08-14 14:16 - 2012-08-14 14:16 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00066048 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00063488 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx

2012-08-14 14:16 - 2012-08-14 14:16 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00035840 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe

2012-08-14 14:16 - 2012-08-14 14:16 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe

2012-08-14 14:14 - 2012-08-14 14:16 - 00003885 ____A C:\Windows\IE9_main.log

2012-08-14 14:09 - 2012-08-14 14:09 - 00000000 ____D C:\Users\MK\AppData\Local\Microsoft Help

2012-08-14 14:02 - 2010-03-03 20:04 - 00146304 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbvideo.sys

2012-08-14 14:02 - 2010-03-03 19:57 - 00190976 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ks.sys

2012-08-14 13:59 - 2010-09-13 22:07 - 00276992 ____A (Microsoft Corporation) C:\Windows\System32\wcncsvc.dll

2012-08-14 13:57 - 2012-07-04 13:26 - 00057344 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll

2012-08-14 13:57 - 2012-07-04 13:23 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll

2012-08-14 13:57 - 2012-07-04 13:23 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll

2012-08-14 13:57 - 2012-05-13 20:37 - 00768512 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll

2012-08-14 13:57 - 2012-05-04 23:44 - 00400896 ____A (Microsoft Corporation) C:\Windows\System32\srcore.dll

2012-08-14 13:57 - 2010-08-03 22:17 - 00417792 ____A (Microsoft Corporation) C:\Windows\System32\msdri.dll

2012-08-14 13:56 - 2012-07-18 09:10 - 02344448 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys

2012-08-14 13:56 - 2011-11-16 21:41 - 01288984 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll

2012-08-14 13:56 - 2011-11-16 21:41 - 00000000 __SHD C:\Users\MK\AppData\Local\{c98d7325-c016-f43a-e8d3-ce0479a18302}

2012-08-14 13:56 - 2011-06-15 20:35 - 00180224 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll

2012-08-14 13:56 - 2011-04-28 18:57 - 00311296 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys

2012-08-14 13:56 - 2011-04-28 18:57 - 00309760 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys

2012-08-14 13:56 - 2011-04-28 18:57 - 00114176 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys

2012-08-14 13:56 - 2011-04-24 18:35 - 00338944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys

2012-08-14 13:56 - 2011-03-02 21:29 - 00269824 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll

2012-08-14 13:56 - 2011-03-02 21:29 - 00132608 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll

2012-08-14 13:56 - 2011-03-02 21:27 - 00028672 ____A (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe

2012-08-14 13:56 - 2011-02-18 21:32 - 00034304 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll

2012-08-14 13:56 - 2011-02-18 19:37 - 00294912 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll

2012-08-14 13:56 - 2010-07-28 22:30 - 00197632 ____A (Intel® Corporation) C:\Windows\System32\ir32_32.dll

2012-08-14 13:56 - 2010-07-28 22:30 - 00082944 ____A (Radius Inc.) C:\Windows\System32\iccvid.dll

2012-08-14 13:56 - 2010-06-28 21:02 - 01413632 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll

2012-08-14 13:56 - 2009-09-25 21:58 - 00194488 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys

2012-08-14 13:55 - 2012-06-05 21:09 - 01389568 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll

2012-08-14 13:55 - 2012-06-05 21:09 - 01236992 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll

2012-08-14 13:55 - 2012-06-01 20:51 - 00134000 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys

2012-08-14 13:55 - 2012-06-01 20:51 - 00067440 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys

2012-08-14 13:55 - 2012-06-01 20:50 - 00369336 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys

2012-08-14 13:55 - 2012-06-01 20:48 - 00225280 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll

2012-08-14 13:55 - 2012-06-01 20:47 - 00219136 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll

2012-08-14 13:55 - 2012-03-30 02:29 - 01287024 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys

2012-08-14 13:55 - 2011-07-15 20:37 - 00169984 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll

2012-08-14 13:55 - 2011-07-15 20:34 - 00868352 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll

2012-08-14 13:55 - 2011-07-15 20:34 - 00290816 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll

2012-08-14 13:55 - 2011-07-15 20:31 - 00271360 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe

2012-08-14 13:55 - 2011-07-15 20:19 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll

2012-08-14 13:55 - 2011-07-15 20:19 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll

2012-08-14 13:55 - 2011-07-15 20:19 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll

2012-08-14 13:55 - 2011-07-15 20:19 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll

2012-08-14 13:55 - 2011-07-15 20:19 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll

2012-08-14 13:55 - 2011-07-15 20:19 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll

2012-08-14 13:55 - 2011-07-15 20:19 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll

2012-08-14 13:55 - 2011-07-15 20:19 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll

2012-08-14 13:55 - 2011-07-15 20:19 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll

2012-08-14 13:55 - 2011-07-15 20:19 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll

2012-08-14 13:55 - 2011-07-15 20:19 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll

2012-08-14 13:55 - 2011-07-15 20:19 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll

2012-08-14 13:55 - 2011-07-15 20:19 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll

2012-08-14 13:55 - 2011-07-15 20:19 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll

2012-08-14 13:55 - 2011-07-15 20:19 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll

2012-08-14 13:55 - 2011-07-15 20:19 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll

2012-08-14 13:55 - 2011-07-15 20:19 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll

2012-08-14 13:55 - 2011-07-15 20:19 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll

2012-08-14 13:55 - 2011-07-15 20:19 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll

2012-08-14 13:55 - 2011-07-15 20:19 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll

2012-08-14 13:55 - 2011-07-15 20:19 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll

2012-08-14 13:55 - 2011-07-15 20:19 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll

2012-08-14 13:55 - 2011-07-15 20:19 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll

2012-08-14 13:55 - 2011-07-15 20:19 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll

2012-08-14 13:55 - 2011-07-15 18:21 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll

2012-08-14 13:55 - 2011-07-15 18:21 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll

2012-08-14 13:55 - 2011-07-15 18:21 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll

2012-08-14 13:55 - 2011-07-15 18:21 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll

2012-08-14 13:55 - 2011-05-03 20:53 - 01553920 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll

2012-08-14 13:55 - 2011-05-03 20:52 - 01401856 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll

2012-08-14 13:55 - 2011-05-03 20:52 - 00666624 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll

2012-08-14 13:55 - 2011-05-03 20:52 - 00428032 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe

2012-08-14 13:55 - 2011-05-03 20:52 - 00337408 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll

2012-08-14 13:55 - 2011-05-03 20:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll

2012-08-14 13:55 - 2011-05-03 20:52 - 00164352 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe

2012-08-14 13:55 - 2011-05-03 20:52 - 00086528 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe

2012-08-14 13:55 - 2011-05-03 20:52 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll

2012-08-14 13:55 - 2011-02-17 21:33 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\prevhost.exe

2012-08-14 13:55 - 2010-12-22 21:28 - 00642048 ____A (Microsoft Corporation) C:\Windows\System32\CPFilters.dll

2012-08-14 13:55 - 2010-11-01 20:41 - 00351232 ____A (Microsoft Corporation) C:\Windows\System32\wmicmiplugin.dll

2012-08-14 13:55 - 2010-11-01 20:40 - 00496128 ____A (Microsoft Corporation) C:\Windows\System32\taskschd.dll

2012-08-14 13:55 - 2010-11-01 20:40 - 00305152 ____A (Microsoft Corporation) C:\Windows\System32\taskcomp.dll

2012-08-14 13:55 - 2010-11-01 20:39 - 00749056 ____A (Microsoft Corporation) C:\Windows\System32\schedsvc.dll

2012-08-14 13:55 - 2010-11-01 20:34 - 00192000 ____A (Microsoft Corporation) C:\Windows\System32\taskeng.exe

2012-08-14 13:55 - 2010-11-01 20:34 - 00179712 ____A (Microsoft Corporation) C:\Windows\System32\schtasks.exe

2012-08-14 13:55 - 2010-10-15 20:34 - 00573440 ____A (Microsoft Corporation) C:\Windows\System32\odbc32.dll

2012-08-14 13:55 - 2010-08-30 20:32 - 00954752 ____A (Microsoft Corporation) C:\Windows\System32\mfc40.dll

2012-08-14 13:55 - 2010-08-30 20:32 - 00954288 ____A (Microsoft Corporation) C:\Windows\System32\mfc40u.dll

2012-08-14 13:55 - 2009-12-19 01:02 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\avifil32.dll

2012-08-14 13:55 - 2009-12-19 01:02 - 00084480 ____A (Microsoft Corporation) C:\Windows\System32\mciavi32.dll

2012-08-14 13:55 - 2009-12-19 01:02 - 00050176 ____A (Microsoft Corporation) C:\Windows\System32\iyuv_32.dll

2012-08-14 13:55 - 2009-12-19 01:02 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\msvidc32.dll

2012-08-14 13:55 - 2009-12-19 01:02 - 00022016 ____A (Microsoft Corporation) C:\Windows\System32\msyuv.dll

2012-08-14 13:55 - 2009-12-19 01:02 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\msrle32.dll

2012-08-14 13:55 - 2009-12-19 01:02 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\tsbyuv.dll

2012-08-14 13:55 - 2009-09-02 23:04 - 01320960 ____A (Microsoft Corporation) C:\Windows\System32\CertEnroll.dll

2012-08-14 13:55 - 2009-08-18 23:20 - 00507568 ____A (Microsoft Corporation) C:\Windows\System32\winload.exe

2012-08-14 13:55 - 2009-08-18 23:20 - 00442920 ____A (Microsoft Corporation) C:\Windows\System32\winresume.exe

2012-08-14 13:54 - 2012-04-27 19:19 - 00177152 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys

2012-08-14 13:54 - 2012-04-01 20:46 - 03958128 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe

2012-08-14 13:54 - 2012-04-01 20:46 - 03902320 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe

2012-08-14 13:54 - 2012-01-02 21:44 - 00478208 ____A (Microsoft Corporation) C:\Windows\System32\timedate.cpl

2012-08-14 13:54 - 2011-11-04 20:30 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll

2012-08-14 13:54 - 2011-08-16 20:26 - 00465408 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll

2012-08-14 13:54 - 2011-08-16 20:22 - 00204288 ____A (Microsoft Corporation) C:\Windows\System32\MSNP.ax

2012-08-14 13:54 - 2011-08-16 20:22 - 00075776 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax

2012-08-14 13:54 - 2011-08-16 20:22 - 00072704 ____A (Microsoft Corporation) C:\Windows\System32\Mpeg2Data.ax

2012-08-14 13:54 - 2011-08-16 20:22 - 00059904 ____A (Microsoft Corporation) C:\Windows\System32\MSDvbNP.ax

2012-08-14 13:54 - 2011-05-24 02:35 - 00294912 ____A (Microsoft Corporation) C:\Windows\System32\umpnpmgr.dll

2012-08-14 13:54 - 2011-05-02 20:50 - 00740864 ____A (Microsoft Corporation) C:\Windows\System32\inetcomm.dll

2012-08-14 13:54 - 2011-04-26 18:33 - 00078336 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys

2012-08-14 13:54 - 2011-03-12 03:31 - 00442880 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll

2012-08-14 13:54 - 2010-12-22 21:28 - 00850432 ____A (Microsoft Corporation) C:\Windows\System32\sbe.dll

2012-08-14 13:54 - 2010-12-22 21:24 - 00199680 ____A (Microsoft Corporation) C:\Windows\System32\mpg2splt.ax

2012-08-14 13:54 - 2010-08-31 20:29 - 11406848 ____A (Microsoft Corporation) C:\Windows\System32\wmp.dll

2012-08-14 13:54 - 2010-08-31 20:23 - 12625408 ____A (Microsoft Corporation) C:\Windows\System32\wmploc.DLL

2012-08-14 13:54 - 2010-08-26 21:46 - 00168448 ____A (Microsoft Corporation) C:\Windows\System32\srvsvc.dll

2012-08-14 13:54 - 2010-06-18 22:23 - 00037376 ____A (Microsoft Corporation) C:\Windows\System32\rtutils.dll

2012-08-14 13:54 - 2010-03-04 23:42 - 00067584 ____A (Microsoft Corporation) C:\Windows\System32\asycfilt.dll

2012-08-14 13:54 - 2009-08-28 22:57 - 00034816 ____A (Microsoft Corporation) C:\Windows\System32\msasn1.dll

2012-08-14 13:53 - 2012-05-01 20:52 - 00163328 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll

2012-08-14 13:53 - 2011-11-19 06:06 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\packager.dll

2012-08-14 13:53 - 2011-10-25 20:25 - 00038912 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll

2012-08-14 13:53 - 2011-02-25 21:33 - 02614784 ____A (Microsoft Corporation) C:\Windows\explorer.exe

2012-08-14 13:53 - 2011-02-23 21:32 - 00288256 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll

2012-08-14 13:53 - 2011-02-11 21:30 - 00191488 ____A (Microsoft Corporation) C:\Windows\System32\FXSCOVER.exe

2012-08-14 13:53 - 2010-10-15 20:41 - 00101760 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe

2012-08-14 13:53 - 2010-08-20 21:33 - 00530432 ____A (Microsoft Corporation) C:\Windows\System32\comctl32.dll

2012-08-14 13:53 - 2010-01-18 15:29 - 00369152 ____A (Microsoft Corporation) C:\Windows\System32\secproc.dll

2012-08-14 13:53 - 2010-01-18 15:29 - 00365568 ____A (Microsoft Corporation) C:\Windows\System32\secproc_isv.dll

2012-08-14 13:53 - 2010-01-18 15:29 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\secproc_ssp_isv.dll

2012-08-14 13:53 - 2010-01-18 15:29 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\secproc_ssp.dll

2012-08-14 13:53 - 2010-01-18 15:28 - 00324608 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate_isv.exe

2012-08-14 13:53 - 2010-01-18 15:28 - 00320512 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate.exe

2012-08-14 13:53 - 2010-01-18 15:28 - 00280064 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate_ssp.exe

2012-08-14 13:53 - 2010-01-18 15:28 - 00277504 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate_ssp_isv.exe

2012-08-14 13:53 - 2009-10-19 06:10 - 00070656 ____A (Microsoft Corporation) C:\Windows\System32\fontsub.dll

2012-08-14 13:52 - 2012-06-08 20:46 - 12868608 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll

2012-08-14 13:52 - 2012-01-04 01:03 - 00442880 ____A (Microsoft Corporation) C:\Windows\System32\ntshrui.dll

2012-08-14 13:52 - 2011-11-16 21:39 - 00314368 ____A (Microsoft Corporation) C:\Windows\System32\webio.dll

2012-08-14 13:52 - 2011-11-16 21:39 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\sspicli.dll

2012-08-14 13:52 - 2011-11-16 21:39 - 00022016 ____A (Microsoft Corporation) C:\Windows\System32\secur32.dll

2012-08-14 13:52 - 2011-11-16 21:39 - 00015360 ____A (Microsoft Corporation) C:\Windows\System32\sspisrv.dll

2012-08-14 13:52 - 2011-11-16 21:38 - 01037312 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll

2012-08-14 13:52 - 2011-11-16 21:36 - 00022528 ____A (Microsoft Corporation) C:\Windows\System32\lsass.exe

2012-08-14 13:52 - 2010-12-20 21:38 - 00350720 ____A (Microsoft Corporation) C:\Windows\System32\winhttp.dll

2012-08-14 13:52 - 2010-12-20 21:38 - 00204800 ____A (Microsoft Corporation) C:\Windows\System32\WebClnt.dll

2012-08-14 13:52 - 2010-12-20 21:38 - 00204288 ____A (Microsoft Corporation) C:\Windows\System32\upnp.dll

2012-08-14 13:52 - 2010-12-20 21:38 - 00073728 ____A (Microsoft Corporation) C:\Windows\System32\wscsvc.dll

2012-08-14 13:52 - 2010-12-20 21:38 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\wscapi.dll

2012-08-14 13:52 - 2010-12-20 21:38 - 00014336 ____A (Microsoft Corporation) C:\Windows\System32\slwga.dll

2012-08-14 13:52 - 2010-12-20 21:34 - 00080384 ____A (Microsoft Corporation) C:\Windows\System32\davclnt.dll

2012-08-14 13:52 - 2010-05-23 02:11 - 03181568 ____A (Microsoft Corporation) C:\Windows\System32\mf.dll

2012-08-14 13:51 - 2012-04-25 20:48 - 00129536 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll

2012-08-14 13:51 - 2012-04-25 20:48 - 00057856 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll

2012-08-14 13:51 - 2012-04-25 20:43 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe

2012-08-14 13:51 - 2012-04-07 03:34 - 02342400 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll

2012-08-14 13:51 - 2012-03-16 23:20 - 00056688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys

2012-08-14 13:51 - 2012-03-02 21:40 - 01170944 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll

2012-08-14 13:51 - 2012-03-02 21:40 - 01074176 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll

2012-08-14 13:51 - 2012-03-02 21:40 - 00739840 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll

2012-08-14 13:51 - 2012-03-02 21:40 - 00218624 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll

2012-08-14 13:51 - 2012-03-02 21:40 - 00161792 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll

2012-08-14 13:51 - 2011-12-15 23:59 - 00690688 ____A (Microsoft Corporation) C:\Windows\System32\msvcrt.dll

2012-08-14 13:51 - 2011-10-25 20:28 - 01328640 ____A (Microsoft Corporation) C:\Windows\System32\quartz.dll

2012-08-14 13:51 - 2011-10-25 20:28 - 00514560 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll

2012-08-14 13:51 - 2011-10-14 21:48 - 00534528 ____A (Microsoft Corporation) C:\Windows\System32\EncDec.dll

2012-08-14 13:51 - 2011-08-26 20:43 - 00571904 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll

2012-08-14 13:51 - 2011-08-26 20:43 - 00233472 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll

2012-08-14 13:51 - 2011-07-08 18:26 - 00222720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys

2012-08-14 13:51 - 2011-06-15 01:04 - 00319488 ____A (Microsoft Corporation) C:\Windows\System32\odbcjt32.dll

2012-08-14 13:51 - 2011-06-15 01:04 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\odbctrac.dll

2012-08-14 13:51 - 2011-06-15 01:04 - 00122880 ____A (Microsoft Corporation) C:\Windows\System32\odbccp32.dll

2012-08-14 13:51 - 2011-06-15 01:04 - 00086016 ____A (Microsoft Corporation) C:\Windows\System32\odbccu32.dll

2012-08-14 13:51 - 2011-06-15 01:04 - 00081920 ____A (Microsoft Corporation) C:\Windows\System32\odbccr32.dll

2012-08-14 13:51 - 2011-05-03 18:43 - 00123392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys

2012-08-14 13:51 - 2011-05-03 18:43 - 00096256 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys

2012-08-14 13:51 - 2011-04-22 11:36 - 00026496 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys

2012-08-14 13:51 - 2011-04-08 21:56 - 00123904 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe

2012-08-14 13:51 - 2011-03-10 21:40 - 01164288 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll

2012-08-14 13:51 - 2011-03-10 21:40 - 01137664 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll

2012-08-14 13:51 - 2011-02-22 21:05 - 00069632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys

2012-08-14 13:51 - 2010-12-17 21:30 - 02690560 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll

2012-08-14 13:51 - 2010-12-17 21:29 - 00541184 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll

2012-08-14 13:51 - 2010-12-17 21:26 - 01034240 ____A (Microsoft Corporation) C:\Windows\System32\mstsc.exe

2012-08-14 13:51 - 2010-11-01 20:41 - 00135168 ____A (Microsoft Corporation) C:\Windows\System32\XpsRasterService.dll

2012-08-14 13:51 - 2010-08-25 20:39 - 00109056 ____A (Microsoft Corporation) C:\Windows\System32\t2embed.dll

2012-08-14 13:51 - 2010-08-20 21:36 - 00738816 ____A (Microsoft Corporation) C:\Windows\System32\wmpmde.dll

2012-08-14 13:51 - 2010-06-25 21:14 - 01495040 ____A (Microsoft Corporation) C:\Windows\System32\ExplorerFrame.dll

2012-08-14 13:51 - 2010-05-23 02:15 - 01619456 ____A (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL

2012-08-14 13:51 - 2010-05-23 02:11 - 00196608 ____A (Microsoft Corporation) C:\Windows\System32\mfreadwrite.dll

2012-08-14 13:51 - 2010-05-04 22:46 - 00363520 ____A (Microsoft Corporation) C:\Windows\System32\StructuredQuery.dll

2012-08-14 13:51 - 2009-12-08 03:32 - 00292864 ____A (Microsoft Corporation) C:\Windows\System32\apphelp.dll

2012-08-14 13:51 - 2009-10-27 22:17 - 00285696 ____A (Microsoft Corporation) C:\Windows\System32\winlogon.exe

2012-08-14 13:49 - 2012-04-23 20:47 - 01156608 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll

2012-08-14 13:49 - 2012-04-23 20:47 - 00139264 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll

2012-08-14 13:49 - 2012-04-23 20:47 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll

2012-08-14 13:49 - 2011-02-02 21:45 - 00219008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys

2012-08-14 13:49 - 2010-11-01 20:46 - 00728448 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys

2012-08-14 13:49 - 2010-11-01 20:23 - 00107520 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll

2012-08-13 23:27 - 2012-02-14 21:44 - 00826368 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll

2012-08-13 23:27 - 2012-02-14 20:22 - 00024064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys

2012-08-13 23:27 - 2010-01-08 22:52 - 00132608 ____A (Microsoft Corporation) C:\Windows\System32\cabview.dll

2012-08-13 16:21 - 2012-08-13 16:21 - 00000000 ____D C:\Users\MK\AppData\Local\Conexant

2012-08-13 13:38 - 2012-08-13 13:39 - 00000000 ____D C:\Users\MK\AppData\Local\Microsoft Games

2012-08-13 13:22 - 2012-06-02 14:19 - 01933848 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll

2012-08-13 13:22 - 2012-06-02 14:19 - 00053784 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe

2012-08-13 13:22 - 2012-06-02 14:19 - 00045080 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll

2012-08-13 13:22 - 2012-06-02 14:12 - 02422272 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll

2012-08-13 13:21 - 2012-06-02 14:19 - 00577048 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll

2012-08-13 13:21 - 2012-06-02 14:19 - 00035864 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll

2012-08-13 13:21 - 2012-06-02 14:12 - 00088576 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll

2012-08-13 13:21 - 2012-06-02 12:19 - 00171904 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll

2012-08-13 13:21 - 2012-06-02 12:12 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe

2012-08-13 11:21 - 2012-08-17 17:39 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job

2012-08-13 11:21 - 2012-08-14 18:46 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe

2012-08-13 11:21 - 2012-08-14 18:46 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl

2012-08-13 11:21 - 2012-08-13 11:21 - 00000000 ____D C:\Users\MK\AppData\Roaming\Macromedia

2012-08-13 11:21 - 2012-08-13 11:21 - 00000000 ____D C:\Users\MK\AppData\Local\Macromedia

2012-08-13 11:16 - 2012-08-17 17:31 - 00000886 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2012-08-13 11:16 - 2012-08-17 17:29 - 00000882 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2012-08-13 11:14 - 2012-08-16 20:32 - 00000000 ____D C:\Program Files\Mozilla Firefox

2012-08-13 11:14 - 2012-08-13 11:15 - 00000000 ____D C:\Users\MK\AppData\Roaming\Mozilla

2012-08-13 11:14 - 2012-08-13 11:14 - 00001103 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk

2012-08-13 11:14 - 2012-08-13 11:14 - 00000000 ____D C:\Users\MK\AppData\Local\Mozilla

2012-08-13 11:14 - 2012-08-13 11:14 - 00000000 ____D C:\Users\All Users\Mozilla

2012-08-13 11:14 - 2012-08-13 11:14 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service

2012-08-13 11:12 - 2012-08-17 16:47 - 00000000 ____D C:\Users\MK\AppData\Roaming\Adobe

2012-08-13 11:11 - 2012-08-16 21:24 - 00000000 ____D C:\Users\MK\AppData\Local\Google

2012-08-13 11:11 - 2012-08-13 11:11 - 00000000 ____D C:\Users\MK\AppData\Roaming\Google

2012-08-13 10:57 - 2012-08-13 10:57 - 00000000 ____D C:\Users\MK\AppData\Roaming\Template

2012-08-13 10:57 - 2012-08-13 10:57 - 00000000 ____A C:\Users\MK\AppData\Roaming\wklnhst.dat

2012-08-13 10:56 - 2012-08-13 10:55 - 00124976 ____A (Symantec Corporation) C:\Windows\System32\Drivers\SYMEVENT.SYS

2012-08-13 10:56 - 2012-08-13 10:55 - 00007456 ____A C:\Windows\System32\Drivers\SYMEVENT.CAT

2012-08-13 10:56 - 2009-08-31 19:08 - 00025648 ___RA (Symantec Corporation) C:\Windows\System32\Drivers\SymIMV.sys

2012-08-13 10:55 - 2012-08-14 12:54 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared

2012-08-13 10:55 - 2012-08-13 10:56 - 00000000 ____D C:\Program Files\Symantec

2012-08-13 10:54 - 2012-08-14 15:18 - 00002425 ____A C:\Users\Public\Desktop\Norton Internet Security.lnk

2012-08-13 02:34 - 2012-08-13 02:34 - 00000000 ____A C:\Windows\NDSTray.INI

2012-08-13 02:15 - 2012-08-13 02:15 - 00000000 ____D C:\Program Files\ConexantAudioPatch

2012-08-13 02:11 - 2012-08-13 02:11 - 00001868 ____A C:\Users\MK\Desktop\Web Camera Application.lnk

2012-08-13 02:11 - 2009-06-22 16:04 - 00024064 ____A (TOSHIBA Corporation) C:\Windows\System32\Drivers\PGEffect.sys

2012-08-13 02:03 - 1999-10-12 17:47 - 00024576 ____A (Toshiba) C:\Windows\System32\TSCI.dll

2012-08-13 02:03 - 1999-10-12 17:45 - 00024576 ____A (Toshiba) C:\Windows\System32\THCI.dll

2012-08-13 02:00 - 2012-08-13 02:00 - 00000000 ____D C:\Windows\System32\tr

2012-08-13 02:00 - 2012-08-13 02:00 - 00000000 ____D C:\Windows\System32\sv

2012-08-13 02:00 - 2012-08-13 02:00 - 00000000 ____D C:\Windows\System32\sk

2012-08-13 02:00 - 2012-08-13 02:00 - 00000000 ____D C:\Windows\System32\ru

2012-08-13 02:00 - 2012-08-13 02:00 - 00000000 ____D C:\Windows\System32\pt

2012-08-13 02:00 - 2012-08-13 02:00 - 00000000 ____D C:\Windows\System32\pl

2012-08-13 02:00 - 2012-08-13 02:00 - 00000000 ____D C:\Windows\System32\no

2012-08-13 02:00 - 2012-08-13 02:00 - 00000000 ____D C:\Windows\System32\nl

2012-08-13 02:00 - 2012-08-13 02:00 - 00000000 ____D C:\Windows\System32\it

2012-08-13 02:00 - 2012-08-13 02:00 - 00000000 ____D C:\Windows\System32\hu

2012-08-13 02:00 - 2012-08-13 02:00 - 00000000 ____D C:\Windows\System32\fr

2012-08-13 02:00 - 2012-08-13 02:00 - 00000000 ____D C:\Windows\System32\fi

2012-08-13 02:00 - 2012-08-13 02:00 - 00000000 ____D C:\Windows\System32\es

2012-08-13 02:00 - 2012-08-13 02:00 - 00000000 ____D C:\Windows\System32\el

2012-08-13 02:00 - 2012-08-13 02:00 - 00000000 ____D C:\Windows\System32\de

2012-08-13 02:00 - 2012-08-13 02:00 - 00000000 ____D C:\Windows\System32\da

2012-08-13 02:00 - 2012-08-13 02:00 - 00000000 ____D C:\Windows\System32\cs

2012-08-13 02:00 - 2012-08-13 02:00 - 00000000 ____D C:\Program Files\Realtek

2012-08-13 02:00 - 2009-02-02 17:27 - 07360512 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RTSUSTORicon.dll

2012-08-13 01:34 - 2012-08-13 01:34 - 00000000 ____D C:\Windows\System32\Atheros_L1e

2012-08-13 01:33 - 2012-08-13 01:33 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_SynTP_01007.Wdf

2012-08-13 01:33 - 2012-08-13 01:33 - 00000000 ____D C:\Program Files\Synaptics

2012-08-13 01:32 - 2012-08-13 01:33 - 00007846 ____A C:\Windows\DPINST.LOG

2012-08-13 01:29 - 2012-08-16 19:38 - 00000000 ____D C:\Program Files\Realtek WLAN Driver

2012-08-13 01:28 - 2012-08-13 01:29 - 00000000 ____D C:\Program Files\CONEXANT

2012-08-13 01:26 - 2012-08-13 01:26 - 00014324 ____A C:\Windows\System32\results.xml

2012-08-13 01:21 - 2012-08-13 01:21 - 00000000 ____D C:\Windows\System32\Lang

2012-08-13 01:21 - 2009-09-02 13:30 - 01002008 ____A (Intel Corporation) C:\Windows\System32\igxpun.exe

2012-08-13 01:17 - 2009-06-04 17:43 - 00330264 ____A (Intel Corporation) C:\Windows\System32\Drivers\iaStor.sys

2012-08-13 01:16 - 2012-08-13 01:16 - 00000000 ____D C:\Program Files\Microsoft Office Suite Activation Assistant

2012-08-13 01:01 - 2009-02-27 00:42 - 00031640 ____A (Microsoft Corporation) C:\Windows\System32\msonpmon.dll

2012-08-13 01:00 - 2012-08-13 01:00 - 00000000 ____D C:\Program Files\Microsoft.NET

2012-08-13 01:00 - 2012-08-13 01:00 - 00000000 ____D C:\Program Files\Common Files\DESIGNER

2012-08-13 00:57 - 2012-08-17 17:26 - 00000000 ____D C:\Users\All Users\Microsoft Help

2012-08-13 00:57 - 2012-08-13 00:57 - 00000000 __RHD C:\MSOCache

2012-08-13 00:51 - 2012-08-14 14:32 - 00000000 ____D C:\Program Files\Microsoft Office

2012-08-13 00:50 - 2012-08-14 14:51 - 00000000 ____D C:\Program Files\Microsoft Works

2012-08-13 00:50 - 2012-08-13 00:50 - 00000000 ____D C:\Users\MK\AppData\Local\TOSHIBA_Corporation

2012-08-13 00:43 - 2012-08-13 00:43 - 00079136 ____A C:\Users\MK\AppData\Local\GDIPFONTCACHEV1.DAT

2012-08-13 00:41 - 2012-08-13 00:42 - 00000000 ____D C:\Users\MK\AppData\Local\Toshiba

2012-08-13 00:40 - 2012-08-17 16:01 - 01572029 ____A C:\Windows\WindowsUpdate.log

2012-08-13 00:39 - 2012-08-13 00:39 - 00000016 __RSH C:\Windows\System32\Drivers\fbd.sys

2012-08-13 00:39 - 2012-08-13 00:39 - 00000000 ____D C:\Users\MK\AppData\Roaming\WinBatch

2012-08-13 00:38 - 2012-08-17 17:20 - 00000000 ____D C:\users\MK

2012-08-13 00:38 - 2012-08-17 14:39 - 00000000 ____D C:\Users\MK\AppData\Local\VirtualStore

2012-08-13 00:38 - 2012-08-13 00:38 - 00000020 ___SH C:\Users\MK\ntuser.ini

============ 3 Months Modified Files ========================

2012-08-17 17:50 - 2012-08-17 17:50 - 00185060 ____A C:\Users\MK\AppData\Roaming\temp26440.txt

2012-08-17 17:50 - 2012-08-17 17:50 - 00185060 ____A C:\Users\MK\AppData\Roaming\temp26404.txt

2012-08-17 17:44 - 2012-08-16 22:03 - 00001347 ____A C:\Users\MK\Desktop\blank.lnk

2012-08-17 17:39 - 2012-08-13 11:21 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job

2012-08-17 17:37 - 2009-07-13 20:34 - 00015568 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2012-08-17 17:37 - 2009-07-13 20:34 - 00015568 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2012-08-17 17:31 - 2012-08-13 11:16 - 00000886 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2012-08-17 17:29 - 2012-08-13 11:16 - 00000882 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2012-08-17 17:27 - 2009-08-31 20:03 - 00010266 ____A C:\Windows\PFRO.log

2012-08-17 17:27 - 2009-07-13 20:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT

2012-08-17 16:47 - 2009-08-31 19:06 - 00713888 ____A C:\Windows\System32\PerfStringBackup.INI

2012-08-17 16:35 - 2012-08-16 20:44 - 00001360 ____A C:\Users\MK\Desktop\CITES VPN.lnk

2012-08-17 16:03 - 2009-07-13 20:39 - 00037020 ____A C:\Windows\setupact.log

2012-08-17 16:01 - 2012-08-13 00:40 - 01572029 ____A C:\Windows\WindowsUpdate.log

2012-08-17 16:00 - 2012-08-17 15:59 - 14229744 ____A (DT Soft Ltd) C:\Users\MK\Downloads\DTLite4454-0315.exe

2012-08-17 16:00 - 2012-08-17 15:51 - 00005326 ____A C:\Windows\hhdrvi.log

2012-08-17 15:48 - 2012-08-17 15:45 - 108824192 ____A (Macrovision Corporation) C:\Users\MK\Downloads\VirtualCD101014Demo.exe

2012-08-17 15:40 - 2012-08-17 15:40 - 02690270 ____A C:\Users\MK\Downloads\undisker.exe

2012-08-16 21:43 - 2012-08-16 21:43 - 00001105 ____A C:\Users\Public\Desktop\Greenfish Icon Editor Pro.lnk

2012-08-16 21:40 - 2012-08-16 21:40 - 00587432 ____A C:\Users\MK\Downloads\cbsidlm-tr1_5-Greenfish_Icon_Editor_Pro-10773415.exe

2012-08-16 20:20 - 2012-08-16 20:20 - 00028672 ____A (HydroVision) C:\Users\MK\Downloads\SecurityMacFinder.exe

2012-08-16 20:18 - 2012-08-16 20:21 - 00074848 ____A (McAfee, Inc.) C:\Windows\System32\MfeOtlkAddin.dll

2012-08-16 20:18 - 2012-08-16 20:21 - 00022816 ____A (McAfee, Inc.) C:\Windows\System32\MFEOtlk.dll

2012-08-16 20:18 - 2012-08-16 20:21 - 00009344 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeclnk.sys

2012-08-16 20:18 - 2012-08-16 20:20 - 00461864 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfehidk.sys

2012-08-16 20:18 - 2012-08-16 20:20 - 00180072 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeavfk.sys

2012-08-16 20:18 - 2012-08-16 20:20 - 00164840 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfewfpk.sys

2012-08-16 20:18 - 2012-08-16 20:20 - 00148520 ____A (McAfee, Inc.) C:\Windows\System32\mfevtps.exe

2012-08-16 20:18 - 2012-08-16 20:20 - 00119968 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeapfk.sys

2012-08-16 20:18 - 2012-08-16 20:20 - 00087808 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mferkdet.sys

2012-08-16 20:18 - 2012-08-16 20:20 - 00059288 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfebopk.sys

2012-08-16 20:10 - 2012-08-16 20:09 - 39773240 ____A C:\Users\MK\Downloads\McAfee_VirusScan_88p.exe

2012-08-14 18:46 - 2012-08-14 18:46 - 09826504 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerInstaller.exe

2012-08-14 18:46 - 2012-08-13 11:21 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe

2012-08-14 18:46 - 2012-08-13 11:21 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl

2012-08-14 15:18 - 2012-08-13 10:54 - 00002425 ____A C:\Users\Public\Desktop\Norton Internet Security.lnk

2012-08-14 15:17 - 2009-07-13 20:33 - 00340792 ____A C:\Windows\System32\FNTCACHE.DAT

2012-08-14 14:16 - 2012-08-14 14:16 - 12317184 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 09737728 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat

2012-08-14 14:16 - 2012-08-14 14:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

2012-08-14 14:16 - 2012-08-14 14:16 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl

2012-08-14 14:16 - 2012-08-14 14:16 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00580608 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00434176 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00367104 ____A (Microsoft Corporation) C:\Windows\System32\html.iec

2012-08-14 14:16 - 2012-08-14 14:16 - 00353792 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00353584 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00227840 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00223232 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00203776 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00162304 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00161792 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00152064 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe

2012-08-14 14:16 - 2012-08-14 14:16 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe

2012-08-14 14:16 - 2012-08-14 14:16 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe

2012-08-14 14:16 - 2012-08-14 14:16 - 00130560 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00123392 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00101888 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00086528 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00078848 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe

2012-08-14 14:16 - 2012-08-14 14:16 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe

2012-08-14 14:16 - 2012-08-14 14:16 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00074240 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe

2012-08-14 14:16 - 2012-08-14 14:16 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00066048 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00063488 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx

2012-08-14 14:16 - 2012-08-14 14:16 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00035840 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll

2012-08-14 14:16 - 2012-08-14 14:16 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe

2012-08-14 14:16 - 2012-08-14 14:16 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe

2012-08-14 14:16 - 2012-08-14 14:14 - 00003885 ____A C:\Windows\IE9_main.log

2012-08-13 11:14 - 2012-08-13 11:14 - 00001103 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk

2012-08-13 10:57 - 2012-08-13 10:57 - 00000000 ____A C:\Users\MK\AppData\Roaming\wklnhst.dat

2012-08-13 10:55 - 2012-08-13 10:56 - 00124976 ____A (Symantec Corporation) C:\Windows\System32\Drivers\SYMEVENT.SYS

2012-08-13 10:55 - 2012-08-13 10:56 - 00007456 ____A C:\Windows\System32\Drivers\SYMEVENT.CAT

2012-08-13 02:34 - 2012-08-13 02:34 - 00000000 ____A C:\Windows\NDSTray.INI

2012-08-13 02:33 - 2009-07-13 20:34 - 00003043 ____A C:\Windows\DtcInstall.log

2012-08-13 02:11 - 2012-08-13 02:11 - 00001868 ____A C:\Users\MK\Desktop\Web Camera Application.lnk

2012-08-13 01:35 - 2009-07-13 20:57 - 00025600 __ASH C:\Windows\System32\config\BCD-Template.LOG

2012-08-13 01:35 - 2009-07-13 20:52 - 00028672 ____A C:\Windows\System32\config\BCD-Template

2012-08-13 01:33 - 2012-08-13 01:33 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_SynTP_01007.Wdf

2012-08-13 01:33 - 2012-08-13 01:32 - 00007846 ____A C:\Windows\DPINST.LOG

2012-08-13 01:26 - 2012-08-13 01:26 - 00014324 ____A C:\Windows\System32\results.xml

2012-08-13 00:43 - 2012-08-13 00:43 - 00079136 ____A C:\Users\MK\AppData\Local\GDIPFONTCACHEV1.DAT

2012-08-13 00:42 - 2009-08-31 18:22 - 00003540 ____A C:\Windows\TSSysprep.log

2012-08-13 00:39 - 2012-08-13 00:39 - 00000016 __RSH C:\Windows\System32\Drivers\fbd.sys

2012-08-13 00:38 - 2012-08-13 00:38 - 00000020 ___SH C:\Users\MK\ntuser.ini

2012-08-03 01:46 - 2012-08-14 15:04 - 59884088 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe

2012-07-18 09:10 - 2012-08-14 13:56 - 02344448 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys

2012-07-04 13:26 - 2012-08-14 13:57 - 00057344 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll

2012-07-04 13:23 - 2012-08-14 13:57 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll

2012-07-04 13:23 - 2012-08-14 13:57 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll

2012-06-08 20:46 - 2012-08-14 13:52 - 12868608 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll

2012-06-06 17:59 - 2012-06-06 17:59 - 01070152 ____A (Microsoft Corporation) C:\Windows\System32\MSCOMCTL.OCX

2012-06-05 21:09 - 2012-08-14 13:55 - 01389568 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll

2012-06-05 21:09 - 2012-08-14 13:55 - 01236992 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll

2012-06-02 14:19 - 2012-08-13 13:22 - 01933848 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll

2012-06-02 14:19 - 2012-08-13 13:22 - 00053784 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe

2012-06-02 14:19 - 2012-08-13 13:22 - 00045080 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll

2012-06-02 14:19 - 2012-08-13 13:21 - 00577048 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll

2012-06-02 14:19 - 2012-08-13 13:21 - 00035864 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll

2012-06-02 14:12 - 2012-08-13 13:22 - 02422272 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll

2012-06-02 14:12 - 2012-08-13 13:21 - 00088576 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll

2012-06-02 12:19 - 2012-08-13 13:21 - 00171904 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll

2012-06-02 12:12 - 2012-08-13 13:21 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe

2012-06-01 20:51 - 2012-08-14 13:55 - 00134000 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys

2012-06-01 20:51 - 2012-08-14 13:55 - 00067440 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys

2012-06-01 20:50 - 2012-08-14 13:55 - 00369336 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys

2012-06-01 20:48 - 2012-08-14 13:55 - 00225280 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll

2012-06-01 20:47 - 2012-08-14 13:55 - 00219136 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll

ZeroAccess:

C:\Windows\Installer\{c98d7325-c016-f43a-e8d3-ce0479a18302}

C:\Windows\Installer\{c98d7325-c016-f43a-e8d3-ce0479a18302}\@

C:\Windows\Installer\{c98d7325-c016-f43a-e8d3-ce0479a18302}\L

C:\Windows\Installer\{c98d7325-c016-f43a-e8d3-ce0479a18302}\U

ZeroAccess:

C:\Users\MK\AppData\Local\{c98d7325-c016-f43a-e8d3-ce0479a18302}

C:\Users\MK\AppData\Local\{c98d7325-c016-f43a-e8d3-ce0479a18302}\@

C:\Users\MK\AppData\Local\{c98d7325-c016-f43a-e8d3-ce0479a18302}\L

C:\Users\MK\AppData\Local\{c98d7325-c016-f43a-e8d3-ce0479a18302}\U

ZeroAccess:

C:\Windows\assembly\GAC\Desktop.ini

========================= Known DLLs (Whitelisted) ============

========================= Bamital & volsnap Check ============

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK

HKLM\...\exefile\DefaultIcon: %1 => OK

HKLM\...\exefile\open\command: "%1" %* => OK

========================= Memory info ======================

Percentage of memory in use: 14%

Total physical RAM: 2936.94 MB

Available physical RAM: 2513.78 MB

Total Pagefile: 2935.22 MB

Available Pagefile: 2517.89 MB

Total Virtual: 2047.88 MB

Available Virtual: 1963.55 MB

======================= Partitions =========================

1 Drive c: (TI102763W0F) (Fixed) (Total:223.48 GB) (Free:193.19 GB) NTFS ==>[system with boot components (obtained from reading drive)]

2 Drive d: (System) (Fixed) (Total:1.46 GB) (Free:1.28 GB) NTFS ==>[system with boot components (obtained from reading drive)]

4 Drive f: () (Removable) (Total:1.91 GB) (Free:0.57 GB) FAT

5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt

-------- ------------- ------- ------- --- ---

Disk 0 Online 232 GB 0 B

Disk 1 Online 1953 MB 0 B

Partitions of Disk 0:

===============

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Recovery 1500 MB 1024 KB

Partition 2 Primary 223 GB 1501 MB

Partition 3 Primary 8127 MB 224 GB

==================================================================================

Disk: 0

Partition 1

Type : 27

Hidden: Yes

Active: Yes

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 2 D System NTFS Partition 1500 MB Healthy Hidden

==================================================================================

Disk: 0

Partition 2

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 1 C TI102763W0F NTFS Partition 223 GB Healthy

==================================================================================

Disk: 0

Partition 3

Type : 17 (Suspicious Type)

Hidden: Yes

Active: No

There is no volume associated with this partition.

==================================================================================

Partitions of Disk 1:

===============

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 1952 MB 122 KB

==================================================================================

Disk: 1

Partition 1

Type : 06

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 3 F FAT Removable 1952 MB Healthy

==================================================================================

Last Boot: 2009-08-31 19:34

======================= End Of Log ==========================

[mjudokick]

.

DDS (Ver_2011-08-26.01) - NTFSx86 MINIMAL

Internet Explorer: 9.0.8112.16421

Run by MK at 14:07:52 on 2012-08-18

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2937.2602 [GMT -5:00]

.

AV: McAfee VirusScan Enterprise *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: McAfee VirusScan Enterprise Antispyware Module *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ===============

.

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\userinit.exe

C:\windows\Explorer.EXE

C:\windows\system32\ctfmon.exe

C:\windows\helppane.exe

C:\windows\system32\DllHost.exe

C:\windows\system32\conhost.exe

C:\windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\16.8.3.6\coIEPlg.dll

BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\16.8.3.6\IPSBHO.DLL

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20120816232125.dll

BHO: Partner BHO Class: {83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} - c:\programdata\partner\Partner.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\program files\mcafee\siteadvisor enterprise\McIEPlg.dll

BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\16.8.3.6\coIEPlg.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\program files\mcafee\siteadvisor enterprise\McIEPlg.dll

uRun: [MyTOSHIBA] "c:\program files\toshiba\my toshiba\MyToshiba.exe" /AUTO

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

mRun: [<NO NAME>]

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [cAudioFilterAgent] c:\program files\conexant\caudiofilteragent\cAudioFilterAgent.exe

mRun: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

mRun: [ThpSrv] c:\windows\system32\thpsrv /logon

mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE

mRun: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe

mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe

mRun: [ToshibaServiceStation] "c:\program files\toshiba\toshiba service station\ToshibaServiceStation.exe" /hide:60

mRun: [TosWaitSrv] %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe

mRun: [Teco] "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r

mRun: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

mRun: [smartFaceVWatcher] %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe

mRun: [ConexantAudioPatch] %ProgramFiles%\ConexantAudioPatch\Audioreset.exe

mRun: [TosSENotify] c:\program files\toshiba\toshiba hdd ssd alert\TosWaitSrv.exe

mRun: [TUSBSleepChargeSrv] %ProgramFiles%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe

mRun: [NortonOnlineBackupReminder] "c:\program files\toshiba\toshiba online backup\activation\TobuActivation.exe" UNATTENDED

mRun: [smartAudio] c:\program files\conexant\saii\SAIICpl.exe /t

mRun: [Toshiba DetectAC Utility] "c:\program files\toshiba\toshiba detectac utility\DetectAC.exe"

mRun: [Toshiba DetectAC Utility1] "c:\program files\toshiba\toshiba detectac utility\CollectInfo.exe"

mRun: [McAfeeUpdaterUI] "c:\program files\mcafee\common framework\udaterui.exe" /StartedFromRunKey

mRun: [shStatEXE] "c:\program files\mcafee\virusscan enterprise\SHSTAT.EXE" /STANDALONE

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office12\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\mif5ba~1\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mif5ba~1\office12\REFIEBAR.DLL

LSP: mswsock.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab

TCP: DhcpNameServer = 75.75.75.75 75.75.76.76

TCP: Interfaces\{EB61B461-21C6-41D1-8CF7-2B8F49047D9C} : DhcpNameServer = 75.75.75.75 75.75.76.76

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor enterprise\McIEPlg.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor enterprise\McIEPlg.dll

Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files\norton internet security\engine\16.8.3.6\CoIEPlg.dll

Notify: igfxcui - igfxdev.dll

mASetup: {01250B8F-D947-4F8A-9408-FE8E3EE2EC92} - c:\program files\toshiba\my toshiba\MyToshiba.exe /SETUP

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\MK\appdata\roaming\mozilla\firefox\profiles\his1vvrd.default\

FF - prefs.js: browser.startup.homepage - google.com

FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll

FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_271.dll

.

============= SERVICES / DRIVERS ===============

.

R0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-8-16 164840]

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1008030.006\SymEFA.sys [2012-8-14 310320]

R0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\drivers\thpdrv.sys [2009-6-29 30272]

R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\drivers\Thpevm.sys [2009-6-29 13120]

R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\drivers\TVALZFL.sys [2009-6-19 12920]

R3 QIOMem;Generic IO & Memory Access;c:\windows\system32\drivers\QIOMem.sys [2009-6-15 9216]

S0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2012-8-16 461864]

S1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\nis\1008030.006\BHDrvx86.sys [2012-8-14 259632]

S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\nis\1008030.006\cchpx86.sys [2012-8-14 467592]

S1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20120817.001\IDSvix86.sys [2012-8-17 382624]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]

S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\toshiba\configfree\CFIWmxSvcs.exe [2009-8-10 185712]

S2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2009-3-10 46448]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2012-8-13 135664]

S2 McAfee SiteAdvisor Enterprise Service;McAfee SiteAdvisor Enterprise Service;c:\program files\mcafee\siteadvisor enterprise\McSACore.exe [2011-10-24 165440]

S2 McAfeeFramework;McAfee Framework Service;c:\program files\mcafee\common framework\FrameworkService.exe [2011-1-12 120128]

S2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2012-8-16 166024]

S2 McTaskManager;McAfee Task Manager;c:\program files\mcafee\virusscan enterprise\vstskmgr.exe [2011-9-14 209760]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-8-16 148520]

S2 Norton Internet Security;Norton Internet Security;c:\program files\norton internet security\engine\16.8.3.6\ccSvcHst.exe [2012-8-14 117648]

S2 taisregispinger;taisregispinger;c:\program files\toshiba\toshibaregistration\TaisRegistPinger.exe [2009-8-31 210304]

S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\toshiba\teco\TecoService.exe [2009-8-27 185712]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-8-13 250056]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-8-14 106656]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2012-8-13 135664]

S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-7-10 122880]

S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\drivers\L1C62x86.sys [2009-7-27 51712]

S3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2012-8-16 180072]

S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2012-8-16 59288]

S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-8-16 87808]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-8-13 113120]

S3 Partner Service;Partner Service;c:\programdata\partner\Partner.exe [2009-8-31 332272]

S3 PGEffect;Pangu effect driver;c:\windows\system32\drivers\PGEffect.sys [2012-8-13 24064]

S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\drivers\rtl8192se.sys [2010-4-26 1011232]

S3 SYMNDISV;Symantec Network Filter Driver;c:\windows\system32\drivers\nis\1008030.006\symndisv.sys [2012-8-14 48760]

S3 TMachInfo;TMachInfo;c:\program files\toshiba\toshiba service station\TMachInfo.exe [2012-8-13 54136]

S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\toshiba\toshiba hdd ssd alert\TosSmartSrv.exe [2009-9-17 111960]

S3 TPCHSrv;TPCH Service;c:\program files\toshiba\tphm\TPCHSrv.exe [2009-8-6 685424]

S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2012-8-14 1343400]

.

=============== Created Last 30 ================

.

2012-08-18 04:59:19 -------- d-----w- C:\FRST

2012-08-18 02:49:34 -------- d-----w- c:\users\MK\appdata\local\NPE

2012-08-18 01:20:37 -------- d-----w- C:\QUARANTINE

2012-08-18 00:47:09 -------- d-----w- c:\users\MK\appdata\local\Adobe

2012-08-18 00:41:43 -------- d-----w- c:\users\MK\appdata\local\Diagnostics

2012-08-18 00:16:28 -------- d-----w- c:\users\MK\appdata\roaming\DAEMON Tools Lite

2012-08-18 00:15:21 -------- d-----w- c:\programdata\DAEMON Tools Lite

2012-08-17 05:43:06 -------- d-----w- c:\users\MK\appdata\local\gfie

2012-08-17 05:42:57 -------- d-----w- c:\program files\Greenfish Icon Editor Pro 3.1

2012-08-17 04:32:40 185920 ----a-w- c:\program files\mozilla firefox\distribution\bundles\{b7082faa-cb62-4872-9106-e42dd88ede45}\components\McFFPlg.dll

2012-08-17 04:27:42 -------- d-----w- c:\users\MK\appdata\roaming\McAfee

2012-08-17 04:21:30 74848 ----a-w- c:\windows\system32\MfeOtlkAddin.dll

2012-08-17 04:21:30 22816 ----a-w- c:\windows\system32\MFEOtlk.dll

2012-08-17 04:21:25 28504 ----a-w- c:\program files\mozilla firefox\ScriptFF.dll

2012-08-17 04:21:12 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys

2012-08-17 04:20:43 87808 ----a-w- c:\windows\system32\drivers\mferkdet.sys

2012-08-17 04:20:42 59288 ----a-w- c:\windows\system32\drivers\mfebopk.sys

2012-08-17 04:20:42 180072 ----a-w- c:\windows\system32\drivers\mfeavfk.sys

2012-08-17 04:20:42 119968 ----a-w- c:\windows\system32\drivers\mfeapfk.sys

2012-08-17 04:20:31 461864 ----a-w- c:\windows\system32\drivers\mfehidk.sys

2012-08-17 04:20:09 164840 ----a-w- c:\windows\system32\drivers\mfewfpk.sys

2012-08-17 04:20:08 148520 ----a-w- c:\windows\system32\mfevtps.exe

2012-08-17 04:18:13 -------- d-----w- c:\program files\common files\McAfee

2012-08-17 04:13:22 -------- d-----w- c:\program files\McAfee

2012-08-15 02:46:29 9826504 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe

2012-08-14 23:30:57 -------- d-----w- c:\windows\system32\Wat

2012-08-14 23:30:19 802304 ----a-w- c:\windows\system32\FntCache.dll

2012-08-14 23:30:17 492032 ----a-w- c:\windows\system32\win32spl.dll

2012-08-14 23:30:16 316928 ----a-w- c:\windows\system32\spoolsv.exe

2012-08-14 23:06:06 257024 ----a-w- c:\windows\system32\msv1_0.dll

2012-08-14 22:53:58 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll

2012-08-14 22:53:58 49472 ----a-w- c:\windows\system32\netfxperf.dll

2012-08-14 22:53:58 297808 ----a-w- c:\windows\system32\mscoree.dll

2012-08-14 22:53:58 295264 ----a-w- c:\windows\system32\PresentationHost.exe

2012-08-14 22:53:58 1130824 ----a-w- c:\windows\system32\dfshim.dll

2012-08-14 22:17:11 5120 ----a-w- c:\windows\system32\wmi.dll

2012-08-14 22:17:11 19312 ----a-w- c:\windows\system32\drivers\fs_rec.sys

2012-08-14 22:17:10 172544 ----a-w- c:\windows\system32\wintrust.dll

2012-08-14 22:17:10 158720 ----a-w- c:\windows\system32\imagehlp.dll

2012-08-14 22:09:23 -------- d-----w- c:\users\MK\appdata\local\Microsoft Help

2012-08-14 22:02:20 190976 ----a-w- c:\windows\system32\drivers\ks.sys

2012-08-14 22:02:20 146304 ----a-w- c:\windows\system32\drivers\usbvideo.sys

2012-08-14 21:59:17 276992 ----a-w- c:\windows\system32\wcncsvc.dll

2012-08-14 21:57:16 417792 ----a-w- c:\windows\system32\msdri.dll

2012-08-14 21:57:12 41472 ----a-w- c:\windows\system32\browcli.dll

2012-08-14 21:57:12 102912 ----a-w- c:\windows\system32\browser.dll

2012-08-14 21:57:10 400896 ----a-w- c:\windows\system32\srcore.dll

2012-08-14 21:57:09 768512 ----a-w- c:\windows\system32\localspl.dll

2012-08-14 21:55:58 936960 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll

2012-08-14 21:54:59 850432 ----a-w- c:\windows\system32\sbe.dll

2012-08-14 21:53:58 38912 ----a-w- c:\windows\system32\csrsrv.dll

2012-08-14 21:52:28 442880 ----a-w- c:\windows\system32\ntshrui.dll

2012-08-14 21:51:59 196608 ----a-w- c:\windows\system32\mfreadwrite.dll

2012-08-14 21:49:41 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2012-08-14 21:49:41 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys

2012-08-14 21:49:41 107520 ----a-w- c:\windows\system32\cdd.dll

2012-08-14 21:49:08 1156608 ----a-w- c:\windows\system32\crypt32.dll

2012-08-14 21:49:07 139264 ----a-w- c:\windows\system32\cryptsvc.dll

2012-08-14 21:49:07 103936 ----a-w- c:\windows\system32\cryptnet.dll

2012-08-14 21:39:50 48760 ----a-w- c:\windows\system32\drivers\nis\1008030.006\symndisv.sys

2012-08-14 21:39:50 36472 ----a-w- c:\windows\system32\drivers\nis\1008030.006\symndis.sys

2012-08-14 21:39:50 33144 ----a-w- c:\windows\system32\drivers\nis\1008030.006\symids.sys

2012-08-14 21:39:50 217464 ----a-w- c:\windows\system32\drivers\nis\1008030.006\symtdi.sys

2012-08-14 21:39:49 89976 ----a-w- c:\windows\system32\drivers\nis\1008030.006\symfw.sys

2012-08-14 21:39:49 310320 ----a-w- c:\windows\system32\drivers\nis\1008030.006\SymEFA.sys

2012-08-14 21:39:48 43696 ----a-w- c:\windows\system32\drivers\nis\1008030.006\srtspx.sys

2012-08-14 21:39:48 308272 ----a-w- c:\windows\system32\drivers\nis\1008030.006\srtsp.sys

2012-08-14 21:39:47 259632 ----a-w- c:\windows\system32\drivers\nis\1008030.006\BHDrvx86.sys

2012-08-14 21:39:06 467592 ----a-w- c:\windows\system32\drivers\nis\1008030.006\cchpx86.sys

2012-08-14 21:39:02 -------- d-----w- c:\windows\system32\drivers\nis\1008030.006

2012-08-14 07:27:42 826368 ----a-w- c:\windows\system32\rdpcore.dll

2012-08-14 07:27:41 24064 ----a-w- c:\windows\system32\drivers\tdtcp.sys

2012-08-14 07:27:38 132608 ----a-w- c:\windows\system32\cabview.dll

2012-08-14 00:21:11 -------- d-----w- c:\users\MK\appdata\local\Conexant

2012-08-13 21:38:32 -------- d-----w- c:\users\MK\appdata\local\Microsoft Games

2012-08-13 21:22:06 2422272 ----a-w- c:\windows\system32\wucltux.dll

2012-08-13 21:21:52 88576 ----a-w- c:\windows\system32\wudriver.dll

2012-08-13 21:21:44 33792 ----a-w- c:\windows\system32\wuapp.exe

2012-08-13 21:21:44 171904 ----a-w- c:\windows\system32\wuwebv.dll

2012-08-13 19:21:52 -------- d-----w- c:\users\MK\appdata\local\Macromedia

2012-08-13 19:21:38 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-08-13 19:21:38 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-08-13 19:11:44 -------- d-----w- c:\users\MK\appdata\local\Google

2012-08-13 18:56:29 25648 ----a-r- c:\windows\system32\drivers\SymIMV.sys

2012-08-13 18:56:16 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS

2012-08-13 18:55:25 -------- d-----w- c:\program files\Symantec

2012-08-13 18:55:25 -------- d-----w- c:\program files\common files\Symantec Shared

2012-08-13 10:15:38 -------- d-----w- c:\program files\ConexantAudioPatch

2012-08-13 10:11:32 24064 ----a-w- c:\windows\system32\drivers\PGEffect.sys

2012-08-13 10:03:19 24576 ----a-w- c:\windows\system32\TSCI.dll

2012-08-13 10:03:19 24576 ----a-w- c:\windows\system32\THCI.dll

2012-08-13 09:34:15 -------- d-----w- c:\windows\system32\Atheros_L1e

2012-08-13 09:33:07 -------- d-----w- c:\program files\Synaptics

2012-08-13 09:29:53 -------- d-----w- c:\program files\Realtek WLAN Driver

2012-08-13 09:28:32 -------- d-----w- c:\program files\CONEXANT

2012-08-13 09:21:38 -------- d-----w- c:\windows\system32\Lang

2012-08-13 09:21:37 1002008 ----a-w- c:\windows\system32\igxpun.exe

2012-08-13 09:17:31 330264 ----a-w- c:\windows\system32\drivers\iaStor.sys

2012-08-13 09:16:41 -------- d-----w- c:\program files\Microsoft Office Suite Activation Assistant

2012-08-13 09:01:51 33104 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll

2012-08-13 09:01:51 31640 ----a-w- c:\windows\system32\msonpmon.dll

2012-08-13 08:50:28 -------- d-----w- c:\users\MK\appdata\local\TOSHIBA_Corporation

2012-08-13 08:41:24 -------- d-----w- c:\users\MK\appdata\local\Toshiba

2012-08-13 08:39:39 16 --sh--r- c:\windows\system32\drivers\fbd.sys

2012-08-13 08:39:16 -------- d-----w- c:\users\MK\appdata\roaming\WinBatch

.

==================== Find3M ====================

.

2012-07-18 17:10:29 2344448 ----a-w- c:\windows\system32\win32k.sys

2012-06-07 01:59:42 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX

2012-06-06 05:09:46 1389568 ----a-w- c:\windows\system32\msxml6.dll

2012-06-06 05:09:46 1236992 ----a-w- c:\windows\system32\msxml3.dll

2012-06-02 04:51:16 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-06-02 04:51:16 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2012-06-02 04:50:00 369336 ----a-w- c:\windows\system32\drivers\cng.sys

2012-06-02 04:48:35 225280 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 04:47:31 219136 ----a-w- c:\windows\system32\ncrypt.dll

.

============= FINISH: 14:08:49.77 ===============

[aliB]

hi

Download ComboFix here :

Link 1

Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop

• Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Here is a guide on how to disable them
  Click me
  
• Double click on ComboFix.exe & follow the prompts.
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
  

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt log in your next reply.

[mjudokick]

i can't run it. it says that the specified service does not exist as an installed service

[aliB]

hi

Step 1

Download the latest version of TDSSKiller from here and save it to your Desktop.

• Doubleclick on TDSSKiller.exe to run the application
  
  
• Then click on Change parameters.
  
  
• Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
  
• Click the Start Scan button.
  
• If a suspicious object is detected, the default action will be Skip, click on Continue.
  
  
• If malicious objects are found, they will show in the Scan results and offer three (3) options.
  
• Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
  
• Get the report by selecting Reports
  
  
• Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  

Please copy and paste its contents on your next reply.

Step 2

Download OTL to your Desktop

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  
  
• Select All Users
  
• Under the Custom Scan box paste this in
  netsvcs
  %SYSTEMDRIVE%\*.exe
  /md5start
  services.*
  explorer.exe
  winlogon.exe
  Userinit.exe
  svchost.exe
  qmgr.dll
  /md5stop
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS /s
  CREATERESTOREPOINT
  
• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    
  • Post both logs
    

Things I would like to see in your reply:

• TDSSKiller log
  
• OTL.txt and Extras.txt
  

[mjudokick]

i can't install it. my internet isn't working on the infected computer and the way that i was installing all of the programs, through my usb drive, no longer appears to be working on that computer.

[mjudokick]

and disk management no longer works -__-

[mjudokick]

*bump*

[aliB]

hi

can you try to restore you system to an earlier period this can help restore internet access.

[mjudokick]

i tried a system restore both in the BIOS and safe mode but it said that there was an error 0x8000ffff or whatever it was. then i logged in and my internet still doesn't work. should i just restore it to the factory default?

[aliB]

your flash drive no longer works in both normal and safe mode ?

[mjudokick]

my computer still works. its just that the virus is still here, i think. i don't know for sure since my antivirus software has an error now

[mjudokick]

OTL:

OTL logfile created on: 8/20/2012 8:16:55 PM - Run 1

OTL by OldTimer - Version 3.2.58.1 Folder = E:\

Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.87 Gb Total Physical Memory | 1.57 Gb Available Physical Memory | 54.57% Memory free

5.73 Gb Paging File | 4.65 Gb Available in Paging File | 81.12% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files

Drive C: | 223.48 Gb Total Space | 192.78 Gb Free Space | 86.26% Space Free | Partition Type: NTFS

Unable to calculate disk information.

Drive E: | 1.91 Gb Total Space | 0.56 Gb Free Space | 29.27% Space Free | Partition Type: FAT

Computer Name: MIKEKUBACKI-PC | User Name: MK | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/20 20:13:54 | 000,596,480 | ---- | M] (OldTimer Tools) -- E:\OTL.exe

PRC - [2012/07/13 19:17:11 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2011/09/21 19:35:57 | 000,117,648 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe

PRC - [2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2011/02/11 13:45:54 | 001,295,736 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe

PRC - [2011/02/11 13:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

PRC - [2011/01/12 16:05:00 | 000,185,664 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\naPrdMgr.exe

PRC - [2011/01/12 16:05:00 | 000,161,088 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\UdaterUI.exe

PRC - [2011/01/12 16:05:00 | 000,120,128 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe

PRC - [2011/01/12 16:05:00 | 000,075,072 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\McTray.exe

PRC - [2010/08/18 09:44:34 | 000,221,184 | ---- | M] () -- C:\Program Files\TOSHIBA\Toshiba DetectAC Utility\DetectAC.exe

PRC - [2010/08/03 13:18:36 | 000,266,240 | ---- | M] () -- C:\Program Files\TOSHIBA\Toshiba DetectAC Utility\CollectInfo.exe

PRC - [2009/09/17 15:37:18 | 000,111,960 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

PRC - [2009/09/17 15:36:58 | 001,021,272 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

PRC - [2009/08/27 15:37:10 | 000,185,712 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TECO\TecoService.exe

PRC - [2009/08/26 20:00:06 | 001,324,384 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TECO\TEco.exe

PRC - [2009/08/21 11:29:40 | 000,464,224 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

PRC - [2009/08/21 11:29:20 | 000,476,512 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

PRC - [2009/08/10 21:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe

PRC - [2009/08/06 19:05:18 | 000,583,024 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe

PRC - [2009/08/06 19:04:56 | 000,685,424 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

PRC - [2009/08/05 16:04:54 | 000,738,616 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

PRC - [2009/07/28 22:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe

PRC - [2009/07/28 17:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe

PRC - [2009/07/28 16:00:10 | 000,460,088 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe

PRC - [2009/07/20 16:29:00 | 000,484,920 | ---- | M] (Conexant Systems, Inc.) -- C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe

PRC - [2009/07/13 20:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe

PRC - [2009/07/13 20:14:17 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dinotify.exe

PRC - [2009/07/13 17:24:00 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe

PRC - [2009/07/08 11:40:58 | 000,518,720 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\ThpSrv.exe

PRC - [2009/07/02 13:05:00 | 000,252,288 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe

PRC - [2009/03/10 20:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

========== Modules (No Company Name) ==========

MOD - [2012/08/14 18:24:17 | 000,212,992 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b7a7f9c607e09bfa03c07b5ff3a8ae3\System.ServiceProcess.ni.dll

MOD - [2012/08/14 18:24:10 | 012,433,920 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll

MOD - [2012/08/14 18:22:17 | 001,591,808 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll

MOD - [2012/08/14 18:21:59 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll

MOD - [2012/08/14 18:21:57 | 005,453,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c85c9c42e1b8a8760de82ecb4c7d582\System.Xml.ni.dll

MOD - [2012/08/14 18:21:50 | 007,952,384 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll

MOD - [2012/08/14 18:21:33 | 011,490,816 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll

MOD - [2012/08/13 04:00:41 | 008,007,680 | ---- | M] () -- C:\windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll

MOD - [2012/07/13 19:17:14 | 002,003,424 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll

MOD - [2010/08/18 09:44:34 | 000,221,184 | ---- | M] () -- C:\Program Files\TOSHIBA\Toshiba DetectAC Utility\DetectAC.exe

MOD - [2010/08/03 13:18:36 | 000,266,240 | ---- | M] () -- C:\Program Files\TOSHIBA\Toshiba DetectAC Utility\CollectInfo.exe

MOD - [2009/09/17 15:36:34 | 000,079,192 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll

MOD - [2009/07/25 13:07:12 | 000,058,704 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll

MOD - [2009/07/16 17:27:48 | 000,052,536 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll

MOD - [2009/07/16 17:27:44 | 007,263,544 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll

MOD - [2009/06/22 17:38:40 | 000,015,160 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll

MOD - [2009/03/12 21:08:04 | 000,049,152 | ---- | M] () -- C:\Program Files\TOSHIBA\PCDiag\NotifyPCD.dll

MOD - [2007/04/18 19:30:46 | 000,471,040 | ---- | M] () -- C:\Program Files\McAfee\Common Framework\ccme_base.dll

MOD - [2007/04/18 19:30:46 | 000,393,216 | ---- | M] () -- C:\Program Files\McAfee\Common Framework\cryptocme2.dll

========== Win32 Services (SafeList) ==========

SRV - [2012/08/14 21:46:39 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012/08/14 18:30:56 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)

SRV - [2012/07/13 19:17:12 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2011/09/21 19:35:57 | 000,117,648 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe -- (Norton Internet Security)

SRV - [2011/02/11 13:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)

SRV - [2011/01/12 16:05:00 | 000,120,128 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe -- (McAfeeFramework)

SRV - [2009/09/17 15:37:18 | 000,111,960 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)

SRV - [2009/08/31 22:07:42 | 000,332,272 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\ProgramData\Partner\Partner.exe -- (Partner Service)

SRV - [2009/08/27 15:37:10 | 000,185,712 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)

SRV - [2009/08/21 11:29:40 | 000,464,224 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)

SRV - [2009/08/10 21:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe -- (cfWiMAXService)

SRV - [2009/08/06 19:04:56 | 000,685,424 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)

SRV - [2009/07/28 17:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)

SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2009/07/08 11:40:58 | 000,518,720 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\ThpSrv.exe -- (Thpsrv)

SRV - [2009/05/22 13:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)

SRV - [2009/03/10 20:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RtsUStor.sys -- (RSUSBSTOR)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20120815.002\NAVEX15.SYS -- (NAVEX15)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20120815.002\NAVENG.SYS -- (NAVENG)

DRV - [2012/08/14 16:39:06 | 000,467,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\cchpx86.sys -- (ccHP)

DRV - [2012/08/13 23:13:46 | 000,382,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20120818.001\IDSvix86.sys -- (IDSVix86)

DRV - [2012/08/13 13:55:25 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)

DRV - [2012/08/13 03:19:44 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)

DRV - [2012/08/13 03:19:44 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)

DRV - [2011/09/21 19:35:58 | 000,217,464 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\symtdi.sys -- (SYMTDI)

DRV - [2011/09/21 19:35:58 | 000,089,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\symfw.sys -- (SYMFW)

DRV - [2011/09/21 19:35:58 | 000,048,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\symndisv.sys -- (SYMNDISV)

DRV - [2010/01/20 16:18:24 | 000,259,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\BHDrvx86.sys -- (BHDrvx86)

DRV - [2009/10/16 14:55:36 | 000,500,736 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)

DRV - [2009/10/02 13:33:24 | 000,862,208 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)

DRV - [2009/08/31 22:08:43 | 000,310,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\SymEFA.sys -- (SymEFA)

DRV - [2009/08/31 22:08:43 | 000,308,272 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\NIS\1008030.006\srtsp.sys -- (SRTSP)

DRV - [2009/08/31 22:08:43 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\srtspx.sys -- (SRTSPX)

DRV - [2009/08/31 22:08:43 | 000,025,648 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)

DRV - [2009/07/30 19:45:56 | 000,022,912 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)

DRV - [2009/07/27 17:06:44 | 000,051,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)

DRV - [2009/07/14 17:28:42 | 000,023,512 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)

DRV - [2009/07/13 17:02:53 | 000,359,424 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTL8187Se.sys -- (RTL8187Se)

DRV - [2009/07/10 08:44:52 | 000,122,880 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)

DRV - [2009/06/29 18:16:22 | 000,013,120 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\Thpevm.sys -- (Thpevm)

DRV - [2009/06/29 12:25:24 | 000,030,272 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\thpdrv.sys -- (Thpdrv)

DRV - [2009/06/22 19:04:58 | 000,024,064 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PGEffect.sys -- (PGEffect)

DRV - [2009/06/19 21:31:08 | 000,012,920 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TVALZFL.sys -- (TVALZFL)

DRV - [2009/06/15 15:58:22 | 000,009,216 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\QIOMem.sys -- (QIOMem)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

IE - HKLM\..\SearchScopes,DefaultScope = {87CFFCCF-95CD-4805-B0A3-F0E03D9DEAB7}

IE - HKLM\..\SearchScopes\{87CFFCCF-95CD-4805-B0A3-F0E03D9DEAB7}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3695806740-2193649233-1071243013-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

IE - HKU\S-1-5-21-3695806740-2193649233-1071243013-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

IE - HKU\S-1-5-21-3695806740-2193649233-1071243013-1000\..\SearchScopes,DefaultScope = {87CFFCCF-95CD-4805-B0A3-F0E03D9DEAB7}

IE - HKU\S-1-5-21-3695806740-2193649233-1071243013-1000\..\SearchScopes\{87CFFCCF-95CD-4805-B0A3-F0E03D9DEAB7}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA_enUS497

IE - HKU\S-1-5-21-3695806740-2193649233-1071243013-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "google.com"

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2012/08/14 18:19:33 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/08/13 14:14:33 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012/08/13 14:15:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MK\AppData\Roaming\Mozilla\Extensions

[2012/08/18 15:43:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2012/07/13 19:17:47 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2012/07/13 19:16:36 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2012/07/13 19:16:36 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2009/06/10 16:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)

O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\IPSBHO.dll (Symantec Corporation)

O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKU\S-1-5-21-3695806740-2193649233-1071243013-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe (Conexant Systems, Inc.)

O4 - HKLM..\Run: [ConexantAudioPatch] C:\Program Files\ConexantAudioPatch\AudioReset.exe ()

O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files\McAfee\Common Framework\udaterui.exe (McAfee, Inc.)

O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe (Toshiba)

O4 - HKLM..\Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()

O4 - HKLM..\Run: [smartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [smoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [ThpSrv] C:\windows\System32\thpsrv.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [Toshiba DetectAC Utility] C:\Program Files\TOSHIBA\Toshiba DetectAC Utility\DetectAC.exe ()

O4 - HKLM..\Run: [Toshiba DetectAC Utility1] C:\Program Files\TOSHIBA\Toshiba DetectAC Utility\CollectInfo.exe ()

O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [TUSBSleepChargeSrv] C:\Program Files\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe (TOSHIBA)

O4 - HKLM..\Run: [TWebCamera] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)

O4 - HKU\S-1-5-21-3695806740-2193649233-1071243013-1000..\Run: [MyTOSHIBA] C:\Program Files\TOSHIBA\My Toshiba\MyToshiba.exe (TOSHIBA)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)

O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EB61B461-21C6-41D1-8CF7-2B8F49047D9C}: DhcpNameServer = 75.75.75.75 75.75.76.76

O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - C:\windows\System32\ias.dll (Microsoft Corporation)

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/08/20 20:11:57 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine

[2012/08/18 15:41:46 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Local\Symantec

[2012/08/18 15:41:23 | 000,000,000 | ---D | C] -- C:\Qoobox

[2012/08/18 15:41:06 | 000,000,000 | ---D | C] -- C:\windows\erdnt

[2012/08/18 15:41:03 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW

[2012/08/17 23:59:19 | 000,000,000 | ---D | C] -- C:\FRST

[2012/08/17 21:49:34 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Local\NPE

[2012/08/17 20:20:37 | 000,000,000 | ---D | C] -- C:\QUARANTINE

[2012/08/17 19:47:09 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Local\Adobe

[2012/08/17 19:41:43 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Local\Diagnostics

[2012/08/17 19:16:28 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Roaming\DAEMON Tools Lite

[2012/08/17 19:15:21 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite

[2012/08/17 00:43:06 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Local\gfie

[2012/08/17 00:43:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greenfish Icon Editor Pro 3.1

[2012/08/17 00:42:57 | 000,000,000 | ---D | C] -- C:\Program Files\Greenfish Icon Editor Pro 3.1

[2012/08/17 00:41:01 | 000,000,000 | R--D | C] -- C:\Users\MK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

[2012/08/16 23:27:42 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Roaming\McAfee

[2012/08/16 23:18:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee

[2012/08/16 23:13:22 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee

[2012/08/16 23:13:22 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee

[2012/08/16 22:44:16 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Roaming\InstallShield

[2012/08/14 18:30:57 | 000,000,000 | ---D | C] -- C:\windows\System32\Wat

[2012/08/14 17:09:23 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Local\Microsoft Help

[2012/08/14 17:00:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

[2012/08/14 16:56:20 | 000,000,000 | -HSD | C] -- C:\Users\MK\AppData\Local\{c98d7325-c016-f43a-e8d3-ce0479a18302}

[2012/08/13 19:21:11 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Local\Conexant

[2012/08/13 16:38:32 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Local\Microsoft Games

[2012/08/13 14:21:52 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Roaming\Macromedia

[2012/08/13 14:21:52 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Local\Macromedia

[2012/08/13 14:14:50 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Roaming\Mozilla

[2012/08/13 14:14:50 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Local\Mozilla

[2012/08/13 14:14:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla

[2012/08/13 14:14:35 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service

[2012/08/13 14:14:30 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2012/08/13 14:12:22 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Roaming\Adobe

[2012/08/13 14:11:45 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Roaming\Google

[2012/08/13 14:11:44 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Local\Google

[2012/08/13 13:57:41 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Roaming\Template

[2012/08/13 13:56:29 | 000,025,648 | R--- | C] (Symantec Corporation) -- C:\windows\System32\drivers\SymIMV.sys

[2012/08/13 13:56:16 | 000,124,976 | ---- | C] (Symantec Corporation) -- C:\windows\System32\drivers\SYMEVENT.SYS

[2012/08/13 13:55:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared

[2012/08/13 13:55:25 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec

[2012/08/13 05:15:38 | 000,000,000 | ---D | C] -- C:\Program Files\ConexantAudioPatch

[2012/08/13 05:00:59 | 000,000,000 | ---D | C] -- C:\windows\System32\tr

[2012/08/13 05:00:59 | 000,000,000 | ---D | C] -- C:\windows\System32\sv

[2012/08/13 05:00:59 | 000,000,000 | ---D | C] -- C:\windows\System32\sk

[2012/08/13 05:00:59 | 000,000,000 | ---D | C] -- C:\windows\System32\ru

[2012/08/13 05:00:59 | 000,000,000 | ---D | C] -- C:\windows\System32\pt

[2012/08/13 05:00:59 | 000,000,000 | ---D | C] -- C:\windows\System32\pl

[2012/08/13 05:00:59 | 000,000,000 | ---D | C] -- C:\windows\System32\no

[2012/08/13 05:00:59 | 000,000,000 | ---D | C] -- C:\windows\System32\nl

[2012/08/13 05:00:59 | 000,000,000 | ---D | C] -- C:\windows\System32\it

[2012/08/13 05:00:59 | 000,000,000 | ---D | C] -- C:\windows\System32\hu

[2012/08/13 05:00:59 | 000,000,000 | ---D | C] -- C:\windows\System32\fr

[2012/08/13 05:00:59 | 000,000,000 | ---D | C] -- C:\windows\System32\fi

[2012/08/13 05:00:59 | 000,000,000 | ---D | C] -- C:\windows\System32\es

[2012/08/13 05:00:59 | 000,000,000 | ---D | C] -- C:\windows\System32\da

[2012/08/13 05:00:58 | 000,000,000 | ---D | C] -- C:\windows\System32\el

[2012/08/13 05:00:58 | 000,000,000 | ---D | C] -- C:\windows\System32\de

[2012/08/13 05:00:58 | 000,000,000 | ---D | C] -- C:\windows\System32\cs

[2012/08/13 05:00:05 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek

[2012/08/13 04:35:09 | 000,000,000 | -HSD | C] -- C:\System Volume Information

[2012/08/13 04:34:15 | 000,000,000 | ---D | C] -- C:\windows\System32\Atheros_L1e

[2012/08/13 04:33:07 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics

[2012/08/13 04:29:53 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek WLAN Driver

[2012/08/13 04:28:32 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT

[2012/08/13 04:21:38 | 000,000,000 | ---D | C] -- C:\windows\System32\Lang

[2012/08/13 04:18:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager

[2012/08/13 04:16:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office Suite Activation Assistant

[2012/08/13 04:01:59 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

[2012/08/13 04:00:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER

[2012/08/13 04:00:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET

[2012/08/13 03:57:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help

[2012/08/13 03:57:35 | 000,000,000 | RH-D | C] -- C:\MSOCache

[2012/08/13 03:51:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office

[2012/08/13 03:51:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works

[2012/08/13 03:50:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works

[2012/08/13 03:50:28 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Local\TOSHIBA_Corporation

[2012/08/13 03:41:24 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Local\Toshiba

[2012/08/13 03:40:55 | 000,000,000 | ---D | C] -- C:\windows\SoftwareDistribution

[2012/08/13 03:40:21 | 000,000,000 | R--D | C] -- C:\Users\MK\Searches

[2012/08/13 03:40:21 | 000,000,000 | R--D | C] -- C:\Users\MK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

[2012/08/13 03:40:13 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Roaming\Identities

[2012/08/13 03:40:11 | 000,000,000 | -H-D | C] -- C:\Users\MK\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned

[2012/08/13 03:40:10 | 000,000,000 | R--D | C] -- C:\Users\MK\Contacts

[2012/08/13 03:39:16 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Roaming\WinBatch

[2012/08/13 03:38:31 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Local\VirtualStore

[2012/08/13 03:38:29 | 000,000,000 | -HSD | C] -- C:\Users\MK\AppData\Local\Temporary Internet Files

[2012/08/13 03:38:29 | 000,000,000 | -HSD | C] -- C:\Users\MK\Templates

[2012/08/13 03:38:29 | 000,000,000 | -HSD | C] -- C:\Users\MK\Start Menu

[2012/08/13 03:38:29 | 000,000,000 | -HSD | C] -- C:\Users\MK\SendTo

[2012/08/13 03:38:29 | 000,000,000 | -HSD | C] -- C:\Users\MK\Recent

[2012/08/13 03:38:29 | 000,000,000 | -HSD | C] -- C:\Users\MK\PrintHood

[2012/08/13 03:38:29 | 000,000,000 | -HSD | C] -- C:\Users\MK\NetHood

[2012/08/13 03:38:29 | 000,000,000 | -HSD | C] -- C:\Users\MK\Documents\My Videos

[2012/08/13 03:38:29 | 000,000,000 | -HSD | C] -- C:\Users\MK\Documents\My Pictures

[2012/08/13 03:38:29 | 000,000,000 | -HSD | C] -- C:\Users\MK\Documents\My Music

[2012/08/13 03:38:29 | 000,000,000 | -HSD | C] -- C:\Users\MK\My Documents

[2012/08/13 03:38:29 | 000,000,000 | -HSD | C] -- C:\Users\MK\Local Settings

[2012/08/13 03:38:29 | 000,000,000 | -HSD | C] -- C:\Users\MK\AppData\Local\History

[2012/08/13 03:38:29 | 000,000,000 | -HSD | C] -- C:\Users\MK\Cookies

[2012/08/13 03:38:29 | 000,000,000 | -HSD | C] -- C:\Users\MK\Application Data

[2012/08/13 03:38:29 | 000,000,000 | -HSD | C] -- C:\Users\MK\AppData\Local\Application Data

[2012/08/13 03:38:28 | 000,000,000 | --SD | C] -- C:\Users\MK\AppData\Roaming\Microsoft

[2012/08/13 03:38:28 | 000,000,000 | R--D | C] -- C:\Users\MK\Videos

[2012/08/13 03:38:28 | 000,000,000 | R--D | C] -- C:\Users\MK\Saved Games

[2012/08/13 03:38:28 | 000,000,000 | R--D | C] -- C:\Users\MK\Pictures

[2012/08/13 03:38:28 | 000,000,000 | R--D | C] -- C:\Users\MK\Music

[2012/08/13 03:38:28 | 000,000,000 | R--D | C] -- C:\Users\MK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

[2012/08/13 03:38:28 | 000,000,000 | R--D | C] -- C:\Users\MK\Links

[2012/08/13 03:38:28 | 000,000,000 | R--D | C] -- C:\Users\MK\Favorites

[2012/08/13 03:38:28 | 000,000,000 | R--D | C] -- C:\Users\MK\Downloads

[2012/08/13 03:38:28 | 000,000,000 | R--D | C] -- C:\Users\MK\Documents

[2012/08/13 03:38:28 | 000,000,000 | R--D | C] -- C:\Users\MK\Desktop

[2012/08/13 03:38:28 | 000,000,000 | R--D | C] -- C:\Users\MK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

[2012/08/13 03:38:28 | 000,000,000 | -H-D | C] -- C:\Users\MK\AppData

[2012/08/13 03:38:28 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Local\Temp

[2012/08/13 03:38:28 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Local\Microsoft

[2012/08/13 03:38:28 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Roaming\Media Center Programs

[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/20 20:22:04 | 001,192,950 | ---- | M] () -- C:\windows\System32\drivers\NIS\1008030.006\Cat.DB

[2012/08/20 20:15:42 | 000,015,568 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012/08/20 20:15:42 | 000,015,568 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012/08/20 20:14:44 | 000,615,360 | ---- | M] () -- C:\windows\System32\perfh009.dat

[2012/08/20 20:14:44 | 000,103,702 | ---- | M] () -- C:\windows\System32\perfc009.dat

[2012/08/20 20:06:25 | 000,000,882 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job

[2012/08/20 20:05:54 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat

[2012/08/20 20:05:44 | 2309,701,632 | -HS- | M] () -- C:\hiberfil.sys

[2012/08/18 17:29:24 | 000,000,017 | ---- | M] () -- C:\Users\MK\AppData\Local\resmon.resmoncfg

[2012/08/16 22:39:23 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job

[2012/08/16 22:31:00 | 000,000,886 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job

[2012/08/14 18:27:37 | 000,001,422 | ---- | M] () -- C:\Users\MK\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2012/08/14 18:18:21 | 000,002,425 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk

[2012/08/14 18:17:48 | 000,340,792 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT

[2012/08/14 17:16:05 | 000,072,822 | ---- | M] () -- C:\windows\System32\ieuinit.inf

[2012/08/14 16:39:06 | 000,467,592 | ---- | M] (Symantec Corporation) -- C:\windows\System32\drivers\NIS\1008030.006\cchpx86.sys

[2012/08/14 16:39:02 | 000,000,172 | ---- | M] () -- C:\windows\System32\drivers\NIS\1008030.006\isolate.ini

[2012/08/13 14:14:37 | 000,001,103 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2012/08/13 13:57:39 | 000,000,000 | ---- | M] () -- C:\Users\MK\AppData\Roaming\wklnhst.dat

[2012/08/13 13:55:25 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\windows\System32\drivers\SYMEVENT.SYS

[2012/08/13 13:55:25 | 000,007,456 | ---- | M] () -- C:\windows\System32\drivers\SYMEVENT.CAT

[2012/08/13 13:55:25 | 000,000,806 | ---- | M] () -- C:\windows\System32\drivers\SYMEVENT.INF

[2012/08/13 05:37:40 | 000,039,252 | ---- | M] () -- C:\windows\System32\license.rtf

[2012/08/13 05:34:34 | 000,000,000 | ---- | M] () -- C:\windows\NDSTray.INI

[2012/08/13 05:11:24 | 000,001,868 | ---- | M] () -- C:\Users\MK\Desktop\Web Camera Application.lnk

[2012/08/13 04:33:22 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_Kernel_SynTP_01007.Wdf

[2012/08/13 04:26:41 | 000,014,324 | ---- | M] () -- C:\windows\System32\results.xml

[2012/08/13 03:39:39 | 000,000,016 | RHS- | M] () -- C:\windows\System32\drivers\fbd.sys

[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/18 17:29:24 | 000,000,017 | ---- | C] () -- C:\Users\MK\AppData\Local\resmon.resmoncfg

[2012/08/14 17:16:05 | 000,072,822 | ---- | C] () -- C:\windows\System32\ieuinit.inf

[2012/08/14 16:56:20 | 000,002,048 | -HS- | C] () -- C:\Users\MK\AppData\Local\{c98d7325-c016-f43a-e8d3-ce0479a18302}\@

[2012/08/13 14:21:39 | 000,000,830 | ---- | C] () -- C:\windows\tasks\Adobe Flash Player Updater.job

[2012/08/13 14:16:49 | 000,000,886 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job

[2012/08/13 14:16:49 | 000,000,882 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job

[2012/08/13 14:14:37 | 000,001,115 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

[2012/08/13 14:14:37 | 000,001,103 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2012/08/13 14:11:27 | 000,001,422 | ---- | C] () -- C:\Users\MK\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2012/08/13 13:57:39 | 000,000,000 | ---- | C] () -- C:\Users\MK\AppData\Roaming\wklnhst.dat

[2012/08/13 13:56:16 | 000,007,456 | ---- | C] () -- C:\windows\System32\drivers\SYMEVENT.CAT

[2012/08/13 13:56:16 | 000,000,806 | ---- | C] () -- C:\windows\System32\drivers\SYMEVENT.INF

[2012/08/13 13:54:27 | 000,002,425 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk

[2012/08/13 05:34:34 | 000,000,000 | ---- | C] () -- C:\windows\NDSTray.INI

[2012/08/13 05:11:24 | 000,001,868 | ---- | C] () -- C:\Users\MK\Desktop\Web Camera Application.lnk

[2012/08/13 04:33:22 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_Kernel_SynTP_01007.Wdf

[2012/08/13 04:26:41 | 000,014,324 | ---- | C] () -- C:\windows\System32\results.xml

[2012/08/13 03:51:57 | 000,002,557 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk

[2012/08/13 03:51:20 | 000,001,116 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works Task Launcher.lnk

[2012/08/13 03:40:25 | 000,001,428 | ---- | C] () -- C:\Users\MK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

[2012/08/13 03:39:39 | 000,000,016 | RHS- | C] () -- C:\windows\System32\drivers\fbd.sys

[2012/08/13 03:38:29 | 000,000,290 | ---- | C] () -- C:\Users\MK\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk

[2012/08/13 03:38:29 | 000,000,272 | ---- | C] () -- C:\Users\MK\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

[2012/08/13 03:36:19 | 2309,701,632 | -HS- | C] () -- C:\hiberfil.sys

========== LOP Check ==========

[2012/08/17 19:21:40 | 000,000,000 | ---D | M] -- C:\Users\MK\AppData\Roaming\DAEMON Tools Lite

[2012/08/13 13:57:41 | 000,000,000 | ---D | M] -- C:\Users\MK\AppData\Roaming\Template

[2012/08/13 03:39:16 | 000,000,000 | ---D | M] -- C:\Users\MK\AppData\Roaming\WinBatch

[2009/07/13 23:53:46 | 000,006,618 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< \md5start >

< services* >

< explorer.exe >

< inlogon.exe >

< Userinit.exe >

< svchost.exe >

< qmgr.dll >

< /md5stop >

Invalid Switch: md5stop

< HKEY_LOCAL_MACHINE\SYSTEM\CyrrentControlSet\services\BITS /s >

< End of report >

extras:

OTL Extras logfile created on: 8/20/2012 8:16:55 PM - Run 1

OTL by OldTimer - Version 3.2.58.1 Folder = E:\

Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.87 Gb Total Physical Memory | 1.57 Gb Available Physical Memory | 54.57% Memory free

5.73 Gb Paging File | 4.65 Gb Available in Paging File | 81.12% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files

Drive C: | 223.48 Gb Total Space | 192.78 Gb Free Space | 86.26% Space Free | Partition Type: NTFS

Unable to calculate disk information.

Drive E: | 1.91 Gb Total Space | 0.56 Gb Free Space | 29.27% Space Free | Partition Type: FAT

Computer Name: MIKEKUBACKI-PC | User Name: MK | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3695806740-2193649233-1071243013-1000\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{03FD3466-59DA-471C-B0BB-410843D60F37}" = lport=2869 | protocol=6 | dir=in | app=system |

"{0B4FEA5F-6DB4-475A-B66B-79289EB5DE1E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{104255D2-DB68-4F36-8C2B-5E78546630D0}" = lport=138 | protocol=17 | dir=in | app=system |

"{1E5CE0E8-3FE5-4E8B-AE8B-6A77A62610C4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

"{39FA0F37-F358-4566-8692-1B7E7694DD08}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{3FD1C0D8-2007-4955-A519-2BB14E3F3099}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{464D4E83-F0D7-4E12-98A6-D208A627786E}" = lport=139 | protocol=6 | dir=in | app=system |

"{56F7D878-4F3E-434D-9858-353A700B9FFE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{79BCDE04-F036-4B1A-AC7E-491502A02824}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

"{82572DC9-800A-4CB5-8DD9-7FDCE1A2300A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{A67092D8-6B01-4A40-BA83-5E7275710BE2}" = lport=10243 | protocol=6 | dir=in | app=system |

"{AACBF90D-6B67-4877-B776-F6895D4E5689}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{B4A56C70-8DA5-4594-B5B0-A600BC6D8273}" = lport=2869 | protocol=6 | dir=in | app=system |

"{BC93F8F5-A637-4344-AD99-F4F6902595AE}" = lport=137 | protocol=17 | dir=in | app=system |

"{C0D78A44-7ABC-497F-9FC3-DE1BC375AF30}" = rport=137 | protocol=17 | dir=out | app=system |

"{C2D72784-E00F-4F5D-97B9-2798401994C7}" = rport=139 | protocol=6 | dir=out | app=system |

"{CCD8173D-B40F-4DED-A89A-19AB5335AF26}" = lport=445 | protocol=6 | dir=in | app=system |

"{DD8A5617-C044-47EC-937F-C47E19720602}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{E6816057-F1C7-44B9-884B-CDBD644AA668}" = rport=138 | protocol=17 | dir=out | app=system |

"{E90FC902-D0EA-4838-BD5C-FBEDB5199AA1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{F5FE54E6-5826-4649-B51E-E1D5C8BA8155}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{FEA2637B-E372-4BF3-AD1D-EBEB60F2F4FA}" = rport=445 | protocol=6 | dir=out | app=system |

"{FF8FCCFC-75F7-40C9-8B4C-E43D753C0B07}" = rport=10243 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0409BCE3-BDCA-495D-B07C-ED44238C19D2}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{182B5C47-D75C-42AA-8B12-5D7BC7550846}" = protocol=17 | dir=in | app=c:\program files\mcafee\common framework\frameworkservice.exe |

"{2E480A52-3899-4D6B-8FFD-C6E33AFA26E7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{2FF84771-C9BD-4811-93CF-AD4918D9814B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{39956AF8-BC2C-4529-A3AF-D87CABC5FB8A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{3B5BF05A-2BC7-4BE8-B5FA-F0FF98515556}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{52E7F006-7585-4932-AC6A-C08F5583F8E5}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |

"{6EDBE38D-FFDB-4F3F-AA44-AD773F123B75}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{7095217A-5269-40C8-A6B1-A42269D63BA3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{7D69EB7A-19AF-4679-848E-1BA6DB704E83}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{83F52846-3CA3-40FC-9B36-9ACAE5FC6A55}" = protocol=17 | dir=in | app=c:\program files\mcafee\common framework\frameworkservice.exe |

"{8E208127-CEB9-4331-9906-751E49F78BA5}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{8EC88F96-B542-4C26-A64C-906DD67D30A8}" = protocol=6 | dir=in | app=c:\program files\mcafee\common framework\frameworkservice.exe |

"{92AF6DA5-14EE-407D-992F-FFF0CADDA036}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{9C9E9C24-9E56-4FCC-8672-9A804BF20737}" = protocol=6 | dir=in | app=c:\program files\mcafee\common framework\frameworkservice.exe |

"{B8162213-CBB9-42CC-BFAB-05F512CF1330}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |

"{C6C60BE4-9386-49E5-8226-52EEBD6D5098}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{C94F9717-6559-4F3E-A15F-4EB4245F5C02}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{CB683C0B-7F3D-4787-88F1-B476D1B097D2}" = protocol=6 | dir=out | app=system |

"{D43E1C79-21EE-4DBA-936B-0DA9D4B57870}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{D663BD77-8621-4E85-90A2-C71868F640EF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{D8014A54-2874-462D-9563-17ED7AF88C00}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |

"{D9AFF639-E369-411E-9FCD-D1681D3C40DB}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{FBB301E2-F693-4AD1-9388-3C8BA4214879}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{FEC058E8-778A-4CC8-AF4E-5EEC54B60A37}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0

"{01250B8F-D947-4F8A-9408-FE8E3EE2EC92}" = MyToshiba

"{0AA15BEA-12D6-44FC-B3B2-C97B77AB6AF4}" = Toshiba DetectAC Utility

"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver

"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist

"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works

"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java 6 Update 14

"{2AAB21C2-4CDA-4189-A0EC-5ED666113F84}" = McAfee Agent

"{33ABEB66-85BB-43B2-9448-85CB626C5A5F}" = TOSHIBA Hardware Setup

"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform

"{3B843B38-04B1-4CE6-8888-586273E0F289}" = Quickbooks Financial Center

"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0

"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant

"{53536479-DFB0-47ED-9D10-43F3708C222D}" = TOSHIBA eco Utility

"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration

"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator

"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application

"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center

"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security

"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials

"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{94A90C69-71C1-470A-88F5-AA47ECC96B40}" = TOSHIBA HDD Protection

"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader

"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = Toshiba Application and Driver Installer

"{9AEAF9CC-390B-49C0-8F7F-14092BF163B6}" = NetZero Launcher

"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor

"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station

"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1

"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator

"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Toshiba Online Backup

"{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition

"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86

"{D2D8CB05-A9E1-4691-995C-2B78F4A58B8B}" = TOSHIBA Supervisor Password

"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert

"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery

"{DA84ECBF-4B79-47F2-B34C-95C38484C058}" = Skype Launcher

"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update

"{E487EE7D-EAAA-4E2A-9116-E3B477D8A74F}" = TOSHIBA USB Sleep and Charge Utility

"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant

"{E69992ED-A7F6-406C-9280-1C156417BC49}" = Toshiba Quality Application

"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F3529665-D75E-4D6D-98F0-745C78C68E9B}" = TOSHIBA ConfigFree

"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call

"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"CNXT_AUDIO" = Conexant HD Audio

"HDMI" = Intel® Graphics Media Accelerator Driver

"HOMESTUDENTR" = Microsoft Office Home and Student 2007

"InstallShield_{0AA15BEA-12D6-44FC-B3B2-C97B77AB6AF4}" = Toshiba DetectAC Utility

"InstallShield_{33ABEB66-85BB-43B2-9448-85CB626C5A5F}" = TOSHIBA Hardware Setup

"InstallShield_{53536479-DFB0-47ED-9D10-43F3708C222D}" = TOSHIBA eco Utility

"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center

"InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition

"InstallShield_{D2D8CB05-A9E1-4691-995C-2B78F4A58B8B}" = TOSHIBA Supervisor Password

"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert

"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package

"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"NIS" = Norton Internet Security

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"WildTangent toshiba Master Uninstall" = WildTangent Games

"WinLiveSuite_Wave3" = Windows Live Essentials

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 8/14/2012 3:14:10 AM | Computer Name = MikeKubacki-PC | Source = Application Error | ID = 1000

Description = Faulting application name: FlashPlayerPlugin_11_3_300_270.exe, version:

11.3.300.270, time stamp: 0x50198027 Faulting module name: NPSWF32_11_3_300_270.dll,

version: 11.3.300.270, time stamp: 0x5019828e Exception code: 0xc0000005 Fault offset:

0x0049110b Faulting process id: 0x14cc Faulting application start time: 0x01cd79ea34bf9aec

Faulting

application path: C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_270.exe

Faulting

module path: C:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll Report

Id: a3f7281f-e5df-11e1-87b4-00269e39842f

Error - 8/14/2012 3:15:46 AM | Computer Name = MikeKubacki-PC | Source = Application Hang | ID = 1002

Description = The program firefox.exe version 14.0.1.4577 stopped interacting with

Windows and was closed. To see if more information about the problem is available,

check the problem history in the Action Center control panel. Process ID: 1450 Start

Time: 01cd79ea226431ca Termination Time: 10251 Application Path: C:\Program Files\Mozilla

Firefox\firefox.exe Report Id: cf3b0afb-e5df-11e1-87b4-00269e39842f

Error - 8/14/2012 8:18:15 PM | Computer Name = MikeKubacki-PC | Source = RasClient | ID = 20227

Description =

Error - 8/14/2012 8:18:48 PM | Computer Name = MikeKubacki-PC | Source = RasClient | ID = 20227

Description =

Error - 8/14/2012 8:18:48 PM | Computer Name = MikeKubacki-PC | Source = RasClient | ID = 20227

Description =

Error - 8/15/2012 10:38:14 AM | Computer Name = MikeKubacki-PC | Source = Application Error | ID = 1000

Description = Faulting application name: FlashPlayerPlugin_11_3_300_271.exe, version:

11.3.300.271, time stamp: 0x5026ffac Faulting module name: NPSWF32_11_3_300_271.dll,

version: 11.3.300.271, time stamp: 0x502701bf Exception code: 0xc0000005 Fault offset:

0x003159e3 Faulting process id: 0xbdc Faulting application start time: 0x01cd7af345699155

Faulting

application path: C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe

Faulting

module path: C:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll Report

Id: d7f82a37-e6e6-11e1-a4c4-00269e39842f

Error - 8/16/2012 11:30:12 PM | Computer Name = MikeKubacki-PC | Source = VSS | ID = 8194

Description =

[ System Events ]

Error - 8/16/2012 11:57:20 PM | Computer Name = MikeKubacki-PC | Source = ACPI | ID = 327693

Description = : The embedded controller (EC) did not respond within the specified

timeout period. This may indicate that there is an error in the EC hardware or

firmware or that the BIOS is accessing the EC incorrectly. You should check with

your computer manufacturer for an upgraded BIOS. In some situations, this error

may cause the computer to function incorrectly.

Error - 8/16/2012 11:57:25 PM | Computer Name = MikeKubacki-PC | Source = ACPI | ID = 327693

Description = : The embedded controller (EC) did not respond within the specified

timeout period. This may indicate that there is an error in the EC hardware or

firmware or that the BIOS is accessing the EC incorrectly. You should check with

your computer manufacturer for an upgraded BIOS. In some situations, this error

may cause the computer to function incorrectly.

Error - 8/16/2012 11:57:30 PM | Computer Name = MikeKubacki-PC | Source = ACPI | ID = 327693

Description = : The embedded controller (EC) did not respond within the specified

timeout period. This may indicate that there is an error in the EC hardware or

firmware or that the BIOS is accessing the EC incorrectly. You should check with

your computer manufacturer for an upgraded BIOS. In some situations, this error

may cause the computer to function incorrectly.

Error - 8/16/2012 11:57:35 PM | Computer Name = MikeKubacki-PC | Source = ACPI | ID = 327693

Description = : The embedded controller (EC) did not respond within the specified

timeout period. This may indicate that there is an error in the EC hardware or

firmware or that the BIOS is accessing the EC incorrectly. You should check with

your computer manufacturer for an upgraded BIOS. In some situations, this error

may cause the computer to function incorrectly.

Error - 8/16/2012 11:57:40 PM | Computer Name = MikeKubacki-PC | Source = ACPI | ID = 327693

Description = : The embedded controller (EC) did not respond within the specified

timeout period. This may indicate that there is an error in the EC hardware or

firmware or that the BIOS is accessing the EC incorrectly. You should check with

your computer manufacturer for an upgraded BIOS. In some situations, this error

may cause the computer to function incorrectly.

Error - 8/17/2012 12:01:57 AM | Computer Name = MikeKubacki-PC | Source = Service Control Manager | ID = 7011

Description = A timeout (30000 milliseconds) was reached while waiting for a transaction

response from the SysMain service.

Error - 8/17/2012 12:47:00 AM | Computer Name = MikeKubacki-PC | Source = Server | ID = 2505

Description = The server could not bind to the transport \Device\NetBT_Tcpip_{14943268-BEDC-4B9F-8BC4-8780D99C3D73}

because another computer on the network has the same name. The server could not

start.

Error - 8/17/2012 12:47:06 AM | Computer Name = MikeKubacki-PC | Source = Server | ID = 2505

Description = The server could not bind to the transport \Device\NetBT_Tcpip_{14943268-BEDC-4B9F-8BC4-8780D99C3D73}

because another computer on the network has the same name. The server could not

start.

Error - 8/17/2012 1:55:01 AM | Computer Name = MikeKubacki-PC | Source = Service Control Manager | ID = 7011

Description = A timeout (30000 milliseconds) was reached while waiting for a transaction

response from the ShellHWDetection service.

Error - 8/17/2012 6:13:15 PM | Computer Name = MikeKubacki-PC | Source = Service Control Manager | ID = 7011

Description = A timeout (30000 milliseconds) was reached while waiting for a transaction

response from the ShellHWDetection service.

< End of report >

[mjudokick]

TDSKiller:

20:10:22.0311 3792 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05

20:10:24.0202 3792 ============================================================

20:10:24.0202 3792 Current date / time: 2012/08/20 20:10:24.0202

20:10:24.0202 3792 SystemInfo:

20:10:24.0202 3792

20:10:24.0203 3792 OS Version: 6.1.7600 ServicePack: 0.0

20:10:24.0203 3792 Product type: Workstation

20:10:24.0203 3792 ComputerName: MK-PC

20:10:24.0203 3792 UserName: MK

20:10:24.0204 3792 Windows directory: C:\windows

20:10:24.0204 3792 System windows directory: C:\windows

20:10:24.0204 3792 Processor architecture: Intel x86

20:10:24.0204 3792 Number of processors: 1

20:10:24.0204 3792 Page size: 0x1000

20:10:24.0204 3792 Boot type: Normal boot

20:10:24.0204 3792 ============================================================

20:10:25.0298 3792 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

20:10:25.0298 3792 Drive \Device\Harddisk1\DR2 - Size: 0x7A1D2200 (1.91 Gb), SectorSize: 0x200, Cylinders: 0xF9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

20:10:25.0298 3792 ============================================================

20:10:25.0298 3792 \Device\Harddisk0\DR0:

20:10:25.0298 3792 MBR partitions:

20:10:25.0298 3792 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1BEF7800

20:10:25.0298 3792 \Device\Harddisk1\DR2:

20:10:25.0298 3792 MBR partitions:

20:10:25.0298 3792 \Device\Harddisk1\DR2\Partition1: MBR, Type 0x6, StartLBA 0xF5, BlocksNum 0x3D070B

20:10:25.0298 3792 ============================================================

20:10:25.0376 3792 C: <-> \Device\Harddisk0\DR0\Partition1

20:10:25.0376 3792 ============================================================

20:10:25.0376 3792 Initialize success

20:10:25.0376 3792 ============================================================

20:10:36.0596 5384 ============================================================

20:10:36.0596 5384 Scan started

20:10:36.0596 5384 Mode: Manual; SigCheck; TDLFS;

20:10:36.0596 5384 ============================================================

20:10:40.0683 5384 ================ Scan services =============================

20:10:41.0400 5384 [ 6d2aca41739bfe8cb86ee8e85f29697d ] 1394ohci C:\windows\system32\DRIVERS\1394ohci.sys

20:10:41.0525 5384 1394ohci - ok

20:10:41.0603 5384 [ f0e07d144c8685b8774bc32fc8da4df0 ] ACPI C:\windows\system32\DRIVERS\ACPI.sys

20:10:41.0634 5384 ACPI - ok

20:10:41.0666 5384 [ 98d81ca942d19f7d9153b095162ac013 ] AcpiPmi C:\windows\system32\DRIVERS\acpipmi.sys

20:10:41.0744 5384 AcpiPmi - ok

20:10:41.0978 5384 [ a9d3b95e8466bd58eeb8a1154654e162 ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

20:10:42.0024 5384 AdobeFlashPlayerUpdateSvc - ok

20:10:42.0165 5384 [ 21e785ebd7dc90a06391141aac7892fb ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys

20:10:42.0196 5384 adp94xx - ok

20:10:42.0227 5384 [ 0c676bc278d5b59ff5abd57bbe9123f2 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys

20:10:42.0258 5384 adpahci - ok

20:10:42.0321 5384 [ 7c7b5ee4b7b822ec85321fe23a27db33 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys

20:10:42.0352 5384 adpu320 - ok

20:10:42.0399 5384 [ 8b5eefeec1e6d1a72a06c526628ad161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll

20:10:42.0446 5384 AeLookupSvc - ok

20:10:42.0602 5384 [ 0db7a48388d54d154ebec120461a0fcd ] AFD C:\windows\system32\drivers\afd.sys

20:10:42.0664 5384 AFD - ok

20:10:42.0711 5384 [ 507812c3054c21cef746b6ee3d04dd6e ] agp440 C:\windows\system32\DRIVERS\agp440.sys

20:10:42.0742 5384 agp440 - ok

20:10:42.0789 5384 [ 8b30250d573a8f6b4bd23195160d8707 ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys

20:10:42.0820 5384 aic78xx - ok

20:10:42.0914 5384 [ 18a54e132947cd98fea9accc57f98f13 ] ALG C:\windows\System32\alg.exe

20:10:42.0961 5384 ALG - ok

20:10:43.0039 5384 [ 0d40bcf52ea90fc7df2aeab6503dea44 ] aliide C:\windows\system32\DRIVERS\aliide.sys

20:10:43.0070 5384 aliide - ok

20:10:43.0085 5384 [ 3c6600a0696e90a463771c7422e23ab5 ] amdagp C:\windows\system32\DRIVERS\amdagp.sys

20:10:43.0117 5384 amdagp - ok

20:10:43.0195 5384 [ cd5914170297126b6266860198d1d4f0 ] amdide C:\windows\system32\DRIVERS\amdide.sys

20:10:43.0210 5384 amdide - ok

20:10:43.0257 5384 [ 00dda200d71bac534bf56a9db5dfd666 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys

20:10:43.0288 5384 AmdK8 - ok

20:10:43.0304 5384 [ 3cbf30f5370fda40dd3e87df38ea53b6 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys

20:10:43.0351 5384 AmdPPM - ok

20:10:43.0429 5384 [ 2101a86c25c154f8314b24ef49d7fbc2 ] amdsata C:\windows\system32\DRIVERS\amdsata.sys

20:10:43.0444 5384 amdsata - ok

20:10:43.0507 5384 [ ea43af0c423ff267355f74e7a53bdaba ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys

20:10:43.0538 5384 amdsbs - ok

20:10:43.0569 5384 [ b81c2b5616f6420a9941ea093a92b150 ] amdxata C:\windows\system32\DRIVERS\amdxata.sys

20:10:43.0600 5384 amdxata - ok

20:10:43.0663 5384 [ feb834c02ce1e84b6a38f953ca067706 ] AppID C:\windows\system32\drivers\appid.sys

20:10:43.0709 5384 AppID - ok

20:10:43.0741 5384 [ 62a9c86cb6085e20db4823e4e97826f5 ] AppIDSvc C:\windows\System32\appidsvc.dll

20:10:43.0850 5384 AppIDSvc - ok

20:10:43.0928 5384 [ 7dead9e3f65dcb2794f2711003bbf650 ] Appinfo C:\windows\System32\appinfo.dll

20:10:43.0975 5384 Appinfo - ok

20:10:44.0037 5384 [ 2932004f49677bd84dbc72edb754ffb3 ] arc C:\windows\system32\DRIVERS\arc.sys

20:10:44.0068 5384 arc - ok

20:10:44.0084 5384 [ 5d6f36c46fd283ae1b57bd2e9feb0bc7 ] arcsas C:\windows\system32\DRIVERS\arcsas.sys

20:10:44.0099 5384 arcsas - ok

20:10:44.0131 5384 [ add2ade1c2b285ab8378d2daaf991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys

20:10:44.0209 5384 AsyncMac - ok

20:10:44.0271 5384 [ 338c86357871c167a96ab976519bf59e ] atapi C:\windows\system32\DRIVERS\atapi.sys

20:10:44.0287 5384 atapi - ok

20:10:44.0380 5384 [ 510c873bfa135aa829f4180352772734 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll

20:10:44.0474 5384 AudioEndpointBuilder - ok

20:10:44.0536 5384 [ 510c873bfa135aa829f4180352772734 ] Audiosrv C:\windows\System32\Audiosrv.dll

20:10:44.0599 5384 Audiosrv - ok

20:10:44.0677 5384 [ dd6a431b43e34b91a767d1ce33728175 ] AxInstSV C:\windows\System32\AxInstSV.dll

20:10:44.0755 5384 AxInstSV - ok

20:10:44.0833 5384 [ 1a231abec60fd316ec54c66715543cec ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys

20:10:44.0879 5384 b06bdrv - ok

20:10:44.0942 5384 [ bd8869eb9cde6bbe4508d869929869ee ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys

20:10:44.0973 5384 b57nd60x - ok

20:10:45.0035 5384 [ ee1e9c3bb8228ae423dd38db69128e71 ] BDESVC C:\windows\System32\bdesvc.dll

20:10:45.0082 5384 BDESVC - ok

20:10:45.0145 5384 [ 505506526a9d467307b3c393dedaf858 ] Beep C:\windows\system32\drivers\Beep.sys

20:10:45.0223 5384 Beep - ok

20:10:45.0347 5384 [ 85ac71c045ceb054ed48a7841aae0c11 ] BFE C:\windows\System32\bfe.dll

20:10:45.0410 5384 BFE - ok

20:10:45.0550 5384 [ 76154fa6a742c613b44bb636b1a7c057 ] BHDrvx86 C:\windows\System32\Drivers\NIS\1008030.006\BHDrvx86.sys

20:10:45.0581 5384 BHDrvx86 - ok

20:10:45.0659 5384 [ 53f476476f55a27f580661bde09c4ec4 ] BITS C:\windows\System32\qmgr.dll

20:10:45.0753 5384 BITS - ok

20:10:45.0784 5384 [ 2287078ed48fcfc477b05b20cf38f36f ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys

20:10:45.0831 5384 blbdrive - ok

20:10:45.0878 5384 [ 9a5c671b7fbae4865149bb11f59b91b2 ] bowser C:\windows\system32\DRIVERS\bowser.sys

20:10:45.0925 5384 bowser - ok

20:10:45.0956 5384 [ 9f9acc7f7ccde8a15c282d3f88b43309 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys

20:10:46.0003 5384 BrFiltLo - ok

20:10:46.0018 5384 [ 56801ad62213a41f6497f96dee83755a ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys

20:10:46.0049 5384 BrFiltUp - ok

20:10:46.0081 5384 [ a0e691dc6589d4d2cbe373171d1a49e5 ] Browser C:\windows\System32\browser.dll

20:10:46.0143 5384 Browser - ok

20:10:46.0190 5384 [ 845b8ce732e67f3b4133164868c666ea ] Brserid C:\windows\System32\Drivers\Brserid.sys

20:10:46.0237 5384 Brserid - ok

20:10:46.0237 5384 [ 203f0b1e73adadbbb7b7b1fabd901f6b ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys

20:10:46.0268 5384 BrSerWdm - ok

20:10:46.0283 5384 [ bd456606156ba17e60a04e18016ae54b ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys

20:10:46.0315 5384 BrUsbMdm - ok

20:10:46.0361 5384 [ af72ed54503f717a43268b3cc5faec2e ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys

20:10:46.0408 5384 BrUsbSer - ok

20:10:46.0424 5384 [ ed3df7c56ce0084eb2034432fc56565a ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys

20:10:46.0471 5384 BTHMODEM - ok

20:10:46.0549 5384 [ 1df19c96eef6c29d1c3e1a8678e07190 ] bthserv C:\windows\system32\bthserv.dll

20:10:46.0611 5384 bthserv - ok

20:10:46.0705 5384 [ 3182b846490dc4d71fabd4a8cb6b73ea ] ccHP C:\windows\System32\Drivers\NIS\1008030.006\ccHPx86.sys

20:10:46.0720 5384 ccHP - ok

20:10:46.0783 5384 [ 77ea11b065e0a8ab902d78145ca51e10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys

20:10:46.0845 5384 cdfs - ok

20:10:46.0923 5384 [ ba6e70aa0e6091bc39de29477d866a77 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys

20:10:46.0954 5384 cdrom - ok

20:10:47.0032 5384 [ 628a9e30ec5e18dd5de6be4dbdc12198 ] CertPropSvc C:\windows\System32\certprop.dll

20:10:47.0110 5384 CertPropSvc - ok

20:10:47.0282 5384 [ 1f8a319d29394f9ce1b7ae020df2ebbf ] cfWiMAXService C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe

20:10:47.0313 5384 cfWiMAXService - ok

20:10:47.0360 5384 [ 3fe3fe94a34df6fb06e6418d0f6a0060 ] circlass C:\windows\system32\DRIVERS\circlass.sys

20:10:47.0422 5384 circlass - ok

20:10:47.0469 5384 [ 635181e0e9bbf16871bf5380d71db02d ] CLFS C:\windows\system32\CLFS.sys

20:10:47.0500 5384 CLFS - ok

20:10:47.0719 5384 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

20:10:47.0750 5384 clr_optimization_v2.0.50727_32 - ok

20:10:47.0781 5384 [ dea805815e587dad1dd2c502220b5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys

20:10:47.0812 5384 CmBatt - ok

20:10:47.0812 5384 [ c537b1db64d495b9b4717b4d6d9edbf2 ] cmdide C:\windows\system32\DRIVERS\cmdide.sys

20:10:47.0843 5384 cmdide - ok

20:10:47.0906 5384 [ db5e008b3744dd60c8498cbbf2a1cfa6 ] CNG C:\windows\system32\Drivers\cng.sys

20:10:47.0937 5384 CNG - ok

20:10:48.0046 5384 [ 5bcbaf10f36b46dd5ed4fbbbdb9efe58 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT32.sys

20:10:48.0124 5384 CnxtHdAudService - ok

20:10:48.0171 5384 [ a6023d3823c37043986713f118a89bee ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys

20:10:48.0202 5384 Compbatt - ok

20:10:48.0249 5384 [ f1724ba27e97d627f808fb0ba77a28a6 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys

20:10:48.0296 5384 CompositeBus - ok

20:10:48.0343 5384 COMSysApp - ok

20:10:48.0389 5384 [ cab0eeaf5295fc96ddd3e19dce27e131 ] ConfigFree Service C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

20:10:48.0421 5384 ConfigFree Service - ok

20:10:48.0452 5384 [ 2c4ebcfc84a9b44f209dff6c6e6c61d1 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys

20:10:48.0483 5384 crcdisk - ok

20:10:48.0561 5384 [ 520a108a2657f4bca7fced9ca7d885de ] CryptSvc C:\windows\system32\cryptsvc.dll

20:10:48.0608 5384 CryptSvc - ok

20:10:48.0655 5384 [ b82cd39e336973359d7c9bf911e8e84f ] DcomLaunch C:\windows\system32\rpcss.dll

20:10:48.0733 5384 DcomLaunch - ok

20:10:48.0811 5384 [ 8d6e10a2d9a5eed59562d9b82cf804e1 ] defragsvc C:\windows\System32\defragsvc.dll

20:10:48.0889 5384 defragsvc - ok

20:10:48.0951 5384 [ 83d1ecea8faae75604c0fa49ac7ad996 ] DfsC C:\windows\system32\Drivers\dfsc.sys

20:10:49.0013 5384 DfsC - ok

20:10:49.0107 5384 [ c56495fbd770712367cad35e5de72da6 ] Dhcp C:\windows\system32\dhcpcore.dll

20:10:49.0169 5384 Dhcp - ok

20:10:49.0201 5384 [ 1a050b0274bfb3890703d490f330c0da ] discache C:\windows\system32\drivers\discache.sys

20:10:49.0279 5384 discache - ok

20:10:49.0357 5384 [ 565003f326f99802e68ca78f2a68e9ff ] Disk C:\windows\system32\DRIVERS\disk.sys

20:10:49.0372 5384 Disk - ok

20:10:49.0419 5384 [ b15be77a2bacf9c3177d27518afe26a9 ] Dnscache C:\windows\System32\dnsrslvr.dll

20:10:49.0466 5384 Dnscache - ok

20:10:49.0513 5384 [ 4408c85c21eea48eb0ce486baeef0502 ] dot3svc C:\windows\System32\dot3svc.dll

20:10:49.0575 5384 dot3svc - ok

20:10:49.0669 5384 [ 7fa81c6e11caa594adb52084da73a1e5 ] DPS C:\windows\system32\dps.dll

20:10:49.0747 5384 DPS - ok

20:10:49.0793 5384 [ b918e7c5f9bf77202f89e1a9539f2eb4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys

20:10:49.0840 5384 drmkaud - ok

20:10:49.0934 5384 [ 1679a4669326cb1a67cc95658d273234 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys

20:10:49.0965 5384 DXGKrnl - ok

20:10:50.0012 5384 [ 8600142fa91c1b96367d3300ad0f3f3a ] EapHost C:\windows\System32\eapsvc.dll

20:10:50.0074 5384 EapHost - ok

20:10:50.0215 5384 [ 024e1b5cac09731e4d868e64dbfb4ab0 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys

20:10:50.0355 5384 ebdrv - ok

20:10:50.0495 5384 [ 85b8b4032a895a746d46a288a9b30ded ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

20:10:50.0527 5384 eeCtrl - ok

20:10:50.0558 5384 [ c2243ff9e9aad0c30e8b1a0914da15b6 ] EFS C:\windows\System32\lsass.exe

20:10:50.0620 5384 EFS - ok

20:10:50.0792 5384 [ 1697c39978cd69f6fbc15302edcece1f ] ehRecvr C:\windows\ehome\ehRecvr.exe

20:10:50.0839 5384 ehRecvr - ok

20:10:50.0901 5384 [ d389bff34f80caede417bf9d1507996a ] ehSched C:\windows\ehome\ehsched.exe

20:10:50.0932 5384 ehSched - ok

20:10:51.0026 5384 [ 0ed67910c8c326796faa00b2bf6d9d3c ] elxstor C:\windows\system32\DRIVERS\elxstor.sys

20:10:51.0057 5384 elxstor - ok

20:10:51.0135 5384 [ b5a8a04a6e5b4e86b95b1553aa918f5f ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

20:10:51.0151 5384 EraserUtilRebootDrv - ok

20:10:51.0166 5384 [ 8fc3208352dd3912c94367a206ab3f11 ] ErrDev C:\windows\system32\DRIVERS\errdev.sys

20:10:51.0213 5384 ErrDev - ok

20:10:51.0291 5384 [ f6916efc29d9953d5d0df06882ae8e16 ] EventSystem C:\windows\system32\es.dll

20:10:51.0369 5384 EventSystem - ok

20:10:51.0400 5384 [ 2dc9108d74081149cc8b651d3a26207f ] exfat C:\windows\system32\drivers\exfat.sys

20:10:51.0447 5384 exfat - ok

20:10:51.0463 5384 [ 7e0ab74553476622fb6ae36f73d97d35 ] fastfat C:\windows\system32\drivers\fastfat.sys

20:10:51.0509 5384 fastfat - ok

20:10:51.0587 5384 [ f7ea23cc5e6bf2181f3f399d54f6efc1 ] Fax C:\windows\system32\fxssvc.exe

20:10:51.0634 5384 Fax - ok

20:10:51.0665 5384 [ e817a017f82df2a1f8cfdbda29388b29 ] fdc C:\windows\system32\DRIVERS\fdc.sys

20:10:51.0712 5384 fdc - ok

20:10:51.0775 5384 [ f3222c893bd2f5821a0179e5c71e88fb ] fdPHost C:\windows\system32\fdPHost.dll

20:10:51.0837 5384 fdPHost - ok

20:10:51.0868 5384 [ 7dbe8cbfe79efbdeb98c9fb08d3a9a5b ] FDResPub C:\windows\system32\fdrespub.dll

20:10:51.0915 5384 FDResPub - ok

20:10:51.0962 5384 [ 6cf00369c97f3cf563be99be983d13d8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys

20:10:51.0977 5384 FileInfo - ok

20:10:52.0009 5384 [ 42c51dc94c91da21cb9196eb64c45db9 ] Filetrace C:\windows\system32\drivers\filetrace.sys

20:10:52.0055 5384 Filetrace - ok

20:10:52.0071 5384 [ 87907aa70cb3c56600f1c2fb8841579b ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys

20:10:52.0102 5384 flpydisk - ok

20:10:52.0180 5384 [ 7520ec808e0c35e0ee6f841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys

20:10:52.0211 5384 FltMgr - ok

20:10:52.0274 5384 [ 7fe4995528a7529a761875151ee3d512 ] FontCache C:\windows\system32\FntCache.dll

20:10:52.0321 5384 FontCache - ok

20:10:52.0399 5384 [ e56f39f6b7fda0ac77a79b0fd3de1a2f ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

20:10:52.0430 5384 FontCache3.0.0.0 - ok

20:10:52.0461 5384 [ 1a16b57943853e598cff37fe2b8cbf1d ] FsDepends C:\windows\system32\drivers\FsDepends.sys

20:10:52.0492 5384 FsDepends - ok

20:10:52.0539 5384 [ 500a9814fd9446a8126858a5a7f7d273 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys

20:10:52.0555 5384 Fs_Rec - ok

20:10:52.0617 5384 [ dafbd9fe39197495aed6d51f3b85b5d2 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys

20:10:52.0664 5384 fvevol - ok

20:10:52.0742 5384 [ 65ee0c7a58b65e74ae05637418153938 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys

20:10:52.0773 5384 gagp30kx - ok

20:10:52.0867 5384 [ c44d560e441f091ea3b72f778ec60de2 ] GameConsoleService C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe

20:10:52.0913 5384 GameConsoleService - ok

20:10:52.0960 5384 [ 8ba3c04702bf8f927ab36ae8313ca4ee ] gpsvc C:\windows\System32\gpsvc.dll

20:10:53.0007 5384 gpsvc - ok

20:10:53.0101 5384 [ 8f0de4fef8201e306f9938b0905ac96a ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe

20:10:53.0132 5384 gupdate - ok

20:10:53.0179 5384 [ 8f0de4fef8201e306f9938b0905ac96a ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe

20:10:53.0194 5384 gupdatem - ok

20:10:53.0303 5384 [ 5d4bc124faae6730ac002cdb67bf1a1c ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

20:10:53.0319 5384 gusvc - ok

20:10:53.0366 5384 [ c44e3c2bab6837db337ddee7544736db ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys

20:10:53.0413 5384 hcw85cir - ok

20:10:53.0475 5384 [ 3530cad25deba7dc7de8bb51632cbc5f ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys

20:10:53.0537 5384 HdAudAddService - ok

20:10:53.0584 5384 [ 717a2207fd6f13ad3e664c7d5a43c7bf ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys

20:10:53.0631 5384 HDAudBus - ok

20:10:53.0647 5384 [ 1d58a7f3e11a9731d0eaaaa8405acc36 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys

20:10:53.0678 5384 HidBatt - ok

20:10:53.0693 5384 [ 89448f40e6df260c206a193a4683ba78 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys

20:10:53.0725 5384 HidBth - ok

20:10:53.0787 5384 [ cf50b4cf4a4f229b9f3c08351f99ca5e ] HidIr C:\windows\system32\DRIVERS\hidir.sys

20:10:53.0865 5384 HidIr - ok

20:10:53.0896 5384 [ 2bc6f6a1992b3a77f5f41432ca6b3b6b ] hidserv C:\windows\system32\hidserv.dll

20:10:53.0974 5384 hidserv - ok

20:10:54.0052 5384 [ 25072fb35ac90b25f9e4e3bacf774102 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys

20:10:54.0083 5384 HidUsb - ok

20:10:54.0115 5384 [ 741c2a45ca8407e374aaba3e330b7872 ] hkmsvc C:\windows\system32\kmsvc.dll

20:10:54.0193 5384 hkmsvc - ok

20:10:54.0255 5384 [ a768ca158bb06782a2835b907f4873c3 ] HomeGroupListener C:\windows\system32\ListSvc.dll

20:10:54.0302 5384 HomeGroupListener - ok

20:10:54.0349 5384 [ fb08dec5ef43d0c66d83b8e9694e7549 ] HomeGroupProvider C:\windows\system32\provsvc.dll

20:10:54.0395 5384 HomeGroupProvider - ok

20:10:54.0473 5384 [ 295fdc419039090eb8b49ffdbb374549 ] HpSAMD C:\windows\system32\DRIVERS\HpSAMD.sys

20:10:54.0520 5384 HpSAMD - ok

20:10:54.0551 5384 [ c531c7fd9e8b62021112787c4e2c5a5a ] HTTP C:\windows\system32\drivers\HTTP.sys

20:10:54.0661 5384 HTTP - ok

20:10:54.0676 5384 [ 8305f33cde89ad6c7a0763ed0b5a8d42 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys

20:10:54.0692 5384 hwpolicy - ok

20:10:54.0770 5384 [ f151f0bdc47f4a28b1b20a0818ea36d6 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys

20:10:54.0801 5384 i8042prt - ok

20:10:54.0895 5384 [ d483687eace0c065ee772481a96e05f5 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys

20:10:54.0926 5384 iaStor - ok

20:10:54.0988 5384 [ 934af4d7c5f457b9f0743f4299b77b67 ] iaStorV C:\windows\system32\DRIVERS\iaStorV.sys

20:10:55.0019 5384 iaStorV - ok

20:10:55.0129 5384 [ 1cf03c69b49acb70c722df92755c0c8c ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

20:10:55.0160 5384 IDriverT ( UnsignedFile.Multi.Generic ) - warning

20:10:55.0160 5384 IDriverT - detected UnsignedFile.Multi.Generic (1)

20:10:55.0238 5384 [ 5af815eb5bc9802e5a064e2ba62bfc0c ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

20:10:55.0285 5384 idsvc - ok

20:10:55.0628 5384 [ 6262c22a913bd255a0795d070b82aa47 ] IDSVix86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20120815.002\IDSvix86.sys

20:10:55.0659 5384 IDSVix86 - ok

20:10:56.0143 5384 [ 315aaaa2bc9bc778adc0454b3ca8dcce ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys

20:10:56.0392 5384 igfx - ok

20:10:56.0455 5384 [ 4173ff5708f3236cf25195fecd742915 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys

20:10:56.0501 5384 iirsp - ok

20:10:56.0564 5384 [ fac0ee6562b121b1399d6e855583f7a5 ] IKEEXT C:\windows\System32\ikeext.dll

20:10:56.0626 5384 IKEEXT - ok

20:10:56.0704 5384 [ 264632ade8127b7baa2190cf6fad435b ] IntcHdmiAddService C:\windows\system32\drivers\IntcHdmi.sys

20:10:56.0751 5384 IntcHdmiAddService - ok

20:10:56.0798 5384 [ a0f12f2c9ba6c72f3987ce780e77c130 ] intelide C:\windows\system32\DRIVERS\intelide.sys

20:10:56.0845 5384 intelide - ok

20:10:56.0876 5384 [ 3b514d27bfc4accb4037bc6685f766e0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys

20:10:56.0891 5384 intelppm - ok

20:10:56.0954 5384 [ acb364b9075a45c0736e5c47be5cae19 ] IPBusEnum C:\windows\system32\ipbusenum.dll

20:10:57.0047 5384 IPBusEnum - ok

20:10:57.0094 5384 [ 709d1761d3b19a932ff0238ea6d50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys

20:10:57.0172 5384 IpFilterDriver - ok

20:10:57.0250 5384 [ 477397b432a256a50ee7e4339eb9ea14 ] iphlpsvc C:\windows\System32\iphlpsvc.dll

20:10:57.0328 5384 iphlpsvc - ok

20:10:57.0359 5384 [ e4454b6c37d7ffd5649611f6496308a7 ] IPMIDRV C:\windows\system32\DRIVERS\IPMIDrv.sys

20:10:57.0375 5384 IPMIDRV - ok

20:10:57.0391 5384 [ a5fa468d67abcdaa36264e463a7bb0cd ] IPNAT C:\windows\system32\drivers\ipnat.sys

20:10:57.0469 5384 IPNAT - ok

20:10:57.0531 5384 [ 42996cff20a3084a56017b7902307e9f ] IRENUM C:\windows\system32\drivers\irenum.sys

20:10:57.0562 5384 IRENUM - ok

20:10:57.0578 5384 [ 1f32bb6b38f62f7df1a7ab7292638a35 ] isapnp C:\windows\system32\DRIVERS\isapnp.sys

20:10:57.0609 5384 isapnp - ok

20:10:57.0640 5384 [ ed46c223ae46c6866ab77cdc41c404b7 ] iScsiPrt C:\windows\system32\DRIVERS\msiscsi.sys

20:10:57.0671 5384 iScsiPrt - ok

20:10:57.0781 5384 [ adef52ca1aeae82b50df86b56413107e ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys

20:10:57.0812 5384 kbdclass - ok

20:10:57.0874 5384 [ 3d9f0ebf350edcfd6498057301455964 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys

20:10:57.0937 5384 kbdhid - ok

20:10:57.0983 5384 [ c2243ff9e9aad0c30e8b1a0914da15b6 ] KeyIso C:\windows\system32\lsass.exe

20:10:57.0999 5384 KeyIso - ok

20:10:58.0046 5384 [ 52fc17c8589f11747d01d3cf592673d0 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys

20:10:58.0093 5384 KSecDD - ok

20:10:58.0155 5384 [ 3e5474b03568cfab834da3c38e8c9efa ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys

20:10:58.0186 5384 KSecPkg - ok

20:10:58.0233 5384 [ 89a7b9cc98d0d80c6f31b91c0a310fcd ] KtmRm C:\windows\system32\msdtckrm.dll

20:10:58.0327 5384 KtmRm - ok

20:10:58.0389 5384 [ a158cea8644b8a5c1ec0e9a81b70f65a ] L1C C:\windows\system32\DRIVERS\L1C62x86.sys

20:10:58.0451 5384 L1C - ok

20:10:58.0529 5384 [ 8f6bf790d3168224c16f2af68a84438c ] LanmanServer C:\windows\system32\srvsvc.dll

20:10:58.0561 5384 LanmanServer - ok

20:10:58.0607 5384 [ b9891f885dcf1f0513a51cb58493cb1f ] LanmanWorkstation C:\windows\System32\wkssvc.dll

20:10:58.0670 5384 LanmanWorkstation - ok

20:10:58.0748 5384 [ f7611ec07349979da9b0ae1f18ccc7a6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys

20:10:58.0826 5384 lltdio - ok

20:10:58.0873 5384 [ 5700673e13a2117fa3b9020c852c01e2 ] lltdsvc C:\windows\System32\lltdsvc.dll

20:10:58.0935 5384 lltdsvc - ok

20:10:58.0935 5384 [ 55ca01ba19d0006c8f2639b6c045e08b ] lmhosts C:\windows\System32\lmhsvc.dll

20:10:58.0997 5384 lmhosts - ok

20:10:59.0029 5384 [ eb119a53ccf2acc000ac71b065b78fef ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys

20:10:59.0060 5384 LSI_FC - ok

20:10:59.0107 5384 [ 8ade1c877256a22e49b75d1cc9161f9c ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys

20:10:59.0122 5384 LSI_SAS - ok

20:10:59.0138 5384 [ dc9dc3d3daa0e276fd2ec262e38b11e9 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys

20:10:59.0169 5384 LSI_SAS2 - ok

20:10:59.0185 5384 [ 0a036c7d7cab643a7f07135ac47e0524 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys

20:10:59.0216 5384 LSI_SCSI - ok

20:10:59.0231 5384 [ 6703e366cc18d3b6e534f5cf7df39cee ] luafv C:\windows\system32\drivers\luafv.sys

20:10:59.0294 5384 luafv - ok

20:10:59.0481 5384 [ 062d80f13d762f7bc2f38430d60f5048 ] McAfeeFramework C:\Program Files\McAfee\Common Framework\FrameworkService.exe

20:10:59.0497 5384 McAfeeFramework - ok

20:10:59.0528 5384 [ e2b0887816ed336685954e3d8fdaa51d ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll

20:10:59.0559 5384 Mcx2Svc - ok

20:10:59.0606 5384 [ 0fff5b045293002ab38eb1fd1fc2fb74 ] megasas C:\windows\system32\DRIVERS\megasas.sys

20:10:59.0637 5384 megasas - ok

20:10:59.0684 5384 [ dcbab2920c75f390caf1d29f675d03d6 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys

20:10:59.0715 5384 MegaSR - ok

20:10:59.0762 5384 [ 146b6f43a673379a3c670e86d89be5ea ] MMCSS C:\windows\system32\mmcss.dll

20:10:59.0840 5384 MMCSS - ok

20:10:59.0855 5384 [ f001861e5700ee84e2d4e52c712f4964 ] Modem C:\windows\system32\drivers\modem.sys

20:10:59.0933 5384 Modem - ok

20:10:59.0996 5384 [ 79d10964de86b292320e9dfe02282a23 ] monitor C:\windows\system32\DRIVERS\monitor.sys

20:11:00.0027 5384 monitor - ok

20:11:00.0089 5384 [ fb18cc1d4c2e716b6b903b0ac0cc0609 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys

20:11:00.0105 5384 mouclass - ok

20:11:00.0152 5384 [ 2c388d2cd01c9042596cf3c8f3c7b24d ] mouhid C:\windows\system32\DRIVERS\mouhid.sys

20:11:00.0183 5384 mouhid - ok

20:11:00.0199 5384 [ 921c18727c5920d6c0300736646931c2 ] mountmgr C:\windows\system32\drivers\mountmgr.sys

20:11:00.0230 5384 mountmgr - ok

20:11:00.0323 5384 [ 46297fa8e30a6007f14118fc2b942fbc ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

20:11:00.0370 5384 MozillaMaintenance - ok

20:11:00.0417 5384 [ 2af5997438c55fb79d33d015c30e1974 ] mpio C:\windows\system32\DRIVERS\mpio.sys

20:11:00.0433 5384 mpio - ok

20:11:00.0448 5384 [ ad2723a7b53dd1aacae6ad8c0bfbf4d0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys

20:11:00.0526 5384 mpsdrv - ok

20:11:00.0589 5384 [ 5cd996cecf45cbc3e8d109c86b82d69e ] MpsSvc C:\windows\system32\mpssvc.dll

20:11:00.0651 5384 MpsSvc - ok

20:11:00.0682 5384 [ b1be47008d20e43da3adc37c24cdb89d ] MRxDAV C:\windows\system32\drivers\mrxdav.sys

20:11:00.0713 5384 MRxDAV - ok

20:11:00.0760 5384 [ ca7570e42522e24324a12161db14ec02 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys

20:11:00.0791 5384 mrxsmb - ok

20:11:00.0854 5384 [ f965c3ab2b2ae5c378f4562486e35051 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys

20:11:00.0869 5384 mrxsmb10 - ok

20:11:00.0916 5384 [ 25c38264a3c72594dd21d355d70d7a5d ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys

20:11:00.0947 5384 mrxsmb20 - ok

20:11:00.0979 5384 [ 4326d168944123f38dd3b2d9c37a0b12 ] msahci C:\windows\system32\DRIVERS\msahci.sys

20:11:01.0010 5384 msahci - ok

20:11:01.0025 5384 [ 455029c7174a2dbb03dba8a0d8bddd9a ] msdsm C:\windows\system32\DRIVERS\msdsm.sys

20:11:01.0041 5384 msdsm - ok

20:11:01.0103 5384 [ e1bce74a3bd9902b72599c0192a07e27 ] MSDTC C:\windows\System32\msdtc.exe

20:11:01.0150 5384 MSDTC - ok

20:11:01.0213 5384 [ daefb28e3af5a76abcc2c3078c07327f ] Msfs C:\windows\system32\drivers\Msfs.sys

20:11:01.0275 5384 Msfs - ok

20:11:01.0291 5384 [ 3e1e5767043c5af9367f0056295e9f84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys

20:11:01.0353 5384 mshidkmdf - ok

20:11:01.0369 5384 [ 0a4e5757ae09fa9622e3158cc1aef114 ] msisadrv C:\windows\system32\DRIVERS\msisadrv.sys

20:11:01.0384 5384 msisadrv - ok

20:11:01.0462 5384 [ 90f7d9e6b6f27e1a707d4a297f077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll

20:11:01.0525 5384 MSiSCSI - ok

20:11:01.0540 5384 msiserver - ok

20:11:01.0603 5384 [ 8c0860d6366aaffb6c5bb9df9448e631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys

20:11:01.0665 5384 MSKSSRV - ok

20:11:01.0696 5384 [ 3ea8b949f963562cedbb549eac0c11ce ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys

20:11:01.0759 5384 MSPCLOCK - ok

20:11:01.0805 5384 [ f456e973590d663b1073e9c463b40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys

20:11:01.0868 5384 MSPQM - ok

20:11:01.0899 5384 [ 0e008fc4819d238c51d7c93e7b41e560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys

20:11:01.0915 5384 MsRPC - ok

20:11:01.0930 5384 [ fc6b9ff600cc585ea38b12589bd4e246 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys

20:11:01.0961 5384 mssmbios - ok

20:11:01.0993 5384 [ b42c6b921f61a6e55159b8be6cd54a36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys

20:11:02.0039 5384 MSTEE - ok

20:11:02.0086 5384 [ 33599130f44e1f34631cea241de8ac84 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys

20:11:02.0149 5384 MTConfig - ok

20:11:02.0164 5384 [ 159fad02f64e6381758c990f753bcc80 ] Mup C:\windows\system32\Drivers\mup.sys

20:11:02.0180 5384 Mup - ok

20:11:02.0289 5384 [ 80284f1985c70c86f0b5f86da2dfe1df ] napagent C:\windows\system32\qagentRT.dll

20:11:02.0351 5384 napagent - ok

20:11:02.0429 5384 [ 26384429fcd85d83746f63e798ab1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys

20:11:02.0476 5384 NativeWifiP - ok

20:11:02.0570 5384 NAVENG - ok

20:11:02.0601 5384 NAVEX15 - ok

20:11:02.0726 5384 [ 23759d175a0a9baaf04d05047bc135a8 ] NDIS C:\windows\system32\drivers\ndis.sys

20:11:02.0773 5384 NDIS - ok

20:11:02.0866 5384 [ 0e1787aa6c9191d3d319e8bafe86f80c ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys

20:11:02.0929 5384 NdisCap - ok

20:11:02.0991 5384 [ e4a8aec125a2e43a9e32afeea7c9c888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys

20:11:03.0085 5384 NdisTapi - ok

20:11:03.0194 5384 [ b30ae7f2b6d7e343b0df32e6c08fce75 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys

20:11:03.0256 5384 Ndisuio - ok

20:11:03.0287 5384 [ 267c415eadcbe53c9ca873dee39cf3a4 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys

20:11:03.0350 5384 NdisWan - ok

20:11:03.0397 5384 [ af7e7c63dcef3f8772726f86039d6eb4 ] NDProxy C:\windows\system32\drivers\NDProxy.sys

20:11:03.0475 5384 NDProxy - ok

20:11:03.0553 5384 [ 80b275b1ce3b0e79909db7b39af74d51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys

20:11:03.0662 5384 NetBIOS - ok

20:11:03.0724 5384 [ dd52a733bf4ca5af84562a5e2f963b91 ] NetBT C:\windows\system32\DRIVERS\netbt.sys

20:11:03.0802 5384 NetBT - ok

20:11:03.0818 5384 [ c2243ff9e9aad0c30e8b1a0914da15b6 ] Netlogon C:\windows\system32\lsass.exe

20:11:03.0849 5384 Netlogon - ok

20:11:03.0974 5384 [ 7cccfca7510684768da22092d1fa4db2 ] Netman C:\windows\System32\netman.dll

20:11:04.0067 5384 Netman - ok

20:11:04.0114 5384 [ 8c338238c16777a802d6a9211eb2ba50 ] netprofm C:\windows\System32\netprofm.dll

20:11:04.0208 5384 netprofm - ok

20:11:04.0286 5384 [ fe2aa5a684b0dd9b1fae57b7817c198b ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

20:11:04.0317 5384 NetTcpPortSharing - ok

20:11:04.0379 5384 [ 1d85c4b390b0ee09c7a46b91efb2c097 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys

20:11:04.0411 5384 nfrd960 - ok

20:11:04.0457 5384 [ 2226496e34bd40734946a054b1cd657f ] NlaSvc C:\windows\System32\nlasvc.dll

20:11:04.0551 5384 NlaSvc - ok

20:11:04.0707 5384 [ 64c89db40949fd0e7c8ff303676a91f1 ] Norton Internet Security C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe

20:11:04.0723 5384 Norton Internet Security - ok

20:11:04.0754 5384 [ 1db262a9f8c087e8153d89bef3d2235f ] Npfs C:\windows\system32\drivers\Npfs.sys

20:11:04.0832 5384 Npfs - ok

20:11:04.0863 5384 [ ba387e955e890c8a88306d9b8d06bf17 ] nsi C:\windows\system32\nsisvc.dll

20:11:04.0925 5384 nsi - ok

20:11:04.0957 5384 [ e9a0a4d07e53d8fea2bb8387a3293c58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys

20:11:05.0019 5384 nsiproxy - ok

20:11:05.0128 5384 [ 3795dcd21f740ee799fb7223234215af ] Ntfs C:\windows\system32\drivers\Ntfs.sys

20:11:05.0191 5384 Ntfs - ok

20:11:05.0237 5384 [ f9756a98d69098dca8945d62858a812c ] Null C:\windows\system32\drivers\Null.sys

20:11:05.0331 5384 Null - ok

20:11:05.0362 5384 [ 3f3d04b1d08d43c16ea7963954ec768d ] nvraid C:\windows\system32\DRIVERS\nvraid.sys

20:11:05.0409 5384 nvraid - ok

20:11:05.0425 5384 [ c99f251a5de63c6f129cf71933aced0f ] nvstor C:\windows\system32\DRIVERS\nvstor.sys

20:11:05.0456 5384 nvstor - ok

20:11:05.0534 5384 [ 5a0983915f02bae73267cc2a041f717d ] nv_agp C:\windows\system32\DRIVERS\nv_agp.sys

20:11:05.0565 5384 nv_agp - ok

20:11:05.0830 5384 [ 785f487a64950f3cb8e9f16253ba3b7b ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

20:11:05.0861 5384 odserv - ok

20:11:05.0893 5384 [ 08a70a1f2cdde9bb49b885cb817a66eb ] ohci1394 C:\windows\system32\DRIVERS\ohci1394.sys

20:11:05.0924 5384 ohci1394 - ok

20:11:05.0986 5384 [ 5a432a042dae460abe7199b758e8606c ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

20:11:06.0017 5384 ose - ok

20:11:06.0080 5384 [ 82a8521ddc60710c3d3d3e7325209bec ] p2pimsvc C:\windows\system32\pnrpsvc.dll

20:11:06.0111 5384 p2pimsvc - ok

20:11:06.0205 5384 [ 59c3ddd501e39e006dac31bf55150d91 ] p2psvc C:\windows\system32\p2psvc.dll

20:11:06.0236 5384 p2psvc - ok

20:11:06.0283 5384 [ 2ea877ed5dd9713c5ac74e8ea7348d14 ] Parport C:\windows\system32\DRIVERS\parport.sys

20:11:06.0329 5384 Parport - ok

20:11:06.0376 5384 [ 66d3415c159741ade7038a277efff99f ] partmgr C:\windows\system32\drivers\partmgr.sys

20:11:06.0392 5384 partmgr - ok

20:11:06.0470 5384 [ 9665402b7fa59302d520ad845ddfc026 ] Partner Service C:\ProgramData\Partner\Partner.exe

20:11:06.0501 5384 Partner Service - ok

20:11:06.0532 5384 [ eb0a59f29c19b86479d36b35983daadc ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys

20:11:06.0595 5384 Parvdm - ok

20:11:06.0641 5384 [ 358ab7956d3160000726574083dfc8a6 ] PcaSvc C:\windows\System32\pcasvc.dll

20:11:06.0673 5384 PcaSvc - ok

20:11:06.0704 5384 [ c858cb77c577780ecc456a892e7e7d0f ] pci C:\windows\system32\DRIVERS\pci.sys

20:11:06.0751 5384 pci - ok

20:11:06.0766 5384 [ afe86f419014db4e5593f69ffe26ce0a ] pciide C:\windows\system32\DRIVERS\pciide.sys

20:11:06.0782 5384 pciide - ok

20:11:06.0813 5384 [ f396431b31693e71e8a80687ef523506 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys

20:11:06.0844 5384 pcmcia - ok

20:11:06.0860 5384 [ 250f6b43d2b613172035c6747aeeb19f ] pcw C:\windows\system32\drivers\pcw.sys

20:11:06.0891 5384 pcw - ok

20:11:06.0938 5384 [ 9e0104ba49f4e6973749a02bf41344ed ] PEAUTH C:\windows\system32\drivers\peauth.sys

20:11:07.0047 5384 PEAUTH - ok

20:11:07.0109 5384 [ 1b5011dd8d57f53aed31ff0f7d635802 ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys

20:11:07.0172 5384 PGEffect - ok

20:11:07.0312 5384 [ 9c1bff7910c89a1d12e57343475840cb ] pla C:\windows\system32\pla.dll

20:11:07.0421 5384 pla - ok

20:11:07.0499 5384 [ 71def5ec79774c798342d0ea16e41780 ] PlugPlay C:\windows\system32\umpnpmgr.dll

20:11:07.0531 5384 PlugPlay - ok

20:11:07.0577 5384 [ 63ff8572611249931eb16bb8eed6afc8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll

20:11:07.0609 5384 PNRPAutoReg - ok

20:11:07.0624 5384 [ 82a8521ddc60710c3d3d3e7325209bec ] PNRPsvc C:\windows\system32\pnrpsvc.dll

20:11:07.0655 5384 PNRPsvc - ok

20:11:07.0687 5384 [ 48e1b75c6dc0232fd92baae4bd344721 ] PolicyAgent C:\windows\System32\ipsecsvc.dll

20:11:07.0765 5384 PolicyAgent - ok

20:11:07.0811 5384 [ dbff83f709a91049621c1d35dd45c92c ] Power C:\windows\system32\umpo.dll

20:11:07.0889 5384 Power - ok

20:11:07.0952 5384 [ 631e3e205ad6d86f2aed6a4a8e69f2db ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys

20:11:07.0999 5384 PptpMiniport - ok

20:11:08.0030 5384 [ 85b1e3a0c7585bc4aae6899ec6fcf011 ] Processor C:\windows\system32\DRIVERS\processr.sys

20:11:08.0061 5384 Processor - ok

20:11:08.0139 5384 [ aea3bdbdba667aa6f678cb38907e4f5e ] ProfSvc C:\windows\system32\profsvc.dll

20:11:08.0170 5384 ProfSvc - ok

20:11:08.0201 5384 [ c2243ff9e9aad0c30e8b1a0914da15b6 ] ProtectedStorage C:\windows\system32\lsass.exe

20:11:08.0217 5384 ProtectedStorage - ok

20:11:08.0279 5384 [ 6270ccae2a86de6d146529fe55b3246a ] Psched C:\windows\system32\DRIVERS\pacer.sys

20:11:08.0326 5384 Psched - ok

20:11:08.0435 5384 [ a0db243af3a2e427c172af2bba325473 ] QIOMem C:\windows\system32\DRIVERS\QIOMem.sys

20:11:08.0498 5384 QIOMem - ok

20:11:08.0576 5384 [ ab95ecf1f6659a60ddc166d8315b0751 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys

20:11:08.0638 5384 ql2300 - ok

20:11:08.0669 5384 [ b4dd51dd25182244b86737dc51af2270 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys

20:11:08.0701 5384 ql40xx - ok

20:11:08.0747 5384 [ 31ac809e7707eb580b2bdb760390765a ] QWAVE C:\windows\system32\qwave.dll

20:11:08.0794 5384 QWAVE - ok

20:11:08.0825 5384 [ 584078ca1b95ca72df2a27c336f9719d ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys

20:11:08.0841 5384 QWAVEdrv - ok

20:11:08.0857 5384 [ 30a81b53c766d0133bb86d234e5556ab ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys

20:11:08.0935 5384 RasAcd - ok

20:11:08.0981 5384 [ 57ec4aef73660166074d8f7f31c0d4fd ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys

20:11:09.0044 5384 RasAgileVpn - ok

20:11:09.0091 5384 [ a60f1839849c0c00739787fd5ec03f13 ] RasAuto C:\windows\System32\rasauto.dll

20:11:09.0137 5384 RasAuto - ok

20:11:09.0215 5384 [ d9f91eafec2815365cbe6d167e4e332a ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys

20:11:09.0278 5384 Rasl2tp - ok

20:11:09.0371 5384 [ 0ce66ec736b7fc526d78f7624c7d2a94 ] RasMan C:\windows\System32\rasmans.dll

20:11:09.0418 5384 RasMan - ok

20:11:09.0481 5384 [ 0fe8b15916307a6ac12bfb6a63e45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys

20:11:09.0543 5384 RasPppoe - ok

20:11:09.0605 5384 [ 44101f495a83ea6401d886e7fd70096b ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys

20:11:09.0668 5384 RasSstp - ok

20:11:09.0699 5384 [ 835d7e81bf517a3b72384bdcc85e1ce6 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys

20:11:09.0777 5384 rdbss - ok

20:11:09.0777 5384 [ 0d8f05481cb76e70e1da06ee9f0da9df ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys

20:11:09.0839 5384 rdpbus - ok

20:11:09.0886 5384 [ 1e016846895b15a99f9a176a05029075 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys

20:11:09.0949 5384 RDPCDD - ok

20:11:09.0995 5384 [ 5a53ca1598dd4156d44196d200c94b8a ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys

20:11:10.0042 5384 RDPENCDD - ok

20:11:10.0058 5384 [ 44b0a53cd4f27d50ed461dae0c0b4e1f ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys

20:11:10.0120 5384 RDPREFMP - ok

20:11:10.0183 5384 [ c5b8d47a4688de9d335204ea757c2240 ] RDPWD C:\windows\system32\drivers\RDPWD.sys

20:11:10.0229 5384 RDPWD - ok

20:11:10.0292 5384 [ 4ea225bf1cf05e158853f30a99ca29a7 ] rdyboost C:\windows\system32\drivers\rdyboost.sys

20:11:10.0323 5384 rdyboost - ok

20:11:10.0370 5384 [ 7b5e1419717fac363a31cc302895217a ] RemoteAccess C:\windows\System32\mprdim.dll

20:11:10.0432 5384 RemoteAccess - ok

20:11:10.0495 5384 [ cb9a8683f4ef2bf99e123d79950d7935 ] RemoteRegistry C:\windows\system32\regsvc.dll

20:11:10.0573 5384 RemoteRegistry - ok

20:11:10.0635 5384 [ 78d072f35bc45d9e4e1b61895c152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll

20:11:10.0713 5384 RpcEptMapper - ok

20:11:10.0760 5384 [ 94d36c0e44677dd26981d2bfeef2a29d ] RpcLocator C:\windows\system32\locator.exe

20:11:10.0822 5384 RpcLocator - ok

20:11:10.0853 5384 [ b82cd39e336973359d7c9bf911e8e84f ] RpcSs C:\windows\system32\rpcss.dll

20:11:10.0900 5384 RpcSs - ok

20:11:10.0978 5384 [ 032b0d36ad92b582d869879f5af5b928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys

20:11:11.0041 5384 rspndr - ok

20:11:11.0103 5384 RSUSBSTOR - ok

20:11:11.0165 5384 [ 8df69ad5f515bc15d5c30666f56288aa ] RTL8187Se C:\windows\system32\DRIVERS\RTL8187Se.sys

20:11:11.0197 5384 RTL8187Se - ok

20:11:11.0306 5384 [ 44b7739f2d623ad6fb46755bb60351a4 ] rtl8192se C:\windows\system32\DRIVERS\rtl8192se.sys

20:11:11.0368 5384 rtl8192se - ok

20:11:11.0384 5384 [ c2243ff9e9aad0c30e8b1a0914da15b6 ] SamSs C:\windows\system32\lsass.exe

20:11:11.0415 5384 SamSs - ok

20:11:11.0477 5384 [ 34ee0c44b724e3e4ce2eff29126de5b5 ] sbp2port C:\windows\system32\DRIVERS\sbp2port.sys

20:11:11.0509 5384 sbp2port - ok

20:11:11.0540 5384 [ 8fc518ffe9519c2631d37515a68009c4 ] SCardSvr C:\windows\System32\SCardSvr.dll

20:11:11.0633 5384 SCardSvr - ok

20:11:11.0649 5384 [ a95c54b2ac3cc9c73fcdf9e51a1d6b51 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys

20:11:11.0711 5384 scfilter - ok

20:11:11.0774 5384 [ df1e5c82e4d09cf8105cc644980c4803 ] Schedule C:\windows\system32\schedsvc.dll

20:11:11.0821 5384 Schedule - ok

20:11:11.0836 5384 [ 628a9e30ec5e18dd5de6be4dbdc12198 ] SCPolicySvc C:\windows\System32\certprop.dll

20:11:11.0899 5384 SCPolicySvc - ok

20:11:11.0945 5384 [ 5fd90abdbfaee85986802622cbb03446 ] SDRSVC C:\windows\System32\SDRSVC.dll

20:11:12.0008 5384 SDRSVC - ok

20:11:12.0086 5384 [ 90a3935d05b494a5a39d37e71f09a677 ] secdrv C:\windows\system32\drivers\secdrv.sys

20:11:12.0164 5384 secdrv - ok

20:11:12.0211 5384 [ a59b3a4442c52060cc7a85293aa3546f ] seclogon C:\windows\system32\seclogon.dll

20:11:12.0273 5384 seclogon - ok

20:11:12.0335 5384 [ dcb7fcdcc97f87360f75d77425b81737 ] SENS C:\windows\System32\sens.dll

20:11:12.0413 5384 SENS - ok

20:11:12.0476 5384 [ 50087fe1ee447009c9cc2997b90de53f ] SensrSvc C:\windows\system32\sensrsvc.dll

20:11:12.0538 5384 SensrSvc - ok

20:11:12.0554 5384 [ 9ad8b8b515e3df6acd4212ef465de2d1 ] Serenum C:\windows\system32\DRIVERS\serenum.sys

20:11:12.0585 5384 Serenum - ok

20:11:12.0647 5384 [ 5fb7fcea0490d821f26f39cc5ea3d1e2 ] Serial C:\windows\system32\DRIVERS\serial.sys

20:11:12.0679 5384 Serial - ok

20:11:12.0710 5384 [ 79bffb520327ff916a582dfea17aa813 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys

20:11:12.0725 5384 sermouse - ok

20:11:12.0803 5384 [ 8f55ce568c543d5adf45c409d16718fc ] SessionEnv C:\windows\system32\sessenv.dll

20:11:12.0913 5384 SessionEnv - ok

20:11:12.0944 5384 [ 9f976e1eb233df46fce808d9dea3eb9c ] sffdisk C:\windows\system32\DRIVERS\sffdisk.sys

20:11:13.0006 5384 sffdisk - ok

20:11:13.0022 5384 [ 932a68ee27833cfd57c1639d375f2731 ] sffp_mmc C:\windows\system32\DRIVERS\sffp_mmc.sys

20:11:13.0084 5384 sffp_mmc - ok

20:11:13.0147 5384 [ 4f1e5b0fe7c8050668dbfade8999aefb ] sffp_sd C:\windows\system32\DRIVERS\sffp_sd.sys

20:11:13.0193 5384 sffp_sd - ok

20:11:13.0209 5384 [ db96666cc8312ebc45032f30b007a547 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys

20:11:13.0240 5384 sfloppy - ok

20:11:13.0318 5384 [ d1a079a0de2ea524513b6930c24527a2 ] SharedAccess C:\windows\System32\ipnathlp.dll

20:11:13.0365 5384 SharedAccess - ok

20:11:13.0427 5384 [ cd2e48fa5b29ee2b3b5858056d246ef2 ] ShellHWDetection C:\windows\System32\shsvcs.dll

20:11:13.0474 5384 ShellHWDetection - ok

20:11:13.0537 5384 [ 2565cac0dc9fe0371bdce60832582b2e ] sisagp C:\windows\system32\DRIVERS\sisagp.sys

20:11:13.0568 5384 sisagp - ok

20:11:13.0630 5384 [ a9f0486851becb6dda1d89d381e71055 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys

20:11:13.0661 5384 SiSRaid2 - ok

20:11:13.0693 5384 [ 3727097b55738e2f554972c3be5bc1aa ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys

20:11:13.0724 5384 SiSRaid4 - ok

20:11:13.0786 5384 [ 3e21c083b8a01cb70ba1f09303010fce ] Smb C:\windows\system32\DRIVERS\smb.sys

20:11:13.0849 5384 Smb - ok

20:11:13.0927 5384 [ 6a984831644eca1a33ffeae4126f4f37 ] SNMPTRAP C:\windows\System32\snmptrap.exe

20:11:13.0958 5384 SNMPTRAP - ok

20:11:14.0020 5384 [ 95cf1ae7527fb70f7816563cbc09d942 ] spldr C:\windows\system32\drivers\spldr.sys

20:11:14.0051 5384 spldr - ok

20:11:14.0098 5384 [ e17323b0aa9fb3ff9945731d736eda2f ] Spooler C:\windows\System32\spoolsv.exe

20:11:14.0145 5384 Spooler - ok

20:11:14.0519 5384 [ 4c287f9069fedbd791178876ee9de536 ] sppsvc C:\windows\system32\sppsvc.exe

20:11:14.0660 5384 sppsvc - ok

20:11:14.0691 5384 [ d8e3e19eebdab49dd4a8d3062ead4ec7 ] sppuinotify C:\windows\system32\sppuinotify.dll

20:11:14.0738 5384 sppuinotify - ok

20:11:14.0785 5384 [ e81f6caeab9ad5732e94c07c97866aa2 ] SRTSP C:\windows\System32\Drivers\NIS\1008030.006\SRTSP.SYS

20:11:14.0847 5384 SRTSP - ok

20:11:14.0909 5384 [ e28de499d942b08058bffac69d4122b6 ] SRTSPX C:\windows\system32\drivers\NIS\1008030.006\SRTSPX.SYS

20:11:14.0925 5384 SRTSPX - ok

20:11:15.0003 5384 [ c4a027b8c0bd3fc0699f41fa5e9e0c87 ] srv C:\windows\system32\DRIVERS\srv.sys

20:11:15.0081 5384 srv - ok

20:11:15.0128 5384 [ 414bb592cad8a79649d01f9d94318fb3 ] srv2 C:\windows\system32\DRIVERS\srv2.sys

20:11:15.0159 5384 srv2 - ok

20:11:15.0190 5384 [ ff207d67700aa18242aaf985d3e7d8f4 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys

20:11:15.0221 5384 srvnet - ok

20:11:15.0268 5384 [ d887c9fd02ac9fa880f6e5027a43e118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll

20:11:15.0331 5384 SSDPSRV - ok

20:11:15.0346 5384 [ d318f23be45d5e3a107469eb64815b50 ] SstpSvc C:\windows\system32\sstpsvc.dll

20:11:15.0393 5384 SstpSvc - ok

20:11:15.0440 5384 [ db32d325c192b801df274bfd12a7e72b ] stexstor C:\windows\system32\DRIVERS\stexstor.sys

20:11:15.0487 5384 stexstor - ok

20:11:15.0565 5384 [ a22825e7bb7018e8af3e229a5af17221 ] StiSvc C:\windows\System32\wiaservc.dll

20:11:15.0611 5384 StiSvc - ok

20:11:15.0658 5384 [ e58c78a848add9610a4db6d214af5224 ] swenum C:\windows\system32\DRIVERS\swenum.sys

20:11:15.0674 5384 swenum - ok

20:11:15.0736 5384 [ a28bd92df340e57b024ba433165d34d7 ] swprv C:\windows\System32\swprv.dll

20:11:15.0845 5384 swprv - ok

20:11:15.0908 5384 [ d0885f6e24259a6c65e68d6ad749910a ] SymEFA C:\windows\system32\drivers\NIS\1008030.006\SYMEFA.SYS

20:11:15.0939 5384 SymEFA - ok

20:11:16.0017 5384 [ a54ff04bd6e75dc4d8cb6f3e352635e0 ] SymEvent C:\windows\system32\Drivers\SYMEVENT.SYS

20:11:16.0033 5384 SymEvent - ok

20:11:16.0111 5384 [ a8c45c36309ee066f9191e511f88ed76 ] SYMFW C:\windows\System32\Drivers\NIS\1008030.006\SYMFW.SYS

20:11:16.0142 5384 SYMFW - ok

20:11:16.0189 5384 [ 34f1c9d5dcc19df1e824d6b73767b8af ] SymIM C:\windows\system32\DRIVERS\SymIMv.sys

20:11:16.0204 5384 SymIM - ok

20:11:16.0282 5384 [ d8b16289f39b63456f48ea95243a788a ] SYMNDISV C:\windows\System32\Drivers\NIS\1008030.006\SYMNDISV.SYS

20:11:16.0298 5384 SYMNDISV - ok

20:11:16.0345 5384 [ 26bc80ec79d7ba478249c266cbdf17b4 ] SYMTDI C:\windows\System32\Drivers\NIS\1008030.006\SYMTDI.SYS

20:11:16.0376 5384 SYMTDI - ok

20:11:16.0454 5384 [ 3432d6a12fa5f0a7ea344d544ce2a1f9 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys

20:11:16.0485 5384 SynTP - ok

20:11:16.0594 5384 [ 04105c8da62353589c29bdaeb8d88bd8 ] SysMain C:\windows\system32\sysmain.dll

20:11:16.0719 5384 SysMain - ok

20:11:16.0766 5384 [ fcfb6c552fbc0da299799cbd50ad9fd4 ] TabletInputService C:\windows\System32\TabSvc.dll

20:11:16.0828 5384 TabletInputService - ok

20:11:16.0859 5384 [ 2f46b0c70a4adc8c90cf825da3b4feaf ] TapiSrv C:\windows\System32\tapisrv.dll

20:11:16.0922 5384 TapiSrv - ok

20:11:16.0969 5384 [ b799d9fdb26111737f58288d8dc172d9 ] TBS C:\windows\System32\tbssvc.dll

20:11:17.0031 5384 TBS - ok

20:11:17.0140 5384 [ 55e9965552741f3850cb22cbba9671ed ] Tcpip C:\windows\system32\drivers\tcpip.sys

20:11:17.0218 5384 Tcpip - ok

20:11:17.0296 5384 [ 55e9965552741f3850cb22cbba9671ed ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys

20:11:17.0359 5384 TCPIP6 - ok

20:11:17.0421 5384 [ e64444523add154f86567c469bc0b17f ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys

20:11:17.0499 5384 tcpipreg - ok

20:11:17.0593 5384 [ 4084ea00d50c858d6f9038f86ae2e2d0 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys

20:11:17.0593 5384 tdcmdpst - ok

20:11:17.0686 5384 [ 1875c1490d99e70e449e3afae9fcbadf ] TDPIPE C:\windows\system32\drivers\tdpipe.sys

20:11:17.0733 5384 TDPIPE - ok

20:11:17.0764 5384 [ 7156308896d34ea75a582f9a09e50c17 ] TDTCP C:\windows\system32\drivers\tdtcp.sys

20:11:17.0827 5384 TDTCP - ok

20:11:17.0858 5384 [ cb39e896a2a83702d1737bfd402b3542 ] tdx C:\windows\system32\DRIVERS\tdx.sys

20:11:17.0951 5384 tdx - ok

20:11:17.0983 5384 [ c36f41ee20e6999dbf4b0425963268a5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys

20:11:18.0014 5384 TermDD - ok

20:11:18.0092 5384 [ a01e50a04d7b1960b33e92b9080e6a94 ] TermService C:\windows\System32\termsrv.dll

20:11:18.0170 5384 TermService - ok

20:11:18.0201 5384 [ 42fb6afd6b79d9fe07381609172e7ca4 ] Themes C:\windows\system32\themeservice.dll

20:11:18.0248 5384 Themes - ok

20:11:18.0326 5384 [ 9528f2a39cb660a49f0592d57127f370 ] Thpdrv C:\windows\system32\DRIVERS\thpdrv.sys

20:11:18.0341 5384 Thpdrv - ok

20:11:18.0404 5384 [ e17dcde74ff00ca802643b4a9a4a4a5c ] Thpevm C:\windows\system32\DRIVERS\Thpevm.SYS

20:11:18.0419 5384 Thpevm - ok

20:11:18.0513 5384 [ b8a7c3f812791a73147b6cc2380432ec ] Thpsrv C:\windows\system32\ThpSrv.exe

20:11:18.0560 5384 Thpsrv - ok

20:11:18.0575 5384 [ 146b6f43a673379a3c670e86d89be5ea ] THREADORDER C:\windows\system32\mmcss.dll

20:11:18.0622 5384 THREADORDER - ok

20:11:18.0747 5384 [ f120967184a27e927052e8ddbb727851 ] TMachInfo C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

20:11:18.0763 5384 TMachInfo - ok

20:11:18.0856 5384 [ fe65d33b7d4ff07dd1d29526a48df810 ] TODDSrv C:\Windows\system32\TODDSrv.exe

20:11:18.0872 5384 TODDSrv - ok

20:11:19.0028 5384 [ 66c35016e01746715f8f606a9f081bf9 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

20:11:19.0075 5384 TosCoSrv - ok

20:11:19.0184 5384 [ 0da25676a231b8396e356c6ce2745cd1 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe

20:11:19.0199 5384 TOSHIBA eco Utility Service - ok

20:11:19.0293 5384 [ 67c1da40d78c92622081a3e780c926b2 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

20:11:19.0340 5384 TOSHIBA HDD SSD Alert Service - ok

20:11:19.0433 5384 [ 31d2881b0647f2b09b118b9b50c02888 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

20:11:19.0480 5384 TPCHSrv - ok

20:11:19.0558 5384 [ 4792c0378db99a9bc2ae2de6cfff0c3a ] TrkWks C:\windows\System32\trkwks.dll

20:11:19.0621 5384 TrkWks - ok

20:11:19.0714 5384 [ 41a4c781d2286208d397d72099304133 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe

20:11:19.0745 5384 TrustedInstaller - ok

20:11:19.0792 5384 [ 98ae6fa07d12cb4ec5cf4a9bfa5f4242 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys

20:11:19.0870 5384 tssecsrv - ok

20:11:19.0917 5384 [ 3e461d890a97f9d4c168f5fda36e1d00 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys

20:11:19.0964 5384 tunnel - ok

20:11:20.0057 5384 [ fc24015b4052600c324c43e3a79c0664 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS

20:11:20.0089 5384 TVALZ - ok

20:11:20.0135 5384 [ 866462f5ae3f375ef83ef9dce436031c ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys

20:11:20.0182 5384 TVALZFL - ok

20:11:20.0229 5384 [ 750fbcb269f4d7dd2e420c56b795db6d ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys

20:11:20.0260 5384 uagp35 - ok

20:11:20.0291 5384 [ 09cc3e16f8e5ee7168e01cf8fcbe061a ] udfs C:\windows\system32\DRIVERS\udfs.sys

20:11:20.0354 5384 udfs - ok

20:11:20.0416 5384 [ 8344fd4fce927880aa1aa7681d4927e5 ] UI0Detect C:\windows\system32\UI0Detect.exe

20:11:20.0479 5384 UI0Detect - ok

20:11:20.0525 5384 [ 44e8048ace47befbfdc2e9be4cbc8880 ] uliagpkx C:\windows\system32\DRIVERS\uliagpkx.sys

20:11:20.0557 5384 uliagpkx - ok

20:11:20.0619 5384 [ 049b3a50b3d646baeeee9eec9b0668dc ] umbus C:\windows\system32\DRIVERS\umbus.sys

20:11:20.0650 5384 umbus - ok

20:11:20.0728 5384 [ 7550ad0c6998ba1cb4843e920ee0feac ] UmPass C:\windows\system32\DRIVERS\umpass.sys

20:11:20.0791 5384 UmPass - ok

20:11:20.0837 5384 [ 833fbb672460efce8011d262175fad33 ] upnphost C:\windows\System32\upnphost.dll

20:11:20.0931 5384 upnphost - ok

20:11:20.0978 5384 [ 8455c4ed038efd09e99327f9d2d48ffa ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys

20:11:21.0056 5384 usbccgp - ok

20:11:21.0103 5384 [ 04ec7cec62ec3b6d9354eee93327fc82 ] usbcir C:\windows\system32\DRIVERS\usbcir.sys

20:11:21.0165 5384 usbcir - ok

20:11:21.0227 5384 [ 1c333bfd60f2fed2c7ad5daf533cb742 ] usbehci C:\windows\system32\DRIVERS\usbehci.sys

20:11:21.0274 5384 usbehci - ok

20:11:21.0352 5384 [ ee6ef93ccfa94fae8c6ab298273d8ae2 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys

20:11:21.0446 5384 usbhub - ok

20:11:21.0461 5384 [ a6fb7957ea7afb1165991e54ce934b74 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys

20:11:21.0571 5384 usbohci - ok

20:11:21.0617 5384 [ 797d862fe0875e75c7cc4c1ad7b30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys

20:11:21.0711 5384 usbprint - ok

20:11:21.0789 5384 [ d8889d56e0d27e57ed4591837fe71d27 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS

20:11:21.0805 5384 USBSTOR - ok

20:11:21.0836 5384 [ 78780c3ebce17405b1ccd07a3a8a7d72 ] usbuhci C:\windows\system32\DRIVERS\usbuhci.sys

20:11:21.0898 5384 usbuhci - ok

20:11:22.0007 5384 [ b5f6a992d996282b7fae7048e50af83a ] usbvideo C:\windows\System32\Drivers\usbvideo.sys

20:11:22.0085 5384 usbvideo - ok

20:11:22.0132 5384 [ 081e6e1c91aec36758902a9f727cd23c ] UxSms C:\windows\System32\uxsms.dll

20:11:22.0226 5384 UxSms - ok

20:11:22.0241 5384 [ c2243ff9e9aad0c30e8b1a0914da15b6 ] VaultSvc C:\windows\system32\lsass.exe

20:11:22.0273 5384 VaultSvc - ok

20:11:22.0382 5384 [ a059c4c3edb09e07d21a8e5c0aabd3cb ] vdrvroot C:\windows\system32\DRIVERS\vdrvroot.sys

20:11:22.0444 5384 vdrvroot - ok

20:11:22.0491 5384 [ 8c4e7c49d3641bc9e299e466a7f8867d ] vds C:\windows\System32\vds.exe

20:11:22.0569 5384 vds - ok

20:11:22.0647 5384 [ 17c408214ea61696cec9c66e388b14f3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys

20:11:22.0694 5384 vga - ok

20:11:22.0709 5384 [ 8e38096ad5c8570a6f1570a61e251561 ] VgaSave C:\windows\System32\drivers\vga.sys

20:11:22.0772 5384 VgaSave - ok

20:11:22.0834 5384 [ 3be6e1f3a4f1afec8cee0d7883f93583 ] vhdmp C:\windows\system32\DRIVERS\vhdmp.sys

20:11:23.0209 5384 vhdmp - ok

20:11:23.0255 5384 [ c829317a37b4bea8f39735d4b076e923 ] viaagp C:\windows\system32\DRIVERS\viaagp.sys

20:11:23.0302 5384 viaagp - ok

20:11:23.0349 5384 [ e02f079a6aa107f06b16549c6e5c7b74 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys

20:11:23.0443 5384 ViaC7 - ok

20:11:23.0458 5384 [ e43574f6a56a0ee11809b48c09e4fd3c ] viaide C:\windows\system32\DRIVERS\viaide.sys

20:11:23.0474 5384 viaide - ok

20:11:23.0505 5384 [ 384e5a2aa49934295171e499f86ba6f3 ] volmgr C:\windows\system32\DRIVERS\volmgr.sys

20:11:23.0536 5384 volmgr - ok

20:11:23.0552 5384 [ b5bb72067ddddbbfb04b2f89ff8c3c87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys

20:11:23.0583 5384 volmgrx - ok

20:11:23.0630 5384 [ 58df9d2481a56edde167e51b334d44fd ] volsnap C:\windows\system32\DRIVERS\volsnap.sys

20:11:23.0645 5384 volsnap - ok

20:11:23.0723 5384 [ 9dfa0cc2f8855a04816729651175b631 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys

20:11:23.0755 5384 vsmraid - ok

20:11:23.0942 5384 [ 7ea2bcd94d9cfaf4c556f5cc94532a6c ] VSS C:\windows\system32\vssvc.exe

20:11:24.0004 5384 VSS - ok

20:11:24.0035 5384 [ 90567b1e658001e79d7c8bbd3dde5aa6 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys

20:11:24.0082 5384 vwifibus - ok

20:11:24.0098 5384 [ 7090d3436eeb4e7da3373090a23448f7 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys

20:11:24.0176 5384 vwififlt - ok

20:11:24.0207 5384 [ 55187fd710e27d5095d10a472c8baf1c ] W32Time C:\windows\system32\w32time.dll

20:11:24.0269 5384 W32Time - ok

20:11:24.0332 5384 [ de3721e89c653aa281428c8a69745d90 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys

20:11:24.0347 5384 WacomPen - ok

20:11:24.0410 5384 [ 692a712062146e96d28ba0b7d75de31b ] WANARP C:\windows\system32\DRIVERS\wanarp.sys

20:11:24.0472 5384 WANARP - ok

20:11:24.0488 5384 [ 692a712062146e96d28ba0b7d75de31b ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys

20:11:24.0535 5384 Wanarpv6 - ok

20:11:24.0769 5384 [ 353a04c273ec58475d8633e75ccd5604 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe

20:11:24.0878 5384 WatAdminSvc - ok

20:11:24.0987 5384 [ 7790b77fe1e5ee47dcc66247095bb4c9 ] wbengine C:\windows\system32\wbengine.exe

20:11:25.0127 5384 wbengine - ok

20:11:25.0143 5384 [ 9614b5d29dc76ac3c29f6d2d3aa70e67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll

20:11:25.0174 5384 WbioSrvc - ok

20:11:25.0268 5384 [ 6d9b75275c3e3a5f51aef81affadb2b6 ] wcncsvc C:\windows\System32\wcncsvc.dll

20:11:25.0439 5384 wcncsvc - ok

20:11:25.0502 5384 [ 5d930b6357a6d2af4d7653bdabbf352f ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll

20:11:25.0549 5384 WcsPlugInService - ok

20:11:25.0580 5384 [ 1112a9badacb47b7c0bb0392e3158dff ] Wd C:\windows\system32\DRIVERS\wd.sys

20:11:25.0627 5384 Wd - ok

20:11:25.0689 5384 [ 9950e3d0f08141c7e89e64456ae7dc73 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys

20:11:25.0751 5384 Wdf01000 - ok

20:11:25.0798 5384 [ 46ef9dc96265fd0b423db72e7c38c2a5 ] WdiServiceHost C:\windows\system32\wdi.dll

20:11:25.0845 5384 WdiServiceHost - ok

20:11:25.0861 5384 [ 46ef9dc96265fd0b423db72e7c38c2a5 ] WdiSystemHost C:\windows\system32\wdi.dll

20:11:25.0892 5384 WdiSystemHost - ok

20:11:25.0954 5384 [ bb5ec38f8d4600119b4720bc5d4211f1 ] WebClient C:\windows\System32\webclnt.dll

20:11:26.0017 5384 WebClient - ok

20:11:26.0095 5384 [ 760f0afe937a77cff27153206534f275 ] Wecsvc C:\windows\system32\wecsvc.dll

20:11:26.0157 5384 Wecsvc - ok

20:11:26.0188 5384 [ ac804569bb2364fb6017370258a4091b ] wercplsupport C:\windows\System32\wercplsupport.dll

20:11:26.0329 5384 wercplsupport - ok

20:11:26.0391 5384 [ 08e420d873e4fd85241ee2421b02c4a4 ] WerSvc C:\windows\System32\WerSvc.dll

20:11:26.0485 5384 WerSvc - ok

20:11:26.0547 5384 [ 8b9a943f3b53861f2bfaf6c186168f79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys

20:11:26.0609 5384 WfpLwf - ok

20:11:26.0625 5384 [ 5cf95b35e59e2a38023836fff31be64c ] WIMMount C:\windows\system32\drivers\wimmount.sys

20:11:26.0641 5384 WIMMount - ok

20:11:26.0750 5384 [ 3fae8f94296001c32eab62cd7d82e0fd ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll

20:11:26.0797 5384 WinDefend - ok

20:11:26.0812 5384 WinHttpAutoProxySvc - ok

20:11:27.0015 5384 [ f62e510b6ad4c21eb9fe8668ed251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll

20:11:27.0077 5384 Winmgmt - ok

20:11:27.0202 5384 [ c4f5d3901d1b41d602ddc196e0b95b51 ] WinRM C:\windows\system32\WsmSvc.dll

20:11:27.0311 5384 WinRM - ok

20:11:27.0421 5384 [ 16935c98ff639d185086a3529b1f2067 ] Wlansvc C:\windows\System32\wlansvc.dll

20:11:27.0499 5384 Wlansvc - ok

20:11:27.0592 5384 [ 0217679b8fca58714c3bf2726d2ca84e ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys

20:11:27.0655 5384 WmiAcpi - ok

20:11:27.0733 5384 [ 6eb6b66517b048d87dc1856ddf1f4c3f ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe

20:11:27.0779 5384 wmiApSrv - ok

20:11:27.0967 5384 [ 77fbd400984cf72ba0fc4b3489d65f74 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe

20:11:28.0045 5384 WMPNetworkSvc - ok

20:11:28.0091 5384 [ a2f0ec770a92f2b3f9de6d518e11409c ] WPCSvc C:\windows\System32\wpcsvc.dll

20:11:28.0123 5384 WPCSvc - ok

20:11:28.0138 5384 [ b7f658a2ebc07129538ad9ab35212637 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll

20:11:28.0169 5384 WPDBusEnum - ok

20:11:28.0201 5384 [ 6db3276587b853bf886b69528fdb048c ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys

20:11:28.0279 5384 ws2ifsl - ok

20:11:28.0341 5384 [ a661a76333057b383a06e65f0073222f ] wscsvc C:\windows\System32\wscsvc.dll

20:11:28.0388 5384 wscsvc - ok

20:11:28.0403 5384 WSearch - ok

20:11:28.0606 5384 [ fc3ec24fce372c89423e015a2ac1a31e ] wuauserv C:\windows\system32\wuaueng.dll

20:11:28.0731 5384 wuauserv - ok

20:11:28.0747 5384 [ 6f9b6c0c93232cff47d0f72d6db1d21e ] WudfPf C:\windows\system32\drivers\WudfPf.sys

20:11:28.0825 5384 WudfPf - ok

20:11:28.0871 5384 [ f91ff1e51fca30b3c3981db7d5924252 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys

20:11:28.0934 5384 WUDFRd - ok

20:11:29.0012 5384 [ ddee3682fe97037c45f4d7ab467cb8b6 ] wudfsvc C:\windows\System32\WUDFSvc.dll

20:11:29.0090 5384 wudfsvc - ok

20:11:29.0152 5384 [ ff2d745b560f7c71b31f30f4d49f73d2 ] WwanSvc C:\windows\System32\wwansvc.dll

20:11:29.0215 5384 WwanSvc - ok

20:11:29.0261 5384 ================ Scan global ===============================

20:11:29.0355 5384 (9a595df601070da78c40481120dd2c06) C:\windows\system32\basesrv.dll

20:11:29.0386 5384 (008f51ae989c3df1cbaf8b39dc423ccc) C:\windows\system32\winsrv.dll

20:11:29.0417 5384 (008f51ae989c3df1cbaf8b39dc423ccc) C:\windows\system32\winsrv.dll

20:11:29.0449 5384 (364455805e64882844ee9acb72522830) C:\windows\system32\sxssrv.dll

20:11:29.0527 5384 (5f1b6a9c35d3d5ca72d6d6fdef9747d6) C:\windows\system32\services.exe

20:11:29.0527 5384 [Global] - ok

20:11:29.0542 5384 ================ Scan MBR ==================================

20:11:29.0558 5384 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0

20:11:30.0416 5384 \Device\Harddisk0\DR0 - ok

20:11:30.0431 5384 MBR (0x1B8) (06449e7c4af0550b77e260798769aa40) \Device\Harddisk1\DR2

20:11:30.0619 5384 \Device\Harddisk1\DR2 - ok

20:11:30.0619 5384 ================ Scan VBR ==================================

20:11:30.0634 5384 Boot (0x1200) (8933d9304507ee690b52c9dc9b59d1c4) \Device\Harddisk0\DR0\Partition1

20:11:30.0634 5384 \Device\Harddisk0\DR0\Partition1 - ok

20:11:30.0650 5384 Boot (0x1200) (2de058d8cc9cea8611c93e8a901a5fe9) \Device\Harddisk1\DR2\Partition1

20:11:30.0650 5384 \Device\Harddisk1\DR2\Partition1 - ok

20:11:30.0665 5384 ============================================================

20:11:30.0665 5384 Scan finished

20:11:30.0665 5384 ============================================================

20:11:30.0681 4132 Detected object count: 1

20:11:30.0681 4132 Actual detected object count: 1

20:11:57.0357 4132 C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe - copied to quarantine

20:11:57.0357 4132 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

[aliB]

hi

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  

  :OTL
  [2012/08/14 16:56:20 | 000,002,048 | -HS- | C] () -- C:\Users\MK\AppData\Local\{c98d7325-c016-f43a-e8d3-ce0479a18302}\@
  
  :Files
  C:\Users\MK\AppData\Local\{c98d7325-c016-f43a-e8d3-ce0479a18302}\@
  
  :Commands
  [purity]
  [resethosts]
  [emptytemp]
  [EMPTYFLASH]
  [Reboot]

  
  

• Then click the Run Fix button at the top
  
• Let the program run unhindered, reboot the PC when it is done
  
• Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
  

THEN

• Download RogueKiller and save it on your desktop.
  
• Quit all programs
  
• Start RogueKiller.exe.
  
• Wait until Prescan has finished ...
  
• Click on Scan

• Wait for the end of the scan.
  
• The report has been created on the desktop.
  
• Click on the Delete button.

• The report has been created on the desktop.

Please post: All RKreport.txt text files located on your desktop.

[mjudokick]

RogueKiller V7.6.6 [08/10/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7600 ) 32 bits version

Started in : Normal mode

User: MK [Admin rights]

Mode: Scan -- Date: 08/21/2012 23:54:54

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 2 ¤¤¤

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

[ZeroAccess][FOLDER] U : c:\windows\installer\{c98d7325-c016-f43a-e8d3-ce0479a18302}\U --> FOUND

[ZeroAccess][FOLDER] L : c:\windows\installer\{c98d7325-c016-f43a-e8d3-ce0479a18302}\L --> FOUND

[ZeroAccess][FILE] @ : c:\users\MK\appdata\local\{c98d7325-c016-f43a-e8d3-ce0479a18302}\@ --> FOUND

[ZeroAccess][FOLDER] U : c:\users\MK\appdata\local\{c98d7325-c016-f43a-e8d3-ce0479a18302}\U --> FOUND

[ZeroAccess][FOLDER] L : c:\users\MK\appdata\local\{c98d7325-c016-f43a-e8d3-ce0479a18302}\L --> FOUND

¤¤¤ Driver: [LOADED] ¤¤¤

SSDT[13] : NtAlertResumeThread @ 0x8331B069 -> HOOKED (Unknown @ 0x876F7A60)

SSDT[14] : NtAlertThread @ 0x832C8DC6 -> HOOKED (Unknown @ 0x876FCA88)

SSDT[19] : NtAllocateVirtualMemory @ 0x8328A43B -> HOOKED (Unknown @ 0x876FC7D0)

SSDT[22] : NtAlpcConnectPort @ 0x83291E4D -> HOOKED (Unknown @ 0x87554510)

SSDT[43] : NtAssignProcessToJobObject @ 0x83235816 -> HOOKED (Unknown @ 0x876FAE30)

SSDT[74] : NtCreateMutant @ 0x832BD2C3 -> HOOKED (Unknown @ 0x876F9A28)

SSDT[86] : NtCreateSymbolicLinkObject @ 0x8324D4BD -> HOOKED (Unknown @ 0x876FB640)

SSDT[87] : NtCreateThread @ 0x8331929A -> HOOKED (Unknown @ 0x8763DA58)

SSDT[88] : NtCreateThreadEx @ 0x83277371 -> HOOKED (Unknown @ 0x876FB058)

SSDT[96] : NtDebugActiveProcess @ 0x832EE85A -> HOOKED (Unknown @ 0x8763E298)

SSDT[111] : NtDuplicateObject @ 0x832BA770 -> HOOKED (Unknown @ 0x87640078)

SSDT[131] : NtFreeVirtualMemory @ 0x830F196D -> HOOKED (Unknown @ 0x876F7660)

SSDT[145] : NtImpersonateAnonymousToken @ 0x83231048 -> HOOKED (Unknown @ 0x876F7370)

SSDT[147] : NtImpersonateThread @ 0x83296CB3 -> HOOKED (Unknown @ 0x876F79A0)

SSDT[155] : unknown @ 0x831DF313 -> HOOKED (Unknown @ 0x875549C0)

SSDT[168] : NtMapViewOfSection @ 0x832BD585 -> HOOKED (Unknown @ 0x876F7580)

SSDT[177] : NtOpenEvent @ 0x832BFC15 -> HOOKED (Unknown @ 0x876F9968)

SSDT[190] : NtOpenProcess @ 0x832BFBDF -> HOOKED (Unknown @ 0x87646140)

SSDT[191] : NtOpenProcessToken @ 0x8327AF11 -> HOOKED (Unknown @ 0x876F7C28)

SSDT[194] : NtOpenSection @ 0x832BD868 -> HOOKED (Unknown @ 0x876FA5A8)

SSDT[198] : NtOpenThread @ 0x832BE536 -> HOOKED (Unknown @ 0x876F6A10)

SSDT[215] : NtProtectVirtualMemory @ 0x832BE2EF -> HOOKED (Unknown @ 0x876FB008)

SSDT[304] : NtResumeThread @ 0x832B067D -> HOOKED (Unknown @ 0x87644E70)

SSDT[316] : NtSetContextThread @ 0x8331AB17 -> HOOKED (Unknown @ 0x876FB330)

SSDT[333] : NtSetInformationProcess @ 0x8328BA35 -> HOOKED (Unknown @ 0x876FB3F0)

SSDT[350] : NtSetSystemInformation @ 0x832C94A3 -> HOOKED (Unknown @ 0x8763E358)

SSDT[366] : unknown @ 0x8331AFA3 -> HOOKED (Unknown @ 0x876FB9A0)

SSDT[367] : NtSuspendThread @ 0x832D7D04 -> HOOKED (Unknown @ 0x876FCB48)

SSDT[370] : NtTerminateProcess @ 0x832A01B5 -> HOOKED (\SystemRoot\system32\drivers\TfSysMon.sys @ 0x8B5EB2D0)

SSDT[371] : NtTerminateThread @ 0x832B2F92 -> HOOKED (Unknown @ 0x876FB2F8)

SSDT[385] : NtUnmapViewOfSection @ 0x832BA38A -> HOOKED (Unknown @ 0x87634840)

SSDT[399] : NtWriteVirtualMemory @ 0x832C5C63 -> HOOKED (Unknown @ 0x876414D0)

S_SSDT[318] : Unknown -> HOOKED (Unknown @ 0x884FCB28)

S_SSDT[402] : Unknown -> HOOKED (Unknown @ 0x87527478)

S_SSDT[434] : Unknown -> HOOKED (Unknown @ 0x89083410)

S_SSDT[436] : Unknown -> HOOKED (Unknown @ 0x8752D410)

S_SSDT[448] : Unknown -> HOOKED (Unknown @ 0x87547560)

S_SSDT[490] : Unknown -> HOOKED (Unknown @ 0x89086728)

S_SSDT[508] : Unknown -> HOOKED (Unknown @ 0x875356E0)

S_SSDT[509] : Unknown -> HOOKED (Unknown @ 0x87535610)

S_SSDT[585] : Unknown -> HOOKED (Unknown @ 0x87541638)

S_SSDT[588] : Unknown -> HOOKED (Unknown @ 0x89081428)

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

ÿþ1

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK2555GSX +++++

--- User ---

[MBR] ccacc39a0f72ecb6f7844bfdcb05ab8b

[bSP] 4bd2408d084f023849ab85613be82fd3 : Windows Vista MBR Code

Partition table:

0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 228847 Mo

2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 471752704 | Size: 8127 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

RogueKiller V7.6.6 [08/10/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7600 ) 32 bits version

Started in : Normal mode

User: MK [Admin rights]

Mode: Remove -- Date: 08/21/2012 23:59:38

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 2 ¤¤¤

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

[ZeroAccess][FOLDER] U : c:\windows\installer\{c98d7325-c016-f43a-e8d3-ce0479a18302}\U --> REMOVED

[ZeroAccess][FOLDER] L : c:\windows\installer\{c98d7325-c016-f43a-e8d3-ce0479a18302}\L --> REMOVED

[ZeroAccess][FILE] @ : c:\users\MK\appdata\local\{c98d7325-c016-f43a-e8d3-ce0479a18302}\@ --> REMOVED

[ZeroAccess][FOLDER] U : c:\users\MK\appdata\local\{c98d7325-c016-f43a-e8d3-ce0479a18302}\U --> REMOVED

[ZeroAccess][FOLDER] L : c:\users\MK\appdata\local\{c98d7325-c016-f43a-e8d3-ce0479a18302}\L --> REMOVED

¤¤¤ Driver: [LOADED] ¤¤¤

SSDT[13] : NtAlertResumeThread @ 0x8331B069 -> HOOKED (Unknown @ 0x876F7A60)

SSDT[14] : NtAlertThread @ 0x832C8DC6 -> HOOKED (Unknown @ 0x876FCA88)

SSDT[19] : NtAllocateVirtualMemory @ 0x8328A43B -> HOOKED (Unknown @ 0x876FC7D0)

SSDT[22] : NtAlpcConnectPort @ 0x83291E4D -> HOOKED (Unknown @ 0x87554510)

SSDT[43] : NtAssignProcessToJobObject @ 0x83235816 -> HOOKED (Unknown @ 0x876FAE30)

SSDT[74] : NtCreateMutant @ 0x832BD2C3 -> HOOKED (Unknown @ 0x876F9A28)

SSDT[86] : NtCreateSymbolicLinkObject @ 0x8324D4BD -> HOOKED (Unknown @ 0x876FB640)

SSDT[87] : NtCreateThread @ 0x8331929A -> HOOKED (Unknown @ 0x8763DA58)

SSDT[88] : NtCreateThreadEx @ 0x83277371 -> HOOKED (Unknown @ 0x876FB058)

SSDT[96] : NtDebugActiveProcess @ 0x832EE85A -> HOOKED (Unknown @ 0x8763E298)

SSDT[111] : NtDuplicateObject @ 0x832BA770 -> HOOKED (Unknown @ 0x87640078)

SSDT[131] : NtFreeVirtualMemory @ 0x830F196D -> HOOKED (Unknown @ 0x876F7660)

SSDT[145] : NtImpersonateAnonymousToken @ 0x83231048 -> HOOKED (Unknown @ 0x876F7370)

SSDT[147] : NtImpersonateThread @ 0x83296CB3 -> HOOKED (Unknown @ 0x876F79A0)

SSDT[155] : unknown @ 0x831DF313 -> HOOKED (Unknown @ 0x875549C0)

SSDT[168] : NtMapViewOfSection @ 0x832BD585 -> HOOKED (Unknown @ 0x876F7580)

SSDT[177] : NtOpenEvent @ 0x832BFC15 -> HOOKED (Unknown @ 0x876F9968)

SSDT[190] : NtOpenProcess @ 0x832BFBDF -> HOOKED (Unknown @ 0x87646140)

SSDT[191] : NtOpenProcessToken @ 0x8327AF11 -> HOOKED (Unknown @ 0x876F7C28)

SSDT[194] : NtOpenSection @ 0x832BD868 -> HOOKED (Unknown @ 0x876FA5A8)

SSDT[198] : NtOpenThread @ 0x832BE536 -> HOOKED (Unknown @ 0x876F6A10)

SSDT[215] : NtProtectVirtualMemory @ 0x832BE2EF -> HOOKED (Unknown @ 0x876FB008)

SSDT[304] : NtResumeThread @ 0x832B067D -> HOOKED (Unknown @ 0x87644E70)

SSDT[316] : NtSetContextThread @ 0x8331AB17 -> HOOKED (Unknown @ 0x876FB330)

SSDT[333] : NtSetInformationProcess @ 0x8328BA35 -> HOOKED (Unknown @ 0x876FB3F0)

SSDT[350] : NtSetSystemInformation @ 0x832C94A3 -> HOOKED (Unknown @ 0x8763E358)

SSDT[366] : unknown @ 0x8331AFA3 -> HOOKED (Unknown @ 0x876FB9A0)

SSDT[367] : NtSuspendThread @ 0x832D7D04 -> HOOKED (Unknown @ 0x876FCB48)

SSDT[370] : NtTerminateProcess @ 0x832A01B5 -> HOOKED (\SystemRoot\system32\drivers\TfSysMon.sys @ 0x8B5EB2D0)

SSDT[371] : NtTerminateThread @ 0x832B2F92 -> HOOKED (Unknown @ 0x876FB2F8)

SSDT[385] : NtUnmapViewOfSection @ 0x832BA38A -> HOOKED (Unknown @ 0x87634840)

SSDT[399] : NtWriteVirtualMemory @ 0x832C5C63 -> HOOKED (Unknown @ 0x876414D0)

S_SSDT[318] : Unknown -> HOOKED (Unknown @ 0x884FCB28)

S_SSDT[402] : Unknown -> HOOKED (Unknown @ 0x87527478)

S_SSDT[434] : Unknown -> HOOKED (Unknown @ 0x89083410)

S_SSDT[436] : Unknown -> HOOKED (Unknown @ 0x8752D410)

S_SSDT[448] : Unknown -> HOOKED (Unknown @ 0x87547560)

S_SSDT[490] : Unknown -> HOOKED (Unknown @ 0x89086728)

S_SSDT[508] : Unknown -> HOOKED (Unknown @ 0x875356E0)

S_SSDT[509] : Unknown -> HOOKED (Unknown @ 0x87535610)

S_SSDT[585] : Unknown -> HOOKED (Unknown @ 0x87541638)

S_SSDT[588] : Unknown -> HOOKED (Unknown @ 0x89081428)

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

ÿþ1

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK2555GSX +++++

--- User ---

[MBR] ccacc39a0f72ecb6f7844bfdcb05ab8b

[bSP] 4bd2408d084f023849ab85613be82fd3 : Windows Vista MBR Code

Partition table:

0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 228847 Mo

2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 471752704 | Size: 8127 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[2].txt >>

RKreport[1].txt ; RKreport[2].txt

[mjudokick]

OTL logfile created on: 8/21/2012 11:29:30 PM - Run 2

OTL by OldTimer - Version 3.2.58.1 Folder = C:\Users\MK\Desktop

Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.87 Gb Total Physical Memory | 1.59 Gb Available Physical Memory | 55.39% Memory free

5.73 Gb Paging File | 4.37 Gb Available in Paging File | 76.28% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files

Drive C: | 223.48 Gb Total Space | 197.12 Gb Free Space | 88.20% Space Free | Partition Type: NTFS

Computer Name: MK-PC | User Name: MK | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/21 23:03:24 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\MK\Desktop\OTL.exe

PRC - [2012/08/20 23:01:57 | 000,148,520 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe

PRC - [2012/08/20 23:01:52 | 000,166,024 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

PRC - [2011/10/24 08:59:46 | 000,095,808 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor Enterprise\saHookMain.exe

PRC - [2011/10/24 08:59:30 | 000,165,440 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACore.exe

PRC - [2011/09/21 19:35:57 | 000,117,648 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe

PRC - [2011/09/14 20:08:00 | 000,215,360 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe

PRC - [2011/09/14 20:08:00 | 000,209,760 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe

PRC - [2011/09/14 20:08:00 | 000,033,648 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe

PRC - [2011/07/15 23:31:12 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe

PRC - [2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2011/02/22 13:57:38 | 000,148,752 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFUN.exe

PRC - [2011/02/22 13:57:34 | 000,378,128 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFTray.exe

PRC - [2011/02/22 13:57:30 | 000,070,928 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFService.exe

PRC - [2011/02/11 13:45:54 | 001,295,736 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe

PRC - [2011/02/11 13:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

PRC - [2011/01/12 16:05:00 | 000,185,664 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\naPrdMgr.exe

PRC - [2011/01/12 16:05:00 | 000,161,088 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\UdaterUI.exe

PRC - [2011/01/12 16:05:00 | 000,120,128 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe

PRC - [2011/01/12 16:05:00 | 000,075,072 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\McTray.exe

PRC - [2010/08/18 09:44:34 | 000,221,184 | ---- | M] () -- C:\Program Files\TOSHIBA\Toshiba DetectAC Utility\DetectAC.exe

PRC - [2010/08/03 13:18:36 | 000,266,240 | ---- | M] () -- C:\Program Files\TOSHIBA\Toshiba DetectAC Utility\CollectInfo.exe

PRC - [2009/09/17 15:37:18 | 000,111,960 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

PRC - [2009/09/17 15:36:58 | 001,021,272 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

PRC - [2009/08/27 15:37:10 | 000,185,712 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TECO\TecoService.exe

PRC - [2009/08/26 20:00:06 | 001,324,384 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TECO\TEco.exe

PRC - [2009/08/21 11:29:40 | 000,464,224 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

PRC - [2009/08/21 11:29:20 | 000,476,512 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

PRC - [2009/08/10 21:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe

PRC - [2009/08/06 19:05:18 | 000,583,024 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe

PRC - [2009/08/06 19:04:56 | 000,685,424 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

PRC - [2009/08/05 16:04:54 | 000,738,616 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

PRC - [2009/07/28 22:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe

PRC - [2009/07/28 17:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe

PRC - [2009/07/28 16:00:10 | 000,460,088 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe

PRC - [2009/07/20 16:29:00 | 000,484,920 | ---- | M] (Conexant Systems, Inc.) -- C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe

PRC - [2009/07/13 20:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe

PRC - [2009/07/13 17:24:00 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe

PRC - [2009/07/08 11:40:58 | 000,518,720 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\ThpSrv.exe

PRC - [2009/07/02 13:05:00 | 000,252,288 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe

PRC - [2009/03/10 20:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

========== Modules (No Company Name) ==========

MOD - [2012/08/21 22:54:29 | 007,952,384 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll

MOD - [2012/08/21 22:26:23 | 000,025,600 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\34f340b0c113f7216a55dd7c82a69cc2\Accessibility.ni.dll

MOD - [2012/08/21 22:26:15 | 011,490,816 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll

MOD - [2012/08/13 04:00:41 | 008,007,680 | ---- | M] () -- C:\windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll

MOD - [2012/04/23 17:37:48 | 000,630,784 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

MOD - [2012/03/21 17:29:45 | 005,025,792 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

MOD - [2010/08/18 09:44:34 | 000,221,184 | ---- | M] () -- C:\Program Files\TOSHIBA\Toshiba DetectAC Utility\DetectAC.exe

MOD - [2010/08/03 13:18:36 | 000,266,240 | ---- | M] () -- C:\Program Files\TOSHIBA\Toshiba DetectAC Utility\CollectInfo.exe

MOD - [2009/09/17 15:36:34 | 000,079,192 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll

MOD - [2009/07/25 13:07:12 | 000,058,704 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll

MOD - [2009/07/16 17:27:48 | 000,052,536 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll

MOD - [2009/07/16 17:27:44 | 007,263,544 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll

MOD - [2009/06/22 17:38:40 | 000,015,160 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll

MOD - [2009/06/10 16:23:20 | 002,048,000 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll

MOD - [2009/06/10 16:23:19 | 000,114,688 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

MOD - [2009/06/10 16:23:17 | 000,425,984 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll

MOD - [2009/03/12 21:08:04 | 000,049,152 | ---- | M] () -- C:\Program Files\TOSHIBA\PCDiag\NotifyPCD.dll

MOD - [2007/04/18 19:30:46 | 000,471,040 | ---- | M] () -- C:\Program Files\McAfee\Common Framework\ccme_base.dll

MOD - [2007/04/18 19:30:46 | 000,393,216 | ---- | M] () -- C:\Program Files\McAfee\Common Framework\cryptocme2.dll

========== Win32 Services (SafeList) ==========

SRV - [2012/08/20 23:01:57 | 000,148,520 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp)

SRV - [2012/08/20 23:01:52 | 000,166,024 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)

SRV - [2012/08/14 21:46:39 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012/08/14 18:30:56 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)

SRV - [2012/07/13 19:17:12 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2011/10/24 08:59:30 | 000,165,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACore.exe -- (McAfee SiteAdvisor Enterprise Service)

SRV - [2011/09/21 19:35:57 | 000,117,648 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe -- (Norton Internet Security)

SRV - [2011/09/14 20:08:00 | 000,209,760 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe -- (McTaskManager)

SRV - [2011/02/22 13:57:30 | 000,070,928 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\ThreatFire\TFService.exe -- (ThreatFire)

SRV - [2011/02/11 13:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)

SRV - [2011/01/12 16:05:00 | 000,120,128 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe -- (McAfeeFramework)

SRV - [2009/09/17 15:37:18 | 000,111,960 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)

SRV - [2009/08/31 22:07:42 | 000,332,272 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\ProgramData\Partner\Partner.exe -- (Partner Service)

SRV - [2009/08/27 15:37:10 | 000,185,712 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)

SRV - [2009/08/21 11:29:40 | 000,464,224 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)

SRV - [2009/08/10 21:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe -- (cfWiMAXService)

SRV - [2009/08/06 19:04:56 | 000,685,424 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)

SRV - [2009/07/28 17:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)

SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2009/07/08 11:40:58 | 000,518,720 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\ThpSrv.exe -- (Thpsrv)

SRV - [2009/05/22 13:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)

SRV - [2009/03/10 20:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RtsUStor.sys -- (RSUSBSTOR)

DRV - File not found [Kernel | On_Demand | Unknown] -- -- (mfeavfk01)

DRV - [2012/08/20 23:01:57 | 000,164,840 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)

DRV - [2012/08/20 23:01:56 | 000,087,808 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)

DRV - [2012/08/20 23:01:55 | 000,461,864 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)

DRV - [2012/08/20 23:01:54 | 000,059,288 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)

DRV - [2012/08/20 23:01:53 | 000,180,072 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)

DRV - [2012/08/20 23:01:53 | 000,119,968 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)

DRV - [2012/08/20 12:47:38 | 001,601,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20120821.002\NAVEX15.SYS -- (NAVEX15)

DRV - [2012/08/20 12:47:38 | 000,092,704 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20120821.002\NAVENG.SYS -- (NAVENG)

DRV - [2012/08/14 16:39:06 | 000,467,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\cchpx86.sys -- (ccHP)

DRV - [2012/08/13 23:13:46 | 000,382,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20120821.001\IDSvix86.sys -- (IDSVix86)

DRV - [2012/08/13 13:55:25 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)

DRV - [2012/08/13 03:19:44 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)

DRV - [2012/08/13 03:19:44 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)

DRV - [2011/09/21 19:35:58 | 000,217,464 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\symtdi.sys -- (SYMTDI)

DRV - [2011/09/21 19:35:58 | 000,089,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\symfw.sys -- (SYMFW)

DRV - [2011/09/21 19:35:58 | 000,048,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\symndisv.sys -- (SYMNDISV)

DRV - [2011/02/22 13:57:52 | 000,069,392 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TfSysMon.sys -- (TfSysMon)

DRV - [2011/02/22 13:57:52 | 000,033,552 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TfNetMon.sys -- (TfNetMon)

DRV - [2011/02/22 13:57:50 | 000,051,984 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TfFsMon.sys -- (TfFsMon)

DRV - [2010/01/20 16:18:24 | 000,259,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\BHDrvx86.sys -- (BHDrvx86)

DRV - [2009/10/16 14:55:36 | 000,500,736 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)

DRV - [2009/10/02 13:33:24 | 000,862,208 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)

DRV - [2009/08/31 22:08:43 | 000,310,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\SymEFA.sys -- (SymEFA)

DRV - [2009/08/31 22:08:43 | 000,308,272 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\srtsp.sys -- (SRTSP)

DRV - [2009/08/31 22:08:43 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1008030.006\srtspx.sys -- (SRTSPX)

DRV - [2009/08/31 22:08:43 | 000,025,648 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)

DRV - [2009/07/30 19:45:56 | 000,022,912 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)

DRV - [2009/07/27 17:06:44 | 000,051,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)

DRV - [2009/07/14 17:28:42 | 000,023,512 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)

DRV - [2009/07/13 17:02:53 | 000,359,424 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTL8187Se.sys -- (RTL8187Se)

DRV - [2009/07/10 08:44:52 | 000,122,880 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)

DRV - [2009/06/29 18:16:22 | 000,013,120 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\Thpevm.sys -- (Thpevm)

DRV - [2009/06/29 12:25:24 | 000,030,272 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\thpdrv.sys -- (Thpdrv)

DRV - [2009/06/22 19:04:58 | 000,024,064 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PGEffect.sys -- (PGEffect)

DRV - [2009/06/19 21:31:08 | 000,012,920 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TVALZFL.sys -- (TVALZFL)

DRV - [2009/06/15 15:58:22 | 000,009,216 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\QIOMem.sys -- (QIOMem)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.toshiba.com/

IE - HKLM\..\SearchScopes,DefaultScope = {87CFFCCF-95CD-4805-B0A3-F0E03D9DEAB7}

IE - HKLM\..\SearchScopes\{87CFFCCF-95CD-4805-B0A3-F0E03D9DEAB7}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data over 100 bytes]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.toshiba.com/

IE - HKCU\..\SearchScopes,DefaultScope = {87CFFCCF-95CD-4805-B0A3-F0E03D9DEAB7}

IE - HKCU\..\SearchScopes\{87CFFCCF-95CD-4805-B0A3-F0E03D9DEAB7}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA_enUS497

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "google.com"

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2012/08/14 18:19:33 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2012/08/21 23:19:35 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/08/13 14:14:33 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012/08/13 14:15:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MK\AppData\Roaming\Mozilla\Extensions

[2012/08/21 23:19:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2012/08/21 23:19:35 | 000,000,000 | ---D | M] (IDS_SS_NAME) -- C:\PROGRAM FILES\COMMON FILES\MCAFEE\SYSTEMCORE

[2012/08/21 23:19:03 | 000,000,000 | ---D | M] (Norton IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NORTON\IPSFFPLGN

[2012/07/13 19:17:47 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2012/07/13 19:16:36 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2012/07/13 19:16:36 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/08/21 23:13:46 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)

O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\IPSBHO.dll (Symantec Corporation)

O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120820230244.dll (McAfee, Inc.)

O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll (Google Inc.)

O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll (McAfee, Inc.)

O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll (McAfee, Inc.)

O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe (Conexant Systems, Inc.)

O4 - HKLM..\Run: [ConexantAudioPatch] C:\Program Files\ConexantAudioPatch\AudioReset.exe ()

O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files\McAfee\Common Framework\udaterui.exe (McAfee, Inc.)

O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe (Toshiba)

O4 - HKLM..\Run: [shStatEXE] C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.)

O4 - HKLM..\Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()

O4 - HKLM..\Run: [smartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [smoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [ThpSrv] C:\windows\System32\thpsrv.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe (PC Tools)

O4 - HKLM..\Run: [Toshiba DetectAC Utility] C:\Program Files\TOSHIBA\Toshiba DetectAC Utility\DetectAC.exe ()

O4 - HKLM..\Run: [Toshiba DetectAC Utility1] C:\Program Files\TOSHIBA\Toshiba DetectAC Utility\CollectInfo.exe ()

O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [TUSBSleepChargeSrv] C:\Program Files\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe (TOSHIBA)

O4 - HKLM..\Run: [TWebCamera] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)

O4 - HKCU..\Run: [MyTOSHIBA] C:\Program Files\TOSHIBA\My Toshiba\MyToshiba.exe (TOSHIBA)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Privacy present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)

O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EB61B461-21C6-41D1-8CF7-2B8F49047D9C}: DhcpNameServer = 75.75.75.75 75.75.76.76

O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll (McAfee, Inc.)

O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll (McAfee, Inc.)

O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/21 23:12:24 | 000,000,000 | ---D | C] -- C:\_OTL

[2012/08/21 23:09:30 | 000,000,000 | ---D | C] -- C:\bb2fe9487c426684f6b28ad6

[2012/08/21 23:02:50 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\MK\Desktop\OTL.exe

[2012/08/21 21:46:21 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2012/08/21 03:53:31 | 000,000,000 | ---D | C] -- C:\windows\System32\SPReview

[2012/08/21 03:50:48 | 000,000,000 | ---D | C] -- C:\windows\System32\EventProviders

[2012/08/21 01:50:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ThreatFire

[2012/08/21 01:50:15 | 000,069,392 | ---- | C] (PC Tools) -- C:\windows\System32\drivers\TfSysMon.sys

[2012/08/21 01:50:15 | 000,033,552 | ---- | C] (PC Tools) -- C:\windows\System32\drivers\TfNetMon.sys

[2012/08/21 01:50:14 | 000,051,984 | ---- | C] (PC Tools) -- C:\windows\System32\drivers\TfFsMon.sys

[2012/08/21 01:50:06 | 000,000,000 | ---D | C] -- C:\Program Files\ThreatFire

[2012/08/21 01:50:06 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools

[2012/08/20 23:02:44 | 000,074,848 | ---- | C] (McAfee, Inc.) -- C:\windows\System32\MfeOtlkAddin.dll

[2012/08/20 23:02:44 | 000,022,816 | ---- | C] (McAfee, Inc.) -- C:\windows\System32\MFEOtlk.dll

[2012/08/20 23:02:42 | 000,009,344 | ---- | C] (McAfee, Inc.) -- C:\windows\System32\drivers\mfeclnk.sys

[2012/08/20 23:02:40 | 000,087,808 | ---- | C] (McAfee, Inc.) -- C:\windows\System32\drivers\mferkdet.sys

[2012/08/20 23:02:39 | 000,119,968 | ---- | C] (McAfee, Inc.) -- C:\windows\System32\drivers\mfeapfk.sys

[2012/08/20 23:02:39 | 000,059,288 | ---- | C] (McAfee, Inc.) -- C:\windows\System32\drivers\mfebopk.sys

[2012/08/20 23:02:38 | 000,180,072 | ---- | C] (McAfee, Inc.) -- C:\windows\System32\drivers\mfeavfk.sys

[2012/08/20 23:02:36 | 000,461,864 | ---- | C] (McAfee, Inc.) -- C:\windows\System32\drivers\mfehidk.sys

[2012/08/20 23:02:30 | 000,164,840 | ---- | C] (McAfee, Inc.) -- C:\windows\System32\drivers\mfewfpk.sys

[2012/08/20 23:02:29 | 000,148,520 | ---- | C] (McAfee, Inc.) -- C:\windows\System32\mfevtps.exe

[2012/08/20 23:02:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee

[2012/08/20 22:49:02 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Roaming\FixZeroAccess

[2012/08/20 20:11:57 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine

[2012/08/18 15:41:46 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Local\Symantec

[2012/08/18 15:41:23 | 000,000,000 | ---D | C] -- C:\Qoobox

[2012/08/18 15:41:06 | 000,000,000 | ---D | C] -- C:\windows\erdnt

[2012/08/18 15:41:03 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW

[2012/08/17 23:59:19 | 000,000,000 | ---D | C] -- C:\FRST

[2012/08/17 21:49:34 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Local\NPE

[2012/08/17 20:20:37 | 000,000,000 | ---D | C] -- C:\QUARANTINE

[2012/08/17 19:47:09 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Local\Adobe

[2012/08/17 19:41:43 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Local\Diagnostics

[2012/08/17 19:16:28 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Roaming\DAEMON Tools Lite

[2012/08/17 19:15:21 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite

[2012/08/17 00:43:06 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Local\gfie

[2012/08/17 00:43:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greenfish Icon Editor Pro 3.1

[2012/08/17 00:42:57 | 000,000,000 | ---D | C] -- C:\Program Files\Greenfish Icon Editor Pro 3.1

[2012/08/17 00:41:01 | 000,000,000 | R--D | C] -- C:\Users\MK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

[2012/08/16 23:27:42 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Roaming\McAfee

[2012/08/16 23:18:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee

[2012/08/16 23:13:22 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee

[2012/08/16 23:13:22 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee

[2012/08/16 22:44:16 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Roaming\InstallShield

[2012/08/14 18:30:57 | 000,000,000 | ---D | C] -- C:\windows\System32\Wat

[2012/08/14 17:09:23 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Local\Microsoft Help

[2012/08/14 17:00:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

[2012/08/14 16:56:20 | 000,000,000 | -HSD | C] -- C:\Users\MK\AppData\Local\{c98d7325-c016-f43a-e8d3-ce0479a18302}

[2012/08/13 19:21:11 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Local\Conexant

[2012/08/13 16:38:32 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Local\Microsoft Games

[2012/08/13 14:21:52 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Roaming\Macromedia

[2012/08/13 14:21:52 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Local\Macromedia

[2012/08/13 14:14:50 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Roaming\Mozilla

[2012/08/13 14:14:50 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Local\Mozilla

[2012/08/13 14:14:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla

[2012/08/13 14:14:35 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service

[2012/08/13 14:14:30 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2012/08/13 14:12:22 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Roaming\Adobe

[2012/08/13 14:11:45 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Roaming\Google

[2012/08/13 14:11:44 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Local\Google

[2012/08/13 13:57:41 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Roaming\Template

[2012/08/13 13:56:29 | 000,025,648 | R--- | C] (Symantec Corporation) -- C:\windows\System32\drivers\SymIMV.sys

[2012/08/13 13:56:16 | 000,124,976 | ---- | C] (Symantec Corporation) -- C:\windows\System32\drivers\SYMEVENT.SYS

[2012/08/13 13:55:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared

[2012/08/13 13:55:25 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec

[2012/08/13 05:15:38 | 000,000,000 | ---D | C] -- C:\Program Files\ConexantAudioPatch

[2012/08/13 05:00:59 | 000,000,000 | ---D | C] -- C:\windows\System32\tr

[2012/08/13 05:00:59 | 000,000,000 | ---D | C] -- C:\windows\System32\sv

[2012/08/13 05:00:59 | 000,000,000 | ---D | C] -- C:\windows\System32\sk

[2012/08/13 05:00:59 | 000,000,000 | ---D | C] -- C:\windows\System32\ru

[2012/08/13 05:00:59 | 000,000,000 | ---D | C] -- C:\windows\System32\pt

[2012/08/13 05:00:59 | 000,000,000 | ---D | C] -- C:\windows\System32\pl

[2012/08/13 05:00:59 | 000,000,000 | ---D | C] -- C:\windows\System32\no

[2012/08/13 05:00:59 | 000,000,000 | ---D | C] -- C:\windows\System32\nl

[2012/08/13 05:00:59 | 000,000,000 | ---D | C] -- C:\windows\System32\it

[2012/08/13 05:00:59 | 000,000,000 | ---D | C] -- C:\windows\System32\hu

[2012/08/13 05:00:59 | 000,000,000 | ---D | C] -- C:\windows\System32\fr

[2012/08/13 05:00:59 | 000,000,000 | ---D | C] -- C:\windows\System32\fi

[2012/08/13 05:00:59 | 000,000,000 | ---D | C] -- C:\windows\System32\es

[2012/08/13 05:00:59 | 000,000,000 | ---D | C] -- C:\windows\System32\da

[2012/08/13 05:00:58 | 000,000,000 | ---D | C] -- C:\windows\System32\el

[2012/08/13 05:00:58 | 000,000,000 | ---D | C] -- C:\windows\System32\de

[2012/08/13 05:00:58 | 000,000,000 | ---D | C] -- C:\windows\System32\cs

[2012/08/13 05:00:05 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek

[2012/08/13 04:35:09 | 000,000,000 | -HSD | C] -- C:\System Volume Information

[2012/08/13 04:34:15 | 000,000,000 | ---D | C] -- C:\windows\System32\Atheros_L1e

[2012/08/13 04:33:07 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics

[2012/08/13 04:29:53 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek WLAN Driver

[2012/08/13 04:28:32 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT

[2012/08/13 04:21:38 | 000,000,000 | ---D | C] -- C:\windows\System32\Lang

[2012/08/13 04:18:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager

[2012/08/13 04:16:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office Suite Activation Assistant

[2012/08/13 04:01:59 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

[2012/08/13 04:00:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER

[2012/08/13 04:00:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET

[2012/08/13 03:57:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help

[2012/08/13 03:57:35 | 000,000,000 | RH-D | C] -- C:\MSOCache

[2012/08/13 03:51:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office

[2012/08/13 03:51:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works

[2012/08/13 03:50:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works

[2012/08/13 03:50:28 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Local\TOSHIBA_Corporation

[2012/08/13 03:41:24 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Local\Toshiba

[2012/08/13 03:40:55 | 000,000,000 | ---D | C] -- C:\windows\SoftwareDistribution

[2012/08/13 03:40:21 | 000,000,000 | R--D | C] -- C:\Users\MK\Searches

[2012/08/13 03:40:21 | 000,000,000 | R--D | C] -- C:\Users\MK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

[2012/08/13 03:40:13 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Roaming\Identities

[2012/08/13 03:40:11 | 000,000,000 | -H-D | C] -- C:\Users\MK\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned

[2012/08/13 03:40:10 | 000,000,000 | R--D | C] -- C:\Users\MK\Contacts

[2012/08/13 03:39:16 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Roaming\WinBatch

[2012/08/13 03:38:31 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Local\VirtualStore

[2012/08/13 03:38:29 | 000,000,000 | -HSD | C] -- C:\Users\MK\AppData\Local\Temporary Internet Files

[2012/08/13 03:38:29 | 000,000,000 | -HSD | C] -- C:\Users\MK\Templates

[2012/08/13 03:38:29 | 000,000,000 | -HSD | C] -- C:\Users\MK\Start Menu

[2012/08/13 03:38:29 | 000,000,000 | -HSD | C] -- C:\Users\MK\SendTo

[2012/08/13 03:38:29 | 000,000,000 | -HSD | C] -- C:\Users\MK\Recent

[2012/08/13 03:38:29 | 000,000,000 | -HSD | C] -- C:\Users\MK\PrintHood

[2012/08/13 03:38:29 | 000,000,000 | -HSD | C] -- C:\Users\MK\NetHood

[2012/08/13 03:38:29 | 000,000,000 | -HSD | C] -- C:\Users\MK\Documents\My Videos

[2012/08/13 03:38:29 | 000,000,000 | -HSD | C] -- C:\Users\MK\Documents\My Pictures

[2012/08/13 03:38:29 | 000,000,000 | -HSD | C] -- C:\Users\MK\Documents\My Music

[2012/08/13 03:38:29 | 000,000,000 | -HSD | C] -- C:\Users\MK\My Documents

[2012/08/13 03:38:29 | 000,000,000 | -HSD | C] -- C:\Users\MK\Local Settings

[2012/08/13 03:38:29 | 000,000,000 | -HSD | C] -- C:\Users\MK\AppData\Local\History

[2012/08/13 03:38:29 | 000,000,000 | -HSD | C] -- C:\Users\MK\Cookies

[2012/08/13 03:38:29 | 000,000,000 | -HSD | C] -- C:\Users\MK\Application Data

[2012/08/13 03:38:29 | 000,000,000 | -HSD | C] -- C:\Users\MK\AppData\Local\Application Data

[2012/08/13 03:38:28 | 000,000,000 | --SD | C] -- C:\Users\MK\AppData\Roaming\Microsoft

[2012/08/13 03:38:28 | 000,000,000 | R--D | C] -- C:\Users\MK\Videos

[2012/08/13 03:38:28 | 000,000,000 | R--D | C] -- C:\Users\MK\Saved Games

[2012/08/13 03:38:28 | 000,000,000 | R--D | C] -- C:\Users\MK\Pictures

[2012/08/13 03:38:28 | 000,000,000 | R--D | C] -- C:\Users\MK\Music

[2012/08/13 03:38:28 | 000,000,000 | R--D | C] -- C:\Users\MK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

[2012/08/13 03:38:28 | 000,000,000 | R--D | C] -- C:\Users\MK\Links

[2012/08/13 03:38:28 | 000,000,000 | R--D | C] -- C:\Users\MK\Favorites

[2012/08/13 03:38:28 | 000,000,000 | R--D | C] -- C:\Users\MK\Downloads

[2012/08/13 03:38:28 | 000,000,000 | R--D | C] -- C:\Users\MK\Documents

[2012/08/13 03:38:28 | 000,000,000 | R--D | C] -- C:\Users\MK\Desktop

[2012/08/13 03:38:28 | 000,000,000 | R--D | C] -- C:\Users\MK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

[2012/08/13 03:38:28 | 000,000,000 | -H-D | C] -- C:\Users\MK\AppData

[2012/08/13 03:38:28 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Local\Temp

[2012/08/13 03:38:28 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Local\Microsoft

[2012/08/13 03:38:28 | 000,000,000 | ---D | C] -- C:\Users\MK\AppData\Roaming\Media Center Programs

========== Files - Modified Within 30 Days ==========

[2012/08/21 23:39:57 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job

[2012/08/21 23:32:21 | 000,000,886 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job

[2012/08/21 23:27:23 | 000,015,568 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012/08/21 23:27:23 | 000,015,568 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012/08/21 23:24:08 | 000,000,882 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job

[2012/08/21 23:18:43 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat

[2012/08/21 23:18:35 | 2309,701,632 | -HS- | M] () -- C:\hiberfil.sys

[2012/08/21 23:17:15 | 002,031,812 | ---- | M] () -- C:\windows\System32\drivers\NIS\1008030.006\Cat.DB

[2012/08/21 23:15:19 | 000,624,178 | ---- | M] () -- C:\windows\System32\perfh009.dat

[2012/08/21 23:15:19 | 000,106,522 | ---- | M] () -- C:\windows\System32\perfc009.dat

[2012/08/21 23:13:46 | 000,000,098 | ---- | M] () -- C:\windows\System32\drivers\etc\Hosts

[2012/08/21 23:12:07 | 001,558,528 | ---- | M] () -- C:\Users\MK\Desktop\RogueKiller.exe

[2012/08/21 23:03:24 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\MK\Desktop\OTL.exe

[2012/08/21 21:24:30 | 000,007,602 | ---- | M] () -- C:\Users\MK\AppData\Local\resmon.resmoncfg

[2012/08/21 01:50:21 | 000,000,919 | ---- | M] () -- C:\Users\Public\Desktop\ThreatFire.lnk

[2012/08/21 00:18:16 | 000,001,374 | ---- | M] () -- C:\Users\MK\Desktop\Illinois VPN.lnk

[2012/08/21 00:15:26 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\Greenfish Icon Editor Pro.lnk

[2012/08/20 23:01:57 | 000,164,840 | ---- | M] (McAfee, Inc.) -- C:\windows\System32\drivers\mfewfpk.sys

[2012/08/20 23:01:57 | 000,148,520 | ---- | M] (McAfee, Inc.) -- C:\windows\System32\mfevtps.exe

[2012/08/20 23:01:56 | 000,087,808 | ---- | M] (McAfee, Inc.) -- C:\windows\System32\drivers\mferkdet.sys

[2012/08/20 23:01:56 | 000,074,848 | ---- | M] (McAfee, Inc.) -- C:\windows\System32\MfeOtlkAddin.dll

[2012/08/20 23:01:55 | 000,461,864 | ---- | M] (McAfee, Inc.) -- C:\windows\System32\drivers\mfehidk.sys

[2012/08/20 23:01:55 | 000,022,816 | ---- | M] (McAfee, Inc.) -- C:\windows\System32\MFEOtlk.dll

[2012/08/20 23:01:54 | 000,059,288 | ---- | M] (McAfee, Inc.) -- C:\windows\System32\drivers\mfebopk.sys

[2012/08/20 23:01:54 | 000,009,344 | ---- | M] (McAfee, Inc.) -- C:\windows\System32\drivers\mfeclnk.sys

[2012/08/20 23:01:53 | 000,180,072 | ---- | M] (McAfee, Inc.) -- C:\windows\System32\drivers\mfeavfk.sys

[2012/08/20 23:01:53 | 000,119,968 | ---- | M] (McAfee, Inc.) -- C:\windows\System32\drivers\mfeapfk.sys

[2012/08/14 18:27:37 | 000,001,422 | ---- | M] () -- C:\Users\MK\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2012/08/14 18:18:21 | 000,002,425 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk

[2012/08/14 18:17:48 | 000,340,792 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT

[2012/08/14 17:16:05 | 000,072,822 | ---- | M] () -- C:\windows\System32\ieuinit.inf

[2012/08/14 16:39:06 | 000,467,592 | ---- | M] (Symantec Corporation) -- C:\windows\System32\drivers\NIS\1008030.006\cchpx86.sys

[2012/08/14 16:39:02 | 000,000,172 | ---- | M] () -- C:\windows\System32\drivers\NIS\1008030.006\isolate.ini

[2012/08/13 14:14:37 | 000,001,103 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2012/08/13 13:57:39 | 000,000,000 | ---- | M] () -- C:\Users\MK\AppData\Roaming\wklnhst.dat

[2012/08/13 13:55:25 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\windows\System32\drivers\SYMEVENT.SYS

[2012/08/13 13:55:25 | 000,007,456 | ---- | M] () -- C:\windows\System32\drivers\SYMEVENT.CAT

[2012/08/13 13:55:25 | 000,000,806 | ---- | M] () -- C:\windows\System32\drivers\SYMEVENT.INF

[2012/08/13 05:37:40 | 000,039,252 | ---- | M] () -- C:\windows\System32\license.rtf

[2012/08/13 05:34:34 | 000,000,000 | ---- | M] () -- C:\windows\NDSTray.INI

[2012/08/13 05:11:24 | 000,001,868 | ---- | M] () -- C:\Users\MK\Desktop\Web Camera Application.lnk

[2012/08/13 04:33:22 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_Kernel_SynTP_01007.Wdf

[2012/08/13 04:26:41 | 000,014,324 | ---- | M] () -- C:\windows\System32\results.xml

[2012/08/13 03:39:39 | 000,000,016 | RHS- | M] () -- C:\windows\System32\drivers\fbd.sys

========== Files Created - No Company Name ==========

[2012/08/21 23:11:07 | 001,558,528 | ---- | C] () -- C:\Users\MK\Desktop\RogueKiller.exe

[2012/08/21 01:50:21 | 000,000,919 | ---- | C] () -- C:\Users\Public\Desktop\ThreatFire.lnk

[2012/08/21 00:15:26 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\Greenfish Icon Editor Pro.lnk

[2012/08/20 23:46:15 | 000,001,374 | ---- | C] () -- C:\Users\MK\Desktop\Illinois VPN.lnk

[2012/08/18 17:29:24 | 000,007,602 | ---- | C] () -- C:\Users\MK\AppData\Local\resmon.resmoncfg

[2012/08/14 17:16:05 | 000,072,822 | ---- | C] () -- C:\windows\System32\ieuinit.inf

[2012/08/14 16:56:20 | 000,002,048 | -HS- | C] () -- C:\Users\MK\AppData\Local\{c98d7325-c016-f43a-e8d3-ce0479a18302}\@

[2012/08/13 14:21:39 | 000,000,830 | ---- | C] () -- C:\windows\tasks\Adobe Flash Player Updater.job

[2012/08/13 14:16:49 | 000,000,886 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job

[2012/08/13 14:16:49 | 000,000,882 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job

[2012/08/13 14:14:37 | 000,001,115 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

[2012/08/13 14:14:37 | 000,001,103 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2012/08/13 14:11:27 | 000,001,422 | ---- | C] () -- C:\Users\MK\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2012/08/13 13:57:39 | 000,000,000 | ---- | C] () -- C:\Users\MK\AppData\Roaming\wklnhst.dat

[2012/08/13 13:56:16 | 000,007,456 | ---- | C] () -- C:\windows\System32\drivers\SYMEVENT.CAT

[2012/08/13 13:56:16 | 000,000,806 | ---- | C] () -- C:\windows\System32\drivers\SYMEVENT.INF

[2012/08/13 13:54:27 | 000,002,425 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk

[2012/08/13 05:34:34 | 000,000,000 | ---- | C] () -- C:\windows\NDSTray.INI

[2012/08/13 05:11:24 | 000,001,868 | ---- | C] () -- C:\Users\MK\Desktop\Web Camera Application.lnk

[2012/08/13 04:33:22 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_Kernel_SynTP_01007.Wdf

[2012/08/13 04:26:41 | 000,014,324 | ---- | C] () -- C:\windows\System32\results.xml

[2012/08/13 03:51:57 | 000,002,557 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk

[2012/08/13 03:51:20 | 000,001,116 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works Task Launcher.lnk

[2012/08/13 03:40:25 | 000,001,428 | ---- | C] () -- C:\Users\MK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

[2012/08/13 03:39:39 | 000,000,016 | RHS- | C] () -- C:\windows\System32\drivers\fbd.sys

[2012/08/13 03:38:29 | 000,000,290 | ---- | C] () -- C:\Users\MK\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk

[2012/08/13 03:38:29 | 000,000,272 | ---- | C] () -- C:\Users\MK\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

[2012/08/13 03:36:19 | 2309,701,632 | -HS- | C] () -- C:\hiberfil.sys

========== LOP Check ==========

[2012/08/17 19:21:40 | 000,000,000 | ---D | M] -- C:\Users\MK\AppData\Roaming\DAEMON Tools Lite

[2012/08/20 22:49:02 | 000,000,000 | ---D | M] -- C:\Users\MK\AppData\Roaming\FixZeroAccess

[2012/08/13 13:57:41 | 000,000,000 | ---D | M] -- C:\Users\MK\AppData\Roaming\Template

[2012/08/13 03:39:16 | 000,000,000 | ---D | M] -- C:\Users\MK\AppData\Roaming\WinBatch

[2009/07/13 23:53:46 | 000,008,128 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

[aliB]

hi

Step 1

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  

  :OTL
  [2012/08/14 16:56:20 | 000,002,048 | -HS- | C] () -- C:\Users\MK\AppData\Local\{c98d7325-c016-f43a-e8d3-ce0479a18302}\@
  
  :Commands
  [purity]
  [emptytemp]
  [EMPTYFLASH]
  [Reboot]

  
  

• Then click the Run Fix button at the top
  
• Let the program run unhindered, reboot the PC when it is done
  
• Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
  

Step 2

Download the latest version of TDSSKiller from here and save it to your Desktop.

• Doubleclick on TDSSKiller.exe to run the application
  
  
• Then click on Change parameters.
  
  
• Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
  
• Click the Start Scan button.
  
• If a suspicious object is detected, the default action will be Skip, click on Continue.
  
  
• If malicious objects are found, they will show in the Scan results and offer three (3) options.
  
• Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
  
• Get the report by selecting Reports
  
  
• Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  

Please copy and paste its contents on your next reply.

Things I would like to see in your reply:

• OTL log
  
• TDSSkiller log

[mjudokick]

All processes killed

========== OTL ==========

File C:\Users\MK\AppData\Local\{c98d7325-c016-f43a-e8d3-ce0479a18302}\@ not found.

========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: MK

->Temp folder emptied: 495 bytes

->Temporary Internet Files folder emptied: 473157 bytes

->FireFox cache emptied: 7490373 bytes

->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 0 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 8.00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: MK

->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.58.1 log created on 08222012_124028

Files\Folders moved on Reboot...

C:\Users\MK\AppData\Local\Temp\McAfeeLogs\UpdaterUI_MK-PC.log moved successfully.

C:\Users\MK\AppData\Local\Temp\McAfeeLogs\UpdaterUI_MK-PC_error.log moved successfully.

File\Folder C:\windows\temp\JET37C2.tmp not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

12:59:55.0614 4348 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03

12:59:57.0627 4348 ============================================================

12:59:57.0627 4348 Current date / time: 2012/08/22 12:59:57.0627

12:59:57.0627 4348 SystemInfo:

12:59:57.0627 4348

12:59:57.0627 4348 OS Version: 6.1.7600 ServicePack: 0.0

12:59:57.0627 4348 Product type: Workstation

12:59:57.0627 4348 ComputerName: MK-PC

12:59:57.0642 4348 UserName: MK

12:59:57.0642 4348 Windows directory: C:\windows

12:59:57.0642 4348 System windows directory: C:\windows

12:59:57.0642 4348 Processor architecture: Intel x86

12:59:57.0642 4348 Number of processors: 1

12:59:57.0642 4348 Page size: 0x1000

12:59:57.0642 4348 Boot type: Normal boot

12:59:57.0642 4348 ============================================================

13:00:11.0043 4348 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

13:00:11.0058 4348 ============================================================

13:00:11.0058 4348 \Device\Harddisk0\DR0:

13:00:11.0058 4348 MBR partitions:

13:00:11.0058 4348 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1BEF7800

13:00:11.0058 4348 ============================================================

13:00:11.0121 4348 C: <-> \Device\Harddisk0\DR0\Partition1

13:00:11.0121 4348 ============================================================

13:00:11.0121 4348 Initialize success

13:00:11.0121 4348 ============================================================

13:00:30.0730 4580 ============================================================

13:00:30.0730 4580 Scan started

13:00:30.0730 4580 Mode: Manual; SigCheck; TDLFS;

13:00:30.0730 4580 ============================================================

13:00:32.0961 4580 ================ Scan system memory ========================

13:00:32.0961 4580 System memory - ok

13:00:32.0961 4580 ================ Scan services =============================

13:00:33.0756 4580 [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci C:\windows\system32\DRIVERS\1394ohci.sys

13:00:34.0162 4580 1394ohci - ok

13:00:34.0224 4580 [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI C:\windows\system32\DRIVERS\ACPI.sys

13:00:34.0256 4580 ACPI - ok

13:00:34.0302 4580 [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi C:\windows\system32\DRIVERS\acpipmi.sys

13:00:34.0458 4580 AcpiPmi - ok

13:00:34.0583 4580 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

13:00:34.0770 4580 AdobeFlashPlayerUpdateSvc - ok

13:00:34.0848 4580 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys

13:00:34.0958 4580 adp94xx - ok

13:00:34.0989 4580 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys

13:00:35.0036 4580 adpahci - ok

13:00:35.0067 4580 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys

13:00:35.0207 4580 adpu320 - ok

13:00:35.0285 4580 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll

13:00:35.0426 4580 AeLookupSvc - ok

13:00:35.0519 4580 [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD C:\windows\system32\drivers\afd.sys

13:00:35.0769 4580 AFD - ok

13:00:35.0800 4580 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\windows\system32\DRIVERS\agp440.sys

13:00:35.0831 4580 agp440 - ok

13:00:35.0940 4580 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys

13:00:35.0972 4580 aic78xx - ok

13:00:36.0065 4580 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe

13:00:36.0268 4580 ALG - ok

13:00:36.0315 4580 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\DRIVERS\aliide.sys

13:00:36.0346 4580 aliide - ok

13:00:36.0408 4580 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\windows\system32\DRIVERS\amdagp.sys

13:00:36.0440 4580 amdagp - ok

13:00:36.0502 4580 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\DRIVERS\amdide.sys

13:00:36.0580 4580 amdide - ok

13:00:36.0642 4580 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys

13:00:36.0705 4580 AmdK8 - ok

13:00:36.0767 4580 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys

13:00:36.0814 4580 AmdPPM - ok

13:00:36.0861 4580 [ 19CE906B4CDC11FC4FEF5745F33A63B6 ] amdsata C:\windows\system32\drivers\amdsata.sys

13:00:37.0095 4580 amdsata - ok

13:00:37.0157 4580 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys

13:00:37.0188 4580 amdsbs - ok

13:00:37.0220 4580 [ 869E67D66BE326A5A9159FBA8746FA70 ] amdxata C:\windows\system32\drivers\amdxata.sys

13:00:37.0407 4580 amdxata - ok

13:00:37.0469 4580 [ FEB834C02CE1E84B6A38F953CA067706 ] AppID C:\windows\system32\drivers\appid.sys

13:00:37.0610 4580 AppID - ok

13:00:37.0672 4580 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\windows\System32\appidsvc.dll

13:00:37.0922 4580 AppIDSvc - ok

13:00:38.0015 4580 [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo C:\windows\System32\appinfo.dll

13:00:38.0171 4580 Appinfo - ok

13:00:38.0249 4580 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\DRIVERS\arc.sys

13:00:38.0296 4580 arc - ok

13:00:38.0327 4580 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\DRIVERS\arcsas.sys

13:00:38.0405 4580 arcsas - ok

13:00:38.0421 4580 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys

13:00:38.0764 4580 AsyncMac - ok

13:00:38.0795 4580 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\DRIVERS\atapi.sys

13:00:38.0842 4580 atapi - ok

13:00:38.0920 4580 [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll

13:00:39.0060 4580 AudioEndpointBuilder - ok

13:00:39.0107 4580 [ 510C873BFA135AA829F4180352772734 ] Audiosrv C:\windows\System32\Audiosrv.dll

13:00:39.0201 4580 Audiosrv - ok

13:00:39.0326 4580 [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV C:\windows\System32\AxInstSV.dll

13:00:39.0497 4580 AxInstSV - ok

13:00:39.0591 4580 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys

13:00:39.0762 4580 b06bdrv - ok

13:00:39.0872 4580 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys

13:00:39.0950 4580 b57nd60x - ok

13:00:40.0043 4580 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll

13:00:40.0168 4580 BDESVC - ok

13:00:40.0199 4580 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys

13:00:40.0293 4580 Beep - ok

13:00:40.0386 4580 [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE C:\windows\System32\bfe.dll

13:00:40.0620 4580 BFE - ok

13:00:40.0698 4580 [ 53F476476F55A27F580661BDE09C4EC4 ] BITS C:\windows\System32\qmgr.dll

13:00:40.0823 4580 BITS - ok

13:00:40.0854 4580 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys

13:00:40.0995 4580 blbdrive - ok

13:00:41.0073 4580 [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser C:\windows\system32\DRIVERS\bowser.sys

13:00:41.0432 4580 bowser - ok

13:00:41.0463 4580 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys

13:00:41.0588 4580 BrFiltLo - ok

13:00:41.0603 4580 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys

13:00:41.0712 4580 BrFiltUp - ok

13:00:41.0790 4580 [ A0E691DC6589D4D2CBE373171D1A49E5 ] Browser C:\windows\System32\browser.dll

13:00:41.0978 4580 Browser - ok

13:00:42.0024 4580 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys

13:00:42.0196 4580 Brserid - ok

13:00:42.0274 4580 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys

13:00:42.0368 4580 BrSerWdm - ok

13:00:42.0399 4580 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys

13:00:42.0446 4580 BrUsbMdm - ok

13:00:42.0492 4580 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys

13:00:42.0617 4580 BrUsbSer - ok

13:00:42.0633 4580 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys

13:00:42.0758 4580 BTHMODEM - ok

13:00:42.0820 4580 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll

13:00:43.0007 4580 bthserv - ok

13:00:43.0054 4580 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys

13:00:43.0163 4580 cdfs - ok

13:00:43.0226 4580 [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys

13:00:43.0304 4580 cdrom - ok

13:00:43.0366 4580 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc C:\windows\System32\certprop.dll

13:00:43.0553 4580 CertPropSvc - ok

13:00:43.0756 4580 [ 1F8A319D29394F9CE1B7AE020DF2EBBF ] cfWiMAXService C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe

13:00:43.0787 4580 cfWiMAXService - ok

13:00:43.0850 4580 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\DRIVERS\circlass.sys

13:00:43.0974 4580 circlass - ok

13:00:44.0006 4580 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\windows\system32\CLFS.sys

13:00:44.0068 4580 CLFS - ok

13:00:44.0333 4580 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

13:00:44.0396 4580 clr_optimization_v2.0.50727_32 - ok

13:00:44.0661 4580 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

13:00:44.0692 4580 clr_optimization_v4.0.30319_32 - ok

13:00:44.0754 4580 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys

13:00:44.0864 4580 CmBatt - ok

13:00:44.0926 4580 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\DRIVERS\cmdide.sys

13:00:44.0957 4580 cmdide - ok

13:00:45.0004 4580 [ DB5E008B3744DD60C8498CBBF2A1CFA6 ] CNG C:\windows\system32\Drivers\cng.sys

13:00:45.0238 4580 CNG - ok

13:00:45.0347 4580 [ 5BCBAF10F36B46DD5ED4FBBBDB9EFE58 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT32.sys

13:00:45.0488 4580 CnxtHdAudService - ok

13:00:45.0534 4580 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys

13:00:45.0566 4580 Compbatt - ok

13:00:45.0644 4580 [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys

13:00:45.0737 4580 CompositeBus - ok

13:00:45.0784 4580 COMSysApp - ok

13:00:45.0831 4580 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

13:00:45.0862 4580 ConfigFree Service - ok

13:00:45.0893 4580 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys

13:00:45.0940 4580 crcdisk - ok

13:00:46.0065 4580 [ 520A108A2657F4BCA7FCED9CA7D885DE ] CryptSvc C:\windows\system32\cryptsvc.dll

13:00:46.0190 4580 CryptSvc - ok

13:00:46.0236 4580 [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch C:\windows\system32\rpcss.dll

13:00:46.0330 4580 DcomLaunch - ok

13:00:46.0424 4580 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll

13:00:46.0611 4580 defragsvc - ok

13:00:46.0673 4580 [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC C:\windows\system32\Drivers\dfsc.sys

13:00:46.0876 4580 DfsC - ok

13:00:46.0970 4580 [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp C:\windows\system32\dhcpcore.dll

13:00:47.0094 4580 Dhcp - ok

13:00:47.0126 4580 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys

13:00:47.0313 4580 discache - ok

13:00:47.0391 4580 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\windows\system32\DRIVERS\disk.sys

13:00:47.0422 4580 Disk - ok

13:00:47.0500 4580 [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache C:\windows\System32\dnsrslvr.dll

13:00:47.0609 4580 Dnscache - ok

13:00:47.0703 4580 [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc C:\windows\System32\dot3svc.dll

13:00:47.0828 4580 dot3svc - ok

13:00:47.0906 4580 [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS C:\windows\system32\dps.dll

13:00:48.0046 4580 DPS - ok

13:00:48.0140 4580 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys

13:00:48.0202 4580 drmkaud - ok

13:00:48.0296 4580 [ 1679A4669326CB1A67CC95658D273234 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys

13:00:48.0467 4580 DXGKrnl - ok

13:00:48.0514 4580 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll

13:00:48.0701 4580 EapHost - ok

13:00:48.0873 4580 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys

13:00:49.0169 4580 ebdrv - ok

13:00:49.0216 4580 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS C:\windows\System32\lsass.exe

13:00:49.0372 4580 EFS - ok

13:00:49.0793 4580 [ 1697C39978CD69F6FBC15302EDCECE1F ] ehRecvr C:\windows\ehome\ehRecvr.exe

13:00:50.0090 4580 ehRecvr - ok

13:00:50.0136 4580 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\windows\ehome\ehsched.exe

13:00:50.0292 4580 ehSched - ok

13:00:50.0370 4580 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\DRIVERS\elxstor.sys

13:00:50.0433 4580 elxstor - ok

13:00:50.0480 4580 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\windows\system32\DRIVERS\errdev.sys

13:00:50.0573 4580 ErrDev - ok

13:00:50.0667 4580 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll

13:00:50.0792 4580 EventSystem - ok

13:00:50.0838 4580 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\windows\system32\drivers\exfat.sys

13:00:50.0979 4580 exfat - ok

13:00:50.0994 4580 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\windows\system32\drivers\fastfat.sys

13:00:51.0072 4580 fastfat - ok

13:00:51.0150 4580 [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax C:\windows\system32\fxssvc.exe

13:00:51.0291 4580 Fax - ok

13:00:51.0338 4580 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\DRIVERS\fdc.sys

13:00:51.0447 4580 fdc - ok

13:00:51.0759 4580 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll

13:00:51.0977 4580 fdPHost - ok

13:00:52.0008 4580 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll

13:00:52.0180 4580 FDResPub - ok

13:00:52.0227 4580 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys

13:00:52.0258 4580 FileInfo - ok

13:00:52.0289 4580 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys

13:00:52.0398 4580 Filetrace - ok

13:00:52.0414 4580 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys

13:00:52.0476 4580 flpydisk - ok

13:00:52.0554 4580 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys

13:00:52.0601 4580 FltMgr - ok

13:00:52.0695 4580 [ 7FE4995528A7529A761875151EE3D512 ] FontCache C:\windows\system32\FntCache.dll

13:00:52.0820 4580 FontCache - ok

13:00:52.0898 4580 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

13:00:52.0929 4580 FontCache3.0.0.0 - ok

13:00:52.0960 4580 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys

13:00:52.0991 4580 FsDepends - ok

13:00:53.0054 4580 [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys

13:00:53.0178 4580 Fs_Rec - ok

13:00:53.0288 4580 [ DAFBD9FE39197495AED6D51F3B85B5D2 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys

13:00:53.0350 4580 fvevol - ok

13:00:53.0397 4580 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys

13:00:53.0459 4580 gagp30kx - ok

13:00:53.0537 4580 [ C44D560E441F091EA3B72F778EC60DE2 ] GameConsoleService C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe

13:00:53.0693 4580 GameConsoleService - ok

13:00:53.0787 4580 [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc C:\windows\System32\gpsvc.dll

13:00:53.0896 4580 gpsvc - ok

13:00:53.0990 4580 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe

13:00:54.0036 4580 gupdate - ok

13:00:54.0052 4580 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe

13:00:54.0083 4580 gupdatem - ok

13:00:54.0161 4580 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

13:00:54.0286 4580 gusvc - ok

13:00:54.0333 4580 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys

13:00:54.0473 4580 hcw85cir - ok

13:00:54.0567 4580 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys

13:00:54.0676 4580 HdAudAddService - ok

13:00:54.0738 4580 [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys

13:00:54.0832 4580 HDAudBus - ok

13:00:54.0910 4580 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys

13:00:55.0113 4580 HidBatt - ok

13:00:55.0128 4580 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys

13:00:55.0191 4580 HidBth - ok

13:00:55.0284 4580 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\DRIVERS\hidir.sys

13:00:55.0378 4580 HidIr - ok

13:00:55.0456 4580 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\system32\hidserv.dll

13:00:55.0550 4580 hidserv - ok

13:00:55.0643 4580 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys

13:00:55.0737 4580 HidUsb - ok

13:00:55.0784 4580 [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc C:\windows\system32\kmsvc.dll

13:00:55.0971 4580 hkmsvc - ok

13:00:56.0018 4580 [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\windows\system32\ListSvc.dll

13:00:56.0142 4580 HomeGroupListener - ok

13:00:56.0189 4580 [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\windows\system32\provsvc.dll

13:00:56.0298 4580 HomeGroupProvider - ok

13:00:56.0345 4580 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\DRIVERS\HpSAMD.sys

13:00:56.0423 4580 HpSAMD - ok

13:00:56.0501 4580 [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP C:\windows\system32\drivers\HTTP.sys

13:00:56.0657 4580 HTTP - ok

13:00:56.0673 4580 [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys

13:00:56.0704 4580 hwpolicy - ok

13:00:56.0829 4580 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys

13:00:56.0922 4580 i8042prt - ok

13:00:57.0032 4580 [ D483687EACE0C065EE772481A96E05F5 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys

13:00:57.0078 4580 iaStor - ok

13:00:57.0172 4580 [ 71F1A494FEDF4B33C02C4A6A28D6D9E9 ] iaStorV C:\windows\system32\drivers\iaStorV.sys

13:00:57.0453 4580 iaStorV - ok

13:00:57.0609 4580 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

13:00:57.0812 4580 IDriverT ( UnsignedFile.Multi.Generic ) - warning

13:00:57.0812 4580 IDriverT - detected UnsignedFile.Multi.Generic (1)

13:00:57.0952 4580 [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

13:00:58.0015 4580 idsvc - ok

13:00:58.0467 4580 [ 315AAAA2BC9BC778ADC0454B3CA8DCCE ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys

13:00:59.0075 4580 igfx - ok

13:00:59.0153 4580 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys

13:00:59.0216 4580 iirsp - ok

13:00:59.0356 4580 [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT C:\windows\System32\ikeext.dll

13:00:59.0481 4580 IKEEXT - ok

13:00:59.0575 4580 [ 264632ADE8127B7BAA2190CF6FAD435B ] IntcHdmiAddService C:\windows\system32\drivers\IntcHdmi.sys

13:00:59.0949 4580 IntcHdmiAddService - ok

13:00:59.0980 4580 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\DRIVERS\intelide.sys

13:01:00.0089 4580 intelide - ok

13:01:00.0152 4580 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys

13:01:00.0214 4580 intelppm - ok

13:01:00.0277 4580 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll

13:01:00.0370 4580 IPBusEnum - ok

13:01:00.0448 4580 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys

13:01:00.0557 4580 IpFilterDriver - ok

13:01:00.0667 4580 [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc C:\windows\System32\iphlpsvc.dll

13:01:00.0760 4580 iphlpsvc - ok

13:01:00.0791 4580 [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV C:\windows\system32\DRIVERS\IPMIDrv.sys

13:01:00.0901 4580 IPMIDRV - ok

13:01:00.0916 4580 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys

13:01:00.0994 4580 IPNAT - ok

13:01:01.0103 4580 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys

13:01:01.0259 4580 IRENUM - ok

13:01:01.0306 4580 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\windows\system32\DRIVERS\isapnp.sys

13:01:01.0618 4580 isapnp - ok

13:01:01.0634 4580 [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt C:\windows\system32\DRIVERS\msiscsi.sys

13:01:01.0727 4580 iScsiPrt - ok

13:01:01.0790 4580 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys

13:01:01.0821 4580 kbdclass - ok

13:01:01.0883 4580 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys

13:01:01.0961 4580 kbdhid - ok

13:01:01.0993 4580 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso C:\windows\system32\lsass.exe

13:01:02.0024 4580 KeyIso - ok

13:01:02.0086 4580 [ 52FC17C8589F11747D01D3CF592673D0 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys

13:01:02.0242 4580 KSecDD - ok

13:01:02.0273 4580 [ 3E5474B03568CFAB834DA3C38E8C9EFA ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys

13:01:02.0539 4580 KSecPkg - ok

13:01:02.0585 4580 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll

13:01:02.0741 4580 KtmRm - ok

13:01:02.0851 4580 [ A158CEA8644B8A5C1EC0E9A81B70F65A ] L1C C:\windows\system32\DRIVERS\L1C62x86.sys

13:01:03.0131 4580 L1C - ok

13:01:03.0241 4580 [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer C:\windows\system32\srvsvc.dll

13:01:03.0397 4580 LanmanServer - ok

13:01:03.0506 4580 [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\windows\System32\wkssvc.dll

13:01:03.0599 4580 LanmanWorkstation - ok

13:01:03.0662 4580 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys

13:01:03.0802 4580 lltdio - ok

13:01:03.0849 4580 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll

13:01:04.0021 4580 lltdsvc - ok

13:01:04.0067 4580 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll

13:01:04.0130 4580 lmhosts - ok

13:01:04.0223 4580 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys

13:01:04.0270 4580 LSI_FC - ok

13:01:04.0333 4580 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys

13:01:04.0379 4580 LSI_SAS - ok

13:01:04.0489 4580 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys

13:01:04.0520 4580 LSI_SAS2 - ok

13:01:04.0567 4580 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys

13:01:04.0613 4580 LSI_SCSI - ok

13:01:04.0676 4580 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\windows\system32\drivers\luafv.sys

13:01:04.0769 4580 luafv - ok

13:01:05.0019 4580 [ 23CDE37EE00C95F0098D12CCE11B3507 ] McAfee SiteAdvisor Enterprise Service C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACore.exe

13:01:05.0050 4580 McAfee SiteAdvisor Enterprise Service - ok

13:01:05.0191 4580 [ 062D80F13D762F7BC2F38430D60F5048 ] McAfeeFramework C:\Program Files\McAfee\Common Framework\FrameworkService.exe

13:01:05.0237 4580 McAfeeFramework - ok

13:01:05.0471 4580 [ 09442ECFCED9C83722509C3269CADECD ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

13:01:05.0503 4580 McShield - ok

13:01:05.0705 4580 [ 462EB5733C52471DB574727B5D1F77E4 ] McTaskManager C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe

13:01:05.0737 4580 McTaskManager - ok

13:01:05.0783 4580 [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll

13:01:05.0877 4580 Mcx2Svc - ok

13:01:05.0924 4580 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\DRIVERS\megasas.sys

13:01:05.0986 4580 megasas - ok

13:01:06.0017 4580 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys

13:01:06.0111 4580 MegaSR - ok

13:01:06.0236 4580 [ 80D337A6104F6F69C89F42602C50E5D8 ] mfeapfk C:\windows\system32\drivers\mfeapfk.sys

13:01:06.0267 4580 mfeapfk - ok

13:01:06.0329 4580 [ 54EE8EEC41C2F9F03CAD1874B6AF54B0 ] mfeavfk C:\windows\system32\drivers\mfeavfk.sys

13:01:06.0485 4580 mfeavfk - ok

13:01:06.0532 4580 mfeavfk01 - ok

13:01:06.0641 4580 [ 61B36C8A0992B813CB2445E29296C654 ] mfebopk C:\windows\system32\drivers\mfebopk.sys

13:01:06.0688 4580 mfebopk - ok

13:01:06.0782 4580 [ 87DFA0244A4CBC817A24D067B4E4ED24 ] mfehidk C:\windows\system32\drivers\mfehidk.sys

13:01:07.0078 4580 mfehidk - ok

13:01:07.0156 4580 [ 60A05B48C781C0A69FF2E2E4FE3CF27C ] mferkdet C:\windows\system32\drivers\mferkdet.sys

13:01:07.0203 4580 mferkdet - ok

13:01:07.0312 4580 [ 5EFF2C96CF43C09F48239BF106861365 ] mfevtp C:\windows\system32\mfevtps.exe

13:01:07.0343 4580 mfevtp - ok

13:01:07.0390 4580 [ C2A436D77091DBBD35D863AD781E02C8 ] mfewfpk C:\windows\system32\drivers\mfewfpk.sys

13:01:07.0531 4580 mfewfpk - ok

13:01:07.0609 4580 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll

13:01:07.0702 4580 MMCSS - ok

13:01:07.0733 4580 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys

13:01:07.0874 4580 Modem - ok

13:01:07.0967 4580 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys

13:01:08.0030 4580 monitor - ok

13:01:08.0077 4580 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys

13:01:08.0108 4580 mouclass - ok

13:01:08.0217 4580 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\DRIVERS\mouhid.sys

13:01:08.0295 4580 mouhid - ok

13:01:08.0373 4580 [ 921C18727C5920D6C0300736646931C2 ] mountmgr C:\windows\system32\drivers\mountmgr.sys

13:01:08.0420 4580 mountmgr - ok

13:01:08.0591 4580 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

13:01:08.0716 4580 MozillaMaintenance - ok

13:01:08.0763 4580 [ 2AF5997438C55FB79D33D015C30E1974 ] mpio C:\windows\system32\DRIVERS\mpio.sys

13:01:08.0841 4580 mpio - ok

13:01:08.0872 4580 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys

13:01:08.0966 4580 mpsdrv - ok

13:01:09.0075 4580 [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc C:\windows\system32\mpssvc.dll

13:01:09.0200 4580 MpsSvc - ok

13:01:09.0247 4580 [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV C:\windows\system32\drivers\mrxdav.sys

13:01:09.0325 4580 MRxDAV - ok

13:01:09.0371 4580 [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys

13:01:09.0730 4580 mrxsmb - ok

13:01:09.0777 4580 [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys

13:01:10.0011 4580 mrxsmb10 - ok

13:01:10.0073 4580 [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys

13:01:10.0276 4580 mrxsmb20 - ok

13:01:10.0307 4580 [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci C:\windows\system32\DRIVERS\msahci.sys

13:01:10.0339 4580 msahci - ok

13:01:10.0401 4580 [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm C:\windows\system32\DRIVERS\msdsm.sys

13:01:10.0479 4580 msdsm - ok

13:01:10.0526 4580 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe

13:01:10.0666 4580 MSDTC - ok

13:01:10.0760 4580 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\windows\system32\drivers\Msfs.sys

13:01:10.0838 4580 Msfs - ok

13:01:10.0853 4580 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys

13:01:10.0916 4580 mshidkmdf - ok

13:01:10.0994 4580 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\windows\system32\DRIVERS\msisadrv.sys

13:01:11.0025 4580 msisadrv - ok

13:01:11.0072 4580 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll

13:01:11.0197 4580 MSiSCSI - ok

13:01:11.0212 4580 msiserver - ok

13:01:11.0290 4580 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys

13:01:11.0399 4580 MSKSSRV - ok

13:01:11.0446 4580 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys

13:01:11.0587 4580 MSPCLOCK - ok

13:01:11.0680 4580 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys

13:01:11.0789 4580 MSPQM - ok

13:01:11.0805 4580 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys

13:01:11.0852 4580 MsRPC - ok

13:01:11.0914 4580 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys

13:01:11.0945 4580 mssmbios - ok

13:01:12.0008 4580 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys

13:01:12.0117 4580 MSTEE - ok

13:01:12.0164 4580 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys

13:01:12.0289 4580 MTConfig - ok

13:01:12.0320 4580 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys

13:01:12.0351 4580 Mup - ok

13:01:12.0429 4580 [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent C:\windows\system32\qagentRT.dll

13:01:12.0569 4580 napagent - ok

13:01:12.0663 4580 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys

13:01:12.0772 4580 NativeWifiP - ok

13:01:12.0866 4580 [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS C:\windows\system32\drivers\ndis.sys

13:01:12.0928 4580 NDIS - ok

13:01:13.0006 4580 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys

13:01:13.0131 4580 NdisCap - ok

13:01:13.0147 4580 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys

13:01:13.0256 4580 NdisTapi - ok

13:01:13.0334 4580 [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys

13:01:13.0443 4580 Ndisuio - ok

13:01:13.0505 4580 [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys

13:01:13.0661 4580 NdisWan - ok

13:01:13.0724 4580 [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy C:\windows\system32\drivers\NDProxy.sys

13:01:13.0880 4580 NDProxy - ok

13:01:13.0989 4580 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys

13:01:14.0192 4580 NetBIOS - ok

13:01:14.0223 4580 [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT C:\windows\system32\DRIVERS\netbt.sys

13:01:14.0332 4580 NetBT - ok

13:01:14.0379 4580 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon C:\windows\system32\lsass.exe

13:01:14.0410 4580 Netlogon - ok

13:01:14.0535 4580 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll

13:01:14.0660 4580 Netman - ok

13:01:14.0753 4580 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll

13:01:14.0878 4580 netprofm - ok

13:01:14.0941 4580 [ FE2AA5A684B0DD9B1FAE57B7817C198B ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

13:01:14.0972 4580 NetTcpPortSharing - ok

13:01:15.0112 4580 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys

13:01:15.0143 4580 nfrd960 - ok

13:01:15.0206 4580 [ 2226496E34BD40734946A054B1CD657F ] NlaSvc C:\windows\System32\nlasvc.dll

13:01:15.0331 4580 NlaSvc - ok

13:01:15.0362 4580 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\windows\system32\drivers\Npfs.sys

13:01:15.0455 4580 Npfs - ok

13:01:15.0518 4580 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\windows\system32\nsisvc.dll

13:01:15.0580 4580 nsi - ok

13:01:15.0627 4580 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys

13:01:15.0767 4580 nsiproxy - ok

13:01:15.0908 4580 [ 187002CE05693C306F43C873F821381F ] Ntfs C:\windows\system32\drivers\Ntfs.sys

13:01:16.0267 4580 Ntfs - ok

13:01:16.0313 4580 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys

13:01:16.0423 4580 Null - ok

13:01:16.0469 4580 [ F1B0BED906F97E16F6D0C3629D2F21C6 ] nvraid C:\windows\system32\drivers\nvraid.sys

13:01:16.0610 4580 nvraid - ok

13:01:16.0657 4580 [ 4520B63899E867F354EE012D34E11536 ] nvstor C:\windows\system32\drivers\nvstor.sys

13:01:16.0922 4580 nvstor - ok

13:01:16.0969 4580 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\windows\system32\DRIVERS\nv_agp.sys

13:01:17.0015 4580 nv_agp - ok

13:01:17.0203 4580 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

13:01:17.0390 4580 odserv - ok

13:01:17.0452 4580 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\DRIVERS\ohci1394.sys

13:01:17.0530 4580 ohci1394 - ok

13:01:17.0593 4580 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

13:01:17.0717 4580 ose - ok

13:01:17.0764 4580 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\windows\system32\pnrpsvc.dll

13:01:18.0061 4580 p2pimsvc - ok

13:01:18.0092 4580 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\windows\system32\p2psvc.dll

13:01:18.0185 4580 p2psvc - ok

13:01:18.0232 4580 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\DRIVERS\parport.sys

13:01:18.0373 4580 Parport - ok

13:01:18.0404 4580 [ 66D3415C159741ADE7038A277EFFF99F ] partmgr C:\windows\system32\drivers\partmgr.sys

13:01:18.0653 4580 partmgr - ok

13:01:18.0809 4580 [ 9665402B7FA59302D520AD845DDFC026 ] Partner Service C:\ProgramData\Partner\Partner.exe

13:01:19.0012 4580 Partner Service - ok

13:01:19.0059 4580 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys

13:01:19.0199 4580 Parvdm - ok

13:01:19.0262 4580 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\windows\System32\pcasvc.dll

13:01:19.0340 4580 PcaSvc - ok

13:01:19.0371 4580 [ C858CB77C577780ECC456A892E7E7D0F ] pci C:\windows\system32\DRIVERS\pci.sys

13:01:19.0418 4580 pci - ok

13:01:19.0465 4580 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\windows\system32\DRIVERS\pciide.sys

13:01:19.0496 4580 pciide - ok

13:01:19.0558 4580 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys

13:01:19.0605 4580 pcmcia - ok

13:01:19.0621 4580 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\windows\system32\drivers\pcw.sys

13:01:19.0652 4580 pcw - ok

13:01:19.0699 4580 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\windows\system32\drivers\peauth.sys

13:01:19.0808 4580 PEAUTH - ok

13:01:19.0855 4580 [ 1B5011DD8D57F53AED31FF0F7D635802 ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys

13:01:20.0213 4580 PGEffect - ok

13:01:20.0338 4580 [ 9C1BFF7910C89A1D12E57343475840CB ] pla C:\windows\system32\pla.dll

13:01:20.0541 4580 pla - ok

13:01:20.0603 4580 [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay C:\windows\system32\umpnpmgr.dll

13:01:20.0791 4580 PlugPlay - ok

13:01:20.0853 4580 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll

13:01:21.0009 4580 PNRPAutoReg - ok

13:01:21.0056 4580 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\windows\system32\pnrpsvc.dll

13:01:21.0149 4580 PNRPsvc - ok

13:01:21.0212 4580 [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent C:\windows\System32\ipsecsvc.dll

13:01:21.0399 4580 PolicyAgent - ok

13:01:21.0430 4580 [ DBFF83F709A91049621C1D35DD45C92C ] Power C:\windows\system32\umpo.dll

13:01:21.0539 4580 Power - ok

13:01:21.0571 4580 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys

13:01:21.0742 4580 PptpMiniport - ok

13:01:21.0820 4580 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\windows\system32\DRIVERS\processr.sys

13:01:21.0976 4580 Processor - ok

13:01:22.0023 4580 [ AEA3BDBDBA667AA6F678CB38907E4F5E ] ProfSvc C:\windows\system32\profsvc.dll

13:01:22.0195 4580 ProfSvc - ok

13:01:22.0241 4580 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\windows\system32\lsass.exe

13:01:22.0288 4580 ProtectedStorage - ok

13:01:22.0335 4580 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\windows\system32\DRIVERS\pacer.sys

13:01:22.0460 4580 Psched - ok

13:01:22.0507 4580 [ A0DB243AF3A2E427C172AF2BBA325473 ] QIOMem C:\windows\system32\DRIVERS\QIOMem.sys

13:01:22.0772 4580 QIOMem - ok

13:01:22.0850 4580 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys

13:01:22.0990 4580 ql2300 - ok

13:01:23.0068 4580 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys

13:01:23.0099 4580 ql40xx - ok

13:01:23.0162 4580 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\windows\system32\qwave.dll

13:01:23.0349 4580 QWAVE - ok

13:01:23.0380 4580 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys

13:01:23.0536 4580 QWAVEdrv - ok

13:01:23.0552 4580 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys

13:01:23.0645 4580 RasAcd - ok

13:01:23.0677 4580 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys

13:01:23.0942 4580 RasAgileVpn - ok

13:01:24.0004 4580 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll

13:01:24.0113 4580 RasAuto - ok

13:01:24.0160 4580 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys

13:01:24.0316 4580 Rasl2tp - ok

13:01:24.0410 4580 [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan C:\windows\System32\rasmans.dll

13:01:24.0581 4580 RasMan - ok

13:01:24.0613 4580 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys

13:01:24.0800 4580 RasPppoe - ok

13:01:24.0815 4580 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys

13:01:24.0925 4580 RasSstp - ok

13:01:24.0956 4580 [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys

13:01:25.0283 4580 rdbss - ok

13:01:25.0346 4580 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys

13:01:25.0533 4580 rdpbus - ok

13:01:25.0580 4580 [ 1E016846895B15A99F9A176A05029075 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys

13:01:25.0673 4580 RDPCDD - ok

13:01:25.0767 4580 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys

13:01:25.0923 4580 RDPENCDD - ok

13:01:25.0970 4580 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys

13:01:26.0173 4580 RDPREFMP - ok

13:01:26.0251 4580 [ C5B8D47A4688DE9D335204EA757C2240 ] RDPWD C:\windows\system32\drivers\RDPWD.sys

13:01:26.0687 4580 RDPWD - ok

13:01:26.0750 4580 [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost C:\windows\system32\drivers\rdyboost.sys

13:01:26.0812 4580 rdyboost - ok

13:01:26.0875 4580 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\windows\System32\mprdim.dll

13:01:27.0062 4580 RemoteAccess - ok

13:01:27.0124 4580 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll

13:01:27.0249 4580 RemoteRegistry - ok

13:01:27.0405 4580 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll

13:01:27.0514 4580 RpcEptMapper - ok

13:01:27.0545 4580 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe

13:01:27.0608 4580 RpcLocator - ok

13:01:27.0670 4580 [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs C:\windows\system32\rpcss.dll

13:01:27.0748 4580 RpcSs - ok

13:01:27.0811 4580 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys

13:01:27.0951 4580 rspndr - ok

13:01:28.0076 4580 RSUSBSTOR - ok

13:01:28.0185 4580 [ 8DF69AD5F515BC15D5C30666F56288AA ] RTL8187Se C:\windows\system32\DRIVERS\RTL8187Se.sys

13:01:28.0247 4580 RTL8187Se - ok

13:01:28.0403 4580 [ 44B7739F2D623AD6FB46755BB60351A4 ] rtl8192se C:\windows\system32\DRIVERS\rtl8192se.sys

13:01:28.0513 4580 rtl8192se - ok

13:01:28.0559 4580 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs C:\windows\system32\lsass.exe

13:01:28.0591 4580 SamSs - ok

13:01:28.0669 4580 [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port C:\windows\system32\DRIVERS\sbp2port.sys

13:01:28.0747 4580 sbp2port - ok

13:01:28.0825 4580 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll

13:01:28.0949 4580 SCardSvr - ok

13:01:28.0996 4580 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys

13:01:29.0105 4580 scfilter - ok

13:01:29.0230 4580 [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule C:\windows\system32\schedsvc.dll

13:01:29.0293 4580 Schedule - ok

13:01:29.0339 4580 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc C:\windows\System32\certprop.dll

13:01:29.0417 4580 SCPolicySvc - ok

13:01:29.0495 4580 [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC C:\windows\System32\SDRSVC.dll

13:01:29.0605 4580 SDRSVC - ok

13:01:29.0683 4580 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys

13:01:29.0807 4580 secdrv - ok

13:01:29.0854 4580 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\windows\system32\seclogon.dll

13:01:29.0995 4580 seclogon - ok

13:01:30.0073 4580 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\System32\sens.dll

13:01:30.0197 4580 SENS - ok

13:01:30.0229 4580 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\windows\system32\sensrsvc.dll

13:01:30.0385 4580 SensrSvc - ok

13:01:30.0400 4580 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\DRIVERS\serenum.sys

13:01:30.0447 4580 Serenum - ok

13:01:30.0572 4580 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\DRIVERS\serial.sys

13:01:30.0634 4580 Serial - ok

13:01:30.0728 4580 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys

13:01:30.0790 4580 sermouse - ok

13:01:30.0853 4580 [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv C:\windows\system32\sessenv.dll

13:01:31.0009 4580 SessionEnv - ok

13:01:31.0040 4580 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\DRIVERS\sffdisk.sys

13:01:31.0133 4580 sffdisk - ok

13:01:31.0165 4580 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\DRIVERS\sffp_mmc.sys

13:01:31.0305 4580 sffp_mmc - ok

13:01:31.0336 4580 [ 4F1E5B0FE7C8050668DBFADE8999AEFB ] sffp_sd C:\windows\system32\DRIVERS\sffp_sd.sys

13:01:31.0414 4580 sffp_sd - ok

13:01:31.0477 4580 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys

13:01:31.0570 4580 sfloppy - ok

13:01:31.0617 4580 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\windows\System32\ipnathlp.dll

13:01:31.0929 4580 SharedAccess - ok

13:01:32.0023 4580 [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\windows\System32\shsvcs.dll

13:01:32.0132 4580 ShellHWDetection - ok

13:01:32.0225 4580 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\windows\system32\DRIVERS\sisagp.sys

13:01:32.0288 4580 sisagp - ok

13:01:32.0366 4580 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys

13:01:32.0428 4580 SiSRaid2 - ok

13:01:32.0491 4580 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys

13:01:32.0522 4580 SiSRaid4 - ok

13:01:32.0553 4580 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys

13:01:32.0647 4580 Smb - ok

13:01:32.0756 4580 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe

13:01:32.0834 4580 SNMPTRAP - ok

13:01:32.0881 4580 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys

13:01:32.0959 4580 spldr - ok

13:01:33.0037 4580 [ E17323B0AA9FB3FF9945731D736EDA2F ] Spooler C:\windows\System32\spoolsv.exe

13:01:33.0208 4580 Spooler - ok

13:01:33.0442 4580 [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc C:\windows\system32\sppsvc.exe

13:01:33.0676 4580 sppsvc - ok

13:01:33.0754 4580 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify C:\windows\system32\sppuinotify.dll

13:01:33.0863 4580 sppuinotify - ok

13:01:33.0926 4580 [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv C:\windows\system32\DRIVERS\srv.sys

13:01:34.0316 4580 srv - ok

13:01:34.0363 4580 [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2 C:\windows\system32\DRIVERS\srv2.sys

13:01:34.0597 4580 srv2 - ok

13:01:34.0659 4580 [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys

13:01:34.0987 4580 srvnet - ok

13:01:35.0080 4580 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll

13:01:35.0158 4580 SSDPSRV - ok

13:01:35.0189 4580 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll

13:01:35.0252 4580 SstpSvc - ok

13:01:35.0345 4580 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\DRIVERS\stexstor.sys

13:01:35.0392 4580 stexstor - ok

13:01:35.0501 4580 [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc C:\windows\System32\wiaservc.dll

13:01:35.0642 4580 StiSvc - ok

13:01:35.0657 4580 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\windows\system32\DRIVERS\swenum.sys

13:01:35.0704 4580 swenum - ok

13:01:35.0782 4580 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll

13:01:35.0938 4580 swprv - ok

13:01:36.0047 4580 [ 3432D6A12FA5F0A7EA344D544CE2A1F9 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys

13:01:36.0188 4580 SynTP - ok

13:01:36.0344 4580 [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain C:\windows\system32\sysmain.dll

13:01:36.0500 4580 SysMain - ok

13:01:36.0593 4580 [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\windows\System32\TabSvc.dll

13:01:36.0687 4580 TabletInputService - ok

13:01:36.0703 4580 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv C:\windows\System32\tapisrv.dll

13:01:36.0874 4580 TapiSrv - ok

13:01:36.0937 4580 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\windows\System32\tbssvc.dll

13:01:37.0015 4580 TBS - ok

13:01:37.0186 4580 [ 55E9965552741F3850CB22CBBA9671ED ] Tcpip C:\windows\system32\drivers\tcpip.sys

13:01:37.0436 4580 Tcpip - ok

13:01:37.0639 4580 [ 55E9965552741F3850CB22CBBA9671ED ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys

13:01:37.0701 4580 TCPIP6 - ok

13:01:37.0763 4580 [ E64444523ADD154F86567C469BC0B17F ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys

13:01:37.0873 4580 tcpipreg - ok

13:01:37.0982 4580 [ 4084EA00D50C858D6F9038F86AE2E2D0 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys

13:01:38.0091 4580 tdcmdpst - ok

13:01:38.0122 4580 [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE C:\windows\system32\drivers\tdpipe.sys

13:01:38.0341 4580 TDPIPE - ok

13:01:38.0387 4580 [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP C:\windows\system32\drivers\tdtcp.sys

13:01:38.0684 4580 TDTCP - ok

13:01:38.0715 4580 [ CB39E896A2A83702D1737BFD402B3542 ] tdx C:\windows\system32\DRIVERS\tdx.sys

13:01:38.0793 4580 tdx - ok

13:01:38.0824 4580 [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys

13:01:38.0855 4580 TermDD - ok

13:01:38.0980 4580 [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService C:\windows\System32\termsrv.dll

13:01:39.0152 4580 TermService - ok

13:01:39.0261 4580 [ A56EC942ECABFB7849BFA76060F929FB ] TfFsMon C:\windows\system32\drivers\TfFsMon.sys

13:01:39.0370 4580 TfFsMon - ok

13:01:39.0433 4580 [ 917EF522563F6047685486EFA486FB3C ] TfNetMon C:\windows\system32\drivers\TfNetMon.sys

13:01:39.0713 4580 TfNetMon - ok

13:01:39.0823 4580 [ 57EDBB5FE7FF09BB21121D13BB950BA5 ] TfSysMon C:\windows\system32\drivers\TfSysMon.sys

13:01:40.0025 4580 TfSysMon - ok

13:01:40.0057 4580 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll

13:01:40.0166 4580 Themes - ok

13:01:40.0259 4580 [ 9528F2A39CB660A49F0592D57127F370 ] Thpdrv C:\windows\system32\DRIVERS\thpdrv.sys

13:01:40.0447 4580 Thpdrv - ok

13:01:40.0509 4580 [ E17DCDE74FF00CA802643B4A9A4A4A5C ] Thpevm C:\windows\system32\DRIVERS\Thpevm.SYS

13:01:40.0743 4580 Thpevm - ok

13:01:40.0774 4580 [ B8A7C3F812791A73147B6CC2380432EC ] Thpsrv C:\windows\system32\ThpSrv.exe

13:01:40.0852 4580 Thpsrv - ok

13:01:40.0899 4580 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll

13:01:40.0946 4580 THREADORDER - ok

13:01:41.0024 4580 ThreatFire - ok

13:01:41.0211 4580 [ F120967184A27E927052E8DDBB727851 ] TMachInfo C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

13:01:41.0258 4580 TMachInfo - ok

13:01:41.0351 4580 [ FE65D33B7D4FF07DD1D29526A48DF810 ] TODDSrv C:\Windows\system32\TODDSrv.exe

13:01:41.0383 4580 TODDSrv - ok

13:01:41.0507 4580 [ 66C35016E01746715F8F606A9F081BF9 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

13:01:41.0539 4580 TosCoSrv - ok

13:01:41.0695 4580 [ 0DA25676A231B8396E356C6CE2745CD1 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe

13:01:41.0741 4580 TOSHIBA eco Utility Service - ok

13:01:41.0882 4580 [ 67C1DA40D78C92622081A3E780C926B2 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

13:01:41.0897 4580 TOSHIBA HDD SSD Alert Service - ok

13:01:42.0022 4580 [ 31D2881B0647F2B09B118B9B50C02888 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

13:01:42.0085 4580 TPCHSrv - ok

13:01:42.0163 4580 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll

13:01:42.0319 4580 TrkWks - ok

13:01:42.0428 4580 [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe

13:01:42.0490 4580 TrustedInstaller - ok

13:01:42.0553 4580 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys

13:01:42.0631 4580 tssecsrv - ok

13:01:42.0740 4580 [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys

13:01:42.0849 4580 tunnel - ok

13:01:43.0021 4580 [ FC24015B4052600C324C43E3A79C0664 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS

13:01:43.0270 4580 TVALZ - ok

13:01:43.0317 4580 [ 866462F5AE3F375EF83EF9DCE436031C ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys

13:01:43.0535 4580 TVALZFL - ok

13:01:43.0613 4580 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys

13:01:43.0645 4580 uagp35 - ok

13:01:43.0707 4580 [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs C:\windows\system32\DRIVERS\udfs.sys

13:01:43.0832 4580 udfs - ok

13:01:43.0910 4580 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe

13:01:44.0066 4580 UI0Detect - ok

13:01:44.0144 4580 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\windows\system32\DRIVERS\uliagpkx.sys

13:01:44.0175 4580 uliagpkx - ok

13:01:44.0222 4580 [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus C:\windows\system32\DRIVERS\umbus.sys

13:01:44.0331 4580 umbus - ok

13:01:44.0456 4580 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\DRIVERS\umpass.sys

13:01:44.0565 4580 UmPass - ok

13:01:44.0627 4580 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll

13:01:44.0752 4580 upnphost - ok

13:01:44.0783 4580 [ C31AE588E403042632DC796CF09E30B0 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys

13:01:45.0002 4580 usbccgp - ok

13:01:45.0064 4580 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\windows\system32\DRIVERS\usbcir.sys

13:01:45.0142 4580 usbcir - ok

13:01:45.0220 4580 [ E4C436D914768CE965D5E659BA7EEBD8 ] usbehci C:\windows\system32\DRIVERS\usbehci.sys

13:01:45.0501 4580 usbehci - ok

13:01:45.0610 4580 [ BDCD7156EC37448F08633FD899823620 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys

13:01:45.0844 4580 usbhub - ok

13:01:45.0875 4580 [ EB2D819A639015253C871CDA09D91D58 ] usbohci C:\windows\system32\drivers\usbohci.sys

13:01:46.0141 4580 usbohci - ok

13:01:46.0219 4580 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys

13:01:46.0343 4580 usbprint - ok

13:01:46.0406 4580 [ 1C4287739A93594E57E2A9E6A3ED7353 ] USBSTOR C:\windows\system32\drivers\USBSTOR.SYS

13:01:46.0749 4580 USBSTOR - ok

13:01:46.0780 4580 [ 22480BF4E5A09192E5E30BA4DDE79FA4 ] usbuhci C:\windows\system32\DRIVERS\usbuhci.sys

13:01:47.0077 4580 usbuhci - ok

13:01:47.0155 4580 [ B5F6A992D996282B7FAE7048E50AF83A ] usbvideo C:\windows\System32\Drivers\usbvideo.sys

13:01:47.0591 4580 usbvideo - ok

13:01:47.0638 4580 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\windows\System32\uxsms.dll

13:01:47.0732 4580 UxSms - ok

13:01:47.0763 4580 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc C:\windows\system32\lsass.exe

13:01:47.0857 4580 VaultSvc - ok

13:01:47.0903 4580 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\windows\system32\DRIVERS\vdrvroot.sys

13:01:47.0981 4580 vdrvroot - ok

13:01:48.0028 4580 [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds C:\windows\System32\vds.exe

13:01:48.0153 4580 vds - ok

13:01:48.0215 4580 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys

13:01:48.0387 4580 vga - ok

13:01:48.0434 4580 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\windows\System32\drivers\vga.sys

13:01:48.0559 4580 VgaSave - ok

13:01:48.0590 4580 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp C:\windows\system32\DRIVERS\vhdmp.sys

13:01:48.0621 4580 vhdmp - ok

13:01:48.0683 4580 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\windows\system32\DRIVERS\viaagp.sys

13:01:48.0746 4580 viaagp - ok

13:01:48.0793 4580 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys

13:01:48.0917 4580 ViaC7 - ok

13:01:48.0933 4580 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\windows\system32\DRIVERS\viaide.sys

13:01:48.0964 4580 viaide - ok

13:01:48.0995 4580 [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr C:\windows\system32\DRIVERS\volmgr.sys

13:01:49.0042 4580 volmgr - ok

13:01:49.0089 4580 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys

13:01:49.0183 4580 volmgrx - ok

13:01:49.0229 4580 [ 58DF9D2481A56EDDE167E51B334D44FD ] volsnap C:\windows\system32\DRIVERS\volsnap.sys

13:01:49.0276 4580 volsnap - ok

13:01:49.0339 4580 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys

13:01:49.0401 4580 vsmraid - ok

13:01:49.0479 4580 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS C:\windows\system32\vssvc.exe

13:01:49.0651 4580 VSS - ok

13:01:49.0682 4580 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys

13:01:49.0775 4580 vwifibus - ok

13:01:49.0807 4580 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys

13:01:50.0009 4580 vwififlt - ok

13:01:50.0056 4580 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\windows\system32\w32time.dll

13:01:50.0228 4580 W32Time - ok

13:01:50.0275 4580 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys

13:01:50.0337 4580 WacomPen - ok

13:01:50.0415 4580 [ 692A712062146E96D28BA0B7D75DE31B ] WANARP C:\windows\system32\DRIVERS\wanarp.sys

13:01:50.0524 4580 WANARP - ok

13:01:50.0555 4580 [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys

13:01:50.0602 4580 Wanarpv6 - ok

13:01:50.0727 4580 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe

13:01:50.0930 4580 WatAdminSvc - ok

13:01:51.0039 4580 [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine C:\windows\system32\wbengine.exe

13:01:51.0320 4580 wbengine - ok

13:01:51.0367 4580 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll

13:01:51.0507 4580 WbioSrvc - ok

13:01:51.0554 4580 [ 6D9B75275C3E3A5F51AEF81AFFADB2B6 ] wcncsvc C:\windows\System32\wcncsvc.dll

13:01:51.0928 4580 wcncsvc - ok

13:01:52.0006 4580 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll

13:01:52.0162 4580 WcsPlugInService - ok

13:01:52.0209 4580 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\windows\system32\DRIVERS\wd.sys

13:01:52.0271 4580 Wd - ok

13:01:52.0303 4580 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys

13:01:52.0365 4580 Wdf01000 - ok

13:01:52.0396 4580 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\windows\system32\wdi.dll

13:01:52.0521 4580 WdiServiceHost - ok

13:01:52.0537 4580 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\windows\system32\wdi.dll

13:01:52.0583 4580 WdiSystemHost - ok

13:01:52.0646 4580 [ BB5EC38F8D4600119B4720BC5D4211F1 ] WebClient C:\windows\System32\webclnt.dll

13:01:52.0864 4580 WebClient - ok

13:01:52.0942 4580 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\windows\system32\wecsvc.dll

13:01:53.0036 4580 Wecsvc - ok

13:01:53.0067 4580 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\windows\System32\wercplsupport.dll

13:01:53.0145 4580 wercplsupport - ok

13:01:53.0176 4580 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\windows\System32\WerSvc.dll

13:01:53.0270 4580 WerSvc - ok

13:01:53.0301 4580 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys

13:01:53.0410 4580 WfpLwf - ok

13:01:53.0426 4580 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\windows\system32\drivers\wimmount.sys

13:01:53.0504 4580 WIMMount - ok

13:01:53.0613 4580 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll

13:01:53.0722 4580 WinDefend - ok

13:01:53.0738 4580 WinHttpAutoProxySvc - ok

13:01:53.0925 4580 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll

13:01:54.0081 4580 Winmgmt - ok

13:01:54.0175 4580 [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM C:\windows\system32\WsmSvc.dll

13:01:54.0315 4580 WinRM - ok

13:01:54.0440 4580 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\windows\System32\wlansvc.dll

13:01:54.0533 4580 Wlansvc - ok

13:01:54.0580 4580 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys

13:01:54.0674 4580 WmiAcpi - ok

13:01:54.0721 4580 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe

13:01:54.0783 4580 wmiApSrv - ok

13:01:54.0986 4580 [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe

13:01:55.0095 4580 WMPNetworkSvc - ok

13:01:55.0126 4580 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\windows\System32\wpcsvc.dll

13:01:55.0204 4580 WPCSvc - ok

13:01:55.0251 4580 [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll

13:01:55.0313 4580 WPDBusEnum - ok

13:01:55.0360 4580 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys

13:01:55.0485 4580 ws2ifsl - ok

13:01:55.0532 4580 [ A661A76333057B383A06E65F0073222F ] wscsvc C:\windows\System32\wscsvc.dll

13:01:55.0672 4580 wscsvc - ok

13:01:55.0688 4580 WSearch - ok

13:01:55.0828 4580 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\windows\system32\wuaueng.dll

13:01:55.0906 4580 wuauserv - ok

13:01:55.0953 4580 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf C:\windows\system32\drivers\WudfPf.sys

13:01:56.0031 4580 WudfPf - ok

13:01:56.0078 4580 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys

13:01:56.0171 4580 WUDFRd - ok

13:01:56.0218 4580 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] wudfsvc C:\windows\System32\WUDFSvc.dll

13:01:56.0296 4580 wudfsvc - ok

13:01:56.0359 4580 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\windows\System32\wwansvc.dll

13:01:56.0468 4580 WwanSvc - ok

13:01:56.0515 4580 ================ Scan global ===============================

13:01:56.0546 4580 [ 9A595DF601070DA78C40481120DD2C06 ] C:\windows\system32\basesrv.dll

13:01:56.0593 4580 [ 008F51AE989C3DF1CBAF8B39DC423CCC ] C:\windows\system32\winsrv.dll

13:01:56.0671 4580 [ 008F51AE989C3DF1CBAF8B39DC423CCC ] C:\windows\system32\winsrv.dll

13:01:56.0733 4580 [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll

13:01:56.0811 4580 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe

13:01:56.0811 4580 [Global] - ok

13:01:56.0811 4580 ================ Scan MBR ==================================

13:01:56.0842 4580 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0

13:01:57.0763 4580 \Device\Harddisk0\DR0 - ok

13:01:57.0763 4580 ================ Scan VBR ==================================

13:01:57.0794 4580 [ 8933D9304507EE690B52C9DC9B59D1C4 ] \Device\Harddisk0\DR0\Partition1

13:01:57.0809 4580 \Device\Harddisk0\DR0\Partition1 - ok

13:01:57.0809 4580 ============================================================

13:01:57.0809 4580 Scan finished

13:01:57.0809 4580 ============================================================

13:01:57.0825 5504 Detected object count: 1

13:01:57.0825 5504 Actual detected object count: 1

13:02:38.0046 5504 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

13:02:38.0046 5504 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

[aliB]

hi

• Download RogueKiller and save it on your desktop.
  
• Quit all programs
  
• Start RogueKiller.exe.
  
• Wait until Prescan has finished ...
  
• Click on Scan

• Wait for the end of the scan.
  
• The report has been created on the desktop.
  
• Click on the Delete button.

• The report has been created on the desktop.

• Next click on the ShortcutsFix
  
  
• The report has been created on the desktop.

Please post: All RKreport.txt text files located on your desktop.

[mjudokick]

RogueKiller V7.6.6 [08/10/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7600 ) 32 bits version

Started in : Normal mode

User: MK [Admin rights]

Mode: Scan -- Date: 08/22/2012 13:33:34

¤¤¤ Bad processes: 2 ¤¤¤

[sUSP PATH] MatsBoot.exe -- C:\windows\TEMP\RunBoot-Temp_.43ad0250-e6a4-4a69-ace1-5873cc7af703\MatsBoot.exe -> KILLED [TermProc]

[sUSP PATH] MATSWiz.exe -- C:\Users\MK\AppData\Local\Temp\MATS-Temp\CABzg3gm2q1.1vi\MATSWiz.exe -> KILLED [TermProc]

¤¤¤ Registry Entries: 2 ¤¤¤

[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

[HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

SSDT[370] : NtTerminateProcess @ 0x832AB1B5 -> HOOKED (\SystemRoot\system32\drivers\TfSysMon.sys @ 0x8B41A2D0)

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

ÿþ1

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK2555GSX +++++

--- User ---

[MBR] ccacc39a0f72ecb6f7844bfdcb05ab8b

[bSP] 4bd2408d084f023849ab85613be82fd3 : Windows Vista MBR Code

Partition table:

0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 228847 Mo

2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 471752704 | Size: 8127 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

RogueKiller V7.6.6 [08/10/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7600 ) 32 bits version

Started in : Normal mode

User: MK [Admin rights]

Mode: Remove -- Date: 08/22/2012 13:35:19

¤¤¤ Bad processes: 2 ¤¤¤

[sUSP PATH] MatsBoot.exe -- C:\windows\TEMP\RunBoot-Temp_.43ad0250-e6a4-4a69-ace1-5873cc7af703\MatsBoot.exe -> KILLED [TermProc]

[sUSP PATH] MATSWiz.exe -- C:\Users\MK\AppData\Local\Temp\MATS-Temp\CABzg3gm2q1.1vi\MATSWiz.exe -> KILLED [TermProc]

¤¤¤ Registry Entries: 2 ¤¤¤

[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

[HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

SSDT[370] : NtTerminateProcess @ 0x832AB1B5 -> HOOKED (\SystemRoot\system32\drivers\TfSysMon.sys @ 0x8B41A2D0)

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

ÿþ1

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK2555GSX +++++

--- User ---

[MBR] ccacc39a0f72ecb6f7844bfdcb05ab8b

[bSP] 4bd2408d084f023849ab85613be82fd3 : Windows Vista MBR Code

Partition table:

0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 228847 Mo

2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 471752704 | Size: 8127 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[2].txt >>

RKreport[1].txt ; RKreport[2].txt

RogueKiller V7.6.6 [08/10/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7600 ) 32 bits version

Started in : Normal mode

User: MK [Admin rights]

Mode: Shortcuts HJfix -- Date: 08/22/2012 13:35:50

¤¤¤ Bad processes: 2 ¤¤¤

[sUSP PATH] MatsBoot.exe -- C:\windows\TEMP\RunBoot-Temp_.43ad0250-e6a4-4a69-ace1-5873cc7af703\MatsBoot.exe -> KILLED [TermProc]

[sUSP PATH] MATSWiz.exe -- C:\Users\MK\AppData\Local\Temp\MATS-Temp\CABzg3gm2q1.1vi\MATSWiz.exe -> KILLED [TermProc]

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ File attributes restored: ¤¤¤

Desktop: Success 1 / Fail 0

Quick launch: Success 1 / Fail 0

Programs: Success 8 / Fail 0

Start menu: Success 1 / Fail 0

User folder: Success 60 / Fail 0

My documents: Success 0 / Fail 0

My favorites: Success 0 / Fail 0

My pictures: Success 0 / Fail 0

My music: Success 0 / Fail 0

My videos: Success 0 / Fail 0

Local drives: Success 52 / Fail 0

Backup: [NOT FOUND]

Drives:

[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored

¤¤¤ Infection : ¤¤¤

Finished : << RKreport[3].txt >>

RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

[aliB]

hi

• Open Computer Management by clicking the Start button , clicking Control Panel, clicking System and Security, clicking Administrative Tools, and then double-clicking Computer Management.
  
• In the left pane, under Storage, click Disk Management.
  

Please take a screen shot once your in the Disk Management then post or upload the image

[mjudokick]

here it is

[mjudokick]

i used system restore to fix a update bug, and now it seems fine.