Infected?

[jeffce]

Run a fresh scan with DDS and post both of the logs created. I am not sure this is really a malware issue any longer, but I want to get another look.

[madmatt7]

DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK

Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 10.9.2

Run by Olivia at 15:29:39 on 2012-12-02

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6092.5279 [GMT -5:00]

.

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\windows\System32\svchost.exe -k secsvcs

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\windows\Explorer.EXE

C:\windows\system32\ctfmon.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://msn.com/

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: WOT Helper: {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: WOT: {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll

TB: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

uRun: [Cookienator] "C:\Program Files (x86)\Cookienator\cookienator.exe" /auto

uRun: [spotify] "C:\Users\Olivia\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart

uRun: [spotify Web Helper] "C:\Users\Olivia\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60

mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED

mRun: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"

mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab

DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab

TCP: NameServer = 128.226.1.11 128.226.1.18

TCP: Interfaces\{C3F6C8CD-7303-4175-87A4-1623859B7F5B} : DHCPNameServer = 128.226.1.11 128.226.1.18

TCP: Interfaces\{C3F6C8CD-7303-4175-87A4-1623859B7F5B}\34F6E6E6563647232455 : DHCPNameServer = 128.226.1.11 128.226.1.18

TCP: Interfaces\{C3F6C8CD-7303-4175-87A4-1623859B7F5B}\358656271647F6E6 : DHCPNameServer = 10.71.0.100

TCP: Interfaces\{C3F6C8CD-7303-4175-87A4-1623859B7F5B}\C6164796E616 : DHCPNameServer = 192.168.2.1

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll

SSODL: WebCheck - <orphaned>

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-BHO: WOT Helper: {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll

x64-BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll

x64-TB: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll

x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\windows\System32\igfxpers.exe

x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE

x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe

x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe

x64-Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t

x64-Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r

x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe

x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe

x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe

x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe

x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe

x64-Run: [intelliType Pro] "c:\Program Files\Microsoft Device Center\itype.exe"

x64-Run: [intelliPoint] "c:\Program Files\Microsoft Device Center\ipoint.exe"

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll

x64-Notify: igfxcui - igfxdev.dll

.

============= SERVICES / DRIVERS ===============

.

R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\drivers\tos_sps64.sys [2009-6-24 482384]

R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2010-11-8 76912]

R3 QIOMem;Generic IO & Memory Access;C:\windows\System32\drivers\QIOMem.sys [2009-6-15 12800]

R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtl8192ce.sys [2011-10-19 1109096]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 EpsonCustomerParticipation;EpsonCustomerParticipation;C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [2011-6-9 555392]

S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-12 399432]

S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-12 676936]

S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\Toshiba\TECO\TecoService.exe [2011-5-24 294848]

S2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-10-19 2656280]

S3 fssfltr;fssfltr;C:\windows\System32\drivers\fssfltr.sys [2012-8-25 57280]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-7-28 1511872]

S3 Gun;Gun;C:\Game\SoftnyxGame\GunboundIS\Gun64.sys [2012-10-2 45176]

S3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2010-10-15 317440]

S3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2012-9-12 25928]

S3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2011-10-19 38096]

S3 rak;rak;C:\Game\SoftnyxGame\RakionIS\Bin\avital\rakion64.sys [2012-11-20 81880]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2011-10-19 250984]

S3 RSUSBVSTOR;RTSUVSTOR.Sys Realtek USB Card Reader;C:\windows\System32\drivers\rtsuvstor.sys [2011-10-19 307304]

S3 SophosVirusRemovalTool;Sophos Virus Removal Tool;C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe [2012-9-19 152640]

S3 SrvHsfHDA;SrvHsfHDA;C:\windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]

S3 SrvHsfV92;SrvHsfV92;C:\windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]

S3 SrvHsfWinac;SrvHsfWinac;C:\windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]

S3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-10-19 57216]

S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-6-9 138152]

S3 TPCHSrv;TPCH Service;C:\Program Files\Toshiba\TPHM\TPCHSrv.exe [2011-7-1 828856]

S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]

S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-2-15 52736]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-1-27 1255736]

.

=============== Created Last 30 ================

.

2012-12-02 00:51:08 -------- d-----w- C:\_OTL

2012-11-30 06:41:15 -------- d-sh--w- C:\$RECYCLE.BIN

2012-11-29 14:57:41 98816 ----a-w- C:\windows\sed.exe

2012-11-29 14:57:41 256000 ----a-w- C:\windows\PEV.exe

2012-11-29 14:57:41 208896 ----a-w- C:\windows\MBR.exe

2012-11-28 02:29:47 9291768 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E5CB7AAE-1911-4B25-BDDB-D3BE1DE46917}\mpengine.dll

2012-11-24 21:53:28 -------- d-----w- C:\Program Files (x86)\PC Checkup

2012-11-24 21:53:26 -------- d-----w- C:\Users\Olivia\AppData\Local\Programs

2012-11-24 11:46:06 -------- d-----w- C:\Users\Olivia\AppData\Roaming\PCCUStubInstaller

2012-11-20 06:11:59 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment

2012-11-15 08:09:02 9728 ----a-w- C:\windows\System32\Wdfres.dll

2012-11-15 08:09:02 785512 ----a-w- C:\windows\System32\drivers\Wdf01000.sys

2012-11-15 08:09:02 54376 ----a-w- C:\windows\System32\drivers\WdfLdr.sys

2012-11-15 08:09:02 2560 ----a-w- C:\windows\System32\drivers\en-US\wdf01000.sys.mui

2012-11-15 08:00:31 87040 ----a-w- C:\windows\System32\drivers\WUDFPf.sys

2012-11-15 08:00:31 198656 ----a-w- C:\windows\System32\drivers\WUDFRd.sys

2012-11-15 08:00:30 84992 ----a-w- C:\windows\System32\WUDFSvc.dll

2012-11-15 08:00:30 194048 ----a-w- C:\windows\System32\WUDFPlatform.dll

2012-11-15 08:00:29 744448 ----a-w- C:\windows\System32\WUDFx.dll

2012-11-15 08:00:29 45056 ----a-w- C:\windows\System32\WUDFCoinstaller.dll

2012-11-15 08:00:29 229888 ----a-w- C:\windows\System32\WUDFHost.exe

2012-11-15 06:35:44 95744 ----a-w- C:\windows\System32\synceng.dll

2012-11-15 06:35:44 78336 ----a-w- C:\windows\SysWow64\synceng.dll

2012-11-10 03:06:35 -------- d-----w- C:\windows\SysWow64\Adobe

2012-11-09 14:25:03 -------- d-----w- C:\Users\Olivia\AppData\Local\Spotify

2012-11-09 14:24:41 -------- d-----w- C:\Users\Olivia\AppData\Roaming\Spotify

2012-11-07 04:47:30 -------- d-----w- C:\Users\Olivia\jagexcache1

2012-11-02 23:14:19 -------- d-----w- C:\ProgramData\Panda Security

2012-11-02 23:14:16 -------- d-----w- C:\Program Files (x86)\Panda USB Vaccine

2012-11-02 23:09:39 -------- d-----w- C:\Program Files (x86)\Cookienator

2012-11-02 21:30:02 95208 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll

.

==================== Find3M ====================

.

2012-10-18 18:25:58 3149824 ----a-w- C:\windows\System32\win32k.sys

2012-10-09 18:17:13 55296 ----a-w- C:\windows\System32\dhcpcsvc6.dll

2012-10-09 18:17:13 226816 ----a-w- C:\windows\System32\dhcpcore6.dll

2012-10-09 17:40:31 44032 ----a-w- C:\windows\SysWow64\dhcpcsvc6.dll

2012-10-09 17:40:31 193536 ----a-w- C:\windows\SysWow64\dhcpcore6.dll

2012-10-08 11:31:03 2312704 ----a-w- C:\windows\System32\jscript9.dll

2012-10-08 11:23:52 1392128 ----a-w- C:\windows\System32\wininet.dll

2012-10-08 11:22:55 1494528 ----a-w- C:\windows\System32\inetcpl.cpl

2012-10-08 11:18:22 173056 ----a-w- C:\windows\System32\ieUnatt.exe

2012-10-08 11:17:35 599040 ----a-w- C:\windows\System32\vbscript.dll

2012-10-08 11:13:33 2382848 ----a-w- C:\windows\System32\mshtml.tlb

2012-10-08 07:56:24 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll

2012-10-08 07:48:03 1129472 ----a-w- C:\windows\SysWow64\wininet.dll

2012-10-08 07:47:44 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl

2012-10-08 07:44:05 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe

2012-10-08 07:43:21 420864 ----a-w- C:\windows\SysWow64\vbscript.dll

2012-10-08 07:40:56 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb

2012-10-08 06:26:27 821736 ----a-w- C:\windows\SysWow64\npDeployJava1.dll

2012-10-08 06:26:27 746984 ----a-w- C:\windows\SysWow64\deployJava1.dll

2012-10-03 17:56:54 1914248 ----a-w- C:\windows\System32\drivers\tcpip.sys

2012-10-03 17:44:21 70656 ----a-w- C:\windows\System32\nlaapi.dll

2012-10-03 17:44:21 303104 ----a-w- C:\windows\System32\nlasvc.dll

2012-10-03 17:44:17 246272 ----a-w- C:\windows\System32\netcorehc.dll

2012-10-03 17:44:17 18944 ----a-w- C:\windows\System32\netevent.dll

2012-10-03 17:44:16 216576 ----a-w- C:\windows\System32\ncsi.dll

2012-10-03 17:42:16 569344 ----a-w- C:\windows\System32\iphlpsvc.dll

2012-10-03 16:42:24 18944 ----a-w- C:\windows\SysWow64\netevent.dll

2012-10-03 16:42:24 175104 ----a-w- C:\windows\SysWow64\netcorehc.dll

2012-10-03 16:42:23 156672 ----a-w- C:\windows\SysWow64\ncsi.dll

2012-10-03 16:07:26 45568 ----a-w- C:\windows\System32\drivers\tcpipreg.sys

2012-09-29 23:54:26 25928 ----a-w- C:\windows\System32\drivers\mbam.sys

2012-09-14 19:19:29 2048 ----a-w- C:\windows\System32\tzres.dll

2012-09-14 18:28:53 2048 ----a-w- C:\windows\SysWow64\tzres.dll

.

============= FINISH: 15:30:30.92 ===============

[madmatt7]

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 12/30/2011 10:17:17 PM

System Uptime: 12/2/2012 3:27:11 PM (0 hours ago)

.

Motherboard: Intel Corp. | | Base Board Product Name

Processor: Intel® Core i5-2430M CPU @ 2.40GHz | CPU1 | 2394/1333mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 683 GiB total, 625.681 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}

Description: USB Video Device

Device ID: USB\VID_04F2&PID_B289&MI_00\7&382C55A1&0&0000

Manufacturer: Microsoft

Name: TOSHIBA Web Camera - MP

PNP Device ID: USB\VID_04F2&PID_B289&MI_00\7&382C55A1&0&0000

Service: usbvideo

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: Security Processor Loader Driver

Device ID: ROOT\LEGACY_SPLDR\0000

Manufacturer:

Name: Security Processor Loader Driver

PNP Device ID: ROOT\LEGACY_SPLDR\0000

Service: spldr

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Microsoft ISATAP Adapter

Device ID: ROOT\*ISATAP\0004

Manufacturer: Microsoft

Name: Microsoft ISATAP Adapter #4

PNP Device ID: ROOT\*ISATAP\0004

Service: tunnel

.

==== System Restore Points ===================

.

RP155: 11/15/2012 1:29:37 AM - Windows Update

RP156: 11/15/2012 3:00:14 AM - Windows Update

RP157: 11/17/2012 7:21:14 PM - Installed RuneScape Launcher 1.2.2

RP158: 11/20/2012 3:53:29 AM - Windows Update

RP159: 11/23/2012 9:11:50 AM - Windows Update

.

==== Installed Programs ======================

.

Adobe AIR

Adobe Flash Player 10 Plugin

Adobe Flash Player 11 ActiveX

Adobe Reader XI

Adobe Shockwave Player 11.6

Apple Mobile Device Support

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

Bonjour

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

Conexant HD Audio

Cookienator

D3DX10

Epson Connect

Epson Customer Participation

Epson Event Manager

EPSON NX230 Series Printer Uninstall

EpsonNet Print

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

Intel® Management Engine Components

Intel® Processor Graphics

Intel® Rapid Storage Technology

Java 7 Update 9

Java Auto Updater

Junk Mail filter update

Label@Once 1.0

League of Legends

Malwarebytes Anti-Malware version 1.65.1.1000

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Mouse and Keyboard Center

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office 2010

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared 64-bit MUI (English) 2007

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft SkyDrive

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

Movie Maker

MSVCRT

MSVCRT_amd64

MSVCRT110

MSVCRT110_amd64

Netwaiting

Panda USB Vaccine 1.0.1.4

Pando Media Booster

Photo Common

Photo Gallery

PlayReady PC Runtime amd64

PlayReady PC Runtime x86

QuickTime

Rakion International

Realtek USB 2.0 Reader Driver

Realtek WLAN Driver

RuneScape Launcher 1.2.2

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition

Sophos Virus Removal Tool

Spotify

swMSM

Synaptics Pointing Device Driver

Toshiba App Place

TOSHIBA Application Installer

TOSHIBA Assist

Toshiba Book Place

TOSHIBA Bulletin Board

TOSHIBA Disc Creator

TOSHIBA eco Utility

TOSHIBA Face Recognition

TOSHIBA Hardware Setup

TOSHIBA HDD/SSD Alert

Toshiba Laptop Checkup

TOSHIBA Media Controller

TOSHIBA Media Controller Plug-in

Toshiba Online Backup

TOSHIBA PC Health Monitor

TOSHIBA Quality Application

TOSHIBA Recovery Media Creator

TOSHIBA ReelTime

TOSHIBA Resolution+ Plug-in for Windows Media Player

TOSHIBA Service Station

TOSHIBA Sleep Utility

TOSHIBA Supervisor Password

TOSHIBA Value Added Package

TOSHIBA Web Camera Application

TOSHIBA Wireless LAN Indicator

TOSHIBARegistration

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Warcraft III

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Mail

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Photo Common

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WOT for Internet Explorer

.

==== Event Viewer Messages From Past Week ========

.

12/2/2012 4:43:29 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.

12/2/2012 4:43:29 AM, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

12/2/2012 3:28:01 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

12/2/2012 3:28:01 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

12/2/2012 3:27:59 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

12/2/2012 3:27:58 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

12/2/2012 3:27:51 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

12/2/2012 3:27:41 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache spldr Wanarpv6

12/1/2012 9:15:51 PM, Error: Service Control Manager [7038] - The PolicyAgent service was unable to log on as NT Authority\NetworkService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

12/1/2012 9:15:51 PM, Error: Service Control Manager [7000] - The IPsec Policy Agent service failed to start due to the following error: The service did not start due to a logon failure.

12/1/2012 6:52:01 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server: {659CDEA7-489E-11D9-A9CD-000D56965251}

12/1/2012 6:28:05 PM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.

12/1/2012 6:18:00 PM, Error: Service Control Manager [7023] - The IPsec Policy Agent service terminated with the following error: The authentication service is unknown.

12/1/2012 2:41:22 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

11/30/2012 3:19:07 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X64 service to connect.

11/30/2012 3:17:09 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.

11/30/2012 3:16:32 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.

11/30/2012 3:16:07 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

11/30/2012 3:16:07 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/30/2012 3:15:21 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

11/30/2012 3:14:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

11/30/2012 1:32:13 AM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

11/30/2012 1:27:38 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

11/29/2012 9:54:43 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswSnx aswSP aswTdi discache spldr Wanarpv6

11/29/2012 7:02:59 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the DNS Client service, but this action failed with the following error: An instance of the service is already running.

11/29/2012 7:01:59 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Workstation service, but this action failed with the following error: An instance of the service is already running.

11/29/2012 7:00:59 PM, Error: Service Control Manager [7031] - The Workstation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

11/29/2012 7:00:59 PM, Error: Service Control Manager [7031] - The Network Location Awareness service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.

11/29/2012 7:00:59 PM, Error: Service Control Manager [7031] - The DNS Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

11/29/2012 7:00:59 PM, Error: Service Control Manager [7031] - The Cryptographic Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

11/29/2012 2:38:37 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service stisvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

11/28/2012 9:01:46 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the EpsonCustomerParticipation service to connect.

11/28/2012 9:01:46 AM, Error: Service Control Manager [7000] - The EpsonCustomerParticipation service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/28/2012 1:55:09 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the TPCH Service service to connect.

11/28/2012 1:55:09 AM, Error: Service Control Manager [7000] - The TPCH Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/28/2012 1:54:06 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Browser service.

11/28/2012 1:54:06 AM, Error: Service Control Manager [7000] - The Computer Browser service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/28/2012 1:53:00 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the IPsec Policy Agent service to connect.

11/28/2012 1:53:00 AM, Error: Service Control Manager [7000] - The IPsec Policy Agent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/28/2012 1:51:09 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

11/28/2012 1:29:16 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.

11/28/2012 1:29:16 AM, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/28/2012 1:28:06 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the TMachInfo service to connect.

11/28/2012 1:26:24 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service TPCHSrv with arguments "" in order to run the server: {45CC1698-D1CF-417B-BC32-80EB79E05EF1}

11/28/2012 1:25:51 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BITS service.

11/28/2012 1:25:05 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service TOSHIBA HDD SSD Alert Service with arguments "" in order to run the server: {A1CC28EB-258A-4B67-BBC2-4DD5D8AF4C8F}

11/28/2012 1:25:02 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the TOSHIBA HDD SSD Alert Service service to connect.

11/28/2012 1:25:02 AM, Error: Service Control Manager [7000] - The TOSHIBA HDD SSD Alert Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/28/2012 1:10:21 AM, Error: Service Control Manager [7022] - The Background Intelligent Transfer Service service hung on starting.

11/28/2012 1:08:03 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.

11/27/2012 9:00:08 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD aswRdr aswSnx aswSP aswTdi DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf ws2ifsl

11/27/2012 8:59:47 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

11/27/2012 8:59:47 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

11/27/2012 8:59:47 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

11/27/2012 8:59:47 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

11/27/2012 8:59:47 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

11/27/2012 8:59:47 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

11/27/2012 8:59:47 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

11/27/2012 8:59:47 PM, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

11/27/2012 8:59:47 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

11/27/2012 8:59:47 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

11/27/2012 8:59:47 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

11/27/2012 6:29:24 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intel® Management and Security Application User Notification Service service to connect.

11/27/2012 6:29:24 PM, Error: Service Control Manager [7000] - The Intel® Management and Security Application User Notification Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/27/2012 6:28:30 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.

11/27/2012 6:26:25 PM, Error: Service Control Manager [7022] - The Windows Search service hung on starting.

11/27/2012 6:23:27 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.

11/27/2012 6:23:27 PM, Error: Service Control Manager [7000] - The Software Protection service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/27/2012 6:22:15 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Toshiba Laptop Checkup Application Launcher service to connect.

11/27/2012 6:22:15 PM, Error: Service Control Manager [7000] - The Toshiba Laptop Checkup Application Launcher service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/27/2012 6:18:27 PM, Error: Service Control Manager [7022] - The Windows Font Cache Service service hung on starting.

11/27/2012 6:10:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

11/27/2012 6:10:01 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Volume Shadow Copy service to connect.

11/27/2012 6:10:01 PM, Error: Service Control Manager [7000] - The Volume Shadow Copy service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/27/2012 5:37:23 PM, Error: Microsoft-Windows-CorruptedFileRecovery-Server [10] - The system file C:\Windows\System32\cryptnet.dll may be corrupted, but Windows could not determine if the file was actually damaged (error code 2147943517). No repair action was taken. Run the command "sfc /scannow" at an administrative command prompt to check for errors and to repair the file if necessary.

11/27/2012 5:26:22 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

11/27/2012 5:26:21 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

11/27/2012 5:26:21 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

11/27/2012 5:23:24 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.

11/27/2012 5:23:24 PM, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/27/2012 1:38:40 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Bonjour Service service to connect.

11/27/2012 1:38:40 PM, Error: Service Control Manager [7000] - The Bonjour Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/26/2012 12:48:21 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user Olivia-PC\Olivia SID (S-1-5-21-847268353-2912776164-1514832063-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

.

==== End Of File ===========================

[madmatt7]

Yea but the thing I find weird is that I had the same symptoms when Malwarebytes was detecting that I had a svechost.exe trojan about a month-ish ago. When I would start it normally it would not load up/not let me click on icons etc. After MrC helped me the symptoms went away...but now they are back.

[jeffce]

Please download TDSSKiller

• Double click TDSSKiller.exe
  
• Press Start Scan
  
• Do Not Attempt To Fix Anything Now. We just need to look over the report and be sure we are removing the correct
  items.
  
• Attach the log in your next reply
  
  • A copy of the log will be saved automatically to the root of the drive (typically C:\)
    

----------

[madmatt7]

16:30:04.0234 1180 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

16:30:05.0139 1180 ============================================================

16:30:05.0139 1180 Current date / time: 2012/12/02 16:30:05.0139

16:30:05.0139 1180 SystemInfo:

16:30:05.0139 1180

16:30:05.0139 1180 OS Version: 6.1.7601 ServicePack: 1.0

16:30:05.0139 1180 Product type: Workstation

16:30:05.0139 1180 ComputerName: OLIVIA-PC

16:30:05.0139 1180 UserName: Olivia

16:30:05.0139 1180 Windows directory: C:\windows

16:30:05.0139 1180 System windows directory: C:\windows

16:30:05.0139 1180 Running under WOW64

16:30:05.0139 1180 Processor architecture: Intel x64

16:30:05.0139 1180 Number of processors: 4

16:30:05.0139 1180 Page size: 0x1000

16:30:05.0139 1180 Boot type: Safe boot with network

16:30:05.0139 1180 ============================================================

16:30:05.0716 1180 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

16:30:05.0716 1180 ============================================================

16:30:05.0716 1180 \Device\Harddisk0\DR0:

16:30:05.0716 1180 MBR partitions:

16:30:05.0716 1180 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x5554A000

16:30:05.0716 1180 ============================================================

16:30:05.0747 1180 C: <-> \Device\Harddisk0\DR0\Partition1

16:30:05.0747 1180 ============================================================

16:30:05.0747 1180 Initialize success

16:30:05.0747 1180 ============================================================

16:30:08.0462 1816 ============================================================

16:30:08.0462 1816 Scan started

16:30:08.0462 1816 Mode: Manual;

16:30:08.0462 1816 ============================================================

16:30:08.0555 1816 ================ Scan system memory ========================

16:30:08.0555 1816 System memory - ok

16:30:08.0555 1816 ================ Scan services =============================

16:30:08.0774 1816 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys

16:30:08.0774 1816 1394ohci - ok

16:30:08.0805 1816 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys

16:30:08.0805 1816 ACPI - ok

16:30:08.0836 1816 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys

16:30:08.0836 1816 AcpiPmi - ok

16:30:08.0945 1816 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

16:30:08.0945 1816 AdobeARMservice - ok

16:30:09.0008 1816 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys

16:30:09.0008 1816 adp94xx - ok

16:30:09.0054 1816 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys

16:30:09.0054 1816 adpahci - ok

16:30:09.0070 1816 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys

16:30:09.0086 1816 adpu320 - ok

16:30:09.0101 1816 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll

16:30:09.0101 1816 AeLookupSvc - ok

16:30:09.0164 1816 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys

16:30:09.0164 1816 AFD - ok

16:30:09.0210 1816 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys

16:30:09.0210 1816 agp440 - ok

16:30:09.0226 1816 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe

16:30:09.0226 1816 ALG - ok

16:30:09.0242 1816 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys

16:30:09.0242 1816 aliide - ok

16:30:09.0257 1816 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys

16:30:09.0257 1816 amdide - ok

16:30:09.0288 1816 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys

16:30:09.0288 1816 AmdK8 - ok

16:30:09.0304 1816 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys

16:30:09.0304 1816 AmdPPM - ok

16:30:09.0335 1816 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys

16:30:09.0335 1816 amdsata - ok

16:30:09.0351 1816 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys

16:30:09.0351 1816 amdsbs - ok

16:30:09.0382 1816 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys

16:30:09.0382 1816 amdxata - ok

16:30:09.0413 1816 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys

16:30:09.0413 1816 AppID - ok

16:30:09.0444 1816 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll

16:30:09.0444 1816 AppIDSvc - ok

16:30:09.0460 1816 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll

16:30:09.0460 1816 Appinfo - ok

16:30:09.0538 1816 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

16:30:09.0538 1816 Apple Mobile Device - ok

16:30:09.0585 1816 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys

16:30:09.0585 1816 arc - ok

16:30:09.0600 1816 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys

16:30:09.0600 1816 arcsas - ok

16:30:09.0632 1816 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys

16:30:09.0632 1816 AsyncMac - ok

16:30:09.0663 1816 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys

16:30:09.0663 1816 atapi - ok

16:30:09.0710 1816 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll

16:30:09.0710 1816 AudioEndpointBuilder - ok

16:30:09.0725 1816 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll

16:30:09.0725 1816 AudioSrv - ok

16:30:09.0756 1816 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll

16:30:09.0756 1816 AxInstSV - ok

16:30:09.0788 1816 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys

16:30:09.0788 1816 b06bdrv - ok

16:30:09.0819 1816 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys

16:30:09.0834 1816 b57nd60a - ok

16:30:09.0897 1816 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll

16:30:09.0897 1816 BDESVC - ok

16:30:09.0928 1816 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys

16:30:09.0928 1816 Beep - ok

16:30:09.0990 1816 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll

16:30:10.0006 1816 BFE - ok

16:30:10.0037 1816 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\system32\qmgr.dll

16:30:10.0115 1816 BITS - ok

16:30:10.0146 1816 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys

16:30:10.0146 1816 blbdrive - ok

16:30:10.0224 1816 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

16:30:10.0240 1816 Bonjour Service - ok

16:30:10.0271 1816 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys

16:30:10.0271 1816 bowser - ok

16:30:10.0318 1816 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys

16:30:10.0318 1816 BrFiltLo - ok

16:30:10.0334 1816 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys

16:30:10.0334 1816 BrFiltUp - ok

16:30:10.0365 1816 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys

16:30:10.0365 1816 BridgeMP - ok

16:30:10.0396 1816 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll

16:30:10.0396 1816 Browser - ok

16:30:10.0427 1816 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys

16:30:10.0443 1816 Brserid - ok

16:30:10.0458 1816 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys

16:30:10.0458 1816 BrSerWdm - ok

16:30:10.0474 1816 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys

16:30:10.0474 1816 BrUsbMdm - ok

16:30:10.0490 1816 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys

16:30:10.0490 1816 BrUsbSer - ok

16:30:10.0505 1816 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys

16:30:10.0505 1816 BTHMODEM - ok

16:30:10.0536 1816 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll

16:30:10.0536 1816 bthserv - ok

16:30:10.0568 1816 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys

16:30:10.0568 1816 cdfs - ok

16:30:10.0599 1816 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys

16:30:10.0599 1816 cdrom - ok

16:30:10.0646 1816 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll

16:30:10.0646 1816 CertPropSvc - ok

16:30:10.0692 1816 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys

16:30:10.0692 1816 circlass - ok

16:30:10.0708 1816 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys

16:30:10.0708 1816 CLFS - ok

16:30:10.0786 1816 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

16:30:10.0786 1816 clr_optimization_v2.0.50727_32 - ok

16:30:10.0833 1816 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

16:30:10.0848 1816 clr_optimization_v2.0.50727_64 - ok

16:30:10.0911 1816 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

16:30:10.0942 1816 clr_optimization_v4.0.30319_32 - ok

16:30:10.0973 1816 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

16:30:10.0989 1816 clr_optimization_v4.0.30319_64 - ok

16:30:11.0004 1816 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys

16:30:11.0004 1816 CmBatt - ok

16:30:11.0036 1816 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys

16:30:11.0036 1816 cmdide - ok

16:30:11.0082 1816 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys

16:30:11.0082 1816 CNG - ok

16:30:11.0160 1816 [ 20506F12AFAD3DB588D007EA9325FBBC ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys

16:30:11.0176 1816 CnxtHdAudService - ok

16:30:11.0223 1816 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys

16:30:11.0223 1816 Compbatt - ok

16:30:11.0254 1816 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys

16:30:11.0254 1816 CompositeBus - ok

16:30:11.0270 1816 COMSysApp - ok

16:30:11.0285 1816 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys

16:30:11.0285 1816 crcdisk - ok

16:30:11.0332 1816 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll

16:30:11.0332 1816 CryptSvc - ok

16:30:11.0394 1816 [ C7259495924D21F1AFA26467D9F4DAE0 ] dc3d C:\windows\system32\DRIVERS\dc3d.sys

16:30:11.0394 1816 dc3d - ok

16:30:11.0426 1816 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll

16:30:11.0426 1816 DcomLaunch - ok

16:30:11.0457 1816 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll

16:30:11.0457 1816 defragsvc - ok

16:30:11.0504 1816 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys

16:30:11.0504 1816 DfsC - ok

16:30:11.0535 1816 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll

16:30:11.0550 1816 Dhcp - ok

16:30:11.0550 1816 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys

16:30:11.0550 1816 discache - ok

16:30:11.0582 1816 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys

16:30:11.0582 1816 Disk - ok

16:30:11.0597 1816 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll

16:30:11.0597 1816 Dnscache - ok

16:30:11.0628 1816 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll

16:30:11.0628 1816 dot3svc - ok

16:30:11.0628 1816 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll

16:30:11.0644 1816 DPS - ok

16:30:11.0675 1816 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys

16:30:11.0675 1816 drmkaud - ok

16:30:11.0706 1816 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys

16:30:11.0706 1816 DXGKrnl - ok

16:30:11.0753 1816 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll

16:30:11.0753 1816 EapHost - ok

16:30:11.0831 1816 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys

16:30:11.0878 1816 ebdrv - ok

16:30:11.0909 1816 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe

16:30:11.0909 1816 EFS - ok

16:30:11.0956 1816 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe

16:30:11.0956 1816 ehRecvr - ok

16:30:11.0987 1816 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe

16:30:11.0987 1816 ehSched - ok

16:30:12.0018 1816 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys

16:30:12.0034 1816 elxstor - ok

16:30:12.0081 1816 [ 757305C7AD34222F4A46D86FE0BEE241 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe

16:30:12.0096 1816 EpsonCustomerParticipation - ok

16:30:12.0096 1816 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys

16:30:12.0096 1816 ErrDev - ok

16:30:12.0143 1816 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll

16:30:12.0143 1816 EventSystem - ok

16:30:12.0159 1816 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys

16:30:12.0174 1816 exfat - ok

16:30:12.0221 1816 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys

16:30:12.0221 1816 fastfat - ok

16:30:12.0268 1816 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe

16:30:12.0284 1816 Fax - ok

16:30:12.0299 1816 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys

16:30:12.0299 1816 fdc - ok

16:30:12.0330 1816 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll

16:30:12.0330 1816 fdPHost - ok

16:30:12.0346 1816 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll

16:30:12.0346 1816 FDResPub - ok

16:30:12.0362 1816 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys

16:30:12.0377 1816 FileInfo - ok

16:30:12.0377 1816 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys

16:30:12.0377 1816 Filetrace - ok

16:30:12.0408 1816 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys

16:30:12.0408 1816 flpydisk - ok

16:30:12.0424 1816 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys

16:30:12.0440 1816 FltMgr - ok

16:30:12.0471 1816 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll

16:30:12.0486 1816 FontCache - ok

16:30:12.0518 1816 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

16:30:12.0518 1816 FontCache3.0.0.0 - ok

16:30:12.0533 1816 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys

16:30:12.0533 1816 FsDepends - ok

16:30:12.0564 1816 [ C2E475625F2C6F7DCDE4E920523A0573 ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys

16:30:12.0564 1816 fssfltr - ok

16:30:12.0627 1816 [ 4E2E6FEDFE4A3445DBD0C623A242362D ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

16:30:12.0658 1816 fsssvc - ok

16:30:12.0674 1816 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys

16:30:12.0674 1816 Fs_Rec - ok

16:30:12.0720 1816 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys

16:30:12.0720 1816 fvevol - ok

16:30:12.0736 1816 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys

16:30:12.0736 1816 gagp30kx - ok

16:30:12.0767 1816 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll

16:30:12.0783 1816 gpsvc - ok

16:30:12.0876 1816 [ 721CE1551F8198714F3CABFE2147939B ] Gun C:\Game\SoftnyxGame\GunBoundIS\Gun64.sys

16:30:12.0876 1816 Gun - ok

16:30:12.0954 1816 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

16:30:12.0954 1816 gupdate - ok

16:30:12.0954 1816 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

16:30:12.0970 1816 gupdatem - ok

16:30:12.0986 1816 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

16:30:12.0986 1816 gusvc - ok

16:30:13.0017 1816 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys

16:30:13.0017 1816 hcw85cir - ok

16:30:13.0032 1816 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys

16:30:13.0048 1816 HdAudAddService - ok

16:30:13.0064 1816 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys

16:30:13.0064 1816 HDAudBus - ok

16:30:13.0079 1816 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys

16:30:13.0079 1816 HidBatt - ok

16:30:13.0095 1816 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys

16:30:13.0110 1816 HidBth - ok

16:30:13.0110 1816 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys

16:30:13.0126 1816 HidIr - ok

16:30:13.0142 1816 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll

16:30:13.0142 1816 hidserv - ok

16:30:13.0173 1816 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys

16:30:13.0173 1816 HidUsb - ok

16:30:13.0204 1816 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll

16:30:13.0204 1816 hkmsvc - ok

16:30:13.0220 1816 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll

16:30:13.0220 1816 HomeGroupListener - ok

16:30:13.0251 1816 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll

16:30:13.0251 1816 HomeGroupProvider - ok

16:30:13.0266 1816 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys

16:30:13.0282 1816 HpSAMD - ok

16:30:13.0298 1816 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys

16:30:13.0313 1816 HTTP - ok

16:30:13.0329 1816 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys

16:30:13.0329 1816 hwpolicy - ok

16:30:13.0360 1816 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys

16:30:13.0360 1816 i8042prt - ok

16:30:13.0407 1816 [ D469B77687E12FE43E344806740B624D ] iaStor C:\windows\system32\DRIVERS\iaStor.sys

16:30:13.0422 1816 iaStor - ok

16:30:13.0454 1816 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys

16:30:13.0454 1816 iaStorV - ok

16:30:13.0516 1816 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

16:30:13.0516 1816 IDriverT - ok

16:30:13.0563 1816 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

16:30:13.0563 1816 idsvc - ok

16:30:13.0812 1816 [ 370C2A8629B30F910F740387795DDC6F ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys

16:30:14.0000 1816 igfx - ok

16:30:14.0015 1816 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys

16:30:14.0015 1816 iirsp - ok

16:30:14.0046 1816 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll

16:30:14.0062 1816 IKEEXT - ok

16:30:14.0109 1816 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys

16:30:14.0109 1816 IntcDAud - ok

16:30:14.0125 1816 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys

16:30:14.0140 1816 intelide - ok

16:30:14.0156 1816 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys

16:30:14.0171 1816 intelppm - ok

16:30:14.0203 1816 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll

16:30:14.0218 1816 IPBusEnum - ok

16:30:14.0234 1816 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys

16:30:14.0234 1816 IpFilterDriver - ok

16:30:14.0265 1816 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll

16:30:14.0281 1816 iphlpsvc - ok

16:30:14.0296 1816 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys

16:30:14.0296 1816 IPMIDRV - ok

16:30:14.0296 1816 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys

16:30:14.0296 1816 IPNAT - ok

16:30:14.0327 1816 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys

16:30:14.0327 1816 IRENUM - ok

16:30:14.0359 1816 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys

16:30:14.0359 1816 isapnp - ok

16:30:14.0374 1816 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys

16:30:14.0374 1816 iScsiPrt - ok

16:30:14.0405 1816 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys

16:30:14.0405 1816 kbdclass - ok

16:30:14.0421 1816 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys

16:30:14.0421 1816 kbdhid - ok

16:30:14.0437 1816 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe

16:30:14.0437 1816 KeyIso - ok

16:30:14.0468 1816 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys

16:30:14.0468 1816 KSecDD - ok

16:30:14.0483 1816 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys

16:30:14.0483 1816 KSecPkg - ok

16:30:14.0515 1816 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys

16:30:14.0515 1816 ksthunk - ok

16:30:14.0546 1816 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll

16:30:14.0546 1816 KtmRm - ok

16:30:14.0577 1816 [ EBED8B3FF4A823C1A6EEBEED7B29353F ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys

16:30:14.0593 1816 L1C - ok

16:30:14.0624 1816 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\System32\srvsvc.dll

16:30:14.0639 1816 LanmanServer - ok

16:30:14.0655 1816 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll

16:30:14.0655 1816 LanmanWorkstation - ok

16:30:14.0702 1816 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys

16:30:14.0702 1816 lltdio - ok

16:30:14.0717 1816 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll

16:30:14.0733 1816 lltdsvc - ok

16:30:14.0733 1816 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll

16:30:14.0733 1816 lmhosts - ok

16:30:14.0827 1816 [ 2ED1786B7542CDA261029F6B526EDF44 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

16:30:14.0827 1816 LMS - ok

16:30:14.0842 1816 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys

16:30:14.0842 1816 LSI_FC - ok

16:30:14.0873 1816 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys

16:30:14.0873 1816 LSI_SAS - ok

16:30:14.0889 1816 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys

16:30:14.0889 1816 LSI_SAS2 - ok

16:30:14.0905 1816 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys

16:30:14.0905 1816 LSI_SCSI - ok

16:30:14.0951 1816 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys

16:30:14.0951 1816 luafv - ok

16:30:15.0014 1816 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\windows\system32\drivers\mbam.sys

16:30:15.0014 1816 MBAMProtector - ok

16:30:15.0061 1816 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

16:30:15.0061 1816 MBAMScheduler - ok

16:30:15.0092 1816 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

16:30:15.0107 1816 MBAMService - ok

16:30:15.0139 1816 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll

16:30:15.0139 1816 Mcx2Svc - ok

16:30:15.0154 1816 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys

16:30:15.0154 1816 megasas - ok

16:30:15.0185 1816 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys

16:30:15.0201 1816 MegaSR - ok

16:30:15.0232 1816 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys

16:30:15.0232 1816 MEIx64 - ok

16:30:15.0263 1816 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll

16:30:15.0263 1816 MMCSS - ok

16:30:15.0279 1816 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys

16:30:15.0279 1816 Modem - ok

16:30:15.0310 1816 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys

16:30:15.0310 1816 monitor - ok

16:30:15.0341 1816 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys

16:30:15.0341 1816 mouclass - ok

16:30:15.0357 1816 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys

16:30:15.0357 1816 mouhid - ok

16:30:15.0388 1816 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys

16:30:15.0388 1816 mountmgr - ok

16:30:15.0404 1816 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys

16:30:15.0404 1816 mpio - ok

16:30:15.0419 1816 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys

16:30:15.0419 1816 mpsdrv - ok

16:30:15.0451 1816 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll

16:30:15.0466 1816 MpsSvc - ok

16:30:15.0482 1816 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys

16:30:15.0482 1816 MRxDAV - ok

16:30:15.0513 1816 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys

16:30:15.0513 1816 mrxsmb - ok

16:30:15.0544 1816 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys

16:30:15.0544 1816 mrxsmb10 - ok

16:30:15.0544 1816 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys

16:30:15.0560 1816 mrxsmb20 - ok

16:30:15.0560 1816 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\DRIVERS\msahci.sys

16:30:15.0560 1816 msahci - ok

16:30:15.0575 1816 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys

16:30:15.0575 1816 msdsm - ok

16:30:15.0591 1816 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe

16:30:15.0591 1816 MSDTC - ok

16:30:15.0622 1816 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys

16:30:15.0638 1816 Msfs - ok

16:30:15.0653 1816 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys

16:30:15.0653 1816 mshidkmdf - ok

16:30:15.0669 1816 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys

16:30:15.0669 1816 msisadrv - ok

16:30:15.0700 1816 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll

16:30:15.0700 1816 MSiSCSI - ok

16:30:15.0700 1816 msiserver - ok

16:30:15.0731 1816 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys

16:30:15.0731 1816 MSKSSRV - ok

16:30:15.0747 1816 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys

16:30:15.0747 1816 MSPCLOCK - ok

16:30:15.0747 1816 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys

16:30:15.0763 1816 MSPQM - ok

16:30:15.0778 1816 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys

16:30:15.0778 1816 MsRPC - ok

16:30:15.0794 1816 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys

16:30:15.0794 1816 mssmbios - ok

16:30:15.0794 1816 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys

16:30:15.0794 1816 MSTEE - ok

16:30:15.0794 1816 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys

16:30:15.0794 1816 MTConfig - ok

16:30:15.0809 1816 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys

16:30:15.0809 1816 Mup - ok

16:30:15.0841 1816 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll

16:30:15.0856 1816 napagent - ok

16:30:15.0887 1816 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys

16:30:15.0887 1816 NativeWifiP - ok

16:30:15.0950 1816 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys

16:30:15.0965 1816 NDIS - ok

16:30:15.0997 1816 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys

16:30:15.0997 1816 NdisCap - ok

16:30:16.0012 1816 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys

16:30:16.0012 1816 NdisTapi - ok

16:30:16.0043 1816 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys

16:30:16.0043 1816 Ndisuio - ok

16:30:16.0059 1816 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys

16:30:16.0059 1816 NdisWan - ok

16:30:16.0075 1816 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys

16:30:16.0075 1816 NDProxy - ok

16:30:16.0106 1816 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys

16:30:16.0106 1816 NetBIOS - ok

16:30:16.0137 1816 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys

16:30:16.0137 1816 NetBT - ok

16:30:16.0153 1816 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe

16:30:16.0153 1816 Netlogon - ok

16:30:16.0215 1816 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll

16:30:16.0215 1816 Netman - ok

16:30:16.0231 1816 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll

16:30:16.0246 1816 netprofm - ok

16:30:16.0277 1816 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

16:30:16.0277 1816 NetTcpPortSharing - ok

16:30:16.0293 1816 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys

16:30:16.0293 1816 nfrd960 - ok

16:30:16.0324 1816 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll

16:30:16.0324 1816 NlaSvc - ok

16:30:16.0340 1816 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys

16:30:16.0340 1816 Npfs - ok

16:30:16.0371 1816 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll

16:30:16.0371 1816 nsi - ok

16:30:16.0387 1816 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys

16:30:16.0387 1816 nsiproxy - ok

16:30:16.0433 1816 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys

16:30:16.0449 1816 Ntfs - ok

16:30:16.0465 1816 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys

16:30:16.0465 1816 Null - ok

16:30:16.0496 1816 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys

16:30:16.0496 1816 nvraid - ok

16:30:16.0511 1816 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys

16:30:16.0511 1816 nvstor - ok

16:30:16.0527 1816 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys

16:30:16.0527 1816 nv_agp - ok

16:30:16.0621 1816 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

16:30:16.0636 1816 odserv - ok

16:30:16.0667 1816 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys

16:30:16.0667 1816 ohci1394 - ok

16:30:16.0699 1816 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

16:30:16.0699 1816 ose - ok

16:30:16.0730 1816 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll

16:30:16.0745 1816 p2pimsvc - ok

16:30:16.0761 1816 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll

16:30:16.0761 1816 p2psvc - ok

16:30:16.0777 1816 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys

16:30:16.0777 1816 Parport - ok

16:30:16.0808 1816 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys

16:30:16.0808 1816 partmgr - ok

16:30:16.0855 1816 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll

16:30:16.0855 1816 PcaSvc - ok

16:30:16.0870 1816 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys

16:30:16.0886 1816 pci - ok

16:30:16.0901 1816 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys

16:30:16.0901 1816 pciide - ok

16:30:16.0917 1816 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys

16:30:16.0917 1816 pcmcia - ok

16:30:16.0933 1816 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys

16:30:16.0933 1816 pcw - ok

16:30:16.0964 1816 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys

16:30:16.0964 1816 PEAUTH - ok

16:30:17.0011 1816 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe

16:30:17.0135 1816 PerfHost - ok

16:30:17.0167 1816 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys

16:30:17.0167 1816 PGEffect - ok

16:30:17.0213 1816 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll

16:30:17.0229 1816 pla - ok

16:30:17.0260 1816 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll

16:30:17.0260 1816 PlugPlay - ok

16:30:17.0276 1816 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll

16:30:17.0276 1816 PNRPAutoReg - ok

16:30:17.0291 1816 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll

16:30:17.0291 1816 PNRPsvc - ok

16:30:17.0338 1816 [ 32D374C60778253B81FA76C2FE19E155 ] Point64 C:\windows\system32\DRIVERS\point64.sys

16:30:17.0338 1816 Point64 - ok

16:30:17.0369 1816 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll

16:30:17.0385 1816 PolicyAgent - ok

16:30:17.0401 1816 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll

16:30:17.0401 1816 Power - ok

16:30:17.0432 1816 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys

16:30:17.0447 1816 PptpMiniport - ok

16:30:17.0463 1816 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys

16:30:17.0463 1816 Processor - ok

16:30:17.0494 1816 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll

16:30:17.0510 1816 ProfSvc - ok

16:30:17.0525 1816 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe

16:30:17.0525 1816 ProtectedStorage - ok

16:30:17.0557 1816 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys

16:30:17.0557 1816 Psched - ok

16:30:17.0588 1816 [ C8FCB4899F8B70CC34E0D9876A80963C ] QIOMem C:\windows\system32\DRIVERS\QIOMem.sys

16:30:17.0588 1816 QIOMem - ok

16:30:17.0635 1816 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys

16:30:17.0650 1816 ql2300 - ok

16:30:17.0681 1816 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys

16:30:17.0681 1816 ql40xx - ok

16:30:17.0697 1816 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll

16:30:17.0697 1816 QWAVE - ok

16:30:17.0713 1816 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys

16:30:17.0713 1816 QWAVEdrv - ok

16:30:17.0822 1816 [ 883082A146E548364AF4A8EAE830C653 ] rak C:\Game\SoftnyxGame\RakionIS\Bin\avital\rakion64.sys

16:30:17.0837 1816 rak - ok

16:30:17.0853 1816 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys

16:30:17.0853 1816 RasAcd - ok

16:30:17.0884 1816 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys

16:30:17.0884 1816 RasAgileVpn - ok

16:30:17.0915 1816 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll

16:30:17.0915 1816 RasAuto - ok

16:30:17.0931 1816 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys

16:30:17.0931 1816 Rasl2tp - ok

16:30:17.0947 1816 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll

16:30:17.0962 1816 RasMan - ok

16:30:17.0993 1816 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys

16:30:17.0993 1816 RasPppoe - ok

16:30:18.0009 1816 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys

16:30:18.0009 1816 RasSstp - ok

16:30:18.0025 1816 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys

16:30:18.0025 1816 rdbss - ok

16:30:18.0040 1816 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys

16:30:18.0040 1816 rdpbus - ok

16:30:18.0056 1816 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys

16:30:18.0056 1816 RDPCDD - ok

16:30:18.0071 1816 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys

16:30:18.0071 1816 RDPENCDD - ok

16:30:18.0071 1816 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys

16:30:18.0087 1816 RDPREFMP - ok

16:30:18.0103 1816 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys

16:30:18.0103 1816 RDPWD - ok

16:30:18.0149 1816 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys

16:30:18.0165 1816 rdyboost - ok

16:30:18.0212 1816 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll

16:30:18.0227 1816 RemoteAccess - ok

16:30:18.0243 1816 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll

16:30:18.0243 1816 RemoteRegistry - ok

16:30:18.0290 1816 [ CAF88D6573D21CD2AA27001DDBFDC74D ] RMCAST C:\windows\system32\DRIVERS\RMCAST.sys

16:30:18.0290 1816 RMCAST - ok

16:30:18.0321 1816 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll

16:30:18.0321 1816 RpcEptMapper - ok

16:30:18.0337 1816 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe

16:30:18.0337 1816 RpcLocator - ok

16:30:18.0368 1816 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll

16:30:18.0368 1816 RpcSs - ok

16:30:18.0399 1816 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys

16:30:18.0399 1816 rspndr - ok

16:30:18.0430 1816 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys

16:30:18.0430 1816 RSUSBSTOR - ok

16:30:18.0446 1816 [ E5DC911D0FEB72CAFF2BBDD6E7C3672F ] RSUSBVSTOR C:\windows\system32\Drivers\RTSUVSTOR.sys

16:30:18.0446 1816 RSUSBVSTOR - ok

16:30:18.0508 1816 [ 64FDF4FE366CA42DA2B7D9D424B6E39B ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys

16:30:18.0508 1816 RTL8192Ce - ok

16:30:18.0524 1816 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe

16:30:18.0524 1816 SamSs - ok

16:30:18.0555 1816 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys

16:30:18.0555 1816 sbp2port - ok

16:30:18.0586 1816 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll

16:30:18.0586 1816 SCardSvr - ok

16:30:18.0602 1816 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys

16:30:18.0602 1816 scfilter - ok

16:30:18.0633 1816 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll

16:30:18.0649 1816 Schedule - ok

16:30:18.0664 1816 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll

16:30:18.0664 1816 SCPolicySvc - ok

16:30:18.0680 1816 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll

16:30:18.0680 1816 SDRSVC - ok

16:30:18.0727 1816 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys

16:30:18.0727 1816 secdrv - ok

16:30:18.0727 1816 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll

16:30:18.0727 1816 seclogon - ok

16:30:18.0742 1816 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll

16:30:18.0742 1816 SENS - ok

16:30:18.0758 1816 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll

16:30:18.0758 1816 SensrSvc - ok

16:30:18.0789 1816 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys

16:30:18.0789 1816 Serenum - ok

16:30:18.0820 1816 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys

16:30:18.0820 1816 Serial - ok

16:30:18.0836 1816 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys

16:30:18.0836 1816 sermouse - ok

16:30:18.0851 1816 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll

16:30:18.0867 1816 SessionEnv - ok

16:30:18.0867 1816 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys

16:30:18.0867 1816 sffdisk - ok

16:30:18.0867 1816 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys

16:30:18.0867 1816 sffp_mmc - ok

16:30:18.0898 1816 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys

16:30:18.0898 1816 sffp_sd - ok

16:30:18.0914 1816 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys

16:30:18.0914 1816 sfloppy - ok

16:30:18.0945 1816 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll

16:30:18.0945 1816 SharedAccess - ok

16:30:18.0976 1816 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll

16:30:18.0976 1816 ShellHWDetection - ok

16:30:19.0007 1816 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys

16:30:19.0007 1816 SiSRaid2 - ok

16:30:19.0023 1816 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys

16:30:19.0023 1816 SiSRaid4 - ok

16:30:19.0054 1816 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys

16:30:19.0054 1816 Smb - ok

16:30:19.0085 1816 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe

16:30:19.0085 1816 SNMPTRAP - ok

16:30:19.0163 1816 [ CA995441849163F173BDD8A7E17E24E8 ] SophosVirusRemovalTool C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe

16:30:19.0163 1816 SophosVirusRemovalTool - ok

16:30:19.0179 1816 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys

16:30:19.0179 1816 spldr - ok

16:30:19.0210 1816 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe

16:30:19.0210 1816 Spooler - ok

16:30:19.0288 1816 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe

16:30:19.0319 1816 sppsvc - ok

16:30:19.0335 1816 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll

16:30:19.0351 1816 sppuinotify - ok

16:30:19.0382 1816 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys

16:30:19.0382 1816 srv - ok

16:30:19.0397 1816 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys

16:30:19.0397 1816 srv2 - ok

16:30:19.0429 1816 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\windows\system32\DRIVERS\VSTAZL6.SYS

16:30:19.0429 1816 SrvHsfHDA - ok

16:30:19.0475 1816 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\windows\system32\DRIVERS\VSTDPV6.SYS

16:30:19.0507 1816 SrvHsfV92 - ok

16:30:19.0538 1816 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\windows\system32\DRIVERS\VSTCNXT6.SYS

16:30:19.0553 1816 SrvHsfWinac - ok

16:30:19.0569 1816 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys

16:30:19.0569 1816 srvnet - ok

16:30:19.0600 1816 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll

16:30:19.0600 1816 SSDPSRV - ok

16:30:19.0616 1816 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll

16:30:19.0616 1816 SstpSvc - ok

16:30:19.0631 1816 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys

16:30:19.0631 1816 stexstor - ok

16:30:19.0678 1816 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll

16:30:19.0678 1816 stisvc - ok

16:30:19.0694 1816 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys

16:30:19.0694 1816 swenum - ok

16:30:19.0725 1816 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll

16:30:19.0741 1816 swprv - ok

16:30:19.0787 1816 [ F5B46DF59FEAA48A442AED7EEB754D4B ] SynTP C:\windows\system32\DRIVERS\SynTP.sys

16:30:19.0787 1816 SynTP - ok

16:30:19.0850 1816 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll

16:30:19.0865 1816 SysMain - ok

16:30:19.0881 1816 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll

16:30:19.0881 1816 TabletInputService - ok

16:30:19.0897 1816 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll

16:30:19.0912 1816 TapiSrv - ok

16:30:19.0928 1816 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll

16:30:19.0928 1816 TBS - ok

16:30:19.0990 1816 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\windows\system32\drivers\tcpip.sys

16:30:20.0006 1816 Tcpip - ok

16:30:20.0037 1816 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys

16:30:20.0053 1816 TCPIP6 - ok

16:30:20.0084 1816 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys

16:30:20.0084 1816 tcpipreg - ok

16:30:20.0115 1816 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys

16:30:20.0115 1816 tdcmdpst - ok

16:30:20.0146 1816 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys

16:30:20.0146 1816 TDPIPE - ok

16:30:20.0162 1816 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys

16:30:20.0162 1816 TDTCP - ok

16:30:20.0193 1816 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys

16:30:20.0193 1816 tdx - ok

16:30:20.0209 1816 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys

16:30:20.0209 1816 TermDD - ok

16:30:20.0240 1816 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll

16:30:20.0240 1816 TermService - ok

16:30:20.0271 1816 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll

16:30:20.0271 1816 Themes - ok

16:30:20.0287 1816 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll

16:30:20.0287 1816 THREADORDER - ok

16:30:20.0365 1816 [ 71C321649B28638EE80A2EEB164C1DC8 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

16:30:20.0365 1816 TMachInfo - ok

16:30:20.0380 1816 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\Windows\system32\TODDSrv.exe

16:30:20.0380 1816 TODDSrv - ok

16:30:20.0489 1816 [ 1C73689B900428C7D054A41C4687F55C ] TosCoSrv C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe

16:30:20.0489 1816 TosCoSrv - ok

16:30:20.0536 1816 [ 63AAFCF3EA5DBB17123E0BAE9AFE4D58 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe

16:30:20.0536 1816 TOSHIBA eco Utility Service - ok

16:30:20.0599 1816 [ 29D0886CF250FCEF1BF9E65AB8D2C0C8 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

16:30:20.0599 1816 TOSHIBA HDD SSD Alert Service - ok

16:30:20.0645 1816 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys

16:30:20.0645 1816 tos_sps64 - ok

16:30:20.0692 1816 [ 098B8A408C17E125A3D9A8E1166780C8 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

16:30:20.0692 1816 TPCHSrv - ok

16:30:20.0723 1816 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll

16:30:20.0723 1816 TrkWks - ok

16:30:20.0770 1816 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe

16:30:20.0770 1816 TrustedInstaller - ok

16:30:20.0786 1816 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys

16:30:20.0786 1816 tssecsrv - ok

16:30:20.0817 1816 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys

16:30:20.0817 1816 TsUsbFlt - ok

16:30:20.0833 1816 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys

16:30:20.0833 1816 TsUsbGD - ok

16:30:20.0864 1816 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys

16:30:20.0864 1816 tunnel - ok

16:30:20.0895 1816 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS

16:30:20.0895 1816 TVALZ - ok

16:30:20.0911 1816 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys

16:30:20.0911 1816 TVALZFL - ok

16:30:20.0926 1816 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys

16:30:20.0926 1816 uagp35 - ok

16:30:20.0957 1816 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys

16:30:20.0957 1816 udfs - ok

16:30:20.0989 1816 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe

16:30:20.0989 1816 UI0Detect - ok

16:30:21.0004 1816 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys

16:30:21.0004 1816 uliagpkx - ok

16:30:21.0035 1816 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys

16:30:21.0035 1816 umbus - ok

16:30:21.0051 1816 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys

16:30:21.0051 1816 UmPass - ok

16:30:21.0145 1816 [ 7E5E1603D0FF2D240AE70295C5C3FEFC ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

16:30:21.0176 1816 UNS - ok

16:30:21.0207 1816 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll

16:30:21.0207 1816 upnphost - ok

16:30:21.0238 1816 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys

16:30:21.0238 1816 USBAAPL64 - ok

16:30:21.0254 1816 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys

16:30:21.0254 1816 usbccgp - ok

16:30:21.0285 1816 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys

16:30:21.0285 1816 usbcir - ok

16:30:21.0301 1816 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys

16:30:21.0301 1816 usbehci - ok

16:30:21.0332 1816 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys

16:30:21.0347 1816 usbhub - ok

16:30:21.0347 1816 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys

16:30:21.0347 1816 usbohci - ok

16:30:21.0379 1816 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\drivers\usbprint.sys

16:30:21.0379 1816 usbprint - ok

16:30:21.0394 1816 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS

16:30:21.0394 1816 USBSTOR - ok

16:30:21.0410 1816 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys

16:30:21.0410 1816 usbuhci - ok

16:30:21.0441 1816 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys

16:30:21.0441 1816 usbvideo - ok

16:30:21.0472 1816 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll

16:30:21.0472 1816 UxSms - ok

16:30:21.0488 1816 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe

16:30:21.0488 1816 VaultSvc - ok

16:30:21.0503 1816 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys

16:30:21.0503 1816 vdrvroot - ok

16:30:21.0535 1816 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe

16:30:21.0535 1816 vds - ok

16:30:21.0566 1816 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys

16:30:21.0566 1816 vga - ok

16:30:21.0581 1816 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys

16:30:21.0581 1816 VgaSave - ok

16:30:21.0581 1816 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys

16:30:21.0597 1816 vhdmp - ok

16:30:21.0597 1816 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys

16:30:21.0597 1816 viaide - ok

16:30:21.0613 1816 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys

16:30:21.0628 1816 volmgr - ok

16:30:21.0628 1816 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys

16:30:21.0644 1816 volmgrx - ok

16:30:21.0659 1816 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys

16:30:21.0659 1816 volsnap - ok

16:30:21.0675 1816 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys

16:30:21.0675 1816 vsmraid - ok

16:30:21.0722 1816 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe

16:30:21.0737 1816 VSS - ok

16:30:21.0769 1816 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys

16:30:21.0769 1816 vwifibus - ok

16:30:21.0815 1816 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys

16:30:21.0815 1816 vwififlt - ok

16:30:21.0815 1816 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys

16:30:21.0831 1816 vwifimp - ok

16:30:21.0847 1816 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll

16:30:21.0862 1816 W32Time - ok

16:30:21.0878 1816 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys

16:30:21.0878 1816 WacomPen - ok

16:30:21.0925 1816 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys

16:30:21.0925 1816 WANARP - ok

16:30:21.0925 1816 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys

16:30:21.0925 1816 Wanarpv6 - ok

16:30:22.0003 1816 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe

16:30:22.0018 1816 WatAdminSvc - ok

16:30:22.0065 1816 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe

16:30:22.0081 1816 wbengine - ok

16:30:22.0096 1816 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll

16:30:22.0096 1816 WbioSrvc - ok

16:30:22.0112 1816 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll

16:30:22.0127 1816 wcncsvc - ok

16:30:22.0190 1816 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll

16:30:22.0190 1816 WcsPlugInService - ok

16:30:22.0205 1816 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys

16:30:22.0205 1816 Wd - ok

16:30:22.0237 1816 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys

16:30:22.0237 1816 Wdf01000 - ok

16:30:22.0252 1816 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll

16:30:22.0268 1816 WdiServiceHost - ok

16:30:22.0268 1816 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll

16:30:22.0268 1816 WdiSystemHost - ok

16:30:22.0299 1816 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll

16:30:22.0299 1816 WebClient - ok

16:30:22.0315 1816 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll

16:30:22.0315 1816 Wecsvc - ok

16:30:22.0330 1816 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll

16:30:22.0330 1816 wercplsupport - ok

16:30:22.0361 1816 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll

16:30:22.0361 1816 WerSvc - ok

16:30:22.0377 1816 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys

16:30:22.0377 1816 WfpLwf - ok

16:30:22.0393 1816 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys

16:30:22.0393 1816 WIMMount - ok

16:30:22.0408 1816 WinDefend - ok

16:30:22.0408 1816 WinHttpAutoProxySvc - ok

16:30:22.0439 1816 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll

16:30:22.0439 1816 Winmgmt - ok

16:30:22.0517 1816 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll

16:30:22.0533 1816 WinRM - ok

16:30:22.0580 1816 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys

16:30:22.0580 1816 WinUsb - ok

16:30:22.0611 1816 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll

16:30:22.0627 1816 Wlansvc - ok

16:30:22.0720 1816 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

16:30:22.0736 1816 wlidsvc - ok

16:30:22.0783 1816 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys

16:30:22.0783 1816 WmiAcpi - ok

16:30:22.0814 1816 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe

16:30:22.0814 1816 wmiApSrv - ok

16:30:22.0845 1816 WMPNetworkSvc - ok

16:30:22.0861 1816 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll

16:30:22.0861 1816 WPCSvc - ok

16:30:22.0876 1816 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll

16:30:22.0876 1816 WPDBusEnum - ok

16:30:22.0907 1816 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys

16:30:22.0907 1816 ws2ifsl - ok

16:30:22.0923 1816 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\system32\wscsvc.dll

16:30:22.0923 1816 wscsvc - ok

16:30:22.0939 1816 WSearch - ok

16:30:23.0001 1816 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll

16:30:23.0017 1816 wuauserv - ok

16:30:23.0048 1816 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys

16:30:23.0048 1816 WudfPf - ok

16:30:23.0095 1816 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys

16:30:23.0095 1816 WUDFRd - ok

16:30:23.0126 1816 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll

16:30:23.0126 1816 wudfsvc - ok

16:30:23.0157 1816 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll

16:30:23.0188 1816 WwanSvc - ok

16:30:23.0219 1816 ================ Scan global ===============================

16:30:23.0251 1816 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll

16:30:23.0266 1816 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll

16:30:23.0282 1816 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll

16:30:23.0297 1816 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll

16:30:23.0329 1816 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe

16:30:23.0329 1816 [Global] - ok

16:30:23.0329 1816 ================ Scan MBR ==================================

16:30:23.0344 1816 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0

16:30:23.0500 1816 \Device\Harddisk0\DR0 - ok

16:30:23.0500 1816 ================ Scan VBR ==================================

16:30:23.0516 1816 [ 5A8CFA1A10E6E40B76B536FBCFA6A759 ] \Device\Harddisk0\DR0\Partition1

16:30:23.0516 1816 \Device\Harddisk0\DR0\Partition1 - ok

16:30:23.0516 1816 ============================================================

16:30:23.0516 1816 Scan finished

16:30:23.0516 1816 ============================================================

16:30:23.0516 1296 Detected object count: 0

16:30:23.0516 1296 Actual detected object count: 0

16:30:52.0947 1644 Deinitialize success

[madmatt7]

If all of this doesn't work should I try to follow the guide on bleepingcomputer using autorun...or restore to factory settings (I don't know where the my CD is if I have to do that).

[jeffce]

Malwarebytes Anti-Rootkit

Please download Malwarebytes Anti-Rootkit and save it to your desktop.

• Be sure to print out and follow the instructions provided on that same page.
  
• Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.
  
• Scan your system for malware
  
• If malware is found, please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.
  

If no malware is found please let me know.

----------

[madmatt7]

No malware was found after scanning my computer.

[jeffce]

Download RogueKiller (by tigzy) and save direct to your Desktop.

On the web page click on this:

• Quit all running programs
  
• Start RogueKiller.exe
  
• Wait until Prescan has finished.
  
• Ensure all boxes are ticked under "Report" tab.
  
• Click on Scan.
  
• Click on Report when complete. Copy/paste the contents of the report and paste into your next reply.
  
• NOTE: DO NOT attempt to remove anything that the scan detects. Not everything is bad!
  

[madmatt7]

Found 5 things...crossing my fingers (but I doubt it).

Thanks so far though.

RogueKiller V8.3.1 [Dec 2 2012] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Safe mode with network support

User : Olivia [Admin rights]

Mode : Scan -- Date : 12/03/2012 09:09:48

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 5 ¤¤¤

[RUN][sUSP PATH] HKLM\[...]\Wow6432Node\RunOnce : Z1 (C:\Users\Olivia\Desktop\mbar\mbar.exe /cleanup /s) -> FOUND

[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND

[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\windows\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK7575GSX +++++

--- User ---

[MBR] e5e44104d64e26e04ccd8f4983d42e20

[bSP] a8936ce11f18d4f178bb4c27e2c2e297 : Windows Vista MBR Code

Partition table:

0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 699028 Mo

2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 1434683392 | Size: 14875 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1]_S_12032012_02d0909.txt >>

RKreport[1]_S_12032012_02d0909.txt

[jeffce]

Please delete the current version of Combofix.exe from your desktop and download a new version from here to your desktop.

Disable your AntiVirus and AntiSpyware applications.

Right-click and Run as Administrator on the Combofix.exe and follow the prombts on your display. When finish, it will create a C:\Combofix.txt. Please post this log for further review.

---------

[madmatt7]

ComboFix 12-12-02.01 - Olivia 12/03/2012 11:57:03.4.4 - x64 NETWORK

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6092.5189 [GMT -5:00]

Running from: c:\users\Olivia\Downloads\ComboFix.exe

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Created a new restore point

.

.

((((((((((((((((((((((((( Files Created from 2012-11-03 to 2012-12-03 )))))))))))))))))))))))))))))))

.

.

2012-12-03 17:01 . 2012-12-03 17:01 -------- d-----w- c:\users\Public\AppData\Local\temp

2012-12-03 17:01 . 2012-12-03 17:01 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-12-03 14:38 . 2012-12-03 14:41 -------- d-----w- c:\programdata\Battle.net

2012-12-02 00:51 . 2012-12-02 00:51 -------- d-----w- C:\_OTL

2012-11-28 02:29 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E5CB7AAE-1911-4B25-BDDB-D3BE1DE46917}\mpengine.dll

2012-11-24 21:53 . 2012-11-27 22:28 -------- d-----w- c:\program files (x86)\PC Checkup

2012-11-24 21:53 . 2012-11-24 21:53 -------- d-----w- c:\users\Olivia\AppData\Local\Programs

2012-11-24 11:46 . 2012-11-27 22:28 -------- d-----w- c:\users\Olivia\AppData\Roaming\PCCUStubInstaller

2012-11-20 06:11 . 2012-11-20 08:03 -------- d-----w- c:\program files (x86)\Warcraft III

2012-11-20 06:11 . 2012-11-20 06:15 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment

2012-11-15 08:09 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys

2012-11-15 08:09 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys

2012-11-15 08:09 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui

2012-11-15 08:09 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll

2012-11-15 08:00 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys

2012-11-15 08:00 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys

2012-11-15 08:00 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll

2012-11-15 08:00 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll

2012-11-15 08:00 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe

2012-11-15 08:00 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll

2012-11-15 08:00 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll

2012-11-15 06:35 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll

2012-11-15 06:35 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll

2012-11-10 03:06 . 2012-11-10 03:06 -------- d-----w- c:\windows\SysWow64\Adobe

2012-11-09 14:25 . 2012-11-27 15:47 -------- d-----w- c:\users\Olivia\AppData\Local\Spotify

2012-11-09 14:24 . 2012-11-28 06:54 -------- d-----w- c:\users\Olivia\AppData\Roaming\Spotify

2012-11-07 04:47 . 2012-11-07 04:47 -------- d-----w- c:\users\Olivia\jagexcache1

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-11-15 08:01 . 2012-09-11 21:41 66395536 ----a-w- c:\windows\system32\MRT.exe

2012-10-30 23:50 . 2012-10-08 06:47 285328 ----a-w- c:\windows\system32\aswBoot.exe

2012-10-30 13:22 . 2012-10-30 13:22 73728 ----a-r- c:\users\Olivia\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe1_810EDD9E2F0A4E2BACF86673C38D9F48.exe

2012-10-30 13:22 . 2012-10-30 13:22 73728 ----a-r- c:\users\Olivia\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe_810EDD9E2F0A4E2BACF86673C38D9F48.exe

2012-10-30 13:22 . 2012-10-30 13:22 73728 ----a-r- c:\users\Olivia\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\ARPPRODUCTICON.exe

2012-10-08 06:26 . 2012-10-08 06:26 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2012-10-08 06:26 . 2011-08-01 07:30 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-09-29 23:54 . 2012-09-12 23:34 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-09-25 03:16 . 2012-11-02 21:30 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2012-09-14 19:19 . 2012-10-09 18:47 2048 ----a-w- c:\windows\system32\tzres.dll

2012-09-14 18:28 . 2012-10-09 18:47 2048 ----a-w- c:\windows\SysWow64\tzres.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]

@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"

[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]

2012-08-25 23:16 220608 ----a-w- c:\users\Olivia\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]

@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"

[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]

2012-08-25 23:16 220608 ----a-w- c:\users\Olivia\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]

@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"

[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]

2012-08-25 23:16 220608 ----a-w- c:\users\Olivia\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Cookienator"="c:\program files (x86)\Cookienator\cookienator.exe" [2009-10-19 1333472]

"Spotify"="c:\users\Olivia\AppData\Roaming\Spotify\Spotify.exe" [2012-11-09 7880664]

"Spotify Web Helper"="c:\users\Olivia\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-11-09 1199576]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2011-07-12 1298816]

"NortonOnlineBackupReminder"="c:\program files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" [2011-06-22 3218864]

"ToshibaAppPlace"="c:\program files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe" [2010-09-23 552960]

"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-24 926896]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]

"Z1"="c:\users\Olivia\Desktop\mbar\mbar.exe" [2012-12-03 1341800]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SophosVirusRemovalTool]

@="Service"

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\EPSON\EpsonCustomerParticipation\EPCP.exe [2011-06-09 555392]

R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]

R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]

R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2011-05-24 294848]

R2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]

R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2012-06-25 52320]

R3 Gun;Gun;c:\game\SoftnyxGame\GunBoundIS\Gun64.sys [2012-10-02 45176]

R3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]

R3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2011-02-09 38096]

R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2012-06-27 46176]

R3 rak;rak;c:\game\SoftnyxGame\RakionIS\Bin\avital\rakion64.sys [2012-11-21 81880]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-12-01 250984]

R3 RSUSBVSTOR;RTSUVSTOR.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTSUVSTOR.sys [2011-07-09 307304]

R3 SophosVirusRemovalTool;Sophos Virus Removal Tool;c:\program files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe [2012-09-19 152640]

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]

R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-07-12 57216]

R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-06-10 138152]

R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2011-07-01 828856]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-01-07 1255736]

S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [2009-06-24 482384]

S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-20 14472]

S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-11-08 76912]

S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys [2009-06-15 12800]

S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2011-01-05 1109096]

.

.

Contents of the 'Scheduled Tasks' folder

.

2012-12-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-08 06:47]

.

2012-12-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-08 06:47]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]

@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"

[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]

2012-08-25 23:16 244672 ----a-w- c:\users\Olivia\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]

@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"

[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]

2012-08-25 23:16 244672 ----a-w- c:\users\Olivia\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]

@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"

[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]

2012-08-25 23:16 244672 ----a-w- c:\users\Olivia\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-08 167256]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-08 391000]

"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-08 418136]

"TPwrMain"="c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE" [bU]

"HSON"="c:\program files (x86)\TOSHIBA\TBS\HSON.exe" [bU]

"TCrdMain"="c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe" [bU]

"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2011-03-24 310912]

"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-06-30 562304]

"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU]

"Teco"="c:\program files (x86)\TOSHIBA\TECO\Teco.exe" [bU]

"TosWaitSrv"="c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe" [bU]

"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]

"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2011-06-10 710560]

"TosNC"="c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe" [bU]

"TosReelTimeMonitor"="c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [bU]

"IntelliType Pro"="c:\program files\Microsoft Device Center\itype.exe" [2012-06-27 1464928]

"IntelliPoint"="c:\program files\Microsoft Device Center\ipoint.exe" [2012-06-27 2004584]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://msn.com/

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 10.10.0.5 216.136.95.2

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]

@Denied: (2) (LocalSystem)

"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=hex:51,66,7a,6c,4c,1d,38,12,8d,ec,f8,

7b,2b,25,27,06,e7,c4,bc,f0,98,15,0d,de

"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8,

89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,

27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b

"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,

1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7

"{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}"=hex:51,66,7a,6c,4c,1d,38,12,60,d8,39,

64,cd,04,79,07,f5,b7,d6,9a,c1,81,e0,1c

"{6D53EC84-6AAE-4787-AEEE-F4628F01010C}"=hex:51,66,7a,6c,4c,1d,38,12,ea,ef,40,

69,9c,24,e9,02,d1,f8,b7,22,8a,5f,45,18

"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,

94,30,02,d1,0f,f1,da,12,24,73,56,27,d2

"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,

ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3

"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,

aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83

"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd,

d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b

"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,

df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd

"{F3C88694-EFFA-4D78-B409-54B7B2535B14}"=hex:51,66,7a,6c,4c,1d,38,12,fa,85,db,

f7,c8,a1,16,08,cb,1f,17,f7,b7,0d,1f,00

"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,

fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17

"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,

b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]

@Denied: (2) (LocalSystem)

"Timestamp"=hex:f3,54,a4,0f,23,66,cd,01

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (LocalSystem)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,4a,65,90,e2,ff,56,ed,4e,a0,7d,5f,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,4a,65,90,e2,ff,56,ed,4e,a0,7d,5f,\

.

[HKEY_USERS\S-1-5-21-847268353-2912776164-1514832063-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERS\S-1-5-21-847268353-2912776164-1514832063-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2012-12-03 12:03:06

ComboFix-quarantined-files.txt 2012-12-03 17:03

ComboFix2.txt 2012-11-30 06:33

.

Pre-Run: 671,370,891,264 bytes free

Post-Run: 671,440,474,112 bytes free

.

- - End Of File - - 03FA313D9673225E88BCDBE74795244A

[jeffce]

While I am looking this over, run a Full Scan with Malwarebytes and post the log when it finishes please.

[madmatt7]

Malwarebytes Anti-Malware 1.65.1.1000

www.malwarebytes.org

Database version: v2012.11.28.01

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)

Internet Explorer 9.0.8112.16421

Olivia :: OLIVIA-PC [administrator]

12/3/2012 2:58:31 PM

mbam-log-2012-12-03 (14-58-31).txt

Scan type: Full scan (C:\|D:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 320880

Time elapsed: 27 minute(s), 52 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

[jeffce]

I am not seeing anything jumping out at me malware related. How is your system behaving?

[madmatt7]

When I start my computer it takes a good 30 seconds just for the log in bar to appear. Then once I log in the screen goes black...takes a long time to load. Once my wall paper loads up the bottom tool bar will appear. It will stay blank for 1-10minutes. Then icons will appear in the screen. However, they appear as blank notes, eventually the icons will load up but it is impossible to click on anything. The computer either does not respond or it freezes.

I was sent here from PC help, these symptoms are very similar to when I had svc.exe trojan. After having it on my computer for a while when I would start my computer normally it wouldn't respond or remain frozen. Sometimes it will allow me to move my mouse but most times it wouldn't. Now I cannot even use my laptop without safe mode.

Sorry for the wall of text.

[jeffce]

Hi,

I have spoken with colleague and we think that a "Clean Boot" may be the option to take right now..... Here is a link that will guide you through this >> http://support.microsoft.com/kb/929135 If this is able to fix you up let me know. If not, we need to send you back to PC Help.

[madmatt7]

So when I try a "clean boot" after I log in the screen remains black. I'm not sure if it takes a long time but after 5 minutes (I tried twice) I shut it down. When I started the computer normally it had the same slow/frozen symptoms I was talking about.

[madmatt7]

However, I only did step one not step two.

[jeffce]

Please continue through step 2 if you are able.

[madmatt7]

I disabled them all again and finally it is working normally! I haven't figured out which is causing the problem but it is working atlast! I have no idea how to. Without powering my computer on and off 20+ times.

[madmatt7]

On that note it is still running a little slow...and glitchy but it can be used.

[madmatt7]

Update: When I disable everything sometimes it works...sometimes it doesn't. When it does...it is very temporary.

[jeffce]

Hi,

It seems that this is a software/hardware problem as I don't see any malware jumping out at me in any of the logs now. I think that you would be better served now by starting a new topic in the PC Help forum. The techs there are fantastic and you are definitely in great hands. Be sure to explain to them exactly what is going on with your system and also post a link to this topic so that they can see what we have done.