suhjonathan97 Posted June 20, 2013 ID:693639 Share Posted June 20, 2013 I have a Toshiba 64-bit Windows 7 Home Premium SP1. Lately my laptop has been getting weird, and IE frequently crashed especially while watching YouTube.I remember one "memory dump" error (I do not fully recall the name).Yesterday, Word crashed, so I finally decided to run Malwarebytes(free vers.), but nothing came up.I deleted the old copy and reinstalled and launched, to no avail.However, if I launch Task Manager after double-clicking Malwarebytes, TM lists Malwarebytes under one of the running processes.However the program does not actually launch for me to use.So I've run all Chameleon tests, and each of them gets stuck at "Trying to update Malwarebytes... please wait".I should also point out that I ran CCleaner right before reinstalling Malwarebytes (probably should not have done that?).Neither DDS.scr nor DDS.com launches; they each show "NSIS error; Error launching installer."I'm not sure if you want a HijackThis log...I really need help. Thanks. Link to post Share on other sites More sharing options...
suhjonathan97 Posted June 20, 2013 Author ID:693766 Share Posted June 20, 2013 To clarify, I meant to say that when I double-clicked Malwarebytes, the program did not seem to launch. In TM processes window it shows that it is up and running, but nothing launches and I cannot use it. Link to post Share on other sites More sharing options...
suhjonathan97 Posted June 21, 2013 Author ID:693870 Share Posted June 21, 2013 I feel like I did a terrible job of describing the situation. Plus, the symptoms have changed and new developments occurred. Could a moderator please close this thread and can I start a new one? Link to post Share on other sites More sharing options...
suhjonathan97 Posted June 21, 2013 Author ID:693894 Share Posted June 21, 2013 First of all, I have another open topic concerning the same problem open at:http://forums.malwarebytes.org/index.php?showtopic=128071.I have come to realize that I did not adequately describe the problem at hand, and I really cannot wait much for help, so I am forced to open another topic. Moderators and Administrators, I sincerely apologize for breaking rules, but I felt that this was necessary to get the appropriate help in time. Could you close the old topic to avoid any confusion? Thank you so much. So here is a rundown of what has happened. I have a Windows 7 Home Premium SP1 64-bit Toshiba laptop. Since about a week ago I noticed the laptop had slowed down a bit.IE froze up frequently when I was on YouTube, displaying "memory" errors and "long script" errors.However, being the tech idiot that I am, I failed to take action.Yesterday, Microsoft Word failed to launch properly, and I finally decided to do something.I ran CCleaner and attempted to launch Malwarebytes.However, when I double-clicked on the Malwarebytes icon, nothing appeared.Task Manager neverthelessly listed Malwarebytes as a running process.Still, the Malwarebytes window itself did not launch.I uninstalled and reinstalled Malwarebytes and attempted to launch it again, but the condition did not change.Then, I ran all 12 Chameleon tests, but each of them got stuck in the "attempting to update" stage (I let them run up to 2 hours).I did some research and downloaded and ran rkill.exe, which did not seem to do anything. (Logs did not shut down any malware) Today my computer's state has gotten worse. Computer freezes more frequently and for longer periods of time. I have had to use the power button to shut the computer down because the regular shutdown would refuse to work. The laptop also shut down and rebooted by itself once.IE functionality seems to come and go. Sometimes it will not even launch, and other times it works quite well. After some struggles I have managed to run the DDS tests. I chose the "extend search period" and "Force scan all domains" but did not choose "Disable whitelist" as it was not recommended.*My older brother also sometimes uses this laptop, and he has not taken great care of it hardware-wise.. could that be a problem?Here is the attach.txt .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home PremiumBoot Device: \Device\HarddiskVolume1Install Date: 3/25/2012 7:59:22 PMSystem Uptime: 6/20/2013 9:30:36 PM (1 hours ago).Motherboard: TOSHIBA | | POQAAProcessor: Intel® Core i3-2350M CPU @ 2.30GHz | CPU 1 | 2300/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 682 GiB total, 481.549 GiB free.D: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP115: 6/20/2013 8:51:25 PM - Removed Facebook Messenger 2.0.4447.0.==== Installed Programs ======================.Active@ ISO BurnerAdobe AIRAdobe Flash Player 11 ActiveXAdobe Reader X (10.1.7) MUIAdobe Shockwave Player 12.0Apple Application SupportApple Mobile Device SupportApple Software UpdateAudacity 2.0avast! Free AntivirusBonjourCCleanerCisco WebEx MeetingsD3DX10Daum ActiveX 컨트롤 - Daum ?? ?????Finale NotePad 2012FormatFactory 2.90GeoGebra 4.2Google ChromeGoogle Talk PluginGoogle Update HelperIntel PROSet WirelessIntel® Management Engine ComponentsIntel® Processor GraphicsIntel® PROSet/Wireless WiFi SoftwareIntel® Rapid Storage TechnologyIntel® WiDiIntel® Wireless DisplayiTunesJava 7 Update 21Java Auto UpdaterJavaFX 2.1.1JMicron Flash Media Controller DriverJunk Mail filter updateLAME v3.99.3 (for Windows)Magic DVD Copier V6.1.0Magic DVD Ripper V6.1.0Malwarebytes Anti-Malware version 1.75.0.1300Mathematica Extras 9.0 (4055459)Mesh RuntimeMicrosoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft Office Professional Plus 2010Microsoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319Movie Maker 6.0 for Windows 7 (64-bit)Mp3tag v2.51MSVCRTMSVCRT_amd64Network Recording PlayerOlympus Digital Wave PlayerPhotoScapeRealtek Ethernet Controller DriverRealtek High Definition Audio DriverRenesas Electronics USB 3.0 Host Controller DriverSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)SoftCamp Secure KeyStroke 4.0SpeccySubtitle Edit 3.2.8swMSMSynaptics Pointing Device DriverTOSHIBA Application InstallerTOSHIBA AssistTOSHIBA Disc CreatorTOSHIBA eco UtilityTOSHIBA Face RecognitionTOSHIBA Flash Cards Support UtilityTOSHIBA Hardware SetupTOSHIBA HDD ProtectionTOSHIBA HDD/SSD AlertTOSHIBA Media ControllerTOSHIBA Media Controller Plug-inTOSHIBA PC Health MonitorTOSHIBA Quality ApplicationTOSHIBA Recovery Media CreatorTOSHIBA ReelTimeTOSHIBA Resolution+ Plug-in for Windows Media PlayerTOSHIBA Service StationTOSHIBA Sleep UtilityTOSHIBA Supervisor PasswordTOSHIBA Value Added PackageTOSHIBA Web Camera ApplicationTOSHIBA Wireless Display MonitorTOSHIBARegistrationUnity Web PlayerUpdate for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939)Utility Common DriverVLC media player 2.0.6Windows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live MailWindows Live MeshWindows Live Mesh ActiveX Control for Remote ConnectionsWindows Live MessengerWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live Remote ClientWindows Live Remote Client ResourcesWindows Live Remote ServiceWindows Live Remote Service ResourcesWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWolfram Mathematica 9 (M-WIN-L 9.0.1 4055652)XecureWeb Control.==== Event Viewer Messages From Past Week ========.6/20/2013 7:47:38 PM, Error: ACPI [13] - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.6/20/2013 7:08:20 PM, Error: Service Control Manager [7034] - The TOSHIBA HDD Protection service terminated unexpectedly. It has done this 1 time(s).6/20/2013 6:01:58 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.6/20/2013 2:17:30 PM, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:.6/16/2013 4:55:37 AM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.6/14/2013 9:44:10 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service..==== End Of File =========================== and here is the DDS.txt DDS (Ver_2012-11-20.01) - NTFS_AMD64Internet Explorer: 10.0.9200.16611 BrowserJavaVersion: 10.21.2Run by Jonathan at 22:44:04 on 2013-06-20#Option Extended Search is enabled.Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6052.4010 [GMT -5:00].AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\windows\system32\lsm.exeC:\windows\system32\svchost.exe -k DcomLaunchC:\windows\system32\svchost.exe -k RPCSSC:\windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\windows\system32\svchost.exe -k LocalServiceC:\windows\system32\svchost.exe -k netsvcsC:\windows\system32\svchost.exe -k NetworkServiceC:\windows\system32\WLANExt.exeC:\Program Files\AVAST Software\Avast\AvastSvc.exeC:\windows\System32\spoolsv.exeC:\windows\system32\taskhost.exeC:\windows\system32\Dwm.exeC:\windows\Explorer.EXEC:\windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Intel\WiFi\bin\EvtEng.exeC:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\windows\system32\taskeng.exeC:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exeC:\windows\system32\svchost.exe -k imgsvcC:\windows\system32\ThpSrv.exeC:\windows\system32\TODDSrv.exeC:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files\TOSHIBA\TECO\TecoService.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\windows\system32\wbem\wmiprvse.exeC:\windows\system32\wbem\unsecapp.exeC:\windows\System32\rundll32.exeC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files\TOSHIBA\Power Saver\TPwrMain.exeC:\windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Program Files\TOSHIBA\FlashCards\TCrdMain.exeC:\windows\system32\SearchIndexer.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files\TOSHIBA\FlashCards\Hotkey\TcrdKBB.exeC:\Program Files\Realtek\Audio\HDA\RAVCpl64.exeC:\Program Files\Realtek\Audio\HDA\RAVBg64.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\windows\system32\igfxext.exeC:\Windows\System32\ThpSrv.exeC:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exeC:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\windows\system32\wbem\unsecapp.exeC:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exeC:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Program Files (x86)\TOSHIBA\widimon\widimon.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exeC:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exeC:\Program Files (x86)\Google\Update\GoogleUpdate.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exeC:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exeC:\Program Files\TOSHIBA\TPHM\TPCHSrv.exeC:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exeC:\Program Files\Internet Explorer\iexplore.exeC:\windows\system32\Macromed\Flash\FlashUtil64_11_7_700_224_ActiveX.exeC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Users\Jonathan\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exeC:\windows\system32\wbem\wmiprvse.exeC:\windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uProxyOverride = <local>;*.localmWinlogon: Userinit = userinit.exe,BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllBHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dllTB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dlluRun: [Google Update] "C:\Users\Jonathan\AppData\Local\Google\Update\GoogleUpdate.exe" /cmRun: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTILmRun: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUPmRun: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCMmRun: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exemRun: [DelayTSS] "C:\Program Files\Toshiba\DelayTSS\DelayTSS.exe"mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /noguimRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllTrusted Zone: ieside.comDPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -TCP: NameServer = 192.168.1.254TCP: Interfaces\{389047F3-C987-4F69-B661-B5FEAEA899EB} : DHCPNameServer = 192.168.1.254TCP: Interfaces\{389047F3-C987-4F69-B661-B5FEAEA899EB}\144545238383 : DHCPNameServer = 192.168.1.254TCP: Interfaces\{389047F3-C987-4F69-B661-B5FEAEA899EB}\2375942554037383 : DHCPNameServer = 192.168.1.254TCP: Interfaces\{389047F3-C987-4F69-B661-B5FEAEA899EB}\24F696E676F60284F6473707F647 : DHCPNameServer = 10.2.0.1TCP: Interfaces\{389047F3-C987-4F69-B661-B5FEAEA899EB}\55E63756365727564602E454945502F40756E602143636563737 : DHCPNameServer = 66.99.13.78 66.99.13.79 66.99.13.80TCP: Interfaces\{389047F3-C987-4F69-B661-B5FEAEA899EB}\E416075627E45647 : DHCPNameServer = 10.103.24.1 8.8.8.8Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dllx64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLLx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLLx64-BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dllx64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dllx64-Run: [igfxTray] C:\windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exex64-Run: [Persistence] C:\windows\System32\igfxpers.exex64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXEx64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exex64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exex64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -sx64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 /MAXX3x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-Run: [ThpSrv] C:\windows\System32\thpsrv /logonx64-Run: [intelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Trayx64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exex64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exex64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exex64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dllx64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL.============= SERVICES / DRIVERS ===============.R0 aswRvrt;aswRvrt;C:\windows\System32\drivers\aswRvrt.sys [2013-3-8 65336]R0 aswVmm;aswVmm;C:\windows\System32\drivers\aswVmm.sys [2013-3-8 189936]R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\windows\System32\drivers\thpdrv.sys [2011-3-23 36992]R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\windows\System32\drivers\Thpevm.sys [2009-6-29 14784]R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\drivers\tos_sps64.sys [2012-2-20 482384]R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswSnx.sys [2012-10-25 1025808]R1 aswSP;aswSP;C:\windows\System32\drivers\aswSP.sys [2012-10-25 378432]R2 aswFsBlk;aswFsBlk;C:\windows\System32\drivers\aswFsBlk.sys [2012-10-25 33400]R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2012-10-25 80816]R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-5-28 46808]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-6-20 418376]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-6-20 701512]R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2011-5-24 294848]R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-2-20 2656280]R3 CeKbFilter;CeKbFilter;C:\windows\System32\drivers\CeKbFilter.sys [2012-2-20 20592]R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2010-10-15 317440]R3 iwdbus;IWD Bus Enumerator;C:\windows\System32\drivers\iwdbus.sys [2011-8-5 25496]R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2013-6-20 25928]R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\System32\drivers\nusb3hub.sys [2011-2-10 82432]R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\System32\drivers\nusb3xhc.sys [2011-2-10 181760]R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2012-2-20 38096]R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2012-2-20 57216]R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-6-10 138152]R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2011-7-1 828856]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\windows\System32\drivers\intelaud.sys [2011-8-5 34200]S3 JMCR;JMCR;C:\windows\System32\drivers\jmcr.sys [2011-1-31 174168]S3 mbamchameleon;mbamchameleon;C:\windows\System32\drivers\mbamchameleon.sys [2013-6-20 36680]S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-6-1 340240]S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-3-26 1255736]S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184].=============== Created Last 60 ================.2013-06-21 01:48:59 -------- d-----w- C:\Program Files\Microsoft Synchronization Services2013-06-20 17:10:52 36680 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys2013-06-20 17:00:41 25928 ----a-w- C:\windows\System32\drivers\mbam.sys2013-06-20 17:00:41 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-06-12 08:01:45 257536 ----a-w- C:\Program Files (x86)\Internet Explorer\ieproxy.dll2013-06-12 07:59:05 751104 ----a-w- C:\windows\System32\win32spl.dll2013-06-12 07:59:05 1910632 ----a-w- C:\windows\System32\drivers\tcpip.sys2013-06-12 07:59:04 492544 ----a-w- C:\windows\SysWow64\win32spl.dll2013-05-24 23:56:50 -------- d-----w- C:\Users\Jonathan\AppData\Local\Unity2013-05-24 23:56:32 -------- d-----w- C:\Users\Jonathan\AppData\Local\Deployment2013-05-24 23:56:32 -------- d-----w- C:\Users\Jonathan\AppData\Local\Apps2013-05-18 03:45:20 -------- d-----w- C:\Program Files\iPod2013-05-18 03:45:19 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692013-05-18 03:45:19 -------- d-----w- C:\Program Files\iTunes2013-05-18 03:45:19 -------- d-----w- C:\Program Files (x86)\iTunes2013-05-15 04:08:16 983400 ----a-w- C:\windows\System32\drivers\dxgkrnl.sys2013-05-15 04:08:16 265064 ----a-w- C:\windows\System32\drivers\dxgmms1.sys2013-05-15 04:08:16 144384 ----a-w- C:\windows\System32\cdd.dll2013-05-15 04:07:54 1930752 ----a-w- C:\windows\System32\authui.dll2013-05-15 04:07:51 70144 ----a-w- C:\windows\System32\appinfo.dll2013-05-15 04:07:51 1796096 ----a-w- C:\windows\SysWow64\authui.dll2013-05-15 04:07:51 111448 ----a-w- C:\windows\System32\consent.exe2013-05-15 04:07:48 48640 ----a-w- C:\windows\System32\wwanprotdim.dll2013-05-15 04:07:48 3153920 ----a-w- C:\windows\System32\win32k.sys2013-05-15 04:07:48 230400 ----a-w- C:\windows\System32\wwansvc.dll2013-05-04 00:56:34 -------- d-----w- C:\Program Files (x86)\GeoGebra 4.22013-04-24 17:26:23 1656680 ----a-w- C:\windows\System32\drivers\ntfs.sys2013-04-22 21:44:59 163504 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10144.bin.==================== Find6M ====================.2013-06-12 08:01:28 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl2013-06-12 08:01:28 692104 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe2013-06-08 12:28:46 2706432 ----a-w- C:\windows\System32\mshtml.tlb2013-06-08 11:13:19 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb2013-05-17 01:25:57 1767936 ----a-w- C:\windows\SysWow64\wininet.dll2013-05-17 01:25:27 2877440 ----a-w- C:\windows\SysWow64\jscript9.dll2013-05-17 01:25:26 61440 ----a-w- C:\windows\SysWow64\iesetup.dll2013-05-17 01:25:26 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll2013-05-17 00:59:03 2241024 ----a-w- C:\windows\System32\wininet.dll2013-05-17 00:58:10 3958784 ----a-w- C:\windows\System32\jscript9.dll2013-05-17 00:58:08 67072 ----a-w- C:\windows\System32\iesetup.dll2013-05-17 00:58:08 136704 ----a-w- C:\windows\System32\iesysprep.dll2013-05-14 12:23:25 89600 ----a-w- C:\windows\System32\RegisterIEPKEYs.exe2013-05-14 08:40:13 71680 ----a-w- C:\windows\SysWow64\RegisterIEPKEYs.exe2013-05-13 05:51:01 184320 ----a-w- C:\windows\System32\cryptsvc.dll2013-05-13 05:51:00 1464320 ----a-w- C:\windows\System32\crypt32.dll2013-05-13 05:51:00 139776 ----a-w- C:\windows\System32\cryptnet.dll2013-05-13 05:50:40 52224 ----a-w- C:\windows\System32\certenc.dll2013-05-13 04:45:55 140288 ----a-w- C:\windows\SysWow64\cryptsvc.dll2013-05-13 04:45:55 1160192 ----a-w- C:\windows\SysWow64\crypt32.dll2013-05-13 04:45:55 103936 ----a-w- C:\windows\SysWow64\cryptnet.dll2013-05-13 03:43:55 1192448 ----a-w- C:\windows\System32\certutil.exe2013-05-13 03:08:10 903168 ----a-w- C:\windows\SysWow64\certutil.exe2013-05-13 03:08:06 43008 ----a-w- C:\windows\SysWow64\certenc.dll2013-05-10 05:49:27 30720 ----a-w- C:\windows\System32\cryptdlg.dll2013-05-10 03:20:54 24576 ----a-w- C:\windows\SysWow64\cryptdlg.dll2013-05-09 08:59:07 72016 ----a-w- C:\windows\System32\drivers\aswRdr2.sys2013-05-09 08:59:07 65336 ----a-w- C:\windows\System32\drivers\aswRvrt.sys2013-05-09 08:59:07 189936 ----a-w- C:\windows\System32\drivers\aswVmm.sys2013-05-09 08:59:07 1025808 ----a-w- C:\windows\System32\drivers\aswSnx.sys2013-05-09 08:59:06 80816 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys2013-05-09 08:58:37 41664 ----a-w- C:\windows\avastSS.scr2013-04-25 23:30:32 1505280 ----a-w- C:\windows\SysWow64\d3d11.dll2013-04-17 07:02:06 1230336 ----a-w- C:\windows\SysWow64\WindowsCodecs.dll2013-04-17 06:24:46 1424384 ----a-w- C:\windows\System32\WindowsCodecs.dll2013-04-13 05:49:23 135168 ----a-w- C:\windows\apppatch\AppPatch64\AcXtrnal.dll2013-04-13 05:49:19 350208 ----a-w- C:\windows\apppatch\AppPatch64\AcLayers.dll2013-04-13 05:49:19 308736 ----a-w- C:\windows\apppatch\AppPatch64\AcGenral.dll2013-04-13 05:49:19 111104 ----a-w- C:\windows\apppatch\AppPatch64\acspecfc.dll2013-04-13 04:45:16 474624 ----a-w- C:\windows\apppatch\AcSpecfc.dll2013-04-13 04:45:15 2176512 ----a-w- C:\windows\apppatch\AcGenral.dll2013-04-04 10:35:05 95648 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll2013-03-31 22:52:16 1887232 ----a-w- C:\windows\System32\d3d11.dll2013-03-19 06:04:06 5550424 ----a-w- C:\windows\System32\ntoskrnl.exe2013-03-19 05:46:56 43520 ----a-w- C:\windows\System32\csrsrv.dll2013-03-19 05:04:13 3968856 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe2013-03-19 05:04:10 3913560 ----a-w- C:\windows\SysWow64\ntoskrnl.exe2013-03-19 04:47:50 6656 ----a-w- C:\windows\SysWow64\apisetschema.dll2013-03-19 03:06:33 112640 ----a-w- C:\windows\System32\smss.exe2013-03-14 05:37:25 861088 ----a-w- C:\windows\SysWow64\npDeployJava1.dll2013-03-14 05:37:25 782240 ----a-w- C:\windows\SysWow64\deployJava1.dll2013-02-15 06:08:40 44032 ----a-w- C:\windows\System32\tsgqec.dll2013-02-15 06:06:11 3717632 ----a-w- C:\windows\System32\mstscax.dll2013-02-15 06:02:26 158720 ----a-w- C:\windows\System32\aaclient.dll2013-02-15 04:37:10 3217408 ----a-w- C:\windows\SysWow64\mstscax.dll2013-02-15 04:34:10 131584 ----a-w- C:\windows\SysWow64\aaclient.dll2013-02-15 03:25:51 36864 ----a-w- C:\windows\SysWow64\tsgqec.dll2013-02-12 04:12:05 19968 ----a-w- C:\windows\System32\drivers\usb8023.sys2013-01-25 00:54:40 360752 ----a-w- C:\windows\SysWow64\mltcpip32.mlp2013-01-25 00:54:38 95536 ----a-w- C:\windows\SysWow64\mltcp32.mlp2013-01-25 00:54:36 88368 ----a-w- C:\windows\SysWow64\mlshm32.mlp2013-01-25 00:54:34 173360 ----a-w- C:\windows\SysWow64\mlmodule32.dll2013-01-25 00:54:32 78128 ----a-w- C:\windows\SysWow64\mlmap32.mlp2013-01-25 00:54:30 369968 ----a-w- C:\windows\SysWow64\ml32i3.dll2013-01-25 00:54:28 258864 ----a-w- C:\windows\SysWow64\ml32i2.dll2013-01-25 00:54:26 252720 ----a-w- C:\windows\SysWow64\ml32i1.dll2013-01-25 00:53:14 426288 ----a-w- C:\windows\System32\mltcpip64.mlp2013-01-25 00:53:12 104240 ----a-w- C:\windows\System32\mltcp64.mlp2013-01-25 00:53:10 99632 ----a-w- C:\windows\System32\mlshm64.mlp2013-01-25 00:53:08 181040 ----a-w- C:\windows\System32\mlmodule64.dll2013-01-25 00:53:06 437552 ----a-w- C:\windows\System32\ml64i3.dll2013-01-25 00:53:04 303408 ----a-w- C:\windows\System32\ml64i2.dll2013-01-24 06:01:01 223752 ----a-w- C:\windows\System32\drivers\fvevol.sys2013-01-13 21:17:03 9728 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll2013-01-13 21:17:02 2560 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll2013-01-13 21:16:42 10752 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll2013-01-13 21:12:46 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll2013-01-13 21:11:21 4096 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll2013-01-13 21:11:08 5632 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll2013-01-13 21:11:07 5632 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll2013-01-13 21:11:07 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll2013-01-13 21:11:07 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll2013-01-13 20:35:31 9728 ---ha-w- C:\windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll2013-01-13 20:35:31 2560 ---ha-w- C:\windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll2013-01-13 20:35:18 10752 ---ha-w- C:\windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll2013-01-13 20:32:07 3584 ---ha-w- C:\windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll2013-01-13 20:31:48 4096 ---ha-w- C:\windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll2013-01-13 20:31:41 5632 ---ha-w- C:\windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll2013-01-13 20:31:40 5632 ---ha-w- C:\windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll2013-01-13 20:31:40 3072 ---ha-w- C:\windows\System32\api-ms-win-downlevel-version-l1-1-0.dll2013-01-13 20:31:40 3072 ---ha-w- C:\windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll2013-01-13 20:31:00 1247744 ----a-w- C:\windows\SysWow64\DWrite.dll2013-01-13 20:22:22 1988096 ----a-w- C:\windows\SysWow64\d3d10warp.dll2013-01-13 20:20:31 293376 ----a-w- C:\windows\SysWow64\dxgi.dll2013-01-13 20:09:00 249856 ----a-w- C:\windows\SysWow64\d3d10_1core.dll2013-01-13 20:08:43 220160 ----a-w- C:\windows\SysWow64\d3d10core.dll2013-01-13 19:59:04 1643520 ----a-w- C:\windows\System32\DWrite.dll2013-01-13 19:58:28 1175552 ----a-w- C:\windows\System32\FntCache.dll2013-01-13 19:54:01 604160 ----a-w- C:\windows\SysWow64\d3d10level9.dll2013-01-13 19:53:58 207872 ----a-w- C:\windows\SysWow64\WindowsCodecsExt.dll.============= FINISH: 22:44:34.98 =============== Admins and Moderators, I again apologize for the inconvenience I have caused.. however, I really need this laptop fixed so I had to do this. I'm very sorry. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted June 21, 2013 Root Admin ID:693897 Share Posted June 21, 2013 I've merged your posts. I'm sorry but this is not a Drive Through like McDonalds. Malware removal can sometimes takes days to clean. If you don't have time then you may wish to take the computer into a local repair shop to have it repaired. If you do want to spend the time and clean the computer then please follow the directions below. Please download Malwarebytes Anti-Rootkit from HEREUnzip the contents to a folder in a convenient location.Open the folder where the contents were unzipped and run mbar.exeFollow the instructions in the wizard to update and allow the program to scan your computer for threats.Click on the Cleanup button to remove any threats and reboot if prompted to do so.Wait while the system shuts down and the cleanup process is performed.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt Link to post Share on other sites More sharing options...
suhjonathan97 Posted June 21, 2013 Author ID:693918 Share Posted June 21, 2013 Thank you again for the reply. MBAR says no malware is found. The first scan was interrupted by a sudden reboot, but the second attempt went all the way. MBAR Log could not be attached for some reason so I am just copy-and-pasting this.SystemLog is attached. Malwarebytes Anti-Rootkit BETA 1.06.0.1003www.malwarebytes.orgDatabase version: v2013.06.20.10Windows 7 Service Pack 1 x64 NTFSInternet Explorer 10.0.9200.16618Jonathan :: THEMACHINE [administrator]6/20/2013 11:17:11 PMmbar-log-2013-06-20 (23-17-11).txtScan type: Quick scanScan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | Deep Anti-Rootkit Scan | PUM | P2PScan options disabled: PUPObjects scanned: 231265Time elapsed: 32 minute(s), 56 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 0(No malicious items detected)Physical Sectors Detected: 0(No malicious items detected)(end)system-log.txt Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted June 21, 2013 Root Admin ID:693920 Share Posted June 21, 2013 Please download the following scanner from Kaspersky and save it to your computer: TDSSkiller Then watch the following video on how to use the tool and make sure to temporarily disable your security applications before running TDSSkiller. PC Winvids - How to run Kaspersky TDSSKiller If any infection is found please make sure to choose SKIP and post back the log in case of a False Positive detection. Once the tool has completed scanning make sure to re-enable your other security applications. Link to post Share on other sites More sharing options...
suhjonathan97 Posted June 21, 2013 Author ID:693924 Share Posted June 21, 2013 The directions in the webpage for disabling Avast seem to be outdated... Would disabling all shields be enough, or do I need to do more? Link to post Share on other sites More sharing options...
suhjonathan97 Posted June 21, 2013 Author ID:693930 Share Posted June 21, 2013 Also, I have tried to uncheck the "Start with Windows" option from the MBAM icon, but the check still remains. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted June 21, 2013 Root Admin ID:693932 Share Posted June 21, 2013 The shields off should be enough. MBAM should be okay to run with it. Link to post Share on other sites More sharing options...
suhjonathan97 Posted June 21, 2013 Author ID:693934 Share Posted June 21, 2013 Sorry to keep asking you questions, but should I also choose to scan Loaded Modules and reboot like the video said? Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted June 21, 2013 Root Admin ID:693937 Share Posted June 21, 2013 In most cases that would be correct but I don't think you're infected and having issues - this is more of a secondary check is all. You can run it without loading the modules Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted June 21, 2013 Root Admin ID:693938 Share Posted June 21, 2013 Also, please uninstall ALL versions of Java. Java 7 Update 21 Java Auto Updater JavaFX 2.1.1 If you can do without Java that would be the best, but if you do need it then make sure you have only the latest version installed. http://www.java.com Link to post Share on other sites More sharing options...
suhjonathan97 Posted June 21, 2013 Author ID:693939 Share Posted June 21, 2013 I still chose the two additional options. 00:16:06.0339 4596 TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:1900:16:06.0931 4596 ============================================================00:16:06.0931 4596 Current date / time: 2013/06/21 00:16:06.093100:16:06.0931 4596 SystemInfo:00:16:06.0947 4596 00:16:06.0947 4596 OS Version: 6.1.7601 ServicePack: 1.000:16:06.0947 4596 Product type: Workstation00:16:06.0947 4596 ComputerName: THEMACHINE00:16:06.0947 4596 UserName: Jonathan00:16:06.0947 4596 Windows directory: C:\windows00:16:06.0947 4596 System windows directory: C:\windows00:16:06.0947 4596 Running under WOW6400:16:06.0947 4596 Processor architecture: Intel x6400:16:06.0947 4596 Number of processors: 400:16:06.0947 4596 Page size: 0x100000:16:06.0947 4596 Boot type: Normal boot00:16:06.0947 4596 ============================================================00:16:07.0431 4596 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000004000:16:07.0431 4596 ============================================================00:16:07.0431 4596 \Device\Harddisk0\DR0:00:16:07.0431 4596 MBR partitions:00:16:07.0431 4596 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x5543600000:16:07.0431 4596 ============================================================00:16:07.0462 4596 C: <-> \Device\Harddisk0\DR0\Partition100:16:07.0462 4596 ============================================================00:16:07.0462 4596 Initialize success00:16:07.0462 4596 ============================================================00:21:41.0937 6012 ============================================================00:21:41.0937 6012 Scan started00:21:41.0937 6012 Mode: Manual; SigCheck; TDLFS;00:21:41.0937 6012 ============================================================00:21:42.0515 6012 ================ Scan system memory ========================00:21:42.0515 6012 System memory - ok00:21:42.0515 6012 ================ Scan services =============================00:21:42.0686 6012 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys00:21:42.0811 6012 1394ohci - ok00:21:42.0842 6012 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys00:21:42.0858 6012 ACPI - ok00:21:42.0905 6012 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys00:21:42.0951 6012 AcpiPmi - ok00:21:43.0076 6012 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe00:21:43.0107 6012 AdobeARMservice - ok00:21:43.0248 6012 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe00:21:43.0295 6012 AdobeFlashPlayerUpdateSvc - ok00:21:43.0373 6012 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys00:21:43.0419 6012 adp94xx - ok00:21:43.0466 6012 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys00:21:43.0497 6012 adpahci - ok00:21:43.0513 6012 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys00:21:43.0544 6012 adpu320 - ok00:21:43.0575 6012 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll00:21:43.0731 6012 AeLookupSvc - ok00:21:43.0778 6012 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys00:21:43.0809 6012 AFD - ok00:21:43.0841 6012 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys00:21:43.0872 6012 agp440 - ok00:21:43.0903 6012 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe00:21:43.0934 6012 ALG - ok00:21:43.0950 6012 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys00:21:43.0965 6012 aliide - ok00:21:43.0965 6012 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys00:21:43.0981 6012 amdide - ok00:21:44.0012 6012 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys00:21:44.0043 6012 AmdK8 - ok00:21:44.0059 6012 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys00:21:44.0106 6012 AmdPPM - ok00:21:44.0153 6012 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys00:21:44.0184 6012 amdsata - ok00:21:44.0199 6012 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys00:21:44.0199 6012 amdsbs - ok00:21:44.0215 6012 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys00:21:44.0231 6012 amdxata - ok00:21:44.0262 6012 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys00:21:44.0324 6012 AppID - ok00:21:44.0340 6012 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll00:21:44.0387 6012 AppIDSvc - ok00:21:44.0465 6012 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\windows\System32\appinfo.dll00:21:44.0511 6012 Appinfo - ok00:21:44.0605 6012 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe00:21:44.0636 6012 Apple Mobile Device - ok00:21:44.0683 6012 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys00:21:44.0699 6012 arc - ok00:21:44.0714 6012 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys00:21:44.0730 6012 arcsas - ok00:21:44.0777 6012 [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys00:21:44.0839 6012 aswFsBlk - ok00:21:44.0886 6012 [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys00:21:44.0917 6012 aswMonFlt - ok00:21:44.0933 6012 [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr C:\windows\System32\Drivers\aswrdr2.sys00:21:44.0948 6012 aswRdr - ok00:21:45.0011 6012 [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt C:\windows\system32\drivers\aswRvrt.sys00:21:45.0042 6012 aswRvrt - ok00:21:45.0089 6012 [ 10ED1CAB84AA65983C41A11F60294C9B ] aswSnx C:\windows\system32\drivers\aswSnx.sys00:21:45.0120 6012 aswSnx - ok00:21:45.0182 6012 [ 00E5253353717D3CA12A0F5A6F9991EC ] aswSP C:\windows\system32\drivers\aswSP.sys00:21:45.0213 6012 aswSP - ok00:21:45.0276 6012 [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi C:\windows\system32\drivers\aswTdi.sys00:21:45.0307 6012 aswTdi - ok00:21:45.0338 6012 [ 6359B99C955DB9F40B653159A0EED261 ] aswVmm C:\windows\system32\drivers\aswVmm.sys00:21:45.0369 6012 aswVmm - ok00:21:45.0416 6012 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys00:21:45.0494 6012 AsyncMac - ok00:21:45.0541 6012 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys00:21:45.0541 6012 atapi - ok00:21:45.0588 6012 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll00:21:45.0666 6012 AudioEndpointBuilder - ok00:21:45.0666 6012 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll00:21:45.0713 6012 AudioSrv - ok00:21:45.0775 6012 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe00:21:45.0806 6012 avast! Antivirus - ok00:21:45.0837 6012 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll00:21:45.0915 6012 AxInstSV - ok00:21:45.0947 6012 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys00:21:45.0993 6012 b06bdrv - ok00:21:46.0025 6012 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys00:21:46.0056 6012 b57nd60a - ok00:21:46.0103 6012 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll00:21:46.0134 6012 BDESVC - ok00:21:46.0149 6012 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys00:21:46.0227 6012 Beep - ok00:21:46.0290 6012 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll00:21:46.0368 6012 BFE - ok00:21:46.0415 6012 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll00:21:46.0477 6012 BITS - ok00:21:46.0508 6012 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\drivers\blbdrive.sys00:21:46.0555 6012 blbdrive - ok00:21:46.0602 6012 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe00:21:46.0649 6012 Bonjour Service - ok00:21:46.0680 6012 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys00:21:46.0711 6012 bowser - ok00:21:46.0742 6012 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys00:21:46.0789 6012 BrFiltLo - ok00:21:46.0805 6012 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys00:21:46.0836 6012 BrFiltUp - ok00:21:46.0883 6012 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll00:21:46.0914 6012 Browser - ok00:21:46.0929 6012 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys00:21:46.0961 6012 Brserid - ok00:21:46.0992 6012 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys00:21:47.0039 6012 BrSerWdm - ok00:21:47.0070 6012 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys00:21:47.0117 6012 BrUsbMdm - ok00:21:47.0132 6012 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys00:21:47.0163 6012 BrUsbSer - ok00:21:47.0195 6012 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys00:21:47.0241 6012 BTHMODEM - ok00:21:47.0273 6012 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll00:21:47.0335 6012 bthserv - ok00:21:47.0366 6012 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys00:21:47.0413 6012 cdfs - ok00:21:47.0444 6012 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys00:21:47.0491 6012 cdrom - ok00:21:47.0569 6012 [ A965B206921C55F2D1481789D609B711 ] CeKbFilter C:\windows\system32\DRIVERS\CeKbFilter.sys00:21:47.0600 6012 CeKbFilter - ok00:21:47.0616 6012 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll00:21:47.0678 6012 CertPropSvc - ok00:21:47.0725 6012 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys00:21:47.0756 6012 circlass - ok00:21:47.0819 6012 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys00:21:47.0834 6012 CLFS - ok00:21:47.0912 6012 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe00:21:47.0943 6012 clr_optimization_v2.0.50727_32 - ok00:21:47.0990 6012 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe00:21:48.0021 6012 clr_optimization_v2.0.50727_64 - ok00:21:48.0099 6012 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe00:21:48.0131 6012 clr_optimization_v4.0.30319_32 - ok00:21:48.0146 6012 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe00:21:48.0162 6012 clr_optimization_v4.0.30319_64 - ok00:21:48.0209 6012 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\drivers\CmBatt.sys00:21:48.0255 6012 CmBatt - ok00:21:48.0271 6012 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys00:21:48.0287 6012 cmdide - ok00:21:48.0318 6012 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\windows\system32\Drivers\cng.sys00:21:48.0365 6012 CNG - ok00:21:48.0411 6012 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys00:21:48.0443 6012 Compbatt - ok00:21:48.0474 6012 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys00:21:48.0505 6012 CompositeBus - ok00:21:48.0521 6012 COMSysApp - ok00:21:48.0536 6012 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys00:21:48.0552 6012 crcdisk - ok00:21:48.0599 6012 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\windows\system32\cryptsvc.dll00:21:48.0645 6012 CryptSvc - ok00:21:48.0661 6012 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll00:21:48.0739 6012 DcomLaunch - ok00:21:48.0770 6012 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll00:21:48.0817 6012 defragsvc - ok00:21:48.0848 6012 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys00:21:48.0911 6012 DfsC - ok00:21:48.0957 6012 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll00:21:49.0020 6012 Dhcp - ok00:21:49.0051 6012 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys00:21:49.0129 6012 discache - ok00:21:49.0145 6012 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys00:21:49.0160 6012 Disk - ok00:21:49.0191 6012 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll00:21:49.0238 6012 Dnscache - ok00:21:49.0269 6012 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll00:21:49.0316 6012 dot3svc - ok00:21:49.0332 6012 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll00:21:49.0379 6012 DPS - ok00:21:49.0410 6012 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys00:21:49.0441 6012 drmkaud - ok00:21:49.0503 6012 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys00:21:49.0566 6012 DXGKrnl - ok00:21:49.0597 6012 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll00:21:49.0644 6012 EapHost - ok00:21:49.0737 6012 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys00:21:49.0800 6012 ebdrv - ok00:21:49.0815 6012 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe00:21:49.0862 6012 EFS - ok00:21:49.0940 6012 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe00:21:49.0987 6012 ehRecvr - ok00:21:50.0003 6012 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe00:21:50.0018 6012 ehSched - ok00:21:50.0049 6012 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys00:21:50.0065 6012 elxstor - ok00:21:50.0081 6012 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys00:21:50.0096 6012 ErrDev - ok00:21:50.0143 6012 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll00:21:50.0237 6012 EventSystem - ok00:21:50.0361 6012 [ 57E61DC4F7980D57C0B162FC5B9F0B38 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe00:21:50.0424 6012 EvtEng - ok00:21:50.0439 6012 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys00:21:50.0486 6012 exfat - ok00:21:50.0502 6012 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys00:21:50.0549 6012 fastfat - ok00:21:50.0595 6012 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe00:21:50.0642 6012 Fax - ok00:21:50.0658 6012 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys00:21:50.0705 6012 fdc - ok00:21:50.0736 6012 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll00:21:50.0814 6012 fdPHost - ok00:21:50.0829 6012 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll00:21:50.0876 6012 FDResPub - ok00:21:50.0907 6012 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys00:21:50.0907 6012 FileInfo - ok00:21:50.0923 6012 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys00:21:50.0970 6012 Filetrace - ok00:21:50.0985 6012 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys00:21:51.0001 6012 flpydisk - ok00:21:51.0017 6012 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys00:21:51.0032 6012 FltMgr - ok00:21:51.0141 6012 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\windows\system32\FntCache.dll00:21:51.0188 6012 FontCache - ok00:21:51.0219 6012 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe00:21:51.0235 6012 FontCache3.0.0.0 - ok00:21:51.0251 6012 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys00:21:51.0266 6012 FsDepends - ok00:21:51.0297 6012 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys00:21:51.0313 6012 Fs_Rec - ok00:21:51.0344 6012 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys00:21:51.0375 6012 fvevol - ok00:21:51.0391 6012 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys00:21:51.0391 6012 gagp30kx - ok00:21:51.0422 6012 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys00:21:51.0453 6012 GEARAspiWDM - ok00:21:51.0500 6012 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll00:21:51.0594 6012 gpsvc - ok00:21:51.0656 6012 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe00:21:51.0687 6012 gupdate - ok00:21:51.0687 6012 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe00:21:51.0703 6012 gupdatem - ok00:21:51.0734 6012 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys00:21:51.0765 6012 hcw85cir - ok00:21:51.0797 6012 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys00:21:51.0843 6012 HdAudAddService - ok00:21:51.0875 6012 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys00:21:51.0921 6012 HDAudBus - ok00:21:51.0937 6012 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys00:21:51.0953 6012 HidBatt - ok00:21:51.0984 6012 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys00:21:52.0015 6012 HidBth - ok00:21:52.0015 6012 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys00:21:52.0031 6012 HidIr - ok00:21:52.0062 6012 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll00:21:52.0140 6012 hidserv - ok00:21:52.0171 6012 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys00:21:52.0202 6012 HidUsb - ok00:21:52.0233 6012 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll00:21:52.0311 6012 hkmsvc - ok00:21:52.0327 6012 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll00:21:52.0374 6012 HomeGroupListener - ok00:21:52.0405 6012 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll00:21:52.0452 6012 HomeGroupProvider - ok00:21:52.0467 6012 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys00:21:52.0483 6012 HpSAMD - ok00:21:52.0530 6012 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys00:21:52.0608 6012 HTTP - ok00:21:52.0623 6012 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys00:21:52.0623 6012 hwpolicy - ok00:21:52.0670 6012 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys00:21:52.0701 6012 i8042prt - ok00:21:52.0765 6012 [ D469B77687E12FE43E344806740B624D ] iaStor C:\windows\system32\DRIVERS\iaStor.sys00:21:52.0796 6012 iaStor - ok00:21:52.0827 6012 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys00:21:52.0843 6012 iaStorV - ok00:21:52.0890 6012 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe00:21:52.0936 6012 idsvc - ok00:21:53.0170 6012 [ 93C8115D4BAEB1BD047AB0A9B265EE7A ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys00:21:53.0451 6012 igfx - ok00:21:53.0482 6012 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys00:21:53.0482 6012 iirsp - ok00:21:53.0529 6012 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll00:21:53.0592 6012 IKEEXT - ok00:21:53.0623 6012 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\windows\system32\drivers\intelaud.sys00:21:53.0654 6012 intaud_WaveExtensible - ok00:21:53.0748 6012 [ AC9AAFD18E4D52084C4AA8A38795B7E4 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys00:21:53.0810 6012 IntcAzAudAddService - ok00:21:53.0841 6012 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys00:21:53.0872 6012 IntcDAud - ok00:21:53.0888 6012 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys00:21:53.0904 6012 intelide - ok00:21:53.0935 6012 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys00:21:53.0982 6012 intelppm - ok00:21:54.0028 6012 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll00:21:54.0106 6012 IPBusEnum - ok00:21:54.0122 6012 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys00:21:54.0169 6012 IpFilterDriver - ok00:21:54.0216 6012 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll00:21:54.0247 6012 iphlpsvc - ok00:21:54.0262 6012 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys00:21:54.0278 6012 IPMIDRV - ok00:21:54.0309 6012 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys00:21:54.0356 6012 IPNAT - ok00:21:54.0434 6012 [ 2872B90D57C8310194A78A9787406467 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe00:21:54.0496 6012 iPod Service - ok00:21:54.0512 6012 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys00:21:54.0528 6012 IRENUM - ok00:21:54.0559 6012 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys00:21:54.0559 6012 isapnp - ok00:21:54.0574 6012 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys00:21:54.0590 6012 iScsiPrt - ok00:21:54.0621 6012 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\windows\system32\DRIVERS\iwdbus.sys00:21:54.0652 6012 iwdbus - ok00:21:54.0668 6012 [ 0B44199365A69696109AB9A5855E0841 ] JMCR C:\windows\system32\DRIVERS\jmcr.sys00:21:54.0684 6012 JMCR - ok00:21:54.0715 6012 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys00:21:54.0715 6012 kbdclass - ok00:21:54.0762 6012 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys00:21:54.0793 6012 kbdhid - ok00:21:54.0824 6012 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe00:21:54.0840 6012 KeyIso - ok00:21:54.0871 6012 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys00:21:54.0886 6012 KSecDD - ok00:21:54.0918 6012 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys00:21:54.0933 6012 KSecPkg - ok00:21:54.0980 6012 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys00:21:55.0042 6012 ksthunk - ok00:21:55.0074 6012 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll00:21:55.0120 6012 KtmRm - ok00:21:55.0136 6012 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll00:21:55.0198 6012 LanmanServer - ok00:21:55.0230 6012 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll00:21:55.0276 6012 LanmanWorkstation - ok00:21:55.0308 6012 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys00:21:55.0354 6012 lltdio - ok00:21:55.0495 6012 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll00:21:55.0573 6012 lltdsvc - ok00:21:55.0588 6012 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll00:21:55.0620 6012 lmhosts - ok00:21:55.0698 6012 [ 50C7CE53EF461870410355F1F2E7D515 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe00:21:55.0729 6012 LMS - ok00:21:55.0760 6012 [ 2825A71E7501CB33B3B9F856610C729D ] LPCFilter C:\windows\system32\DRIVERS\LPCFilter.sys00:21:55.0776 6012 LPCFilter - ok00:21:55.0791 6012 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys00:21:55.0807 6012 LSI_FC - ok00:21:55.0854 6012 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys00:21:55.0885 6012 LSI_SAS - ok00:21:55.0900 6012 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys00:21:55.0916 6012 LSI_SAS2 - ok00:21:55.0932 6012 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys00:21:55.0947 6012 LSI_SCSI - ok00:21:55.0978 6012 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys00:21:56.0041 6012 luafv - ok00:21:56.0088 6012 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\windows\system32\drivers\mbam.sys00:21:56.0119 6012 MBAMProtector - ok00:21:56.0181 6012 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe00:21:56.0212 6012 MBAMScheduler - ok00:21:56.0244 6012 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe00:21:56.0259 6012 MBAMService - ok00:21:56.0290 6012 mbamswissarmy - ok00:21:56.0306 6012 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll00:21:56.0322 6012 Mcx2Svc - ok00:21:56.0353 6012 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys00:21:56.0368 6012 megasas - ok00:21:56.0384 6012 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys00:21:56.0400 6012 MegaSR - ok00:21:56.0446 6012 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys00:21:56.0446 6012 MEIx64 - ok00:21:56.0509 6012 Microsoft SharePoint Workspace Audit Service - ok00:21:56.0540 6012 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll00:21:56.0587 6012 MMCSS - ok00:21:56.0587 6012 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys00:21:56.0649 6012 Modem - ok00:21:56.0680 6012 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys00:21:56.0727 6012 monitor - ok00:21:56.0758 6012 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys00:21:56.0774 6012 mouclass - ok00:21:56.0790 6012 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys00:21:56.0805 6012 mouhid - ok00:21:56.0836 6012 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys00:21:56.0852 6012 mountmgr - ok00:21:56.0868 6012 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys00:21:56.0883 6012 mpio - ok00:21:56.0899 6012 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys00:21:56.0930 6012 mpsdrv - ok00:21:56.0961 6012 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll00:21:57.0024 6012 MpsSvc - ok00:21:57.0055 6012 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys00:21:57.0070 6012 MRxDAV - ok00:21:57.0102 6012 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys00:21:57.0117 6012 mrxsmb - ok00:21:57.0148 6012 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys00:21:57.0164 6012 mrxsmb10 - ok00:21:57.0180 6012 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys00:21:57.0195 6012 mrxsmb20 - ok00:21:57.0195 6012 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\DRIVERS\msahci.sys00:21:57.0211 6012 msahci - ok00:21:57.0226 6012 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys00:21:57.0242 6012 msdsm - ok00:21:57.0258 6012 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe00:21:57.0289 6012 MSDTC - ok00:21:57.0320 6012 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys00:21:57.0351 6012 Msfs - ok00:21:57.0382 6012 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys00:21:57.0429 6012 mshidkmdf - ok00:21:57.0445 6012 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys00:21:57.0460 6012 msisadrv - ok00:21:57.0476 6012 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll00:21:57.0523 6012 MSiSCSI - ok00:21:57.0523 6012 msiserver - ok00:21:57.0554 6012 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys00:21:57.0601 6012 MSKSSRV - ok00:21:57.0616 6012 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys00:21:57.0648 6012 MSPCLOCK - ok00:21:57.0663 6012 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys00:21:57.0710 6012 MSPQM - ok00:21:57.0726 6012 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys00:21:57.0741 6012 MsRPC - ok00:21:57.0757 6012 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys00:21:57.0772 6012 mssmbios - ok00:21:57.0788 6012 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys00:21:57.0835 6012 MSTEE - ok00:21:57.0850 6012 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys00:21:57.0866 6012 MTConfig - ok00:21:57.0866 6012 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys00:21:57.0882 6012 Mup - ok00:21:57.0913 6012 [ 50B99D53BC013458381C6476D790C9F3 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe00:21:57.0944 6012 MyWiFiDHCPDNS - ok00:21:57.0975 6012 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll00:21:58.0022 6012 napagent - ok00:21:58.0084 6012 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys00:21:58.0147 6012 NativeWifiP - ok00:21:58.0225 6012 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys00:21:58.0256 6012 NDIS - ok00:21:58.0303 6012 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys00:21:58.0334 6012 NdisCap - ok00:21:58.0365 6012 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys00:21:58.0396 6012 NdisTapi - ok00:21:58.0412 6012 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys00:21:58.0459 6012 Ndisuio - ok00:21:58.0474 6012 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys00:21:58.0521 6012 NdisWan - ok00:21:58.0537 6012 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys00:21:58.0568 6012 NDProxy - ok00:21:58.0584 6012 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys00:21:58.0630 6012 NetBIOS - ok00:21:58.0646 6012 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys00:21:58.0677 6012 NetBT - ok00:21:58.0708 6012 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe00:21:58.0724 6012 Netlogon - ok00:21:58.0771 6012 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll00:21:58.0864 6012 Netman - ok00:21:58.0880 6012 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll00:21:58.0942 6012 netprofm - ok00:21:58.0958 6012 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe00:21:58.0958 6012 NetTcpPortSharing - ok00:21:59.0130 6012 [ AC69618DE5BCCE8747C9AB0AAE1003C1 ] NETwNs64 C:\windows\system32\DRIVERS\NETwNs64.sys00:21:59.0332 6012 NETwNs64 - ok00:21:59.0364 6012 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys00:21:59.0364 6012 nfrd960 - ok00:21:59.0395 6012 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll00:21:59.0426 6012 NlaSvc - ok00:21:59.0442 6012 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys00:21:59.0473 6012 Npfs - ok00:21:59.0504 6012 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll00:21:59.0551 6012 nsi - ok00:21:59.0566 6012 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys00:21:59.0613 6012 nsiproxy - ok00:21:59.0691 6012 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\windows\system32\drivers\Ntfs.sys00:21:59.0738 6012 Ntfs - ok00:21:59.0769 6012 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys00:21:59.0801 6012 Null - ok00:21:59.0816 6012 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\windows\system32\DRIVERS\nusb3hub.sys00:21:59.0832 6012 nusb3hub - ok00:21:59.0847 6012 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\windows\system32\DRIVERS\nusb3xhc.sys00:21:59.0863 6012 nusb3xhc - ok00:21:59.0894 6012 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys00:21:59.0941 6012 nvraid - ok00:21:59.0972 6012 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys00:22:00.0003 6012 nvstor - ok00:22:00.0035 6012 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys00:22:00.0050 6012 nv_agp - ok00:22:00.0050 6012 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys00:22:00.0066 6012 ohci1394 - ok00:22:00.0113 6012 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE00:22:00.0144 6012 ose64 - ok00:22:00.0284 6012 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE00:22:00.0440 6012 osppsvc - ok00:22:00.0487 6012 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll00:22:00.0534 6012 p2pimsvc - ok00:22:00.0549 6012 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll00:22:00.0565 6012 p2psvc - ok00:22:00.0596 6012 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys00:22:00.0612 6012 Parport - ok00:22:00.0627 6012 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys00:22:00.0643 6012 partmgr - ok00:22:00.0674 6012 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll00:22:00.0721 6012 PcaSvc - ok00:22:00.0752 6012 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys00:22:00.0768 6012 pci - ok00:22:00.0768 6012 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys00:22:00.0783 6012 pciide - ok00:22:00.0799 6012 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys00:22:00.0815 6012 pcmcia - ok00:22:00.0830 6012 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys00:22:00.0830 6012 pcw - ok00:22:00.0846 6012 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys00:22:00.0908 6012 PEAUTH - ok00:22:00.0986 6012 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe00:22:01.0033 6012 PerfHost - ok00:22:01.0095 6012 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys00:22:01.0095 6012 PGEffect - ok00:22:01.0142 6012 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll00:22:01.0220 6012 pla - ok00:22:01.0251 6012 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll00:22:01.0283 6012 PlugPlay - ok00:22:01.0314 6012 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll00:22:01.0345 6012 PNRPAutoReg - ok00:22:01.0361 6012 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll00:22:01.0376 6012 PNRPsvc - ok00:22:01.0407 6012 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll00:22:01.0454 6012 PolicyAgent - ok00:22:01.0485 6012 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll00:22:01.0563 6012 Power - ok00:22:01.0610 6012 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys00:22:01.0688 6012 PptpMiniport - ok00:22:01.0704 6012 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys00:22:01.0751 6012 Processor - ok00:22:01.0797 6012 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll00:22:01.0844 6012 ProfSvc - ok00:22:01.0860 6012 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe00:22:01.0875 6012 ProtectedStorage - ok00:22:01.0907 6012 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys00:22:01.0969 6012 Psched - ok00:22:02.0016 6012 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys00:22:02.0063 6012 ql2300 - ok00:22:02.0078 6012 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys00:22:02.0094 6012 ql40xx - ok00:22:02.0125 6012 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll00:22:02.0141 6012 QWAVE - ok00:22:02.0172 6012 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys00:22:02.0219 6012 QWAVEdrv - ok00:22:02.0219 6012 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys00:22:02.0265 6012 RasAcd - ok00:22:02.0297 6012 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys00:22:02.0328 6012 RasAgileVpn - ok00:22:02.0359 6012 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll00:22:02.0406 6012 RasAuto - ok00:22:02.0421 6012 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys00:22:02.0484 6012 Rasl2tp - ok00:22:02.0515 6012 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll00:22:02.0562 6012 RasMan - ok00:22:02.0593 6012 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys00:22:02.0640 6012 RasPppoe - ok00:22:02.0655 6012 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys00:22:02.0702 6012 RasSstp - ok00:22:02.0718 6012 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys00:22:02.0765 6012 rdbss - ok00:22:02.0780 6012 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys00:22:02.0811 6012 rdpbus - ok00:22:02.0827 6012 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys00:22:02.0858 6012 RDPCDD - ok00:22:02.0874 6012 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys00:22:02.0952 6012 RDPENCDD - ok00:22:02.0952 6012 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys00:22:02.0999 6012 RDPREFMP - ok00:22:03.0030 6012 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys00:22:03.0045 6012 RDPWD - ok00:22:03.0077 6012 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys00:22:03.0108 6012 rdyboost - ok00:22:03.0170 6012 [ 18505D90FEE940EE9EAE4C5B421F22B4 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe00:22:03.0233 6012 RegSrvc - ok00:22:03.0264 6012 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll00:22:03.0326 6012 RemoteAccess - ok00:22:03.0373 6012 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll00:22:03.0404 6012 RemoteRegistry - ok00:22:03.0420 6012 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll00:22:03.0467 6012 RpcEptMapper - ok00:22:03.0498 6012 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe00:22:03.0498 6012 RpcLocator - ok00:22:03.0529 6012 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll00:22:03.0560 6012 RpcSs - ok00:22:03.0607 6012 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys00:22:03.0654 6012 rspndr - ok00:22:03.0716 6012 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys00:22:03.0732 6012 RTL8167 - ok00:22:03.0747 6012 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe00:22:03.0763 6012 SamSs - ok00:22:03.0779 6012 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys00:22:03.0794 6012 sbp2port - ok00:22:03.0825 6012 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll00:22:03.0857 6012 SCardSvr - ok00:22:03.0888 6012 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys00:22:03.0966 6012 scfilter - ok00:22:03.0997 6012 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll00:22:04.0059 6012 Schedule - ok00:22:04.0091 6012 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll00:22:04.0122 6012 SCPolicySvc - ok00:22:04.0169 6012 [ 408DF925E1B39300363A1A3758083825 ] scsk5 C:\windows\syswow64\drivers\scsk5.sys00:22:04.0200 6012 scsk5 - ok00:22:04.0215 6012 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\windows\system32\DRIVERS\sdbus.sys00:22:04.0262 6012 sdbus - ok00:22:04.0293 6012 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll00:22:04.0325 6012 SDRSVC - ok00:22:04.0356 6012 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys00:22:04.0403 6012 secdrv - ok00:22:04.0418 6012 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll00:22:04.0449 6012 seclogon - ok00:22:04.0496 6012 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll00:22:04.0574 6012 SENS - ok00:22:04.0590 6012 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll00:22:04.0621 6012 SensrSvc - ok00:22:04.0637 6012 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys00:22:04.0683 6012 Serenum - ok00:22:04.0715 6012 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys00:22:04.0746 6012 Serial - ok00:22:04.0777 6012 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys00:22:04.0839 6012 sermouse - ok00:22:04.0886 6012 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll00:22:04.0964 6012 SessionEnv - ok00:22:04.0980 6012 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys00:22:04.0995 6012 sffdisk - ok00:22:05.0027 6012 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys00:22:05.0073 6012 sffp_mmc - ok00:22:05.0089 6012 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys00:22:05.0120 6012 sffp_sd - ok00:22:05.0136 6012 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys00:22:05.0167 6012 sfloppy - ok00:22:05.0214 6012 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll00:22:05.0292 6012 SharedAccess - ok00:22:05.0323 6012 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll00:22:05.0385 6012 ShellHWDetection - ok00:22:05.0385 6012 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys00:22:05.0401 6012 SiSRaid2 - ok00:22:05.0432 6012 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys00:22:05.0448 6012 SiSRaid4 - ok00:22:05.0479 6012 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys00:22:05.0526 6012 Smb - ok00:22:05.0557 6012 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe00:22:05.0588 6012 SNMPTRAP - ok00:22:05.0619 6012 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys00:22:05.0635 6012 spldr - ok00:22:05.0666 6012 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe00:22:05.0729 6012 Spooler - ok00:22:05.0791 6012 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe00:22:05.0900 6012 sppsvc - ok00:22:05.0916 6012 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll00:22:05.0947 6012 sppuinotify - ok00:22:05.0994 6012 [ 602884696850C86434530790B110E8EB ] sptd C:\windows\system32\Drivers\sptd.sys00:22:06.0009 6012 Suspicious file (NoAccess): C:\windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB00:22:06.0009 6012 sptd ( LockedFile.Multi.Generic ) - warning00:22:06.0009 6012 sptd - detected LockedFile.Multi.Generic (1)00:22:06.0056 6012 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys00:22:06.0103 6012 srv - ok00:22:06.0119 6012 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys00:22:06.0165 6012 srv2 - ok00:22:06.0181 6012 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys00:22:06.0197 6012 srvnet - ok00:22:06.0243 6012 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll00:22:06.0306 6012 SSDPSRV - ok00:22:06.0321 6012 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll00:22:06.0368 6012 SstpSvc - ok00:22:06.0384 6012 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys00:22:06.0384 6012 stexstor - ok00:22:06.0446 6012 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll00:22:06.0493 6012 stisvc - ok00:22:06.0509 6012 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys00:22:06.0524 6012 swenum - ok00:22:06.0555 6012 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll00:22:06.0618 6012 swprv - ok00:22:06.0665 6012 [ F5B46DF59FEAA48A442AED7EEB754D4B ] SynTP C:\windows\system32\DRIVERS\SynTP.sys00:22:06.0696 6012 SynTP - ok00:22:06.0758 6012 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll00:22:06.0852 6012 SysMain - ok00:22:06.0883 6012 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll00:22:06.0914 6012 TabletInputService - ok00:22:06.0945 6012 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll00:22:07.0039 6012 TapiSrv - ok00:22:07.0055 6012 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll00:22:07.0086 6012 TBS - ok00:22:07.0179 6012 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\windows\system32\drivers\tcpip.sys00:22:07.0242 6012 Tcpip - ok00:22:07.0273 6012 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys00:22:07.0304 6012 TCPIP6 - ok00:22:07.0335 6012 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys00:22:07.0351 6012 tcpipreg - ok00:22:07.0398 6012 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys00:22:07.0413 6012 tdcmdpst - ok00:22:07.0445 6012 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys00:22:07.0476 6012 TDPIPE - ok00:22:07.0491 6012 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys00:22:07.0523 6012 TDTCP - ok00:22:07.0538 6012 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys00:22:07.0585 6012 tdx - ok00:22:07.0601 6012 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys00:22:07.0616 6012 TermDD - ok00:22:07.0647 6012 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll00:22:07.0710 6012 TermService - ok00:22:07.0725 6012 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll00:22:07.0741 6012 Themes - ok00:22:07.0788 6012 [ 7F35CA8296A52C7161088EB1D952E8ED ] Thpdrv C:\windows\system32\DRIVERS\thpdrv.sys00:22:07.0819 6012 Thpdrv - ok00:22:07.0835 6012 [ B4E609047434ED948AF7BDEF2FA66E38 ] Thpevm C:\windows\system32\DRIVERS\Thpevm.SYS00:22:07.0866 6012 Thpevm - ok00:22:07.0897 6012 [ 0B4734AE9EC70B843DF02E7B1C056377 ] Thpsrv C:\windows\system32\ThpSrv.exe00:22:07.0928 6012 Thpsrv ( UnsignedFile.Multi.Generic ) - warning00:22:07.0928 6012 Thpsrv - detected UnsignedFile.Multi.Generic (1)00:22:07.0928 6012 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll00:22:07.0975 6012 THREADORDER - ok00:22:08.0037 6012 [ 521C21E7F6EAB98679F90CA4E135FB95 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe00:22:08.0053 6012 TMachInfo - ok00:22:08.0115 6012 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\windows\system32\TODDSrv.exe00:22:08.0131 6012 TODDSrv - ok00:22:08.0178 6012 [ 1C73689B900428C7D054A41C4687F55C ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe00:22:08.0209 6012 TosCoSrv - ok00:22:08.0271 6012 [ 63AAFCF3EA5DBB17123E0BAE9AFE4D58 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe00:22:08.0303 6012 TOSHIBA eco Utility Service - ok00:22:08.0334 6012 [ 29D0886CF250FCEF1BF9E65AB8D2C0C8 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe00:22:08.0349 6012 TOSHIBA HDD SSD Alert Service - ok00:22:08.0381 6012 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys00:22:08.0412 6012 tos_sps64 - ok00:22:08.0459 6012 [ 098B8A408C17E125A3D9A8E1166780C8 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe00:22:08.0490 6012 TPCHSrv - ok00:22:08.0521 6012 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll00:22:08.0568 6012 TrkWks - ok00:22:08.0599 6012 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe00:22:08.0630 6012 TrustedInstaller - ok00:22:08.0661 6012 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys00:22:08.0708 6012 tssecsrv - ok00:22:08.0739 6012 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys00:22:08.0739 6012 TsUsbFlt - ok00:22:08.0771 6012 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys00:22:08.0802 6012 TsUsbGD - ok00:22:08.0817 6012 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys00:22:08.0880 6012 tunnel - ok00:22:08.0927 6012 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS00:22:08.0942 6012 TVALZ - ok00:22:08.0989 6012 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys00:22:09.0005 6012 TVALZFL - ok00:22:09.0036 6012 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys00:22:09.0067 6012 uagp35 - ok00:22:09.0083 6012 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys00:22:09.0207 6012 udfs - ok00:22:09.0239 6012 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe00:22:09.0254 6012 UI0Detect - ok00:22:09.0285 6012 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys00:22:09.0301 6012 uliagpkx - ok00:22:09.0332 6012 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys00:22:09.0348 6012 umbus - ok00:22:09.0379 6012 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys00:22:09.0395 6012 UmPass - ok00:22:09.0551 6012 [ 374EBDA379A8F38E0CFC2211611E7167 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe00:22:09.0613 6012 UNS - ok00:22:09.0644 6012 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll00:22:09.0738 6012 upnphost - ok00:22:09.0785 6012 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys00:22:09.0800 6012 USBAAPL64 - ok00:22:09.0847 6012 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys00:22:09.0863 6012 usbccgp - ok00:22:09.0878 6012 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys00:22:09.0894 6012 usbcir - ok00:22:09.0925 6012 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys00:22:09.0941 6012 usbehci - ok00:22:10.0003 6012 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys00:22:10.0050 6012 usbhub - ok00:22:10.0065 6012 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys00:22:10.0097 6012 usbohci - ok00:22:10.0112 6012 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys00:22:10.0143 6012 usbprint - ok00:22:10.0190 6012 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys00:22:10.0221 6012 usbscan - ok00:22:10.0237 6012 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS00:22:10.0268 6012 USBSTOR - ok00:22:10.0299 6012 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys00:22:10.0331 6012 usbuhci - ok00:22:10.0362 6012 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys00:22:10.0409 6012 usbvideo - ok00:22:10.0440 6012 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll00:22:10.0518 6012 UxSms - ok00:22:10.0533 6012 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe00:22:10.0533 6012 VaultSvc - ok00:22:10.0565 6012 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys00:22:10.0580 6012 vdrvroot - ok00:22:10.0596 6012 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe00:22:10.0643 6012 vds - ok00:22:10.0674 6012 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys00:22:10.0689 6012 vga - ok00:22:10.0689 6012 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys00:22:10.0736 6012 VgaSave - ok00:22:10.0752 6012 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys00:22:10.0767 6012 vhdmp - ok00:22:10.0783 6012 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys00:22:10.0799 6012 viaide - ok00:22:10.0814 6012 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys00:22:10.0814 6012 volmgr - ok00:22:10.0861 6012 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys00:22:10.0877 6012 volmgrx - ok00:22:10.0892 6012 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys00:22:10.0908 6012 volsnap - ok00:22:10.0923 6012 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys00:22:10.0939 6012 vsmraid - ok00:22:10.0986 6012 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe00:22:11.0048 6012 VSS - ok00:22:11.0064 6012 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys00:22:11.0095 6012 vwifibus - ok00:22:11.0126 6012 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys00:22:11.0157 6012 vwififlt - ok00:22:11.0189 6012 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys00:22:11.0204 6012 vwifimp - ok00:22:11.0251 6012 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll00:22:11.0282 6012 W32Time - ok00:22:11.0313 6012 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys00:22:11.0329 6012 WacomPen - ok00:22:11.0376 6012 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys00:22:11.0438 6012 WANARP - ok00:22:11.0454 6012 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys00:22:11.0485 6012 Wanarpv6 - ok00:22:11.0563 6012 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe00:22:11.0594 6012 WatAdminSvc - ok00:22:11.0703 6012 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe00:22:11.0766 6012 wbengine - ok00:22:11.0781 6012 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll00:22:11.0813 6012 WbioSrvc - ok00:22:11.0828 6012 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll00:22:11.0859 6012 wcncsvc - ok00:22:11.0891 6012 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll00:22:11.0922 6012 WcsPlugInService - ok00:22:11.0937 6012 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys00:22:11.0953 6012 Wd - ok00:22:12.0000 6012 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys00:22:12.0062 6012 Wdf01000 - ok00:22:12.0078 6012 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll00:22:12.0109 6012 WdiServiceHost - ok00:22:12.0109 6012 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll00:22:12.0125 6012 WdiSystemHost - ok00:22:12.0156 6012 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll00:22:12.0187 6012 WebClient - ok00:22:12.0218 6012 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll00:22:12.0265 6012 Wecsvc - ok00:22:12.0296 6012 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll00:22:12.0327 6012 wercplsupport - ok00:22:12.0374 6012 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll00:22:12.0468 6012 WerSvc - ok00:22:12.0499 6012 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys00:22:12.0530 6012 WfpLwf - ok00:22:12.0546 6012 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys00:22:12.0546 6012 WIMMount - ok00:22:12.0561 6012 WinDefend - ok00:22:12.0577 6012 WinHttpAutoProxySvc - ok00:22:12.0624 6012 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll00:22:12.0686 6012 Winmgmt - ok00:22:12.0764 6012 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll00:22:12.0827 6012 WinRM - ok00:22:12.0873 6012 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys00:22:12.0889 6012 WinUsb - ok00:22:12.0920 6012 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll00:22:12.0967 6012 Wlansvc - ok00:22:13.0014 6012 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe00:22:13.0045 6012 wlcrasvc - ok00:22:13.0139 6012 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE00:22:13.0201 6012 wlidsvc - ok00:22:13.0217 6012 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys00:22:13.0248 6012 WmiAcpi - ok00:22:13.0279 6012 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe00:22:13.0295 6012 wmiApSrv - ok00:22:13.0326 6012 WMPNetworkSvc - ok00:22:13.0341 6012 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll00:22:13.0357 6012 WPCSvc - ok00:22:13.0373 6012 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll00:22:13.0404 6012 WPDBusEnum - ok00:22:13.0419 6012 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys00:22:13.0451 6012 ws2ifsl - ok00:22:13.0466 6012 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll00:22:13.0497 6012 wscsvc - ok00:22:13.0497 6012 WSearch - ok00:22:13.0591 6012 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll00:22:13.0653 6012 wuauserv - ok00:22:13.0685 6012 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys00:22:13.0716 6012 WudfPf - ok00:22:13.0747 6012 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys00:22:13.0778 6012 WUDFRd - ok00:22:13.0809 6012 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll00:22:13.0841 6012 wudfsvc - ok00:22:13.0872 6012 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\windows\System32\wwansvc.dll00:22:13.0903 6012 WwanSvc - ok00:22:13.0919 6012 ================ Scan global ===============================00:22:13.0934 6012 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll00:22:13.0965 6012 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll00:22:13.0981 6012 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll00:22:14.0012 6012 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll00:22:14.0043 6012 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe00:22:14.0043 6012 [Global] - ok00:22:14.0043 6012 ================ Scan MBR ==================================00:22:14.0059 6012 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR000:22:15.0089 6012 \Device\Harddisk0\DR0 - ok00:22:15.0104 6012 ================ Scan VBR ==================================00:22:15.0135 6012 [ D4E59C7E3FAA7F07055A690E479E7914 ] \Device\Harddisk0\DR0\Partition100:22:15.0135 6012 \Device\Harddisk0\DR0\Partition1 - ok00:22:15.0135 6012 ============================================================00:22:15.0135 6012 Scan finished00:22:15.0135 6012 ============================================================00:22:15.0151 5336 Detected object count: 200:22:15.0151 5336 Actual detected object count: 200:22:25.0369 5336 sptd ( LockedFile.Multi.Generic ) - skipped by user00:22:25.0369 5336 sptd ( LockedFile.Multi.Generic ) - User select action: Skip00:22:25.0369 5336 Thpsrv ( UnsignedFile.Multi.Generic ) - skipped by user00:22:25.0369 5336 Thpsrv ( UnsignedFile.Multi.Generic ) - User select action: Skip Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted June 21, 2013 Root Admin ID:693941 Share Posted June 21, 2013 That log looks good too. Please run the MBAM Clean Removal process on the computer from here. http://forums.malwarebytes.org/index.php?showtopic=122284 Then let me know if you're still having any issues with the program or not. Link to post Share on other sites More sharing options...
suhjonathan97 Posted June 21, 2013 Author ID:693944 Share Posted June 21, 2013 I followed the instructions and used the tool to uninstall MBAM, rebooted, then reinstalled.However, MBAM window still does not come up when I launch the program. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted June 21, 2013 Root Admin ID:693946 Share Posted June 21, 2013 Okay well that is a bit odd. Please visit this webpage for instructions on downloading and running ComboFix: How to use ComboFix Please make sure you disable your security applications before running ComboFix. Once Combofix has completed it will produce and open a log file. Please attach that log file to your next reply. If needed the file can be located here: C:\combofix.txt Link to post Share on other sites More sharing options...
suhjonathan97 Posted June 21, 2013 Author ID:693953 Share Posted June 21, 2013 So after completing Stage 50, ComboFix has been in Deleting Files and Deleting Folders for the last 10 minutes or so..Is this okay? Maybe I'm just too impatient... Link to post Share on other sites More sharing options...
suhjonathan97 Posted June 21, 2013 Author ID:693955 Share Posted June 21, 2013 ComboFix 13-06-21.01 - Jonathan 06/21/2013 0:52.1.4 - x64Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6052.4406 [GMT -5:00]Running from: c:\users\Jonathan\Desktop\ComboFix.exeAV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\program files (x86)\IESidec:\programdata\Roamingc:\windows\SysWow64\settings.ini..((((((((((((((((((((((((( Files Created from 2013-05-21 to 2013-06-21 )))))))))))))))))))))))))))))))..2013-06-21 06:12 . 2013-06-21 06:12 -------- d-----w- c:\users\Default\AppData\Local\temp2013-06-21 05:36 . 2013-06-21 05:36 -------- d-----w- c:\users\Jonathan\AppData\Roaming\Malwarebytes2013-06-21 05:35 . 2013-06-21 05:35 -------- d-----w- c:\programdata\Malwarebytes2013-06-21 05:35 . 2013-06-21 05:36 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware2013-06-21 05:35 . 2013-04-04 19:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys2013-06-21 04:02 . 2013-06-21 04:50 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)2013-06-21 01:49 . 2013-06-21 01:49 -------- d-----w- c:\program files\Common Files\DESIGNER2013-06-21 01:48 . 2013-06-21 01:48 -------- d-----w- c:\program files\Microsoft Synchronization Services2013-06-12 08:01 . 2013-05-17 01:25 257536 ----a-w- c:\program files (x86)\Internet Explorer\ieproxy.dll2013-06-12 07:59 . 2013-05-08 06:39 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys2013-06-12 07:59 . 2013-04-26 05:51 751104 ----a-w- c:\windows\system32\win32spl.dll2013-06-12 07:59 . 2013-04-26 04:55 492544 ----a-w- c:\windows\SysWow64\win32spl.dll2013-05-24 23:56 . 2013-05-24 23:56 -------- d-----w- c:\users\Jonathan\AppData\Local\Unity2013-05-24 23:56 . 2013-05-24 23:56 -------- d-----w- c:\users\Jonathan\AppData\Local\Deployment2013-05-24 23:56 . 2013-05-24 23:56 -------- d-----w- c:\users\Jonathan\AppData\Local\Apps...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-06-12 08:23 . 2011-03-29 02:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll2013-06-12 08:02 . 2012-03-26 19:47 75825640 ----a-w- c:\windows\system32\MRT.exe2013-06-12 08:01 . 2012-06-22 23:20 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2013-06-12 08:01 . 2012-06-22 23:20 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe2013-05-09 08:59 . 2013-03-09 04:12 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys2013-05-09 08:59 . 2013-03-09 04:12 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys2013-05-09 08:59 . 2012-10-25 23:04 378432 ----a-w- c:\windows\system32\drivers\aswSP.sys2013-05-09 08:59 . 2012-10-25 23:04 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys2013-05-09 08:59 . 2012-10-25 23:04 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys2013-05-09 08:59 . 2012-10-25 23:03 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys2013-05-09 08:59 . 2012-10-25 23:04 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys2013-05-09 08:59 . 2012-10-25 23:03 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys2013-05-09 08:58 . 2012-10-25 23:03 41664 ----a-w- c:\windows\avastSS.scr2013-05-09 08:58 . 2012-10-25 23:03 287840 ----a-w- c:\windows\system32\aswBoot.exe2013-04-22 21:45 . 2013-04-22 21:44 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10144.bin2013-04-13 05:49 . 2013-05-15 04:08 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll2013-04-13 05:49 . 2013-05-15 04:08 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll2013-04-13 05:49 . 2013-05-15 04:08 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll2013-04-13 05:49 . 2013-05-15 04:08 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll2013-04-13 04:45 . 2013-05-15 04:08 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll2013-04-13 04:45 . 2013-05-15 04:08 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll2013-04-12 14:45 . 2013-04-24 17:26 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys2013-04-10 06:01 . 2013-05-15 04:08 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys2013-04-10 06:01 . 2013-05-15 04:08 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys2013-04-10 03:30 . 2013-05-15 04:07 3153920 ----a-w- c:\windows\system32\win32k.sys2013-04-04 10:36 . 2012-06-22 22:16 866720 ----a-w- c:\windows\SysWow64\npDeployJava1.dll2013-04-04 10:35 . 2011-11-22 04:31 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2010-11-09 532480]"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2011-03-10 423936]"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2010-08-16 34160]"DelayTSS"="c:\program files\Toshiba\DelayTSS\DelayTSS.exe" [2011-11-21 2153328]"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-15 152392].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]"Malwarebytes Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2013-04-04 532040].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]R3 scsk5;SCSK5 Driver Service;syswow64\drivers\scsk5.sys;syswow64\drivers\scsk5.sys [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]S0 aswRvrt;aswRvrt; [x]S0 aswVmm;aswVmm; [x]S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys;c:\windows\SYSNATIVE\DRIVERS\thpdrv.sys [x]S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS;c:\windows\SYSNATIVE\DRIVERS\Thpevm.SYS [x]S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys;c:\windows\SYSNATIVE\DRIVERS\tos_sps64.sys [x]S1 aswSnx;aswSnx; [x]S1 aswSP;aswSP; [x]S2 aswFsBlk;aswFsBlk; [x]S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe;c:\program files\TOSHIBA\TECO\TecoService.exe [x]S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]S3 CeKbFilter;CeKbFilter;c:\windows\system32\DRIVERS\CeKbFilter.sys;c:\windows\SYSNATIVE\DRIVERS\CeKbFilter.sys [x]S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys;c:\windows\SYSNATIVE\DRIVERS\iwdbus.sys [x]S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]S3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]..[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]2013-06-19 18:20 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe.Contents of the 'Scheduled Tasks' folder.2013-06-21 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-22 08:01].2012-03-27 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2557119738-1074671890-1450825161-1000Core.job- c:\users\Jonathan\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-03-26 03:17].2012-03-27 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2557119738-1074671890-1450825161-1000UA.job- c:\users\Jonathan\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-03-26 03:17].2013-05-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-20 19:52].2013-05-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-20 19:52].2013-06-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2557119738-1074671890-1450825161-1000Core.job- c:\users\Jonathan\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-10 06:05].2013-06-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2557119738-1074671890-1450825161-1000UA.job- c:\users\Jonathan\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-10 06:05]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]@="{472083B0-C522-11CF-8763-00608CC02F24}"[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ThpSrv"="c:\windows\system32\thpsrv" [X]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-07-02 167704]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-07-02 392472]"Persistence"="c:\windows\system32\igfxpers.exe" [2011-07-02 416024]"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-26 11775592]"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-01-18 2188904]"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-06-01 1935120]"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2011-06-10 710560]"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376].------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmmLocal Page = c:\windows\SysWOW64\blank.htmuInternet Settings,ProxyOverride = <local>;*.localIE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105Trusted Zone: ieside.comTCP: DhcpNameServer = 192.168.1.254.- - - - ORPHANS REMOVED - - - -.Toolbar-Locked - (no file)Wow6432Node-HKLM-Run-TSleepSrv - %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exeHKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - startToolbar-Locked - (no file)HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXEHKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exeHKLM-Run-TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exeHKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exeHKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exeAddRemove-SoftcampSCSK - c:\windows\system32\UnSCSK.exe...--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.11".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DbgagD\1*]"value"="?\03\01\1a\16\01\17\17".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).Completion time: 2013-06-21 01:15:28ComboFix-quarantined-files.txt 2013-06-21 06:15.Pre-Run: 516,643,987,456 bytes freePost-Run: 516,612,845,568 bytes free.- - End Of File - - 23D6BFCAE46E49F82E07921EB733D3F2D41D8CD98F00B204E9800998ECF8427E Link to post Share on other sites More sharing options...
suhjonathan97 Posted June 21, 2013 Author ID:693961 Share Posted June 21, 2013 I think it's time for me to call it a night. Thanks for helping me out. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted June 21, 2013 Root Admin ID:693965 Share Posted June 21, 2013 Please backup your Registry and then move on to the next step. STEP 01 Backup the Registry: Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.Please download ERUNT from one of the following links: Link1 | Link2 | Link3ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.Double click on erunt-setup.exe to Install ERUNT by following the prompts.Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.Choose a location for the backup.Note: the default location is C:\Windows\ERDNT which is acceptable.Make sure that at least the first two check boxes are selected.Click on OKThen click on YES to create the folder.Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe STEP 02 Please download AdwCleaner from here and save it on your Desktop.On XP double click on adwcleaner.exe to to launch the application.On Vista or Windows 7 Right-click on adwcleaner.exe and select Run As administrator to launch the application.Now click on the Search button.Please post the contents of the log-file created in your next reply.Note: The log can also be located at root (or top) of the C: volume. C:\AdwCleaner[XX].txt XX <-- Denotes the number of times the application has been run. Link to post Share on other sites More sharing options...
suhjonathan97 Posted June 21, 2013 Author ID:693969 Share Posted June 21, 2013 The registry backup went with no problems, but the AdwCleaner does not seem to launch. I right-clicked to run as admin and clicked yes for UAC, yet nothing appears... Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted June 21, 2013 Root Admin ID:693971 Share Posted June 21, 2013 Well we'll need to run some other tools to see what's going on here but I thought you were about to call it a night? We can pick up on this again tomorrow if you like, just let me know. Link to post Share on other sites More sharing options...
suhjonathan97 Posted June 21, 2013 Author ID:693972 Share Posted June 21, 2013 I was about to. But I can go for another 20 min or so. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted June 21, 2013 Root Admin ID:693973 Share Posted June 21, 2013 Scan with aswMBR Please download aswMBR.exe to your desktop.Double-click the aswMBR.exe to run itWhen prompted with The application can use the Avast! Free Antivirus for scanning >> select NoNow click on the Scan button to start scanOn completion of the scan click Save Log, save it to your desktop and post the contents in your next replyNote: There will also be a file on your desktop named MBR.dat(or similir) do not delete this for now it is a actual backup of the MBR(master boot record). Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first. Link to post Share on other sites More sharing options...
Recommended Posts