dan_melissa Posted December 6, 2013 ID:761173 Share Posted December 6, 2013 Hello. I have something on my PC that malwarebytes has not found. When I click on links in my browser (firefox or IE) sometimes it opens phishy pages ("All users of this site are eligible for a free credit report" - things like that). I have run malwarebytes in safe mode, and have also tried spybot S&D and hijack this (I just looked at the logs myself - they are working on a new release and not answering support requests right now). The likely source of the infection was one of my kids clicking on a link to get Minecraft for free. I am happy to provide any additional information I can. I am pasting dds.txt below. Thank you! DDS (Ver_2012-11-20.01) - NTFS_AMD64Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.45.2Run by My_Toshiba at 2:03:59 on 2013-12-06#Option Extended Search is enabled.Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.2113 [GMT -6:00].AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}.============== Running Processes ===============.C:\windows\system32\lsm.exeC:\windows\system32\svchost.exe -k DcomLaunchC:\windows\system32\svchost.exe -k RPCSSc:\Program Files\Microsoft Security Client\MsMpEng.exeC:\windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\windows\system32\svchost.exe -k LocalServiceC:\windows\system32\svchost.exe -k netsvcsC:\windows\system32\svchost.exe -k NetworkServiceC:\windows\Explorer.EXEC:\windows\system32\Dwm.exeC:\windows\System32\spoolsv.exeC:\windows\system32\taskhost.exeC:\windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\windows\system32\taskeng.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exeC:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exeC:\Users\My_Toshiba\Desktop\LeapFrog Connect\CommandService.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\ccSvcHst.exeC:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exeC:\windows\system32\svchost.exe -k imgsvcC:\Windows\system32\TODDSrv.exeC:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exeC:\Program Files\TOSHIBA\TECO\TecoService.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\windows\system32\taskeng.exeC:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exeC:\Program Files (x86)\Orb Networks\Orb\bin\Orblauncher.exeC:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exeC:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXEC:\windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\windows\System32\rundll32.exeC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\TOSHIBA\Power Saver\TPwrMain.exeC:\Program Files\TOSHIBA\SmoothView\SmoothView.exeC:\Program Files\TOSHIBA\FlashCards\TCrdMain.exeC:\Program Files\TOSHIBA\TECO\Teco.exeC:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exeC:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exeC:\Program Files\Microsoft Security Client\msseces.exeC:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exeC:\Program Files (x86)\Orb Networks\Orb\bin\Orb.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\Orb Networks\Orb\bin\OrbjetManager.exec:\Program Files\Microsoft Security Client\NisSrv.exeC:\windows\system32\SearchIndexer.exeC:\windows\system32\igfxext.exeC:\windows\system32\igfxsrvc.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\ccSvcHst.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\windows\System32\svchost.exe -k LocalServicePeerNetC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Program Files\TOSHIBA\TPHM\TPCHSrv.exeC:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exeC:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exeC:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exeC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\windows\servicing\TrustedInstaller.exeC:\windows\system32\vssvc.exeC:\windows\System32\svchost.exe -k swprvC:\windows\system32\wbem\wmiprvse.exeC:\Program Files (x86)\Google\Update\GoogleUpdate.exeC:\windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uProxyOverride = <local>;*.localBHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllBHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dllTB: FindWide Toolbar: {65132BAA-DBA9-40B9-BD7C-667368459740} -uRun: [spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autocleanmRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [EKIJ5000StatusMonitor] C:\windows\System32\spool\DRIVERS\x64\3\EKIJ5000MUI.exemRun: [EKStatusMonitor] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exemRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"mRun: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"dRunOnce: [sPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601dRunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe"mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllDPF: {195538FD-1C39-44B1-A7C3-5D7137A8A8F1} - C:\Users\MY_TOS~1\AppData\Local\Temp\f5tmp\f5opswati.cabDPF: {2BCDB465-81F9-41CB-832C-8037A4064446} - C:\Users\MY_TOS~1\AppData\Local\Temp\f5tmp\urxvpn.cabDPF: {30CF9713-6614-4556-B5F5-66F8C7F9DEF1} - C:\Users\MY_TOS~1\AppData\Local\Temp\f5tmp\f5opswati.cabDPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} - C:\Users\MY_TOS~1\AppData\Local\Temp\f5tmp\f5tunsrv.cabDPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} - C:\Users\MY_TOS~1\AppData\Local\Temp\f5tmp\InstallerControl.cabDPF: {49EC7987-E331-44E3-B170-748B58A268B9} - C:\Users\MY_TOS~1\AppData\Local\Temp\f5tmp\f5opswati.cabDPF: {57C76689-F052-487B-A19F-855AFDDF28EE} - C:\Users\MY_TOS~1\AppData\Local\Temp\f5tmp\f5InspectionHost.cabDPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} - C:\Users\MY_TOS~1\AppData\Local\Temp\f5tmp\vdeskctrl.cabDPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} - C:\Users\MY_TOS~1\AppData\Local\Temp\f5tmp\urxshost.cabDPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} - C:\Users\MY_TOS~1\AppData\Local\Temp\f5tmp\urxhost.cabDPF: {EBDC91CB-F23F-477D-B152-3F7243760D04} - C:\Users\MY_TOS~1\AppData\Local\Temp\f5tmp\f5opswati.cabTCP: NameServer = 75.75.76.76 75.75.75.75TCP: Interfaces\{49F77F4B-FAD0-4276-9B39-25FC85576D05} : DHCPNameServer = 75.75.76.76 75.75.75.75TCP: Interfaces\{49F77F4B-FAD0-4276-9B39-25FC85576D05}\35175796272756C6 : DHCPNameServer = 207.230.192.251 209.206.136.8TCP: Interfaces\{49F77F4B-FAD0-4276-9B39-25FC85576D05}\D4561646F677259646765634F6474716765637 : DHCPNameServer = 10.0.0.1TCP: Interfaces\{49F77F4B-FAD0-4276-9B39-25FC85576D05}\D697177756374743431333 : DHCPNameServer = 192.168.0.1 205.171.3.25Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllNotify: SDWinLogon - SDWinLogon.dllSSODL: WebCheck - <orphaned>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dllx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dllx64-TB: FindWide Toolbar: {65132BAA-DBA9-40B9-BD7C-667368459740} -x64-Run: [igfxTray] C:\windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exex64-Run: [Persistence] C:\windows\System32\igfxpers.exex64-Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exex64-Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /tx64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXEx64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exex64-Run: [smoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exex64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exex64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exex64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /rx64-Run: [smartFaceVWatcher] C:\Program Files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exex64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exex64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exex64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exex64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exex64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkeyx64-Run: [EKIJ5000StatusMonitor] C:\windows\System32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe.INFO: x64-HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option..x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>Hosts: 127.0.0.1 www.spywareinfo.com.================= FIREFOX ===================.FF - ProfilePath - C:\Users\My_Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\4htg0550.default-1379026913962\FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLLFF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dllFF - ExtSQL: 2013-11-17 09:25; emily@wilford.biz; C:\Users\My_Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\4htg0550.default-1379026913962\extensions\emily@wilford.biz.============= SERVICES / DRIVERS ===============.R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2013-9-27 248240]R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2013-3-15 395640]R2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [2013-1-15 780152]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-11-22 418376]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-11-22 701512]R2 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2012-3-20 134944]R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\ccSvcHst.exe [2012-7-23 126392]R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-11-19 3921880]R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-11-19 1042272]R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-11-19 171416]R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-2-25 252928]R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-7-23 2320920]R3 HECIx64;Intel® Management Engine Interface;C:\windows\System32\drivers\HECIx64.sys [2009-9-17 56344]R3 Impcd;Impcd;C:\windows\System32\drivers\Impcd.sys [2010-2-27 158976]R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2010-6-21 287232]R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2010-2-22 75304]R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2013-11-22 25928]R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2012-7-23 35008]R3 QIOMem;Generic IO & Memory Access;C:\windows\System32\drivers\QIOMem.sys [2009-6-15 12800]R3 rtl8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtl8192Ce.sys [2012-7-23 877088]R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-2-23 835952]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408]S3 f5ipfw;F5 Networks StoneWall Filter;C:\windows\System32\drivers\urfltv64.sys [2013-9-23 18552]S3 FlyUsb;FLY Fusion;C:\windows\System32\drivers\FlyUsb.sys [2012-9-28 24576]S3 fssfltr;fssfltr;C:\windows\System32\drivers\fssfltr.sys [2013-3-11 57856]S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-9-12 1512448]S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2013-12-2 111616]S3 mbamchameleon;mbamchameleon;C:\windows\System32\drivers\mbamchameleon.sys [2013-12-6 91352]S3 MBAMSwissArmy;MBAMSwissArmy;C:\windows\System32\drivers\MBAMSwissArmy.sys [2013-12-6 116440]S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2012-7-23 239136]S3 SrvHsfHDA;SrvHsfHDA;C:\windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]S3 SrvHsfV92;SrvHsfV92;C:\windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]S3 SrvHsfWinac;SrvHsfWinac;C:\windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]S3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2012-7-23 51512]S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2012-10-23 59392]S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-10-22 1255736].=============== Created Last 60 ================.2013-12-06 07:55:47 965000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{51E29C3F-EDA1-4DA5-A194-C4D2F1E78E9C}\gapaengine.dll2013-12-06 07:54:56 10285968 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CBE8CF75-6951-4F6A-B245-8EA831F39D3A}\mpengine.dll2013-12-06 07:45:12 -------- d-----w- C:\tmp2013-12-06 07:20:31 116440 ----a-w- C:\windows\System32\drivers\MBAMSwissArmy.sys2013-12-06 07:20:31 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)2013-12-06 07:20:08 91352 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys2013-12-05 06:09:09 -------- d-----w- C:\AdwCleaner2013-12-05 00:28:52 10285968 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2013-12-03 04:56:58 -------- d-----w- C:\windows\System32\MRT2013-12-03 04:34:11 -------- d-----w- C:\New folder2013-12-02 13:10:59 97880 ----a-w- C:\Program Files (x86)\Internet Explorer\pdmproxy100.dll2013-11-22 06:44:14 -------- d-----w- C:\Users\My_Toshiba\AppData\Roaming\Malwarebytes2013-11-22 06:43:59 -------- d-----w- C:\ProgramData\Malwarebytes2013-11-22 06:43:58 25928 ----a-w- C:\windows\System32\drivers\mbam.sys2013-11-22 06:43:58 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-11-20 05:54:12 -------- d-----w- C:\ProgramData\Oracle2013-11-20 05:46:44 96168 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll2013-11-20 04:39:04 21040 ----a-w- C:\windows\System32\sdnclean64.exe2013-11-20 04:38:55 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy2013-11-20 04:38:43 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 22013-11-17 15:33:11 -------- d-----w- C:\Users\My_Toshiba\AppData\Local\cache2013-11-17 15:33:09 -------- d-----w- C:\Users\My_Toshiba\AppData\Local\Mobogenie2013-11-17 15:32:53 -------- d-----w- C:\Program Files (x86)\Mobogenie2013-11-17 15:27:02 -------- d-----w- C:\Users\My_Toshiba\AppData\Roaming\.minecraft2013-11-17 15:25:13 -------- d-----w- C:\Users\My_Toshiba\AppData\Roaming\MyWordTool2013-11-16 06:35:46 -------- d-----w- C:\Program Files\iPod2013-11-16 06:35:45 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692013-11-16 06:35:45 -------- d-----w- C:\Program Files\iTunes2013-11-16 06:35:45 -------- d-----w- C:\Program Files (x86)\iTunes2013-11-06 12:48:41 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F8A29C05-A91C-4CF6-B2F5-05456E568C9E}\gapaengine.dll2013-10-20 14:39:06 163504 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin.==================== Find6M ====================.2013-12-02 13:10:59 74240 ----a-w- C:\windows\SysWow64\SetIEInstalledDate.exe2013-11-19 10:21:41 267936 ------w- C:\windows\System32\MpSigStub.exe2013-10-12 02:30:42 830464 ----a-w- C:\windows\System32\nshwfp.dll2013-10-12 02:29:21 859648 ----a-w- C:\windows\System32\IKEEXT.DLL2013-10-12 02:29:08 324096 ----a-w- C:\windows\System32\FWPUCLNT.DLL2013-10-12 02:03:08 656896 ----a-w- C:\windows\SysWow64\nshwfp.dll2013-10-12 02:01:25 216576 ----a-w- C:\windows\SysWow64\FWPUCLNT.DLL2013-10-09 09:23:25 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl2013-10-09 09:23:25 692616 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe2013-10-05 20:25:35 1474048 ----a-w- C:\windows\System32\crypt32.dll2013-10-05 19:57:25 1168384 ----a-w- C:\windows\SysWow64\crypt32.dll2013-10-04 02:28:31 190464 ----a-w- C:\windows\System32\SmartcardCredentialProvider.dll2013-10-04 02:25:17 197120 ----a-w- C:\windows\System32\credui.dll2013-10-04 02:24:49 1930752 ----a-w- C:\windows\System32\authui.dll2013-10-04 01:58:50 152576 ----a-w- C:\windows\SysWow64\SmartcardCredentialProvider.dll2013-10-04 01:56:25 168960 ----a-w- C:\windows\SysWow64\credui.dll2013-10-04 01:56:00 1796096 ----a-w- C:\windows\SysWow64\authui.dll2013-10-03 02:23:48 404480 ----a-w- C:\windows\System32\gdi32.dll2013-10-03 02:00:44 311808 ----a-w- C:\windows\SysWow64\gdi32.dll2013-09-28 01:09:10 497152 ----a-w- C:\windows\System32\drivers\afd.sys2013-09-27 15:53:06 248240 ----a-w- C:\windows\System32\drivers\MpFilter.sys2013-09-27 15:53:06 134944 ----a-w- C:\windows\System32\drivers\NisDrvWFP.sys2013-09-25 02:26:40 95680 ----a-w- C:\windows\System32\drivers\ksecdd.sys2013-09-25 02:26:40 154560 ----a-w- C:\windows\System32\drivers\ksecpkg.sys2013-09-25 02:23:33 28672 ----a-w- C:\windows\System32\sspisrv.dll2013-09-25 02:23:33 135680 ----a-w- C:\windows\System32\sspicli.dll2013-09-25 02:23:01 28160 ----a-w- C:\windows\System32\secur32.dll2013-09-25 02:22:59 340992 ----a-w- C:\windows\System32\schannel.dll2013-09-25 02:21:50 307200 ----a-w- C:\windows\System32\ncrypt.dll2013-09-25 02:21:07 1447936 ----a-w- C:\windows\System32\lsasrv.dll2013-09-25 01:58:17 96768 ----a-w- C:\windows\SysWow64\sspicli.dll2013-09-25 01:57:26 22016 ----a-w- C:\windows\SysWow64\secur32.dll2013-09-25 01:57:24 247808 ----a-w- C:\windows\SysWow64\schannel.dll2013-09-25 01:56:42 220160 ----a-w- C:\windows\SysWow64\ncrypt.dll2013-09-25 01:03:24 30720 ----a-w- C:\windows\System32\lsass.exe2013-09-08 02:30:37 1903552 ----a-w- C:\windows\System32\drivers\tcpip.sys2013-09-08 02:27:14 327168 ----a-w- C:\windows\System32\mswsock.dll2013-09-08 02:03:58 231424 ----a-w- C:\windows\SysWow64\mswsock.dll2013-08-29 02:17:48 5549504 ----a-w- C:\windows\System32\ntoskrnl.exe2013-08-29 02:16:35 1732032 ----a-w- C:\windows\System32\ntdll.dll2013-08-29 02:16:28 243712 ----a-w- C:\windows\System32\wow64.dll2013-08-29 02:16:14 859648 ----a-w- C:\windows\System32\tdh.dll2013-08-29 02:13:28 878080 ----a-w- C:\windows\System32\advapi32.dll2013-08-29 01:51:45 3969472 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe2013-08-29 01:51:45 3914176 ----a-w- C:\windows\SysWow64\ntoskrnl.exe2013-08-29 01:50:31 5120 ----a-w- C:\windows\SysWow64\wow32.dll2013-08-29 01:50:30 1292192 ----a-w- C:\windows\SysWow64\ntdll.dll2013-08-29 01:50:16 619520 ----a-w- C:\windows\SysWow64\tdh.dll2013-08-29 01:48:17 640512 ----a-w- C:\windows\SysWow64\advapi32.dll2013-08-29 01:48:15 44032 ----a-w- C:\windows\apppatch\acwow64.dll2013-08-29 00:49:53 25600 ----a-w- C:\windows\SysWow64\setup16.exe2013-08-29 00:49:52 7680 ----a-w- C:\windows\SysWow64\instnm.exe2013-08-29 00:49:52 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll2013-08-29 00:49:49 2048 ----a-w- C:\windows\SysWow64\user.exe2013-08-28 01:21:06 3155968 ----a-w- C:\windows\System32\win32k.sys2013-08-28 01:12:33 461312 ----a-w- C:\windows\System32\scavengeui.dll2013-08-05 02:25:45 155584 ----a-w- C:\windows\System32\drivers\ataport.sys2013-08-02 02:14:57 215040 ----a-w- C:\windows\System32\winsrv.dll2013-08-02 02:13:34 424448 ----a-w- C:\windows\System32\KernelBase.dll2013-08-02 01:50:42 274944 ----a-w- C:\windows\SysWow64\KernelBase.dll2013-08-02 01:09:17 338432 ----a-w- C:\windows\System32\conhost.exe2013-08-02 00:59:09 112640 ----a-w- C:\windows\System32\smss.exe2013-08-02 00:43:05 6144 ---ha-w- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll2013-08-02 00:43:05 4608 ---ha-w- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll2013-08-02 00:43:05 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll2013-08-02 00:43:05 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll2013-08-01 12:09:36 983488 ----a-w- C:\windows\System32\drivers\dxgkrnl.sys2013-07-30 03:27:57 108968 ----a-w- C:\windows\System32\WindowsAccessBridge-64.dll2013-07-30 03:27:51 972712 ----a-w- C:\windows\System32\deployJava1.dll2013-07-30 03:27:51 1093032 ----a-w- C:\windows\System32\npDeployJava1.dll2013-07-25 09:25:54 1888768 ----a-w- C:\windows\System32\WMVDECOD.DLL2013-07-25 08:57:27 1620992 ----a-w- C:\windows\SysWow64\WMVDECOD.DLL2013-07-20 10:33:12 102608 ----a-w- C:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll2013-07-20 10:33:08 124112 ----a-w- C:\windows\System32\PresentationCFFRasterizerNative_v0300.dll2013-07-19 01:58:42 2048 ----a-w- C:\windows\System32\tzres.dll2013-07-19 01:41:01 2048 ----a-w- C:\windows\SysWow64\tzres.dll2013-07-12 10:41:35 185344 ----a-w- C:\windows\System32\drivers\usbvideo.sys2013-07-12 10:41:12 100864 ----a-w- C:\windows\System32\drivers\usbcir.sys2013-07-09 05:52:52 224256 ----a-w- C:\windows\System32\wintrust.dll2013-07-09 05:51:16 1217024 ----a-w- C:\windows\System32\rpcrt4.dll2013-07-09 05:46:20 184320 ----a-w- C:\windows\System32\cryptsvc.dll2013-07-09 05:46:20 139776 ----a-w- C:\windows\System32\cryptnet.dll2013-07-09 04:52:33 663552 ----a-w- C:\windows\SysWow64\rpcrt4.dll2013-07-09 04:52:10 175104 ----a-w- C:\windows\SysWow64\wintrust.dll2013-07-09 04:46:31 140288 ----a-w- C:\windows\SysWow64\cryptsvc.dll2013-07-09 04:46:31 103936 ----a-w- C:\windows\SysWow64\cryptnet.dll2013-07-04 12:57:22 259584 ----a-w- C:\windows\System32\WebClnt.dll2013-07-04 12:50:46 102400 ----a-w- C:\windows\System32\davclnt.dll2013-07-04 12:50:39 633856 ----a-w- C:\windows\System32\comctl32.dll2013-07-04 12:18:29 458712 ----a-w- C:\windows\System32\drivers\cng.sys2013-07-04 11:57:28 205824 ----a-w- C:\windows\SysWow64\WebClnt.dll2013-07-04 11:51:04 81920 ----a-w- C:\windows\SysWow64\davclnt.dll2013-07-04 11:50:56 530432 ----a-w- C:\windows\SysWow64\comctl32.dll2013-07-04 10:11:35 140800 ----a-w- C:\windows\System32\drivers\mrxdav.sys2013-07-03 04:05:05 76800 ----a-w- C:\windows\System32\drivers\hidclass.sys2013-07-03 04:05:04 32896 ----a-w- C:\windows\System32\drivers\hidparse.sys2013-06-27 00:21:50 23208 ----a-w- C:\windows\System32\drivers\Sftvollh.sys2013-06-27 00:21:48 28840 ----a-w- C:\windows\System32\drivers\Sftredirlh.sys2013-06-27 00:21:46 273576 ----a-w- C:\windows\System32\drivers\Sftplaylh.sys2013-06-27 00:21:46 1777320 ----a-w- C:\windows\System32\sftldr.dll.============= FINISH: 2:04:12.65 =============== Link to post Share on other sites More sharing options...
Psychotic Posted December 6, 2013 ID:761214 Share Posted December 6, 2013 Hi there,my name is Marius and I will assist you with your malware related problems.Before we move on, please read the following points carefully. First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding. Perform everything in the correct order. Sometimes one step requires the previous one. If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem. Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me. Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts. If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed. Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean. My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding. Scan with TDSS-KillerPlease read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.Download TDSSKiller.exe and save it to your desktopExecute TDSSKiller.exe by doubleclicking on it. Press Start Scan If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txtPlease post the contents of that log in your next reply. Link to post Share on other sites More sharing options...
dan_melissa Posted December 6, 2013 Author ID:761327 Share Posted December 6, 2013 Marius, Thank you for your offer to help. I followed your instructions and ran TDSSKiller.exe, and it did not find any threats. What should I try next? Link to post Share on other sites More sharing options...
Psychotic Posted December 8, 2013 ID:762065 Share Posted December 8, 2013 Please post up the log as requested. Link to post Share on other sites More sharing options...
dan_melissa Posted December 10, 2013 Author ID:762641 Share Posted December 10, 2013 Output (1 of 2): 07:55:22.0912 0x19c4 TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:5007:55:28.0186 0x19c4 ============================================================07:55:28.0186 0x19c4 Current date / time: 2013/12/06 07:55:28.018607:55:28.0186 0x19c4 SystemInfo:07:55:28.0186 0x19c4 07:55:28.0186 0x19c4 OS Version: 6.1.7601 ServicePack: 1.007:55:28.0186 0x19c4 Product type: Workstation07:55:28.0186 0x19c4 ComputerName: TOSHIBA_LAPTOP07:55:28.0187 0x19c4 UserName: My_Toshiba07:55:28.0187 0x19c4 Windows directory: C:\windows07:55:28.0187 0x19c4 System windows directory: C:\windows07:55:28.0187 0x19c4 Running under WOW6407:55:28.0187 0x19c4 Processor architecture: Intel x6407:55:28.0187 0x19c4 Number of processors: 207:55:28.0187 0x19c4 Page size: 0x100007:55:28.0187 0x19c4 Boot type: Normal boot07:55:28.0187 0x19c4 ============================================================07:55:28.0463 0x19c4 KLMD registered as C:\windows\system32\drivers\14328101.sys07:55:28.0954 0x19c4 System UUID: {9D52395D-C02B-E765-545F-98A4E0A3E1D6}07:55:30.0061 0x19c4 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000004007:55:30.0066 0x19c4 ============================================================07:55:30.0067 0x19c4 \Device\Harddisk0\DR0:07:55:30.0067 0x19c4 MBR partitions:07:55:30.0067 0x19c4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x3892680007:55:30.0067 0x19c4 ============================================================07:55:30.0081 0x19c4 C: <-> \Device\Harddisk0\DR0\Partition107:55:30.0081 0x19c4 ============================================================07:55:30.0081 0x19c4 Initialize success07:55:30.0081 0x19c4 ============================================================07:56:04.0620 0x16b4 ============================================================07:56:04.0620 0x16b4 Scan started07:56:04.0620 0x16b4 Mode: Manual; TDLFS; 07:56:04.0620 0x16b4 ============================================================07:56:04.0620 0x16b4 KSN ping started07:56:07.0100 0x16b4 KSN ping finished: true07:56:07.0392 0x16b4 ================ Scan system memory ========================07:56:07.0392 0x16b4 System memory - ok07:56:07.0392 0x16b4 ================ Scan services =============================07:56:07.0634 0x16b4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\windows\system32\drivers\1394ohci.sys07:56:07.0634 0x16b4 1394ohci - ok07:56:07.0726 0x16b4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\windows\system32\drivers\ACPI.sys07:56:07.0736 0x16b4 ACPI - ok07:56:07.0796 0x16b4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys07:56:07.0796 0x16b4 AcpiPmi - ok07:56:07.0958 0x16b4 [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe07:56:07.0968 0x16b4 AdobeFlashPlayerUpdateSvc - ok07:56:08.0044 0x16b4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys07:56:08.0050 0x16b4 adp94xx - ok07:56:08.0150 0x16b4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\windows\system32\DRIVERS\adpahci.sys07:56:08.0160 0x16b4 adpahci - ok07:56:08.0230 0x16b4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys07:56:08.0230 0x16b4 adpu320 - ok07:56:08.0263 0x16b4 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\windows\System32\aelupsvc.dll07:56:08.0266 0x16b4 AeLookupSvc - ok07:56:08.0422 0x16b4 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\windows\system32\drivers\afd.sys07:56:08.0432 0x16b4 AFD - ok07:56:08.0512 0x16b4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\windows\system32\drivers\agp440.sys07:56:08.0512 0x16b4 agp440 - ok07:56:08.0552 0x16b4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\windows\System32\alg.exe07:56:08.0552 0x16b4 ALG - ok07:56:08.0622 0x16b4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\windows\system32\drivers\aliide.sys07:56:08.0622 0x16b4 aliide - ok07:56:08.0642 0x16b4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\windows\system32\drivers\amdide.sys07:56:08.0642 0x16b4 amdide - ok07:56:08.0702 0x16b4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys07:56:08.0702 0x16b4 AmdK8 - ok07:56:08.0712 0x16b4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys07:56:08.0712 0x16b4 AmdPPM - ok07:56:08.0802 0x16b4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\windows\system32\drivers\amdsata.sys07:56:08.0802 0x16b4 amdsata - ok07:56:08.0862 0x16b4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys07:56:08.0872 0x16b4 amdsbs - ok07:56:08.0892 0x16b4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\windows\system32\drivers\amdxata.sys07:56:08.0892 0x16b4 amdxata - ok07:56:08.0962 0x16b4 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\windows\system32\drivers\appid.sys07:56:08.0972 0x16b4 AppID - ok07:56:09.0022 0x16b4 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\windows\System32\appidsvc.dll07:56:09.0022 0x16b4 AppIDSvc - ok07:56:09.0062 0x16b4 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\windows\System32\appinfo.dll07:56:09.0062 0x16b4 Appinfo - ok07:56:09.0252 0x16b4 [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe07:56:09.0262 0x16b4 Apple Mobile Device - ok07:56:09.0352 0x16b4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\windows\system32\DRIVERS\arc.sys07:56:09.0362 0x16b4 arc - ok07:56:09.0362 0x16b4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\windows\system32\DRIVERS\arcsas.sys07:56:09.0372 0x16b4 arcsas - ok07:56:09.0402 0x16b4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys07:56:09.0403 0x16b4 AsyncMac - ok07:56:09.0434 0x16b4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\windows\system32\drivers\atapi.sys07:56:09.0434 0x16b4 atapi - ok07:56:09.0524 0x16b4 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll07:56:09.0544 0x16b4 AudioEndpointBuilder - ok07:56:09.0564 0x16b4 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\windows\System32\Audiosrv.dll07:56:09.0582 0x16b4 AudioSrv - ok07:56:09.0766 0x16b4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\windows\System32\AxInstSV.dll07:56:09.0776 0x16b4 AxInstSV - ok07:56:09.0866 0x16b4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys07:56:09.0886 0x16b4 b06bdrv - ok07:56:09.0934 0x16b4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys07:56:09.0938 0x16b4 b57nd60a - ok07:56:09.0988 0x16b4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\windows\System32\bdesvc.dll07:56:09.0998 0x16b4 BDESVC - ok07:56:10.0008 0x16b4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\windows\system32\drivers\Beep.sys07:56:10.0018 0x16b4 Beep - ok07:56:10.0108 0x16b4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\windows\System32\bfe.dll07:56:10.0149 0x16b4 BFE - ok07:56:10.0258 0x16b4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\windows\System32\qmgr.dll07:56:10.0284 0x16b4 BITS - ok07:56:10.0339 0x16b4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys07:56:10.0340 0x16b4 blbdrive - ok07:56:10.0470 0x16b4 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe07:56:10.0480 0x16b4 Bonjour Service - ok07:56:10.0580 0x16b4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\windows\system32\DRIVERS\bowser.sys07:56:10.0580 0x16b4 bowser - ok07:56:10.0610 0x16b4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys07:56:10.0610 0x16b4 BrFiltLo - ok07:56:10.0610 0x16b4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys07:56:10.0620 0x16b4 BrFiltUp - ok07:56:10.0670 0x16b4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\windows\System32\browser.dll07:56:10.0680 0x16b4 Browser - ok07:56:10.0710 0x16b4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\windows\System32\Drivers\Brserid.sys07:56:10.0720 0x16b4 Brserid - ok07:56:10.0730 0x16b4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys07:56:10.0730 0x16b4 BrSerWdm - ok07:56:10.0740 0x16b4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys07:56:10.0740 0x16b4 BrUsbMdm - ok07:56:10.0750 0x16b4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys07:56:10.0750 0x16b4 BrUsbSer - ok07:56:10.0792 0x16b4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys07:56:10.0792 0x16b4 BTHMODEM - ok07:56:10.0872 0x16b4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\windows\system32\bthserv.dll07:56:10.0872 0x16b4 bthserv - ok07:56:10.0932 0x16b4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys07:56:10.0942 0x16b4 cdfs - ok07:56:11.0002 0x16b4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\windows\system32\drivers\cdrom.sys07:56:11.0012 0x16b4 cdrom - ok07:56:11.0072 0x16b4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\windows\System32\certprop.dll07:56:11.0072 0x16b4 CertPropSvc - ok07:56:11.0122 0x16b4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\windows\system32\DRIVERS\circlass.sys07:56:11.0132 0x16b4 circlass - ok07:56:11.0522 0x16b4 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\windows\system32\CLFS.sys07:56:11.0552 0x16b4 CLFS - ok07:56:11.0702 0x16b4 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe07:56:11.0702 0x16b4 clr_optimization_v2.0.50727_32 - ok07:56:11.0772 0x16b4 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe07:56:11.0772 0x16b4 clr_optimization_v2.0.50727_64 - ok07:56:11.0862 0x16b4 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe07:56:11.0862 0x16b4 clr_optimization_v4.0.30319_32 - ok07:56:11.0974 0x16b4 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe07:56:11.0975 0x16b4 clr_optimization_v4.0.30319_64 - ok07:56:12.0005 0x16b4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys07:56:12.0005 0x16b4 CmBatt - ok07:56:12.0035 0x16b4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\windows\system32\drivers\cmdide.sys07:56:12.0035 0x16b4 cmdide - ok07:56:12.0075 0x16b4 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\windows\system32\Drivers\cng.sys07:56:12.0095 0x16b4 CNG - ok07:56:12.0205 0x16b4 [ 25C58EE97BE0416A373E3E4F855206B5, 3AE7CA1E1ED56C2CE4BD11F2F89060DEF480009E4AA2128897C70E9E679E44BB ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys07:56:12.0225 0x16b4 CnxtHdAudService - ok07:56:12.0285 0x16b4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys07:56:12.0285 0x16b4 Compbatt - ok07:56:12.0315 0x16b4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys07:56:12.0315 0x16b4 CompositeBus - ok07:56:12.0335 0x16b4 COMSysApp - ok07:56:12.0355 0x16b4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys07:56:12.0355 0x16b4 crcdisk - ok07:56:12.0405 0x16b4 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\windows\system32\cryptsvc.dll07:56:12.0405 0x16b4 CryptSvc - ok07:56:12.0515 0x16b4 [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE07:56:12.0535 0x16b4 cvhsvc - ok07:56:12.0595 0x16b4 [ BA25D4B9B067248F7CAC416E855D706B, EB00FEC005863284D25AC708CEF65D945A1599801A3FDE4B992C1AD4593E2036 ] dc3d C:\windows\system32\DRIVERS\dc3d.sys07:56:12.0597 0x16b4 dc3d - ok07:56:12.0657 0x16b4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\windows\system32\rpcss.dll07:56:12.0667 0x16b4 DcomLaunch - ok07:56:12.0707 0x16b4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\windows\System32\defragsvc.dll07:56:12.0727 0x16b4 defragsvc - ok07:56:12.0787 0x16b4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\windows\system32\Drivers\dfsc.sys07:56:12.0787 0x16b4 DfsC - ok07:56:12.0859 0x16b4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\windows\system32\dhcpcore.dll07:56:12.0859 0x16b4 Dhcp - ok07:56:12.0909 0x16b4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\windows\system32\drivers\discache.sys07:56:12.0909 0x16b4 discache - ok07:56:12.0939 0x16b4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\windows\system32\DRIVERS\disk.sys07:56:12.0939 0x16b4 Disk - ok07:56:13.0011 0x16b4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\windows\System32\dnsrslvr.dll07:56:13.0021 0x16b4 Dnscache - ok07:56:13.0071 0x16b4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\windows\System32\dot3svc.dll07:56:13.0081 0x16b4 dot3svc - ok07:56:13.0171 0x16b4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\windows\system32\dps.dll07:56:13.0171 0x16b4 DPS - ok07:56:13.0211 0x16b4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\windows\system32\drivers\drmkaud.sys07:56:13.0221 0x16b4 drmkaud - ok07:56:13.0351 0x16b4 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys07:56:13.0385 0x16b4 DXGKrnl - ok07:56:13.0473 0x16b4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\windows\System32\eapsvc.dll07:56:13.0473 0x16b4 EapHost - ok07:56:13.0640 0x16b4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\windows\system32\DRIVERS\evbda.sys07:56:13.0764 0x16b4 ebdrv - ok07:56:13.0807 0x16b4 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\windows\System32\lsass.exe07:56:13.0807 0x16b4 EFS - ok07:56:13.0897 0x16b4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\windows\ehome\ehRecvr.exe07:56:13.0917 0x16b4 ehRecvr - ok07:56:13.0937 0x16b4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\windows\ehome\ehsched.exe07:56:13.0949 0x16b4 ehSched - ok07:56:14.0000 0x16b4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys07:56:14.0010 0x16b4 elxstor - ok07:56:14.0030 0x16b4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\windows\system32\drivers\errdev.sys07:56:14.0030 0x16b4 ErrDev - ok07:56:14.0090 0x16b4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\windows\system32\es.dll07:56:14.0100 0x16b4 EventSystem - ok07:56:14.0120 0x16b4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\windows\system32\drivers\exfat.sys07:56:14.0130 0x16b4 exfat - ok07:56:14.0210 0x16b4 [ 7105EFC17A4B034E83CC4A0365A6D3C7, 4CAD68758AEB3A72B841C2D994282AE8C06C69DE92EFE87E06F84699025D5519 ] f5ipfw C:\windows\system32\drivers\urfltv64.sys07:56:14.0220 0x16b4 f5ipfw - ok07:56:14.0250 0x16b4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\windows\system32\drivers\fastfat.sys07:56:14.0250 0x16b4 fastfat - ok07:56:14.0314 0x16b4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\windows\system32\fxssvc.exe07:56:14.0333 0x16b4 Fax - ok07:56:14.0352 0x16b4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\windows\system32\DRIVERS\fdc.sys07:56:14.0352 0x16b4 fdc - ok07:56:14.0422 0x16b4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\windows\system32\fdPHost.dll07:56:14.0432 0x16b4 fdPHost - ok07:56:14.0442 0x16b4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\windows\system32\fdrespub.dll07:56:14.0442 0x16b4 FDResPub - ok07:56:14.0492 0x16b4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\windows\system32\drivers\fileinfo.sys07:56:14.0492 0x16b4 FileInfo - ok07:56:14.0532 0x16b4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\windows\system32\drivers\filetrace.sys07:56:14.0532 0x16b4 Filetrace - ok07:56:14.0562 0x16b4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys07:56:14.0562 0x16b4 flpydisk - ok07:56:14.0645 0x16b4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\windows\system32\drivers\fltmgr.sys07:56:14.0654 0x16b4 FltMgr - ok07:56:14.0684 0x16b4 [ 6CD6BB45BD3E0EEF6CE496BF52854FF1, 939630A1EEAB79DD5AA3D9272B9EDC0550BC06D40C9B398815FCFF4AC12A7F2C ] FlyUsb C:\windows\system32\DRIVERS\FlyUsb.sys07:56:14.0684 0x16b4 FlyUsb - ok07:56:14.0863 0x16b4 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\windows\system32\FntCache.dll07:56:14.0908 0x16b4 FontCache - ok07:56:14.0958 0x16b4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe07:56:14.0968 0x16b4 FontCache3.0.0.0 - ok07:56:15.0025 0x16b4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\windows\system32\drivers\FsDepends.sys07:56:15.0027 0x16b4 FsDepends - ok07:56:15.0060 0x16b4 [ B16B626996C74B564005BA855C5DEE90, B432C669EB610C262B18F3F8308EEE1B910DE7F7BC2A8EB5483419DC52A07AE1 ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys07:56:15.0060 0x16b4 fssfltr - ok07:56:15.0192 0x16b4 [ 812E1BA5C52A78F13EA6AA10DF708B1D, CF1C4D8E072CF0D66C977DFA4C852E5CE757843BEAF5D29454D26A9AC5766E61 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe07:56:15.0235 0x16b4 fsssvc - ok07:56:15.0264 0x16b4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys07:56:15.0264 0x16b4 Fs_Rec - ok07:56:15.0304 0x16b4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys07:56:15.0314 0x16b4 fvevol - ok07:56:15.0334 0x16b4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys07:56:15.0334 0x16b4 gagp30kx - ok07:56:15.0414 0x16b4 [ 1FDA0DF739234C4023851A282DD28704, 993187336366C53B125A989DD264506B000AA65789C1B6907DF85CFC64E894C7 ] GameConsoleService C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe07:56:15.0424 0x16b4 GameConsoleService - ok07:56:15.0474 0x16b4 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys07:56:15.0474 0x16b4 GEARAspiWDM - ok07:56:15.0554 0x16b4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\windows\System32\gpsvc.dll07:56:15.0574 0x16b4 gpsvc - ok07:56:15.0694 0x16b4 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe07:56:15.0704 0x16b4 gupdate - ok07:56:15.0724 0x16b4 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe07:56:15.0724 0x16b4 gupdatem - ok07:56:15.0764 0x16b4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys07:56:15.0764 0x16b4 hcw85cir - ok07:56:15.0844 0x16b4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys07:56:15.0854 0x16b4 HdAudAddService - ok07:56:15.0894 0x16b4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys07:56:15.0904 0x16b4 HDAudBus - ok07:56:15.0954 0x16b4 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\windows\system32\DRIVERS\HECIx64.sys07:56:15.0964 0x16b4 HECIx64 - ok07:56:15.0994 0x16b4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys07:56:15.0994 0x16b4 HidBatt - ok07:56:16.0024 0x16b4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys07:56:16.0024 0x16b4 HidBth - ok07:56:16.0044 0x16b4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\windows\system32\DRIVERS\hidir.sys07:56:16.0054 0x16b4 HidIr - ok07:56:16.0084 0x16b4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\windows\system32\hidserv.dll07:56:16.0084 0x16b4 hidserv - ok07:56:16.0144 0x16b4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys07:56:16.0144 0x16b4 HidUsb - ok07:56:16.0164 0x16b4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\windows\system32\kmsvc.dll07:56:16.0164 0x16b4 hkmsvc - ok07:56:16.0254 0x16b4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll07:56:16.0254 0x16b4 HomeGroupListener - ok07:56:16.0314 0x16b4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll07:56:16.0324 0x16b4 HomeGroupProvider - ok07:56:16.0354 0x16b4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys07:56:16.0354 0x16b4 HpSAMD - ok07:56:16.0424 0x16b4 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\windows\system32\drivers\HTTP.sys07:56:16.0444 0x16b4 HTTP - ok07:56:16.0464 0x16b4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys07:56:16.0464 0x16b4 hwpolicy - ok07:56:16.0524 0x16b4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\windows\system32\drivers\i8042prt.sys07:56:16.0524 0x16b4 i8042prt - ok07:56:16.0644 0x16b4 [ 5E60DD5F090AB4A563C7204C289C4650, 7728E3877C879EF90B2DE39B312F40AFF2DCA882BE50298C923CA0A250A93636 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys07:56:16.0654 0x16b4 iaStor - ok07:56:16.0706 0x16b4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\windows\system32\drivers\iaStorV.sys07:56:16.0716 0x16b4 iaStorV - ok07:56:16.0763 0x16b4 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe07:56:16.0766 0x16b4 IDriverT - ok07:56:16.0890 0x16b4 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe07:56:16.0922 0x16b4 idsvc - ok07:56:16.0942 0x16b4 IEEtwCollectorService - ok07:56:17.0615 0x16b4 [ 1BE8D9CA4F2363B8E8015621878E0043, 695B5F88A6F6943156D033DAA86188F50308AD71FCF26CF0AEDF7E23F774FB56 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys07:56:18.0019 0x16b4 igfx - ok07:56:18.0099 0x16b4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys07:56:18.0101 0x16b4 iirsp - ok07:56:18.0161 0x16b4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\windows\System32\ikeext.dll07:56:18.0181 0x16b4 IKEEXT - ok07:56:18.0233 0x16b4 [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:\windows\system32\DRIVERS\Impcd.sys07:56:18.0233 0x16b4 Impcd - ok07:56:18.0283 0x16b4 [ 03C74719D48056A1078F3A51CEB76BAA, 34BCC73EE4D65E1F282208C243C54BBD8458DB50FA893DE3306E1A1E73D05B1A ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys07:56:18.0293 0x16b4 IntcDAud - ok07:56:18.0343 0x16b4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\windows\system32\drivers\intelide.sys07:56:18.0343 0x16b4 intelide - ok07:56:18.0413 0x16b4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys07:56:18.0413 0x16b4 intelppm - ok07:56:18.0453 0x16b4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\windows\system32\ipbusenum.dll07:56:18.0453 0x16b4 IPBusEnum - ok07:56:18.0503 0x16b4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys07:56:18.0503 0x16b4 IpFilterDriver - ok07:56:18.0553 0x16b4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\windows\System32\iphlpsvc.dll07:56:18.0573 0x16b4 iphlpsvc - ok07:56:18.0604 0x16b4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys07:56:18.0607 0x16b4 IPMIDRV - ok07:56:18.0645 0x16b4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\windows\system32\drivers\ipnat.sys07:56:18.0645 0x16b4 IPNAT - ok07:56:18.0745 0x16b4 [ 33B286326BD2B1A7748C43391058FB19, C6240C9ED5B7C227595E953E3D1AB5F2D45CCD86FDBDF985836A970B4B6467FE ] iPod Service C:\Program Files\iPod\bin\iPodService.exe07:56:18.0765 0x16b4 iPod Service - ok07:56:18.0838 0x16b4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\windows\system32\drivers\irenum.sys07:56:18.0838 0x16b4 IRENUM - ok07:56:18.0888 0x16b4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\windows\system32\drivers\isapnp.sys07:56:18.0888 0x16b4 isapnp - ok07:56:18.0928 0x16b4 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys07:56:18.0938 0x16b4 iScsiPrt - ok07:56:18.0978 0x16b4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys07:56:18.0988 0x16b4 kbdclass - ok07:56:19.0028 0x16b4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys07:56:19.0028 0x16b4 kbdhid - ok07:56:19.0068 0x16b4 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\windows\system32\lsass.exe07:56:19.0068 0x16b4 KeyIso - ok07:56:19.0230 0x16b4 [ 140692763A50BFFF322CDC076300587E, 4B6D9AE479EDDB429C1DE36406517FA65C2B3927B20792B3A27CEE05A6B7A3AB ] Kodak AiO Network Discovery Service C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe07:56:19.0260 0x16b4 Kodak AiO Network Discovery Service - ok07:56:19.0450 0x16b4 [ E29F999616D7C08B0E91296908C47CAF, 285594B526A15911238B89E5FCBCFFA48A6C69CCC481918D2C474C6BB12869E6 ] Kodak AiO Status Monitor Service C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe07:56:19.0483 0x16b4 Kodak AiO Status Monitor Service - ok07:56:19.0540 0x16b4 [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\windows\system32\Drivers\ksecdd.sys07:56:19.0542 0x16b4 KSecDD - ok07:56:19.0562 0x16b4 [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys07:56:19.0572 0x16b4 KSecPkg - ok07:56:19.0632 0x16b4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\windows\system32\drivers\ksthunk.sys07:56:19.0634 0x16b4 ksthunk - ok07:56:19.0664 0x16b4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\windows\system32\msdtckrm.dll07:56:19.0714 0x16b4 KtmRm - ok07:56:19.0756 0x16b4 [ 55480B9C63F3F91A8EBBADCBF28FE581, 5B4BC3F0307B0697DD08DD8AAD4B9EAE99EDD3B33B85D9293D183684D5057293 ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys07:56:19.0762 0x16b4 L1C - ok07:56:19.0856 0x16b4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\windows\system32\srvsvc.dll07:56:19.0856 0x16b4 LanmanServer - ok07:56:19.0946 0x16b4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll07:56:19.0946 0x16b4 LanmanWorkstation - ok07:56:20.0598 0x16b4 [ 32F1B95C60042F3D95FC8AB43559B3B1, 52652B1CE93C6B9DC12E56B5D4C44F45042901D89D21974BFE1D7116BFADEE74 ] LeapFrog Connect Device Service C:\Users\My_Toshiba\Desktop\LeapFrog Connect\CommandService.exe07:56:20.0889 0x16b4 LeapFrog Connect Device Service - ok07:56:21.0012 0x16b4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\windows\system32\DRIVERS\lltdio.sys07:56:21.0012 0x16b4 lltdio - ok07:56:21.0052 0x16b4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\windows\System32\lltdsvc.dll07:56:21.0062 0x16b4 lltdsvc - ok07:56:21.0102 0x16b4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\windows\System32\lmhsvc.dll07:56:21.0102 0x16b4 lmhosts - ok07:56:21.0172 0x16b4 [ DBC1136A62BD4DECC3632DF650284C2E, 2D6344357D21A9062019C7DDF3DB440ABC724CDA925471BBFA8CCAC65E6A2C80 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe07:56:21.0182 0x16b4 LMS - ok07:56:21.0212 0x16b4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys07:56:21.0222 0x16b4 LSI_FC - ok07:56:21.0252 0x16b4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys07:56:21.0252 0x16b4 LSI_SAS - ok07:56:21.0272 0x16b4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys07:56:21.0272 0x16b4 LSI_SAS2 - ok07:56:21.0292 0x16b4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys07:56:21.0292 0x16b4 LSI_SCSI - ok07:56:21.0312 0x16b4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\windows\system32\drivers\luafv.sys07:56:21.0322 0x16b4 luafv - ok07:56:21.0372 0x16b4 [ C63BF488680F88B6A1D83302AA0ACD0E, B9DFE993C0FC605304D7DE91B5F90D9397AD8C2E6E1FCA3EF99614A8A535356B ] mbamchameleon C:\windows\system32\drivers\mbamchameleon.sys07:56:21.0372 0x16b4 mbamchameleon - ok07:56:21.0422 0x16b4 [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector C:\windows\system32\drivers\mbam.sys07:56:21.0422 0x16b4 MBAMProtector - ok07:56:21.0472 0x16b4 [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe07:56:21.0492 0x16b4 MBAMScheduler - ok07:56:21.0544 0x16b4 [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe07:56:21.0574 0x16b4 MBAMService - ok07:56:21.0634 0x16b4 [ 34398CB1F8A152F5E9EE4394BC8ED75F, 0ABBF19067008758ED9E5A090894B6B2CAD2D7E6271680BE5BE91162771FD9C0 ] MBAMSwissArmy C:\windows\system32\drivers\MBAMSwissArmy.sys07:56:21.0634 0x16b4 MBAMSwissArmy - ok07:56:21.0671 0x16b4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll07:56:21.0677 0x16b4 Mcx2Svc - ok07:56:21.0726 0x16b4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\windows\system32\DRIVERS\megasas.sys07:56:21.0726 0x16b4 megasas - ok07:56:21.0766 0x16b4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys07:56:21.0776 0x16b4 MegaSR - ok07:56:21.0966 0x16b4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\windows\system32\mmcss.dll07:56:21.0976 0x16b4 MMCSS - ok07:56:22.0006 0x16b4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\windows\system32\drivers\modem.sys07:56:22.0006 0x16b4 Modem - ok07:56:22.0036 0x16b4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\windows\system32\DRIVERS\monitor.sys07:56:22.0036 0x16b4 monitor - ok07:56:22.0116 0x16b4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys07:56:22.0116 0x16b4 mouclass - ok07:56:22.0156 0x16b4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys07:56:22.0156 0x16b4 mouhid - ok07:56:22.0448 0x16b4 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\windows\system32\drivers\mountmgr.sys07:56:22.0458 0x16b4 mountmgr - ok07:56:22.0610 0x16b4 [ 5E0686615A80A6279B2314E13CD23F6E, 659931AB2DD395FAA2E5036D02BC6AAE8A7E4C9FF1A902B1FF9C15E878C89E77 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe07:56:22.0610 0x16b4 MozillaMaintenance - ok07:56:22.0720 0x16b4 [ C6B88D62F20AC646C6BD5C032EC2FAF9, 111A07939F3C5A46F0C51B9D6F5C1D8478099E32EFD88BC260467109ADD975F8 ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys07:56:22.0730 0x16b4 MpFilter - ok07:56:22.0760 0x16b4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\windows\system32\drivers\mpio.sys07:56:22.0770 0x16b4 mpio - ok07:56:22.0852 0x16b4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys07:56:22.0852 0x16b4 mpsdrv - ok07:56:22.0952 0x16b4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\windows\system32\mpssvc.dll07:56:22.0972 0x16b4 MpsSvc - ok07:56:23.0012 0x16b4 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\windows\system32\drivers\mrxdav.sys07:56:23.0022 0x16b4 MRxDAV - ok07:56:23.0072 0x16b4 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys07:56:23.0082 0x16b4 mrxsmb - ok07:56:23.0122 0x16b4 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys07:56:23.0132 0x16b4 mrxsmb10 - ok07:56:23.0169 0x16b4 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys07:56:23.0174 0x16b4 mrxsmb20 - ok07:56:23.0234 0x16b4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\windows\system32\drivers\msahci.sys07:56:23.0244 0x16b4 msahci - ok07:56:23.0284 0x16b4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\windows\system32\drivers\msdsm.sys07:56:23.0284 0x16b4 msdsm - ok07:56:23.0324 0x16b4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\windows\System32\msdtc.exe07:56:23.0334 0x16b4 MSDTC - ok07:56:23.0396 0x16b4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\windows\system32\drivers\Msfs.sys07:56:23.0396 0x16b4 Msfs - ok07:56:23.0416 0x16b4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys07:56:23.0416 0x16b4 mshidkmdf - ok07:56:23.0486 0x16b4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\windows\system32\drivers\msisadrv.sys07:56:23.0486 0x16b4 msisadrv - ok07:56:23.0516 0x16b4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\windows\system32\iscsiexe.dll07:56:23.0526 0x16b4 MSiSCSI - ok07:56:23.0526 0x16b4 msiserver - ok07:56:23.0567 0x16b4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys07:56:23.0568 0x16b4 MSKSSRV - ok07:56:23.0628 0x16b4 [ 7675E15D1B2180745E4DA4D26AAD7385, 729AA6C610F67028CFFFF64B772FFA1CAE7581D37F8909BDA423D52AF85C92C8 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe07:56:23.0638 0x16b4 MsMpSvc - ok07:56:23.0678 0x16b4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys07:56:23.0678 0x16b4 MSPCLOCK - ok07:56:23.0748 0x16b4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\windows\system32\drivers\MSPQM.sys07:56:23.0748 0x16b4 MSPQM - ok07:56:23.0848 0x16b4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\windows\system32\drivers\MsRPC.sys07:56:23.0858 0x16b4 MsRPC - ok07:56:23.0893 0x16b4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\windows\system32\drivers\mssmbios.sys07:56:23.0894 0x16b4 mssmbios - ok07:56:23.0940 0x16b4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\windows\system32\drivers\MSTEE.sys07:56:23.0940 0x16b4 MSTEE - ok07:56:23.0970 0x16b4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys07:56:23.0970 0x16b4 MTConfig - ok07:56:24.0000 0x16b4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\windows\system32\Drivers\mup.sys07:56:24.0000 0x16b4 Mup - ok07:56:24.0080 0x16b4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\windows\system32\qagentRT.dll07:56:24.0090 0x16b4 napagent - ok07:56:24.0170 0x16b4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys07:56:24.0170 0x16b4 NativeWifiP - ok07:56:24.0270 0x16b4 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\windows\system32\drivers\ndis.sys07:56:24.0300 0x16b4 NDIS - ok Link to post Share on other sites More sharing options...
dan_melissa Posted December 10, 2013 Author ID:762645 Share Posted December 10, 2013 Output (2 of 2)07:56:24.0372 0x16b4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys07:56:24.0372 0x16b4 NdisCap - ok07:56:24.0392 0x16b4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys07:56:24.0392 0x16b4 NdisTapi - ok07:56:24.0462 0x16b4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys07:56:24.0472 0x16b4 Ndisuio - ok07:56:24.0542 0x16b4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys07:56:24.0542 0x16b4 NdisWan - ok07:56:24.0572 0x16b4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\windows\system32\drivers\NDProxy.sys07:56:24.0572 0x16b4 NDProxy - ok07:56:24.0612 0x16b4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys07:56:24.0612 0x16b4 NetBIOS - ok07:56:24.0692 0x16b4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\windows\system32\DRIVERS\netbt.sys07:56:24.0692 0x16b4 NetBT - ok07:56:24.0722 0x16b4 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\windows\system32\lsass.exe07:56:24.0732 0x16b4 Netlogon - ok07:56:24.0784 0x16b4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\windows\System32\netman.dll07:56:24.0794 0x16b4 Netman - ok07:56:24.0856 0x16b4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\windows\System32\netprofm.dll07:56:24.0866 0x16b4 netprofm - ok07:56:24.0909 0x16b4 [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe07:56:24.0912 0x16b4 NetTcpPortSharing - ok07:56:24.0958 0x16b4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys07:56:24.0958 0x16b4 nfrd960 - ok07:56:25.0048 0x16b4 [ ACE8C64C57E4A711473C8BC10ADF692B, 53D8083CE78DB5527080B4570AC28ABAA262667744A319707AE0C46E46B297F9 ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys07:56:25.0060 0x16b4 NisDrv - ok07:56:25.0090 0x16b4 [ 6247E8B31ED0A9D6BC5A26276E49BEB3, 230C0C560492C454B9EB14B50EB4A78DC74FAB6B662449A0EA3114B3E671BFF3 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe07:56:25.0100 0x16b4 NisSrv - ok07:56:25.0140 0x16b4 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\windows\System32\nlasvc.dll07:56:25.0150 0x16b4 NlaSvc - ok07:56:25.0170 0x16b4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\windows\system32\drivers\Npfs.sys07:56:25.0170 0x16b4 Npfs - ok07:56:25.0200 0x16b4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\windows\system32\nsisvc.dll07:56:25.0200 0x16b4 nsi - ok07:56:25.0230 0x16b4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys07:56:25.0230 0x16b4 nsiproxy - ok07:56:25.0320 0x16b4 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\windows\system32\drivers\Ntfs.sys07:56:25.0378 0x16b4 Ntfs - ok07:56:25.0472 0x16b4 [ D4012918D3A3847B44B888D56BC095D6, BE78F54CA01E8C37FD9129AA2869CCFE84BA8F5ED015486019305C7F40AE3B1B ] NuidFltr C:\windows\system32\DRIVERS\NuidFltr.sys07:56:25.0472 0x16b4 NuidFltr - ok07:56:25.0542 0x16b4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\windows\system32\drivers\Null.sys07:56:25.0542 0x16b4 Null - ok07:56:25.0592 0x16b4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\windows\system32\drivers\nvraid.sys07:56:25.0592 0x16b4 nvraid - ok07:56:25.0622 0x16b4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\windows\system32\drivers\nvstor.sys07:56:25.0622 0x16b4 nvstor - ok07:56:25.0668 0x16b4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\windows\system32\drivers\nv_agp.sys07:56:25.0672 0x16b4 nv_agp - ok07:56:25.0701 0x16b4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys07:56:25.0704 0x16b4 ohci1394 - ok07:56:25.0744 0x16b4 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE07:56:25.0744 0x16b4 ose - ok07:56:26.0101 0x16b4 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE07:56:26.0308 0x16b4 osppsvc - ok07:56:26.0650 0x16b4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\windows\system32\pnrpsvc.dll07:56:26.0660 0x16b4 p2pimsvc - ok07:56:26.0701 0x16b4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\windows\system32\p2psvc.dll07:56:26.0716 0x16b4 p2psvc - ok07:56:26.0771 0x16b4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\windows\system32\DRIVERS\parport.sys07:56:26.0772 0x16b4 Parport - ok07:56:26.0802 0x16b4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\windows\system32\drivers\partmgr.sys07:56:26.0802 0x16b4 partmgr - ok07:56:27.0174 0x16b4 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\windows\System32\pcasvc.dll07:56:27.0184 0x16b4 PcaSvc - ok07:56:27.0246 0x16b4 [ 2F86BE1818C2D7AC90478E3323EE7FCB, CE721FCFFDC9D24483DEB6BB77DAFEBE79BA143CA2EE68BF28E2A9297AADB2D4 ] PCCUJobMgr C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\ccSvcHst.exe07:56:27.0256 0x16b4 PCCUJobMgr - ok07:56:27.0326 0x16b4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\windows\system32\drivers\pci.sys07:56:27.0326 0x16b4 pci - ok07:56:27.0406 0x16b4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\windows\system32\drivers\pciide.sys07:56:27.0406 0x16b4 pciide - ok07:56:27.0466 0x16b4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys07:56:27.0466 0x16b4 pcmcia - ok07:56:27.0506 0x16b4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\windows\system32\drivers\pcw.sys07:56:27.0506 0x16b4 pcw - ok07:56:27.0568 0x16b4 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\windows\system32\drivers\peauth.sys07:56:27.0588 0x16b4 PEAUTH - ok07:56:27.0680 0x16b4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\windows\SysWow64\perfhost.exe07:56:27.0680 0x16b4 PerfHost - ok07:56:27.0762 0x16b4 [ 663962900E7FEA522126BA287715BB4A, 95CE12CA11E705C293BE4E18845581037D819A7EC812349BCAF4EABC8E7087B1 ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys07:56:27.0762 0x16b4 PGEffect - ok07:56:27.0833 0x16b4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\windows\system32\pla.dll07:56:27.0883 0x16b4 pla - ok07:56:27.0942 0x16b4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\windows\system32\umpnpmgr.dll07:56:27.0954 0x16b4 PlugPlay - ok07:56:28.0264 0x16b4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll07:56:28.0264 0x16b4 PNRPAutoReg - ok07:56:28.0294 0x16b4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\windows\system32\pnrpsvc.dll07:56:28.0304 0x16b4 PNRPsvc - ok07:56:28.0386 0x16b4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\windows\System32\ipsecsvc.dll07:56:28.0406 0x16b4 PolicyAgent - ok07:56:28.0728 0x16b4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\windows\system32\umpo.dll07:56:28.0738 0x16b4 Power - ok07:56:28.0910 0x16b4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys07:56:28.0920 0x16b4 PptpMiniport - ok07:56:29.0001 0x16b4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\windows\system32\DRIVERS\processr.sys07:56:29.0003 0x16b4 Processor - ok07:56:29.0073 0x16b4 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\windows\system32\profsvc.dll07:56:29.0083 0x16b4 ProfSvc - ok07:56:29.0103 0x16b4 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\windows\system32\lsass.exe07:56:29.0103 0x16b4 ProtectedStorage - ok07:56:29.0457 0x16b4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\windows\system32\DRIVERS\pacer.sys07:56:29.0457 0x16b4 Psched - ok07:56:29.0497 0x16b4 [ C8FCB4899F8B70CC34E0D9876A80963C, E4CFC69C3EE1BC5C0FFF96CE034EAD8DD9727DA165A790CB57979AA0A6CEE350 ] QIOMem C:\windows\system32\DRIVERS\QIOMem.sys07:56:29.0497 0x16b4 QIOMem - ok07:56:29.0637 0x16b4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys07:56:29.0677 0x16b4 ql2300 - ok07:56:29.0697 0x16b4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys07:56:29.0707 0x16b4 ql40xx - ok07:56:29.0747 0x16b4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\windows\system32\qwave.dll07:56:29.0767 0x16b4 QWAVE - ok07:56:29.0787 0x16b4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys07:56:29.0787 0x16b4 QWAVEdrv - ok07:56:29.0846 0x16b4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys07:56:29.0847 0x16b4 RasAcd - ok07:56:29.0879 0x16b4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys07:56:29.0889 0x16b4 RasAgileVpn - ok07:56:29.0909 0x16b4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\windows\System32\rasauto.dll07:56:29.0919 0x16b4 RasAuto - ok07:56:29.0971 0x16b4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys07:56:29.0981 0x16b4 Rasl2tp - ok07:56:30.0031 0x16b4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\windows\System32\rasmans.dll07:56:30.0033 0x16b4 RasMan - ok07:56:30.0105 0x16b4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys07:56:30.0109 0x16b4 RasPppoe - ok07:56:30.0135 0x16b4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys07:56:30.0145 0x16b4 RasSstp - ok07:56:30.0185 0x16b4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\windows\system32\DRIVERS\rdbss.sys07:56:30.0195 0x16b4 rdbss - ok07:56:30.0215 0x16b4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys07:56:30.0215 0x16b4 rdpbus - ok07:56:30.0225 0x16b4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys07:56:30.0225 0x16b4 RDPCDD - ok07:56:30.0265 0x16b4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys07:56:30.0265 0x16b4 RDPENCDD - ok07:56:30.0295 0x16b4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys07:56:30.0295 0x16b4 RDPREFMP - ok07:56:30.0315 0x16b4 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\windows\system32\drivers\RDPWD.sys07:56:30.0325 0x16b4 RDPWD - ok07:56:30.0395 0x16b4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\windows\system32\drivers\rdyboost.sys07:56:30.0405 0x16b4 rdyboost - ok07:56:30.0467 0x16b4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\windows\System32\mprdim.dll07:56:30.0477 0x16b4 RemoteAccess - ok07:56:30.0507 0x16b4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\windows\system32\regsvc.dll07:56:30.0507 0x16b4 RemoteRegistry - ok07:56:30.0537 0x16b4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll07:56:30.0537 0x16b4 RpcEptMapper - ok07:56:30.0567 0x16b4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\windows\system32\locator.exe07:56:30.0577 0x16b4 RpcLocator - ok07:56:30.0637 0x16b4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\windows\system32\rpcss.dll07:56:30.0657 0x16b4 RpcSs - ok07:56:30.0700 0x16b4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\windows\system32\DRIVERS\rspndr.sys07:56:30.0703 0x16b4 rspndr - ok07:56:30.0769 0x16b4 [ 3CEEE53BBF8BA284FF44585CEC0162FE, 5725A47BE8B7A9116983895FCB82CB2808B7B9C57BC285F3DFD7352E72DBC1FE ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys07:56:30.0769 0x16b4 RSUSBSTOR - ok07:56:30.0829 0x16b4 [ B89C0601A05E1140AC96FA965D94C340, 3EE4CA9F0E90934D6D31358CA6F78A0820A9419C0CDC950631A48F12B7CA53DA ] rtl8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys07:56:30.0849 0x16b4 rtl8192Ce - ok07:56:30.0886 0x16b4 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\windows\system32\lsass.exe07:56:30.0888 0x16b4 SamSs - ok07:56:30.0930 0x16b4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\windows\system32\drivers\sbp2port.sys07:56:30.0931 0x16b4 sbp2port - ok07:56:30.0971 0x16b4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\windows\System32\SCardSvr.dll07:56:30.0981 0x16b4 SCardSvr - ok07:56:31.0001 0x16b4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys07:56:31.0001 0x16b4 scfilter - ok07:56:31.0094 0x16b4 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\windows\system32\schedsvc.dll07:56:31.0134 0x16b4 Schedule - ok07:56:31.0166 0x16b4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\windows\System32\certprop.dll07:56:31.0168 0x16b4 SCPolicySvc - ok07:56:31.0203 0x16b4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\windows\System32\SDRSVC.dll07:56:31.0206 0x16b4 SDRSVC - ok07:56:31.0502 0x16b4 [ 98EF79CC2B07398AC525F9EA1AE0366F, D0D5D69696ED339F363024AF3271867F4C55572C67FD0F2AA27D24B37982E39A ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe07:56:31.0820 0x16b4 SDScannerService - ok07:56:31.0910 0x16b4 [ 14BF6B3AB327D519ED007CDDC56F6900, 4E5DC4AF45347C885E0E87F205EE1F95BB4713A0B581CD7317FBEEE2A9628982 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe07:56:31.0940 0x16b4 SDUpdateService - ok07:56:31.0960 0x16b4 [ 820EBE67AB99F033FDE25B2692157991, A9E86FE6EFD3CFD4EA1A26121C706335A6791CC6F81EE98AE2BE7EA566ECFEBB ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe07:56:31.0970 0x16b4 SDWSCService - ok07:56:32.0020 0x16b4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys07:56:32.0020 0x16b4 secdrv - ok07:56:32.0050 0x16b4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\windows\system32\seclogon.dll07:56:32.0060 0x16b4 seclogon - ok07:56:32.0090 0x16b4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\windows\System32\sens.dll07:56:32.0100 0x16b4 SENS - ok07:56:32.0130 0x16b4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\windows\system32\sensrsvc.dll07:56:32.0140 0x16b4 SensrSvc - ok07:56:32.0170 0x16b4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\windows\system32\DRIVERS\serenum.sys07:56:32.0170 0x16b4 Serenum - ok07:56:32.0180 0x16b4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\windows\system32\DRIVERS\serial.sys07:56:32.0180 0x16b4 Serial - ok07:56:32.0190 0x16b4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\windows\system32\DRIVERS\sermouse.sys07:56:32.0200 0x16b4 sermouse - ok07:56:32.0232 0x16b4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\windows\system32\sessenv.dll07:56:32.0242 0x16b4 SessionEnv - ok07:56:32.0272 0x16b4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\windows\system32\drivers\sffdisk.sys07:56:32.0272 0x16b4 sffdisk - ok07:56:32.0292 0x16b4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys07:56:32.0292 0x16b4 sffp_mmc - ok07:56:32.0312 0x16b4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys07:56:32.0312 0x16b4 sffp_sd - ok07:56:32.0352 0x16b4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys07:56:32.0352 0x16b4 sfloppy - ok07:56:32.0422 0x16b4 [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys07:56:32.0442 0x16b4 Sftfs - ok07:56:32.0512 0x16b4 [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe07:56:32.0532 0x16b4 sftlist - ok07:56:32.0563 0x16b4 [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys07:56:32.0570 0x16b4 Sftplay - ok07:56:32.0590 0x16b4 [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys07:56:32.0592 0x16b4 Sftredir - ok07:56:32.0624 0x16b4 [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys07:56:32.0624 0x16b4 Sftvol - ok07:56:32.0664 0x16b4 [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe07:56:32.0674 0x16b4 sftvsa - ok07:56:32.0744 0x16b4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\windows\System32\ipnathlp.dll07:56:32.0754 0x16b4 SharedAccess - ok07:56:32.0804 0x16b4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll07:56:32.0814 0x16b4 ShellHWDetection - ok07:56:32.0848 0x16b4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys07:56:32.0850 0x16b4 SiSRaid2 - ok07:56:32.0866 0x16b4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys07:56:32.0876 0x16b4 SiSRaid4 - ok07:56:32.0996 0x16b4 [ F2B755D3835089590E8113F48AA931F7, 59F4D43CBE4252EEE86F9CFD92361484CCE2F61A292F094C7A6ECDF411D7D2C4 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe07:56:33.0006 0x16b4 SkypeUpdate - ok07:56:33.0054 0x16b4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\windows\system32\DRIVERS\smb.sys07:56:33.0058 0x16b4 Smb - ok07:56:33.0098 0x16b4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\windows\System32\snmptrap.exe07:56:33.0108 0x16b4 SNMPTRAP - ok07:56:33.0218 0x16b4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\windows\system32\drivers\spldr.sys07:56:33.0218 0x16b4 spldr - ok07:56:33.0298 0x16b4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\windows\System32\spoolsv.exe07:56:33.0318 0x16b4 Spooler - ok07:56:33.0493 0x16b4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\windows\system32\sppsvc.exe07:56:33.0631 0x16b4 sppsvc - ok07:56:33.0664 0x16b4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\windows\system32\sppuinotify.dll07:56:33.0665 0x16b4 sppuinotify - ok07:56:33.0705 0x16b4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\windows\system32\DRIVERS\srv.sys07:56:33.0723 0x16b4 srv - ok07:56:33.0747 0x16b4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\windows\system32\DRIVERS\srv2.sys07:56:33.0757 0x16b4 srv2 - ok07:56:33.0807 0x16b4 [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA C:\windows\system32\DRIVERS\VSTAZL6.SYS07:56:33.0817 0x16b4 SrvHsfHDA - ok07:56:33.0889 0x16b4 [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92 C:\windows\system32\DRIVERS\VSTDPV6.SYS07:56:33.0940 0x16b4 SrvHsfV92 - ok07:56:34.0031 0x16b4 [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac C:\windows\system32\DRIVERS\VSTCNXT6.SYS07:56:34.0081 0x16b4 SrvHsfWinac - ok07:56:34.0113 0x16b4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys07:56:34.0123 0x16b4 srvnet - ok07:56:34.0164 0x16b4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\windows\System32\ssdpsrv.dll07:56:34.0173 0x16b4 SSDPSRV - ok07:56:34.0185 0x16b4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\windows\system32\sstpsvc.dll07:56:34.0195 0x16b4 SstpSvc - ok07:56:34.0235 0x16b4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\windows\system32\DRIVERS\stexstor.sys07:56:34.0235 0x16b4 stexstor - ok07:56:34.0274 0x16b4 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\windows\system32\DRIVERS\serscan.sys07:56:34.0283 0x16b4 StillCam - ok07:56:34.0337 0x16b4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\windows\System32\wiaservc.dll07:56:34.0367 0x16b4 stisvc - ok07:56:34.0399 0x16b4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\windows\system32\drivers\swenum.sys07:56:34.0399 0x16b4 swenum - ok07:56:34.0449 0x16b4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\windows\System32\swprv.dll07:56:34.0459 0x16b4 swprv - ok07:56:34.0509 0x16b4 [ 470C47DABA9CA3966F0AB3F835D7D135, BF98E48B05F37F8ABE264BF77355391A08955057E24AE456A5637D56BDFD40A5 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys07:56:34.0519 0x16b4 SynTP - ok07:56:34.0617 0x16b4 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\windows\system32\sysmain.dll07:56:34.0661 0x16b4 SysMain - ok07:56:34.0731 0x16b4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll07:56:34.0731 0x16b4 TabletInputService - ok07:56:34.0761 0x16b4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\windows\System32\tapisrv.dll07:56:34.0771 0x16b4 TapiSrv - ok07:56:34.0791 0x16b4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\windows\System32\tbssvc.dll07:56:34.0791 0x16b4 TBS - ok07:56:34.0922 0x16b4 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\windows\system32\drivers\tcpip.sys07:56:34.0972 0x16b4 Tcpip - ok07:56:35.0083 0x16b4 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys07:56:35.0130 0x16b4 TCPIP6 - ok07:56:35.0168 0x16b4 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys07:56:35.0170 0x16b4 tcpipreg - ok07:56:35.0205 0x16b4 [ FD542B661BD22FA69CA789AD0AC58C29, 75FFAF1834B1E22DF37608ED451F161052FF1FE3C681B4E20A68DCA92CC7FD8C ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys07:56:35.0205 0x16b4 tdcmdpst - ok07:56:35.0235 0x16b4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\windows\system32\drivers\tdpipe.sys07:56:35.0235 0x16b4 TDPIPE - ok07:56:35.0255 0x16b4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys07:56:35.0255 0x16b4 TDTCP - ok07:56:35.0297 0x16b4 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\windows\system32\DRIVERS\tdx.sys07:56:35.0307 0x16b4 tdx - ok07:56:35.0357 0x16b4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\windows\system32\drivers\termdd.sys07:56:35.0367 0x16b4 TermDD - ok07:56:35.0407 0x16b4 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\windows\System32\termsrv.dll07:56:35.0427 0x16b4 TermService - ok07:56:35.0467 0x16b4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\windows\system32\themeservice.dll07:56:35.0469 0x16b4 Themes - ok07:56:35.0499 0x16b4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\windows\system32\mmcss.dll07:56:35.0509 0x16b4 THREADORDER - ok07:56:35.0609 0x16b4 [ 28644B0523D64EFF2FC7312A2EE74B0A, 09A36DE0B2B90842BD5B8353CC34B7C71C0FBBF6DD5862720FCEE760849C4561 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe07:56:35.0609 0x16b4 TMachInfo - ok07:56:35.0649 0x16b4 [ ED32035BDFECED1AD66D459FD9CC1140, B82A15FAB4CBB5A633B9BF722441D5B20D946B63DD10BBE2A89D3A8BA3BE3339 ] TODDSrv C:\Windows\system32\TODDSrv.exe07:56:35.0659 0x16b4 TODDSrv - ok07:56:35.0749 0x16b4 [ DB9719688C08F42705FEB3F6A0C98B91, D8E837F2F5C3838312001CCDD37448ABAE3DD6452CE6DC26241678E0F3A584CE ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe07:56:35.0769 0x16b4 TosCoSrv - ok07:56:35.0829 0x16b4 [ BAE96AD126F4EED4D361B092BA2E61FE, DA52698953D1B97F79F55D939707F334DB914DF1038869009B8CB4FCADF62CF9 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe07:56:35.0889 0x16b4 TOSHIBA eco Utility Service - ok07:56:35.0951 0x16b4 [ 74C2FA8C3765EE71A9C22182EC108457, A7073FAB6CE6FB9824544A9CDCCA441D08FD87D68EB564DCB1186FC257776221 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe07:56:35.0951 0x16b4 TOSHIBA HDD SSD Alert Service - ok07:56:36.0063 0x16b4 [ 97687D094AA597DA366E1194B218CC6C, 8A617E1901235518FDB7504FCDCE641D9F7C5D256A11D5FEFD35E7696972E2B8 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe07:56:36.0100 0x16b4 TPCHSrv - ok07:56:36.0146 0x16b4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\windows\System32\trkwks.dll07:56:36.0152 0x16b4 TrkWks - ok07:56:36.0225 0x16b4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe07:56:36.0235 0x16b4 TrustedInstaller - ok07:56:36.0265 0x16b4 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys07:56:36.0265 0x16b4 tssecsrv - ok07:56:36.0307 0x16b4 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys07:56:36.0307 0x16b4 TsUsbFlt - ok07:56:36.0359 0x16b4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys07:56:36.0359 0x16b4 tunnel - ok07:56:36.0389 0x16b4 [ 550B567F9364D8F7684C3FB3EA665A72, A214BBBBAB9F0DD525FA5A818CEB8E9294B4A96676317255D7ACF6049049C933 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS07:56:36.0389 0x16b4 TVALZ - ok07:56:36.0429 0x16b4 [ 9C7191F4B2E49BFF47A6C1144B5923FA, DF4E663499946F4E68B7528CA399574D1EB69797FF81F681943B84F3E5E6A40E ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys07:56:36.0429 0x16b4 TVALZFL - ok07:56:36.0480 0x16b4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys07:56:36.0483 0x16b4 uagp35 - ok07:56:36.0511 0x16b4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\windows\system32\DRIVERS\udfs.sys07:56:36.0521 0x16b4 udfs - ok07:56:36.0567 0x16b4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\windows\system32\UI0Detect.exe07:56:36.0591 0x16b4 UI0Detect - ok07:56:36.0710 0x16b4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys07:56:36.0713 0x16b4 uliagpkx - ok07:56:36.0755 0x16b4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\windows\system32\drivers\umbus.sys07:56:36.0755 0x16b4 umbus - ok07:56:36.0795 0x16b4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\windows\system32\DRIVERS\umpass.sys07:56:36.0795 0x16b4 UmPass - ok07:56:36.0955 0x16b4 [ 7466809E6DA561D60C2F1CE8EDE3C73F, A3185049282A51B17C3DA839AF7E90F1CD395B2FB5587514EB2D65CB22854E2C ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe07:56:37.0015 0x16b4 UNS - ok07:56:37.0055 0x16b4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\windows\System32\upnphost.dll07:56:37.0065 0x16b4 upnphost - ok07:56:37.0105 0x16b4 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys07:56:37.0105 0x16b4 USBAAPL64 - ok07:56:37.0135 0x16b4 [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys07:56:37.0145 0x16b4 usbccgp - ok07:56:37.0185 0x16b4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\windows\system32\drivers\usbcir.sys07:56:37.0185 0x16b4 usbcir - ok07:56:37.0195 0x16b4 [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci C:\windows\system32\drivers\usbehci.sys07:56:37.0205 0x16b4 usbehci - ok07:56:37.0235 0x16b4 [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub C:\windows\system32\DRIVERS\usbhub.sys07:56:37.0245 0x16b4 usbhub - ok07:56:37.0275 0x16b4 [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci C:\windows\system32\drivers\usbohci.sys07:56:37.0275 0x16b4 usbohci - ok07:56:37.0305 0x16b4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\windows\system32\DRIVERS\usbprint.sys07:56:37.0305 0x16b4 usbprint - ok07:56:37.0325 0x16b4 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS07:56:37.0325 0x16b4 USBSTOR - ok07:56:37.0345 0x16b4 [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci C:\windows\system32\drivers\usbuhci.sys07:56:37.0355 0x16b4 usbuhci - ok07:56:37.0397 0x16b4 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys07:56:37.0397 0x16b4 usbvideo - ok07:56:37.0417 0x16b4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\windows\System32\uxsms.dll07:56:37.0417 0x16b4 UxSms - ok07:56:37.0437 0x16b4 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\windows\system32\lsass.exe07:56:37.0437 0x16b4 VaultSvc - ok07:56:37.0477 0x16b4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys07:56:37.0487 0x16b4 vdrvroot - ok07:56:37.0537 0x16b4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\windows\System32\vds.exe07:56:37.0557 0x16b4 vds - ok07:56:37.0589 0x16b4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\windows\system32\DRIVERS\vgapnp.sys07:56:37.0589 0x16b4 vga - ok07:56:37.0609 0x16b4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\windows\System32\drivers\vga.sys07:56:37.0609 0x16b4 VgaSave - ok07:56:37.0649 0x16b4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\windows\system32\drivers\vhdmp.sys07:56:37.0659 0x16b4 vhdmp - ok07:56:37.0689 0x16b4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\windows\system32\drivers\viaide.sys07:56:37.0689 0x16b4 viaide - ok07:56:37.0719 0x16b4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\windows\system32\drivers\volmgr.sys07:56:37.0719 0x16b4 volmgr - ok07:56:37.0759 0x16b4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\windows\system32\drivers\volmgrx.sys07:56:37.0769 0x16b4 volmgrx - ok07:56:37.0809 0x16b4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\windows\system32\drivers\volsnap.sys07:56:37.0819 0x16b4 volsnap - ok07:56:37.0859 0x16b4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys07:56:37.0859 0x16b4 vsmraid - ok07:56:37.0989 0x16b4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\windows\system32\vssvc.exe07:56:38.0058 0x16b4 VSS - ok07:56:38.0095 0x16b4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys07:56:38.0097 0x16b4 vwifibus - ok07:56:38.0121 0x16b4 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys07:56:38.0124 0x16b4 vwififlt - ok07:56:38.0166 0x16b4 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys07:56:38.0167 0x16b4 vwifimp - ok07:56:38.0201 0x16b4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\windows\system32\w32time.dll07:56:38.0211 0x16b4 W32Time - ok07:56:38.0231 0x16b4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys07:56:38.0231 0x16b4 WacomPen - ok07:56:38.0291 0x16b4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys07:56:38.0291 0x16b4 WANARP - ok07:56:38.0301 0x16b4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys07:56:38.0301 0x16b4 Wanarpv6 - ok07:56:38.0401 0x16b4 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe07:56:38.0439 0x16b4 WatAdminSvc - ok07:56:38.0523 0x16b4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\windows\system32\wbengine.exe07:56:38.0575 0x16b4 wbengine - ok07:56:38.0625 0x16b4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\windows\System32\wbiosrvc.dll07:56:38.0625 0x16b4 WbioSrvc - ok07:56:38.0695 0x16b4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\windows\System32\wcncsvc.dll07:56:38.0705 0x16b4 wcncsvc - ok07:56:38.0747 0x16b4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll07:56:38.0750 0x16b4 WcsPlugInService - ok07:56:38.0807 0x16b4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\windows\system32\DRIVERS\wd.sys07:56:38.0807 0x16b4 Wd - ok07:56:38.0887 0x16b4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys07:56:38.0917 0x16b4 Wdf01000 - ok07:56:38.0999 0x16b4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\windows\system32\wdi.dll07:56:38.0999 0x16b4 WdiServiceHost - ok07:56:39.0009 0x16b4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\windows\system32\wdi.dll07:56:39.0009 0x16b4 WdiSystemHost - ok07:56:39.0111 0x16b4 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\windows\System32\webclnt.dll07:56:39.0121 0x16b4 WebClient - ok07:56:39.0194 0x16b4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\windows\system32\wecsvc.dll07:56:39.0202 0x16b4 Wecsvc - ok07:56:39.0225 0x16b4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\windows\System32\wercplsupport.dll07:56:39.0229 0x16b4 wercplsupport - ok07:56:39.0278 0x16b4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\windows\System32\WerSvc.dll07:56:39.0282 0x16b4 WerSvc - ok07:56:39.0311 0x16b4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys07:56:39.0312 0x16b4 WfpLwf - ok07:56:39.0373 0x16b4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\windows\system32\drivers\wimmount.sys07:56:39.0373 0x16b4 WIMMount - ok07:56:39.0403 0x16b4 WinDefend - ok07:56:39.0413 0x16b4 WinHttpAutoProxySvc - ok07:56:39.0506 0x16b4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll07:56:39.0506 0x16b4 Winmgmt - ok07:56:39.0636 0x16b4 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\windows\system32\WsmSvc.dll07:56:39.0688 0x16b4 WinRM - ok07:56:39.0898 0x16b4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys07:56:39.0898 0x16b4 WinUsb - ok07:56:39.0990 0x16b4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\windows\System32\wlansvc.dll07:56:40.0039 0x16b4 Wlansvc - ok07:56:40.0296 0x16b4 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE07:56:40.0428 0x16b4 wlidsvc - ok07:56:40.0473 0x16b4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys07:56:40.0473 0x16b4 WmiAcpi - ok07:56:40.0513 0x16b4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe07:56:40.0523 0x16b4 wmiApSrv - ok07:56:40.0543 0x16b4 WMPNetworkSvc - ok07:56:40.0593 0x16b4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\windows\System32\wpcsvc.dll07:56:40.0593 0x16b4 WPCSvc - ok07:56:40.0643 0x16b4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\windows\system32\wpdbusenum.dll07:56:40.0643 0x16b4 WPDBusEnum - ok07:56:40.0673 0x16b4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys07:56:40.0673 0x16b4 ws2ifsl - ok07:56:40.0713 0x16b4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\windows\System32\wscsvc.dll07:56:40.0713 0x16b4 wscsvc - ok07:56:40.0723 0x16b4 WSearch - ok07:56:40.0949 0x16b4 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\windows\system32\wuaueng.dll07:56:41.0060 0x16b4 wuauserv - ok07:56:41.0147 0x16b4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\windows\system32\drivers\WudfPf.sys07:56:41.0157 0x16b4 WudfPf - ok07:56:41.0207 0x16b4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys07:56:41.0207 0x16b4 WUDFRd - ok07:56:41.0259 0x16b4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\windows\System32\WUDFSvc.dll07:56:41.0263 0x16b4 wudfsvc - ok07:56:41.0319 0x16b4 [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc C:\windows\System32\wwansvc.dll07:56:41.0339 0x16b4 WwanSvc - ok07:56:41.0386 0x16b4 ================ Scan global ===============================07:56:41.0422 0x16b4 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll07:56:41.0515 0x16b4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll07:56:41.0525 0x16b4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll07:56:41.0575 0x16b4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll07:56:41.0665 0x16b4 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe07:56:41.0675 0x16b4 [ Global ] - ok07:56:41.0675 0x16b4 ================ Scan MBR ==================================07:56:41.0685 0x16b4 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR007:56:41.0999 0x16b4 \Device\Harddisk0\DR0 - ok07:56:41.0999 0x16b4 ================ Scan VBR ==================================07:56:42.0039 0x16b4 [ C5DBA2A561B36F59D9EEDC59A1B26A67 ] \Device\Harddisk0\DR0\Partition107:56:42.0039 0x16b4 \Device\Harddisk0\DR0\Partition1 - ok07:56:42.0039 0x16b4 Waiting for KSN requests completion. In queue: 7407:56:43.0041 0x16b4 Waiting for KSN requests completion. In queue: 7407:56:44.0043 0x16b4 Waiting for KSN requests completion. In queue: 7407:56:45.0043 0x16b4 Waiting for KSN requests completion. In queue: 7407:56:46.0049 0x16b4 Waiting for KSN requests completion. In queue: 7407:56:47.0051 0x16b4 Waiting for KSN requests completion. In queue: 7407:56:48.0053 0x16b4 Waiting for KSN requests completion. In queue: 7407:56:49.0053 0x16b4 Waiting for KSN requests completion. In queue: 7407:56:50.0055 0x16b4 Waiting for KSN requests completion. In queue: 7407:56:51.0061 0x16b4 Waiting for KSN requests completion. In queue: 7407:56:52.0061 0x16b4 Waiting for KSN requests completion. In queue: 7407:56:53.0061 0x16b4 Waiting for KSN requests completion. In queue: 7407:56:54.0091 0x16b4 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.4.304.0 ), 0x61000 ( enabled : updated )07:56:54.0111 0x16b4 Win FW state via NFP2: enabled07:56:56.0715 0x16b4 ============================================================07:56:56.0715 0x16b4 Scan finished07:56:56.0715 0x16b4 ============================================================07:56:56.0725 0x1958 Detected object count: 007:56:56.0725 0x1958 Actual detected object count: 007:57:11.0087 0x1a98 KLMD registered as C:\windows\system32\drivers\20803119.sys07:57:11.0702 0x1a98 Deinitialize success Link to post Share on other sites More sharing options...
Psychotic Posted December 10, 2013 ID:762809 Share Posted December 10, 2013 CombofixCombofix should only be run when adviced by a team member!LinkImportant - Save the file to your desktop! Deactivate any and all of your antivirus programs /spyware scanners - they can prevent CF from doing its work. Run Combofix.exeWhen finished, Combofix creates a log file named C:\Combofix.txt. Please post its content in your next reply.Note: When receiving an error message containing ""Illegal operation attempted on a registry key that has been marked for deletion" simply restart your computer to fix this. Link to post Share on other sites More sharing options...
dan_melissa Posted December 11, 2013 Author ID:763229 Share Posted December 11, 2013 ComboFix.txt ComboFix 13-12-10.01 - My_Toshiba 12/11/2013 1:20.1.2 - x64Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.1363 [GMT -6:00]Running from: c:\users\My_Toshiba\Downloads\ComboFix.exeAV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((( Files Created from 2013-11-11 to 2013-12-11 )))))))))))))))))))))))))))))))..2013-12-11 07:31 . 2013-12-11 07:31 -------- d-----w- c:\users\Default\AppData\Local\temp2013-12-11 06:45 . 2013-12-11 06:45 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6646FCA3-43F4-4932-B5C9-86923B590B66}\offreg.dll2013-12-11 06:23 . 2013-12-11 06:23 -------- d-----w- c:\program files (x86)\Western Digital Corporation2013-12-11 01:23 . 2013-12-11 01:23 9293192 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe2013-12-10 18:55 . 2013-11-08 03:12 10285968 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6646FCA3-43F4-4932-B5C9-86923B590B66}\mpengine.dll2013-12-10 04:25 . 2013-12-10 04:26 -------- d-----w- c:\users\Dan2013-12-09 17:49 . 2013-11-08 03:12 10285968 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2013-12-06 07:55 . 2013-10-18 23:32 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{51E29C3F-EDA1-4DA5-A194-C4D2F1E78E9C}\gapaengine.dll2013-12-06 07:45 . 2013-12-06 07:46 -------- d-----w- C:\tmp2013-12-06 07:20 . 2013-12-06 07:24 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)2013-12-06 07:20 . 2013-12-06 07:20 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys2013-12-05 06:09 . 2013-12-06 06:54 -------- d-----w- C:\AdwCleaner2013-12-03 04:56 . 2013-12-03 04:59 -------- d-----w- c:\windows\system32\MRT2013-12-03 04:34 . 2013-12-03 04:34 -------- d-----w- C:\New folder2013-12-02 13:13 . 2013-10-15 00:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE2013-12-02 13:10 . 2013-12-02 13:10 97880 ----a-w- c:\program files (x86)\Internet Explorer\pdmproxy100.dll2013-11-22 06:44 . 2013-11-22 06:44 -------- d-----w- c:\users\My_Toshiba\AppData\Roaming\Malwarebytes2013-11-22 06:43 . 2013-11-22 06:43 -------- d-----w- c:\programdata\Malwarebytes2013-11-22 06:43 . 2013-12-06 07:15 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware2013-11-22 06:43 . 2013-04-04 20:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys2013-11-20 05:54 . 2013-11-20 05:54 -------- d-----w- c:\programdata\Oracle2013-11-20 05:46 . 2013-11-20 05:46 -------- d-----w- c:\program files (x86)\Common Files\Java2013-11-20 05:46 . 2013-10-08 13:50 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll2013-11-20 04:39 . 2013-09-20 16:49 21040 ----a-w- c:\windows\system32\sdnclean64.exe2013-11-20 04:38 . 2013-12-11 07:18 -------- d-----w- c:\programdata\Spybot - Search & Destroy2013-11-20 04:38 . 2013-11-20 04:41 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 22013-11-17 15:33 . 2013-11-17 15:48 -------- d-----w- c:\users\My_Toshiba\AppData\Local\cache2013-11-17 15:33 . 2013-11-17 15:48 -------- d-----w- c:\users\My_Toshiba\AppData\Local\Mobogenie2013-11-17 15:32 . 2013-11-17 17:22 -------- d-----w- c:\program files (x86)\Mobogenie2013-11-17 15:27 . 2013-11-17 15:27 -------- d-----w- c:\users\My_Toshiba\AppData\Roaming\.minecraft2013-11-17 15:25 . 2013-11-17 17:23 -------- d-----w- c:\users\My_Toshiba\AppData\Roaming\MyWordTool2013-11-16 06:35 . 2013-11-16 06:35 -------- d-----w- c:\program files\iPod2013-11-16 06:35 . 2013-11-16 06:36 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF692013-11-16 06:35 . 2013-11-16 06:36 -------- d-----w- c:\program files\iTunes2013-11-16 06:35 . 2013-11-16 06:36 -------- d-----w- c:\program files (x86)\iTunes...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-12-11 01:23 . 2012-10-23 00:42 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2013-12-11 01:23 . 2012-10-23 00:42 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe2013-11-19 10:21 . 2012-10-20 22:32 267936 ------w- c:\windows\system32\MpSigStub.exe2013-11-06 12:38 . 2013-03-11 14:53 736952 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll2013-10-20 14:39 . 2013-10-20 14:39 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin2013-10-18 23:32 . 2012-10-22 12:57 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll2013-09-27 15:53 . 2013-09-27 15:53 248240 ----a-w- c:\windows\system32\drivers\MpFilter.sys2013-09-27 15:53 . 2012-03-21 03:44 134944 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]2013-03-11 14:09 220632 ----a-w- c:\users\My_Toshiba\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]2013-03-11 14:09 220632 ----a-w- c:\users\My_Toshiba\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]2013-03-11 14:09 220632 ----a-w- c:\users\My_Toshiba\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]2013-04-10 05:37 130736 ----a-w- c:\users\My_Toshiba\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]2013-04-10 05:37 130736 ----a-w- c:\users\My_Toshiba\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]2013-04-10 05:37 130736 ----a-w- c:\users\My_Toshiba\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Spybot-S&D Cleaning"="c:\program files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" [2013-09-20 3666224].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]"EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe" [2012-10-08 3182080]"EKStatusMonitor"="c:\program files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe" [2013-01-15 2750840]"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-02 152392]"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2013-07-25 5624784]"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336].[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]"KodakHomeCenter"="c:\program files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" [2013-03-15 2236792].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]"LoadAppInit_DLLs"=1 (0x1).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]"aux1"=wdmaud.drv.[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe.[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]@="Service".R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]R3 f5ipfw;F5 Networks StoneWall Filter;c:\windows\system32\drivers\urfltv64.sys;c:\windows\SYSNATIVE\drivers\urfltv64.sys [x]R3 FlyUsb;FLY Fusion;c:\windows\system32\DRIVERS\FlyUsb.sys;c:\windows\SYSNATIVE\DRIVERS\FlyUsb.sys [x]R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [x]S2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [x]S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]S2 PCCUJobMgr;Common Client Job Manager Service;c:\program files (x86)\Norton PC Checkup\Engine\2.0.5.60\ccSvcHst.exe;c:\program files (x86)\Norton PC Checkup\Engine\2.0.5.60\ccSvcHst.exe [x]S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe;c:\program files\TOSHIBA\TECO\TecoService.exe [x]S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys;c:\windows\SYSNATIVE\DRIVERS\QIOMem.sys [x]S3 rtl8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192Ce.sys [x]S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]..[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]2013-12-05 12:48 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe.Contents of the 'Scheduled Tasks' folder.2013-12-11 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-23 01:23].2013-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-15 04:04].2013-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-15 04:04]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]2013-03-11 14:09 244696 ----a-w- c:\users\My_Toshiba\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]2013-03-11 14:09 244696 ----a-w- c:\users\My_Toshiba\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]2013-03-11 14:09 244696 ----a-w- c:\users\My_Toshiba\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]2013-04-10 05:37 164016 ----a-w- c:\users\My_Toshiba\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]2013-04-10 05:37 164016 ----a-w- c:\users\My_Toshiba\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]2013-04-10 05:37 164016 ----a-w- c:\users\My_Toshiba\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]2013-04-10 05:37 164016 ----a-w- c:\users\My_Toshiba\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-10 161304]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-10 386584]"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-10 415256]"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-03-10 520760]"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2010-04-28 307768]"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-06 709976]"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]"EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe" [2012-10-08 3182080].------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmmLocal Page = c:\windows\SYSTEM32\blank.htmuInternet Settings,ProxyOverride = <local>;*.localTrusted Zone: digitalriver.com\dc2vpn01Trusted Zone: digitalriver.com\dc7vpn01TCP: DhcpNameServer = 75.75.76.76 75.75.75.75DPF: {195538FD-1C39-44B1-A7C3-5D7137A8A8F1} - c:\users\MY_TOS~1\AppData\Local\Temp\f5tmp\f5opswati.cabDPF: {30CF9713-6614-4556-B5F5-66F8C7F9DEF1} - c:\users\MY_TOS~1\AppData\Local\Temp\f5tmp\f5opswati.cabDPF: {49EC7987-E331-44E3-B170-748B58A268B9} - c:\users\MY_TOS~1\AppData\Local\Temp\f5tmp\f5opswati.cabDPF: {EBDC91CB-F23F-477D-B152-3F7243760D04} - c:\users\MY_TOS~1\AppData\Local\Temp\f5tmp\f5opswati.cabFF - ProfilePath - c:\users\My_Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\4htg0550.default-1379026913962\FF - ExtSQL: 2013-11-17 09:25; emily@wilford.biz; c:\users\My_Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\4htg0550.default-1379026913962\extensions\emily@wilford.biz.- - - - ORPHANS REMOVED - - - -.Toolbar-Locked - (no file)Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exeNotify-SDWinLogon - SDWinLogon.dllSafeBoot-29398181.sysSafeBoot-mbamchameleonSafeBoot-MBAMSwissArmyHKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - startToolbar-Locked - (no file)Toolbar-{65132BAA-DBA9-40B9-BD7C-667368459740} - (no file)HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exeHKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXEHKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exeHKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exeHKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exeHKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exeHKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exeHKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exeHKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exeHKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exeAddRemove-WT089366 - c:\program files (x86)\TOSHIBA Games\Cake Mania - Lights...[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCCUJobMgr]"ImagePath"="\"c:\program files (x86)\Norton PC Checkup\Engine\2.0.5.60\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files (x86)\Norton PC Checkup\Engine\2.0.5.60\diMaster.dll\" /prefetch:1".--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_USERS\S-1-5-21-1580783213-1055047030-44623105-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]@Denied: (2) (LocalSystem)"Progid"="WindowsLiveMail.Email.1".[HKEY_USERS\S-1-5-21-1580783213-1055047030-44623105-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]@Denied: (2) (LocalSystem)"Progid"="WindowsLiveMail.VCard.1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.11".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).Completion time: 2013-12-11 01:36:30ComboFix-quarantined-files.txt 2013-12-11 07:36.Pre-Run: 266,000,900,096 bytes freePost-Run: 267,024,220,160 bytes free.- - End Of File - - C391DED29EEE96CFDC278B44BD092DCF Link to post Share on other sites More sharing options...
Psychotic Posted December 11, 2013 ID:763258 Share Posted December 11, 2013 Scan with OTLDownload OTL by OldTimer and save it to your desktop. Double click on the OTL.exe icon on your desktop. If you are using Vista, please right-click and select run as administrator Click the "Scan All Users" checkbox.Note: If you are using a Windows 64bit machine, please make sure the checkbox next to Include 64Bit Scans is checked. It will be checked by default. Push the button. It will now begin to scan, please be paitent while it scans. Two reports will open once it's done. Please copy and paste them in your next reply:OTL.txt <-- Will be opened Extras.txt <-- Will be minimized Link to post Share on other sites More sharing options...
dan_melissa Posted December 13, 2013 Author ID:763900 Share Posted December 13, 2013 OTL.txt: 9*8898OTL logfile created on: 12/12/2013 6:39:18 PM - Run 1OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\My_Toshiba\Desktop64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstationInternet Explorer (Version = 9.11.9600.16428)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.80 Gb Total Physical Memory | 2.05 Gb Available Physical Memory | 53.99% Memory free7.60 Gb Paging File | 5.63 Gb Available in Paging File | 74.08% Paging File freePaging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)Drive C: | 452.58 Gb Total Space | 247.71 Gb Free Space | 54.73% Space Free | Partition Type: NTFS Computer Name: TOSHIBA_LAPTOP | User Name: My_Toshiba | Logged in as Administrator.Boot Mode: Normal | Scan Mode: All users | Include 64bit ScansCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/12/12 18:38:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\My_Toshiba\Desktop\OTL.exePRC - [2013/12/11 14:22:50 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exePRC - [2013/10/15 12:27:38 | 003,921,880 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exePRC - [2013/09/20 10:57:26 | 001,042,272 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exePRC - [2013/09/13 10:38:30 | 000,171,416 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exePRC - [2013/07/25 11:19:26 | 005,624,784 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exePRC - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exePRC - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exePRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exePRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exePRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exePRC - [2013/03/15 14:07:56 | 000,395,640 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exePRC - [2013/01/15 12:07:42 | 000,780,152 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exePRC - [2012/09/28 13:19:16 | 007,392,648 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Users\My_Toshiba\Desktop\LeapFrog Connect\CommandService.exePRC - [2010/06/29 19:35:20 | 000,755,312 | ---- | M] (Orb Networks) -- C:\Program Files (x86)\Orb Networks\Orb\bin\OrbLauncher.exePRC - [2010/06/29 19:35:16 | 000,286,720 | ---- | M] () -- C:\Program Files (x86)\Orb Networks\Orb\bin\OrbjetManager.exePRC - [2010/06/29 19:34:50 | 000,198,144 | ---- | M] (Orb Networks, Inc.) -- C:\Program Files (x86)\Orb Networks\Orb\bin\Orb.exePRC - [2010/03/18 13:57:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exePRC - [2010/03/18 13:56:56 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exePRC - [2009/08/24 16:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\ccSvcHst.exe ========== Modules (No Company Name) ========== MOD - [2013/12/11 14:22:49 | 003,559,024 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dllMOD - [2013/05/16 10:55:26 | 000,113,496 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bplMOD - [2013/05/16 10:55:24 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bplMOD - [2012/08/27 21:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dllMOD - [2012/08/27 21:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dllMOD - [2010/06/29 19:35:18 | 000,144,896 | ---- | M] () -- C:\Program Files (x86)\Orb Networks\Orb\bin\libupnp.dllMOD - [2010/06/29 19:35:16 | 000,412,672 | ---- | M] () -- C:\Program Files (x86)\Orb Networks\Orb\bin\sqlite3.dllMOD - [2010/06/29 19:35:16 | 000,286,720 | ---- | M] () -- C:\Program Files (x86)\Orb Networks\Orb\bin\OrbjetManager.exeMOD - [2010/06/29 19:35:16 | 000,167,936 | ---- | M] () -- C:\Program Files (x86)\Orb Networks\Orb\bin\lua51.dllMOD - [2010/06/29 19:35:14 | 000,369,664 | ---- | M] () -- C:\Program Files (x86)\Orb Networks\Orb\bin\usGrabber\TVGrabber.dllMOD - [2010/06/29 19:35:00 | 000,283,648 | ---- | M] () -- C:\Program Files (x86)\Orb Networks\Orb\bin\OrbRTSPServer.dllMOD - [2010/06/29 19:34:58 | 001,936,384 | ---- | M] () -- C:\Program Files (x86)\Orb Networks\Orb\bin\OrbMedia.dllMOD - [2010/06/29 19:34:58 | 000,570,368 | ---- | M] () -- C:\Program Files (x86)\Orb Networks\Orb\bin\OrbPVR.dllMOD - [2010/06/29 19:34:58 | 000,452,096 | ---- | M] () -- C:\Program Files (x86)\Orb Networks\Orb\bin\taglib.dllMOD - [2010/05/27 18:38:50 | 000,299,008 | ---- | M] () -- C:\Program Files (x86)\Orb Networks\Orb\bin\imageformats\qtiff4.dllMOD - [2010/05/27 18:38:50 | 000,260,608 | ---- | M] () -- C:\Program Files (x86)\Orb Networks\Orb\bin\imageformats\qmng4.dllMOD - [2010/05/27 18:38:50 | 000,130,560 | ---- | M] () -- C:\Program Files (x86)\Orb Networks\Orb\bin\imageformats\qjpeg4.dllMOD - [2010/05/27 18:38:48 | 000,030,208 | ---- | M] () -- C:\Program Files (x86)\Orb Networks\Orb\bin\imageformats\qico4.dllMOD - [2010/05/27 18:38:48 | 000,024,064 | ---- | M] () -- C:\Program Files (x86)\Orb Networks\Orb\bin\imageformats\qgif4.dllMOD - [2010/05/27 18:38:42 | 000,375,808 | ---- | M] () -- C:\Program Files (x86)\Orb Networks\Orb\bin\QtXml4.dllMOD - [2010/05/27 18:38:28 | 001,007,616 | ---- | M] () -- C:\Program Files (x86)\Orb Networks\Orb\bin\QtNetwork4.dllMOD - [2010/05/27 18:38:26 | 008,766,464 | ---- | M] () -- C:\Program Files (x86)\Orb Networks\Orb\bin\QtGui4.dllMOD - [2010/05/27 18:38:24 | 002,394,112 | ---- | M] () -- C:\Program Files (x86)\Orb Networks\Orb\bin\QtCore4.dllMOD - [2010/03/22 19:02:56 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Orb Networks\Orb\bin\zlib1.dllMOD - [2010/03/22 19:02:40 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Orb Networks\Orb\bin\libexpat.dllMOD - [2010/03/22 19:02:38 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Orb Networks\Orb\bin\boost_filesystem-vc90-mt-1_35.dllMOD - [2010/03/22 19:02:38 | 000,012,288 | ---- | M] () -- C:\Program Files (x86)\Orb Networks\Orb\bin\boost_system-vc90-mt-1_35.dll ========== Services (SafeList) ========== SRV:64bit: - [2013/11/26 03:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)SRV:64bit: - [2013/10/23 17:14:22 | 000,348,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)SRV:64bit: - [2013/10/23 17:14:22 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)SRV:64bit: - [2013/05/26 23:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)SRV:64bit: - [2010/09/28 13:30:28 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)SRV:64bit: - [2010/02/25 20:00:32 | 000,252,928 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)SRV:64bit: - [2010/02/23 18:57:42 | 000,835,952 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)SRV:64bit: - [2010/02/05 18:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)SRV:64bit: - [2009/07/28 16:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)SRV - [2013/12/11 14:22:49 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)SRV - [2013/12/10 19:23:27 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)SRV - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)SRV - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)SRV - [2013/06/21 09:13:12 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)SRV - [2013/03/15 14:07:56 | 000,395,640 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service)SRV - [2013/01/15 12:07:42 | 000,780,152 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe -- (Kodak AiO Status Monitor Service)SRV - [2012/09/28 13:19:16 | 007,392,648 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Users\My_Toshiba\Desktop\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)SRV - [2010/07/28 15:36:52 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)SRV - [2010/03/18 13:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)SRV - [2010/03/18 13:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)SRV - [2009/10/06 10:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)SRV - [2009/08/24 16:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\ccSvcHst.exe -- (PCCUJobMgr)SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013/12/06 01:20:08 | 000,091,352 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbamchameleon.sys -- (mbamchameleon)DRV:64bit: - [2013/09/27 09:53:06 | 000,134,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)DRV:64bit: - [2013/06/26 18:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)DRV:64bit: - [2013/06/26 18:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)DRV:64bit: - [2013/06/26 18:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)DRV:64bit: - [2013/06/26 18:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)DRV:64bit: - [2012/12/13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)DRV:64bit: - [2012/11/26 17:05:24 | 000,075,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)DRV:64bit: - [2012/10/19 05:14:50 | 000,018,552 | ---- | M] (F5 Networks, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urfltv64.sys -- (f5ipfw)DRV:64bit: - [2012/09/28 13:15:08 | 000,024,576 | ---- | M] (LeapFrog) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FlyUsb.sys -- (FlyUsb)DRV:64bit: - [2012/09/12 14:20:04 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)DRV:64bit: - [2010/11/20 07:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)DRV:64bit: - [2010/11/20 05:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)DRV:64bit: - [2010/07/29 06:10:42 | 010,610,400 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)DRV:64bit: - [2010/06/21 18:45:56 | 000,287,232 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)DRV:64bit: - [2010/03/31 00:50:16 | 000,724,536 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)DRV:64bit: - [2010/03/24 14:55:56 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)DRV:64bit: - [2010/03/10 19:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)DRV:64bit: - [2010/02/27 08:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)DRV:64bit: - [2010/02/22 19:03:42 | 000,075,304 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)DRV:64bit: - [2010/02/12 16:49:16 | 000,877,088 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192Ce.sys -- (rtl8192Ce)DRV:64bit: - [2010/02/08 22:57:22 | 000,239,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)DRV:64bit: - [2009/09/17 14:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)DRV:64bit: - [2009/07/30 21:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)DRV:64bit: - [2009/07/14 16:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)DRV:64bit: - [2009/07/13 18:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)DRV:64bit: - [2009/06/22 18:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)DRV:64bit: - [2009/06/19 20:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)DRV:64bit: - [2009/06/15 14:58:50 | 000,012,800 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\QIOMem.sys -- (QIOMem)DRV:64bit: - [2009/06/10 15:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)DRV:64bit: - [2009/06/10 15:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)DRV:64bit: - [2009/06/10 15:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)DRV:64bit: - [2009/05/09 00:14:20 | 000,015,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {7C783327-0E72-49A2-99BF-DBD64C4E6A57}IE:64bit: - HKLM\..\SearchScopes\{7C783327-0E72-49A2-99BF-DBD64C4E6A57}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNFIE - HKLM\..\SearchScopes,DefaultScope =IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1580783213-1055047030-44623105-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1IE - HKU\S-1-5-21-1580783213-1055047030-44623105-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/IE - HKU\S-1-5-21-1580783213-1055047030-44623105-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.comIE - HKU\S-1-5-21-1580783213-1055047030-44623105-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.comIE - HKU\S-1-5-21-1580783213-1055047030-44623105-1000\..\SearchScopes,DefaultScope = {7C783327-0E72-49A2-99BF-DBD64C4E6A57}IE - HKU\S-1-5-21-1580783213-1055047030-44623105-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-21-1580783213-1055047030-44623105-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "https://www.google.com/"FF - prefs.js..extensions.enabledAddons: toolbar10753%40findwide.com:2.0.0.1676FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not foundFF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\windows\system32\npDeployJava1.dll File not foundFF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not foundFF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not foundFF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not foundFF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF - HKCU\Software\MozillaPlugins\@tnt2ghost.com/Plugin: C:\Users\My_Toshiba\AppData\Local\TNT2\2.0.0.1676\npTNT2ghost.dll File not foundFF - HKCU\Software\MozillaPlugins\@tnt2npapi.com/Plugin: C:\Users\My_Toshiba\AppData\Local\TNT2\2.0.0.1676\npTNT2.dll File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\componentsFF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/09/12 12:10:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\My_Toshiba\AppData\Roaming\Mozilla\Extensions[2013/11/17 11:34:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\My_Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\4htg0550.default-1379026913962\extensions[2013/11/17 09:25:16 | 000,000,000 | ---D | M] (MyWordTool) -- C:\Users\My_Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\4htg0550.default-1379026913962\extensions\emily@wilford.biz[2013/11/17 09:26:12 | 000,005,224 | ---- | M] () (No name found) -- C:\Users\My_Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\4htg0550.default-1379026913962\extensions\toolbar10753@findwide.com.xpi[2013/12/11 14:22:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions[2013/12/11 14:22:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions[2013/12/11 14:22:51 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ========== Chrome ========== CHR - default_search_provider: Google (Enabled)CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},CHR - homepage: http://www.google.comCHR - Extension: Google Docs = C:\Users\My_Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\CHR - Extension: Google Drive = C:\Users\My_Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\CHR - Extension: YouTube = C:\Users\My_Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\CHR - Extension: Google Search = C:\Users\My_Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\CHR - Extension: FindWide Toolbar = C:\Users\My_Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkbmapgmaiacmnmkkkaecadldnncpmje\1.0.0.0_0\CHR - Extension: Google Wallet = C:\Users\My_Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\CHR - Extension: GreatArcadeHits Add-on = C:\Users\My_Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\CHR - Extension: Gmail = C:\Users\My_Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2013/11/19 23:33:06 | 000,450,639 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hostsO1 - Hosts: 127.0.0.1 www.007guard.comO1 - Hosts: 127.0.0.1 007guard.comO1 - Hosts: 127.0.0.1 008i.comO1 - Hosts: 127.0.0.1 www.008k.comO1 - Hosts: 127.0.0.1 008k.comO1 - Hosts: 127.0.0.1 www.00hq.comO1 - Hosts: 127.0.0.1 00hq.comO1 - Hosts: 127.0.0.1 010402.comO1 - Hosts: 127.0.0.1 www.032439.comO1 - Hosts: 127.0.0.1 032439.comO1 - Hosts: 127.0.0.1 www.0scan.comO1 - Hosts: 127.0.0.1 0scan.comO1 - Hosts: 127.0.0.1 1000gratisproben.comO1 - Hosts: 127.0.0.1 www.1000gratisproben.comO1 - Hosts: 127.0.0.1 1001namen.comO1 - Hosts: 127.0.0.1 www.1001namen.comO1 - Hosts: 127.0.0.1 100888290cs.comO1 - Hosts: 127.0.0.1 www.100888290cs.comO1 - Hosts: 127.0.0.1 www.100sexlinks.comO1 - Hosts: 127.0.0.1 100sexlinks.comO1 - Hosts: 127.0.0.1 10sek.comO1 - Hosts: 127.0.0.1 www.10sek.comO1 - Hosts: 127.0.0.1 www.1-2005-search.comO1 - Hosts: 127.0.0.1 1-2005-search.comO1 - Hosts: 127.0.0.1 123fporn.infoO1 - Hosts: 15467 more lines...O2:64bit: - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)O3:64bit: - HKLM\..\Toolbar: (no name) - {65132BAA-DBA9-40B9-BD7C-667368459740} - No CLSID value found.O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.O3 - HKU\S-1-5-21-1580783213-1055047030-44623105-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.O3 - HKU\S-1-5-21-1580783213-1055047030-44623105-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)O4:64bit: - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\SysNative\spool\drivers\x64\3\EKIJ5000MUI.exe (Eastman Kodak Company)O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)O4:64bit: - HKLM..\Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()O4:64bit: - HKLM..\Run: [smartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)O4:64bit: - HKLM..\Run: [smoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe File not foundO4 - HKLM..\Run: [EKStatusMonitor] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe (Eastman Kodak Company)O4 - HKLM..\Run: [sDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)O4 - HKU\S-1-5-21-1580783213-1055047030-44623105-1000..\Run: [spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)O4 - HKU\.DEFAULT..\RunOnce: [KodakHomeCenter] C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe (Eastman Kodak Company)O4 - HKU\S-1-5-18..\RunOnce: [KodakHomeCenter] C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe (Eastman Kodak Company)O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions presentO6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-21-1580783213-1055047030-44623105-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-21-1580783213-1055047030-44623105-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)O13 - gopher Prefix: missingO15 - HKU\S-1-5-21-1580783213-1055047030-44623105-1000\..Trusted Domains: digitalriver.com ([dc2vpn01] https in Trusted sites)O15 - HKU\S-1-5-21-1580783213-1055047030-44623105-1000\..Trusted Domains: digitalriver.com ([dc7vpn01] https in Trusted sites)O16:64bit: - DPF: {AA570693-00E2-4907-B6F1-60A1199B030C} https://juniper.net/dana-cached/sc/JuniperSetupClient64.cab (JuniperSetupClientControl64 Class)O16 - DPF: {195538FD-1C39-44B1-A7C3-5D7137A8A8F1} C:\Users\MY_TOS~1\AppData\Local\Temp\f5tmp\f5opswati.cab (OPSWAT AntiViruses Class)O16 - DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} C:\Users\MY_TOS~1\AppData\Local\Temp\f5tmp\urxvpn.cab (F5 Networks VPN Manager)O16 - DPF: {30CF9713-6614-4556-B5F5-66F8C7F9DEF1} C:\Users\MY_TOS~1\AppData\Local\Temp\f5tmp\f5opswati.cab (OPSWAT FireWalls Class)O16 - DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} C:\Users\MY_TOS~1\AppData\Local\Temp\f5tmp\f5tunsrv.cab (F5 Networks Dynamic Application Tunnel Control)O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} C:\Users\MY_TOS~1\AppData\Local\Temp\f5tmp\InstallerControl.cab (F5 Networks Auto Update)O16 - DPF: {49EC7987-E331-44E3-B170-748B58A268B9} C:\Users\MY_TOS~1\AppData\Local\Temp\f5tmp\f5opswati.cab (OPSWAT ProcessesScanner Class)O16 - DPF: {57C76689-F052-487B-A19F-855AFDDF28EE} C:\Users\MY_TOS~1\AppData\Local\Temp\f5tmp\f5InspectionHost.cab (F5 Networks Policy Agent Host Class)O16 - DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} C:\Users\MY_TOS~1\AppData\Local\Temp\f5tmp\vdeskctrl.cab (F5 Virtual Sandbox Class)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 10.45.2)O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 10.45.2)O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} C:\Users\MY_TOS~1\AppData\Local\Temp\f5tmp\urxshost.cab (F5 Networks SuperHost Class)O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} C:\Users\MY_TOS~1\AppData\Local\Temp\f5tmp\urxhost.cab (F5 Networks Host Control)O16 - DPF: {EBDC91CB-F23F-477D-B152-3F7243760D04} C:\Users\MY_TOS~1\AppData\Local\Temp\f5tmp\f5opswati.cab (F5 Networks OPSWAT Helper Control)O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://secureaccess.accuvant.com/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.76.76 75.75.75.75O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{49F77F4B-FAD0-4276-9B39-25FC85576D05}: DhcpNameServer = 75.75.76.76 75.75.75.75O18:64bit: - Protocol\Handler\livecall - No CLSID value foundO18:64bit: - Protocol\Handler\msnim - No CLSID value foundO18:64bit: - Protocol\Handler\skype4com - No CLSID value foundO18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value foundO18:64bit: - Protocol\Handler\wlpg - No CLSID value foundO18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)O20 - HKLM Winlogon: UserInit - (C:\windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not foundO21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.O32 - HKLM CDRom: AutoRun - 1O34 - HKLM BootExecute: (autocheck autochk *)O35:64bit: - HKLM\..comfile [open] -- "%1" %*O35:64bit: - HKLM\..exefile [open] -- "%1" %*O35 - HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1" %*O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*O37 - HKLM\...com [@ = ComFile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1" %*O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/12/12 18:38:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\My_Toshiba\Desktop\OTL.exe[2013/12/12 06:40:51 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmploc.DLL[2013/12/12 06:40:50 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmploc.DLL[2013/12/12 06:40:49 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmp.dll[2013/12/12 06:40:48 | 014,631,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmp.dll[2013/12/12 06:34:53 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll[2013/12/12 06:34:50 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll[2013/12/12 06:34:47 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll[2013/12/12 06:34:47 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe[2013/12/12 06:34:47 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe[2013/12/12 06:34:47 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll[2013/12/12 06:34:46 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll[2013/12/12 06:34:45 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe[2013/12/12 06:34:45 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll[2013/12/12 06:34:41 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll[2013/12/12 06:34:41 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll[2013/12/12 06:34:41 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll[2013/12/12 06:34:40 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll[2013/12/12 06:34:32 | 001,995,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl[2013/12/12 06:34:32 | 001,928,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl[2013/12/12 06:34:28 | 005,769,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll[2013/12/11 14:47:29 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msieftp.dll[2013/12/11 14:47:29 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msieftp.dll[2013/12/11 14:47:23 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMPhoto.dll[2013/12/11 14:47:23 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMPhoto.dll[2013/12/11 14:47:20 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imagehlp.dll[2013/12/11 14:47:14 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scrrun.dll[2013/12/11 14:47:14 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cscript.exe[2013/12/11 14:47:14 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wshom.ocx[2013/12/11 14:47:14 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wshom.ocx[2013/12/11 14:47:13 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\scrrun.dll[2013/12/11 14:47:13 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cscript.exe[2013/12/11 14:47:09 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\portcls.sys[2013/12/11 14:47:09 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\drmk.sys[2013/12/11 14:22:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox[2013/12/11 07:17:15 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN[2013/12/11 07:17:10 | 000,000,000 | ---D | C] -- C:\windows\temp[2013/12/11 01:21:03 | 000,000,000 | ---D | C] -- C:\windows\erdnt[2013/12/11 01:18:30 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe[2013/12/11 01:18:30 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe[2013/12/11 01:18:30 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe[2013/12/11 01:16:06 | 000,000,000 | ---D | C] -- C:\Qoobox[2013/12/11 00:23:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation[2013/12/11 00:23:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Western Digital Corporation[2013/12/10 19:23:09 | 009,293,192 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe[2013/12/10 12:48:26 | 000,000,000 | ---D | C] -- C:\Users\My_Toshiba\Desktop\girlshaleieie_files[2013/12/06 01:45:12 | 000,000,000 | ---D | C] -- C:\tmp[2013/12/06 01:31:35 | 000,688,992 | ---- | C] (Swearware) -- C:\Users\My_Toshiba\Desktop\dds.com[2013/12/06 01:20:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)[2013/12/06 01:20:08 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbamchameleon.sys[2013/12/06 01:20:05 | 000,000,000 | ---D | C] -- C:\Users\My_Toshiba\Desktop\mbar[2013/12/05 00:09:09 | 000,000,000 | ---D | C] -- C:\AdwCleaner[2013/12/02 22:56:58 | 000,000,000 | ---D | C] -- C:\windows\SysNative\MRT[2013/12/02 22:34:11 | 000,000,000 | ---D | C] -- C:\New folder[2013/12/02 07:13:59 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IEUDINIT.EXE[2013/12/02 07:11:08 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe[2013/12/02 07:11:08 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\elshyph.dll[2013/12/02 07:11:03 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jsIntl.dll[2013/12/02 07:11:03 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\elshyph.dll[2013/12/02 07:11:02 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe[2013/12/02 07:11:01 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll[2013/12/02 07:11:01 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat[2013/12/02 07:11:01 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec[2013/12/02 07:11:01 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll[2013/12/02 07:11:01 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll[2013/12/02 07:11:01 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll[2013/12/02 07:11:01 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll[2013/12/02 07:11:01 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx[2013/12/02 07:11:01 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll[2013/12/02 07:11:01 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll[2013/12/02 07:11:01 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll[2013/12/02 07:11:01 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll[2013/12/02 07:11:00 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe[2013/12/02 07:11:00 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe[2013/12/02 07:11:00 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll[2013/12/02 07:10:59 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll[2013/12/02 07:10:59 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll[2013/12/02 07:10:59 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll[2013/12/02 07:10:59 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe[2013/12/02 07:10:59 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll[2013/12/02 07:10:59 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe[2013/12/02 07:10:59 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll[2013/12/02 07:10:59 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll[2013/12/02 07:10:59 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll[2013/12/02 07:10:59 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll[2013/12/02 07:10:59 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe[2013/12/02 07:10:58 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jsIntl.dll[2013/12/02 07:10:58 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll[2013/12/02 07:10:58 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe[2013/12/02 07:10:58 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll[2013/12/02 07:10:57 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll[2013/12/02 07:10:57 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll[2013/12/02 07:10:57 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe[2013/12/02 07:10:56 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll[2013/12/02 07:10:56 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe[2013/12/02 07:10:56 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx[2013/12/02 07:10:56 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll[2013/12/02 07:10:56 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll[2013/12/02 07:10:55 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll[2013/12/02 07:10:55 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll[2013/12/02 07:10:55 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat[2013/12/02 07:10:55 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll[2013/12/02 07:10:55 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll[2013/12/02 07:10:55 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec[2013/12/02 07:10:55 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll[2013/12/02 07:10:55 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll[2013/12/02 07:10:55 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe[2013/12/02 07:10:55 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe[2013/12/02 07:10:55 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll[2013/12/02 07:10:55 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll[2013/12/02 07:10:55 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll[2013/12/02 07:10:55 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll[2013/12/02 07:10:54 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll[2013/12/02 07:10:54 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll[2013/12/02 07:10:54 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll[2013/12/02 07:10:54 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll[2013/12/02 07:10:54 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll[2013/12/02 07:10:54 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll[2013/12/02 07:10:54 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe[2013/11/22 00:44:14 | 000,000,000 | ---D | C] -- C:\Users\My_Toshiba\AppData\Roaming\Malwarebytes[2013/11/22 00:44:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware[2013/11/22 00:43:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes[2013/11/22 00:43:58 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys[2013/11/22 00:43:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware[2013/11/19 23:54:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle[2013/11/19 23:46:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java[2013/11/19 23:46:49 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaws.exe[2013/11/19 23:46:44 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaw.exe[2013/11/19 23:46:44 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\java.exe[2013/11/19 23:46:44 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\WindowsAccessBridge-32.dll[2013/11/19 23:46:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java[2013/11/19 22:39:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2[2013/11/19 22:39:04 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\windows\SysNative\sdnclean64.exe[2013/11/19 22:38:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy[2013/11/19 22:38:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2[2013/11/17 09:33:11 | 000,000,000 | ---D | C] -- C:\Users\My_Toshiba\AppData\Local\cache[2013/11/17 09:33:09 | 000,000,000 | ---D | C] -- C:\Users\My_Toshiba\Documents\Mobogenie[2013/11/17 09:33:09 | 000,000,000 | ---D | C] -- C:\Users\My_Toshiba\AppData\Local\Mobogenie[2013/11/17 09:32:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mobogenie[2013/11/17 09:27:02 | 000,000,000 | ---D | C] -- C:\Users\My_Toshiba\AppData\Roaming\.minecraft[2013/11/17 09:25:13 | 000,000,000 | ---D | C] -- C:\Users\My_Toshiba\AppData\Roaming\MyWordTool[2013/11/16 00:36:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes[2013/11/16 00:35:46 | 000,000,000 | ---D | C] -- C:\Program Files\iPod[2013/11/16 00:35:45 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes[2013/11/16 00:35:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes[2013/11/16 00:35:45 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69[2013/11/13 12:01:32 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\crypt32.dll[2013/11/13 12:01:23 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\authui.dll[2013/11/13 12:01:23 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\authui.dll[2013/11/13 12:01:23 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\credui.dll[2013/11/13 12:01:23 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SmartcardCredentialProvider.dll[2013/11/13 12:01:23 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SmartcardCredentialProvider.dll[2013/11/13 12:01:19 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll[2013/11/13 12:01:18 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll[2013/11/13 12:01:18 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll[2013/11/13 12:01:18 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll[2013/11/13 12:01:18 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll[2013/11/13 12:01:16 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gdi32.dll[2013/11/13 12:01:12 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nshwfp.dll[2013/11/13 12:01:12 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nshwfp.dll[2013/11/13 12:01:12 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FWPUCLNT.DLL[2013/11/13 12:01:12 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\FWPUCLNT.DLL[2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ][1 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ][1 C:\Users\My_Toshiba\Desktop\*.tmp files -> C:\Users\My_Toshiba\Desktop\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/12/12 18:38:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\My_Toshiba\Desktop\OTL.exe[2013/12/12 18:36:15 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job[2013/12/12 18:36:14 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job[2013/12/12 18:36:02 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat[2013/12/12 17:02:43 | 009,686,012 | ---- | M] () -- C:\windows\SysNative\perfh009.dat[2013/12/12 17:02:43 | 003,292,270 | ---- | M] () -- C:\windows\SysNative\perfc009.dat[2013/12/12 17:02:43 | 000,005,384 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI[2013/12/12 15:10:21 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job[2013/12/12 07:24:04 | 000,015,792 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0[2013/12/12 07:24:04 | 000,015,792 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0[2013/12/12 07:17:51 | 000,275,712 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT[2013/12/12 07:14:50 | 3062,255,616 | -HS- | M] () -- C:\hiberfil.sys[2013/12/10 19:23:26 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe[2013/12/10 19:23:26 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl[2013/12/10 19:23:10 | 009,293,192 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe[2013/12/06 01:41:45 | 000,003,352 | ---- | M] () -- C:\bootsqm.dat[2013/12/06 01:31:40 | 000,688,992 | ---- | M] (Swearware) -- C:\Users\My_Toshiba\Desktop\dds.com[2013/12/06 01:20:08 | 000,091,352 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbamchameleon.sys[2013/12/06 01:15:56 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk[2013/12/05 06:50:39 | 000,002,194 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk[2013/12/04 20:12:09 | 000,075,608 | ---- | M] () -- C:\Users\My_Toshiba\Desktop\ggcard.jpg[2013/12/04 20:07:08 | 000,106,332 | ---- | M] () -- C:\Users\My_Toshiba\Desktop\jjd.jpg[2013/12/04 19:50:27 | 000,131,399 | ---- | M] () -- C:\Users\My_Toshiba\Desktop\grammybunny.jpg[2013/12/02 07:11:08 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe[2013/12/02 07:11:08 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\elshyph.dll[2013/12/02 07:11:03 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jsIntl.dll[2013/12/02 07:11:03 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\elshyph.dll[2013/12/02 07:11:02 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe[2013/12/02 07:11:01 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll[2013/12/02 07:11:01 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat[2013/12/02 07:11:01 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec[2013/12/02 07:11:01 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll[2013/12/02 07:11:01 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll[2013/12/02 07:11:01 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll[2013/12/02 07:11:01 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll[2013/12/02 07:11:01 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx[2013/12/02 07:11:01 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll[2013/12/02 07:11:01 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll[2013/12/02 07:11:01 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll[2013/12/02 07:11:01 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll[2013/12/02 07:11:01 | 000,016,284 | ---- | M] () -- C:\windows\SysWow64\ieuinit.inf[2013/12/02 07:11:00 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe[2013/12/02 07:11:00 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe[2013/12/02 07:11:00 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll[2013/12/02 07:10:59 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll[2013/12/02 07:10:59 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll[2013/12/02 07:10:59 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll[2013/12/02 07:10:59 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe[2013/12/02 07:10:59 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll[2013/12/02 07:10:59 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe[2013/12/02 07:10:59 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll[2013/12/02 07:10:59 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll[2013/12/02 07:10:59 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll[2013/12/02 07:10:59 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll[2013/12/02 07:10:59 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe[2013/12/02 07:10:58 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jsIntl.dll[2013/12/02 07:10:58 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll[2013/12/02 07:10:58 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe[2013/12/02 07:10:58 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll[2013/12/02 07:10:57 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll[2013/12/02 07:10:57 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll[2013/12/02 07:10:57 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe[2013/12/02 07:10:56 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll[2013/12/02 07:10:56 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe[2013/12/02 07:10:56 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx[2013/12/02 07:10:56 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll[2013/12/02 07:10:56 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll[2013/12/02 07:10:55 | 001,228,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll[2013/12/02 07:10:55 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll[2013/12/02 07:10:55 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat[2013/12/02 07:10:55 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll[2013/12/02 07:10:55 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll[2013/12/02 07:10:55 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\html.iec[2013/12/02 07:10:55 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll[2013/12/02 07:10:55 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\url.dll[2013/12/02 07:10:55 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe[2013/12/02 07:10:55 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe[2013/12/02 07:10:55 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll[2013/12/02 07:10:55 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll[2013/12/02 07:10:55 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll[2013/12/02 07:10:55 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll[2013/12/02 07:10:55 | 000,016,284 | ---- | M] () -- C:\windows\SysNative\ieuinit.inf[2013/12/02 07:10:54 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll[2013/12/02 07:10:54 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll[2013/12/02 07:10:54 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll[2013/12/02 07:10:54 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll[2013/12/02 07:10:54 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll[2013/12/02 07:10:54 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll[2013/12/02 07:10:54 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe[2013/12/01 16:41:04 | 000,066,869 | ---- | M] () -- C:\Users\My_Toshiba\Desktop\img95o.jpg[2013/12/01 16:13:46 | 000,021,772 | ---- | M] () -- C:\Users\My_Toshiba\Desktop\shopping.jpg[2013/12/01 15:55:50 | 000,005,424 | ---- | M] () -- C:\Users\My_Toshiba\Desktop\img65q.jpg[2013/12/01 15:48:44 | 000,017,461 | ---- | M] () -- C:\Users\My_Toshiba\Desktop\img7j.jpg[2013/12/01 15:42:23 | 000,004,147 | ---- | M] () -- C:\Users\My_Toshiba\Desktop\minipip.html[2013/12/01 15:37:15 | 000,124,592 | ---- | M] () -- C:\Users\My_Toshiba\Desktop\img44o.jpg[2013/11/26 04:18:23 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll[2013/11/26 03:48:07 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll[2013/11/26 03:46:25 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll[2013/11/26 03:27:54 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll[2013/11/26 03:21:24 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll[2013/11/26 03:18:39 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe[2013/11/26 03:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe[2013/11/26 03:16:57 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll[2013/11/26 02:57:44 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe[2013/11/26 02:35:02 | 005,769,216 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll[2013/11/26 02:32:08 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll[2013/11/26 02:28:16 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll[2013/11/26 02:02:16 | 001,995,264 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl[2013/11/26 01:32:06 | 001,928,192 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl[2013/11/26 00:34:55 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll[2013/11/26 00:34:27 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll[2013/11/23 12:26:20 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\WMPhoto.dll[2013/11/23 11:47:34 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\WMPhoto.dll[2013/11/19 23:33:06 | 000,450,639 | R--- | M] () -- C:\windows\SysNative\drivers\etc\hosts[2013/11/19 22:39:12 | 000,001,390 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk[2013/11/19 06:52:17 | 000,001,945 | ---- | M] () -- C:\windows\epplauncher.mif[2013/11/16 00:36:46 | 000,001,794 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk[2013/11/15 06:54:58 | 000,317,313 | ---- | M] () -- C:\Users\My_Toshiba\Desktop\cabinfloat.jpg[2013/11/14 12:15:48 | 000,342,233 | ---- | M] () -- C:\Users\My_Toshiba\Desktop\photo.php[2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ][1 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ][1 C:\Users\My_Toshiba\Desktop\*.tmp files -> C:\Users\My_Toshiba\Desktop\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/12/11 01:18:30 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe[2013/12/11 01:18:30 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe[2013/12/11 01:18:30 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe[2013/12/11 01:18:30 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe[2013/12/11 01:18:30 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe[2013/12/06 01:41:45 | 000,003,352 | ---- | C] () -- C:\bootsqm.dat[2013/12/04 20:12:09 | 000,075,608 | ---- | C] () -- C:\Users\My_Toshiba\Desktop\ggcard.jpg[2013/12/04 20:07:25 | 000,106,332 | ---- | C] () -- C:\Users\My_Toshiba\Desktop\jjd.jpg[2013/12/04 19:50:25 | 000,131,399 | ---- | C] () -- C:\Users\My_Toshiba\Desktop\grammybunny.jpg[2013/12/02 07:11:01 | 000,016,284 | ---- | C] () -- C:\windows\SysWow64\ieuinit.inf[2013/12/02 07:10:55 | 000,016,284 | ---- | C] () -- C:\windows\SysNative\ieuinit.inf[2013/12/01 16:41:04 | 000,066,869 | ---- | C] () -- C:\Users\My_Toshiba\Desktop\img95o.jpg[2013/12/01 16:13:45 | 000,021,772 | ---- | C] () -- C:\Users\My_Toshiba\Desktop\shopping.jpg[2013/12/01 15:55:49 | 000,005,424 | ---- | C] () -- C:\Users\My_Toshiba\Desktop\img65q.jpg[2013/12/01 15:48:41 | 000,017,461 | ---- | C] () -- C:\Users\My_Toshiba\Desktop\img7j.jpg[2013/12/01 15:42:23 | 000,004,147 | ---- | C] () -- C:\Users\My_Toshiba\Desktop\minipip.html[2013/12/01 15:37:15 | 000,124,592 | ---- | C] () -- C:\Users\My_Toshiba\Desktop\img44o.jpg[2013/11/22 00:44:02 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk[2013/11/19 22:39:12 | 000,001,402 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk[2013/11/19 22:39:12 | 000,001,390 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk[2013/11/17 11:33:51 | 000,001,171 | ---- | C] () -- C:\Users\My_Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk[2013/11/16 00:36:46 | 000,001,794 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk[2013/11/15 06:54:56 | 000,317,313 | ---- | C] () -- C:\Users\My_Toshiba\Desktop\cabinfloat.jpg[2013/11/14 12:15:47 | 000,342,233 | ---- | C] () -- C:\Users\My_Toshiba\Desktop\photo.php[2013/04/24 02:18:47 | 000,000,017 | ---- | C] () -- C:\windows\SysWow64\shortcut_ex.dat[2012/11/12 18:50:05 | 000,000,000 | ---- | C] () -- C:\windows\f5unistall.INI[2012/10/20 20:28:15 | 217,135,103 | ---- | C] () -- C:\Users\My_Toshiba\dvd.iso[2012/09/08 16:06:38 | 000,005,342 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI ========== ZeroAccess Check ========== [2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 20:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 19:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 06:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Alternate Data Streams ========== @Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:42D9E231< End of report > Link to post Share on other sites More sharing options...
dan_melissa Posted December 13, 2013 Author ID:763901 Share Posted December 13, 2013 Extras.txt: OTL Extras logfile created on: 12/12/2013 6:39:18 PM - Run 1OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\My_Toshiba\Desktop64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstationInternet Explorer (Version = 9.11.9600.16428)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.80 Gb Total Physical Memory | 2.05 Gb Available Physical Memory | 53.99% Memory free7.60 Gb Paging File | 5.63 Gb Available in Paging File | 74.08% Paging File freePaging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)Drive C: | 452.58 Gb Total Space | 247.71 Gb Free Space | 54.73% Space Free | Partition Type: NTFS Computer Name: TOSHIBA_LAPTOP | User Name: My_Toshiba | Logged in as Administrator.Boot Mode: Normal | Scan Mode: All users | Include 64bit ScansCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>].html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation).url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>].cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation).html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-1580783213-1055047030-44623105-1000\SOFTWARE\Classes\<extension>].html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]batfile [open] -- "%1" %*cmdfile [open] -- "%1" %*comfile [open] -- "%1" %*exefile [open] -- "%1" %*helpfile [open] -- Reg Error: Key error.htmlfile [edit] -- Reg Error: Key error.htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)piffile [open] -- "%1" %*regfile [merge] -- Reg Error: Key error.scrfile [config] -- "%1"scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %lscrfile [open] -- "%1" /Stxtfile [edit] -- Reg Error: Key error.Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Folder [explore] -- Reg Error: Value error.Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]batfile [open] -- "%1" %*cmdfile [open] -- "%1" %*comfile [open] -- "%1" %*cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)exefile [open] -- "%1" %*helpfile [open] -- Reg Error: Key error.htmlfile [edit] -- Reg Error: Key error.htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)piffile [open] -- "%1" %*regfile [merge] -- Reg Error: Key error.scrfile [config] -- "%1"scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %lscrfile [open] -- "%1" /Stxtfile [edit] -- Reg Error: Key error.Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Folder [explore] -- Reg Error: Value error.Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]"cval" = 1"FirewallDisableNotify" = 0"AntiVirusDisableNotify" = 0"UpdatesDisableNotify" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]"AntiVirusOverride" = 0"AntiSpywareOverride" = 0"FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]"DisableSR" = 0 ========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]"DisableNotifications" = 0"EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]"DisableNotifications" = 0"EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]"DisableNotifications" = 0"EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.) ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]"{05EC1151-66F3-4A1F-AA55-241954D78BC9}" = lport=138 | protocol=17 | dir=in | app=system |"{0BFB6FAA-FDC2-4B7F-AE06-444C0BC63329}" = lport=2869 | protocol=6 | dir=in | app=system |"{0D324069-8DB4-47BD-81E0-EE27949F3C8E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |"{0D815B6D-2F94-4AA3-B8DB-DD6332148ACE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |"{2A9048D9-FE6C-4C6D-BBE9-6F4A283530A8}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |"{42E93BE3-A97B-4742-9EE9-3E839893F82A}" = rport=137 | protocol=17 | dir=out | app=system |"{4AFFA6E6-CCBD-4547-9109-93C3A4379CA9}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |"{65177F0B-69DF-4D8D-936C-DEAD5C8F9C67}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |"{67854D5A-27EF-4FA1-91D1-D17F0B39A205}" = rport=445 | protocol=6 | dir=out | app=system |"{69420153-F67B-4994-BDF1-8B7EA7993D34}" = lport=10243 | protocol=6 | dir=in | app=system |"{747AFFD4-9E8C-47EC-8B5C-2AAE93D32CB0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |"{77D665A8-55A0-449A-9EF8-AC142B9C31EB}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |"{7CC0C7F0-46F4-4BC7-8551-77F38C1F6E82}" = lport=137 | protocol=17 | dir=in | app=system |"{834B2ECA-0D6B-4881-A033-96AA2FC57187}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |"{8397A7AE-F419-487B-8D61-CE7D2BF3600B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |"{89D5178A-5C4E-4BB6-842E-DEA7FD3F4172}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |"{9B6390D1-0FD7-4DB8-A6CD-6D53B2ECCB34}" = rport=138 | protocol=17 | dir=out | app=system |"{9CA3E2A5-CBD3-4E18-8562-D9638C7B05D0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |"{A39EBB0F-62FB-4557-8259-69443C77DFAD}" = lport=445 | protocol=6 | dir=in | app=system |"{AB01F377-B135-4657-B2F0-CB45ADCC95FE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |"{B5C7834D-EA8A-4617-96A6-BBF6EE5824CD}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |"{B5D06568-24BE-4BC5-AE08-2778EBD4DD0E}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |"{B756D4D6-42CA-4CA8-B843-E196A4C5E2B4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |"{B8DCC1E7-6A86-4994-A16C-AFBC37973C02}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |"{C5DB8390-3840-4C45-B87F-669D71B6E277}" = rport=10243 | protocol=6 | dir=out | app=system |"{C7C84C9D-546C-4162-B98A-F92C5DC96AD0}" = rport=139 | protocol=6 | dir=out | app=system |"{F21696BA-2CAD-438E-9F35-5EB3F35370DB}" = lport=139 | protocol=6 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]"{0B1EF83F-06DE-4FB7-8B6D-E4792A4B4ED1}" = protocol=17 | dir=in | app=c:\program files (x86)\orb networks\orb\bin\orbjetmanager.exe |"{13D77249-5D55-456C-9620-FCEE53EA46E8}" = protocol=17 | dir=in | app=c:\program files (x86)\orb networks\orb\bin\orbcontrolpanel.exe |"{1CB3E14D-632A-4088-AD11-63715783E9D3}" = dir=in | app=c:\users\my_toshiba\desktop\leapfrog connect\leapfrogconnect.exe |"{1EF8BBF6-F416-44C3-BE27-706BF7964473}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\center\aiohomecenter.exe |"{22721F7E-DF8E-4C9F-B99F-C3D4416C41C4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |"{3524D69B-2CC6-4CED-B808-231ABE2B52A0}" = protocol=17 | dir=in | app=c:\program files (x86)\orb networks\orb\bin\orblauncher.exe |"{3CA870E2-E598-43D9-8604-52D8CE459F32}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |"{3F063134-F41E-4C6B-B10F-A6DC8C732D09}" = protocol=17 | dir=in | app=c:\program files (x86)\orb networks\orb\bin\orbir.exe |"{3F268D8A-391D-43BD-82DB-E5EDB7A4DA51}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |"{3F54FD57-B295-4155-A1A7-A0450E51F21D}" = protocol=6 | dir=in | app=c:\program files (x86)\orb networks\orb\bin\orbsetupwizard.exe |"{3FC69BF4-CA62-4796-B50F-CD4CFA43EC90}" = protocol=6 | dir=out | app=system |"{4485A824-2B6A-4E37-9F28-0B231D872A25}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |"{4673F5B8-6C1F-4F50-B554-EFC7BD935CE0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |"{4A87B863-7ADD-4B4B-B7D1-CB6A04A9E672}" = protocol=17 | dir=in | app=c:\program files (x86)\orb networks\orb\bin\orb.exe |"{4D354442-704F-4C20-AA08-30622A33A6FC}" = protocol=6 | dir=in | app=c:\programdata\kodak\installer\setup.exe |"{4DCD72F3-3EB9-4BBA-BD65-60AAFEF9CB46}" = protocol=6 | dir=in | app=c:\program files (x86)\orb networks\orb\bin\orb.exe |"{4E09D75C-7FD3-4472-8EB9-EB43CFDB1AFC}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\center\kodak.statistics.exe |"{513DCACE-5858-407A-85EF-428F2005751C}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |"{5EA23017-C6D8-4F22-B030-7A227F8C0543}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |"{6280E3D8-7C13-4986-A7CB-2387FCA5EB13}" = protocol=17 | dir=in | app=c:\program files (x86)\orb networks\orb\bin\orbsetupwizard.exe |"{64B87881-E612-49AA-BD40-627CDC48F297}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\center\networkprinterdiscovery.exe |"{65358AAA-A159-45EA-BF3B-D3BC46B5FD1A}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\firmware\kodakaioupdater.exe |"{681FDFF3-5AD8-4755-AE14-FC408A9D9860}" = protocol=6 | dir=in | app=c:\program files (x86)\orb networks\orb\bin\orbjetmanager.exe |"{6EBBCA01-7058-4A20-B310-8CAD4202237F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |"{76F22DDC-887F-4E53-BE23-5E53821728D2}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\center\aiohomecenter.exe |"{7896DFBD-F08F-4893-A640-8881C1F519D2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |"{7C7FD744-9382-43DA-8497-AEE737817D42}" = dir=in | app=c:\users\my_toshiba\appdata\local\microsoft\skydrive\skydrive.exe |"{7EEEA5D2-868D-46DD-94FC-AB46C8BA7941}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |"{7F131E06-05D8-4040-8F19-32C1010B0FC9}" = protocol=6 | dir=in | app=c:\program files (x86)\orb networks\orb\bin\orbcontrolpanel.exe |"{820C1BD9-C35A-4C15-8A45-326EB003A144}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |"{9182E6A8-AB3D-4B25-A945-C10B7FB3DF69}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |"{9C9E86F8-830C-4E3B-A52D-360751B226BF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |"{A58ECA56-2308-4C9B-8114-6C084F825659}" = protocol=17 | dir=in | app=c:\program files (x86)\orb networks\orb\bin\orbstreamerclient.exe |"{A8A7DF8E-126E-4789-9A86-8FBFCE932FE2}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |"{AA55C5B6-1959-4F82-AF4B-137F2556450B}" = protocol=6 | dir=in | app=c:\program files (x86)\orb networks\orb\bin\orbstreamerclient.exe |"{AA77D2B2-12C0-4F1B-8C39-6F2618B576B7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |"{AD4FF193-CBB9-4944-8C71-4CDEA1570937}" = protocol=6 | dir=in | app=c:\program files (x86)\orb networks\orb\bin\orblauncher.exe |"{ADC24F69-0A37-4EDF-93AF-398E040EA178}" = protocol=6 | dir=in | app=c:\users\my_toshiba\appdata\roaming\dropbox\bin\dropbox.exe |"{B385B147-CDAF-4735-ABAE-5769FD6E9089}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |"{B73AD39B-E716-4EBE-A285-DAFEAB8135C5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |"{B8C80FC4-7C6F-4556-8433-84EA96A7F64F}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\firmware\kodakaioupdater.exe |"{BCA429BD-A8A1-4FB0-B56F-F1F2550F440D}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\center\kodak.statistics.exe |"{BDD3232E-7D3F-4628-88F9-B7467C1BB96E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |"{C5976DDD-69FB-4AED-AA3C-1C57126D70B3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |"{C5A54AFD-2EE0-42CC-A0F3-7641B60D77D8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |"{CAE1BBD1-6D2A-4318-91BC-A4068682EE55}" = protocol=17 | dir=in | app=c:\users\my_toshiba\appdata\roaming\dropbox\bin\dropbox.exe |"{D046D0E7-07C9-4187-8E38-C658425DDB93}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |"{D0C20C7B-CA7B-40FB-9205-02BF7E69FD3B}" = protocol=17 | dir=in | app=c:\programdata\kodak\installer\setup.exe |"{D50E2190-172F-4FEC-91E5-EA2001DFD072}" = dir=in | app=c:\users\my_toshiba\appdata\local\tnt2\2.0.0.1676\tnt2user.exe |"{E6B4FE5D-81A0-4D76-B9D2-29C6AC3A8AE0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |"{E9D5609A-AFEC-4FE2-B682-E0A9C41F031D}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |"{F481E4E6-435A-427C-9933-7CB4CD5ABA4C}" = protocol=6 | dir=in | app=c:\program files (x86)\orb networks\orb\bin\orbir.exe |"{F785DAFF-3F4B-4E6A-A241-47681936F840}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |"{F8CD9247-3091-47F9-BA54-010A1F69EF5F}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |"{FB7BA989-21C7-4295-8470-06210A448780}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\center\networkprinterdiscovery.exe |"TCP Query User{40F758BE-C856-41C4-B0C1-5AFEFEEE492F}C:\program files (x86)\orb networks\orb\bin\orbjetmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\orb networks\orb\bin\orbjetmanager.exe |"TCP Query User{7A312029-A374-4060-B943-5DEEE11E2A1E}C:\program files (x86)\orb networks\orb\bin\orblauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\orb networks\orb\bin\orblauncher.exe |"TCP Query User{8F6DAEA8-EAA0-4AE0-A3C1-4600663045A7}C:\users\my_toshiba\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=6 | dir=in | app=c:\users\my_toshiba\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |"TCP Query User{AB27EA3B-2E8B-4DF6-9648-B1B688CE7256}C:\program files (x86)\orb networks\orb\bin\orb.exe" = protocol=6 | dir=in | app=c:\program files (x86)\orb networks\orb\bin\orb.exe |"TCP Query User{C8E4151B-8EF0-4D13-9FAC-3357AA666B6B}C:\program files (x86)\orb networks\orb\bin\orbcontrolpanel.exe" = protocol=6 | dir=in | app=c:\program files (x86)\orb networks\orb\bin\orbcontrolpanel.exe |"TCP Query User{CAA1848E-C0FE-421A-9968-5BCF6F686A31}C:\users\my_toshiba\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\my_toshiba\appdata\roaming\dropbox\bin\dropbox.exe |"UDP Query User{010D6E18-4592-4E67-B1FE-CA2C2C7505AC}C:\program files (x86)\orb networks\orb\bin\orb.exe" = protocol=17 | dir=in | app=c:\program files (x86)\orb networks\orb\bin\orb.exe |"UDP Query User{1EBA3DD9-132C-4B45-8A96-C9A6759F26BD}C:\program files (x86)\orb networks\orb\bin\orbcontrolpanel.exe" = protocol=17 | dir=in | app=c:\program files (x86)\orb networks\orb\bin\orbcontrolpanel.exe |"UDP Query User{645A5D7C-3FCA-4160-B421-296CDB166D9D}C:\program files (x86)\orb networks\orb\bin\orbjetmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\orb networks\orb\bin\orbjetmanager.exe |"UDP Query User{89158784-6D42-4494-A1A9-FD5BF1C910FE}C:\program files (x86)\orb networks\orb\bin\orblauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\orb networks\orb\bin\orblauncher.exe |"UDP Query User{9A91E0C1-AD45-4B1F-8F88-88F1232EE9A4}C:\users\my_toshiba\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=17 | dir=in | app=c:\users\my_toshiba\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |"UDP Query User{DD5E6894-8FE0-4773-9A44-C9BBEF844BBB}C:\users\my_toshiba\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\my_toshiba\appdata\roaming\dropbox\bin\dropbox.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"{0645A454-AD44-4F0D-99CF-6B762735AD1F}" = aioprnt"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219"{26A24AE4-039D-4CA4-87B4-2F86417025FF}" = Java 7 Update 25 (64-bit)"{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}" = Kodak AIO Printer"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator"{5F611ADA-B98C-4DBB-ADDE-414F08457ECF}" = Windows Live Family Safety"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor"{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64"{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board"{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}" = TOSHIBA Hardware Setup"{CBD6B23D-41D5-4A46-8019-6208516C9712}" = TOSHIBA Supervisor Password"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert"{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes"{E102B843-786A-4F58-AF75-6504570E207B}" = Microsoft Security Client"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter"781745E87AFF80C0C1388CFF79D19ECAB2E9BB47" = Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0)"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)"CNXT_AUDIO_HDA" = Conexant HD Audio"Juniper_Setup_Client Activex Control" = Juniper Networks, Inc. Setup Client 64-bit Activex Control"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile"Microsoft Security Client" = Microsoft Security Essentials"SynTPDeinstKey" = Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package"{0D795777-9D60-4692-8386-F2B3F2B5E5BF}" = Label@Once 1.0"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = TOSHIBA Assist"{1EA7C505-E6DA-4B85-9432-EBD3C70D510D}" = Windows Live Messenger"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148"{2133CB3F-F891-4081-8681-FEE2B2419FF4}" = Orb Runtime libraries"{23A3E560-069F-4CFC-8F6C-1B526EC735FC}" = Windows Live Writer Resources"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java 6 Update 17"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 45"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver"{3135D885-9D9A-4B4D-8D45-9DB05DA115CA}" = Amazon Links"{376348C2-E372-48BC-A138-E896757BD86A}" = aioscnnr"{39187A4B-7538-4BE7-8BAD-9E83303793AA}" = Toshiba Book Place"{3DE92282-CB49-434F-81BF-94E5B380E889}" = The Sims™ 3 Seasons"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support"{48B41C3A-9A92-4B81-B653-C97FEB85C910}" = C4USelfUpdater"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6"{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1" = Data Lifeguard Diagnostic for Windows 1.24"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module"{56BA241F-580C-43D2-8403-947241AAE633}" = center"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update"{7B0C5EF6-DE4C-4E20-8889-C17604FFE5CD}" = Windows Live Family Safety"{86C40513-B5A4-476E-9EAB-EC118DCF4502}" = Windows Live Writer"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application Installer"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161"{A07B0B7B-DE2C-42A1-9488-9B8A4DC95BB3}" = LeapFrog Tag Junior Plugin"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper"{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}" = Wizard101"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.4"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy"{B80D3EA9-A252-4AE5-AC51-81729F5C586F}" = Windows Live Mail"{BE94C681-68E2-4561-8ABC-8D2E799168B4}" = essentials"{BFBCF96F-7361-486A-965C-54B17AC35421}" = ocr"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Toshiba Online Backup"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq"{DA84ECBF-4B79-47F2-B34C-95C38484C058}" = Skype Launcher"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK AiO Software"{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application"{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}" = Toshiba App Place"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker"{EF53BFAB-4C10-40DB-A82D-9B07111715C6}" = aioscnnr"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in"{F9233F02-5617-4BDC-8EC6-4B798EDFE6F4}" = LeapFrog Connect"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin"DVD Flick_is1" = DVD Flick 1.3.0.7"DVDStyler_is1" = DVDStyler v2.3.1"F5 Networks Client Components" = BIG-IP Edge Client Components (All Users)"Google Chrome" = Google Chrome"ImgBurn" = ImgBurn"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package"InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime"InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility"InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board"InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}" = TOSHIBA Hardware Setup"InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}" = TOSHIBA Supervisor Password"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300"Mozilla Firefox 26.0 (x86 en-US)" = Mozilla Firefox 26.0 (x86 en-US)"MozillaMaintenanceService" = Mozilla Maintenance Service"NortonPCCheckup" = Toshiba Laptop Checkup"Office14.Click2Run" = Microsoft Office Click-to-Run 2010"Orb" = Orb"Origin" = Origin"PrintProjects" = PrintProjects"TagJuniorPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin)"TOSHIBA Game Console" = WildTangent ORB Game Console"UPCShell" = LeapFrog Connect"uTorrent" = µTorrent"WildTangent toshiba Master Uninstall" = WildTangent Games"WinLiveSuite" = Windows Live Essentials"WT088682" = Bejeweled 2 Deluxe"WT088696" = Chuzzle Deluxe"WT088750" = Jewel Quest - Heritage"WT088759" = Polar Bowler"WT089366" = Cake Mania - Lights, Camera, Action!"WT089368" = FATE - The Traitor Soul"WT089379" = Mystery P.I. - The London Caper"WT089381" = Slingo Supreme"WT089386" = Governor of Poker 2 Premium Edition"WT089395" = Plants vs. Zombies - Game of the Year ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1580783213-1055047030-44623105-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"Dropbox" = Dropbox"Juniper_Setup_Client" = Juniper Networks, Inc. Setup Client"Neoteris_Host_Checker" = Juniper Networks Host Checker"SkyDriveSetup.exe" = Microsoft SkyDrive ========== Last 20 Event Log Errors ========== [ Application Events ]Error - 12/12/2013 8:31:45 AM | Computer Name = Toshiba_Laptop | Source = Microsoft-Windows-LoadPerf | ID = 3011Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code. Error - 12/12/2013 9:09:20 AM | Computer Name = Toshiba_Laptop | Source = Customer Experience Improvement Program | ID = 1008Description = Error - 12/12/2013 9:10:30 AM | Computer Name = Toshiba_Laptop | Source = Microsoft-Windows-LoadPerf | ID = 3012Description = The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter valueis the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section. Error - 12/12/2013 9:10:30 AM | Computer Name = Toshiba_Laptop | Source = Microsoft-Windows-LoadPerf | ID = 3011Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code. Error - 12/12/2013 9:16:01 AM | Computer Name = Toshiba_Laptop | Source = Bonjour Service | ID = 100Description = mDNSCoreReceiveResponse: Received from 10.0.0.3:5353 24 3.0.0.10.in-addr.arpa. PTR Toshiba-Laptop-2.local. Error - 12/12/2013 9:16:01 AM | Computer Name = Toshiba_Laptop | Source = Bonjour Service | ID = 100Description = mDNSCoreReceiveResponse: Unexpected conflict discarding 22 3.0.0.10.in-addr.arpa. PTR Toshiba-Laptop.local. Error - 12/12/2013 9:20:51 AM | Computer Name = Toshiba_Laptop | Source = Microsoft-Windows-LoadPerf | ID = 3012Description = The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter valueis the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section. Error - 12/12/2013 9:20:51 AM | Computer Name = Toshiba_Laptop | Source = Microsoft-Windows-LoadPerf | ID = 3011Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code. Error - 12/12/2013 7:02:40 PM | Computer Name = Toshiba_Laptop | Source = Microsoft-Windows-LoadPerf | ID = 3012Description = The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter valueis the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section. Error - 12/12/2013 7:02:40 PM | Computer Name = Toshiba_Laptop | Source = Microsoft-Windows-LoadPerf | ID = 3011Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code. [ Media Center Events ]Error - 4/2/2013 3:50:12 AM | Computer Name = Toshiba_Laptop | Source = MCUpdate | ID = 0Description = 2:50:07 AM - Error connecting to the internet. 2:50:07 AM - Unable to contact server.. Error - 4/2/2013 8:14:30 AM | Computer Name = Toshiba_Laptop | Source = MCUpdate | ID = 0Description = 7:14:30 AM - Error connecting to the internet. 7:14:30 AM - Unable to contact server.. Error - 4/2/2013 8:14:41 AM | Computer Name = Toshiba_Laptop | Source = MCUpdate | ID = 0Description = 7:14:40 AM - Error connecting to the internet. 7:14:40 AM - Unable to contact server.. Error - 4/5/2013 1:17:28 PM | Computer Name = Toshiba_Laptop | Source = MCUpdate | ID = 0Description = 12:17:27 PM - Error connecting to the internet. 12:17:27 PM - Unable to contact server.. Error - 5/3/2013 7:58:49 AM | Computer Name = Toshiba_Laptop | Source = MCUpdate | ID = 0Description = 6:58:49 AM - Error connecting to the internet. 6:58:49 AM - Unable to contact server.. Error - 5/3/2013 7:58:59 AM | Computer Name = Toshiba_Laptop | Source = MCUpdate | ID = 0Description = 6:58:54 AM - Error connecting to the internet. 6:58:54 AM - Unable to contact server.. Error - 5/3/2013 9:27:45 AM | Computer Name = Toshiba_Laptop | Source = MCUpdate | ID = 0Description = 8:27:45 AM - Error connecting to the internet. 8:27:45 AM - Unable to contact server.. Error - 5/8/2013 8:00:14 AM | Computer Name = Toshiba_Laptop | Source = MCUpdate | ID = 0Description = 7:00:14 AM - Error connecting to the internet. 7:00:14 AM - Unable to contact server.. Error - 5/8/2013 8:02:20 AM | Computer Name = Toshiba_Laptop | Source = MCUpdate | ID = 0Description = 7:02:17 AM - Error connecting to the internet. 7:02:17 AM - Unable to contact server.. Error - 11/11/2013 9:09:53 AM | Computer Name = Toshiba_Laptop | Source = MCUpdate | ID = 0Description = 7:09:53 AM - Failed to retrieve Directory (Error: The remote namecould not be resolved: 'data.tvdownload.microsoft.com') [ Spybot - Search and Destroy Events ]Error - 11/20/2013 1:23:41 AM | Computer Name = Toshiba_Laptop | Source = SDCleaner | ID = 100Description = LoadCleaningInstructions [ System Events ]Error - 6/7/2013 3:13:56 PM | Computer Name = Toshiba_Laptop | Source = EventLog | ID = 6008Description = The previous system shutdown at 2:12:03 PM on ?6/?7/?2013 was unexpected. Error - 6/10/2013 7:54:50 AM | Computer Name = Toshiba_Laptop | Source = Service Control Manager | ID = 7011Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PCCUJobMgr service. Error - 6/13/2013 7:32:59 PM | Computer Name = Toshiba_Laptop | Source = Service Control Manager | ID = 7011Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PCCUJobMgr service. Error - 6/29/2013 11:22:31 AM | Computer Name = Toshiba_Laptop | Source = Service Control Manager | ID = 7011Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service. Error - 6/29/2013 9:23:07 PM | Computer Name = Toshiba_Laptop | Source = Microsoft Antimalware | ID = 2001Description = %%860 has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.153.853.0 Update Source: %%859 Update Stage: %%852 Source Path: User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9607.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Error - 6/30/2013 10:38:08 AM | Computer Name = Toshiba_Laptop | Source = Service Control Manager | ID = 7011Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. Error - 6/30/2013 10:38:39 AM | Computer Name = Toshiba_Laptop | Source = Service Control Manager | ID = 7011Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ehRecvr service. Error - 6/30/2013 10:39:13 AM | Computer Name = Toshiba_Laptop | Source = Service Control Manager | ID = 7011Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ehRecvr service. Error - 6/30/2013 10:39:43 AM | Computer Name = Toshiba_Laptop | Source = DCOM | ID = 10010Description = Error - 6/30/2013 10:39:43 AM | Computer Name = Toshiba_Laptop | Source = Service Control Manager | ID = 7011Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ehRecvr service. < End of report > Link to post Share on other sites More sharing options...
Psychotic Posted December 14, 2013 ID:764372 Share Posted December 14, 2013 Fix with OTLPlease double-click OTL.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy)::OTLFF - prefs.js..extensions.enabledAddons: toolbar10753%40findwide.com:2.0.0.1676FF - HKCU\Software\MozillaPlugins\@tnt2ghost.com/Plugin: C:\Users\My_Toshiba\AppData\Local\TNT2\2.0.0.1676\npTNT2ghost.dll File not foundFF - HKCU\Software\MozillaPlugins\@tnt2npapi.com/Plugin: C:\Users\My_Toshiba\AppData\Local\TNT2\2.0.0.1676\npTNT2.dll File not found[2013/11/17 09:25:16 | 000,000,000 | ---D | M] (MyWordTool) -- C:\Users\My_Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\4htg0550.default-1379026913962\extensions\emily@wilford.biz[2013/11/17 09:26:12 | 000,005,224 | ---- | M] () (No name found) -- C:\Users\My_Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\4htg0550.default-1379026913962\extensions\toolbar10753@findwide.com.xpiCHR - Extension: FindWide Toolbar = C:\Users\My_Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkbmapgmaiacmnmkkkaecadldnncpmje\1.0.0.0_0\CHR - Extension: GreatArcadeHits Add-on = C:\Users\My_Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\O3:64bit: - HKLM\..\Toolbar: (no name) - {65132BAA-DBA9-40B9-BD7C-667368459740} - No CLSID value found.O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.O3 - HKU\S-1-5-21-1580783213-1055047030-44623105-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.O3 - HKU\S-1-5-21-1580783213-1055047030-44623105-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.[2013/11/17 09:25:13 | 000,000,000 | ---D | C] -- C:\Users\My_Toshiba\AppData\Roaming\MyWordTool@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:42D9E231:COMMANDS[emptytemp][resethosts] Return to OTL, right click in the "Custom Scans/Fixes" section and choose Paste. Click the red Run Fix button.OTL may ask to reboot the machine. Please do so.If OTL did not reboot the machine, click OK and the log will open. Post the contents of the log in your next reply.If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date of the tool run.Also post a new OTL log. Full System Scan with Malwarebytes AntimalwareIf not existing, please download Malwarebytes' Anti-Malware to your desktop. Double-click mbam-setup.exe and follow the prompts to install the program. At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If the program is already installed:Run Malwarebytes Antimalware If an update is found, it will download and install the latest version. Once the program has loaded, select Perform fullscan, place a checkmark on all hard drives, then click Scan. When the scan is complete, click OK, then Show Results to view the results. Be sure that everything is checked, and click Remove Selected. When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be found here:C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt Post that log back here. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted December 28, 2013 Root Admin ID:769758 Share Posted December 28, 2013 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts