9 replies to this topic

[suttonsoft]

im infected, and cant install malwarebytes protection, please help!

[MrCharlie]

Welcome to the forum, please start at the link below:

http://forums.malwar...?showtopic=9573

Post back the 2 logs.

MrC

[suttonsoft]

.thanks


DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385
Run by danger at 15:06:02 on 2012-03-27
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3964.2317 [GMT -7:00]
.
AV: Kaspersky Internet Security *Enabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Kaspersky Internet Security *Enabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
FW: Kaspersky Internet Security *Enabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\ThpSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\ThpSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\windows\system32\taskeng.exe
C:\Program Files\TOSHIBA\TECO\Teco.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
C:\windows\system32\igfxext.exe
C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
C:\windows\system32\svchost.exe -k HPService
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtblfs.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\system32\wuauclt.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\SysWOW64\cscript.exe
C:\windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
TB: @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
{555d4d79-4bd2-4094-a395-cfc534424a05}
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Google Update] "C:\Users\danger\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
uRunOnce: [FlashPlayerUpdate] C:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p
mRun: [TUSBSleepChargeSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
mRun: [Auto Run Software for Photo Frame]
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [Bing Bar] "C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe"
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
StartupFolder: C:\Users\danger\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\PMBMED~1.LNK - C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDDMST~1.LNK - C:\Program Files (x86)\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDSMAR~1.LNK - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
TCP: DhcpNameServer = 216.170.112.1 216.170.112.30 11.0.0.1
TCP: Interfaces\{3C92850D-A192-4F23-983F-19D123081ADB} : DhcpNameServer = 216.170.112.1 216.170.112.30 11.0.0.1
TCP: Interfaces\{3C92850D-A192-4F23-983F-19D123081ADB}\7596562737D616 : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{3C92850D-A192-4F23-983F-19D123081ADB}\B4E656368647E45647 : DhcpNameServer = 216.170.112.1 216.170.112.30 11.0.0.1
TCP: Interfaces\{3C92850D-A192-4F23-983F-19D123081ADB}\C696E6B6379737 : DhcpNameServer = 216.170.112.1 216.170.112.30 11.0.0.1
Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files (x86)\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\System32\mscoree.dll
AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~2\MZVKBD3.DLL, C:\PROGRA~2\KASPER~1\KASPER~2\SBHOOK.DLL C:\PROGRA~2\GOOGLE\GOOGLE~3\GO36F4~1.DLL
mASetup: {01250B8F-D947-4F8A-9408-FE8E3EE2EC92} - C:\Program Files (x86)\TOSHIBA\My Toshiba\MyToshiba.exe /SETUP
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
BHO-X64: IEVkbdBHO - No File
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO-X64: Search Helper - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
BHO-X64: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
BHO-X64: link filter bho - No File
TB-X64: @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [TUSBSleepChargeSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe
mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED
mRun-x64: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
mRun-x64: [Auto Run Software for Photo Frame]
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [(Default)]
mRun-x64: [Bing Bar] "C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe"
mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
AppInit_DLLs-X64: C:\PROGRA~2\KASPER~1\KASPER~2\MZVKBD3.DLL, C:\PROGRA~2\KASPER~1\KASPER~2\SBHOOK.DLL C:\PROGRA~2\GOOGLE\GOOGLE~3\GO36F4~1.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\danger\AppData\Roaming\Mozilla\Firefox\Profiles\a4n5j32w.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IP2TDF&PC=IP2TDF&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IP2TDF&PC=IP2TDF&q=
FF - prefs.js: network.proxy.type - 4
FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru\components\abhelperxpcom.dll
FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\danger\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Users\danger\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Kaspersky URL Advisor: linkfilter@kaspersky.ru - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
FF - Ext: Skype extension for Firefox: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Anti-Banner: KavAntiBanner@Kaspersky.ru - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\windows\system32\Drivers\PxHlpa64.sys --> C:\windows\system32\Drivers\PxHlpa64.sys [?]
R1 kl2;kl2;C:\windows\system32\DRIVERS\kl2.sys --> C:\windows\system32\DRIVERS\kl2.sys [?]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\windows\system32\DRIVERS\klim6.sys --> C:\windows\system32\DRIVERS\klim6.sys [?]
R2 rimspci;rimspci;C:\windows\system32\DRIVERS\rimspe64.sys --> C:\windows\system32\DRIVERS\rimspe64.sys [?]
R2 risdpcie;risdpcie;C:\windows\system32\DRIVERS\risdpe64.sys --> C:\windows\system32\DRIVERS\risdpe64.sys [?]
R2 rixdpcie;rixdpcie;C:\windows\system32\DRIVERS\rixdpe64.sys --> C:\windows\system32\DRIVERS\rixdpe64.sys [?]
R3 FwLnk;FwLnk Driver;C:\windows\system32\DRIVERS\FwLnk.sys --> C:\windows\system32\DRIVERS\FwLnk.sys [?]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\windows\system32\drivers\IntcHdmi.sys --> C:\windows\system32\drivers\IntcHdmi.sys [?]
R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys --> C:\windows\system32\DRIVERS\pgeffect.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\windows\system32\DRIVERS\rtl8192se.sys --> C:\windows\system32\DRIVERS\rtl8192se.sys [?]
S3 klmouflt;Kaspersky Lab KLMOUFLT;C:\windows\system32\DRIVERS\klmouflt.sys --> C:\windows\system32\DRIVERS\klmouflt.sys [?]
.
=============== Created Last 30 ================
.
2012-03-27 21:13:51 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5D7ADE78-F0B6-4D2D-8F54-88D56E0763AC}\mpengine.dll
2012-03-14 17:16:30 3143168 ----a-w- C:\windows\System32\win32k.sys
2012-03-14 17:16:21 902656 ----a-w- C:\windows\System32\d2d1.dll
2012-03-14 17:16:21 1837568 ----a-w- C:\windows\System32\d3d10warp.dll
2012-03-14 17:16:21 1170944 ----a-w- C:\windows\SysWow64\d3d10warp.dll
2012-03-14 17:16:20 739840 ----a-w- C:\windows\SysWow64\d2d1.dll
2012-03-14 17:16:19 320512 ----a-w- C:\windows\System32\d3d10_1core.dll
2012-03-14 17:16:19 1541120 ----a-w- C:\windows\System32\DWrite.dll
2012-03-14 17:16:19 1074176 ----a-w- C:\windows\SysWow64\DWrite.dll
2012-03-14 17:16:18 218624 ----a-w- C:\windows\SysWow64\d3d10_1core.dll
2012-03-14 17:16:18 197120 ----a-w- C:\windows\System32\d3d10_1.dll
2012-03-14 17:16:18 161792 ----a-w- C:\windows\SysWow64\d3d10_1.dll
2012-03-14 17:12:56 826368 ----a-w- C:\windows\SysWow64\rdpcore.dll
2012-03-14 17:12:56 23552 ----a-w- C:\windows\System32\drivers\tdtcp.sys
2012-03-14 17:12:56 204800 ----a-w- C:\windows\System32\drivers\rdpwd.sys
2012-03-14 17:12:56 1031680 ----a-w- C:\windows\System32\rdpcore.dll
2012-03-14 17:12:45 9216 ----a-w- C:\windows\System32\rdrmemptylst.exe
2012-03-14 17:12:45 76288 ----a-w- C:\windows\System32\rdpwsx.dll
2012-03-14 17:12:45 149504 ----a-w- C:\windows\System32\rdpcorekmts.dll
.
==================== Find3M ====================
.
2012-02-23 16:18:36 279656 ------w- C:\windows\System32\MpSigStub.exe
.
============= FINISH: 15:07:26.65 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 12/28/2009 5:06:55 PM
System Uptime: 3/27/2012 1:58:55 PM (2 hours ago)
.
Motherboard: TOSHIBA | | Portable PC
Processor: Intel® Core™2 Duo CPU T6600 @ 2.20GHz | CPU | 2200/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 454 GiB total, 337.525 GiB free.
D: is CDROM (CDFS)
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: Officejet Pro 8500 A910
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer:
Name: Officejet Pro 8500 A910
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID:
Description: Officejet Pro 8500 A910
Device ID: ROOT\MULTIFUNCTION\0001
Manufacturer:
Name: Officejet Pro 8500 A910
PNP Device ID: ROOT\MULTIFUNCTION\0001
Service:
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Officejet Pro 8500 A910
Device ID: ROOT\MULTIFUNCTION\0002
Manufacturer: HP
Name: Officejet Pro 8500 A910
PNP Device ID: ROOT\MULTIFUNCTION\0002
Service:
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Deskjet 6940 series
Device ID: ROOT\MULTIFUNCTION\0003
Manufacturer: HP
Name: Deskjet 6940 series
PNP Device ID: ROOT\MULTIFUNCTION\0003
Service:
.
==== System Restore Points ===================
.
RP320: 3/3/2012 12:39:23 PM - Windows Update
RP321: 3/8/2012 7:03:44 AM - Windows Update
RP322: 3/9/2012 4:35:42 PM - Windows Update
RP323: 3/11/2012 5:05:51 PM - Windows Update
RP324: 3/14/2012 10:14:17 AM - Windows Update
RP325: 3/15/2012 9:21:04 AM - Windows Update
RP326: 3/15/2012 10:37:31 PM - Windows Update
RP327: 3/17/2012 10:49:18 AM - Windows Update
RP328: 3/17/2012 10:53:36 AM - Windows Update
RP329: 3/17/2012 11:16:08 PM - Windows Update
RP330: 3/20/2012 8:48:25 AM - Windows Update
RP331: 3/20/2012 5:34:29 PM - Windows Update
RP332: 3/21/2012 2:02:13 PM - Windows Update
RP333: 3/22/2012 8:38:37 PM - Windows Update
RP334: 3/22/2012 11:31:38 PM - Windows Update
RP335: 3/23/2012 10:22:32 PM - Windows Update
RP336: 3/23/2012 10:33:41 PM - Windows Update
RP337: 3/24/2012 10:10:55 PM - Windows Update
RP338: 3/25/2012 1:44:48 PM - Windows Update
RP339: 3/25/2012 10:16:04 PM - Windows Update
RP340: 3/27/2012 2:10:08 PM - Windows Update
RP341: 3/27/2012 2:12:43 PM - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
1600
1600_Help
1600Trb
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.2
AIO_CDB_ProductContext
AIO_CDB_Software
AIO_Scan
Apple Application Support
Apple Software Update
Bing Bar
Bing Bar Platform
BufferChm
Cactus Ropes Championship ArenaPack
Classic Championships ArenaPack
Compatibility Pack for the 2007 Office system
Direct DiscRecorder
DocProc
DVD MovieFactory for TOSHIBA
Google Chrome
Google Desktop
Google Earth Plug-in
Google Toolbar for Internet Explorer
Google Update Helper
HP Officejet Pro 8500 A910 Help
HP Update
HPPhotoGadget
HPSSupply
I.R.I.S. OCR
Java™ 6 Update 14
Junk Mail filter update
Kaspersky Internet Security 2011
Marketsplash Shortcuts
Microsoft Choice Guard
Microsoft Default Manager
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Mozilla Firefox (3.6.28)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MyToshiba
PC Ropes ArenaPack
Philips Photo Manager 1.1
Primo
QuickBooks Pro 2008
QuickTime
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Realtek WLAN Driver
RICOH R5U230 Media Driver ver.2.06.03.02
Runtime
Scan
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Skype Launcher
Skype Toolbars
Sony Picture Utility
Spelling Dictionaries Support For Adobe Reader 9
Spin To Win ArenaPack
SupportSoft Assisted Service
Toolbox
Toshiba Application Installer
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA DVD PLAYER
TOSHIBA eco Utility
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Face Recognition
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
Toshiba Online Backup
Toshiba Quality Application
TOSHIBA Service Station
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password
TOSHIBA USB Sleep and Charge Utility
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
ToshibaRegistration
TRSim
TRSim Bonus
TRSim Bonus Patch 109
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
WebReg
WildTangent Games
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Media Player Firefox Plugin
Yahoo! BrowserPlus 2.9.8
.
==== Event Viewer Messages From Past Week ========
.
3/27/2012 2:11:51 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Windows Internet Explorer 9 for Windows 7 for x64-based Systems.
3/27/2012 2:09:40 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.
3/26/2012 7:24:32 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
3/25/2012 9:54:15 PM, Error: Microsoft-Windows-DistributedCOM [10000] - Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. The error: "5" Happened while starting this command: C:\windows\system32\wbem\wmiprvse.exe -secured -Embedding
3/25/2012 9:53:06 PM, Error: Service Control Manager [7023] - The Security Center service terminated with the following error: Access is denied.
3/25/2012 9:53:01 PM, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: Access is denied.
3/25/2012 9:52:31 PM, Error: Service Control Manager [7000] - The Software Protection service failed to start due to the following error: Access is denied.
3/25/2012 9:52:16 PM, Error: Service Control Manager [7023] - The Function Discovery Provider Host service terminated with the following error: Access is denied.
3/25/2012 9:52:16 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: Access is denied.
3/25/2012 9:49:46 PM, Error: Service Control Manager [7023] - The SSDP Discovery service terminated with the following error: Access is denied.
3/25/2012 9:49:46 PM, Error: Service Control Manager [7000] - The IPsec Policy Agent service failed to start due to the following error: Access is denied.
3/25/2012 9:49:44 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the IPsec Policy Agent service to connect.
3/25/2012 9:49:44 PM, Error: Service Control Manager [7000] - The IPsec Policy Agent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/25/2012 9:38:30 PM, Error: Service Control Manager [7022] - The HP Network Devices Support service hung on starting.
3/25/2012 9:03:35 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.
3/25/2012 9:03:35 PM, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/25/2012 3:28:44 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
3/23/2012 9:18:32 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AVP service.
3/23/2012 10:27:57 PM, Error: Service Control Manager [7022] - The Kaspersky Anti-Virus Service service hung on starting.
.
==== End Of File ===========================

[MrCharlie]

Can you explain in more detail what's happen with MBAM.

--------------------------

Please remove any usb or external drives from the computer before you run these scan!

Please download Farbar Service Scanner and run it on the computer with the issue.

• Make sure the following options are checked:
  
  • Internet Services
    
  • Windows Firewall
    
  • System Restore
    
  • Security Center
    
  • Windows Update
• Press "Scan".
  
• It will create a log (FSS.txt) in the same directory the tool is run.
  
• Please copy and paste the log to your reply.

-------------
Next..........

Please download and run RogueKiller.
Click Scan to scan the system (don't run any other options)
Post back the report.

MrC

[suttonsoft]

initially, i could not shut down my computer, and it was running super slow. when i went to install malwarebytes, it would not allow me to do this. also, some abnormal activity was occurring on my email account. now i can shut down my computer, but still cannot install malwarebytes. thanks


Farbar Service Scanner Version: 01-03-2012
Ran by danger (administrator) on 29-03-2012 at 07:57:40
Running from "C:\Users\danger\Downloads"
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2012-02-15 09:27] - [2011-12-27 20:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll
[2009-07-13 17:09] - [2009-07-13 18:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-13 16:36] - [2009-07-13 18:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll
[2009-07-13 17:36] - [2009-07-13 18:41] - 2418176 ____A (Microsoft Corporation) 38340204A2D0228F1E87740FC5E554A7

C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

RogueKiller V7.3.2 [03/20/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User: danger [Admin rights]
Mode: Scan -- Date: 03/29/2012 08:05:52

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 2 ¤¤¤
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS545050B9A300 +++++
--- User ---
[MBR] 3dc58bf13bf1226d28ff04fef707c91f
[BSP] 6b81a4f7bbdb87c02bc9f654358bd723 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 464503 Mo
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 954376192 | Size: 10936 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1].txt >>
RKreport[1].txt

[MrCharlie]

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.



-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.



------------------------

Click the Start Scan button.



-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue



----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.





--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

MrC

[suttonsoft]

11:44:41.0726 5740 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
11:44:43.0754 5740 ============================================================
11:44:43.0754 5740 Current date / time: 2012/03/29 11:44:43.0754
11:44:43.0754 5740 SystemInfo:
11:44:43.0754 5740
11:44:43.0754 5740 OS Version: 6.1.7600 ServicePack: 0.0
11:44:43.0754 5740 Product type: Workstation
11:44:43.0754 5740 ComputerName: DANGER-PC
11:44:43.0754 5740 UserName: danger
11:44:43.0754 5740 Windows directory: C:\windows
11:44:43.0754 5740 System windows directory: C:\windows
11:44:43.0754 5740 Running under WOW64
11:44:43.0754 5740 Processor architecture: Intel x64
11:44:43.0754 5740 Number of processors: 2
11:44:43.0754 5740 Page size: 0x1000
11:44:43.0754 5740 Boot type: Normal boot
11:44:43.0754 5740 ============================================================
11:44:44.0284 5740 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:44:44.0300 5740 \Device\Harddisk0\DR0:
11:44:44.0300 5740 MBR used
11:44:44.0300 5740 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38B3B800
11:44:44.0347 5740 Initialize success
11:44:44.0347 5740 ============================================================
11:45:26.0186 4512 ============================================================
11:45:26.0186 4512 Scan started
11:45:26.0186 4512 Mode: Manual; SigCheck; TDLFS;
11:45:26.0186 4512 ============================================================
11:45:26.0748 4512 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\windows\system32\DRIVERS\1394ohci.sys
11:45:26.0888 4512 1394ohci - ok
11:45:27.0013 4512 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\windows\system32\DRIVERS\ACPI.sys
11:45:27.0044 4512 ACPI - ok
11:45:27.0106 4512 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\windows\system32\DRIVERS\acpipmi.sys
11:45:27.0231 4512 AcpiPmi - ok
11:45:27.0340 4512 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
11:45:27.0372 4512 adp94xx - ok
11:45:27.0465 4512 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
11:45:27.0496 4512 adpahci - ok
11:45:27.0559 4512 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
11:45:27.0574 4512 adpu320 - ok
11:45:27.0637 4512 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
11:45:27.0746 4512 AeLookupSvc - ok
11:45:27.0855 4512 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\windows\system32\drivers\afd.sys
11:45:27.0933 4512 AFD - ok
11:45:28.0058 4512 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\windows\system32\DRIVERS\agrsm64.sys
11:45:28.0152 4512 AgereSoftModem - ok
11:45:28.0261 4512 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\DRIVERS\agp440.sys
11:45:28.0292 4512 agp440 - ok
11:45:28.0323 4512 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
11:45:28.0370 4512 ALG - ok
11:45:28.0464 4512 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\DRIVERS\aliide.sys
11:45:28.0479 4512 aliide - ok
11:45:28.0604 4512 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\DRIVERS\amdide.sys
11:45:28.0620 4512 amdide - ok
11:45:28.0651 4512 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
11:45:28.0682 4512 AmdK8 - ok
11:45:28.0776 4512 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
11:45:28.0822 4512 AmdPPM - ok
11:45:28.0932 4512 amdsata (7a4b413614c055935567cf88a9734d38) C:\windows\system32\DRIVERS\amdsata.sys
11:45:28.0947 4512 amdsata - ok
11:45:28.0978 4512 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
11:45:28.0994 4512 amdsbs - ok
11:45:29.0119 4512 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\windows\system32\DRIVERS\amdxata.sys
11:45:29.0134 4512 amdxata - ok
11:45:29.0244 4512 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\windows\system32\drivers\appid.sys
11:45:29.0322 4512 AppID - ok
11:45:29.0400 4512 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
11:45:29.0462 4512 AppIDSvc - ok
11:45:29.0556 4512 Appinfo (d065be66822847b7f127d1f90158376e) C:\windows\System32\appinfo.dll
11:45:29.0634 4512 Appinfo - ok
11:45:29.0743 4512 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
11:45:29.0758 4512 arc - ok
11:45:29.0774 4512 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
11:45:29.0790 4512 arcsas - ok
11:45:29.0852 4512 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
11:45:29.0914 4512 AsyncMac - ok
11:45:29.0992 4512 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\DRIVERS\atapi.sys
11:45:30.0008 4512 atapi - ok
11:45:30.0086 4512 athr (e857eee6b92aaa473ebb3465add8f7e7) C:\windows\system32\DRIVERS\athrx.sys
11:45:30.0133 4512 athr - ok
11:45:30.0242 4512 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\windows\System32\Audiosrv.dll
11:45:30.0304 4512 AudioEndpointBuilder - ok
11:45:30.0336 4512 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\windows\System32\Audiosrv.dll
11:45:30.0382 4512 AudioSrv - ok
11:45:30.0445 4512 AVP - ok
11:45:30.0570 4512 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\windows\System32\AxInstSV.dll
11:45:30.0632 4512 AxInstSV - ok
11:45:30.0741 4512 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
11:45:30.0788 4512 b06bdrv - ok
11:45:30.0882 4512 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
11:45:30.0928 4512 b57nd60a - ok
11:45:31.0022 4512 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
11:45:31.0084 4512 BDESVC - ok
11:45:31.0178 4512 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
11:45:31.0209 4512 Beep - ok
11:45:31.0318 4512 BFE (4992c609a6315671463e30f6512bc022) C:\windows\System32\bfe.dll
11:45:31.0396 4512 BFE - ok
11:45:31.0506 4512 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\windows\System32\qmgr.dll
11:45:31.0568 4512 BITS - ok
11:45:31.0677 4512 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
11:45:31.0708 4512 blbdrive - ok
11:45:31.0802 4512 bowser (19d20159708e152267e53b66677a4995) C:\windows\system32\DRIVERS\bowser.sys
11:45:31.0864 4512 bowser - ok
11:45:31.0958 4512 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
11:45:32.0020 4512 BrFiltLo - ok
11:45:32.0052 4512 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
11:45:32.0083 4512 BrFiltUp - ok
11:45:32.0161 4512 Browser (94fbc06f294d58d02361918418f996e3) C:\windows\System32\browser.dll
11:45:32.0254 4512 Browser - ok
11:45:32.0317 4512 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
11:45:32.0348 4512 Brserid - ok
11:45:32.0426 4512 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
11:45:32.0473 4512 BrSerWdm - ok
11:45:32.0520 4512 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
11:45:32.0566 4512 BrUsbMdm - ok
11:45:32.0629 4512 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
11:45:32.0676 4512 BrUsbSer - ok
11:45:32.0800 4512 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\drivers\BthEnum.sys
11:45:32.0847 4512 BthEnum - ok
11:45:32.0878 4512 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
11:45:32.0941 4512 BTHMODEM - ok
11:45:33.0034 4512 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys
11:45:33.0081 4512 BthPan - ok
11:45:33.0222 4512 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\windows\System32\Drivers\BTHport.sys
11:45:33.0268 4512 BTHPORT - ok
11:45:33.0362 4512 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
11:45:33.0456 4512 bthserv - ok
11:45:33.0565 4512 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\windows\System32\Drivers\BTHUSB.sys
11:45:33.0627 4512 BTHUSB - ok
11:45:33.0674 4512 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
11:45:33.0721 4512 cdfs - ok
11:45:33.0814 4512 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\windows\system32\DRIVERS\cdrom.sys
11:45:33.0877 4512 cdrom - ok
11:45:33.0986 4512 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\windows\System32\certprop.dll
11:45:34.0048 4512 CertPropSvc - ok
11:45:34.0126 4512 cfWiMAXService (837ff2d497880198c918e6954dbd170c) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
11:45:34.0158 4512 cfWiMAXService - ok
11:45:34.0251 4512 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
11:45:34.0329 4512 circlass - ok
11:45:34.0392 4512 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
11:45:34.0423 4512 CLFS - ok
11:45:34.0470 4512 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:45:34.0501 4512 clr_optimization_v2.0.50727_32 - ok
11:45:34.0548 4512 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:45:34.0563 4512 clr_optimization_v2.0.50727_64 - ok
11:45:34.0641 4512 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
11:45:34.0688 4512 CmBatt - ok
11:45:34.0735 4512 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\DRIVERS\cmdide.sys
11:45:34.0750 4512 cmdide - ok
11:45:34.0828 4512 CNG (937beb186a735aca91d717044a49d17e) C:\windows\system32\Drivers\cng.sys
11:45:34.0875 4512 CNG - ok
11:45:34.0969 4512 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
11:45:34.0984 4512 Compbatt - ok
11:45:35.0031 4512 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\windows\system32\DRIVERS\CompositeBus.sys
11:45:35.0062 4512 CompositeBus - ok
11:45:35.0140 4512 COMSysApp - ok
11:45:35.0218 4512 ConfigFree Gadget Service (d252c53bcdfc199bba55eeb10cdb266e) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
11:45:35.0234 4512 ConfigFree Gadget Service - ok
11:45:35.0265 4512 ConfigFree Service (cab0eeaf5295fc96ddd3e19dce27e131) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
11:45:35.0281 4512 ConfigFree Service - ok
11:45:35.0359 4512 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
11:45:35.0374 4512 crcdisk - ok
11:45:35.0452 4512 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\windows\system32\cryptsvc.dll
11:45:35.0530 4512 CryptSvc - ok
11:45:35.0608 4512 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\windows\system32\rpcss.dll
11:45:35.0686 4512 DcomLaunch - ok
11:45:35.0780 4512 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
11:45:35.0842 4512 defragsvc - ok
11:45:35.0936 4512 DfsC (9c253ce7311ca60fc11c774692a13208) C:\windows\system32\Drivers\dfsc.sys
11:45:35.0998 4512 DfsC - ok
11:45:36.0076 4512 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\windows\system32\dhcpcore.dll
11:45:36.0186 4512 Dhcp - ok
11:45:36.0279 4512 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
11:45:36.0342 4512 discache - ok
11:45:36.0388 4512 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
11:45:36.0404 4512 Disk - ok
11:45:36.0482 4512 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\windows\System32\dnsrslvr.dll
11:45:36.0529 4512 Dnscache - ok
11:45:36.0576 4512 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\windows\System32\dot3svc.dll
11:45:36.0638 4512 dot3svc - ok
11:45:36.0747 4512 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\windows\system32\DRIVERS\Dot4.sys
11:45:36.0778 4512 Dot4 - ok
11:45:36.0903 4512 Dot4Print (85135ad27e79b689335c08167d917cde) C:\windows\system32\DRIVERS\Dot4Prt.sys
11:45:36.0934 4512 Dot4Print - ok
11:45:36.0950 4512 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\windows\system32\DRIVERS\dot4usb.sys
11:45:36.0981 4512 dot4usb - ok
11:45:37.0075 4512 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\windows\system32\dps.dll
11:45:37.0137 4512 DPS - ok
11:45:37.0231 4512 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
11:45:37.0278 4512 drmkaud - ok
11:45:37.0324 4512 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\windows\System32\drivers\dxgkrnl.sys
11:45:37.0356 4512 DXGKrnl - ok
11:45:37.0449 4512 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
11:45:37.0496 4512 EapHost - ok
11:45:37.0605 4512 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
11:45:37.0730 4512 ebdrv - ok
11:45:37.0839 4512 EFS (156f6159457d0aa7e59b62681b56eb90) C:\windows\System32\lsass.exe
11:45:37.0902 4512 EFS - ok
11:45:37.0964 4512 ehRecvr (b91d81b3b54a54ccafc03733dbc2e29e) C:\windows\ehome\ehRecvr.exe
11:45:38.0058 4512 ehRecvr - ok
11:45:38.0136 4512 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
11:45:38.0182 4512 ehSched - ok
11:45:38.0245 4512 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
11:45:38.0276 4512 elxstor - ok
11:45:38.0354 4512 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\DRIVERS\errdev.sys
11:45:38.0416 4512 ErrDev - ok
11:45:38.0541 4512 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
11:45:38.0635 4512 EventSystem - ok
11:45:38.0682 4512 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
11:45:38.0744 4512 exfat - ok
11:45:38.0822 4512 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
11:45:38.0916 4512 fastfat - ok
11:45:39.0009 4512 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\windows\system32\fxssvc.exe
11:45:39.0072 4512 Fax - ok
11:45:39.0165 4512 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
11:45:39.0228 4512 fdc - ok
11:45:39.0321 4512 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
11:45:39.0368 4512 fdPHost - ok
11:45:39.0399 4512 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
11:45:39.0462 4512 FDResPub - ok
11:45:39.0524 4512 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
11:45:39.0555 4512 FileInfo - ok
11:45:39.0602 4512 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
11:45:39.0664 4512 Filetrace - ok
11:45:39.0727 4512 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
11:45:39.0774 4512 flpydisk - ok
11:45:39.0883 4512 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\windows\system32\drivers\fltmgr.sys
11:45:39.0898 4512 FltMgr - ok
11:45:39.0945 4512 FontCache (8ac4cb4ea61e41009fae9ae7b2b5da3a) C:\windows\system32\FntCache.dll
11:45:40.0023 4512 FontCache - ok
11:45:40.0117 4512 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:45:40.0132 4512 FontCache3.0.0.0 - ok
11:45:40.0195 4512 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
11:45:40.0210 4512 FsDepends - ok
11:45:40.0304 4512 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys
11:45:40.0320 4512 Fs_Rec - ok
11:45:40.0351 4512 fvevol (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\windows\system32\DRIVERS\fvevol.sys
11:45:40.0366 4512 fvevol - ok
11:45:40.0444 4512 FwLnk (60acb128e64c35c2b4e4aab1b0a5c293) C:\windows\system32\DRIVERS\FwLnk.sys
11:45:40.0507 4512 FwLnk - ok
11:45:40.0600 4512 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
11:45:40.0616 4512 gagp30kx - ok
11:45:40.0694 4512 GameConsoleService (c44d560e441f091ea3b72f778ec60de2) C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
11:45:40.0725 4512 GameConsoleService - ok
11:45:40.0803 4512 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
11:45:40.0819 4512 GoogleDesktopManager-051210-111108 - ok
11:45:40.0928 4512 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\windows\System32\gpsvc.dll
11:45:40.0975 4512 gpsvc - ok
11:45:41.0084 4512 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:45:41.0100 4512 gupdate - ok
11:45:41.0146 4512 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:45:41.0162 4512 gupdatem - ok
11:45:41.0240 4512 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
11:45:41.0271 4512 gusvc - ok
11:45:41.0349 4512 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
11:45:41.0380 4512 hcw85cir - ok
11:45:41.0412 4512 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\windows\system32\drivers\HdAudio.sys
11:45:41.0458 4512 HdAudAddService - ok
11:45:41.0536 4512 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\windows\system32\DRIVERS\HDAudBus.sys
11:45:41.0568 4512 HDAudBus - ok
11:45:41.0599 4512 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
11:45:41.0630 4512 HidBatt - ok
11:45:41.0708 4512 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
11:45:41.0755 4512 HidBth - ok
11:45:41.0786 4512 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
11:45:41.0802 4512 HidIr - ok
11:45:41.0895 4512 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
11:45:41.0973 4512 hidserv - ok
11:45:42.0051 4512 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\windows\system32\DRIVERS\hidusb.sys
11:45:42.0082 4512 HidUsb - ok
11:45:42.0114 4512 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\windows\system32\kmsvc.dll
11:45:42.0192 4512 hkmsvc - ok
11:45:42.0285 4512 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\windows\system32\ListSvc.dll
11:45:42.0363 4512 HomeGroupListener - ok
11:45:42.0441 4512 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\windows\system32\provsvc.dll
11:45:42.0488 4512 HomeGroupProvider - ok
11:45:42.0535 4512 HpSAMD (0886d440058f203eba0e1825e4355914) C:\windows\system32\DRIVERS\HpSAMD.sys
11:45:42.0550 4512 HpSAMD - ok
11:45:42.0660 4512 HPSLPSVC (7f57926169c1b8aba9274ea7d4b70f18) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
11:45:42.0691 4512 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
11:45:42.0691 4512 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
11:45:42.0816 4512 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\windows\system32\drivers\HTTP.sys
11:45:42.0878 4512 HTTP - ok
11:45:42.0987 4512 hwpolicy (f17766a19145f111856378df337a5d79) C:\windows\system32\drivers\hwpolicy.sys
11:45:43.0003 4512 hwpolicy - ok
11:45:43.0018 4512 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
11:45:43.0034 4512 i8042prt - ok
11:45:43.0143 4512 iaStor (bbb3b6df1abb0fe35802ede85cc1c011) C:\windows\system32\DRIVERS\iaStor.sys
11:45:43.0174 4512 iaStor - ok
11:45:43.0299 4512 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\windows\system32\DRIVERS\iaStorV.sys
11:45:43.0330 4512 iaStorV - ok
11:45:43.0408 4512 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:45:43.0440 4512 idsvc - ok
11:45:43.0674 4512 igfx (3c3f27002abc69c5afe29cbe6cf7addf) C:\windows\system32\DRIVERS\igdkmd64.sys
11:45:43.0939 4512 igfx - ok
11:45:44.0048 4512 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
11:45:44.0064 4512 iirsp - ok
11:45:44.0126 4512 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\windows\System32\ikeext.dll
11:45:44.0173 4512 IKEEXT - ok
11:45:44.0298 4512 IntcAzAudAddService (0c3cf4b3bae28e121a1689e3538f8712) C:\windows\system32\drivers\RTKVHD64.sys
11:45:44.0344 4512 IntcAzAudAddService - ok
11:45:44.0454 4512 IntcHdmiAddService (88a20fa54c73ded4e8dac764e9130ae9) C:\windows\system32\drivers\IntcHdmi.sys
11:45:44.0500 4512 IntcHdmiAddService - ok
11:45:44.0594 4512 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\DRIVERS\intelide.sys
11:45:44.0610 4512 intelide - ok
11:45:44.0641 4512 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
11:45:44.0672 4512 intelppm - ok
11:45:44.0766 4512 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
11:45:44.0828 4512 IPBusEnum - ok
11:45:44.0875 4512 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\windows\system32\DRIVERS\ipfltdrv.sys
11:45:44.0953 4512 IpFilterDriver - ok
11:45:45.0046 4512 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\windows\System32\iphlpsvc.dll
11:45:45.0140 4512 iphlpsvc - ok
11:45:45.0234 4512 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\windows\system32\DRIVERS\IPMIDrv.sys
11:45:45.0265 4512 IPMIDRV - ok
11:45:45.0296 4512 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
11:45:45.0358 4512 IPNAT - ok
11:45:45.0452 4512 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
11:45:45.0499 4512 IRENUM - ok
11:45:45.0608 4512 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\DRIVERS\isapnp.sys
11:45:45.0639 4512 isapnp - ok
11:45:45.0655 4512 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\windows\system32\DRIVERS\msiscsi.sys
11:45:45.0670 4512 iScsiPrt - ok
11:45:45.0686 4512 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
11:45:45.0702 4512 kbdclass - ok
11:45:45.0795 4512 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\windows\system32\DRIVERS\kbdhid.sys
11:45:45.0826 4512 kbdhid - ok
11:45:45.0873 4512 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe
11:45:45.0889 4512 KeyIso - ok
11:45:45.0982 4512 kl1 (8d7120743a0973ceab548b475c9d4289) C:\windows\system32\DRIVERS\kl1.sys
11:45:45.0998 4512 kl1 - ok
11:45:46.0092 4512 kl2 (cd146d8e525d6eebdcaf24120a8ab9ce) C:\windows\system32\DRIVERS\kl2.sys
11:45:46.0107 4512 kl2 - ok
11:45:46.0154 4512 KLIF (177505577604c94c4be7b9316a90ada1) C:\windows\system32\DRIVERS\klif.sys
11:45:46.0170 4512 KLIF - ok
11:45:46.0263 4512 KLIM6 (2a64b3a9eed93a2e96537b67c079fc96) C:\windows\system32\DRIVERS\klim6.sys
11:45:46.0279 4512 KLIM6 - ok
11:45:46.0341 4512 klmouflt (9468d07e91ba136d82415f5dfc1fe168) C:\windows\system32\DRIVERS\klmouflt.sys
11:45:46.0357 4512 klmouflt - ok
11:45:46.0466 4512 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\windows\system32\Drivers\ksecdd.sys
11:45:46.0497 4512 KSecDD - ok
11:45:46.0544 4512 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\windows\system32\Drivers\ksecpkg.sys
11:45:46.0575 4512 KSecPkg - ok
11:45:46.0669 4512 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
11:45:46.0747 4512 ksthunk - ok
11:45:46.0825 4512 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
11:45:46.0887 4512 KtmRm - ok
11:45:46.0950 4512 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\windows\system32\srvsvc.dll
11:45:47.0012 4512 LanmanServer - ok
11:45:47.0090 4512 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\windows\System32\wkssvc.dll
11:45:47.0168 4512 LanmanWorkstation - ok
11:45:47.0230 4512 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
11:45:47.0308 4512 lltdio - ok
11:45:47.0402 4512 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
11:45:47.0480 4512 lltdsvc - ok
11:45:47.0511 4512 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
11:45:47.0558 4512 lmhosts - ok
11:45:47.0620 4512 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
11:45:47.0636 4512 LSI_FC - ok
11:45:47.0683 4512 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
11:45:47.0714 4512 LSI_SAS - ok
11:45:47.0776 4512 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
11:45:47.0792 4512 LSI_SAS2 - ok
11:45:47.0870 4512 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
11:45:47.0886 4512 LSI_SCSI - ok
11:45:47.0917 4512 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
11:45:47.0964 4512 luafv - ok
11:45:48.0057 4512 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\windows\system32\Mcx2Svc.dll
11:45:48.0120 4512 Mcx2Svc - ok
11:45:48.0198 4512 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
11:45:48.0229 4512 megasas - ok
11:45:48.0260 4512 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
11:45:48.0276 4512 MegaSR - ok
11:45:48.0369 4512 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
11:45:48.0447 4512 MMCSS - ok
11:45:48.0478 4512 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
11:45:48.0541 4512 Modem - ok
11:45:48.0619 4512 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
11:45:48.0666 4512 monitor - ok
11:45:48.0775 4512 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
11:45:48.0790 4512 mouclass - ok
11:45:48.0822 4512 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
11:45:48.0853 4512 mouhid - ok
11:45:48.0946 4512 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\windows\system32\drivers\mountmgr.sys
11:45:48.0962 4512 mountmgr - ok
11:45:48.0993 4512 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\windows\system32\DRIVERS\mpio.sys
11:45:49.0009 4512 mpio - ok
11:45:49.0102 4512 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
11:45:49.0165 4512 mpsdrv - ok
11:45:49.0243 4512 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\windows\system32\mpssvc.dll
11:45:49.0305 4512 MpsSvc - ok
11:45:49.0414 4512 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\windows\system32\drivers\mrxdav.sys
11:45:49.0461 4512 MRxDAV - ok
11:45:49.0508 4512 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\windows\system32\DRIVERS\mrxsmb.sys
11:45:49.0524 4512 mrxsmb - ok
11:45:49.0633 4512 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\windows\system32\DRIVERS\mrxsmb10.sys
11:45:49.0664 4512 mrxsmb10 - ok
11:45:49.0711 4512 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\windows\system32\DRIVERS\mrxsmb20.sys
11:45:49.0742 4512 mrxsmb20 - ok
11:45:49.0836 4512 msahci (5c37497276e3b3a5488b23a326a754b7) C:\windows\system32\DRIVERS\msahci.sys
11:45:49.0867 4512 msahci - ok
11:45:49.0882 4512 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\windows\system32\DRIVERS\msdsm.sys
11:45:49.0898 4512 msdsm - ok
11:45:49.0945 4512 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
11:45:49.0976 4512 MSDTC - ok
11:45:50.0070 4512 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
11:45:50.0132 4512 Msfs - ok
11:45:50.0148 4512 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
11:45:50.0210 4512 mshidkmdf - ok
11:45:50.0288 4512 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\DRIVERS\msisadrv.sys
11:45:50.0304 4512 msisadrv - ok
11:45:50.0350 4512 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
11:45:50.0413 4512 MSiSCSI - ok
11:45:50.0460 4512 msiserver - ok
11:45:50.0569 4512 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
11:45:50.0616 4512 MSKSSRV - ok
11:45:50.0631 4512 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
11:45:50.0678 4512 MSPCLOCK - ok
11:45:50.0772 4512 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
11:45:50.0850 4512 MSPQM - ok
11:45:50.0881 4512 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\windows\system32\drivers\MsRPC.sys
11:45:50.0896 4512 MsRPC - ok
11:45:50.0990 4512 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
11:45:51.0006 4512 mssmbios - ok
11:45:51.0115 4512 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
11:45:51.0177 4512 MSTEE - ok
11:45:51.0208 4512 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
11:45:51.0240 4512 MTConfig - ok
11:45:51.0333 4512 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
11:45:51.0364 4512 Mup - ok
11:45:51.0396 4512 napagent (4987e079a4530fa737a128be54b63b12) C:\windows\system32\qagentRT.dll
11:45:51.0489 4512 napagent - ok
11:45:51.0598 4512 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
11:45:51.0645 4512 NativeWifiP - ok
11:45:51.0770 4512 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\windows\system32\drivers\ndis.sys
11:45:51.0801 4512 NDIS - ok
11:45:51.0895 4512 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
11:45:51.0957 4512 NdisCap - ok
11:45:52.0051 4512 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
11:45:52.0098 4512 NdisTapi - ok
11:45:52.0191 4512 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\windows\system32\DRIVERS\ndisuio.sys
11:45:52.0254 4512 Ndisuio - ok
11:45:52.0269 4512 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\windows\system32\DRIVERS\ndiswan.sys
11:45:52.0316 4512 NdisWan - ok
11:45:52.0394 4512 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\windows\system32\drivers\NDProxy.sys
11:45:52.0441 4512 NDProxy - ok
11:45:52.0488 4512 Net Driver HPZ12 (d5ac41ae382738483faffbd7e373d49a) C:\Windows\system32\HPZinw12.dll
11:45:52.0503 4512 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
11:45:52.0503 4512 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
11:45:52.0597 4512 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
11:45:52.0675 4512 NetBIOS - ok
11:45:52.0706 4512 NetBT (9162b273a44ab9dce5b44362731d062a) C:\windows\system32\DRIVERS\netbt.sys
11:45:52.0753 4512 NetBT - ok
11:45:52.0846 4512 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe
11:45:52.0878 4512 Netlogon - ok
11:45:52.0924 4512 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
11:45:53.0018 4512 Netman - ok
11:45:53.0080 4512 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
11:45:53.0158 4512 netprofm - ok
11:45:53.0236 4512 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:45:53.0268 4512 NetTcpPortSharing - ok
11:45:53.0330 4512 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
11:45:53.0346 4512 nfrd960 - ok
11:45:53.0408 4512 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\windows\System32\nlasvc.dll
11:45:53.0486 4512 NlaSvc - ok
11:45:53.0548 4512 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
11:45:53.0611 4512 Npfs - ok
11:45:53.0658 4512 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
11:45:53.0736 4512 nsi - ok
11:45:53.0798 4512 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
11:45:53.0876 4512 nsiproxy - ok
11:45:53.0970 4512 Ntfs (356698a13c4630d5b31c37378d469196) C:\windows\system32\drivers\Ntfs.sys
11:45:54.0032 4512 Ntfs - ok
11:45:54.0110 4512 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
11:45:54.0204 4512 Null - ok
11:45:54.0297 4512 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\windows\system32\DRIVERS\nvraid.sys
11:45:54.0328 4512 nvraid - ok
11:45:54.0344 4512 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\windows\system32\DRIVERS\nvstor.sys
11:45:54.0360 4512 nvstor - ok
11:45:54.0469 4512 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\DRIVERS\nv_agp.sys
11:45:54.0500 4512 nv_agp - ok
11:45:54.0594 4512 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:45:54.0625 4512 odserv - ok
11:45:54.0718 4512 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\DRIVERS\ohci1394.sys
11:45:54.0765 4512 ohci1394 - ok
11:45:54.0843 4512 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:45:54.0874 4512 ose - ok
11:45:54.0968 4512 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
11:45:55.0015 4512 p2pimsvc - ok
11:45:55.0108 4512 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
11:45:55.0140 4512 p2psvc - ok
11:45:55.0233 4512 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
11:45:55.0249 4512 Parport - ok
11:45:55.0280 4512 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\windows\system32\drivers\partmgr.sys
11:45:55.0296 4512 partmgr - ok
11:45:55.0374 4512 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
11:45:55.0405 4512 PcaSvc - ok
11:45:55.0467 4512 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\windows\system32\DRIVERS\pci.sys
11:45:55.0483 4512 pci - ok
11:45:55.0561 4512 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys
11:45:55.0576 4512 pciide - ok
11:45:55.0608 4512 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
11:45:55.0623 4512 pcmcia - ok
11:45:55.0654 4512 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
11:45:55.0670 4512 pcw - ok
11:45:55.0764 4512 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
11:45:55.0842 4512 PEAUTH - ok
11:45:55.0920 4512 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
11:45:55.0982 4512 PerfHost - ok
11:45:56.0076 4512 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys
11:45:56.0091 4512 PGEffect - ok
11:45:56.0169 4512 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\windows\system32\pla.dll
11:45:56.0278 4512 pla - ok
11:45:56.0403 4512 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\windows\system32\umpnpmgr.dll
11:45:56.0450 4512 PlugPlay - ok
11:45:56.0590 4512 Pml Driver HPZ12 (37f6046cdc630442d7dc087501ff6fc6) C:\Windows\system32\HPZipm12.dll
11:45:56.0622 4512 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
11:45:56.0622 4512 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
11:45:56.0668 4512 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
11:45:56.0715 4512 PNRPAutoReg - ok
11:45:56.0778 4512 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
11:45:56.0824 4512 PNRPsvc - ok
11:45:56.0887 4512 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\windows\System32\ipsecsvc.dll
11:45:56.0980 4512 PolicyAgent - ok
11:45:57.0074 4512 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
11:45:57.0152 4512 Power - ok
11:45:57.0246 4512 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\windows\system32\DRIVERS\raspptp.sys
11:45:57.0308 4512 PptpMiniport - ok
11:45:57.0324 4512 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
11:45:57.0355 4512 Processor - ok
11:45:57.0464 4512 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\windows\system32\profsvc.dll
11:45:57.0558 4512 ProfSvc - ok
11:45:57.0604 4512 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe
11:45:57.0620 4512 ProtectedStorage - ok
11:45:57.0698 4512 Psched (ee992183bd8eaefd9973f352e587a299) C:\windows\system32\DRIVERS\pacer.sys
11:45:57.0760 4512 Psched - ok
11:45:57.0838 4512 PxHlpa64 (46851bc18322da70f3f2299a1007c479) C:\windows\system32\Drivers\PxHlpa64.sys
11:45:57.0854 4512 PxHlpa64 - ok
11:45:57.0948 4512 QBCFMonitorService (0a2c21b3168f2efc3468b35ff5508cea) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
11:45:57.0948 4512 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - warning
11:45:57.0948 4512 QBCFMonitorService - detected UnsignedFile.Multi.Generic (1)
11:45:58.0041 4512 QBFCService (bab30d2799754f6ea22f0b9076311793) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
11:45:58.0057 4512 QBFCService ( UnsignedFile.Multi.Generic ) - warning
11:45:58.0057 4512 QBFCService - detected UnsignedFile.Multi.Generic (1)
11:45:58.0197 4512 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
11:45:58.0244 4512 ql2300 - ok
11:45:58.0338 4512 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
11:45:58.0353 4512 ql40xx - ok
11:45:58.0400 4512 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
11:45:58.0431 4512 QWAVE - ok
11:45:58.0540 4512 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
11:45:58.0603 4512 QWAVEdrv - ok
11:45:58.0634 4512 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
11:45:58.0681 4512 RasAcd - ok
11:45:58.0774 4512 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
11:45:58.0837 4512 RasAgileVpn - ok
11:45:58.0868 4512 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
11:45:58.0915 4512 RasAuto - ok
11:45:59.0008 4512 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\windows\system32\DRIVERS\rasl2tp.sys
11:45:59.0086 4512 Rasl2tp - ok
11:45:59.0149 4512 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\windows\System32\rasmans.dll
11:45:59.0211 4512 RasMan - ok
11:45:59.0320 4512 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
11:45:59.0414 4512 RasPppoe - ok
11:45:59.0445 4512 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
11:45:59.0492 4512 RasSstp - ok
11:45:59.0586 4512 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\windows\system32\DRIVERS\rdbss.sys
11:45:59.0648 4512 rdbss - ok
11:45:59.0664 4512 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
11:45:59.0695 4512 rdpbus - ok
11:45:59.0773 4512 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
11:45:59.0820 4512 RDPCDD - ok
11:45:59.0851 4512 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
11:45:59.0913 4512 RDPENCDD - ok
11:46:00.0007 4512 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
11:46:00.0054 4512 RDPREFMP - ok
11:46:00.0100 4512 RDPWD (074ac702d8b8b660b0e1371555995386) C:\windows\system32\drivers\RDPWD.sys
11:46:00.0132 4512 RDPWD - ok
11:46:00.0225 4512 rdyboost (634b9a2181d98f15941236886164ec8b) C:\windows\system32\drivers\rdyboost.sys
11:46:00.0256 4512 rdyboost - ok
11:46:00.0288 4512 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
11:46:00.0334 4512 RemoteAccess - ok
11:46:00.0412 4512 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
11:46:00.0490 4512 RemoteRegistry - ok
11:46:00.0600 4512 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys
11:46:00.0662 4512 RFCOMM - ok
11:46:00.0756 4512 rimspci (e20b1907fc72a3664ece21e3c20fc63d) C:\windows\system32\DRIVERS\rimspe64.sys
11:46:00.0802 4512 rimspci - ok
11:46:00.0896 4512 risdpcie (7dda2e5cf452dad24b1be704225c18ee) C:\windows\system32\DRIVERS\risdpe64.sys
11:46:00.0927 4512 risdpcie - ok
11:46:01.0021 4512 rixdpcie (6a1cd4674505e6791390a1ab71da1fbe) C:\windows\system32\DRIVERS\rixdpe64.sys
11:46:01.0083 4512 rixdpcie - ok
11:46:01.0177 4512 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
11:46:01.0239 4512 RpcEptMapper - ok
11:46:01.0270 4512 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
11:46:01.0302 4512 RpcLocator - ok
11:46:01.0380 4512 RpcSs (7266972e86890e2b30c0c322e906b027) C:\windows\system32\rpcss.dll
11:46:01.0426 4512 RpcSs - ok
11:46:01.0536 4512 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
11:46:01.0582 4512 rspndr - ok
11:46:01.0676 4512 RTL8167 (f65f171165fbb613f7aa3cc78e8cab42) C:\windows\system32\DRIVERS\Rt64win7.sys
11:46:01.0738 4512 RTL8167 - ok
11:46:01.0863 4512 rtl8192se (7cd14bf5b42931fb80bee5d3e6ba7089) C:\windows\system32\DRIVERS\rtl8192se.sys
11:46:01.0910 4512 rtl8192se - ok
11:46:02.0004 4512 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe
11:46:02.0035 4512 SamSs - ok
11:46:02.0097 4512 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\windows\system32\DRIVERS\sbp2port.sys
11:46:02.0128 4512 sbp2port - ok
11:46:02.0175 4512 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
11:46:02.0222 4512 SCardSvr - ok
11:46:02.0300 4512 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\windows\system32\DRIVERS\scfilter.sys
11:46:02.0362 4512 scfilter - ok
11:46:02.0472 4512 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\windows\system32\schedsvc.dll
11:46:02.0534 4512 Schedule - ok
11:46:02.0628 4512 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\windows\System32\certprop.dll
11:46:02.0674 4512 SCPolicySvc - ok
11:46:02.0737 4512 sdbus (54e47ad086782d3ae9417c155cdceb9b) C:\windows\system32\DRIVERS\sdbus.sys
11:46:02.0784 4512 sdbus - ok
11:46:02.0846 4512 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\windows\System32\SDRSVC.dll
11:46:02.0908 4512 SDRSVC - ok
11:46:03.0018 4512 SeaPort (4a5809a1d796e2675ac0332bf7b0cb11) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
11:46:03.0049 4512 SeaPort - ok
11:46:03.0142 4512 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
11:46:03.0189 4512 secdrv - ok
11:46:03.0220 4512 seclogon (463b386ebc70f98da5dff85f7e654346) C:\windows\system32\seclogon.dll
11:46:03.0283 4512 seclogon - ok
11:46:03.0361 4512 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
11:46:03.0423 4512 SENS - ok
11:46:03.0454 4512 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
11:46:03.0501 4512 SensrSvc - ok
11:46:03.0564 4512 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
11:46:03.0626 4512 Serenum - ok
11:46:03.0673 4512 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
11:46:03.0704 4512 Serial - ok
11:46:03.0766 4512 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
11:46:03.0813 4512 sermouse - ok
11:46:03.0907 4512 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\windows\system32\sessenv.dll
11:46:03.0938 4512 SessionEnv - ok
11:46:04.0000 4512 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\DRIVERS\sffdisk.sys
11:46:04.0047 4512 sffdisk - ok
11:46:04.0078 4512 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\DRIVERS\sffp_mmc.sys
11:46:04.0125 4512 sffp_mmc - ok
11:46:04.0203 4512 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\windows\system32\DRIVERS\sffp_sd.sys
11:46:04.0234 4512 sffp_sd - ok
11:46:04.0281 4512 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
11:46:04.0312 4512 sfloppy - ok
11:46:04.0375 4512 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
11:46:04.0468 4512 SharedAccess - ok
11:46:04.0515 4512 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\windows\System32\shsvcs.dll
11:46:04.0546 4512 ShellHWDetection - ok
11:46:04.0593 4512 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
11:46:04.0624 4512 SiSRaid2 - ok
11:46:04.0656 4512 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
11:46:04.0671 4512 SiSRaid4 - ok
11:46:04.0687 4512 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
11:46:04.0749 4512 Smb - ok
11:46:04.0812 4512 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
11:46:04.0858 4512 SNMPTRAP - ok
11:46:04.0921 4512 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
11:46:04.0936 4512 spldr - ok
11:46:05.0014 4512 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\windows\System32\spoolsv.exe
11:46:05.0061 4512 Spooler - ok
11:46:05.0233 4512 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\windows\system32\sppsvc.exe
11:46:05.0295 4512 sppsvc - ok
11:46:05.0389 4512 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
11:46:05.0467 4512 sppuinotify - ok
11:46:05.0607 4512 sptd (51de15ca5c05bca46d8b110cd00a02fb) C:\windows\system32\Drivers\sptd.sys
11:46:05.0607 4512 Suspicious file (NoAccess): C:\windows\system32\Drivers\sptd.sys. md5: 51de15ca5c05bca46d8b110cd00a02fb
11:46:05.0623 4512 sptd ( LockedFile.Multi.Generic ) - warning
11:46:05.0623 4512 sptd - detected LockedFile.Multi.Generic (1)
11:46:05.0732 4512 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\windows\system32\DRIVERS\srv.sys
11:46:05.0779 4512 srv - ok
11:46:05.0919 4512 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\windows\system32\DRIVERS\srv2.sys
11:46:05.0950 4512 srv2 - ok
11:46:05.0982 4512 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\windows\system32\DRIVERS\srvnet.sys
11:46:06.0044 4512 srvnet - ok
11:46:06.0122 4512 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
11:46:06.0184 4512 SSDPSRV - ok
11:46:06.0231 4512 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
11:46:06.0309 4512 SstpSvc - ok
11:46:06.0434 4512 StarWindServiceAE (e5c796b621f6fba8616511063d7f0ffe) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
11:46:06.0450 4512 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - warning
11:46:06.0450 4512 StarWindServiceAE - detected UnsignedFile.Multi.Generic (1)
11:46:06.0543 4512 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
11:46:06.0574 4512 stexstor - ok
11:46:06.0637 4512 StillCam (decacb6921ded1a38642642685d77dac) C:\windows\system32\DRIVERS\serscan.sys
11:46:06.0699 4512 StillCam - ok
11:46:06.0793 4512 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\windows\System32\wiaservc.dll
11:46:06.0855 4512 stisvc - ok
11:46:06.0933 4512 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
11:46:06.0949 4512 swenum - ok
11:46:06.0996 4512 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
11:46:07.0042 4512 swprv - ok
11:46:07.0167 4512 SynTP (be7311da9d6833fa69ed04b744a1c8f8) C:\windows\system32\DRIVERS\SynTP.sys
11:46:07.0198 4512 SynTP - ok
11:46:07.0276 4512 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\windows\system32\sysmain.dll
11:46:07.0339 4512 SysMain - ok
11:46:07.0432 4512 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\windows\System32\TabSvc.dll
11:46:07.0495 4512 TabletInputService - ok
11:46:07.0604 4512 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\windows\System32\tapisrv.dll
11:46:07.0682 4512 TapiSrv - ok
11:46:07.0760 4512 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
11:46:07.0807 4512 TBS - ok
11:46:07.0901 4512 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\windows\system32\drivers\tcpip.sys
11:46:07.0947 4512 Tcpip - ok
11:46:08.0103 4512 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\windows\system32\DRIVERS\tcpip.sys
11:46:08.0150 4512 TCPIP6 - ok
11:46:08.0213 4512 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\windows\system32\drivers\tcpipreg.sys
11:46:08.0291 4512 tcpipreg - ok
11:46:08.0337 4512 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
11:46:08.0353 4512 tdcmdpst - ok
11:46:08.0431 4512 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
11:46:08.0478 4512 TDPIPE - ok
11:46:08.0525 4512 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\windows\system32\drivers\tdtcp.sys
11:46:08.0556 4512 TDTCP - ok
11:46:08.0634 4512 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\windows\system32\DRIVERS\tdx.sys
11:46:08.0727 4512 tdx - ok
11:46:08.0743 4512 TermDD (c448651339196c0e869a355171875522) C:\windows\system32\DRIVERS\termdd.sys
11:46:08.0759 4512 TermDD - ok
11:46:08.0805 4512 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\windows\System32\termsrv.dll
11:46:08.0868 4512 TermService - ok
11:46:08.0946 4512 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
11:46:09.0008 4512 Themes - ok
11:46:09.0117 4512 Thpdrv (c013f6acaa9761f571bd28dada7c157d) C:\windows\system32\DRIVERS\thpdrv.sys
11:46:09.0133 4512 Thpdrv - ok
11:46:09.0149 4512 Thpevm (b4e609047434ed948af7bdef2fa66e38) C:\windows\system32\DRIVERS\Thpevm.SYS
11:46:09.0164 4512 Thpevm - ok
11:46:09.0258 4512 Thpsrv (6146eac71ae3c9da17b0e33632082b7b) C:\windows\system32\ThpSrv.exe
11:46:09.0289 4512 Thpsrv - ok
11:46:09.0367 4512 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
11:46:09.0429 4512 THREADORDER - ok
11:46:09.0492 4512 TMachInfo (0497e8e82332aa94df04a78439c358ce) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
11:46:09.0523 4512 TMachInfo - ok
11:46:09.0617 4512 TODDSrv (ed32035bdfeced1ad66d459fd9cc1140) C:\Windows\system32\TODDSrv.exe
11:46:09.0632 4512 TODDSrv - ok
11:46:09.0726 4512 TosCoSrv (4db8c79bcea76063b83b13410366a1f7) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
11:46:09.0741 4512 TosCoSrv - ok
11:46:09.0835 4512 TOSHIBA eco Utility Service (32ff64d06a91daa0331c624aff442679) C:\Program Files\TOSHIBA\TECO\TecoService.exe
11:46:09.0866 4512 TOSHIBA eco Utility Service - ok
11:46:09.0944 4512 TOSHIBA HDD SSD Alert Service (dd58e1250f604cbbadda04575e5e2376) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
11:46:09.0944 4512 TOSHIBA HDD SSD Alert Service - ok
11:46:10.0085 4512 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\windows\system32\DRIVERS\tos_sps64.sys
11:46:10.0100 4512 tos_sps64 - ok
11:46:10.0209 4512 TPCHSrv (de64c52bd0671165cf2eebf2a728a3e2) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
11:46:10.0225 4512 TPCHSrv - ok
11:46:10.0319 4512 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
11:46:10.0412 4512 TrkWks - ok
11:46:10.0490 4512 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\windows\servicing\TrustedInstaller.exe
11:46:10.0521 4512 TrustedInstaller - ok
11:46:10.0553 4512 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\windows\system32\DRIVERS\tssecsrv.sys
11:46:10.0615 4512 tssecsrv - ok
11:46:10.0709 4512 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\windows\system32\DRIVERS\tunnel.sys
11:46:10.0787 4512 tunnel - ok
11:46:10.0833 4512 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
11:46:10.0849 4512 TVALZ - ok
11:46:10.0927 4512 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys
11:46:10.0958 4512 TVALZFL - ok
11:46:10.0974 4512 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
11:46:10.0989 4512 uagp35 - ok
11:46:11.0083 4512 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\windows\system32\DRIVERS\udfs.sys
11:46:11.0130 4512 udfs - ok
11:46:11.0161 4512 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
11:46:11.0208 4512 UI0Detect - ok
11:46:11.0301 4512 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\DRIVERS\uliagpkx.sys
11:46:11.0317 4512 uliagpkx - ok
11:46:11.0348 4512 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\windows\system32\DRIVERS\umbus.sys
11:46:11.0364 4512 umbus - ok
11:46:11.0395 4512 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
11:46:11.0426 4512 UmPass - ok
11:46:11.0520 4512 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
11:46:11.0598 4512 upnphost - ok
11:46:11.0676 4512 usbccgp (b26afb54a534d634523c4fb66765b026) C:\windows\system32\DRIVERS\usbccgp.sys
11:46:11.0738 4512 usbccgp - ok
11:46:11.0801 4512 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\DRIVERS\usbcir.sys
11:46:11.0863 4512 usbcir - ok
11:46:11.0894 4512 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\windows\system32\DRIVERS\usbehci.sys
11:46:11.0941 4512 usbehci - ok
11:46:12.0035 4512 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\windows\system32\DRIVERS\usbhub.sys
11:46:12.0081 4512 usbhub - ok
11:46:12.0128 4512 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\windows\system32\DRIVERS\usbohci.sys
11:46:12.0159 4512 usbohci - ok
11:46:12.0237 4512 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
11:46:12.0284 4512 usbprint - ok
11:46:12.0362 4512 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys
11:46:12.0409 4512 usbscan - ok
11:46:12.0487 4512 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\windows\system32\DRIVERS\USBSTOR.SYS
11:46:12.0534 4512 USBSTOR - ok
11:46:12.0581 4512 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\windows\system32\DRIVERS\usbuhci.sys
11:46:12.0596 4512 usbuhci - ok
11:46:12.0643 4512 usbvideo (d501e12614b00a3252073101d6a1a74b) C:\windows\system32\Drivers\usbvideo.sys
11:46:12.0690 4512 usbvideo - ok
11:46:12.0737 4512 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
11:46:12.0799 4512 UxSms - ok
11:46:12.0861 4512 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe
11:46:12.0893 4512 VaultSvc - ok
11:46:12.0971 4512 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\DRIVERS\vdrvroot.sys
11:46:12.0986 4512 vdrvroot - ok
11:46:13.0049 4512 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\windows\System32\vds.exe
11:46:13.0111 4512 vds - ok
11:46:13.0189 4512 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
11:46:13.0205 4512 vga - ok
11:46:13.0251 4512 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
11:46:13.0298 4512 VgaSave - ok
11:46:13.0314 4512 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\windows\system32\DRIVERS\vhdmp.sys
11:46:13.0329 4512 vhdmp - ok
11:46:13.0345 4512 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\DRIVERS\viaide.sys
11:46:13.0361 4512 viaide - ok
11:46:13.0376 4512 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\windows\system32\DRIVERS\volmgr.sys
11:46:13.0392 4512 volmgr - ok
11:46:13.0470 4512 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\windows\system32\drivers\volmgrx.sys
11:46:13.0485 4512 volmgrx - ok
11:46:13.0532 4512 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\windows\system32\DRIVERS\volsnap.sys
11:46:13.0548 4512 volsnap - ok
11:46:13.0579 4512 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
11:46:13.0595 4512 vsmraid - ok
11:46:13.0704 4512 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\windows\system32\vssvc.exe
11:46:13.0751 4512 VSS - ok
11:46:13.0813 4512 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
11:46:13.0860 4512 vwifibus - ok
11:46:13.0875 4512 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
11:46:13.0922 4512 vwififlt - ok
11:46:14.0031 4512 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
11:46:14.0094 4512 vwifimp - ok
11:46:14.0156 4512 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
11:46:14.0234 4512 W32Time - ok
11:46:14.0328 4512 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
11:46:14.0375 4512 WacomPen - ok
11:46:14.0406 4512 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys
11:46:14.0437 4512 WANARP - ok
11:46:14.0453 4512 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys
11:46:14.0484 4512 Wanarpv6 - ok
11:46:14.0640 4512 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
11:46:14.0687 4512 WatAdminSvc - ok
11:46:14.0811 4512 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\windows\system32\wbengine.exe
11:46:14.0889 4512 wbengine - ok
11:46:14.0983 4512 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
11:46:15.0030 4512 WbioSrvc - ok
11:46:15.0061 4512 wcncsvc (8321c2ca3b62b61b293cda3451984468) C:\windows\System32\wcncsvc.dll
11:46:15.0092 4512 wcncsvc - ok
11:46:15.0170 4512 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
11:46:15.0233 4512 WcsPlugInService - ok
11:46:15.0264 4512 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
11:46:15.0279 4512 Wd - ok
11:46:15.0357 4512 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\windows\system32\DRIVERS\wdcsam64.sys
11:46:15.0404 4512 WDC_SAM - ok
11:46:15.0467 4512 WDDMService (fa24fbe15a8036387ecc013d06094f3d) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
11:46:15.0482 4512 WDDMService ( UnsignedFile.Multi.Generic ) - warning
11:46:15.0482 4512 WDDMService - detected UnsignedFile.Multi.Generic (1)
11:46:15.0576 4512 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
11:46:15.0623 4512 Wdf01000 - ok
11:46:15.0701 4512 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
11:46:15.0732 4512 WdiServiceHost - ok
11:46:15.0747 4512 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
11:46:15.0763 4512 WdiSystemHost - ok
11:46:15.0825 4512 WDSmartWareBackgroundService (138ab06adbbf300aa804d7974a5aec82) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
11:46:15.0841 4512 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - warning
11:46:15.0841 4512 WDSmartWareBackgroundService - detected UnsignedFile.Multi.Generic (1)
11:46:15.0935 4512 WebClient (8a438cbb8c032a0c798b0c642ffbe572) C:\windows\System32\webclnt.dll
11:46:15.0997 4512 WebClient - ok
11:46:16.0028 4512 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
11:46:16.0106 4512 Wecsvc - ok
11:46:16.0184 4512 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
11:46:16.0278 4512 wercplsupport - ok
11:46:16.0325 4512 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
11:46:16.0403 4512 WerSvc - ok
11:46:16.0481 4512 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
11:46:16.0574 4512 WfpLwf - ok
11:46:16.0605 4512 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
11:46:16.0621 4512 WIMMount - ok
11:46:16.0652 4512 WinDefend - ok
11:46:16.0652 4512 WinHttpAutoProxySvc - ok
11:46:16.0777 4512 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
11:46:16.0824 4512 Winmgmt - ok
11:46:16.0949 4512 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\windows\system32\WsmSvc.dll
11:46:17.0027 4512 WinRM - ok
11:46:17.0167 4512 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\windows\system32\DRIVERS\WinUsb.sys
11:46:17.0198 4512 WinUsb - ok
11:46:17.0245 4512 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
11:46:17.0276 4512 Wlansvc - ok
11:46:17.0401 4512 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:46:17.0463 4512 wlidsvc - ok
11:46:17.0541 4512 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys
11:46:17.0588 4512 WmiAcpi - ok
11:46:17.0651 4512 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
11:46:17.0697 4512 wmiApSrv - ok
11:46:17.0744 4512 WMPNetworkSvc - ok
11:46:17.0807 4512 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
11:46:17.0853 4512 WPCSvc - ok
11:46:17.0869 4512 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\windows\system32\wpdbusenum.dll
11:46:17.0916 4512 WPDBusEnum - ok
11:46:17.0994 4512 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
11:46:18.0056 4512 ws2ifsl - ok
11:46:18.0087 4512 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll
11:46:18.0119 4512 wscsvc - ok
11:46:18.0212 4512 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\windows\system32\DRIVERS\WSDPrint.sys
11:46:18.0275 4512 WSDPrintDevice - ok
11:46:18.0275 4512 WSearch - ok
11:46:18.0368 4512 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\windows\system32\wuaueng.dll
11:46:18.0446 4512 wuauserv - ok
11:46:18.0524 4512 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\windows\system32\drivers\WudfPf.sys
11:46:18.0602 4512 WudfPf - ok
11:46:18.0649 4512 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\windows\system32\DRIVERS\WUDFRd.sys
11:46:18.0727 4512 WUDFRd - ok
11:46:18.0805 4512 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\windows\System32\WUDFSvc.dll
11:46:18.0852 4512 wudfsvc - ok
11:46:18.0867 4512 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
11:46:18.0899 4512 WwanSvc - ok
11:46:18.0961 4512 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
11:46:19.0070 4512 \Device\Harddisk0\DR0 - ok
11:46:19.0117 4512 Boot (0x1200) (98938257e2b2777836945f7021fa03b3) \Device\Harddisk0\DR0\Partition0
11:46:19.0117 4512 \Device\Harddisk0\DR0\Partition0 - ok
11:46:19.0117 4512 ============================================================
11:46:19.0117 4512 Scan finished
11:46:19.0117 4512 ============================================================
11:46:19.0133 2840 Detected object count: 9
11:46:19.0133 2840 Actual detected object count: 9
11:46:50.0691 2840 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
11:46:50.0691 2840 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:46:50.0691 2840 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
11:46:50.0691 2840 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:46:50.0707 2840 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
11:46:50.0707 2840 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:46:50.0707 2840 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - skipped by user
11:46:50.0707 2840 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:46:50.0707 2840 QBFCService ( UnsignedFile.Multi.Generic ) - skipped by user
11:46:50.0707 2840 QBFCService ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:46:50.0707 2840 sptd ( LockedFile.Multi.Generic ) - skipped by user
11:46:50.0707 2840 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
11:46:50.0723 2840 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - skipped by user
11:46:50.0723 2840 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:46:50.0723 2840 WDDMService ( UnsignedFile.Multi.Generic ) - skipped by user
11:46:50.0723 2840 WDDMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:46:50.0723 2840 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - skipped by user
11:46:50.0723 2840 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - User select action: Skip

[MrCharlie]

That's clean, just some unsigned files.

Please download and run ComboFix.
The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingc...to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Please include the C:\ComboFix.txt in your next reply for further review.

MrC

[MrCharlie]

How are we doing??

Do you still need help or can I close this post??

MrC

[LDTate]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!