R2D2

Ran TFC, then reboot Updated MBAM and scanned Malwarebytes Anti-Malware (PRO) 1.62.0.1300 www.malwarebytes.org Database version: v2012.08.07.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 User :: USER-PC [administrator] Protection: Enabled 7/08/2012 11:35:13 PM mbam-log-2012-08-07 (23-35-13).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 202802 Time elapsed: 8 minute(s), 50 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)

ComboFix 12-08-07.02 - User 07/08/2012 22:39:10.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.3955.1878 [GMT 10:00] Running from: c:\users\User\Desktop\ComboFix.exe AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B} SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2012-07-07 to 2012-08-07 ))))))))))))))))))))))))))))))) . . 2012-08-07 12:45 . 2012-08-07 12:45 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-08-07 12:35 . 2012-08-07 12:35 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0AA5427F-5F29-43E0-82E5-AA63BCFAED25}\offreg.dll 2012-08-06 05:02 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0AA5427F-5F29-43E0-82E5-AA63BCFAED25}\mpengine.dll 2012-08-06 01:48 . 2012-08-06 01:48 -------- d-----w- c:\users\User\AppData\Local\Macromedia 2012-08-06 00:36 . 2012-08-06 00:36 -------- d-----w- c:\users\User\AppData\Local\Mozilla 2012-08-06 00:36 . 2012-08-06 00:36 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service 2012-08-05 01:52 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-07-18 22:53 . 2012-07-18 22:53 -------- d-----w- C:\PFiles 2012-07-11 17:10 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-06 01:44 . 2012-05-29 11:58 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-08-06 01:44 . 2012-03-11 23:34 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-11 17:04 . 2012-03-10 04:04 59701280 ----a-w- c:\windows\system32\MRT.exe 2012-07-03 03:46 . 2012-06-14 01:38 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-02 22:19 . 2012-06-09 01:24 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-09 01:24 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:19 . 2012-06-09 01:24 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-09 01:24 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-09 01:24 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:15 . 2012-06-09 01:24 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:15 . 2012-06-09 01:24 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 05:19 . 2012-06-09 01:23 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 05:15 . 2012-06-09 01:23 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-05-15 10:48 . 2012-06-10 01:37 8105280 ----a-w- c:\windows\SysWow64\nvwgf2um.dll 2012-05-15 10:48 . 2012-06-10 01:37 25743168 ----a-w- c:\windows\system32\nvoglv64.dll 2012-05-15 10:48 . 2012-06-10 01:37 19607872 ----a-w- c:\windows\SysWow64\nvoglv32.dll 2012-05-15 10:48 . 2012-06-10 01:37 1468224 ----a-w- c:\windows\system32\nvgenco64.dll 2012-05-15 10:48 . 2012-06-10 01:37 14298944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2012-05-15 10:48 . 2012-06-10 01:37 18044224 ----a-w- c:\windows\system32\nvd3dumx.dll 2012-05-15 10:48 . 2012-06-10 01:37 1738048 ----a-w- c:\windows\system32\nvdispco64.dll 2012-05-15 10:48 . 2012-06-10 01:37 8139072 ----a-w- c:\windows\system32\nvcuda.dll 2012-05-15 10:48 . 2012-06-10 01:37 5982528 ----a-w- c:\windows\SysWow64\nvcuda.dll 2012-05-15 10:48 . 2012-06-10 01:37 2881856 ----a-w- c:\windows\system32\nvcuvenc.dll 2012-05-15 10:48 . 2012-06-10 01:37 2681664 ----a-w- c:\windows\system32\nvcuvid.dll 2012-05-15 10:48 . 2012-06-10 01:37 2524992 ----a-w- c:\windows\SysWow64\nvcuvid.dll 2012-05-15 10:48 . 2012-06-10 01:37 2445120 ----a-w- c:\windows\SysWow64\nvcuvenc.dll 2012-05-15 10:48 . 2012-06-10 01:37 25248064 ----a-w- c:\windows\system32\nvcompiler.dll 2012-05-15 10:48 . 2012-06-10 01:37 2368832 ----a-w- c:\windows\SysWow64\nvapi.dll 2012-05-15 10:48 . 2012-06-10 01:37 17551680 ----a-w- c:\windows\SysWow64\nvcompiler.dll 2012-05-15 10:48 . 2010-12-17 03:10 68928 ----a-w- c:\windows\system32\OpenCL.dll 2012-05-15 10:48 . 2010-12-17 03:10 61248 ----a-w- c:\windows\SysWow64\OpenCL.dll 2012-05-15 10:48 . 2010-12-17 03:10 2741568 ----a-w- c:\windows\system32\nvapi64.dll 2012-05-15 10:48 . 2010-12-17 03:10 15322432 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2012-05-15 10:48 . 2010-12-17 03:10 10194752 ----a-w- c:\windows\system32\nvwgf2umx.dll 2012-05-15 09:29 . 2010-12-16 12:12 889664 ----a-w- c:\windows\system32\nvvsvc.exe 2012-05-15 09:29 . 2010-12-16 12:12 118080 ----a-w- c:\windows\system32\nvmctray.dll 2012-05-15 09:29 . 2010-12-16 12:12 63296 ----a-w- c:\windows\system32\nvshext.dll 2012-05-15 09:29 . 2010-12-16 12:12 2561856 ----a-w- c:\windows\system32\nvsvcr.dll 2012-05-15 09:29 . 2010-12-16 12:12 3149632 ----a-w- c:\windows\system32\nvsvc64.dll 2012-05-15 09:28 . 2010-12-16 12:12 6151488 ----a-w- c:\windows\system32\nvcpl.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "ITSecMng"="c:\program files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2009-07-22 83336] "ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2011-02-11 1295736] "TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-23 2454840] "TRCMan"="c:\program files (x86)\TOSHIBA\TRCMan\TRCMan.exe" [2009-07-21 701752] "SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2010-02-22 352256] "HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2010-03-04 423936] "KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2009-12-25 34160] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280] "AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-13 611712] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth Manager.lnk - c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2010-6-28 2721184] Bluetooth Monitor.lnk - c:\program files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe [2012-3-10 91464] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2012\avgfws.exe [2011-11-22 2391832] R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-11 4433248] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-28 158856] R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560] R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-03-13 1038088] R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2011-05-25 174680] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-14 113120] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-10 1255736] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-10 26704] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2011-09-12 37456] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2012-03-13 52856] S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys [2009-06-28 34880] S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS [2009-06-29 14784] S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [2010-05-08 482384] S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [2011-05-22 48992] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2011-10-06 283728] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-08-07 46672] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2011-07-10 375376] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-01 192776] S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200] S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944] S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2010-04-06 258928] S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-10 120400] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-10 29776] S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-06-28 70656] S3 enecirhid;ENE CIR HID Receiver;c:\windows\system32\DRIVERS\enecirhid.sys [2009-05-19 14848] S3 enecirhidma;ENE CIR HIDmini Filter;c:\windows\system32\DRIVERS\enecirhidma.sys [2008-04-24 6656] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-04-18 188736] S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008] S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-05-03 331880] S3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-02-11 54136] S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560] S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - 23354555 *NewlyCreated* - 44601850 *NewlyCreated* - 79119130 *Deregistered* - 23354555 *Deregistered* - 44601850 *Deregistered* - 79119130 . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ThpSrv"="c:\windows\system32\thpsrv" [X] "TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-05 709976] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-22 10134560] "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-03-22 896032] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = https://google.com.au/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.2.1 211.29.152.116 198.142.0.51 211.29.132.12 FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t5wlvxjm.default\ . - - - - ORPHANS REMOVED - - - - . Wow6432Node-HKLM-Run-TSleepSrv - %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-206819656-3051493563-1221410323-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-206819656-3051493563-1221410323-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-08-07 22:48:57 ComboFix-quarantined-files.txt 2012-08-07 12:48 . Pre-Run: 429,025,161,216 bytes free Post-Run: 431,873,097,728 bytes free . - - End Of File - - 139721B8EFD4216ACC2358CCE81BB9B9

RogueKiller V7.6.5 [08/03/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User: User [Admin rights] Mode: Scan -- Date: 08/07/2012 22:01:34 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 2 ¤¤¤ [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST9500325AS +++++ --- User --- [MBR] cf24b1d48d540a316aa52863d09dcb56 [bSP] 814cb23060c394275cf1c5408872d955 : Windows 7 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1].txt >> RKreport[1].txt

14:27:08.0892 7528 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32 14:27:10.0121 7528 ============================================================ 14:27:10.0121 7528 Current date / time: 2012/08/07 14:27:10.0121 14:27:10.0121 7528 SystemInfo: 14:27:10.0121 7528 14:27:10.0121 7528 OS Version: 6.1.7601 ServicePack: 1.0 14:27:10.0121 7528 Product type: Workstation 14:27:10.0122 7528 ComputerName: USER-PC 14:27:10.0122 7528 UserName: User 14:27:10.0122 7528 Windows directory: C:\Windows 14:27:10.0122 7528 System windows directory: C:\Windows 14:27:10.0122 7528 Running under WOW64 14:27:10.0122 7528 Processor architecture: Intel x64 14:27:10.0122 7528 Number of processors: 4 14:27:10.0122 7528 Page size: 0x1000 14:27:10.0122 7528 Boot type: Normal boot 14:27:10.0122 7528 ============================================================ 14:27:11.0309 7528 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 14:27:11.0319 7528 ============================================================ 14:27:11.0320 7528 \Device\Harddisk0\DR0: 14:27:11.0320 7528 MBR partitions: 14:27:11.0320 7528 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 14:27:11.0320 7528 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000 14:27:11.0320 7528 ============================================================ 14:27:11.0356 7528 C: <-> \Device\Harddisk0\DR0\Partition1 14:27:11.0356 7528 ============================================================ 14:27:11.0356 7528 Initialize success 14:27:11.0356 7528 ============================================================ 14:27:14.0245 5152 ============================================================ 14:27:14.0245 5152 Scan started 14:27:14.0245 5152 Mode: Manual; 14:27:14.0245 5152 ============================================================ 14:27:15.0060 5152 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 14:27:15.0072 5152 1394ohci - ok 14:27:15.0122 5152 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 14:27:15.0136 5152 ACPI - ok 14:27:15.0157 5152 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 14:27:15.0158 5152 AcpiPmi - ok 14:27:15.0248 5152 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys 14:27:15.0252 5152 adfs - ok 14:27:15.0569 5152 AdobeActiveFileMonitor7.0 (3fd8dc2c9735c2aa70155102cfb93eda) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe 14:27:15.0574 5152 AdobeActiveFileMonitor7.0 - ok 14:27:15.0688 5152 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 14:27:15.0691 5152 AdobeARMservice - ok 14:27:15.0794 5152 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 14:27:15.0820 5152 adp94xx - ok 14:27:15.0867 5152 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 14:27:15.0873 5152 adpahci - ok 14:27:15.0906 5152 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 14:27:15.0911 5152 adpu320 - ok 14:27:15.0947 5152 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 14:27:15.0950 5152 AeLookupSvc - ok 14:27:16.0036 5152 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 14:27:16.0060 5152 AFD - ok 14:27:16.0109 5152 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 14:27:16.0113 5152 agp440 - ok 14:27:16.0144 5152 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 14:27:16.0147 5152 ALG - ok 14:27:16.0165 5152 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 14:27:16.0167 5152 aliide - ok 14:27:16.0182 5152 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 14:27:16.0184 5152 amdide - ok 14:27:16.0196 5152 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 14:27:16.0199 5152 AmdK8 - ok 14:27:16.0211 5152 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 14:27:16.0213 5152 AmdPPM - ok 14:27:16.0245 5152 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 14:27:16.0248 5152 amdsata - ok 14:27:16.0275 5152 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 14:27:16.0279 5152 amdsbs - ok 14:27:16.0290 5152 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 14:27:16.0292 5152 amdxata - ok 14:27:16.0324 5152 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 14:27:16.0326 5152 AppID - ok 14:27:16.0376 5152 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 14:27:16.0378 5152 AppIDSvc - ok 14:27:16.0398 5152 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 14:27:16.0399 5152 Appinfo - ok 14:27:16.0613 5152 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 14:27:16.0616 5152 Apple Mobile Device - ok 14:27:16.0639 5152 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 14:27:16.0642 5152 arc - ok 14:27:16.0667 5152 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 14:27:16.0670 5152 arcsas - ok 14:27:16.0682 5152 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 14:27:16.0683 5152 AsyncMac - ok 14:27:16.0701 5152 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 14:27:16.0702 5152 atapi - ok 14:27:16.0775 5152 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 14:27:16.0808 5152 AudioEndpointBuilder - ok 14:27:16.0819 5152 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 14:27:16.0825 5152 AudioSrv - ok 14:27:16.0911 5152 Avgfwfd (96b4456f1dca4eda506ed31c7d2d6b05) C:\Windows\system32\DRIVERS\avgfwd6a.sys 14:27:16.0914 5152 Avgfwfd - ok 14:27:17.0190 5152 avgfws (5cd22eb540f82c70e33e530003f3903b) C:\Program Files (x86)\AVG\AVG2012\avgfws.exe 14:27:17.0210 5152 avgfws - ok 14:27:17.0689 5152 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe 14:27:17.0714 5152 AVGIDSAgent - ok 14:27:18.0226 5152 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys 14:27:18.0230 5152 AVGIDSDriver - ok 14:27:18.0260 5152 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys 14:27:18.0262 5152 AVGIDSEH - ok 14:27:18.0275 5152 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys 14:27:18.0278 5152 AVGIDSFilter - ok 14:27:18.0318 5152 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys 14:27:18.0336 5152 Avgldx64 - ok 14:27:18.0349 5152 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys 14:27:18.0351 5152 Avgmfx64 - ok 14:27:18.0403 5152 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys 14:27:18.0405 5152 Avgrkx64 - ok 14:27:18.0454 5152 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys 14:27:18.0472 5152 Avgtdia - ok 14:27:18.0710 5152 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe 14:27:18.0713 5152 avgwd - ok 14:27:18.0800 5152 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 14:27:18.0803 5152 AxInstSV - ok 14:27:18.0866 5152 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 14:27:18.0888 5152 b06bdrv - ok 14:27:18.0941 5152 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 14:27:18.0961 5152 b57nd60a - ok 14:27:19.0045 5152 BBSvc (0d1ea7509f394d8b705b239ee71f5118) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE 14:27:19.0050 5152 BBSvc - ok 14:27:19.0287 5152 BCM43XX (5b5c36b2ec500462a715db6bcbaf5da7) C:\Windows\system32\DRIVERS\bcmwl664.sys 14:27:19.0400 5152 BCM43XX - ok 14:27:19.0766 5152 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 14:27:19.0770 5152 BDESVC - ok 14:27:19.0920 5152 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 14:27:19.0922 5152 Beep - ok 14:27:20.0075 5152 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 14:27:20.0114 5152 BFE - ok 14:27:20.0174 5152 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 14:27:20.0216 5152 BITS - ok 14:27:20.0417 5152 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 14:27:20.0420 5152 blbdrive - ok 14:27:20.0598 5152 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe 14:27:20.0602 5152 Bonjour Service - ok 14:27:20.0656 5152 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 14:27:20.0660 5152 bowser - ok 14:27:20.0704 5152 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 14:27:20.0707 5152 BrFiltLo - ok 14:27:20.0712 5152 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 14:27:20.0714 5152 BrFiltUp - ok 14:27:20.0754 5152 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 14:27:20.0758 5152 Browser - ok 14:27:20.0792 5152 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 14:27:20.0811 5152 Brserid - ok 14:27:20.0820 5152 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 14:27:20.0823 5152 BrSerWdm - ok 14:27:20.0829 5152 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 14:27:20.0831 5152 BrUsbMdm - ok 14:27:20.0838 5152 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 14:27:20.0840 5152 BrUsbSer - ok 14:27:20.0891 5152 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 14:27:20.0894 5152 BthEnum - ok 14:27:20.0903 5152 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys 14:27:20.0906 5152 BTHMODEM - ok 14:27:20.0967 5152 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 14:27:20.0970 5152 BthPan - ok 14:27:21.0037 5152 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys 14:27:21.0059 5152 BTHPORT - ok 14:27:21.0104 5152 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 14:27:21.0107 5152 bthserv - ok 14:27:21.0142 5152 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys 14:27:21.0146 5152 BTHUSB - ok 14:27:21.0196 5152 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 14:27:21.0199 5152 cdfs - ok 14:27:21.0226 5152 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 14:27:21.0229 5152 cdrom - ok 14:27:21.0259 5152 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 14:27:21.0262 5152 CertPropSvc - ok 14:27:21.0534 5152 cfWiMAXService (41e7c4fa6491747402cfca77cc1c7aab) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe 14:27:21.0545 5152 cfWiMAXService - ok 14:27:21.0617 5152 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 14:27:21.0620 5152 circlass - ok 14:27:21.0663 5152 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 14:27:21.0680 5152 CLFS - ok 14:27:21.0838 5152 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 14:27:21.0842 5152 clr_optimization_v2.0.50727_32 - ok 14:27:21.0968 5152 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 14:27:21.0972 5152 clr_optimization_v2.0.50727_64 - ok 14:27:22.0182 5152 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 14:27:22.0196 5152 clr_optimization_v4.0.30319_32 - ok 14:27:22.0335 5152 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 14:27:22.0340 5152 clr_optimization_v4.0.30319_64 - ok 14:27:22.0387 5152 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 14:27:22.0390 5152 CmBatt - ok 14:27:22.0395 5152 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 14:27:22.0397 5152 cmdide - ok 14:27:22.0456 5152 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys 14:27:22.0470 5152 CNG - ok 14:27:22.0509 5152 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 14:27:22.0511 5152 Compbatt - ok 14:27:22.0533 5152 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys 14:27:22.0534 5152 CompositeBus - ok 14:27:22.0548 5152 COMSysApp - ok 14:27:22.0781 5152 ConfigFree Service (cab0eeaf5295fc96ddd3e19dce27e131) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe 14:27:22.0784 5152 ConfigFree Service - ok 14:27:22.0819 5152 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 14:27:22.0822 5152 crcdisk - ok 14:27:22.0896 5152 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll 14:27:22.0900 5152 CryptSvc - ok 14:27:22.0983 5152 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 14:27:23.0007 5152 DcomLaunch - ok 14:27:23.0049 5152 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 14:27:23.0067 5152 defragsvc - ok 14:27:23.0090 5152 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 14:27:23.0094 5152 DfsC - ok 14:27:23.0132 5152 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 14:27:23.0152 5152 Dhcp - ok 14:27:23.0168 5152 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 14:27:23.0170 5152 discache - ok 14:27:23.0206 5152 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 14:27:23.0209 5152 Disk - ok 14:27:23.0261 5152 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 14:27:23.0266 5152 Dnscache - ok 14:27:23.0327 5152 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 14:27:23.0339 5152 dot3svc - ok 14:27:23.0362 5152 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 14:27:23.0367 5152 DPS - ok 14:27:23.0397 5152 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 14:27:23.0399 5152 drmkaud - ok 14:27:23.0478 5152 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 14:27:23.0515 5152 DXGKrnl - ok 14:27:23.0538 5152 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 14:27:23.0542 5152 EapHost - ok 14:27:23.0747 5152 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 14:27:23.0839 5152 ebdrv - ok 14:27:24.0157 5152 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 14:27:24.0161 5152 EFS - ok 14:27:24.0274 5152 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 14:27:24.0312 5152 ehRecvr - ok 14:27:24.0335 5152 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 14:27:24.0338 5152 ehSched - ok 14:27:24.0498 5152 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 14:27:24.0522 5152 elxstor - ok 14:27:24.0600 5152 enecir (524c79054636d2e5751169005006460b) C:\Windows\system32\DRIVERS\enecir.sys 14:27:24.0603 5152 enecir - ok 14:27:24.0614 5152 enecirhid (e17eb95358f396e27d573a1b20f891f8) C:\Windows\system32\DRIVERS\enecirhid.sys 14:27:24.0616 5152 enecirhid - ok 14:27:24.0629 5152 enecirhidma (8492d808c79bd6fe439f77be84956cdf) C:\Windows\system32\DRIVERS\enecirhidma.sys 14:27:24.0632 5152 enecirhidma - ok 14:27:24.0637 5152 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 14:27:24.0639 5152 ErrDev - ok 14:27:24.0720 5152 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 14:27:24.0738 5152 EventSystem - ok 14:27:24.0770 5152 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 14:27:24.0783 5152 exfat - ok 14:27:24.0799 5152 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 14:27:24.0810 5152 fastfat - ok 14:27:24.0875 5152 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 14:27:24.0917 5152 Fax - ok 14:27:24.0940 5152 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 14:27:24.0942 5152 fdc - ok 14:27:24.0959 5152 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 14:27:24.0962 5152 fdPHost - ok 14:27:24.0978 5152 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 14:27:24.0981 5152 FDResPub - ok 14:27:24.0992 5152 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 14:27:24.0995 5152 FileInfo - ok 14:27:25.0002 5152 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 14:27:25.0004 5152 Filetrace - ok 14:27:25.0178 5152 FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 14:27:25.0219 5152 FLEXnet Licensing Service - ok 14:27:25.0410 5152 FLEXnet Licensing Service 64 (1c3fb052a0bb72edaed90785c34d6eed) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe 14:27:25.0493 5152 FLEXnet Licensing Service 64 - ok 14:27:25.0903 5152 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 14:27:25.0905 5152 flpydisk - ok 14:27:26.0030 5152 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 14:27:26.0049 5152 FltMgr - ok 14:27:26.0157 5152 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 14:27:26.0232 5152 FontCache - ok 14:27:26.0332 5152 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 14:27:26.0335 5152 FontCache3.0.0.0 - ok 14:27:26.0474 5152 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 14:27:26.0477 5152 FsDepends - ok 14:27:26.0535 5152 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys 14:27:26.0538 5152 fssfltr - ok 14:27:26.0756 5152 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 14:27:26.0826 5152 fsssvc - ok 14:27:27.0262 5152 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 14:27:27.0265 5152 Fs_Rec - ok 14:27:27.0319 5152 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 14:27:27.0333 5152 fvevol - ok 14:27:27.0355 5152 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 14:27:27.0358 5152 gagp30kx - ok 14:27:27.0433 5152 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 14:27:27.0436 5152 GEARAspiWDM - ok 14:27:27.0522 5152 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 14:27:27.0557 5152 gpsvc - ok 14:27:27.0577 5152 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 14:27:27.0580 5152 hcw85cir - ok 14:27:27.0633 5152 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 14:27:27.0651 5152 HdAudAddService - ok 14:27:27.0668 5152 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys 14:27:27.0670 5152 HDAudBus - ok 14:27:27.0749 5152 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys 14:27:27.0752 5152 HECIx64 - ok 14:27:27.0761 5152 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 14:27:27.0764 5152 HidBatt - ok 14:27:27.0795 5152 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys 14:27:27.0812 5152 HidBth - ok 14:27:27.0862 5152 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 14:27:27.0881 5152 HidIr - ok 14:27:27.0910 5152 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 14:27:27.0913 5152 hidserv - ok 14:27:27.0942 5152 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 14:27:27.0944 5152 HidUsb - ok 14:27:27.0959 5152 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 14:27:27.0963 5152 hkmsvc - ok 14:27:27.0993 5152 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 14:27:28.0005 5152 HomeGroupListener - ok 14:27:28.0037 5152 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 14:27:28.0051 5152 HomeGroupProvider - ok 14:27:28.0076 5152 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 14:27:28.0080 5152 HpSAMD - ok 14:27:28.0204 5152 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 14:27:28.0230 5152 HTTP - ok 14:27:28.0250 5152 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 14:27:28.0251 5152 hwpolicy - ok 14:27:28.0282 5152 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 14:27:28.0285 5152 i8042prt - ok 14:27:28.0347 5152 iaStor (85977cd13fc16069ce0af7943a811775) C:\Windows\system32\DRIVERS\iaStor.sys 14:27:28.0353 5152 iaStor - ok 14:27:28.0436 5152 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 14:27:28.0455 5152 iaStorV - ok 14:27:28.0633 5152 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 14:27:28.0679 5152 idsvc - ok 14:27:28.0714 5152 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 14:27:28.0716 5152 iirsp - ok 14:27:28.0788 5152 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 14:27:28.0812 5152 IKEEXT - ok 14:27:29.0027 5152 IntcAzAudAddService (490947a9aff7ca31ef2e08f5776105eb) C:\Windows\system32\drivers\RTKVHD64.sys 14:27:29.0090 5152 IntcAzAudAddService - ok 14:27:29.0505 5152 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 14:27:29.0508 5152 intelide - ok 14:27:29.0527 5152 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 14:27:29.0529 5152 intelppm - ok 14:27:29.0555 5152 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 14:27:29.0558 5152 IPBusEnum - ok 14:27:29.0571 5152 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 14:27:29.0574 5152 IpFilterDriver - ok 14:27:29.0615 5152 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 14:27:29.0639 5152 iphlpsvc - ok 14:27:29.0655 5152 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 14:27:29.0673 5152 IPMIDRV - ok 14:27:29.0686 5152 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 14:27:29.0690 5152 IPNAT - ok 14:27:29.0920 5152 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe 14:27:29.0929 5152 iPod Service - ok 14:27:29.0975 5152 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 14:27:29.0977 5152 IRENUM - ok 14:27:29.0984 5152 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 14:27:29.0986 5152 isapnp - ok 14:27:30.0014 5152 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 14:27:30.0033 5152 iScsiPrt - ok 14:27:30.0114 5152 JMCR (25d602ae635a0443458fbed1a8b6e4e9) C:\Windows\system32\DRIVERS\jmcr.sys 14:27:30.0119 5152 JMCR - ok 14:27:30.0154 5152 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 14:27:30.0157 5152 kbdclass - ok 14:27:30.0199 5152 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys 14:27:30.0219 5152 kbdhid - ok 14:27:30.0253 5152 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 14:27:30.0257 5152 KeyIso - ok 14:27:30.0321 5152 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys 14:27:30.0323 5152 KSecDD - ok 14:27:30.0387 5152 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys 14:27:30.0389 5152 KSecPkg - ok 14:27:30.0442 5152 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 14:27:30.0445 5152 ksthunk - ok 14:27:30.0490 5152 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 14:27:30.0509 5152 KtmRm - ok 14:27:30.0559 5152 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 14:27:30.0580 5152 LanmanServer - ok 14:27:30.0613 5152 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 14:27:30.0618 5152 LanmanWorkstation - ok 14:27:30.0676 5152 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 14:27:30.0679 5152 lltdio - ok 14:27:30.0729 5152 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 14:27:30.0749 5152 lltdsvc - ok 14:27:30.0756 5152 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 14:27:30.0760 5152 lmhosts - ok 14:27:30.0837 5152 LPCFilter (41e122f6d1448c94cc05196bc41d6bfb) C:\Windows\system32\DRIVERS\LPCFilter.sys 14:27:30.0840 5152 LPCFilter - ok 14:27:30.0879 5152 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 14:27:30.0883 5152 LSI_FC - ok 14:27:30.0912 5152 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 14:27:30.0915 5152 LSI_SAS - ok 14:27:30.0930 5152 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 14:27:30.0933 5152 LSI_SAS2 - ok 14:27:30.0950 5152 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 14:27:30.0952 5152 LSI_SCSI - ok 14:27:30.0987 5152 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 14:27:31.0005 5152 luafv - ok 14:27:31.0092 5152 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys 14:27:31.0093 5152 MBAMProtector - ok 14:27:31.0264 5152 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 14:27:31.0288 5152 MBAMService - ok 14:27:31.0341 5152 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 14:27:31.0346 5152 Mcx2Svc - ok 14:27:31.0370 5152 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 14:27:31.0374 5152 megasas - ok 14:27:31.0417 5152 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 14:27:31.0432 5152 MegaSR - ok 14:27:31.0635 5152 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe 14:27:31.0639 5152 Microsoft Office Groove Audit Service - ok 14:27:31.0690 5152 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 14:27:31.0694 5152 MMCSS - ok 14:27:31.0800 5152 mod7700 (551d2ab26007aaeaa246872501ac8c17) C:\Windows\system32\Drivers\dvb7700all.sys 14:27:31.0829 5152 mod7700 - ok 14:27:31.0862 5152 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 14:27:31.0866 5152 Modem - ok 14:27:31.0874 5152 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 14:27:31.0875 5152 monitor - ok 14:27:31.0885 5152 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 14:27:31.0887 5152 mouclass - ok 14:27:31.0902 5152 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 14:27:31.0905 5152 mouhid - ok 14:27:31.0926 5152 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 14:27:31.0943 5152 mountmgr - ok 14:27:32.0136 5152 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 14:27:32.0141 5152 MozillaMaintenance - ok 14:27:32.0275 5152 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys 14:27:32.0280 5152 MpFilter - ok 14:27:32.0317 5152 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 14:27:32.0322 5152 mpio - ok 14:27:32.0339 5152 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 14:27:32.0342 5152 mpsdrv - ok 14:27:32.0402 5152 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 14:27:32.0436 5152 MpsSvc - ok 14:27:32.0455 5152 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 14:27:32.0459 5152 MRxDAV - ok 14:27:32.0532 5152 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 14:27:32.0538 5152 mrxsmb - ok 14:27:32.0573 5152 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 14:27:32.0595 5152 mrxsmb10 - ok 14:27:32.0619 5152 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 14:27:32.0623 5152 mrxsmb20 - ok 14:27:32.0666 5152 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 14:27:32.0669 5152 msahci - ok 14:27:32.0693 5152 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 14:27:32.0714 5152 msdsm - ok 14:27:32.0744 5152 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 14:27:32.0749 5152 MSDTC - ok 14:27:32.0763 5152 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 14:27:32.0765 5152 Msfs - ok 14:27:32.0772 5152 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 14:27:32.0774 5152 mshidkmdf - ok 14:27:32.0780 5152 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 14:27:32.0782 5152 msisadrv - ok 14:27:32.0813 5152 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 14:27:32.0817 5152 MSiSCSI - ok 14:27:32.0821 5152 msiserver - ok 14:27:32.0852 5152 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 14:27:32.0855 5152 MSKSSRV - ok 14:27:33.0051 5152 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe 14:27:33.0053 5152 MsMpSvc - ok 14:27:33.0071 5152 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 14:27:33.0073 5152 MSPCLOCK - ok 14:27:33.0092 5152 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 14:27:33.0094 5152 MSPQM - ok 14:27:33.0131 5152 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 14:27:33.0150 5152 MsRPC - ok 14:27:33.0161 5152 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 14:27:33.0162 5152 mssmbios - ok 14:27:33.0167 5152 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 14:27:33.0169 5152 MSTEE - ok 14:27:33.0175 5152 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 14:27:33.0177 5152 MTConfig - ok 14:27:33.0185 5152 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 14:27:33.0187 5152 Mup - ok 14:27:33.0231 5152 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 14:27:33.0250 5152 napagent - ok 14:27:33.0290 5152 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 14:27:33.0312 5152 NativeWifiP - ok 14:27:33.0393 5152 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 14:27:33.0422 5152 NDIS - ok 14:27:33.0446 5152 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 14:27:33.0448 5152 NdisCap - ok 14:27:33.0458 5152 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 14:27:33.0460 5152 NdisTapi - ok 14:27:33.0473 5152 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 14:27:33.0475 5152 Ndisuio - ok 14:27:33.0493 5152 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 14:27:33.0496 5152 NdisWan - ok 14:27:33.0505 5152 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 14:27:33.0507 5152 NDProxy - ok 14:27:33.0514 5152 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 14:27:33.0516 5152 NetBIOS - ok 14:27:33.0569 5152 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 14:27:33.0575 5152 NetBT - ok 14:27:33.0610 5152 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 14:27:33.0612 5152 Netlogon - ok 14:27:33.0677 5152 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 14:27:33.0695 5152 Netman - ok 14:27:33.0728 5152 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 14:27:33.0741 5152 netprofm - ok 14:27:33.0860 5152 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 14:27:33.0864 5152 NetTcpPortSharing - ok 14:27:33.0938 5152 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 14:27:33.0942 5152 nfrd960 - ok 14:27:33.0981 5152 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 14:27:33.0984 5152 NisDrv - ok 14:27:34.0178 5152 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe 14:27:34.0200 5152 NisSrv - ok 14:27:34.0258 5152 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 14:27:34.0279 5152 NlaSvc - ok 14:27:34.0291 5152 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 14:27:34.0294 5152 Npfs - ok 14:27:34.0308 5152 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 14:27:34.0312 5152 nsi - ok 14:27:34.0326 5152 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 14:27:34.0327 5152 nsiproxy - ok 14:27:34.0464 5152 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 14:27:34.0512 5152 Ntfs - ok 14:27:34.0925 5152 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 14:27:34.0927 5152 Null - ok 14:27:35.0021 5152 NVHDA (102806b360d0e6bc6e55bf47ef655d43) C:\Windows\system32\drivers\nvhda64v.sys 14:27:35.0026 5152 NVHDA - ok 14:27:35.0914 5152 nvlddmkm (ba0b4889c40380a01ecdf84c227a89c9) C:\Windows\system32\DRIVERS\nvlddmkm.sys 14:27:36.0263 5152 nvlddmkm - ok 14:27:36.0687 5152 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 14:27:36.0692 5152 nvraid - ok 14:27:36.0751 5152 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 14:27:36.0755 5152 nvstor - ok 14:27:36.0887 5152 nvsvc (06633cf95bea62164c3bfca24bce6b11) C:\Windows\system32\nvvsvc.exe 14:27:36.0955 5152 nvsvc - ok 14:27:37.0008 5152 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 14:27:37.0011 5152 nv_agp - ok 14:27:37.0243 5152 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 14:27:37.0264 5152 odserv - ok 14:27:37.0311 5152 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 14:27:37.0314 5152 ohci1394 - ok 14:27:37.0398 5152 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 14:27:37.0402 5152 ose - ok 14:27:37.0455 5152 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 14:27:37.0474 5152 p2pimsvc - ok 14:27:37.0537 5152 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 14:27:37.0559 5152 p2psvc - ok 14:27:37.0591 5152 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 14:27:37.0595 5152 Parport - ok 14:27:37.0630 5152 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 14:27:37.0634 5152 partmgr - ok 14:27:37.0656 5152 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 14:27:37.0663 5152 PcaSvc - ok 14:27:37.0688 5152 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 14:27:37.0692 5152 pci - ok 14:27:37.0705 5152 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 14:27:37.0726 5152 pciide - ok 14:27:37.0746 5152 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 14:27:37.0752 5152 pcmcia - ok 14:27:37.0763 5152 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 14:27:37.0765 5152 pcw - ok 14:27:37.0832 5152 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 14:27:37.0843 5152 PEAUTH - ok 14:27:38.0092 5152 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 14:27:38.0095 5152 PerfHost - ok 14:27:38.0177 5152 PGEffect (663962900e7fea522126ba287715bb4a) C:\Windows\system32\DRIVERS\pgeffect.sys 14:27:38.0180 5152 PGEffect - ok 14:27:38.0301 5152 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 14:27:38.0337 5152 pla - ok 14:27:38.0403 5152 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 14:27:38.0421 5152 PlugPlay - ok 14:27:38.0447 5152 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 14:27:38.0450 5152 PNRPAutoReg - ok 14:27:38.0483 5152 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 14:27:38.0487 5152 PNRPsvc - ok 14:27:38.0695 5152 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys 14:27:38.0698 5152 Point64 - ok 14:27:38.0762 5152 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 14:27:38.0788 5152 PolicyAgent - ok 14:27:38.0822 5152 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 14:27:38.0828 5152 Power - ok 14:27:38.0866 5152 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 14:27:38.0870 5152 PptpMiniport - ok 14:27:38.0890 5152 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 14:27:38.0893 5152 Processor - ok 14:27:38.0953 5152 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll 14:27:38.0966 5152 ProfSvc - ok 14:27:39.0013 5152 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 14:27:39.0016 5152 ProtectedStorage - ok 14:27:39.0066 5152 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 14:27:39.0069 5152 Psched - ok 14:27:39.0244 5152 PSI_SVC_2 (543a4ef0923bf70d126625b034ef25af) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe 14:27:39.0249 5152 PSI_SVC_2 - ok 14:27:39.0320 5152 PxHlpa64 (a6bf0a9b5a30d743623ca0d3be35df05) C:\Windows\system32\Drivers\PxHlpa64.sys 14:27:39.0325 5152 PxHlpa64 - ok 14:27:39.0447 5152 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 14:27:39.0509 5152 ql2300 - ok 14:27:39.0913 5152 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 14:27:39.0917 5152 ql40xx - ok 14:27:39.0953 5152 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 14:27:39.0966 5152 QWAVE - ok 14:27:39.0976 5152 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 14:27:39.0979 5152 QWAVEdrv - ok 14:27:39.0984 5152 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 14:27:39.0986 5152 RasAcd - ok 14:27:40.0021 5152 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 14:27:40.0024 5152 RasAgileVpn - ok 14:27:40.0043 5152 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 14:27:40.0048 5152 RasAuto - ok 14:27:40.0071 5152 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 14:27:40.0076 5152 Rasl2tp - ok 14:27:40.0122 5152 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 14:27:40.0140 5152 RasMan - ok 14:27:40.0155 5152 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 14:27:40.0157 5152 RasPppoe - ok 14:27:40.0170 5152 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 14:27:40.0174 5152 RasSstp - ok 14:27:40.0214 5152 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 14:27:40.0232 5152 rdbss - ok 14:27:40.0239 5152 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys 14:27:40.0242 5152 rdpbus - ok 14:27:40.0247 5152 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 14:27:40.0247 5152 RDPCDD - ok 14:27:40.0258 5152 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 14:27:40.0259 5152 RDPENCDD - ok 14:27:40.0269 5152 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 14:27:40.0270 5152 RDPREFMP - ok 14:27:40.0344 5152 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys 14:27:40.0350 5152 RDPWD - ok 14:27:40.0402 5152 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 14:27:40.0407 5152 rdyboost - ok 14:27:40.0433 5152 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 14:27:40.0437 5152 RemoteAccess - ok 14:27:40.0480 5152 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 14:27:40.0495 5152 RemoteRegistry - ok 14:27:40.0555 5152 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 14:27:40.0560 5152 RFCOMM - ok 14:27:40.0605 5152 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 14:27:40.0609 5152 RpcEptMapper - ok 14:27:40.0634 5152 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 14:27:40.0638 5152 RpcLocator - ok 14:27:40.0679 5152 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 14:27:40.0685 5152 RpcSs - ok 14:27:40.0722 5152 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 14:27:40.0725 5152 rspndr - ok 14:27:40.0792 5152 RTL8167 (ba3e57c89e6f63808d3f2b11e1a2ad3c) C:\Windows\system32\DRIVERS\Rt64win7.sys 14:27:40.0813 5152 RTL8167 - ok 14:27:40.0851 5152 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 14:27:40.0853 5152 SamSs - ok 14:27:40.0891 5152 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 14:27:40.0895 5152 sbp2port - ok 14:27:40.0930 5152 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 14:27:40.0945 5152 SCardSvr - ok 14:27:40.0963 5152 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 14:27:40.0966 5152 scfilter - ok 14:27:41.0044 5152 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 14:27:41.0093 5152 Schedule - ok 14:27:41.0111 5152 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 14:27:41.0114 5152 SCPolicySvc - ok 14:27:41.0144 5152 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys 14:27:41.0147 5152 sdbus - ok 14:27:41.0170 5152 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 14:27:41.0185 5152 SDRSVC - ok 14:27:41.0362 5152 SeaPort (78779ee07231c658b483b1f38b5088df) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE 14:27:41.0380 5152 SeaPort - ok 14:27:41.0421 5152 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 14:27:41.0424 5152 secdrv - ok 14:27:41.0446 5152 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 14:27:41.0450 5152 seclogon - ok 14:27:41.0477 5152 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 14:27:41.0481 5152 SENS - ok 14:27:41.0497 5152 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 14:27:41.0500 5152 SensrSvc - ok 14:27:41.0509 5152 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 14:27:41.0511 5152 Serenum - ok 14:27:41.0536 5152 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 14:27:41.0556 5152 Serial - ok 14:27:41.0577 5152 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 14:27:41.0579 5152 sermouse - ok 14:27:41.0614 5152 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 14:27:41.0618 5152 SessionEnv - ok 14:27:41.0624 5152 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 14:27:41.0626 5152 sffdisk - ok 14:27:41.0630 5152 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 14:27:41.0632 5152 sffp_mmc - ok 14:27:41.0637 5152 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 14:27:41.0639 5152 sffp_sd - ok 14:27:41.0644 5152 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 14:27:41.0646 5152 sfloppy - ok 14:27:41.0682 5152 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 14:27:41.0687 5152 SharedAccess - ok 14:27:41.0719 5152 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 14:27:41.0738 5152 ShellHWDetection - ok 14:27:41.0781 5152 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 14:27:41.0784 5152 SiSRaid2 - ok 14:27:41.0798 5152 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 14:27:41.0801 5152 SiSRaid4 - ok 14:27:41.0961 5152 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe 14:27:41.0966 5152 SkypeUpdate - ok 14:27:42.0019 5152 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 14:27:42.0022 5152 Smb - ok 14:27:42.0059 5152 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 14:27:42.0062 5152 SNMPTRAP - ok 14:27:42.0073 5152 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 14:27:42.0075 5152 spldr - ok 14:27:42.0125 5152 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 14:27:42.0147 5152 Spooler - ok 14:27:42.0461 5152 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 14:27:42.0563 5152 sppsvc - ok 14:27:42.0891 5152 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 14:27:42.0896 5152 sppuinotify - ok 14:27:43.0053 5152 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 14:27:43.0077 5152 srv - ok 14:27:43.0108 5152 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 14:27:43.0126 5152 srv2 - ok 14:27:43.0150 5152 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 14:27:43.0154 5152 srvnet - ok 14:27:43.0217 5152 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 14:27:43.0230 5152 SSDPSRV - ok 14:27:43.0244 5152 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 14:27:43.0249 5152 SstpSvc - ok 14:27:43.0272 5152 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 14:27:43.0274 5152 stexstor - ok 14:27:43.0330 5152 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 14:27:43.0353 5152 stisvc - ok 14:27:43.0364 5152 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 14:27:43.0366 5152 swenum - ok 14:27:43.0417 5152 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 14:27:43.0442 5152 swprv - ok 14:27:43.0527 5152 SynTP (470c47daba9ca3966f0ab3f835d7d135) C:\Windows\system32\DRIVERS\SynTP.sys 14:27:43.0548 5152 SynTP - ok 14:27:43.0682 5152 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 14:27:43.0736 5152 SysMain - ok 14:27:44.0027 5152 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 14:27:44.0032 5152 TabletInputService - ok 14:27:44.0070 5152 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 14:27:44.0090 5152 TapiSrv - ok 14:27:44.0107 5152 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 14:27:44.0111 5152 TBS - ok 14:27:44.0383 5152 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 14:27:44.0435 5152 Tcpip - ok 14:27:44.0977 5152 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 14:27:44.0992 5152 TCPIP6 - ok 14:27:45.0405 5152 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 14:27:45.0408 5152 tcpipreg - ok 14:27:45.0416 5152 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 14:27:45.0418 5152 TDPIPE - ok 14:27:45.0461 5152 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 14:27:45.0463 5152 TDTCP - ok 14:27:45.0504 5152 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 14:27:45.0508 5152 tdx - ok 14:27:45.0566 5152 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys 14:27:45.0584 5152 TermDD - ok 14:27:45.0648 5152 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 14:27:45.0710 5152 TermService - ok 14:27:45.0730 5152 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 14:27:45.0735 5152 Themes - ok 14:27:45.0780 5152 Thpdrv (c013f6acaa9761f571bd28dada7c157d) C:\Windows\system32\DRIVERS\thpdrv.sys 14:27:45.0783 5152 Thpdrv - ok 14:27:45.0797 5152 Thpevm (b4e609047434ed948af7bdef2fa66e38) C:\Windows\system32\DRIVERS\Thpevm.SYS 14:27:45.0799 5152 Thpevm - ok 14:27:45.0847 5152 Thpsrv (f6927bba3b09aff26a53a9191f7378f9) C:\Windows\system32\ThpSrv.exe 14:27:45.0871 5152 Thpsrv - ok 14:27:45.0908 5152 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 14:27:45.0912 5152 THREADORDER - ok 14:27:46.0158 5152 TMachInfo (f120967184a27e927052e8ddbb727851) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe 14:27:46.0161 5152 TMachInfo - ok 14:27:46.0304 5152 TosCoSrv (98c864481d62f86ec8af65be3419a95b) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe 14:27:46.0328 5152 TosCoSrv - ok 14:27:46.0492 5152 TOSHIBA Bluetooth Service (8f099be5db17d025e19652851399b9f1) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe 14:27:46.0506 5152 TOSHIBA Bluetooth Service - ok 14:27:46.0642 5152 TOSHIBA eco Utility Service (2ab7a4697462edb0c9dfafc529746ba9) C:\Program Files\TOSHIBA\TECO\TecoService.exe 14:27:46.0645 5152 TOSHIBA eco Utility Service - ok 14:27:46.0747 5152 TOSHIBA HDD SSD Alert Service (74c2fa8c3765ee71a9c22182ec108457) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe 14:27:46.0771 5152 TOSHIBA HDD SSD Alert Service - ok 14:27:46.0911 5152 tosporte (8021f63311797085949fa387f7c83583) C:\Windows\system32\DRIVERS\tosporte.sys 14:27:46.0914 5152 tosporte - ok 14:27:46.0952 5152 tosrfbd (3fa1857f4a99af19d1f4106697793e0e) C:\Windows\system32\DRIVERS\tosrfbd.sys 14:27:46.0964 5152 tosrfbd - ok 14:27:46.0976 5152 tosrfbnp (62512b5277d88600f8bd4b7aec43569d) C:\Windows\system32\Drivers\tosrfbnp.sys 14:27:46.0978 5152 tosrfbnp - ok 14:27:47.0002 5152 Tosrfcom (c523a9186c39d65cc9adebb2e1b93ccd) C:\Windows\system32\Drivers\tosrfcom.sys 14:27:47.0005 5152 Tosrfcom - ok 14:27:47.0010 5152 tosrfec (f5e3ac4cbcd154ee80849b21887fd0b0) C:\Windows\system32\DRIVERS\tosrfec.sys 14:27:47.0012 5152 tosrfec - ok 14:27:47.0024 5152 Tosrfhid (451b8c1815c6cc39650af916c2a382cd) C:\Windows\system32\DRIVERS\Tosrfhid.sys 14:27:47.0026 5152 Tosrfhid - ok 14:27:47.0043 5152 tosrfnds (b6fdc3c76ffe9c5171eea9c37ea367c2) C:\Windows\system32\DRIVERS\tosrfnds.sys 14:27:47.0046 5152 tosrfnds - ok 14:27:47.0059 5152 TosRfSnd (7052b10e54b48af12bd5606596a8e039) C:\Windows\system32\drivers\tosrfsnd.sys 14:27:47.0062 5152 TosRfSnd - ok 14:27:47.0078 5152 Tosrfusb (8197b0eae0d804ac3466045ddc5da98b) C:\Windows\system32\DRIVERS\tosrfusb.sys 14:27:47.0080 5152 Tosrfusb - ok 14:27:47.0189 5152 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\Windows\system32\DRIVERS\tos_sps64.sys 14:27:47.0211 5152 tos_sps64 - ok 14:27:47.0441 5152 TPCHSrv (97687d094aa597da366e1194b218cc6c) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe 14:27:47.0448 5152 TPCHSrv - ok 14:27:47.0765 5152 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 14:27:47.0771 5152 TrkWks - ok 14:27:47.0819 5152 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 14:27:47.0823 5152 TrustedInstaller - ok 14:27:47.0942 5152 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 14:27:47.0946 5152 tssecsrv - ok 14:27:47.0971 5152 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 14:27:47.0974 5152 TsUsbFlt - ok 14:27:47.0982 5152 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys 14:27:47.0984 5152 TsUsbGD - ok 14:27:48.0020 5152 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 14:27:48.0023 5152 tunnel - ok 14:27:48.0086 5152 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\Windows\system32\DRIVERS\TVALZ_O.SYS 14:27:48.0089 5152 TVALZ - ok 14:27:48.0137 5152 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\Windows\system32\DRIVERS\TVALZFL.sys 14:27:48.0140 5152 TVALZFL - ok 14:27:48.0179 5152 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 14:27:48.0200 5152 uagp35 - ok 14:27:48.0226 5152 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 14:27:48.0242 5152 udfs - ok 14:27:48.0283 5152 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 14:27:48.0288 5152 UI0Detect - ok 14:27:48.0302 5152 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 14:27:48.0305 5152 uliagpkx - ok 14:27:48.0330 5152 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 14:27:48.0333 5152 umbus - ok 14:27:48.0341 5152 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 14:27:48.0343 5152 UmPass - ok 14:27:48.0379 5152 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 14:27:48.0398 5152 upnphost - ok 14:27:48.0472 5152 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys 14:27:48.0475 5152 USBAAPL64 - ok 14:27:48.0525 5152 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 14:27:48.0529 5152 usbccgp - ok 14:27:48.0573 5152 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 14:27:48.0578 5152 usbcir - ok 14:27:48.0599 5152 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 14:27:48.0603 5152 usbehci - ok 14:27:48.0648 5152 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 14:27:48.0666 5152 usbhub - ok 14:27:48.0683 5152 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 14:27:48.0686 5152 usbohci - ok 14:27:48.0758 5152 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 14:27:48.0761 5152 usbprint - ok 14:27:48.0784 5152 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 14:27:48.0788 5152 USBSTOR - ok 14:27:48.0796 5152 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 14:27:48.0798 5152 usbuhci - ok 14:27:48.0839 5152 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys 14:27:48.0853 5152 usbvideo - ok 14:27:48.0880 5152 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 14:27:48.0884 5152 UxSms - ok 14:27:48.0918 5152 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 14:27:48.0919 5152 VaultSvc - ok 14:27:48.0972 5152 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 14:27:48.0976 5152 vdrvroot - ok 14:27:49.0032 5152 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 14:27:49.0078 5152 vds - ok 14:27:49.0088 5152 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 14:27:49.0090 5152 vga - ok 14:27:49.0098 5152 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 14:27:49.0100 5152 VgaSave - ok 14:27:49.0128 5152 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 14:27:49.0143 5152 vhdmp - ok 14:27:49.0149 5152 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 14:27:49.0151 5152 viaide - ok 14:27:49.0162 5152 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 14:27:49.0164 5152 volmgr - ok 14:27:49.0207 5152 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 14:27:49.0224 5152 volmgrx - ok 14:27:49.0247 5152 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 14:27:49.0264 5152 volsnap - ok 14:27:49.0304 5152 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 14:27:49.0308 5152 vsmraid - ok 14:27:49.0421 5152 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 14:27:49.0471 5152 VSS - ok 14:27:49.0862 5152 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 14:27:49.0865 5152 vwifibus - ok 14:27:49.0876 5152 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 14:27:49.0878 5152 vwififlt - ok 14:27:49.0925 5152 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 14:27:49.0943 5152 W32Time - ok 14:27:49.0954 5152 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 14:27:49.0957 5152 WacomPen - ok 14:27:49.0989 5152 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 14:27:49.0992 5152 WANARP - ok 14:27:50.0007 5152 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 14:27:50.0008 5152 Wanarpv6 - ok 14:27:50.0138 5152 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 14:27:50.0181 5152 WatAdminSvc - ok 14:27:50.0466 5152 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 14:27:50.0509 5152 wbengine - ok 14:27:50.0808 5152 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 14:27:50.0823 5152 WbioSrvc - ok 14:27:50.0852 5152 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 14:27:50.0862 5152 wcncsvc - ok 14:27:50.0878 5152 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 14:27:50.0883 5152 WcsPlugInService - ok 14:27:51.0011 5152 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 14:27:51.0014 5152 Wd - ok 14:27:51.0098 5152 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 14:27:51.0123 5152 Wdf01000 - ok 14:27:51.0153 5152 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 14:27:51.0158 5152 WdiServiceHost - ok 14:27:51.0162 5152 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 14:27:51.0165 5152 WdiSystemHost - ok 14:27:51.0190 5152 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 14:27:51.0209 5152 WebClient - ok 14:27:51.0238 5152 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 14:27:51.0252 5152 Wecsvc - ok 14:27:51.0274 5152 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 14:27:51.0278 5152 wercplsupport - ok 14:27:51.0294 5152 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 14:27:51.0300 5152 WerSvc - ok 14:27:51.0439 5152 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 14:27:51.0443 5152 WfpLwf - ok 14:27:51.0450 5152 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 14:27:51.0452 5152 WIMMount - ok 14:27:51.0527 5152 WinDefend - ok 14:27:51.0537 5152 WinHttpAutoProxySvc - ok 14:27:51.0673 5152 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 14:27:51.0684 5152 Winmgmt - ok 14:27:51.0834 5152 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 14:27:51.0887 5152 WinRM - ok 14:27:52.0352 5152 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 14:27:52.0355 5152 WinUsb - ok 14:27:52.0445 5152 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 14:27:52.0478 5152 Wlansvc - ok 14:27:52.0606 5152 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 14:27:52.0609 5152 wlcrasvc - ok 14:27:52.0823 5152 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 14:27:52.0898 5152 wlidsvc - ok 14:27:53.0311 5152 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 14:27:53.0313 5152 WmiAcpi - ok 14:27:53.0444 5152 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 14:27:53.0455 5152 wmiApSrv - ok 14:27:53.0522 5152 WMPNetworkSvc - ok 14:27:53.0566 5152 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 14:27:53.0571 5152 WPCSvc - ok 14:27:53.0588 5152 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 14:27:53.0592 5152 WPDBusEnum - ok 14:27:53.0619 5152 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 14:27:53.0622 5152 ws2ifsl - ok 14:27:53.0637 5152 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll 14:27:53.0642 5152 wscsvc - ok 14:27:53.0647 5152 WSearch - ok 14:27:53.0832 5152 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 14:27:53.0943 5152 wuauserv - ok 14:27:54.0335 5152 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 14:27:54.0338 5152 WudfPf - ok 14:27:54.0385 5152 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 14:27:54.0389 5152 WUDFRd - ok 14:27:54.0428 5152 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 14:27:54.0433 5152 wudfsvc - ok 14:27:54.0459 5152 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 14:27:54.0472 5152 WwanSvc - ok 14:27:54.0536 5152 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 14:27:54.0827 5152 \Device\Harddisk0\DR0 - ok 14:27:54.0843 5152 Boot (0x1200) (dc14873f50bdfd84089d6c3276678c3e) \Device\Harddisk0\DR0\Partition0 14:27:54.0846 5152 \Device\Harddisk0\DR0\Partition0 - ok 14:27:54.0858 5152 Boot (0x1200) (3099255c8f80232b9785a4ac56e09a80) \Device\Harddisk0\DR0\Partition1 14:27:54.0861 5152 \Device\Harddisk0\DR0\Partition1 - ok 14:27:54.0862 5152 ============================================================ 14:27:54.0862 5152 Scan finished 14:27:54.0862 5152 ============================================================ 14:27:54.0879 3992 Detected object count: 0 14:27:54.0880 3992 Actual detected object count: 0

DDS report > DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1 Run by User at 14:15:38 on 2012-08-07 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.3955.1817 [GMT 10:00] . AV: AVG Internet Security 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: AVG Internet Security 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} FW: AVG Firewall *Enabled* {621CC794-9486-F902-D092-0484E8EA828B} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\AVG\AVG2012\avgfws.exe C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\ThpSrv.exe C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe C:\Program Files\TOSHIBA\TECO\TecoService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe C:\Program Files (x86)\AVG\AVG2012\avgemca.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskeng.exe C:\Windows\System32\rundll32.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe C:\Windows\System32\ThpSrv.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\TOSHIBA\TECO\Teco.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\TOSHIBA\FlashCards\Hotkey\TcrdKBB.exe C:\Program Files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe C:\Program Files (x86)\TOSHIBA\Bluetooth Monitor\BtMon64.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe C:\Windows\system32\DllHost.exe C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe C:\Program Files (x86)\AVG\AVG2012\avgui.exe C:\Program Files (x86)\AVG\AVG2012\avgcfgex.exe C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = https://google.com.au/ uInternet Settings,ProxyOverride = *.local mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll BHO: TOSHIBA Media Controller Plug-in: {f3c88694-effa-4d78-b409-54b7b2535b14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun mRun: [iTSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun mRun: [TRCMan] C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe mRun: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL mRun: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP mRun: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~2.LNK - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000 IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab TCP: DhcpNameServer = 192.168.2.1 211.29.152.116 198.142.0.51 211.29.132.12 TCP: Interfaces\{31463894-47C5-49DF-A89A-EA8BA3665776} : DhcpNameServer = 192.168.2.1 211.29.152.116 198.142.0.51 211.29.132.12 TCP: Interfaces\{31463894-47C5-49DF-A89A-EA8BA3665776}\2656C6B696E6534376 : DhcpNameServer = 192.168.2.1 211.29.152.116 198.142.0.51 211.29.132.12 TCP: Interfaces\{9E78E34D-D59A-4AD8-8FD9-FBBDFD3C7051} : DhcpNameServer = 192.168.2.1 61.9.194.49 61.9.195.193 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll BHO-X64: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" mRun-x64: [iTSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START mRun-x64: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 mRun-x64: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun mRun-x64: [TRCMan] C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe mRun-x64: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL mRun-x64: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP mRun-x64: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\t5wlvxjm.default\ FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?] R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?] R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\Windows\system32\DRIVERS\thpdrv.sys --> C:\Windows\system32\DRIVERS\thpdrv.sys [?] R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\Windows\system32\DRIVERS\Thpevm.SYS --> C:\Windows\system32\DRIVERS\Thpevm.SYS [?] R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\Windows\system32\DRIVERS\tos_sps64.sys --> C:\Windows\system32\DRIVERS\tos_sps64.sys [?] R1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6a.sys --> C:\Windows\system32\DRIVERS\avgfwd6a.sys [?] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?] R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?] R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-9-16 169312] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832] R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776] R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-1-28 249200] R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-3-10 46448] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-8-6 655944] R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-4-6 258928] R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\Windows\system32\DRIVERS\TVALZFL.sys --> C:\Windows\system32\DRIVERS\TVALZFL.sys [?] R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?] R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?] R3 enecir;ENE CIR Receiver;C:\Windows\system32\DRIVERS\enecir.sys --> C:\Windows\system32\DRIVERS\enecir.sys [?] R3 enecirhid;ENE CIR HID Receiver;C:\Windows\system32\DRIVERS\enecirhid.sys --> C:\Windows\system32\DRIVERS\enecirhid.sys [?] R3 enecirhidma;ENE CIR HIDmini Filter;C:\Windows\system32\DRIVERS\enecirhidma.sys --> C:\Windows\system32\DRIVERS\enecirhidma.sys [?] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?] R3 PGEffect;Pangu effect driver;C:\Windows\system32\DRIVERS\pgeffect.sys --> C:\Windows\system32\DRIVERS\pgeffect.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2012-3-10 54136] R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560] R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-2-23 835952] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-29 158856] S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-4-1 183560] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-3-13 1038088] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-8-6 113120] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-08-07 01:41:11 -------- d-----w- C:\Users\User\AppData\Local\{5EB0BD32-955A-4D4E-9617-530CED9C4DE9} 2012-08-07 01:41:06 -------- d-----w- C:\Users\User\AppData\Local\{4CC6186A-A2D4-4157-AFCF-CB644C0334A4} 2012-08-06 05:02:33 9133488 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0AA5427F-5F29-43E0-82E5-AA63BCFAED25}\mpengine.dll 2012-08-06 04:53:16 -------- d-----w- C:\Users\User\AppData\Local\{55B1E213-73F7-4F9A-91E0-E2D34CDB6012} 2012-08-06 04:53:03 -------- d-----w- C:\Users\User\AppData\Local\{2964E180-B0DB-4F1A-AD4E-8E79657C60E5} 2012-08-06 01:48:59 -------- d-----w- C:\Users\User\AppData\Local\Macromedia 2012-08-06 00:36:43 -------- d-----w- C:\Users\User\AppData\Local\Mozilla 2012-08-06 00:36:20 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service 2012-08-05 16:10:09 -------- d-----w- C:\Users\User\AppData\Local\{AF577CB8-ED1A-42A2-B5AD-5FFBF664D481} 2012-08-05 16:09:46 -------- d-----w- C:\Users\User\AppData\Local\{3D73F63E-946A-4068-BFA2-1E83AD35D5A1} 2012-08-05 01:52:46 9133488 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-08-05 01:34:53 -------- d-----w- C:\Users\User\AppData\Local\{3BFEEE9F-E0EE-4D40-BF1E-706F8FBEFBCB} 2012-08-05 01:34:30 -------- d-----w- C:\Users\User\AppData\Local\{2246B0D4-74F0-4F9D-ABC4-83728B88B0F4} 2012-08-04 12:51:58 -------- d-----w- C:\Users\User\AppData\Local\{3035641B-7879-4BC2-B30A-20D9EF51684E} 2012-08-04 12:51:45 -------- d-----w- C:\Users\User\AppData\Local\{564F8EF3-D2C4-4B65-A8BF-815D9E38C5A4} 2012-08-04 00:22:19 -------- d-----w- C:\Users\User\AppData\Local\{82772086-29A3-46FB-8798-5C7B03260C13} 2012-08-04 00:21:36 -------- d-----w- C:\Users\User\AppData\Local\{E98112BC-C832-4D4C-B020-E15420D72916} 2012-08-03 01:40:24 -------- d-----w- C:\Users\User\AppData\Local\{D1051F2E-D7D1-44AE-9E4C-4741C35362A0} 2012-08-03 01:40:02 -------- d-----w- C:\Users\User\AppData\Local\{1B9AD6A3-C169-4801-978E-149087E87E2E} 2012-08-02 13:39:38 -------- d-----w- C:\Users\User\AppData\Local\{80899358-C26F-4D04-BF65-C7500287768A} 2012-08-02 13:39:16 -------- d-----w- C:\Users\User\AppData\Local\{ECC0847D-FCD7-47C8-946A-5ED5DB918837} 2012-08-02 01:38:49 -------- d-----w- C:\Users\User\AppData\Local\{B81577C5-B5B8-4EDD-839A-ECA8A4581E87} 2012-08-02 01:38:28 -------- d-----w- C:\Users\User\AppData\Local\{665569FE-6C21-4C94-AA2D-FB087970DB75} 2012-08-01 13:38:01 -------- d-----w- C:\Users\User\AppData\Local\{8BACE3FF-1D75-43C0-8FB0-B1257A1B563D} 2012-08-01 13:37:39 -------- d-----w- C:\Users\User\AppData\Local\{4534B255-F124-4D13-9642-F81538A17032} 2012-08-01 01:37:09 -------- d-----w- C:\Users\User\AppData\Local\{0D62549F-2992-4A5B-92EF-C1EF0007ADD3} 2012-08-01 01:36:59 -------- d-----w- C:\Users\User\AppData\Local\{9E20DCC6-2060-4F77-89E7-CA89ACED4EDD} 2012-07-31 03:23:42 -------- d-----w- C:\Users\User\AppData\Local\{CD605780-E6DA-4AD9-807E-A23A0A77EA7C} 2012-07-31 03:23:29 -------- d-----w- C:\Users\User\AppData\Local\{091CFC26-07C8-4889-AC92-2A962E42B80E} 2012-07-30 12:42:23 -------- d-----w- C:\Users\User\AppData\Local\{F2212AA4-3F9A-493D-B124-629250C1B9B9} 2012-07-30 12:41:56 -------- d-----w- C:\Users\User\AppData\Local\{9C193D1D-0547-4BB6-ABC2-0265C0EBE64F} 2012-07-30 00:41:31 -------- d-----w- C:\Users\User\AppData\Local\{DA317FDD-BB6B-4D63-8A6D-9419F322CC34} 2012-07-30 00:41:20 -------- d-----w- C:\Users\User\AppData\Local\{386F5D71-1575-4A5F-BE18-368BB8830153} 2012-07-29 06:08:35 -------- d-----w- C:\Users\User\AppData\Local\{BCD01673-FC3A-41B3-9C0F-10FDD4401BE8} 2012-07-29 06:07:44 -------- d-----w- C:\Users\User\AppData\Local\{3AA65123-7898-4C43-BD75-E2E568CFA997} 2012-07-28 11:52:34 -------- d-----w- C:\Users\User\AppData\Local\{9333BF69-C2B1-4D42-BC00-28A3BC8505FE} 2012-07-28 11:52:11 -------- d-----w- C:\Users\User\AppData\Local\{19A32462-0FA2-4C35-8211-7C1FBC0490DF} 2012-07-27 23:51:45 -------- d-----w- C:\Users\User\AppData\Local\{77CF40FC-A8A5-4439-B69A-8E4F1F8971F0} 2012-07-27 23:51:30 -------- d-----w- C:\Users\User\AppData\Local\{33751988-82F4-44AD-B34B-93B46B7DD132} 2012-07-27 03:14:53 -------- d-----w- C:\Users\User\AppData\Local\{D7D5B9B2-8C40-4F5E-9ACF-9C6FC7CFC49C} 2012-07-27 03:14:30 -------- d-----w- C:\Users\User\AppData\Local\{3C5F6E1B-57D0-4B7B-A789-D4C5ED3C2845} 2012-07-26 13:29:57 -------- d-----w- C:\Users\User\AppData\Local\{231021A0-E8D5-4C35-A4B7-279B8FBC5D42} 2012-07-26 13:29:32 -------- d-----w- C:\Users\User\AppData\Local\{3EA9EDB6-453F-425D-948B-91FDD3DBDD1A} 2012-07-26 01:29:07 -------- d-----w- C:\Users\User\AppData\Local\{AB8203C8-8B4C-4F3B-A1A6-B29C1FDD63ED} 2012-07-26 01:28:46 -------- d-----w- C:\Users\User\AppData\Local\{002E2C12-AA40-451F-98D9-14044BBE951E} 2012-07-25 13:28:19 -------- d-----w- C:\Users\User\AppData\Local\{9C2190A8-202D-495D-ABA0-8B617491D819} 2012-07-25 13:27:57 -------- d-----w- C:\Users\User\AppData\Local\{AFF7BE2A-092C-4F57-B9DA-D7390E09258B} 2012-07-25 01:27:33 -------- d-----w- C:\Users\User\AppData\Local\{824074E9-FEFE-4CBB-9C3B-D231F388C69B} 2012-07-25 01:27:22 -------- d-----w- C:\Users\User\AppData\Local\{6CBE16E1-511C-45D9-968C-223564AFF624} 2012-07-24 12:54:50 -------- d-----w- C:\Users\User\AppData\Local\{3C118AB2-B091-4CE9-83DC-7797CD6E7DB9} 2012-07-24 12:54:28 -------- d-----w- C:\Users\User\AppData\Local\{3554D1BE-B24C-4A9B-8BCC-39A8D1B22446} 2012-07-24 00:54:03 -------- d-----w- C:\Users\User\AppData\Local\{F7DB5861-4991-47E2-9D63-9F8853C35CD0} 2012-07-24 00:53:53 -------- d-----w- C:\Users\User\AppData\Local\{357F3FFA-0737-4A92-B651-2ADE5FDFE8B5} 2012-07-23 12:47:41 -------- d-----w- C:\Users\User\AppData\Local\{DD40BA29-836F-40A1-8C4C-20516A131718} 2012-07-23 12:47:18 -------- d-----w- C:\Users\User\AppData\Local\{D17F10D9-62B8-4759-9ACD-26DA2E8EADD7} 2012-07-23 00:46:22 -------- d-----w- C:\Users\User\AppData\Local\{9F1A6D36-C884-4AE5-9FE1-F4F6A7DF1FBA} 2012-07-23 00:45:34 -------- d-----w- C:\Users\User\AppData\Local\{7783D9E7-9B87-4611-833A-936D36E2D3AA} 2012-07-22 05:15:24 -------- d-----w- C:\Users\User\AppData\Local\{BA763B2F-D87D-4E1D-8B99-E622CA73CC71} 2012-07-22 05:15:02 -------- d-----w- C:\Users\User\AppData\Local\{0173D00B-8992-4324-B331-F9F9D754B17B} 2012-07-21 17:14:36 -------- d-----w- C:\Users\User\AppData\Local\{5DEE80CC-20A1-49A0-A959-FFB7C946380A} 2012-07-21 17:14:13 -------- d-----w- C:\Users\User\AppData\Local\{BBAEE834-FB0D-485C-BBA2-1C5EC3D05BFD} 2012-07-21 05:13:49 -------- d-----w- C:\Users\User\AppData\Local\{19540840-CEFF-44A9-A61D-81F09351C4A9} 2012-07-21 05:13:39 -------- d-----w- C:\Users\User\AppData\Local\{AED6286A-001B-4B22-B62B-F18A372F1F10} 2012-07-20 13:55:05 -------- d-----w- C:\Users\User\AppData\Local\{E4387415-5495-4C94-A814-980482933685} 2012-07-20 13:54:42 -------- d-----w- C:\Users\User\AppData\Local\{EEDA77CA-EB4B-472A-BDC4-6A33262CB59C} 2012-07-20 01:54:16 -------- d-----w- C:\Users\User\AppData\Local\{D91D0BB2-33C0-4410-A9F1-12E520BE522B} 2012-07-20 01:54:05 -------- d-----w- C:\Users\User\AppData\Local\{B85720BB-1331-4B9E-A276-9213CBB512AF} 2012-07-19 13:42:26 -------- d-----w- C:\Users\User\AppData\Local\{3B9816C3-1F87-4EB6-A642-917DB136995D} 2012-07-19 13:42:02 -------- d-----w- C:\Users\User\AppData\Local\{3384FE38-55FE-47E4-BC65-43E80E328D63} 2012-07-19 01:41:35 -------- d-----w- C:\Users\User\AppData\Local\{4C5E0CB3-338F-4689-831C-B2ACB57D7BA4} 2012-07-19 01:41:13 -------- d-----w- C:\Users\User\AppData\Local\{93210C70-DA44-4E9F-8492-724AB083ECDC} 2012-07-18 22:53:38 -------- d-----w- C:\PFiles 2012-07-18 13:40:46 -------- d-----w- C:\Users\User\AppData\Local\{738BE42C-5DA2-49F6-9094-36F18CAFFF03} 2012-07-18 13:40:23 -------- d-----w- C:\Users\User\AppData\Local\{A4AD427E-5243-4468-B99F-F391F3618103} 2012-07-18 01:39:57 -------- d-----w- C:\Users\User\AppData\Local\{F69DD8CA-4418-415E-B90C-9F15383D1AE6} 2012-07-18 01:39:46 -------- d-----w- C:\Users\User\AppData\Local\{54C9474B-032A-4E0A-A85D-9F5330F4DCA3} 2012-07-17 05:45:34 -------- d-----w- C:\Users\User\AppData\Local\{7048FA4D-726F-4F3F-8289-972F80D8CE48} 2012-07-17 05:45:24 -------- d-----w- C:\Users\User\AppData\Local\{F58939B2-C5F7-42A2-B060-3BD45403284A} 2012-07-16 13:33:18 -------- d-----w- C:\Users\User\AppData\Local\{EA97EE46-3C9C-4801-8F6B-38431043646E} 2012-07-16 13:32:57 -------- d-----w- C:\Users\User\AppData\Local\{01E0F386-3F5C-4FF9-A347-FD353F93CA25} 2012-07-16 01:32:32 -------- d-----w- C:\Users\User\AppData\Local\{355A9BC6-5045-4790-83E2-199318D1C29A} 2012-07-16 01:32:10 -------- d-----w- C:\Users\User\AppData\Local\{E5795BB7-9043-43B0-A64E-1ACB9E7083AF} 2012-07-15 13:31:42 -------- d-----w- C:\Users\User\AppData\Local\{F4C6D25D-94F4-4E71-96D3-20FFD53C1074} 2012-07-15 13:31:18 -------- d-----w- C:\Users\User\AppData\Local\{16273635-DA31-4E39-A656-08D6C1A353A4} 2012-07-15 01:30:51 -------- d-----w- C:\Users\User\AppData\Local\{3C26654A-EEE8-48AC-BD96-24AA5B3F6E07} 2012-07-15 01:30:28 -------- d-----w- C:\Users\User\AppData\Local\{86B272EB-EF67-4B15-8196-665B8F3F82CD} 2012-07-14 13:30:01 -------- d-----w- C:\Users\User\AppData\Local\{B93BE72E-E41F-46A9-89EB-9815F87DE66B} 2012-07-14 13:29:39 -------- d-----w- C:\Users\User\AppData\Local\{E132F4C0-9F8F-4F0E-A329-BAB96EEA9E75} 2012-07-14 01:29:11 -------- d-----w- C:\Users\User\AppData\Local\{195975BD-EC55-4624-9E24-27BC208A123D} 2012-07-14 01:29:01 -------- d-----w- C:\Users\User\AppData\Local\{8F96178D-87A7-4577-BEBD-3F3F8C23FA62} 2012-07-13 06:10:06 -------- d-----w- C:\Users\User\AppData\Local\{17984A18-D3A9-4093-ADAA-627ABE40DBC3} 2012-07-13 06:09:56 -------- d-----w- C:\Users\User\AppData\Local\{897CF02D-BFF2-4099-BD54-9FFE93DCE626} 2012-07-13 01:04:22 -------- d-----w- C:\Users\User\AppData\Local\{030E0D5A-D0D8-488E-B40F-6E0AD04BAE82} 2012-07-12 02:48:28 -------- d-----w- C:\Users\User\AppData\Local\{DE853974-5263-4D9D-A57D-B26477A8F614} 2012-07-12 02:47:53 -------- d-----w- C:\Users\User\AppData\Local\{90A964D5-ACB8-4EC3-BBDD-041C4B395B4C} 2012-07-11 17:10:41 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-07-11 14:14:03 -------- d-----w- C:\Users\User\AppData\Local\{910754F8-C070-4AE0-9845-17411C34257A} 2012-07-11 14:13:41 -------- d-----w- C:\Users\User\AppData\Local\{D8903F8A-042D-4BCD-B512-848CB4C4AA92} 2012-07-11 02:13:16 -------- d-----w- C:\Users\User\AppData\Local\{4106F55A-042D-4CE2-92FB-21C6CA306D66} 2012-07-11 02:13:06 -------- d-----w- C:\Users\User\AppData\Local\{602645C6-1BFE-43DA-8B4E-222F9BC188C3} 2012-07-10 13:10:03 -------- d-----w- C:\Users\User\AppData\Local\{2016FFF2-9F44-4AD2-9E50-4D8FB3AC6B79} 2012-07-10 13:09:41 -------- d-----w- C:\Users\User\AppData\Local\{D3A582B9-5C52-413C-A600-EF73AC5EA6EE} 2012-07-10 01:09:17 -------- d-----w- C:\Users\User\AppData\Local\{40307073-BA69-4470-B4F6-8355F137DF5D} 2012-07-10 01:09:07 -------- d-----w- C:\Users\User\AppData\Local\{4D222511-EEAF-4A63-BAEC-876E46DE4530} 2012-07-09 11:58:27 -------- d-----w- C:\Users\User\AppData\Local\{D844996F-8EB7-4259-B96D-84B5C97A23E0} 2012-07-09 11:58:02 -------- d-----w- C:\Users\User\AppData\Local\{4B104D21-74E9-49F6-9A04-E987B759C089} 2012-07-08 23:57:38 -------- d-----w- C:\Users\User\AppData\Local\{323BABB3-1B27-4861-93A4-7E32373B633D} 2012-07-08 23:56:32 -------- d-----w- C:\Users\User\AppData\Local\{95C05EDB-5C0B-4574-827C-C5DC4D438858} . ==================== Find3M ==================== . 2012-08-06 01:44:43 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-06 01:44:43 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-07-03 03:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll 2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll 2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll 2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll 2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll 2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 05:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-02 05:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2012-05-15 09:29:47 889664 ----a-w- C:\Windows\System32\nvvsvc.exe 2012-05-15 09:29:46 63296 ----a-w- C:\Windows\System32\nvshext.dll 2012-05-15 09:29:46 2561856 ----a-w- C:\Windows\System32\nvsvcr.dll 2012-05-15 09:29:46 118080 ----a-w- C:\Windows\System32\nvmctray.dll 2012-05-15 09:29:25 3149632 ----a-w- C:\Windows\System32\nvsvc64.dll 2012-05-15 09:28:42 6151488 ----a-w- C:\Windows\System32\nvcpl.dll . ============= FINISH: 14:17:00.16 =============== Attach report > . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 10/03/2012 12:28:34 PM System Uptime: 7/08/2012 9:36:22 AM (5 hours ago) . Motherboard: TOSHIBA | | NWQAA Processor: Intel® Core i5 CPU M 430 @ 2.27GHz | CPU | 2267/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 466 GiB total, 385.337 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP105: 12/07/2012 3:00:35 AM - Windows Update RP106: 16/07/2012 11:20:34 AM - Windows Update RP107: 19/07/2012 8:53:02 AM - Installed Windows Media Player Firefox Plugin RP108: 20/07/2012 12:01:55 PM - Windows Update RP109: 24/07/2012 11:02:42 AM - Windows Update RP110: 27/07/2012 1:24:57 PM - Windows Update RP111: 31/07/2012 1:27:19 PM - Windows Update RP112: 3/08/2012 11:08:09 PM - Windows Update . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) Acrobat.com Adobe After Effects CS4 Third Party Content Adobe AIR Adobe Anchor Service CS4 Adobe Bridge CS4 Adobe CMaps CS4 Adobe Color - Photoshop Specific CS4 Adobe Color EU Recommended Settings CS4 Adobe Color JA Extra Settings CS4 Adobe Color NA Extra Settings CS4 Adobe Color Video Profiles CS CS4 Adobe Creative Suite 4 Master Collection Adobe CS4 American English Speech Analysis Models Adobe CS4 French Speech Analysis Models Adobe CS4 German Speech Analysis Models Adobe CS4 International English Speech Analysis Models Adobe CS4 Italian Speech Analysis Models Adobe CS4 Japanese Speech Analysis Models Adobe CS4 Korean Speech Analysis Models Adobe CS4 Spanish Speech Analysis Models Adobe CSI CS4 Adobe Default Language CS4 Adobe Drive CS4 Adobe Dynamiclink Support Adobe Encore CS4 Codecs Adobe ExtendScript Toolkit CS4 Adobe Extension Manager CS4 Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Fonts All Adobe Linguistics CS4 Adobe Media Encoder CS4 Exporter Adobe Media Encoder CS4 Importer Adobe Output Module Adobe PDF Library Files CS4 Adobe Photoshop CS4 Adobe Photoshop CS4 Support Adobe Photoshop Elements 7.0 Adobe Premiere Pro CS4 Third Party Content Adobe Reader X (10.1.3) Adobe Search for Help Adobe Service Manager Extension Adobe Setup Adobe Shockwave Player 11.6 Adobe Soundbooth CS4 Adobe Soundbooth CS4 Codecs Adobe Type Support CS4 Adobe Update Manager CS4 Adobe WinSoft Linguistics Plugin Adobe XMP Panels CS4 AdobeColorCommonSetCMYK AdobeColorCommonSetRGB Apple Application Support Apple Software Update Bing Bar Bluetooth Monitor 4 Boris Graffiti for Corel Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module Common Connect Contents Corel VideoStudio Pro X4 Ultimate D3DX10 DeviceIO ICA Intel® Rapid Storage Technology IPM_VS_Pro ISCOM Java Auto Updater Java 7 Update 5 JavaFX 2.1.1 JMicron Flash Media Controller Driver Junk Mail filter update kuler Malwarebytes Anti-Malware version 1.62.0.1300 Mesh Runtime Messenger Companion Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Mozilla Firefox 14.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 NVIDIA PhysX PDF Settings CS4 Photoshop Camera Raw proDAD Mercalli 2.0 PureHD QuickTime Realtek Ethernet Controller Driver For Windows 7 Realtek High Definition Audio Driver Safari Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition Setup Share Skype™ 5.8 SmartSound Common Data SmartSound Quicktracks 5 Suite Shared Configuration CS4 swMSM TOSHIBA ConfigFree TOSHIBA DVD PLAYER TOSHIBA eco Utility TOSHIBA Face Recognition TOSHIBA Flash Cards Support Utility TOSHIBA Hardware Setup TOSHIBA HDD/SSD Alert TOSHIBA Media Controller TOSHIBA Media Controller Plug-in TOSHIBA Remote Control Manager TOSHIBA Service Station TOSHIBA Sleep Utility TOSHIBA Speech System Applications TOSHIBA Speech System SR Engine(U.S.) Version1.0 TOSHIBA Speech System TTS Engine(U.S.) Version1.0 TOSHIBA Supervisor Password TOSHIBA Value Added Package TOSHIBA Web Camera Application Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Utility Common Driver VIO Visual Studio 2008 x64 Redistributables VSClassic VSUltimate Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Encoder 9 Series Windows Media Player Firefox Plugin . ==== Event Viewer Messages From Past Week ======== . 6/08/2012 4:33:17 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F} 6/08/2012 4:33:17 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF} 6/08/2012 3:39:43 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 6/08/2012 3:39:43 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 6/08/2012 3:39:43 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 6/08/2012 3:39:42 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 6/08/2012 3:39:39 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 6/08/2012 3:39:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 6/08/2012 3:38:51 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 21 6/08/2012 3:38:37 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx64 Avgmfx64 discache MpFilter spldr Tosrfcom Wanarpv6 6/08/2012 12:57:16 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 6/08/2012 10:10:24 AM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly. 6/08/2012 10:09:56 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect. 5/08/2012 11:24:50 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 5/08/2012 11:24:50 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 5/08/2012 11:24:18 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Avgfwfd Avgldx64 Avgmfx64 Avgtdia DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx Tosrfcom vwififlt Wanarpv6 WfpLwf 5/08/2012 11:24:17 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 5/08/2012 11:24:17 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 5/08/2012 11:24:17 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 5/08/2012 11:24:17 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 5/08/2012 11:24:17 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 5/08/2012 11:24:17 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 5/08/2012 11:24:17 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 5/08/2012 11:24:17 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 5/08/2012 11:24:17 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 5/08/2012 11:24:17 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 31/07/2012 10:00:39 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{31463894-47C5-49DF-A89A-EA8BA3665776} because another computer on the network has the same name. The server could not start. 31/07/2012 1:18:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 31/07/2012 1:18:22 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect. 31/07/2012 1:18:22 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 3/08/2012 11:24:58 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting. 3/08/2012 11:22:39 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service. . ==== End Of File ===========================

sorry here's attached pictures. I have deleted google chrome, and placed PC in safe mode and ran both MWare and AVG scan's which came back clear. Help ? I'm worried i may still be infected. Thankyou in advance.

In the last few days i have noticed my computer getting slower, and have noticed when using google chrome, there was a small paper logo in the menu bar, when usually it is secure (https) I am running Mware Free and AVG, both of which are up to date. A couple of days ago Mware quarantined the following :- Whilst on Chrome tonight when i opened a new tab a page redirected to this saying hacked ??