Jump to content

Virus- Purchased Pro- Can't find it


Recommended Posts

I have followed the instructions and attached my logs.

Brief rundown of the situation. Caught some viruses/trojans and Malwarebytes found a removed a few with quick, full, and flash scans in safe mode. But I'm still infected. I get multiple iexplorer.exe applications running, one of which is currently taking up about 800,000 K of memory and 50% CPU. I don't even use internet explorer. I have tried closing it, but it comes back up. All day, I see Malwarebytes saying it has blocked outgoing transmissions from iexplore.exe.

My scans now find nothing but I'm still infected. If its any use, I'll also note that I had downloaded Prevx 3.0 and it found a trojan in the registry and another virus I forgot the name of. But it wanted me to purchase it to remove the two.

Sorry if this sounds weird, I am a little bit technically proficient, but not the most, so you'll have to excuse my questions.

Please help me remove this.

Attach.txt

DDS.txt

Link to post
Share on other sites

I read in the other topics that you want the logs copy/pasted so I pasted Attach.txt first, followed by DDS.txt:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 6/26/2009 6:27:51 PM

System Uptime: 5/8/2012 3:25:09 AM (14 hours ago)

.

Motherboard: TOSHIBA | | Portable PC

Processor: Intel® Core2 Duo CPU T6400 @ 2.00GHz | CPU | 1200/800mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 289 GiB total, 81.27 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

.

==== Installed Programs ======================

.

Adobe Flash Player 10 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader 8.3.1

Adobe Shockwave Player 11.5

Apple Application Support

Apple Software Update

Ask Toolbar

Ask Toolbar Updater

BitTorrent

Camera Assistant Software for Toshiba

Catalyst Control Center - Branding

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center Localization Chinese Standard

Catalyst Control Center Localization Chinese Traditional

Catalyst Control Center Localization Dutch

Catalyst Control Center Localization French

Catalyst Control Center Localization German

Catalyst Control Center Localization Italian

Catalyst Control Center Localization Japanese

Catalyst Control Center Localization Korean

Catalyst Control Center Localization Portuguese

Catalyst Control Center Localization Spanish

Catalyst Control Center Localization Swedish

ccc-core-static

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Dutch

CCC Help English

CCC Help French

CCC Help German

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Portuguese

CCC Help Spanish

CCC Help Swedish

CD/DVD Drive Acoustic Silencer

Compatibility Pack for the 2007 Office system

CyberLink PowerCinema for TOSHIBA

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

DivX Setup

DVD MovieFactory for TOSHIBA

Google Chrome

Google Earth Plug-in

Google Update Helper

Grand Theft Auto IV

Haali Media Splitter

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Java Auto Updater

Java 6 Update 29

Java 6 Update 6

Lexmark 2600 Series

Logitech Desktop Messenger

Malwarebytes Anti-Malware version 1.61.0.1400

McAfee Security Scan Plus

Microsoft Games for Windows - LIVE Redistributable

Microsoft Games for Windows Marketplace

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Click-to-Run 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Suite Activation Assistant

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft XML Parser

Mozilla Firefox 12.0 (x86 en-US)

Mozilla Maintenance Service

MSXML 4.0 SP2 (KB941833)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 and SOAP Toolkit 3.0

OpenOffice.org 3.1

QuickTime

REA's TESTware for the CLEP Macroeconomics

Realtek 8169 8168 8101E 8102E Ethernet Driver

Realtek High Definition Audio Driver

RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.02

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)

Security Update for Microsoft Visio Viewer 2010 (KB2597170) 32-Bit Edition

Security Update for Windows Media Encoder (KB2447961)

Security Update for Windows Media Encoder (KB954156)

Security Update for Windows Media Encoder (KB979332)

Sid Meier's Civilization 4 Complete

Sid Meier's Civilization IV Colonization

Skins

Skype Toolbars

Skype™ 5.1

System Requirements Lab for Intel

Toshiba Assist

TOSHIBA ConfigFree

TOSHIBA Desktop Links

TOSHIBA DVD PLAYER

TOSHIBA Extended Tiles for Windows Mobility Center

TOSHIBA Face Recognition

TOSHIBA Hardware Setup

TOSHIBA PowerCinema Helper

Toshiba Registration

TOSHIBA Service Station

TOSHIBA Speech System Applications

TOSHIBA Speech System SR Engine(U.S.) Version1.0

TOSHIBA Speech System TTS Engine(U.S.) Version1.0

TOSHIBA Supervisor Password

TOSHIBA Value Added Package

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

VC80CRTRedist - 8.0.50727.6195

Veetle TV 0.9.18

VLC media player 0.9.9

Webroot Software

Windows Media Encoder 9 Series

Windows Media Player Firefox Plugin

WinRAR archiver

Yahoo! Messenger

Yahoo! Software Update

Yahoo! Toolbar

.

==== Event Viewer Messages From Past Week ========

.

5/8/2012 10:23:34 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.3 for the Network Card with network address 0022FA1DAF84 has been denied by the DHCP server 1.1.1.1 (The DHCP Server sent a DHCPNACK message).

5/8/2012 1:21:18 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 172.24.60.79 for the Network Card with network address 0022FA1DAF84 has been denied by the DHCP server 1.1.1.1 (The DHCP Server sent a DHCPNACK message).

5/7/2012 8:58:21 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.3 for the Network Card with network address 0022FA1DAF84 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

5/7/2012 2:57:42 PM, Error: Service Control Manager [7022] - The Client Virtualization Handler service hung on starting.

5/6/2012 5:46:46 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.2 for the Network Card with network address 0022FA1DAF84 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

5/6/2012 3:13:31 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.4 for the Network Card with network address 0022FA1DAF84 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

5/6/2012 10:12:20 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer VAIO that believes that it is the master browser for the domain on transport NetBT_Tcpip_{E1530AD4-89EB-473E-B25A-44A4BD9E3D46}. The master browser is stopping or an election is being forced.

5/2/2012 2:03:47 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.4 for the Network Card with network address 0022FA1DAF84 has been denied by the DHCP server 1.1.1.1 (The DHCP Server sent a DHCPNACK message).

5/1/2012 5:29:51 PM, Error: Microsoft-Windows-Windows Defender [2004] - Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x8050a001 Error description: The program can't find definition files that help detect unwanted software. Check for updates to the definition files, and then try again. For information on installing updates, see Help and Support. Signatures loading: Backup Loading signature version: 1.125.146.0 Loading engine version: 1.1.8202.0

.

==== End Of File ===========================

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 8.0.6001.19222 BrowserJavaVersion: 1.6.0_29

Run by User at 17:00:57 on 2012-05-08

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.4093.901 [GMT -5:00]

.

AV: Webroot Internet Security Essentials *Disabled/Updated* {53211D91-0C31-95F2-E3A5-7661FB22889E}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Webroot Internet Security Essentials *Disabled/Updated* {E840FC75-2A0B-9A7C-D915-4D1380A5C223}

FW: Webroot Internet Security Essentials *Enabled* {6B1A9CB4-465E-94AA-C8FA-DF5405F1CFE5}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Program Files (x86)\Webroot\Security\Current\Framework\WRConsumerService.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\Ati2evxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\Ati2evxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskeng.exe

C:\Windows\system32\agr64svc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Bonjour\mDNSResponder.exe

C:\Windows\system32\lxdncoms.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

C:\Program Files (x86)\Webroot\Security\current\plugins\antimalware\AEI.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\RAVCpl64.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\System32\rundll32.exe

C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe

C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe

C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\Webroot\Security\Current\Framework\WRTray.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Program Files (x86)\Ask.com\Updater\Updater.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86) (x86)\Lexmark 2600 Series\lxdnmon.exe

C:\Program Files (x86) (x86)\Lexmark 2600 Series\ezprint.exe

C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\PROGRA~2\Webroot\Security\Current\Plugins\cleanup\WRCLEA~1.EXE

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

C:\Program Files (x86)\Adobe\Reader 8.0\Reader\AcroRd32.exe

C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

C:\Windows\splwow64.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart

mDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll

uURLSearchHooks: YTNavAssist.YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\YTNavAssist.dll

mWinlogon: Userinit=userinit.exe,

BHO: MRI_DISABLED - No File

BHO: Symantec Intrusion Prevention - No File

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No File

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

BHO: WebrootBHO Class: {d93ec24d-8741-4d41-b83d-a5793b998416} - C:\Program Files (x86)\Webroot\Security\current\plugins\browserextension\WebrootBHO.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: Webroot Browser Helper Object: {e08861fe-8847-4b2a-8ec2-08edb20e4020} - C:\Program Files (x86)\Webroot\Security\current\products\WISE\toolbar\LPBar.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll

TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll

TB: Webroot Toolbar: {d84a64a0-f2b2-4975-b264-3a3bce8d57d6} - C:\Program Files (x86)\Webroot\Security\current\products\WISE\toolbar\LPBar.dll

TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

uRun: [sidebar] "C:\Program Files\Windows Sidebar\Sidebar.exe" /autorun

uRun: [RGSC] "C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" /silent

uRun: [LDM] C:\Program Files (x86)\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

uRun: [Google Update] "C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe

uRun: [Askcom] "RUNDLL32.EXE" C:\Users\User\AppData\Local\Askcom\pjqdogmn.dll,UpdateWindowDlg

uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_Plugin.exe -update plugin

mRun: [NDSTray.exe] NDSTray.exe

mRun: [cfFncEnabler.exe] cfFncEnabler.exe

mRun: [PCMAgent] "C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe"

mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe"

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"

mRun: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start

mRun: [WebrootTrayApp] "C:\Program Files (x86)\Webroot\Security\Current\Framework\WRTray.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [<NO NAME>]

mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun: [lxdnmon.exe] "C:\Program Files (x86) (x86)\Lexmark 2600 Series\lxdnmon.exe"

mRun: [EzPrint] "C:\Program Files (x86) (x86)\Lexmark 2600 Series\ezprint.exe"

mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

StartupFolder: C:\Users\User\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files (x86)\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe

uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{9516A354-494B-4EC5-9320-4E0C164EEFD6} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{E1530AD4-89EB-473E-B25A-44A4BD9E3D46} : DhcpNameServer = 192.168.1.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files (x86)\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO-X64: MRI_DISABLED - No File

BHO-X64: Symantec Intrusion Prevention - No File

BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll

BHO-X64: 0x1 - No File

BHO-X64: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

BHO-X64: Increase performance and video formats for your HTML5 <video> - No File

BHO-X64: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No File

BHO-X64: NCO 2.0 IE BHO - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

BHO-X64: Ask Toolbar BHO - No File

BHO-X64: WebrootBHO Class: {D93EC24D-8741-4D41-B83D-A5793B998416} - C:\Program Files (x86)\Webroot\Security\current\plugins\browserextension\WebrootBHO.dll

BHO-X64: WRCommonBHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: Webroot Browser Helper Object: {e08861fe-8847-4b2a-8ec2-08edb20e4020} - C:\Program Files (x86)\Webroot\Security\current\products\WISE\toolbar\LPBar.dll

BHO-X64: Webroot Browser Helper Object - No File

BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll

TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll

TB-X64: Webroot Toolbar: {d84a64a0-f2b2-4975-b264-3a3bce8d57d6} - C:\Program Files (x86)\Webroot\Security\current\products\WISE\toolbar\LPBar.dll

TB-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

mRun-x64: [NDSTray.exe] NDSTray.exe

mRun-x64: [cfFncEnabler.exe] cfFncEnabler.exe

mRun-x64: [PCMAgent] "C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe"

mRun-x64: [CLMLServer] "C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe"

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"

mRun-x64: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start

mRun-x64: [WebrootTrayApp] "C:\Program Files (x86)\Webroot\Security\Current\Framework\WRTray.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [(Default)]

mRun-x64: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun-x64: [lxdnmon.exe] "C:\Program Files (x86) (x86)\Lexmark 2600 Series\lxdnmon.exe"

mRun-x64: [EzPrint] "C:\Program Files (x86) (x86)\Lexmark 2600 Series\ezprint.exe"

mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yqvhyd7h.default\

FF - prefs.js: browser.startup.homepage - www.google.com

FF - component: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yqvhyd7h.default\extensions\{7a2cadc6-0db8-43bb-a6e4-9d8bda6a254f}\platform\WINNT_x86-msvc\components\wrxpcom.dll

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll

FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll

FF - plugin: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll

FF - plugin: C:\Users\User\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yqvhyd7h.default\extensions\DeviceDetection@logitech.com\plugins\npLogitechDeviceDetection.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.homepage.dontask - true

============= SERVICES / DRIVERS ===============

.

R?2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\Windows\system32\DRIVERS\tos_sps64.sys --> C:\Windows\system32\DRIVERS\tos_sps64.sys [?]

R1 pwipf6;Privacyware Filter Driver;C:\Windows\system32\DRIVERS\pwipf6.sys --> C:\Windows\system32\DRIVERS\pwipf6.sys [?]

R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]

R2 lxdn_device;lxdn_device;C:\Windows\system32\lxdncoms.exe -service --> C:\Windows\system32\lxdncoms.exe -service [?]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-5-1 654408]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

R2 ssfmonm;ssfmonm;C:\Windows\system32\DRIVERS\ssfmonm.sys --> C:\Windows\system32\DRIVERS\ssfmonm.sys [?]

R2 WebrootSpySweeperService;Webroot Spy Sweeper Engine;C:\Program Files (x86)\Webroot\Security\Current\Plugins\AntiMalware\AEI.exe [2010-9-9 3872776]

R2 WRConsumerService;Webroot Client Service;C:\Program Files (x86)\Webroot\Security\Current\Framework\WRConsumerService.exe [2010-8-26 3066528]

R3 FwLnk;FwLnk Driver;C:\Windows\system32\DRIVERS\FwLnk.sys --> C:\Windows\system32\DRIVERS\FwLnk.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 NETwNv64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\NETwNv64.sys --> C:\Windows\system32\DRIVERS\NETwNv64.sys [?]

R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]

R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]

R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]

R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 CSIScanner;CSIScanner;"C:\Program Files\Prevx\prevx.exe" /service --> C:\Program Files\Prevx\prevx.exe [?]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-30 136176]

S3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;\??\C:\Windows\system32\drivers\BVRPMPR5a64.SYS --> C:\Windows\system32\drivers\BVRPMPR5a64.SYS [?]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-30 136176]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-5 129976]

S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]

S3 Revoflt;Revoflt;C:\Windows\system32\DRIVERS\revoflt.sys --> C:\Windows\system32\DRIVERS\revoflt.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]

S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-12-3 89920]

S4 ConfigFree Gadget Service;ConfigFree Gadget Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFProcSRVC.exe [2008-6-27 36864]

S4 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe [2008-7-10 40960]

S4 KR10I64;KR10I64;C:\Windows\system32\drivers\kr10i64.sys --> C:\Windows\system32\drivers\kr10i64.sys [?]

S4 KR10N64;KR10N64;C:\Windows\system32\drivers\kr10n64.sys --> C:\Windows\system32\drivers\kr10n64.sys [?]

S4 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]

S4 SmartFaceVWatchSrv;SmartFaceVWatchSrv;C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe [2008-4-24 84992]

S4 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2008-8-14 46392]

S4 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-3 175104]

.

=============== File Associations ===============

.

JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*

.

=============== Created Last 30 ================

.

2012-05-07 21:13:11 62976 ----a-w- C:\Windows\SysWow64\PxSecure.dll-93833634

2012-05-05 18:37:29 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service

2012-05-05 18:37:22 157352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe

2012-05-05 18:37:22 129976 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe

2012-05-04 06:53:59 8917360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{31B79148-1ADB-4433-A1E3-6E50B6D6819F}\mpengine.dll

2012-05-01 22:41:37 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-05-01 22:12:19 -------- d--h--w- C:\ProgramData\Common Files

2012-05-01 22:08:38 -------- d-----w- C:\ProgramData\MFAData

2012-04-26 22:36:39 -------- d-----w- C:\Users\User\AppData\Local\{4A48DC53-8FF0-11E1-826D-B8AC6F996F26}

2012-04-26 22:36:39 -------- d-----w- C:\Users\User\AppData\Local\{4A48A885-8FF0-11E1-826D-B8AC6F996F26}

2012-04-24 00:34:54 -------- d-----w- C:\Users\User\AppData\Roaming\Malwarebytes

2012-04-24 00:34:50 -------- d-----w- C:\ProgramData\Malwarebytes

2012-04-24 00:34:49 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-04-12 08:08:02 4699520 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-04-12 08:06:32 78848 ----a-w- C:\Windows\System32\imagehlp.dll

2012-04-12 08:06:32 5632 ----a-w- C:\Windows\System32\wmi.dll

2012-04-12 08:06:32 5120 ----a-w- C:\Windows\SysWow64\wmi.dll

2012-04-12 08:06:32 219136 ----a-w- C:\Windows\System32\wintrust.dll

2012-04-12 08:06:32 172032 ----a-w- C:\Windows\SysWow64\wintrust.dll

2012-04-12 08:06:32 16384 ----a-w- C:\Windows\System32\drivers\fs_rec.sys

2012-04-12 08:06:32 157696 ----a-w- C:\Windows\SysWow64\imagehlp.dll

.

==================== Find3M ====================

.

2012-02-28 11:30:48 916992 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-02-28 11:25:41 43520 ----a-w- C:\Windows\SysWow64\licmgr10.dll

2012-02-28 11:25:17 1469440 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-02-28 11:25:03 71680 ----a-w- C:\Windows\SysWow64\iesetup.dll

2012-02-28 11:25:03 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll

2012-02-28 10:07:57 385024 ----a-w- C:\Windows\SysWow64\html.iec

2012-02-28 08:12:52 133632 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-02-28 08:08:30 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-02-28 06:34:19 1147392 ----a-w- C:\Windows\System32\wininet.dll

2012-02-28 06:30:31 56832 ----a-w- C:\Windows\System32\licmgr10.dll

2012-02-28 06:30:17 1538560 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-02-28 06:30:01 77312 ----a-w- C:\Windows\System32\iesetup.dll

2012-02-28 06:30:01 132096 ----a-w- C:\Windows\System32\iesysprep.dll

2012-02-28 05:41:20 479232 ----a-w- C:\Windows\System32\html.iec

2012-02-28 05:00:09 162816 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-02-28 04:58:53 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2012-02-23 15:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe

2012-02-14 17:09:44 1070352 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX

2012-02-14 16:49:43 327680 ----a-w- C:\Windows\System32\d3d10_1core.dll

2012-02-14 16:49:43 196096 ----a-w- C:\Windows\System32\d3d10_1.dll

2012-02-14 15:45:30 219648 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll

2012-02-14 15:45:30 160768 ----a-w- C:\Windows\SysWow64\d3d10_1.dll

2012-02-13 14:38:31 2002944 ----a-w- C:\Windows\System32\d3d10warp.dll

2012-02-13 14:12:08 1172480 ----a-w- C:\Windows\SysWow64\d3d10warp.dll

2012-02-13 14:06:48 834048 ----a-w- C:\Windows\System32\d2d1.dll

2012-02-13 14:03:11 1555968 ----a-w- C:\Windows\System32\DWrite.dll

2012-02-13 13:47:57 683008 ----a-w- C:\Windows\SysWow64\d2d1.dll

2012-02-13 13:44:40 1068544 ----a-w- C:\Windows\SysWow64\DWrite.dll

2010-09-10 04:52:04 7089544 ----a-w- C:\Program Files (x86)\Common Files\wruninstall.exe

.

============= FINISH: 17:03:17.52 ===============

Link to post
Share on other sites

Welcome to the forum.

Before we proceed further, please uninstall BitTorrent and any other peer-to-peer filesharing app.

Continued use of filesharing or ill-advised downloads will surely re-infect your system.

Risks of File-Sharing Technology.

P2P file sharing: Know the risks

It's also against our policy:

http://forums.malwar...showtopic=97700

----------------------------------------

Please also uninstall these from your control panels add/remove programs:

Ask Toolbar

Ask Toolbar Updater

Java™ 6 Update 6

--------------------------------------

You have out date Java on the system, older versions are vulnerable to malware.

Java™ 6 Update 29 <----should be 32

Please go to your control panel > Java > Update Tab > Update Now

Here's the Java Update info:

java_update12.jpg

http://www.java.com/...d/installed.jsp <---verify your Java

-------------------------------------

Next......

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system (don't run any other options, they're not all bad!)

Post back the report.

MrC

Link to post
Share on other sites

I have removed Bittorent, Ask Toolbar, Ask Toolbar Updater, and Java 6 Update 6. Unfortunately I must have messed something up with Java and it wouldn't let me update, so I went and tried to download the version you told me (Java 6 Update 32), but it wouldn't work, so instead I downloaded the "lastest version" according to the Java website, which was Java 7 Update 4. Is this a problem?

Also my situation has deteriorated and Task Manager is now showing 11 iexplore.exe processes open, when it used to show only 2. Also, Firefox and Chrome would not allow me to open this forum or malwarebytes.org. Anyway I downloaded RogueKiller and here is the log:

RogueKiller V7.4.4 [05/08/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows Vista (6.0.6002 Service Pack 2) 64 bits version

Started in : Normal mode

User: User [Admin rights]

Mode: Scan -- Date: 05/09/2012 17:06:05

¤¤¤ Bad processes: 1 ¤¤¤

[sUSP PATH] bimys.exe -- C:\Users\User\AppData\Roaming\Ikils\bimys.exe -> KILLED [TermProc]

¤¤¤ Registry Entries: 8 ¤¤¤

[sUSP PATH] HKCU\[...]\Run : Askcom ("RUNDLL32.EXE" C:\Users\User\AppData\Local\Askcom\pjqdogmn.dll,UpdateWindowDlg) -> FOUND

[sUSP PATH] HKCU\[...]\Run : Keeqnyr (C:\Users\User\AppData\Roaming\Ikils\bimys.exe) -> FOUND

[sUSP PATH] HKUS\S-1-5-21-1495340077-3318051157-4031678959-1000[...]\Run : Askcom ("RUNDLL32.EXE" C:\Users\User\AppData\Local\Askcom\pjqdogmn.dll,UpdateWindowDlg) -> FOUND

[sUSP PATH] HKUS\S-1-5-21-1495340077-3318051157-4031678959-1000[...]\Run : Keeqnyr (C:\Users\User\AppData\Roaming\Ikils\bimys.exe) -> FOUND

[PROXY IE] HKCU\[...]\Internet Settings : ProxyEnable (1) -> FOUND

[HJ] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

127.0.0.1 localhost

::1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD3200BEVS-26VAT0 +++++

--- User ---

[MBR] bb3a41f32da03fc492aa2de0e48477d5

[bSP] ae587c3a91ec2690d12d86766f23480d : Windows Vista MBR Code

Partition table:

0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 295622 Mo

2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 608507904 | Size: 8122 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

Link to post
Share on other sites

OK, run RogueKiller again and click Scan

When the scan completes > click on the Bad processes tab

Put a check next to all of these and uncheck the rest:

¤¤¤ Bad processes: 1 ¤¤¤

[sUSP PATH] bimys.exe -- C:\Users\User\AppData\Roaming\Ikils\bimys.exe -> KILLED [TermProc]

Now click Delete on the left hand column.

---------------------

Repeat the process for these

Click on the Registry Entries > put a check next to these and uncheck the rest

Click on Delete

¤¤¤ Registry Entries: 8 ¤¤¤

[sUSP PATH] HKCU\[...]\Run : Askcom ("RUNDLL32.EXE" C:\Users\User\AppData\Local\Askcom\pjqdogmn.dll,UpdateWindowDlg) -> FOUND

[sUSP PATH] HKCU\[...]\Run : Keeqnyr (C:\Users\User\AppData\Roaming\Ikils\bimys.exe) -> FOUND

[sUSP PATH] HKUS\S-1-5-21-1495340077-3318051157-4031678959-1000[...]\Run : Askcom ("RUNDLL32.EXE" C:\Users\User\AppData\Local\Askcom\pjqdogmn.dll,UpdateWindowDlg) -> FOUND

[sUSP PATH] HKUS\S-1-5-21-1495340077-3318051157-4031678959-1000[...]\Run : Keeqnyr (C:\Users\User\AppData\Roaming\Ikils\bimys.exe) -> FOUND

[PROXY IE] HKCU\[...]\Internet Settings : ProxyEnable (1) -> FOUND

[HJ] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

-----------------------------

Then..........

Please make sure system restore is running and create a new restore point before continuing.

XP <===> Vista & W7

XP users > please back up the registry using ERUNT.

-----------------------------------------

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

tdss_1.jpg

-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

tdss_2.jpg

------------------------

Click the Start Scan button.

tdss_3.jpg

-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose delete.

tdss_4.jpg

----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

tdss_5.jpg

--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose delete.

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

MrC

Link to post
Share on other sites

First I will say it's worth noting that RogueKiller did not remove ProxyIE under the Proxy tab, but I did delete the rest as you asked.

Other than that, I created the restore point and downloaded and ran Kapersky, and it found 7 threats, but they were all UnsignedFile.MultiGeneric so I pressed Skip for all of them.

Here is the log:

17:45:07.0944 5212 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18

17:45:09.0963 5212 ============================================================

17:45:09.0963 5212 Current date / time: 2012/05/09 17:45:09.0963

17:45:09.0963 5212 SystemInfo:

17:45:09.0964 5212

17:45:09.0964 5212 OS Version: 6.0.6002 ServicePack: 2.0

17:45:09.0964 5212 Product type: Workstation

17:45:09.0964 5212 ComputerName: USER-PC

17:45:09.0964 5212 UserName: User

17:45:09.0964 5212 Windows directory: C:\Windows

17:45:09.0964 5212 System windows directory: C:\Windows

17:45:09.0964 5212 Running under WOW64

17:45:09.0964 5212 Processor architecture: Intel x64

17:45:09.0964 5212 Number of processors: 2

17:45:09.0964 5212 Page size: 0x1000

17:45:09.0964 5212 Boot type: Normal boot

17:45:09.0964 5212 ============================================================

17:45:10.0893 5212 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

17:45:10.0901 5212 ============================================================

17:45:10.0901 5212 \Device\Harddisk0\DR0:

17:45:10.0901 5212 MBR partitions:

17:45:10.0901 5212 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x24163000

17:45:10.0901 5212 ============================================================

17:45:10.0931 5212 C: <-> \Device\Harddisk0\DR0\Partition0

17:45:10.0931 5212 ============================================================

17:45:10.0931 5212 Initialize success

17:45:10.0931 5212 ============================================================

17:46:17.0615 6244 ============================================================

17:46:17.0615 6244 Scan started

17:46:17.0615 6244 Mode: Manual;

17:46:17.0615 6244 ============================================================

17:46:18.0084 6244 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys

17:46:18.0095 6244 ACPI - ok

17:46:18.0207 6244 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys

17:46:18.0251 6244 adp94xx - ok

17:46:18.0347 6244 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys

17:46:18.0379 6244 adpahci - ok

17:46:18.0417 6244 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys

17:46:18.0431 6244 adpu160m - ok

17:46:18.0481 6244 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys

17:46:18.0524 6244 adpu320 - ok

17:46:18.0569 6244 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll

17:46:18.0571 6244 AeLookupSvc - ok

17:46:18.0647 6244 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys

17:46:18.0666 6244 AFD - ok

17:46:18.0720 6244 AgereModemAudio (8b0d8b5bafd4c9d57b41426bc68b32f9) C:\Windows\system32\agr64svc.exe

17:46:18.0722 6244 AgereModemAudio - ok

17:46:18.0875 6244 AgereSoftModem (3627a62b10284ffbf862bfd49928edf4) C:\Windows\system32\DRIVERS\agrsm64.sys

17:46:18.0936 6244 AgereSoftModem - ok

17:46:18.0965 6244 Scan interrupted by user!

17:46:18.0965 6244 Scan interrupted by user!

17:46:18.0965 6244 Scan interrupted by user!

17:46:18.0965 6244 ============================================================

17:46:18.0965 6244 Scan finished

17:46:18.0965 6244 ============================================================

17:46:18.0986 6664 Detected object count: 0

17:46:18.0986 6664 Actual detected object count: 0

17:46:39.0613 4516 ============================================================

17:46:39.0613 4516 Scan started

17:46:39.0613 4516 Mode: Manual; SigCheck; TDLFS;

17:46:39.0613 4516 ============================================================

17:46:39.0929 4516 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys

17:46:40.0134 4516 ACPI - ok

17:46:40.0249 4516 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys

17:46:40.0306 4516 adp94xx - ok

17:46:40.0364 4516 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys

17:46:40.0397 4516 adpahci - ok

17:46:40.0449 4516 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys

17:46:40.0475 4516 adpu160m - ok

17:46:40.0517 4516 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys

17:46:40.0544 4516 adpu320 - ok

17:46:40.0583 4516 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll

17:46:40.0789 4516 AeLookupSvc - ok

17:46:40.0850 4516 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys

17:46:41.0010 4516 AFD - ok

17:46:41.0055 4516 AgereModemAudio (8b0d8b5bafd4c9d57b41426bc68b32f9) C:\Windows\system32\agr64svc.exe

17:46:41.0141 4516 AgereModemAudio - ok

17:46:41.0348 4516 AgereSoftModem (3627a62b10284ffbf862bfd49928edf4) C:\Windows\system32\DRIVERS\agrsm64.sys

17:46:41.0458 4516 AgereSoftModem - ok

17:46:41.0504 4516 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys

17:46:41.0530 4516 agp440 - ok

17:46:41.0573 4516 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys

17:46:41.0612 4516 aic78xx - ok

17:46:41.0648 4516 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe

17:46:41.0918 4516 ALG - ok

17:46:41.0966 4516 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys

17:46:41.0988 4516 aliide - ok

17:46:42.0006 4516 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys

17:46:42.0029 4516 amdide - ok

17:46:42.0069 4516 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys

17:46:42.0161 4516 AmdK8 - ok

17:46:42.0262 4516 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll

17:46:42.0350 4516 Appinfo - ok

17:46:42.0478 4516 Apple Mobile Device (018857ead9a077a56aedfc0e5ef7a24a) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

17:46:42.0498 4516 Apple Mobile Device - ok

17:46:42.0556 4516 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys

17:46:42.0594 4516 arc - ok

17:46:42.0640 4516 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys

17:46:42.0678 4516 arcsas - ok

17:46:42.0699 4516 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys

17:46:42.0790 4516 AsyncMac - ok

17:46:42.0828 4516 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys

17:46:42.0852 4516 atapi - ok

17:46:42.0988 4516 Ati External Event Utility (673d134d1ef8b163e181939f5611bbd4) C:\Windows\system32\Ati2evxx.exe

17:46:43.0163 4516 Ati External Event Utility - ok

17:46:43.0617 4516 atikmdag (d51496a88a183b5363ac6651ea703434) C:\Windows\system32\DRIVERS\atikmdag.sys

17:46:43.0962 4516 atikmdag - ok

17:46:44.0171 4516 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll

17:46:44.0343 4516 AudioEndpointBuilder - ok

17:46:44.0352 4516 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll

17:46:44.0418 4516 AudioSrv - ok

17:46:44.0507 4516 BFE (ffb96c2589ffa60473ead78b39fbde29) C:\Windows\System32\bfe.dll

17:46:44.0625 4516 BFE - ok

17:46:44.0784 4516 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\System32\qmgr.dll

17:46:45.0010 4516 BITS - ok

17:46:45.0098 4516 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys

17:46:45.0205 4516 blbdrive - ok

17:46:45.0339 4516 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

17:46:45.0425 4516 Bonjour Service - ok

17:46:45.0458 4516 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys

17:46:45.0552 4516 bowser - ok

17:46:45.0616 4516 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys

17:46:45.0687 4516 BrFiltLo - ok

17:46:45.0714 4516 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys

17:46:45.0789 4516 BrFiltUp - ok

17:46:45.0853 4516 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll

17:46:45.0928 4516 Browser - ok

17:46:45.0960 4516 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys

17:46:46.0199 4516 Brserid - ok

17:46:46.0260 4516 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys

17:46:46.0410 4516 BrSerWdm - ok

17:46:46.0455 4516 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys

17:46:46.0577 4516 BrUsbMdm - ok

17:46:46.0597 4516 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys

17:46:46.0710 4516 BrUsbSer - ok

17:46:46.0762 4516 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys

17:46:46.0881 4516 BTHMODEM - ok

17:46:46.0949 4516 BVRPMPR5a64 (9887ca12f407d7fbc7f48f3678f5f0b6) C:\Windows\system32\drivers\BVRPMPR5a64.SYS

17:46:47.0017 4516 BVRPMPR5a64 - ok

17:46:47.0052 4516 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys

17:46:47.0179 4516 cdfs - ok

17:46:47.0248 4516 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys

17:46:47.0351 4516 cdrom - ok

17:46:47.0419 4516 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll

17:46:47.0525 4516 CertPropSvc - ok

17:46:47.0603 4516 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys

17:46:47.0699 4516 circlass - ok

17:46:47.0770 4516 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys

17:46:47.0876 4516 CLFS - ok

17:46:47.0964 4516 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

17:46:47.0987 4516 clr_optimization_v2.0.50727_32 - ok

17:46:48.0060 4516 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

17:46:48.0082 4516 clr_optimization_v2.0.50727_64 - ok

17:46:48.0179 4516 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

17:46:48.0220 4516 clr_optimization_v4.0.30319_32 - ok

17:46:48.0291 4516 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

17:46:48.0359 4516 clr_optimization_v4.0.30319_64 - ok

17:46:48.0433 4516 CmBatt (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys

17:46:48.0530 4516 CmBatt - ok

17:46:48.0554 4516 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys

17:46:48.0576 4516 cmdide - ok

17:46:48.0630 4516 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys

17:46:48.0653 4516 Compbatt - ok

17:46:48.0658 4516 COMSysApp - ok

17:46:48.0750 4516 ConfigFree Gadget Service (b9d3d216c66e0cd37478f5e5778aa35b) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe

17:46:48.0792 4516 ConfigFree Gadget Service ( UnsignedFile.Multi.Generic ) - warning

17:46:48.0792 4516 ConfigFree Gadget Service - detected UnsignedFile.Multi.Generic (1)

17:46:48.0829 4516 ConfigFree Service (c508b28b9da7563634a2a2b2eef4395d) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe

17:46:48.0858 4516 ConfigFree Service ( UnsignedFile.Multi.Generic ) - warning

17:46:48.0858 4516 ConfigFree Service - detected UnsignedFile.Multi.Generic (1)

17:46:48.0865 4516 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys

17:46:48.0890 4516 crcdisk - ok

17:46:49.0021 4516 CryptSvc (18918613e63f387cde4d95ca7d49dcf7) C:\Windows\system32\cryptsvc.dll

17:46:49.0119 4516 CryptSvc - ok

17:46:49.0306 4516 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

17:46:49.0367 4516 cvhsvc - ok

17:46:49.0496 4516 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll

17:46:49.0632 4516 DcomLaunch - ok

17:46:49.0734 4516 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys

17:46:49.0813 4516 DfsC - ok

17:46:50.0222 4516 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe

17:46:50.0502 4516 DFSR - ok

17:46:50.0661 4516 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll

17:46:50.0775 4516 Dhcp - ok

17:46:50.0856 4516 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys

17:46:50.0882 4516 disk - ok

17:46:50.0938 4516 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll

17:46:50.0997 4516 Dnscache - ok

17:46:51.0039 4516 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll

17:46:51.0180 4516 dot3svc - ok

17:46:51.0222 4516 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll

17:46:51.0349 4516 DPS - ok

17:46:51.0397 4516 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys

17:46:51.0476 4516 drmkaud - ok

17:46:51.0616 4516 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys

17:46:51.0744 4516 DXGKrnl - ok

17:46:51.0785 4516 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys

17:46:51.0880 4516 E1G60 - ok

17:46:51.0934 4516 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll

17:46:52.0024 4516 EapHost - ok

17:46:52.0087 4516 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys

17:46:52.0162 4516 Ecache - ok

17:46:52.0238 4516 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe

17:46:52.0302 4516 ehRecvr - ok

17:46:52.0379 4516 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe

17:46:52.0446 4516 ehSched - ok

17:46:52.0486 4516 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll

17:46:52.0567 4516 ehstart - ok

17:46:52.0681 4516 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys

17:46:52.0721 4516 elxstor - ok

17:46:52.0804 4516 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll

17:46:52.0931 4516 EMDMgmt - ok

17:46:52.0975 4516 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys

17:46:53.0079 4516 ErrDev - ok

17:46:53.0189 4516 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll

17:46:53.0290 4516 EventSystem - ok

17:46:53.0551 4516 EvtEng (f7bf273af871315560bce41643af104d) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

17:46:53.0714 4516 EvtEng - ok

17:46:53.0899 4516 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys

17:46:54.0017 4516 exfat - ok

17:46:54.0080 4516 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys

17:46:54.0151 4516 fastfat - ok

17:46:54.0232 4516 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys

17:46:54.0292 4516 fdc - ok

17:46:54.0321 4516 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll

17:46:54.0407 4516 fdPHost - ok

17:46:54.0461 4516 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll

17:46:54.0595 4516 FDResPub - ok

17:46:54.0632 4516 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys

17:46:54.0657 4516 FileInfo - ok

17:46:54.0689 4516 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys

17:46:54.0750 4516 Filetrace - ok

17:46:54.0774 4516 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

17:46:54.0864 4516 flpydisk - ok

17:46:54.0946 4516 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys

17:46:54.0990 4516 FltMgr - ok

17:46:55.0191 4516 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll

17:46:55.0354 4516 FontCache - ok

17:46:55.0412 4516 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

17:46:55.0432 4516 FontCache3.0.0.0 - ok

17:46:55.0514 4516 Fs_Rec (5779b86cd8b32519fbecb136394d946a) C:\Windows\system32\drivers\Fs_Rec.sys

17:46:55.0585 4516 Fs_Rec - ok

17:46:55.0675 4516 FwLnk (6d06b5eebba23c16789efc820ee1f253) C:\Windows\system32\DRIVERS\FwLnk.sys

17:46:55.0746 4516 FwLnk - ok

17:46:55.0807 4516 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys

17:46:55.0832 4516 gagp30kx - ok

17:46:55.0884 4516 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\Drivers\GEARAspiWDM.sys

17:46:55.0902 4516 GEARAspiWDM - ok

17:46:56.0122 4516 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll

17:46:56.0207 4516 gpsvc - ok

17:46:56.0291 4516 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

17:46:56.0322 4516 gupdate - ok

17:46:56.0368 4516 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

17:46:56.0387 4516 gupdatem - ok

17:46:56.0466 4516 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys

17:46:56.0635 4516 HdAudAddService - ok

17:46:56.0774 4516 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys

17:46:56.0936 4516 HDAudBus - ok

17:46:56.0969 4516 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys

17:46:57.0091 4516 HidBth - ok

17:46:57.0142 4516 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys

17:46:57.0258 4516 HidIr - ok

17:46:57.0304 4516 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\system32\hidserv.dll

17:46:57.0380 4516 hidserv - ok

17:46:57.0465 4516 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys

17:46:57.0537 4516 HidUsb - ok

17:46:57.0602 4516 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll

17:46:57.0730 4516 hkmsvc - ok

17:46:57.0763 4516 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys

17:46:57.0787 4516 HpCISSs - ok

17:46:57.0880 4516 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys

17:46:58.0039 4516 HTTP - ok

17:46:58.0062 4516 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys

17:46:58.0086 4516 i2omp - ok

17:46:58.0118 4516 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys

17:46:58.0187 4516 i8042prt - ok

17:46:58.0285 4516 iaStor (fc28e90f2204d8fd147fa9bfa8a51c01) C:\Windows\system32\DRIVERS\iaStor.sys

17:46:58.0319 4516 iaStor - ok

17:46:58.0360 4516 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys

17:46:58.0408 4516 iaStorV - ok

17:46:58.0549 4516 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

17:46:58.0577 4516 IDriverT ( UnsignedFile.Multi.Generic ) - warning

17:46:58.0577 4516 IDriverT - detected UnsignedFile.Multi.Generic (1)

17:46:58.0767 4516 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

17:46:58.0855 4516 idsvc - ok

17:46:58.0899 4516 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys

17:46:58.0921 4516 iirsp - ok

17:46:58.0988 4516 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll

17:46:59.0124 4516 IKEEXT - ok

17:46:59.0322 4516 IntcAzAudAddService (1835b384d2d66752ed1460e9085230bd) C:\Windows\system32\drivers\RTKVHD64.sys

17:46:59.0483 4516 IntcAzAudAddService - ok

17:46:59.0696 4516 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys

17:46:59.0719 4516 intelide - ok

17:46:59.0753 4516 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys

17:46:59.0842 4516 intelppm - ok

17:46:59.0891 4516 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll

17:47:00.0014 4516 IPBusEnum - ok

17:47:00.0061 4516 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys

17:47:00.0154 4516 IpFilterDriver - ok

17:47:00.0227 4516 iphlpsvc (bf0dbfa9792c5c14fa00f61c75116c1b) C:\Windows\System32\iphlpsvc.dll

17:47:00.0356 4516 iphlpsvc - ok

17:47:00.0361 4516 IpInIp - ok

17:47:00.0392 4516 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys

17:47:00.0455 4516 IPMIDRV - ok

17:47:00.0518 4516 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys

17:47:00.0644 4516 IPNAT - ok

17:47:00.0817 4516 iPod Service (e94503089df8976f5c4c9d5168e9765f) C:\Program Files\iPod\bin\iPodService.exe

17:47:00.0924 4516 iPod Service - ok

17:47:00.0953 4516 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys

17:47:01.0035 4516 IRENUM - ok

17:47:01.0081 4516 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys

17:47:01.0104 4516 isapnp - ok

17:47:01.0152 4516 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys

17:47:01.0186 4516 iScsiPrt - ok

17:47:01.0213 4516 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys

17:47:01.0235 4516 iteatapi - ok

17:47:01.0319 4516 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys

17:47:01.0341 4516 iteraid - ok

17:47:01.0378 4516 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys

17:47:01.0401 4516 kbdclass - ok

17:47:01.0408 4516 kbdhid (bf8783a5066cfecf45095459e8010fa7) C:\Windows\system32\DRIVERS\kbdhid.sys

17:47:01.0496 4516 kbdhid - ok

17:47:01.0560 4516 KeyIso (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe

17:47:01.0656 4516 KeyIso - ok

17:47:01.0706 4516 KR10I64 (7c999f96b239e214154db3c808e6736a) C:\Windows\system32\drivers\kr10i64.sys

17:47:01.0814 4516 KR10I64 - ok

17:47:01.0854 4516 KR10N64 (8cb9a9164d4e789424f943fa718fa3f2) C:\Windows\system32\drivers\kr10n64.sys

17:47:01.0917 4516 KR10N64 - ok

17:47:02.0003 4516 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys

17:47:02.0105 4516 KSecDD - ok

17:47:02.0141 4516 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys

17:47:02.0230 4516 ksthunk - ok

17:47:02.0323 4516 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll

17:47:02.0474 4516 KtmRm - ok

17:47:02.0578 4516 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\system32\srvsvc.dll

17:47:02.0697 4516 LanmanServer - ok

17:47:02.0804 4516 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll

17:47:02.0886 4516 LanmanWorkstation - ok

17:47:02.0940 4516 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys

17:47:03.0042 4516 lltdio - ok

17:47:03.0114 4516 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll

17:47:03.0258 4516 lltdsvc - ok

17:47:03.0286 4516 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll

17:47:03.0372 4516 lmhosts - ok

17:47:03.0433 4516 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys

17:47:03.0469 4516 LSI_FC - ok

17:47:03.0507 4516 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys

17:47:03.0556 4516 LSI_SAS - ok

17:47:03.0610 4516 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys

17:47:03.0646 4516 LSI_SCSI - ok

17:47:03.0690 4516 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys

17:47:03.0811 4516 luafv - ok

17:47:03.0842 4516 lxdn_device - ok

17:47:03.0889 4516 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys

17:47:03.0912 4516 MBAMProtector - ok

17:47:04.0044 4516 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

17:47:04.0089 4516 MBAMService - ok

17:47:04.0196 4516 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe

17:47:04.0222 4516 McComponentHostService - ok

17:47:04.0274 4516 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll

17:47:04.0301 4516 Mcx2Svc - ok

17:47:04.0376 4516 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys

17:47:04.0399 4516 megasas - ok

17:47:04.0462 4516 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys

17:47:04.0517 4516 MegaSR - ok

17:47:04.0616 4516 Microsoft SharePoint Workspace Audit Service - ok

17:47:04.0647 4516 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll

17:47:04.0746 4516 MMCSS - ok

17:47:04.0778 4516 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys

17:47:04.0862 4516 Modem - ok

17:47:04.0913 4516 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys

17:47:04.0975 4516 monitor - ok

17:47:05.0012 4516 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys

17:47:05.0035 4516 mouclass - ok

17:47:05.0069 4516 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys

17:47:05.0159 4516 mouhid - ok

17:47:05.0176 4516 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys

17:47:05.0201 4516 MountMgr - ok

17:47:05.0284 4516 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

17:47:05.0307 4516 MozillaMaintenance - ok

17:47:05.0357 4516 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys

17:47:05.0393 4516 mpio - ok

17:47:05.0421 4516 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys

17:47:05.0496 4516 mpsdrv - ok

17:47:05.0626 4516 MpsSvc (897e3baf68ba406a61682ae39c83900c) C:\Windows\system32\mpssvc.dll

17:47:05.0763 4516 MpsSvc - ok

17:47:05.0824 4516 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys

17:47:05.0847 4516 Mraid35x - ok

17:47:05.0893 4516 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys

17:47:05.0980 4516 MRxDAV - ok

17:47:06.0033 4516 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys

17:47:06.0093 4516 mrxsmb - ok

17:47:06.0149 4516 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys

17:47:06.0291 4516 mrxsmb10 - ok

17:47:06.0342 4516 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys

17:47:06.0412 4516 mrxsmb20 - ok

17:47:06.0463 4516 msahci (730b784962d22d2c6481eae2370e7c8c) C:\Windows\system32\drivers\msahci.sys

17:47:06.0487 4516 msahci - ok

17:47:06.0530 4516 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys

17:47:06.0566 4516 msdsm - ok

17:47:06.0614 4516 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe

17:47:06.0730 4516 MSDTC - ok

17:47:06.0754 4516 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys

17:47:06.0848 4516 Msfs - ok

17:47:06.0905 4516 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys

17:47:06.0928 4516 msisadrv - ok

17:47:06.0985 4516 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll

17:47:07.0146 4516 MSiSCSI - ok

17:47:07.0152 4516 msiserver - ok

17:47:07.0196 4516 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys

17:47:07.0282 4516 MSKSSRV - ok

17:47:07.0331 4516 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys

17:47:07.0422 4516 MSPCLOCK - ok

17:47:07.0456 4516 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys

17:47:07.0517 4516 MSPQM - ok

17:47:07.0607 4516 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys

17:47:07.0672 4516 MsRPC - ok

17:47:07.0723 4516 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys

17:47:07.0747 4516 mssmbios - ok

17:47:07.0776 4516 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys

17:47:07.0900 4516 MSTEE - ok

17:47:07.0934 4516 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys

17:47:07.0960 4516 Mup - ok

17:47:08.0021 4516 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll

17:47:08.0083 4516 napagent - ok

17:47:08.0142 4516 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys

17:47:08.0213 4516 NativeWifiP - ok

17:47:08.0373 4516 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys

17:47:08.0456 4516 NDIS - ok

17:47:08.0491 4516 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys

17:47:08.0568 4516 NdisTapi - ok

17:47:08.0576 4516 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys

17:47:08.0680 4516 Ndisuio - ok

17:47:08.0734 4516 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys

17:47:08.0862 4516 NdisWan - ok

17:47:08.0901 4516 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys

17:47:08.0979 4516 NDProxy - ok

17:47:09.0009 4516 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys

17:47:09.0121 4516 NetBIOS - ok

17:47:09.0199 4516 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys

17:47:09.0297 4516 netbt - ok

17:47:09.0342 4516 Netlogon (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe

17:47:09.0370 4516 Netlogon - ok

17:47:09.0447 4516 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll

17:47:09.0560 4516 Netman - ok

17:47:09.0610 4516 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll

17:47:09.0735 4516 netprofm - ok

17:47:09.0809 4516 NetTcpPortSharing (74751dda198165947fd7454d83f49825) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

17:47:09.0844 4516 NetTcpPortSharing - ok

17:47:09.0855 4516 NETw5v64 - ok

17:47:10.0819 4516 NETwNv64 (6b138b65b531c3a2380becabef0b6157) C:\Windows\system32\DRIVERS\NETwNv64.sys

17:47:11.0680 4516 NETwNv64 - ok

17:47:11.0859 4516 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys

17:47:11.0882 4516 nfrd960 - ok

17:47:11.0966 4516 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll

17:47:12.0109 4516 NlaSvc - ok

17:47:12.0154 4516 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys

17:47:12.0227 4516 Npfs - ok

17:47:12.0254 4516 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll

17:47:12.0344 4516 nsi - ok

17:47:12.0370 4516 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys

17:47:12.0462 4516 nsiproxy - ok

17:47:12.0663 4516 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys

17:47:12.0786 4516 Ntfs - ok

17:47:12.0987 4516 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys

17:47:13.0077 4516 Null - ok

17:47:13.0118 4516 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys

17:47:13.0145 4516 nvraid - ok

17:47:13.0181 4516 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys

17:47:13.0210 4516 nvstor - ok

17:47:13.0242 4516 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys

17:47:13.0268 4516 nv_agp - ok

17:47:13.0274 4516 NwlnkFlt - ok

17:47:13.0282 4516 NwlnkFwd - ok

17:47:13.0326 4516 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys

17:47:13.0402 4516 ohci1394 - ok

17:47:13.0502 4516 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

17:47:13.0534 4516 ose - ok

17:47:14.0161 4516 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

17:47:14.0480 4516 osppsvc - ok

17:47:14.0731 4516 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll

17:47:14.0879 4516 p2pimsvc - ok

17:47:14.0893 4516 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll

17:47:14.0945 4516 p2psvc - ok

17:47:14.0998 4516 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys

17:47:15.0133 4516 Parport - ok

17:47:15.0182 4516 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys

17:47:15.0210 4516 partmgr - ok

17:47:15.0256 4516 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll

17:47:15.0324 4516 PcaSvc - ok

17:47:15.0378 4516 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys

17:47:15.0413 4516 pci - ok

17:47:15.0441 4516 pciide (8d618c829034479985a9ed56106cc732) C:\Windows\system32\DRIVERS\pciide.sys

17:47:15.0462 4516 pciide - ok

17:47:15.0506 4516 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys

17:47:15.0537 4516 pcmcia - ok

17:47:15.0633 4516 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys

17:47:15.0835 4516 PEAUTH - ok

17:47:15.0970 4516 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe

17:47:16.0054 4516 PerfHost - ok

17:47:16.0238 4516 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll

17:47:16.0450 4516 pla - ok

17:47:16.0518 4516 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll

17:47:16.0614 4516 PlugPlay - ok

17:47:16.0777 4516 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll

17:47:16.0824 4516 PNRPAutoReg - ok

17:47:16.0837 4516 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll

17:47:16.0884 4516 PNRPsvc - ok

17:47:16.0958 4516 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll

17:47:17.0101 4516 PolicyAgent - ok

17:47:17.0186 4516 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys

17:47:17.0289 4516 PptpMiniport - ok

17:47:17.0331 4516 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys

17:47:17.0424 4516 Processor - ok

17:47:17.0509 4516 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll

17:47:17.0629 4516 ProfSvc - ok

17:47:17.0656 4516 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe

17:47:17.0698 4516 ProtectedStorage - ok

17:47:17.0744 4516 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys

17:47:17.0803 4516 PSched - ok

17:47:17.0844 4516 pwipf6 (67c0ffa05e72b46534cbef9098be6765) C:\Windows\system32\DRIVERS\pwipf6.sys

17:47:17.0864 4516 pwipf6 - ok

17:47:18.0016 4516 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys

17:47:18.0161 4516 ql2300 - ok

17:47:18.0239 4516 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys

17:47:18.0273 4516 ql40xx - ok

17:47:18.0324 4516 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll

17:47:18.0420 4516 QWAVE - ok

17:47:18.0453 4516 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys

17:47:18.0505 4516 QWAVEdrv - ok

17:47:18.0541 4516 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys

17:47:18.0630 4516 RasAcd - ok

17:47:18.0691 4516 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll

17:47:18.0808 4516 RasAuto - ok

17:47:18.0876 4516 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys

17:47:18.0947 4516 Rasl2tp - ok

17:47:19.0010 4516 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll

17:47:19.0134 4516 RasMan - ok

17:47:19.0194 4516 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys

17:47:19.0284 4516 RasPppoe - ok

17:47:19.0334 4516 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys

17:47:19.0391 4516 RasSstp - ok

17:47:19.0463 4516 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys

17:47:19.0548 4516 rdbss - ok

17:47:19.0602 4516 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys

17:47:19.0665 4516 RDPCDD - ok

17:47:19.0726 4516 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys

17:47:19.0826 4516 rdpdr - ok

17:47:19.0832 4516 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys

17:47:19.0926 4516 RDPENCDD - ok

17:47:20.0006 4516 RDPWD (5c141fc457f1ac833664789235aca673) C:\Windows\system32\drivers\RDPWD.sys

17:47:20.0103 4516 RDPWD - ok

17:47:20.0271 4516 RegSrvc (92c422f8f0e6018ffc1c760b88a98eb3) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

17:47:20.0331 4516 RegSrvc - ok

17:47:20.0395 4516 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll

17:47:20.0501 4516 RemoteAccess - ok

17:47:20.0559 4516 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll

17:47:20.0652 4516 RemoteRegistry - ok

17:47:20.0760 4516 Revoflt (9c3ac71a9934b884fac567a8807e9c4d) C:\Windows\system32\DRIVERS\revoflt.sys

17:47:20.0779 4516 Revoflt - ok

17:47:20.0847 4516 rimmptsk (d13d70fac45fc1df69f88559b1f72f0a) C:\Windows\system32\DRIVERS\rimmpx64.sys

17:47:20.0926 4516 rimmptsk - ok

17:47:20.0950 4516 rimsptsk (bb9edc55b0b8cb4fcd713428820e0776) C:\Windows\system32\DRIVERS\rimspx64.sys

17:47:21.0011 4516 rimsptsk - ok

17:47:21.0029 4516 rismxdp (481c3fdeacaae04b74c58288dbc91df9) C:\Windows\system32\DRIVERS\rixdpx64.sys

17:47:21.0059 4516 rismxdp - ok

17:47:21.0093 4516 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe

17:47:21.0139 4516 RpcLocator - ok

17:47:21.0284 4516 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll

17:47:21.0369 4516 RpcSs - ok

17:47:21.0464 4516 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys

17:47:21.0530 4516 rspndr - ok

17:47:21.0593 4516 RTHDMIAzAudService (0328ffdf9d805723d0e420018136fa7b) C:\Windows\system32\drivers\RtHDMIVX.sys

17:47:21.0622 4516 RTHDMIAzAudService - ok

17:47:21.0690 4516 RTL8169 (bf55641fc2f759281b9bf59d5daa8fde) C:\Windows\system32\DRIVERS\Rtlh64.sys

17:47:21.0800 4516 RTL8169 - ok

17:47:21.0850 4516 SamSs (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe

17:47:21.0876 4516 SamSs - ok

17:47:21.0947 4516 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys

17:47:21.0983 4516 sbp2port - ok

17:47:22.0055 4516 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll

17:47:22.0141 4516 SCardSvr - ok

17:47:22.0306 4516 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll

17:47:22.0498 4516 Schedule - ok

17:47:22.0561 4516 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll

17:47:22.0608 4516 SCPolicySvc - ok

17:47:22.0720 4516 sdbus (be100bc2be2513314c717bb2c4cfff10) C:\Windows\system32\DRIVERS\sdbus.sys

17:47:22.0833 4516 sdbus - ok

17:47:22.0889 4516 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll

17:47:23.0015 4516 SDRSVC - ok

17:47:23.0045 4516 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

17:47:23.0137 4516 secdrv - ok

17:47:23.0167 4516 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll

17:47:23.0260 4516 seclogon - ok

17:47:23.0363 4516 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\System32\sens.dll

17:47:23.0470 4516 SENS - ok

17:47:23.0509 4516 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys

17:47:23.0626 4516 Serenum - ok

17:47:23.0715 4516 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys

17:47:23.0820 4516 Serial - ok

17:47:23.0848 4516 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys

17:47:23.0936 4516 sermouse - ok

17:47:23.0969 4516 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll

17:47:24.0087 4516 SessionEnv - ok

17:47:24.0148 4516 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys

17:47:24.0237 4516 sffdisk - ok

17:47:24.0275 4516 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys

17:47:24.0361 4516 sffp_mmc - ok

17:47:24.0382 4516 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys

17:47:24.0463 4516 sffp_sd - ok

17:47:24.0500 4516 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys

17:47:24.0620 4516 sfloppy - ok

17:47:24.0761 4516 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys

17:47:24.0822 4516 Sftfs - ok

17:47:24.0970 4516 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

17:47:25.0045 4516 sftlist - ok

17:47:25.0141 4516 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys

17:47:25.0210 4516 Sftplay - ok

17:47:25.0241 4516 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys

17:47:25.0261 4516 Sftredir - ok

17:47:25.0291 4516 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys

17:47:25.0312 4516 Sftvol - ok

17:47:25.0351 4516 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

17:47:25.0422 4516 sftvsa - ok

17:47:25.0480 4516 SharedAccess (4c5aee179da7e1ee9a9ccb9da289af34) C:\Windows\System32\ipnathlp.dll

17:47:25.0568 4516 SharedAccess - ok

17:47:25.0644 4516 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll

17:47:25.0771 4516 ShellHWDetection - ok

17:47:25.0800 4516 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys

17:47:25.0824 4516 SiSRaid2 - ok

17:47:25.0865 4516 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys

17:47:25.0915 4516 SiSRaid4 - ok

17:47:26.0208 4516 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe

17:47:26.0422 4516 slsvc - ok

17:47:26.0620 4516 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll

17:47:26.0717 4516 SLUINotify - ok

17:47:26.0849 4516 SmartFaceVWatchSrv (79ed2d6dec26e0fefb93ea21f09e6a51) C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe

17:47:26.0861 4516 SmartFaceVWatchSrv ( UnsignedFile.Multi.Generic ) - warning

17:47:26.0862 4516 SmartFaceVWatchSrv - detected UnsignedFile.Multi.Generic (1)

17:47:26.0974 4516 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys

17:47:27.0074 4516 Smb - ok

17:47:27.0129 4516 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe

17:47:27.0182 4516 SNMPTRAP - ok

17:47:27.0252 4516 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys

17:47:27.0277 4516 spldr - ok

17:47:27.0355 4516 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe

17:47:27.0499 4516 Spooler - ok

17:47:27.0586 4516 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys

17:47:27.0696 4516 srv - ok

17:47:27.0746 4516 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys

17:47:27.0800 4516 srv2 - ok

17:47:27.0854 4516 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys

17:47:27.0967 4516 srvnet - ok

17:47:28.0060 4516 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll

17:47:28.0189 4516 SSDPSRV - ok

17:47:28.0221 4516 ssfmonm (2c8842ac3fb749423311d934a3746fe2) C:\Windows\system32\DRIVERS\ssfmonm.sys

17:47:28.0242 4516 ssfmonm - ok

17:47:28.0279 4516 ssidrv (4a69c76bba285745a45045c4672f89c7) C:\Windows\system32\DRIVERS\ssidrv.sys

17:47:28.0332 4516 ssidrv - ok

17:47:28.0382 4516 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll

17:47:28.0446 4516 SstpSvc - ok

17:47:28.0556 4516 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll

17:47:28.0689 4516 stisvc - ok

17:47:28.0743 4516 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys

17:47:28.0764 4516 swenum - ok

17:47:28.0853 4516 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll

17:47:28.0937 4516 swprv - ok

17:47:28.0978 4516 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys

17:47:29.0001 4516 Symc8xx - ok

17:47:29.0031 4516 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys

17:47:29.0053 4516 Sym_hi - ok

17:47:29.0071 4516 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys

17:47:29.0093 4516 Sym_u3 - ok

17:47:29.0173 4516 SynTP (572438150fc79e41a0348e3dc56b1dd2) C:\Windows\system32\DRIVERS\SynTP.sys

17:47:29.0205 4516 SynTP - ok

17:47:29.0384 4516 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll

17:47:29.0549 4516 SysMain - ok

17:47:29.0587 4516 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll

17:47:29.0682 4516 TabletInputService - ok

17:47:29.0779 4516 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll

17:47:29.0860 4516 TapiSrv - ok

17:47:29.0892 4516 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll

17:47:30.0000 4516 TBS - ok

17:47:30.0217 4516 Tcpip (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\drivers\tcpip.sys

17:47:30.0381 4516 Tcpip - ok

17:47:30.0628 4516 Tcpip6 (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\DRIVERS\tcpip.sys

17:47:30.0722 4516 Tcpip6 - ok

17:47:30.0943 4516 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys

17:47:31.0022 4516 tcpipreg - ok

17:47:31.0079 4516 tdcmdpst (d45586a9facb2c9708b10e491ef748a6) C:\Windows\system32\DRIVERS\tdcmdpst.sys

17:47:31.0098 4516 tdcmdpst - ok

17:47:31.0159 4516 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys

17:47:31.0251 4516 TDPIPE - ok

17:47:31.0281 4516 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys

17:47:31.0368 4516 TDTCP - ok

17:47:31.0437 4516 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys

17:47:31.0543 4516 tdx - ok

17:47:31.0602 4516 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys

17:47:31.0628 4516 TermDD - ok

17:47:31.0713 4516 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll

17:47:31.0830 4516 TermService - ok

17:47:31.0903 4516 Themes (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll

17:47:31.0935 4516 Themes - ok

17:47:31.0974 4516 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll

17:47:32.0037 4516 THREADORDER - ok

17:47:32.0106 4516 TMachInfo (e09caafb2b323a6ff120cefb96da0a44) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

17:47:32.0125 4516 TMachInfo - ok

17:47:32.0204 4516 TNaviSrv (89f74c86523f5e334628dbce66e6d165) C:\Program Files (x86)\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe

17:47:32.0225 4516 TNaviSrv - ok

17:47:32.0301 4516 TODDSrv (19af3434564e973bc232bbd629ec2bf6) C:\Windows\system32\TODDSrv.exe

17:47:32.0324 4516 TODDSrv ( UnsignedFile.Multi.Generic ) - warning

17:47:32.0324 4516 TODDSrv - detected UnsignedFile.Multi.Generic (1)

17:47:32.0481 4516 TosCoSrv (e17a81e6ad0e89630a3b0f2ed5cbbdf5) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

17:47:32.0546 4516 TosCoSrv - ok

17:47:32.0662 4516 TOSHIBA Bluetooth Service (4e5a8546709591d31ba086ca2a69cecd) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

17:47:32.0685 4516 TOSHIBA Bluetooth Service - ok

17:47:32.0720 4516 TOSHIBA SMART Log Service (19d979b9f6373a7cb17ebb7594feb819) C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe

17:47:32.0760 4516 TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - warning

17:47:32.0760 4516 TOSHIBA SMART Log Service - detected UnsignedFile.Multi.Generic (1)

17:47:32.0814 4516 Tosrfcom - ok

17:47:32.0836 4516 tosrfec (9fb4aa68d4e833c795994513bc9e3aca) C:\Windows\system32\DRIVERS\tosrfec.sys

17:47:32.0909 4516 tosrfec - ok

17:47:33.0032 4516 tos_sps64 (dd50a5df5f7b29fdb6b5fea728c43dc3) C:\Windows\system32\DRIVERS\tos_sps64.sys

17:47:33.0113 4516 tos_sps64 - ok

17:47:33.0160 4516 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll

17:47:33.0305 4516 TrkWks - ok

17:47:33.0378 4516 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe

17:47:33.0449 4516 TrustedInstaller - ok

17:47:33.0492 4516 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys

17:47:33.0589 4516 tssecsrv - ok

17:47:33.0625 4516 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys

17:47:33.0709 4516 tunmp - ok

17:47:33.0744 4516 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys

17:47:33.0792 4516 tunnel - ok

17:47:33.0901 4516 TVALZ (9a744cc3d804ec38a6c2c65bc3c6fcd8) C:\Windows\system32\DRIVERS\TVALZ_O.SYS

17:47:33.0919 4516 TVALZ - ok

17:47:33.0965 4516 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys

17:47:33.0990 4516 uagp35 - ok

17:47:34.0045 4516 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys

17:47:34.0162 4516 udfs - ok

17:47:34.0217 4516 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe

17:47:34.0344 4516 UI0Detect - ok

17:47:34.0444 4516 UleadBurningHelper (332d341d92b933600d41953b08360dfb) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

17:47:34.0482 4516 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - warning

17:47:34.0482 4516 UleadBurningHelper - detected UnsignedFile.Multi.Generic (1)

17:47:34.0556 4516 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys

17:47:34.0582 4516 uliagpkx - ok

17:47:34.0624 4516 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys

17:47:34.0657 4516 uliahci - ok

17:47:34.0696 4516 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys

17:47:34.0729 4516 UlSata - ok

17:47:34.0763 4516 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys

17:47:34.0795 4516 ulsata2 - ok

17:47:34.0848 4516 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys

17:47:34.0909 4516 umbus - ok

17:47:34.0991 4516 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll

17:47:35.0085 4516 upnphost - ok

17:47:35.0154 4516 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys

17:47:35.0191 4516 USBAAPL64 - ok

17:47:35.0221 4516 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys

17:47:35.0291 4516 usbccgp - ok

17:47:35.0336 4516 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys

17:47:35.0452 4516 usbcir - ok

17:47:35.0490 4516 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys

17:47:35.0563 4516 usbehci - ok

17:47:35.0611 4516 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys

17:47:35.0697 4516 usbhub - ok

17:47:35.0726 4516 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys

17:47:35.0839 4516 usbohci - ok

17:47:35.0955 4516 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys

17:47:36.0016 4516 usbprint - ok

17:47:36.0121 4516 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys

17:47:36.0229 4516 usbscan - ok

17:47:36.0291 4516 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS

17:47:36.0340 4516 USBSTOR - ok

17:47:36.0381 4516 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys

17:47:36.0428 4516 usbuhci - ok

17:47:36.0503 4516 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys

17:47:36.0594 4516 usbvideo - ok

17:47:36.0640 4516 UVCFTR (56ed086f1300ecb1e6f67ac43955e5e9) C:\Windows\system32\Drivers\UVCFTR_S.SYS

17:47:36.0658 4516 UVCFTR - ok

17:47:36.0700 4516 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll

17:47:36.0749 4516 UxSms - ok

17:47:36.0822 4516 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe

17:47:36.0915 4516 vds - ok

17:47:36.0935 4516 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys

17:47:36.0997 4516 vga - ok

17:47:37.0011 4516 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys

17:47:37.0097 4516 VgaSave - ok

17:47:37.0128 4516 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys

17:47:37.0149 4516 viaide - ok

17:47:37.0196 4516 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys

17:47:37.0223 4516 volmgr - ok

17:47:37.0300 4516 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys

17:47:37.0359 4516 volmgrx - ok

17:47:37.0415 4516 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys

17:47:37.0477 4516 volsnap - ok

17:47:37.0508 4516 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys

17:47:37.0542 4516 vsmraid - ok

17:47:37.0744 4516 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe

17:47:37.0903 4516 VSS - ok

17:47:38.0104 4516 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll

17:47:38.0240 4516 W32Time - ok

17:47:38.0303 4516 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys

17:47:38.0427 4516 WacomPen - ok

17:47:38.0472 4516 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys

17:47:38.0564 4516 Wanarp - ok

17:47:38.0570 4516 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys

17:47:38.0618 4516 Wanarpv6 - ok

17:47:38.0735 4516 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll

17:47:38.0880 4516 wcncsvc - ok

17:47:38.0964 4516 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll

17:47:39.0060 4516 WcsPlugInService - ok

17:47:39.0120 4516 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys

17:47:39.0143 4516 Wd - ok

17:47:39.0279 4516 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys

17:47:39.0372 4516 Wdf01000 - ok

17:47:39.0413 4516 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll

17:47:39.0514 4516 WdiServiceHost - ok

17:47:39.0522 4516 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll

17:47:39.0586 4516 WdiSystemHost - ok

17:47:39.0648 4516 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll

17:47:39.0748 4516 WebClient - ok

17:47:40.0223 4516 WebrootSpySweeperService (74cbe3f3b912b7fc97e65e20385c5810) C:\Program Files (x86)\Webroot\Security\current\plugins\antimalware\AEI.exe

17:47:40.0415 4516 WebrootSpySweeperService - ok

17:47:40.0604 4516 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll

17:47:40.0691 4516 Wecsvc - ok

17:47:40.0726 4516 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll

17:47:40.0788 4516 wercplsupport - ok

17:47:40.0846 4516 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll

17:47:40.0963 4516 WerSvc - ok

17:47:41.0025 4516 WinDefend - ok

17:47:41.0039 4516 WinHttpAutoProxySvc - ok

17:47:41.0168 4516 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll

17:47:41.0264 4516 Winmgmt - ok

17:47:41.0508 4516 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll

17:47:41.0751 4516 WinRM - ok

17:47:41.0962 4516 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll

17:47:42.0104 4516 Wlansvc - ok

17:47:42.0382 4516 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

17:47:42.0628 4516 wlidsvc - ok

17:47:42.0814 4516 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys

17:47:42.0888 4516 WmiAcpi - ok

17:47:42.0974 4516 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe

17:47:43.0073 4516 wmiApSrv - ok

17:47:43.0111 4516 WMPNetworkSvc - ok

17:47:43.0159 4516 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll

17:47:43.0301 4516 WPCSvc - ok

17:47:43.0337 4516 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll

17:47:43.0435 4516 WPDBusEnum - ok

17:47:43.0483 4516 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys

17:47:43.0524 4516 WpdUsb - ok

17:47:43.0777 4516 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe

17:47:43.0902 4516 WPFFontCache_v0400 - ok

17:47:44.0398 4516 WRConsumerService (ff0115403517a1fd7619f73f4a6c331e) C:\Program Files (x86)\Webroot\Security\Current\Framework\WRConsumerService.exe

Link to post
Share on other sites

Post was too long and wouldn't let me post the whole thing. Here is the remainder of the log:

17:47:44.0635 4516 WRConsumerService - ok

17:47:44.0820 4516 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys

17:47:44.0903 4516 ws2ifsl - ok

17:47:44.0958 4516 wscsvc (9ea3e6d0ef7a5c2b9181961052a4b01a) C:\Windows\System32\wscsvc.dll

17:47:45.0002 4516 wscsvc - ok

17:47:45.0008 4516 WSearch - ok

17:47:45.0316 4516 wuauserv (fb3796754fe00f0bdc87a36f164a5f4d) C:\Windows\system32\wuaueng.dll

17:47:45.0488 4516 wuauserv - ok

17:47:45.0692 4516 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys

17:47:45.0809 4516 WUDFRd - ok

17:47:45.0870 4516 wudfsvc (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll

17:47:45.0948 4516 wudfsvc - ok

17:47:46.0135 4516 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

17:47:46.0199 4516 YahooAUService - ok

17:47:46.0242 4516 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0

17:47:46.0444 4516 \Device\Harddisk0\DR0 - ok

17:47:46.0450 4516 Boot (0x1200) (bfda696934bf2b1e81a5e9a81664075c) \Device\Harddisk0\DR0\Partition0

17:47:46.0452 4516 \Device\Harddisk0\DR0\Partition0 - ok

17:47:46.0454 4516 ============================================================

17:47:46.0454 4516 Scan finished

17:47:46.0454 4516 ============================================================

17:47:46.0475 6408 Detected object count: 7

17:47:46.0475 6408 Actual detected object count: 7

17:49:55.0004 6408 ConfigFree Gadget Service ( UnsignedFile.Multi.Generic ) - skipped by user

17:49:55.0004 6408 ConfigFree Gadget Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:49:55.0005 6408 ConfigFree Service ( UnsignedFile.Multi.Generic ) - skipped by user

17:49:55.0005 6408 ConfigFree Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:49:55.0005 6408 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

17:49:55.0005 6408 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:49:55.0009 6408 SmartFaceVWatchSrv ( UnsignedFile.Multi.Generic ) - skipped by user

17:49:55.0009 6408 SmartFaceVWatchSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:49:55.0011 6408 TODDSrv ( UnsignedFile.Multi.Generic ) - skipped by user

17:49:55.0011 6408 TODDSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:49:55.0014 6408 TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - skipped by user

17:49:55.0014 6408 TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:49:55.0015 6408 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - skipped by user

17:49:55.0015 6408 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:45:07.0944 5212 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18

17:45:09.0963 5212 ============================================================

17:45:09.0963 5212 Current date / time: 2012/05/09 17:45:09.0963

17:45:09.0963 5212 SystemInfo:

17:45:09.0964 5212

17:45:09.0964 5212 OS Version: 6.0.6002 ServicePack: 2.0

17:45:09.0964 5212 Product type: Workstation

17:45:09.0964 5212 ComputerName: USER-PC

17:45:09.0964 5212 UserName: User

17:45:09.0964 5212 Windows directory: C:\Windows

17:45:09.0964 5212 System windows directory: C:\Windows

17:45:09.0964 5212 Running under WOW64

17:45:09.0964 5212 Processor architecture: Intel x64

17:45:09.0964 5212 Number of processors: 2

17:45:09.0964 5212 Page size: 0x1000

17:45:09.0964 5212 Boot type: Normal boot

17:45:09.0964 5212 ============================================================

17:45:10.0893 5212 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

17:45:10.0901 5212 ============================================================

17:45:10.0901 5212 \Device\Harddisk0\DR0:

17:45:10.0901 5212 MBR partitions:

17:45:10.0901 5212 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x24163000

17:45:10.0901 5212 ============================================================

17:45:10.0931 5212 C: <-> \Device\Harddisk0\DR0\Partition0

17:45:10.0931 5212 ============================================================

17:45:10.0931 5212 Initialize success

17:45:10.0931 5212 ============================================================

17:46:17.0615 6244 ============================================================

17:46:17.0615 6244 Scan started

17:46:17.0615 6244 Mode: Manual;

17:46:17.0615 6244 ============================================================

17:46:18.0084 6244 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys

17:46:18.0095 6244 ACPI - ok

17:46:18.0207 6244 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys

17:46:18.0251 6244 adp94xx - ok

17:46:18.0347 6244 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys

17:46:18.0379 6244 adpahci - ok

17:46:18.0417 6244 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys

17:46:18.0431 6244 adpu160m - ok

17:46:18.0481 6244 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys

17:46:18.0524 6244 adpu320 - ok

17:46:18.0569 6244 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll

17:46:18.0571 6244 AeLookupSvc - ok

17:46:18.0647 6244 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys

17:46:18.0666 6244 AFD - ok

17:46:18.0720 6244 AgereModemAudio (8b0d8b5bafd4c9d57b41426bc68b32f9) C:\Windows\system32\agr64svc.exe

17:46:18.0722 6244 AgereModemAudio - ok

17:46:18.0875 6244 AgereSoftModem (3627a62b10284ffbf862bfd49928edf4) C:\Windows\system32\DRIVERS\agrsm64.sys

17:46:18.0936 6244 AgereSoftModem - ok

17:46:18.0965 6244 Scan interrupted by user!

17:46:18.0965 6244 Scan interrupted by user!

17:46:18.0965 6244 Scan interrupted by user!

17:46:18.0965 6244 ============================================================

17:46:18.0965 6244 Scan finished

17:46:18.0965 6244 ============================================================

17:46:18.0986 6664 Detected object count: 0

17:46:18.0986 6664 Actual detected object count: 0

17:46:39.0613 4516 ============================================================

17:46:39.0613 4516 Scan started

17:46:39.0613 4516 Mode: Manual; SigCheck; TDLFS;

17:46:39.0613 4516 ============================================================

17:46:39.0929 4516 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys

17:46:40.0134 4516 ACPI - ok

17:46:40.0249 4516 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys

17:46:40.0306 4516 adp94xx - ok

17:46:40.0364 4516 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys

17:46:40.0397 4516 adpahci - ok

17:46:40.0449 4516 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys

17:46:40.0475 4516 adpu160m - ok

17:46:40.0517 4516 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys

17:46:40.0544 4516 adpu320 - ok

17:46:40.0583 4516 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll

17:46:40.0789 4516 AeLookupSvc - ok

17:46:40.0850 4516 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys

17:46:41.0010 4516 AFD - ok

17:46:41.0055 4516 AgereModemAudio (8b0d8b5bafd4c9d57b41426bc68b32f9) C:\Windows\system32\agr64svc.exe

17:46:41.0141 4516 AgereModemAudio - ok

17:46:41.0348 4516 AgereSoftModem (3627a62b10284ffbf862bfd49928edf4) C:\Windows\system32\DRIVERS\agrsm64.sys

17:46:41.0458 4516 AgereSoftModem - ok

17:46:41.0504 4516 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys

17:46:41.0530 4516 agp440 - ok

17:46:41.0573 4516 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys

17:46:41.0612 4516 aic78xx - ok

17:46:41.0648 4516 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe

17:46:41.0918 4516 ALG - ok

17:46:41.0966 4516 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys

17:46:41.0988 4516 aliide - ok

17:46:42.0006 4516 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys

17:46:42.0029 4516 amdide - ok

17:46:42.0069 4516 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys

17:46:42.0161 4516 AmdK8 - ok

17:46:42.0262 4516 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll

17:46:42.0350 4516 Appinfo - ok

17:46:42.0478 4516 Apple Mobile Device (018857ead9a077a56aedfc0e5ef7a24a) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

17:46:42.0498 4516 Apple Mobile Device - ok

17:46:42.0556 4516 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys

17:46:42.0594 4516 arc - ok

17:46:42.0640 4516 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys

17:46:42.0678 4516 arcsas - ok

17:46:42.0699 4516 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys

17:46:42.0790 4516 AsyncMac - ok

17:46:42.0828 4516 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys

17:46:42.0852 4516 atapi - ok

17:46:42.0988 4516 Ati External Event Utility (673d134d1ef8b163e181939f5611bbd4) C:\Windows\system32\Ati2evxx.exe

17:46:43.0163 4516 Ati External Event Utility - ok

17:46:43.0617 4516 atikmdag (d51496a88a183b5363ac6651ea703434) C:\Windows\system32\DRIVERS\atikmdag.sys

17:46:43.0962 4516 atikmdag - ok

17:46:44.0171 4516 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll

17:46:44.0343 4516 AudioEndpointBuilder - ok

17:46:44.0352 4516 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll

17:46:44.0418 4516 AudioSrv - ok

17:46:44.0507 4516 BFE (ffb96c2589ffa60473ead78b39fbde29) C:\Windows\System32\bfe.dll

17:46:44.0625 4516 BFE - ok

17:46:44.0784 4516 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\System32\qmgr.dll

17:46:45.0010 4516 BITS - ok

17:46:45.0098 4516 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys

17:46:45.0205 4516 blbdrive - ok

17:46:45.0339 4516 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

17:46:45.0425 4516 Bonjour Service - ok

17:46:45.0458 4516 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys

17:46:45.0552 4516 bowser - ok

17:46:45.0616 4516 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys

17:46:45.0687 4516 BrFiltLo - ok

17:46:45.0714 4516 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys

17:46:45.0789 4516 BrFiltUp - ok

17:46:45.0853 4516 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll

17:46:45.0928 4516 Browser - ok

17:46:45.0960 4516 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys

17:46:46.0199 4516 Brserid - ok

17:46:46.0260 4516 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys

17:46:46.0410 4516 BrSerWdm - ok

17:46:46.0455 4516 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys

17:46:46.0577 4516 BrUsbMdm - ok

17:46:46.0597 4516 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys

17:46:46.0710 4516 BrUsbSer - ok

17:46:46.0762 4516 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys

17:46:46.0881 4516 BTHMODEM - ok

17:46:46.0949 4516 BVRPMPR5a64 (9887ca12f407d7fbc7f48f3678f5f0b6) C:\Windows\system32\drivers\BVRPMPR5a64.SYS

17:46:47.0017 4516 BVRPMPR5a64 - ok

17:46:47.0052 4516 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys

17:46:47.0179 4516 cdfs - ok

17:46:47.0248 4516 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys

17:46:47.0351 4516 cdrom - ok

17:46:47.0419 4516 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll

17:46:47.0525 4516 CertPropSvc - ok

17:46:47.0603 4516 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys

17:46:47.0699 4516 circlass - ok

17:46:47.0770 4516 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys

17:46:47.0876 4516 CLFS - ok

17:46:47.0964 4516 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

17:46:47.0987 4516 clr_optimization_v2.0.50727_32 - ok

17:46:48.0060 4516 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

17:46:48.0082 4516 clr_optimization_v2.0.50727_64 - ok

17:46:48.0179 4516 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

17:46:48.0220 4516 clr_optimization_v4.0.30319_32 - ok

17:46:48.0291 4516 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

17:46:48.0359 4516 clr_optimization_v4.0.30319_64 - ok

17:46:48.0433 4516 CmBatt (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys

17:46:48.0530 4516 CmBatt - ok

17:46:48.0554 4516 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys

17:46:48.0576 4516 cmdide - ok

17:46:48.0630 4516 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys

17:46:48.0653 4516 Compbatt - ok

17:46:48.0658 4516 COMSysApp - ok

17:46:48.0750 4516 ConfigFree Gadget Service (b9d3d216c66e0cd37478f5e5778aa35b) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe

17:46:48.0792 4516 ConfigFree Gadget Service ( UnsignedFile.Multi.Generic ) - warning

17:46:48.0792 4516 ConfigFree Gadget Service - detected UnsignedFile.Multi.Generic (1)

17:46:48.0829 4516 ConfigFree Service (c508b28b9da7563634a2a2b2eef4395d) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe

17:46:48.0858 4516 ConfigFree Service ( UnsignedFile.Multi.Generic ) - warning

17:46:48.0858 4516 ConfigFree Service - detected UnsignedFile.Multi.Generic (1)

17:46:48.0865 4516 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys

17:46:48.0890 4516 crcdisk - ok

17:46:49.0021 4516 CryptSvc (18918613e63f387cde4d95ca7d49dcf7) C:\Windows\system32\cryptsvc.dll

17:46:49.0119 4516 CryptSvc - ok

17:46:49.0306 4516 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

17:46:49.0367 4516 cvhsvc - ok

17:46:49.0496 4516 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll

17:46:49.0632 4516 DcomLaunch - ok

17:46:49.0734 4516 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys

17:46:49.0813 4516 DfsC - ok

17:46:50.0222 4516 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe

17:46:50.0502 4516 DFSR - ok

17:46:50.0661 4516 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll

17:46:50.0775 4516 Dhcp - ok

17:46:50.0856 4516 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys

17:46:50.0882 4516 disk - ok

17:46:50.0938 4516 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll

17:46:50.0997 4516 Dnscache - ok

17:46:51.0039 4516 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll

17:46:51.0180 4516 dot3svc - ok

17:46:51.0222 4516 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll

17:46:51.0349 4516 DPS - ok

17:46:51.0397 4516 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys

17:46:51.0476 4516 drmkaud - ok

17:46:51.0616 4516 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys

17:46:51.0744 4516 DXGKrnl - ok

17:46:51.0785 4516 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys

17:46:51.0880 4516 E1G60 - ok

17:46:51.0934 4516 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll

17:46:52.0024 4516 EapHost - ok

17:46:52.0087 4516 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys

17:46:52.0162 4516 Ecache - ok

17:46:52.0238 4516 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe

17:46:52.0302 4516 ehRecvr - ok

17:46:52.0379 4516 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe

17:46:52.0446 4516 ehSched - ok

17:46:52.0486 4516 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll

17:46:52.0567 4516 ehstart - ok

17:46:52.0681 4516 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys

17:46:52.0721 4516 elxstor - ok

17:46:52.0804 4516 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll

17:46:52.0931 4516 EMDMgmt - ok

17:46:52.0975 4516 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys

17:46:53.0079 4516 ErrDev - ok

17:46:53.0189 4516 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll

17:46:53.0290 4516 EventSystem - ok

17:46:53.0551 4516 EvtEng (f7bf273af871315560bce41643af104d) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

17:46:53.0714 4516 EvtEng - ok

17:46:53.0899 4516 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys

17:46:54.0017 4516 exfat - ok

17:46:54.0080 4516 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys

17:46:54.0151 4516 fastfat - ok

17:46:54.0232 4516 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys

17:46:54.0292 4516 fdc - ok

17:46:54.0321 4516 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll

17:46:54.0407 4516 fdPHost - ok

17:46:54.0461 4516 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll

17:46:54.0595 4516 FDResPub - ok

17:46:54.0632 4516 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys

17:46:54.0657 4516 FileInfo - ok

17:46:54.0689 4516 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys

17:46:54.0750 4516 Filetrace - ok

17:46:54.0774 4516 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

17:46:54.0864 4516 flpydisk - ok

17:46:54.0946 4516 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys

17:46:54.0990 4516 FltMgr - ok

17:46:55.0191 4516 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll

17:46:55.0354 4516 FontCache - ok

17:46:55.0412 4516 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

17:46:55.0432 4516 FontCache3.0.0.0 - ok

17:46:55.0514 4516 Fs_Rec (5779b86cd8b32519fbecb136394d946a) C:\Windows\system32\drivers\Fs_Rec.sys

17:46:55.0585 4516 Fs_Rec - ok

17:46:55.0675 4516 FwLnk (6d06b5eebba23c16789efc820ee1f253) C:\Windows\system32\DRIVERS\FwLnk.sys

17:46:55.0746 4516 FwLnk - ok

17:46:55.0807 4516 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys

17:46:55.0832 4516 gagp30kx - ok

17:46:55.0884 4516 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\Drivers\GEARAspiWDM.sys

17:46:55.0902 4516 GEARAspiWDM - ok

17:46:56.0122 4516 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll

17:46:56.0207 4516 gpsvc - ok

17:46:56.0291 4516 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

17:46:56.0322 4516 gupdate - ok

17:46:56.0368 4516 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

17:46:56.0387 4516 gupdatem - ok

17:46:56.0466 4516 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys

17:46:56.0635 4516 HdAudAddService - ok

17:46:56.0774 4516 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys

17:46:56.0936 4516 HDAudBus - ok

17:46:56.0969 4516 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys

17:46:57.0091 4516 HidBth - ok

17:46:57.0142 4516 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys

17:46:57.0258 4516 HidIr - ok

17:46:57.0304 4516 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\system32\hidserv.dll

17:46:57.0380 4516 hidserv - ok

17:46:57.0465 4516 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys

17:46:57.0537 4516 HidUsb - ok

17:46:57.0602 4516 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll

17:46:57.0730 4516 hkmsvc - ok

17:46:57.0763 4516 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys

17:46:57.0787 4516 HpCISSs - ok

17:46:57.0880 4516 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys

17:46:58.0039 4516 HTTP - ok

17:46:58.0062 4516 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys

17:46:58.0086 4516 i2omp - ok

17:46:58.0118 4516 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys

17:46:58.0187 4516 i8042prt - ok

17:46:58.0285 4516 iaStor (fc28e90f2204d8fd147fa9bfa8a51c01) C:\Windows\system32\DRIVERS\iaStor.sys

17:46:58.0319 4516 iaStor - ok

17:46:58.0360 4516 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys

17:46:58.0408 4516 iaStorV - ok

17:46:58.0549 4516 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

17:46:58.0577 4516 IDriverT ( UnsignedFile.Multi.Generic ) - warning

17:46:58.0577 4516 IDriverT - detected UnsignedFile.Multi.Generic (1)

17:46:58.0767 4516 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

17:46:58.0855 4516 idsvc - ok

17:46:58.0899 4516 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys

17:46:58.0921 4516 iirsp - ok

17:46:58.0988 4516 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll

17:46:59.0124 4516 IKEEXT - ok

17:46:59.0322 4516 IntcAzAudAddService (1835b384d2d66752ed1460e9085230bd) C:\Windows\system32\drivers\RTKVHD64.sys

17:46:59.0483 4516 IntcAzAudAddService - ok

17:46:59.0696 4516 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys

17:46:59.0719 4516 intelide - ok

17:46:59.0753 4516 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys

17:46:59.0842 4516 intelppm - ok

17:46:59.0891 4516 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll

17:47:00.0014 4516 IPBusEnum - ok

17:47:00.0061 4516 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys

17:47:00.0154 4516 IpFilterDriver - ok

17:47:00.0227 4516 iphlpsvc (bf0dbfa9792c5c14fa00f61c75116c1b) C:\Windows\System32\iphlpsvc.dll

17:47:00.0356 4516 iphlpsvc - ok

17:47:00.0361 4516 IpInIp - ok

17:47:00.0392 4516 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys

17:47:00.0455 4516 IPMIDRV - ok

17:47:00.0518 4516 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys

17:47:00.0644 4516 IPNAT - ok

17:47:00.0817 4516 iPod Service (e94503089df8976f5c4c9d5168e9765f) C:\Program Files\iPod\bin\iPodService.exe

17:47:00.0924 4516 iPod Service - ok

17:47:00.0953 4516 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys

17:47:01.0035 4516 IRENUM - ok

17:47:01.0081 4516 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys

17:47:01.0104 4516 isapnp - ok

17:47:01.0152 4516 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys

17:47:01.0186 4516 iScsiPrt - ok

17:47:01.0213 4516 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys

17:47:01.0235 4516 iteatapi - ok

17:47:01.0319 4516 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys

17:47:01.0341 4516 iteraid - ok

17:47:01.0378 4516 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys

17:47:01.0401 4516 kbdclass - ok

17:47:01.0408 4516 kbdhid (bf8783a5066cfecf45095459e8010fa7) C:\Windows\system32\DRIVERS\kbdhid.sys

17:47:01.0496 4516 kbdhid - ok

17:47:01.0560 4516 KeyIso (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe

17:47:01.0656 4516 KeyIso - ok

17:47:01.0706 4516 KR10I64 (7c999f96b239e214154db3c808e6736a) C:\Windows\system32\drivers\kr10i64.sys

17:47:01.0814 4516 KR10I64 - ok

17:47:01.0854 4516 KR10N64 (8cb9a9164d4e789424f943fa718fa3f2) C:\Windows\system32\drivers\kr10n64.sys

17:47:01.0917 4516 KR10N64 - ok

17:47:02.0003 4516 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys

17:47:02.0105 4516 KSecDD - ok

17:47:02.0141 4516 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys

17:47:02.0230 4516 ksthunk - ok

17:47:02.0323 4516 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll

17:47:02.0474 4516 KtmRm - ok

17:47:02.0578 4516 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\system32\srvsvc.dll

17:47:02.0697 4516 LanmanServer - ok

17:47:02.0804 4516 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll

17:47:02.0886 4516 LanmanWorkstation - ok

17:47:02.0940 4516 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys

17:47:03.0042 4516 lltdio - ok

17:47:03.0114 4516 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll

17:47:03.0258 4516 lltdsvc - ok

17:47:03.0286 4516 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll

17:47:03.0372 4516 lmhosts - ok

17:47:03.0433 4516 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys

17:47:03.0469 4516 LSI_FC - ok

17:47:03.0507 4516 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys

17:47:03.0556 4516 LSI_SAS - ok

17:47:03.0610 4516 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys

17:47:03.0646 4516 LSI_SCSI - ok

17:47:03.0690 4516 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys

17:47:03.0811 4516 luafv - ok

17:47:03.0842 4516 lxdn_device - ok

17:47:03.0889 4516 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys

17:47:03.0912 4516 MBAMProtector - ok

17:47:04.0044 4516 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

17:47:04.0089 4516 MBAMService - ok

17:47:04.0196 4516 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe

17:47:04.0222 4516 McComponentHostService - ok

17:47:04.0274 4516 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll

17:47:04.0301 4516 Mcx2Svc - ok

17:47:04.0376 4516 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys

17:47:04.0399 4516 megasas - ok

17:47:04.0462 4516 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys

17:47:04.0517 4516 MegaSR - ok

17:47:04.0616 4516 Microsoft SharePoint Workspace Audit Service - ok

17:47:04.0647 4516 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll

17:47:04.0746 4516 MMCSS - ok

17:47:04.0778 4516 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys

17:47:04.0862 4516 Modem - ok

17:47:04.0913 4516 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys

17:47:04.0975 4516 monitor - ok

17:47:05.0012 4516 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys

17:47:05.0035 4516 mouclass - ok

17:47:05.0069 4516 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys

17:47:05.0159 4516 mouhid - ok

17:47:05.0176 4516 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys

17:47:05.0201 4516 MountMgr - ok

17:47:05.0284 4516 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

17:47:05.0307 4516 MozillaMaintenance - ok

17:47:05.0357 4516 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys

17:47:05.0393 4516 mpio - ok

17:47:05.0421 4516 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys

17:47:05.0496 4516 mpsdrv - ok

17:47:05.0626 4516 MpsSvc (897e3baf68ba406a61682ae39c83900c) C:\Windows\system32\mpssvc.dll

17:47:05.0763 4516 MpsSvc - ok

17:47:05.0824 4516 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys

17:47:05.0847 4516 Mraid35x - ok

17:47:05.0893 4516 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys

17:47:05.0980 4516 MRxDAV - ok

17:47:06.0033 4516 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys

17:47:06.0093 4516 mrxsmb - ok

17:47:06.0149 4516 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys

17:47:06.0291 4516 mrxsmb10 - ok

17:47:06.0342 4516 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys

17:47:06.0412 4516 mrxsmb20 - ok

17:47:06.0463 4516 msahci (730b784962d22d2c6481eae2370e7c8c) C:\Windows\system32\drivers\msahci.sys

17:47:06.0487 4516 msahci - ok

17:47:06.0530 4516 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys

17:47:06.0566 4516 msdsm - ok

17:47:06.0614 4516 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe

17:47:06.0730 4516 MSDTC - ok

17:47:06.0754 4516 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys

17:47:06.0848 4516 Msfs - ok

17:47:06.0905 4516 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys

17:47:06.0928 4516 msisadrv - ok

17:47:06.0985 4516 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll

17:47:07.0146 4516 MSiSCSI - ok

17:47:07.0152 4516 msiserver - ok

17:47:07.0196 4516 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys

17:47:07.0282 4516 MSKSSRV - ok

17:47:07.0331 4516 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys

17:47:07.0422 4516 MSPCLOCK - ok

17:47:07.0456 4516 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys

17:47:07.0517 4516 MSPQM - ok

17:47:07.0607 4516 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys

17:47:07.0672 4516 MsRPC - ok

17:47:07.0723 4516 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys

17:47:07.0747 4516 mssmbios - ok

17:47:07.0776 4516 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys

17:47:07.0900 4516 MSTEE - ok

17:47:07.0934 4516 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys

17:47:07.0960 4516 Mup - ok

17:47:08.0021 4516 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll

17:47:08.0083 4516 napagent - ok

17:47:08.0142 4516 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys

17:47:08.0213 4516 NativeWifiP - ok

17:47:08.0373 4516 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys

17:47:08.0456 4516 NDIS - ok

17:47:08.0491 4516 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys

17:47:08.0568 4516 NdisTapi - ok

17:47:08.0576 4516 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys

17:47:08.0680 4516 Ndisuio - ok

17:47:08.0734 4516 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys

17:47:08.0862 4516 NdisWan - ok

17:47:08.0901 4516 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys

17:47:08.0979 4516 NDProxy - ok

17:47:09.0009 4516 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys

17:47:09.0121 4516 NetBIOS - ok

17:47:09.0199 4516 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys

17:47:09.0297 4516 netbt - ok

17:47:09.0342 4516 Netlogon (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe

17:47:09.0370 4516 Netlogon - ok

17:47:09.0447 4516 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll

17:47:09.0560 4516 Netman - ok

17:47:09.0610 4516 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll

17:47:09.0735 4516 netprofm - ok

17:47:09.0809 4516 NetTcpPortSharing (74751dda198165947fd7454d83f49825) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

17:47:09.0844 4516 NetTcpPortSharing - ok

17:47:09.0855 4516 NETw5v64 - ok

17:47:10.0819 4516 NETwNv64 (6b138b65b531c3a2380becabef0b6157) C:\Windows\system32\DRIVERS\NETwNv64.sys

17:47:11.0680 4516 NETwNv64 - ok

17:47:11.0859 4516 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys

17:47:11.0882 4516 nfrd960 - ok

17:47:11.0966 4516 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll

17:47:12.0109 4516 NlaSvc - ok

17:47:12.0154 4516 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys

17:47:12.0227 4516 Npfs - ok

17:47:12.0254 4516 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll

17:47:12.0344 4516 nsi - ok

17:47:12.0370 4516 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys

17:47:12.0462 4516 nsiproxy - ok

17:47:12.0663 4516 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys

17:47:12.0786 4516 Ntfs - ok

17:47:12.0987 4516 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys

17:47:13.0077 4516 Null - ok

17:47:13.0118 4516 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys

17:47:13.0145 4516 nvraid - ok

17:47:13.0181 4516 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys

17:47:13.0210 4516 nvstor - ok

17:47:13.0242 4516 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys

17:47:13.0268 4516 nv_agp - ok

17:47:13.0274 4516 NwlnkFlt - ok

17:47:13.0282 4516 NwlnkFwd - ok

17:47:13.0326 4516 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys

17:47:13.0402 4516 ohci1394 - ok

17:47:13.0502 4516 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

17:47:13.0534 4516 ose - ok

17:47:14.0161 4516 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

17:47:14.0480 4516 osppsvc - ok

17:47:14.0731 4516 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll

17:47:14.0879 4516 p2pimsvc - ok

17:47:14.0893 4516 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll

17:47:14.0945 4516 p2psvc - ok

17:47:14.0998 4516 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys

17:47:15.0133 4516 Parport - ok

17:47:15.0182 4516 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys

17:47:15.0210 4516 partmgr - ok

17:47:15.0256 4516 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll

17:47:15.0324 4516 PcaSvc - ok

17:47:15.0378 4516 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys

17:47:15.0413 4516 pci - ok

17:47:15.0441 4516 pciide (8d618c829034479985a9ed56106cc732) C:\Windows\system32\DRIVERS\pciide.sys

17:47:15.0462 4516 pciide - ok

17:47:15.0506 4516 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys

17:47:15.0537 4516 pcmcia - ok

17:47:15.0633 4516 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys

17:47:15.0835 4516 PEAUTH - ok

17:47:15.0970 4516 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe

17:47:16.0054 4516 PerfHost - ok

17:47:16.0238 4516 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll

17:47:16.0450 4516 pla - ok

17:47:16.0518 4516 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll

17:47:16.0614 4516 PlugPlay - ok

17:47:16.0777 4516 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll

17:47:16.0824 4516 PNRPAutoReg - ok

17:47:16.0837 4516 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll

17:47:16.0884 4516 PNRPsvc - ok

17:47:16.0958 4516 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll

17:47:17.0101 4516 PolicyAgent - ok

17:47:17.0186 4516 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys

17:47:17.0289 4516 PptpMiniport - ok

17:47:17.0331 4516 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys

17:47:17.0424 4516 Processor - ok

17:47:17.0509 4516 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll

17:47:17.0629 4516 ProfSvc - ok

17:47:17.0656 4516 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe

17:47:17.0698 4516 ProtectedStorage - ok

17:47:17.0744 4516 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys

17:47:17.0803 4516 PSched - ok

17:47:17.0844 4516 pwipf6 (67c0ffa05e72b46534cbef9098be6765) C:\Windows\system32\DRIVERS\pwipf6.sys

17:47:17.0864 4516 pwipf6 - ok

17:47:18.0016 4516 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys

17:47:18.0161 4516 ql2300 - ok

17:47:18.0239 4516 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys

17:47:18.0273 4516 ql40xx - ok

17:47:18.0324 4516 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll

17:47:18.0420 4516 QWAVE - ok

17:47:18.0453 4516 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys

17:47:18.0505 4516 QWAVEdrv - ok

17:47:18.0541 4516 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys

17:47:18.0630 4516 RasAcd - ok

17:47:18.0691 4516 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll

17:47:18.0808 4516 RasAuto - ok

17:47:18.0876 4516 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys

17:47:18.0947 4516 Rasl2tp - ok

17:47:19.0010 4516 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll

17:47:19.0134 4516 RasMan - ok

17:47:19.0194 4516 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys

17:47:19.0284 4516 RasPppoe - ok

17:47:19.0334 4516 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys

17:47:19.0391 4516 RasSstp - ok

17:47:19.0463 4516 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys

17:47:19.0548 4516 rdbss - ok

17:47:19.0602 4516 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys

17:47:19.0665 4516 RDPCDD - ok

17:47:19.0726 4516 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys

17:47:19.0826 4516 rdpdr - ok

17:47:19.0832 4516 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys

17:47:19.0926 4516 RDPENCDD - ok

17:47:20.0006 4516 RDPWD (5c141fc457f1ac833664789235aca673) C:\Windows\system32\drivers\RDPWD.sys

17:47:20.0103 4516 RDPWD - ok

17:47:20.0271 4516 RegSrvc (92c422f8f0e6018ffc1c760b88a98eb3) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

17:47:20.0331 4516 RegSrvc - ok

17:47:20.0395 4516 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll

17:47:20.0501 4516 RemoteAccess - ok

17:47:20.0559 4516 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll

17:47:20.0652 4516 RemoteRegistry - ok

17:47:20.0760 4516 Revoflt (9c3ac71a9934b884fac567a8807e9c4d) C:\Windows\system32\DRIVERS\revoflt.sys

17:47:20.0779 4516 Revoflt - ok

17:47:20.0847 4516 rimmptsk (d13d70fac45fc1df69f88559b1f72f0a) C:\Windows\system32\DRIVERS\rimmpx64.sys

17:47:20.0926 4516 rimmptsk - ok

17:47:20.0950 4516 rimsptsk (bb9edc55b0b8cb4fcd713428820e0776) C:\Windows\system32\DRIVERS\rimspx64.sys

17:47:21.0011 4516 rimsptsk - ok

17:47:21.0029 4516 rismxdp (481c3fdeacaae04b74c58288dbc91df9) C:\Windows\system32\DRIVERS\rixdpx64.sys

17:47:21.0059 4516 rismxdp - ok

17:47:21.0093 4516 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe

17:47:21.0139 4516 RpcLocator - ok

17:47:21.0284 4516 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll

17:47:21.0369 4516 RpcSs - ok

17:47:21.0464 4516 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys

17:47:21.0530 4516 rspndr - ok

17:47:21.0593 4516 RTHDMIAzAudService (0328ffdf9d805723d0e420018136fa7b) C:\Windows\system32\drivers\RtHDMIVX.sys

17:47:21.0622 4516 RTHDMIAzAudService - ok

17:47:21.0690 4516 RTL8169 (bf55641fc2f759281b9bf59d5daa8fde) C:\Windows\system32\DRIVERS\Rtlh64.sys

17:47:21.0800 4516 RTL8169 - ok

17:47:21.0850 4516 SamSs (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe

17:47:21.0876 4516 SamSs - ok

17:47:21.0947 4516 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys

17:47:21.0983 4516 sbp2port - ok

17:47:22.0055 4516 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll

17:47:22.0141 4516 SCardSvr - ok

17:47:22.0306 4516 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll

17:47:22.0498 4516 Schedule - ok

17:47:22.0561 4516 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll

17:47:22.0608 4516 SCPolicySvc - ok

17:47:22.0720 4516 sdbus (be100bc2be2513314c717bb2c4cfff10) C:\Windows\system32\DRIVERS\sdbus.sys

17:47:22.0833 4516 sdbus - ok

17:47:22.0889 4516 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll

17:47:23.0015 4516 SDRSVC - ok

17:47:23.0045 4516 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

17:47:23.0137 4516 secdrv - ok

17:47:23.0167 4516 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll

17:47:23.0260 4516 seclogon - ok

17:47:23.0363 4516 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\System32\sens.dll

17:47:23.0470 4516 SENS - ok

17:47:23.0509 4516 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys

17:47:23.0626 4516 Serenum - ok

17:47:23.0715 4516 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys

17:47:23.0820 4516 Serial - ok

17:47:23.0848 4516 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys

17:47:23.0936 4516 sermouse - ok

17:47:23.0969 4516 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll

17:47:24.0087 4516 SessionEnv - ok

17:47:24.0148 4516 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys

17:47:24.0237 4516 sffdisk - ok

17:47:24.0275 4516 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys

17:47:24.0361 4516 sffp_mmc - ok

17:47:24.0382 4516 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys

17:47:24.0463 4516 sffp_sd - ok

17:47:24.0500 4516 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys

17:47:24.0620 4516 sfloppy - ok

17:47:24.0761 4516 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys

17:47:24.0822 4516 Sftfs - ok

17:47:24.0970 4516 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

17:47:25.0045 4516 sftlist - ok

17:47:25.0141 4516 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys

17:47:25.0210 4516 Sftplay - ok

17:47:25.0241 4516 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys

17:47:25.0261 4516 Sftredir - ok

17:47:25.0291 4516 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys

17:47:25.0312 4516 Sftvol - ok

17:47:25.0351 4516 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

17:47:25.0422 4516 sftvsa - ok

17:47:25.0480 4516 SharedAccess (4c5aee179da7e1ee9a9ccb9da289af34) C:\Windows\System32\ipnathlp.dll

17:47:25.0568 4516 SharedAccess - ok

17:47:25.0644 4516 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll

17:47:25.0771 4516 ShellHWDetection - ok

17:47:25.0800 4516 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys

17:47:25.0824 4516 SiSRaid2 - ok

17:47:25.0865 4516 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys

17:47:25.0915 4516 SiSRaid4 - ok

17:47:26.0208 4516 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe

17:47:26.0422 4516 slsvc - ok

17:47:26.0620 4516 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll

17:47:26.0717 4516 SLUINotify - ok

17:47:26.0849 4516 SmartFaceVWatchSrv (79ed2d6dec26e0fefb93ea21f09e6a51) C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe

17:47:26.0861 4516 SmartFaceVWatchSrv ( UnsignedFile.Multi.Generic ) - warning

17:47:26.0862 4516 SmartFaceVWatchSrv - detected UnsignedFile.Multi.Generic (1)

17:47:26.0974 4516 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys

17:47:27.0074 4516 Smb - ok

17:47:27.0129 4516 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe

17:47:27.0182 4516 SNMPTRAP - ok

17:47:27.0252 4516 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys

17:47:27.0277 4516 spldr - ok

17:47:27.0355 4516 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe

17:47:27.0499 4516 Spooler - ok

17:47:27.0586 4516 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys

17:47:27.0696 4516 srv - ok

17:47:27.0746 4516 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys

17:47:27.0800 4516 srv2 - ok

17:47:27.0854 4516 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys

17:47:27.0967 4516 srvnet - ok

17:47:28.0060 4516 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll

17:47:28.0189 4516 SSDPSRV - ok

17:47:28.0221 4516 ssfmonm (2c8842ac3fb749423311d934a3746fe2) C:\Windows\system32\DRIVERS\ssfmonm.sys

17:47:28.0242 4516 ssfmonm - ok

17:47:28.0279 4516 ssidrv (4a69c76bba285745a45045c4672f89c7) C:\Windows\system32\DRIVERS\ssidrv.sys

17:47:28.0332 4516 ssidrv - ok

17:47:28.0382 4516 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll

17:47:28.0446 4516 SstpSvc - ok

17:47:28.0556 4516 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll

17:47:28.0689 4516 stisvc - ok

17:47:28.0743 4516 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys

17:47:28.0764 4516 swenum - ok

17:47:28.0853 4516 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll

17:47:28.0937 4516 swprv - ok

17:47:28.0978 4516 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys

17:47:29.0001 4516 Symc8xx - ok

17:47:29.0031 4516 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys

17:47:29.0053 4516 Sym_hi - ok

17:47:29.0071 4516 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys

17:47:29.0093 4516 Sym_u3 - ok

17:47:29.0173 4516 SynTP (572438150fc79e41a0348e3dc56b1dd2) C:\Windows\system32\DRIVERS\SynTP.sys

17:47:29.0205 4516 SynTP - ok

17:47:29.0384 4516 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll

17:47:29.0549 4516 SysMain - ok

17:47:29.0587 4516 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll

17:47:29.0682 4516 TabletInputService - ok

17:47:29.0779 4516 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll

17:47:29.0860 4516 TapiSrv - ok

17:47:29.0892 4516 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll

17:47:30.0000 4516 TBS - ok

17:47:30.0217 4516 Tcpip (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\drivers\tcpip.sys

17:47:30.0381 4516 Tcpip - ok

17:47:30.0628 4516 Tcpip6 (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\DRIVERS\tcpip.sys

17:47:30.0722 4516 Tcpip6 - ok

17:47:30.0943 4516 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys

17:47:31.0022 4516 tcpipreg - ok

17:47:31.0079 4516 tdcmdpst (d45586a9facb2c9708b10e491ef748a6) C:\Windows\system32\DRIVERS\tdcmdpst.sys

17:47:31.0098 4516 tdcmdpst - ok

17:47:31.0159 4516 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys

17:47:31.0251 4516 TDPIPE - ok

17:47:31.0281 4516 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys

17:47:31.0368 4516 TDTCP - ok

17:47:31.0437 4516 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys

17:47:31.0543 4516 tdx - ok

17:47:31.0602 4516 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys

17:47:31.0628 4516 TermDD - ok

17:47:31.0713 4516 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll

17:47:31.0830 4516 TermService - ok

17:47:31.0903 4516 Themes (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll

17:47:31.0935 4516 Themes - ok

17:47:31.0974 4516 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll

17:47:32.0037 4516 THREADORDER - ok

17:47:32.0106 4516 TMachInfo (e09caafb2b323a6ff120cefb96da0a44) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

17:47:32.0125 4516 TMachInfo - ok

17:47:32.0204 4516 TNaviSrv (89f74c86523f5e334628dbce66e6d165) C:\Program Files (x86)\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe

17:47:32.0225 4516 TNaviSrv - ok

17:47:32.0301 4516 TODDSrv (19af3434564e973bc232bbd629ec2bf6) C:\Windows\system32\TODDSrv.exe

17:47:32.0324 4516 TODDSrv ( UnsignedFile.Multi.Generic ) - warning

17:47:32.0324 4516 TODDSrv - detected UnsignedFile.Multi.Generic (1)

17:47:32.0481 4516 TosCoSrv (e17a81e6ad0e89630a3b0f2ed5cbbdf5) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

17:47:32.0546 4516 TosCoSrv - ok

17:47:32.0662 4516 TOSHIBA Bluetooth Service (4e5a8546709591d31ba086ca2a69cecd) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

17:47:32.0685 4516 TOSHIBA Bluetooth Service - ok

17:47:32.0720 4516 TOSHIBA SMART Log Service (19d979b9f6373a7cb17ebb7594feb819) C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe

17:47:32.0760 4516 TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - warning

17:47:32.0760 4516 TOSHIBA SMART Log Service - detected UnsignedFile.Multi.Generic (1)

17:47:32.0814 4516 Tosrfcom - ok

17:47:32.0836 4516 tosrfec (9fb4aa68d4e833c795994513bc9e3aca) C:\Windows\system32\DRIVERS\tosrfec.sys

17:47:32.0909 4516 tosrfec - ok

17:47:33.0032 4516 tos_sps64 (dd50a5df5f7b29fdb6b5fea728c43dc3) C:\Windows\system32\DRIVERS\tos_sps64.sys

17:47:33.0113 4516 tos_sps64 - ok

17:47:33.0160 4516 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll

17:47:33.0305 4516 TrkWks - ok

17:47:33.0378 4516 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe

17:47:33.0449 4516 TrustedInstaller - ok

17:47:33.0492 4516 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys

17:47:33.0589 4516 tssecsrv - ok

17:47:33.0625 4516 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys

17:47:33.0709 4516 tunmp - ok

17:47:33.0744 4516 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys

17:47:33.0792 4516 tunnel - ok

17:47:33.0901 4516 TVALZ (9a744cc3d804ec38a6c2c65bc3c6fcd8) C:\Windows\system32\DRIVERS\TVALZ_O.SYS

17:47:33.0919 4516 TVALZ - ok

17:47:33.0965 4516 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys

17:47:33.0990 4516 uagp35 - ok

17:47:34.0045 4516 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys

17:47:34.0162 4516 udfs - ok

17:47:34.0217 4516 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe

17:47:34.0344 4516 UI0Detect - ok

17:47:34.0444 4516 UleadBurningHelper (332d341d92b933600d41953b08360dfb) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

17:47:34.0482 4516 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - warning

17:47:34.0482 4516 UleadBurningHelper - detected UnsignedFile.Multi.Generic (1)

17:47:34.0556 4516 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys

17:47:34.0582 4516 uliagpkx - ok

17:47:34.0624 4516 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys

17:47:34.0657 4516 uliahci - ok

17:47:34.0696 4516 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys

17:47:34.0729 4516 UlSata - ok

17:47:34.0763 4516 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys

17:47:34.0795 4516 ulsata2 - ok

17:47:34.0848 4516 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys

17:47:34.0909 4516 umbus - ok

17:47:34.0991 4516 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll

17:47:35.0085 4516 upnphost - ok

17:47:35.0154 4516 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys

17:47:35.0191 4516 USBAAPL64 - ok

17:47:35.0221 4516 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys

17:47:35.0291 4516 usbccgp - ok

17:47:35.0336 4516 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys

17:47:35.0452 4516 usbcir - ok

17:47:35.0490 4516 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys

17:47:35.0563 4516 usbehci - ok

17:47:35.0611 4516 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys

17:47:35.0697 4516 usbhub - ok

17:47:35.0726 4516 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys

17:47:35.0839 4516 usbohci - ok

17:47:35.0955 4516 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys

17:47:36.0016 4516 usbprint - ok

17:47:36.0121 4516 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys

17:47:36.0229 4516 usbscan - ok

17:47:36.0291 4516 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS

17:47:36.0340 4516 USBSTOR - ok

17:47:36.0381 4516 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys

17:47:36.0428 4516 usbuhci - ok

17:47:36.0503 4516 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys

17:47:36.0594 4516 usbvideo - ok

17:47:36.0640 4516 UVCFTR (56ed086f1300ecb1e6f67ac43955e5e9) C:\Windows\system32\Drivers\UVCFTR_S.SYS

17:47:36.0658 4516 UVCFTR - ok

17:47:36.0700 4516 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll

17:47:36.0749 4516 UxSms - ok

17:47:36.0822 4516 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe

17:47:36.0915 4516 vds - ok

17:47:36.0935 4516 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys

17:47:36.0997 4516 vga - ok

17:47:37.0011 4516 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys

17:47:37.0097 4516 VgaSave - ok

17:47:37.0128 4516 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys

17:47:37.0149 4516 viaide - ok

17:47:37.0196 4516 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys

17:47:37.0223 4516 volmgr - ok

17:47:37.0300 4516 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys

17:47:37.0359 4516 volmgrx - ok

17:47:37.0415 4516 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys

17:47:37.0477 4516 volsnap - ok

17:47:37.0508 4516 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys

17:47:37.0542 4516 vsmraid - ok

17:47:37.0744 4516 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe

17:47:37.0903 4516 VSS - ok

17:47:38.0104 4516 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll

17:47:38.0240 4516 W32Time - ok

17:47:38.0303 4516 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys

17:47:38.0427 4516 WacomPen - ok

17:47:38.0472 4516 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys

17:47:38.0564 4516 Wanarp - ok

17:47:38.0570 4516 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys

17:47:38.0618 4516 Wanarpv6 - ok

17:47:38.0735 4516 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll

17:47:38.0880 4516 wcncsvc - ok

17:47:38.0964 4516 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll

17:47:39.0060 4516 WcsPlugInService - ok

17:47:39.0120 4516 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys

17:47:39.0143 4516 Wd - ok

17:47:39.0279 4516 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys

17:47:39.0372 4516 Wdf01000 - ok

17:47:39.0413 4516 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll

17:47:39.0514 4516 WdiServiceHost - ok

17:47:39.0522 4516 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll

17:47:39.0586 4516 WdiSystemHost - ok

17:47:39.0648 4516 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll

17:47:39.0748 4516 WebClient - ok

17:47:40.0223 4516 WebrootSpySweeperService (74cbe3f3b912b7fc97e65e20385c5810) C:\Program Files (x86)\Webroot\Security\current\plugins\antimalware\AEI.exe

17:47:40.0415 4516 WebrootSpySweeperService - ok

17:47:40.0604 4516 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll

17:47:40.0691 4516 Wecsvc - ok

17:47:40.0726 4516 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll

17:47:40.0788 4516 wercplsupport - ok

17:47:40.0846 4516 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll

17:47:40.0963 4516 WerSvc - ok

17:47:41.0025 4516 WinDefend - ok

17:47:41.0039 4516 WinHttpAutoProxySvc - ok

17:47:41.0168 4516 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll

17:47:41.0264 4516 Winmgmt - ok

17:47:41.0508 4516 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll

17:47:41.0751 4516 WinRM - ok

17:47:41.0962 4516 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll

17:47:42.0104 4516 Wlansvc - ok

17:47:42.0382 4516 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

17:47:42.0628 4516 wlidsvc - ok

17:47:42.0814 4516 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys

17:47:42.0888 4516 WmiAcpi - ok

17:47:42.0974 4516 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe

17:47:43.0073 4516 wmiApSrv - ok

17:47:43.0111 4516 WMPNetworkSvc - ok

17:47:43.0159 4516 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll

17:47:43.0301 4516 WPCSvc - ok

17:47:43.0337 4516 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll

17:47:43.0435 4516 WPDBusEnum - ok

17:47:43.0483 4516 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys

17:47:43.0524 4516 WpdUsb - ok

17:47:43.0777 4516 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe

17:47:43.0902 4516 WPFFontCache_v0400 - ok

17:47:44.0398 4516 WRConsumerService (ff0115403517a1fd7619f73f4a6c331e) C:\Program Files (x86)\Webroot\Security\Current\Framework\WRConsumerService.exe

17:47:44.0635 4516 WRConsumerService - ok

17:47:44.0820 4516 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys

17:47:44.0903 4516 ws2ifsl - ok

17:47:44.0958 4516 wscsvc (9ea3e6d0ef7a5c2b9181961052a4b01a) C:\Windows\System32\wscsvc.dll

17:47:45.0002 4516 wscsvc - ok

17:47:45.0008 4516 WSearch - ok

17:47:45.0316 4516 wuauserv (fb3796754fe00f0bdc87a36f164a5f4d) C:\Windows\system32\wuaueng.dll

17:47:45.0488 4516 wuauserv - ok

17:47:45.0692 4516 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys

17:47:45.0809 4516 WUDFRd - ok

17:47:45.0870 4516 wudfsvc (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll

17:47:45.0948 4516 wudfsvc - ok

17:47:46.0135 4516 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

17:47:46.0199 4516 YahooAUService - ok

17:47:46.0242 4516 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0

17:47:46.0444 4516 \Device\Harddisk0\DR0 - ok

17:47:46.0450 4516 Boot (0x1200) (bfda696934bf2b1e81a5e9a81664075c) \Device\Harddisk0\DR0\Partition0

17:47:46.0452 4516 \Device\Harddisk0\DR0\Partition0 - ok

17:47:46.0454 4516 ============================================================

17:47:46.0454 4516 Scan finished

17:47:46.0454 4516 ============================================================

17:47:46.0475 6408 Detected object count: 7

17:47:46.0475 6408 Actual detected object count: 7

17:49:55.0004 6408 ConfigFree Gadget Service ( UnsignedFile.Multi.Generic ) - skipped by user

17:49:55.0004 6408 ConfigFree Gadget Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:49:55.0005 6408 ConfigFree Service ( UnsignedFile.Multi.Generic ) - skipped by user

17:49:55.0005 6408 ConfigFree Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:49:55.0005 6408 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

17:49:55.0005 6408 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:49:55.0009 6408 SmartFaceVWatchSrv ( UnsignedFile.Multi.Generic ) - skipped by user

17:49:55.0009 6408 SmartFaceVWatchSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:49:55.0011 6408 TODDSrv ( UnsignedFile.Multi.Generic ) - skipped by user

17:49:55.0011 6408 TODDSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:49:55.0014 6408 TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - skipped by user

17:49:55.0014 6408 TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:49:55.0015 6408 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - skipped by user

17:49:55.0015 6408 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip

Link to post
Share on other sites

That scan was clean.....

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingc...to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Please include the C:\ComboFix.txt in your next reply for further review.

Note:

If you get the message Illegal operation attempted on registry key that has been marked for deletion. after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

MrC

Link to post
Share on other sites

ComboFix 12-05-09.01 - User 05/09/2012 18:25:55.1.2 - x64

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.4093.1757 [GMT -5:00]

Running from: c:\users\User\Downloads\ComboFix.exe

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\Roaming

c:\programdata\Roaming\Intel\Wireless\Settings\Settings.ini

c:\programdata\SPLD23C.tmp

c:\users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\zs0g5ds4.default\extensions\{5ed7c7bf-b623-4a1d-b141-a2e2323a332f}

c:\users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\zs0g5ds4.default\extensions\{5ed7c7bf-b623-4a1d-b141-a2e2323a332f}\chrome.manifest

c:\users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\zs0g5ds4.default\extensions\{5ed7c7bf-b623-4a1d-b141-a2e2323a332f}\chrome\xulcache.jar

c:\users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\zs0g5ds4.default\extensions\{5ed7c7bf-b623-4a1d-b141-a2e2323a332f}\defaults\preferences\xulcache.js

c:\users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\zs0g5ds4.default\extensions\{5ed7c7bf-b623-4a1d-b141-a2e2323a332f}\install.rdf

c:\users\User\AppData\Roaming\Ikils

c:\users\User\AppData\Roaming\Ikils\bimys.exe

c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yqvhyd7h.default\extensions\{5ed7c7bf-b623-4a1d-b141-a2e2323a332f}

c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yqvhyd7h.default\extensions\{5ed7c7bf-b623-4a1d-b141-a2e2323a332f}\chrome.manifest

c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yqvhyd7h.default\extensions\{5ed7c7bf-b623-4a1d-b141-a2e2323a332f}\chrome\xulcache.jar

c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yqvhyd7h.default\extensions\{5ed7c7bf-b623-4a1d-b141-a2e2323a332f}\defaults\preferences\xulcache.js

c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yqvhyd7h.default\extensions\{5ed7c7bf-b623-4a1d-b141-a2e2323a332f}\install.rdf

c:\users\User\AppData\Roaming\Ziqua

c:\users\User\AppData\Roaming\Ziqua\rycef.oso

.

.

((((((((((((((((((((((((( Files Created from 2012-04-10 to 2012-05-10 )))))))))))))))))))))))))))))))

.

.

2012-05-10 00:01 . 2012-05-10 00:01 -------- d-----w- c:\users\Guest\AppData\Local\temp

2012-05-10 00:01 . 2012-05-10 00:01 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-05-09 21:42 . 2012-05-09 21:42 -------- d-----w- c:\program files (x86)\Common Files\Java

2012-05-09 21:41 . 2012-05-09 21:41 -------- d-----w- c:\program files (x86)\Oracle

2012-05-09 21:16 . 2012-05-09 21:16 544032 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-05-09 21:16 . 2012-05-09 21:16 525600 ----a-w- c:\windows\system32\deployJava1.dll

2012-05-09 21:02 . 2012-04-04 23:47 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2012-05-09 20:14 . 2012-04-18 08:03 8917360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C545F664-E176-4B2A-8E8A-D536CA7D8A97}\mpengine.dll

2012-05-09 00:17 . 2012-05-09 21:34 -------- d-----w- c:\users\User\AppData\Roaming\Ivsuc

2012-05-05 18:37 . 2012-05-05 18:37 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service

2012-05-05 18:37 . 2012-05-05 18:37 157352 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice_installer.exe

2012-05-05 18:37 . 2012-05-05 18:37 129976 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe

2012-05-01 22:41 . 2012-04-04 20:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-05-01 22:12 . 2012-05-01 22:12 -------- d--h--w- c:\programdata\Common Files

2012-05-01 22:08 . 2012-05-01 22:12 -------- d-----w- c:\programdata\MFAData

2012-04-26 22:39 . 2012-04-26 22:39 -------- d-----w- c:\windows\system32\Macromed

2012-04-26 22:36 . 2012-04-26 22:36 -------- d-----w- c:\users\User\AppData\Local\{4A48DC53-8FF0-11E1-826D-B8AC6F996F26}

2012-04-26 22:36 . 2012-04-26 22:36 -------- d-----w- c:\users\User\AppData\Local\{4A48A885-8FF0-11E1-826D-B8AC6F996F26}

2012-04-24 00:34 . 2012-04-24 00:34 -------- d-----w- c:\users\User\AppData\Roaming\Malwarebytes

2012-04-24 00:34 . 2012-04-24 00:34 -------- d-----w- c:\programdata\Malwarebytes

2012-04-24 00:34 . 2012-05-01 22:41 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-04-12 08:08 . 2012-03-06 06:44 4699520 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-04-12 08:06 . 2012-02-29 15:37 5632 ----a-w- c:\windows\system32\wmi.dll

2012-04-12 08:06 . 2012-02-29 15:37 219136 ----a-w- c:\windows\system32\wintrust.dll

2012-04-12 08:06 . 2012-02-29 15:35 78848 ----a-w- c:\windows\system32\imagehlp.dll

2012-04-12 08:06 . 2012-02-29 15:11 5120 ----a-w- c:\windows\SysWow64\wmi.dll

2012-04-12 08:06 . 2012-02-29 15:11 172032 ----a-w- c:\windows\SysWow64\wintrust.dll

2012-04-12 08:06 . 2012-02-29 15:09 157696 ----a-w- c:\windows\SysWow64\imagehlp.dll

2012-04-12 08:06 . 2012-02-29 13:52 16384 ----a-w- c:\windows\system32\drivers\fs_rec.sys

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-04-04 23:47 . 2010-07-22 00:20 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-03-20 04:06 . 2009-08-18 18:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll

2012-03-20 04:06 . 2009-08-18 17:24 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2012-02-23 15:18 . 2010-09-10 06:11 279656 ------w- c:\windows\system32\MpSigStub.exe

2012-02-14 17:09 . 2012-02-14 17:09 1070352 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX

2012-02-14 16:49 . 2012-03-14 00:16 327680 ----a-w- c:\windows\system32\d3d10_1core.dll

2012-02-14 16:49 . 2012-03-14 00:16 196096 ----a-w- c:\windows\system32\d3d10_1.dll

2012-02-14 15:45 . 2012-03-14 00:16 219648 ----a-w- c:\windows\SysWow64\d3d10_1core.dll

2012-02-14 15:45 . 2012-03-14 00:16 160768 ----a-w- c:\windows\SysWow64\d3d10_1.dll

2012-02-13 14:38 . 2012-03-14 00:16 2002944 ----a-w- c:\windows\system32\d3d10warp.dll

2012-02-13 14:12 . 2012-03-14 00:16 1172480 ----a-w- c:\windows\SysWow64\d3d10warp.dll

2012-02-13 14:06 . 2012-03-14 00:16 834048 ----a-w- c:\windows\system32\d2d1.dll

2012-02-13 14:03 . 2012-03-14 00:16 1555968 ----a-w- c:\windows\system32\DWrite.dll

2012-02-13 13:47 . 2012-03-14 00:16 683008 ----a-w- c:\windows\SysWow64\d2d1.dll

2012-02-13 13:44 . 2012-03-14 00:16 1068544 ----a-w- c:\windows\SysWow64\DWrite.dll

2010-09-10 04:52 . 2010-09-10 04:52 7089544 ----a-w- c:\program files (x86)\Common Files\wruninstall.exe

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files (x86)\Yahoo!\Companion\Installs\cpn2\YTNavAssist.dll" [2011-01-21 213816]

.

[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]

[HKEY_CLASSES_ROOT\YTNavAssist.YTNavAssistPlugin.1]

[HKEY_CLASSES_ROOT\TypeLib\{A31F34A1-EBD2-45A2-BF6D-231C1B987CC8}]

[HKEY_CLASSES_ROOT\YTNavAssist.YTNavAssistPlugin]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\Sidebar.exe" [2009-04-11 1555968]

"LDM"="c:\program files (x86)\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2010-07-09 32768]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"NDSTray.exe"="NDSTray.exe" [bU]

"PCMAgent"="c:\program files (x86)\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe" [2007-12-14 143360]

"CLMLServer"="c:\program files (x86)\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe" [2008-07-11 188416]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]

"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2008-07-31 417792]

"WebrootTrayApp"="c:\program files (x86)\Webroot\Security\Current\Framework\WRTray.exe" [2010-10-15 1286960]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-09-08 421888]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-11-18 421160]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]

"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"lxdnmon.exe"="c:\program files (x86) (x86)\Lexmark 2600 Series\lxdnmon.exe" [2010-02-04 660136]

"EzPrint"="c:\program files (x86) (x86)\Lexmark 2600 Series\ezprint.exe" [2010-02-04 107176]

"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]

.

c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OpenOffice.org 3.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2009-4-16 384000]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Logitech Desktop Messenger.lnk - c:\program files (x86)\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2010-7-9 450560]

McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]

@="Service"

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ToshibaServiceStation]

2008-08-04 21:46 1242424 ----a-w- c:\program files (x86)\Toshiba\TOSHIBA Service Station\TSS.exe

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - WS2IFSL

.

Contents of the 'Scheduled Tasks' folder

.

2012-05-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-30 23:52]

.

2012-05-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-30 23:52]

.

2012-05-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1495340077-3318051157-4031678959-1000Core.job

- c:\users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-27 23:52]

.

2012-05-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1495340077-3318051157-4031678959-1000UA.job

- c:\users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-27 23:52]

.

2012-05-09 c:\windows\Tasks\User_Feed_Synchronization-{0D568D07-70AC-4191-9435-2CB316D03466}.job

- c:\windows\system32\msfeedssync.exe [2012-04-12 08:09]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]

@="{6B78A880-15CA-468f-8422-A7960AD6FBB9}"

[HKEY_CLASSES_ROOT\CLSID\{6B78A880-15CA-468f-8422-A7960AD6FBB9}]

2010-08-16 17:32 143672 ----a-w- c:\program files (x86)\Webroot\Security\Current\Plugins\sync\WebRootShellExt_x64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]

@="{4EE7A346-5845-471e-9FAB-002EAF83F8B0}"

[HKEY_CLASSES_ROOT\CLSID\{4EE7A346-5845-471e-9FAB-002EAF83F8B0}]

2010-08-16 17:32 143672 ----a-w- c:\program files (x86)\Webroot\Security\Current\Plugins\sync\WebRootShellExt_x64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]

@="{53DABC15-4F29-44ad-B09A-E0D0F9A3D075}"

[HKEY_CLASSES_ROOT\CLSID\{53DABC15-4F29-44ad-B09A-E0D0F9A3D075}]

2010-08-16 17:32 143672 ----a-w- c:\program files (x86)\Webroot\Security\Current\Plugins\sync\WebRootShellExt_x64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]

@="{493FC96E-B938-4924-9B38-C4088E9B8AC2}"

[HKEY_CLASSES_ROOT\CLSID\{493FC96E-B938-4924-9B38-C4088E9B8AC2}]

2010-08-16 17:32 143672 ----a-w- c:\program files (x86)\Webroot\Security\Current\Plugins\sync\WebRootShellExt_x64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="RAVCpl64.exe" [2008-04-08 6156288]

"Skytel"="Skytel.exe" [2007-11-21 1826816]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-07 1216808]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.com/

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105

TCP: DhcpNameServer = 192.168.1.1

Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files (x86)\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll

FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yqvhyd7h.default\

FF - prefs.js: browser.startup.homepage - www.google.com

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

- - - - ORPHANS REMOVED - - - -

.

Wow6432Node-HKCU-Run-RGSC - c:\program files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe

Wow6432Node-HKCU-Run-WMPNSCFG - c:\program files (x86)\Windows Media Player\WMPNSCFG.exe

Wow6432Node-HKLM-Run-cfFncEnabler.exe - cfFncEnabler.exe

MSConfigStartUp-ITSecMng - %ProgramFiles(x86)%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

HKLM-Run-Windows Defender - c:\program files (x86)\Windows Defender\MSASCui.exe

AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

AddRemove-Lexmark 2600 Series - c:\program files (x86)\Lexmark 2600 Series\Install\x64\Uninst.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-1495340077-3318051157-4031678959-1000\Software\SecuROM\License information*]

"datasecu"=hex:ed,32,2e,b8,69,c9,af,d8,a6,ed,3c,ee,bb,87,a8,18,c7,4c,16,8a,17,

0c,1a,85,e4,b0,44,ec,67,e6,29,67,3c,8a,7a,83,2f,44,bc,71,1d,74,13,0b,ab,32,\

"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil9e.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil9e.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]

@Denied: (A 2) (Everyone)

@="IFlashBroker3"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]

@Denied: (A 2) (Everyone)

@="IFlashBroker"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]

@Denied: (A 2) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]

@="Shockwave Flash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]

@Denied: (A 2) (Everyone)

@=""

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]

@="FlashBroker"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]

"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,

00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Webroot\Security\Current\Framework\WRConsumerService.exe

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Bonjour\mDNSResponder.exe

c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

c:\program files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

c:\program files (x86)\Webroot\Security\current\plugins\antimalware\AEI.exe

c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe

c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

c:\progra~2\Webroot\Security\Current\Plugins\cleanup\WRCLEA~1.EXE

c:\program files (x86)\Toshiba\ConfigFree\NDSTray.exe

c:\program files (x86)\OpenOffice.org 3\program\soffice.exe

c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

c:\program files (x86)\Toshiba\ConfigFree\CFSwMgr.exe

c:\program files (x86)\OpenOffice.org 3\program\soffice.bin

.

**************************************************************************

.

Completion time: 2012-05-09 19:12:46 - machine was rebooted

ComboFix-quarantined-files.txt 2012-05-10 00:12

.

Pre-Run: 83,023,855,616 bytes free

Post-Run: 84,141,371,392 bytes free

.

- - End Of File - - C04D8AEB4A9EB9F110FD58C3098EC52D

Link to post
Share on other sites

Everything clean. iexplore.exe processes all gone.

Malwarebytes Anti-Malware (PRO) 1.61.0.1400

www.malwarebytes.org

Database version: v2012.05.09.06

Windows Vista Service Pack 2 x64 NTFS

Internet Explorer 8.0.6001.19222

User :: USER-PC [administrator]

Protection: Enabled

5/9/2012 7:38:11 PM

mbam-log-2012-05-09 (19-38-11).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 223051

Time elapsed: 4 minute(s), 19 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Link to post
Share on other sites

so instead I downloaded the "lastest version" according to the Java website, which was Java 7 Update 4. Is this a problem?

I forgot to answer this...Yes it's OK

------------------------------------

A little clean up to do......

Press the Windows logo key + R to bring up the "run box"

Copy and paste next command in the field:

ComboFix /uninstall

Make sure there's a space between Combofix and /

cf2.jpg

Then hit enter.

This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point

---------------------------------

Please download OTL from one of the links below:

http://oldtimer.geekstogo.com/OTL.exe

http://oldtimer.geekstogo.com/OTL.com

Save it to your desktop.

Run OTL and hit the CleanUp button. (This will cleanup the tools and logs used including itself)

Any other programs or logs you can manually delete.

-------------------------------

Any questions...please post back.

If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum, MrC

Link to post
Share on other sites

So I'm on a different computer now because as soon as I did the Combofix Uninstall and OTL Clean Up, my internet suddenly does not work. I get the error that "The network adapter 'Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0)' is experiencing driver or hardware related issues. The other option it gives me is "Make sure your Internet Protocol Bindings are correct" (I checked and they are).

So I'm assuming something got messed up and/or deleted during the OTL Clean Up. I have tried multiple System Restore points and none of them have solved my problem. Help?

Link to post
Share on other sites

I'm assuming something got messed up and/or deleted during the OTL Clean Up. I have tried multiple System Restore points and none of them have solved my problem. Help?

It shouldn't have..never seen this before.

If you uninstalled ComboFix as described, you should only have one restore point left.

Running system restore should have fixed it.

See if you can do this on the sick computer.....

Please remove any usb or external drives from the computer before you run these scan!

Please download Farbar Service Scanner and run it on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update

    [*]Press "Scan".

    [*]It will create a log (FSS.txt) in the same directory the tool is run.

    [*]Please copy and paste the log to your reply.

It's late here, get back to you tomorrow am....MrC

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.