Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Ads in the background virus


  • Please log in to reply
No replies to this topic

#1 Nefrep

Nefrep

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:12:54 AM

Posted 19 August 2010 - 05:17 PM

For the past week or so I have been hearing advertisements play in the background on my laptop. After doing a quick search it led me to a topic on this site (http://www.bleepingcomputer.com/forums/topic329974.html) about the same thing. I followed all the instructions and here are my logs. If anyone can help me it would be appreciated.



DDS (Ver_10-03-17.01) - NTFSx86
Run by Cameron John at 14:31:39.09 on Thu 08/19/2010
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2940.1682 [GMT -7:00]


============== Running Processes ===============

C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files\TOSHIBA\TECO\TEco.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\windows\system32\igfxext.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\windows\system32\taskeng.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\TOSHIBA\TECO\TEco.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Windows\System32\rundll32.exe
C:\Users\Breanne.Camerons_Laptop\AppData\Local\Temp\rpkcakg.exe
C:\Users\Breanne.Camerons_Laptop\AppData\Local\Temp\login.exe
C:\Users\Breanne.Camerons_Laptop\AppData\Local\Temp\win32.exe
C:\Users\Breanne.Camerons_Laptop\AppData\Local\Temp\hexdump.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\windows\system32\igfxext.exe
C:\Users\BREANN~1.CAM\AppData\Local\Temp\spoolsv.exe
C:\Users\BREANN~1.CAM\AppData\Local\Temp\win.exe
C:\windows\system32\LogonUI.exe
C:\Users\BREANN~1.CAM\AppData\Local\Temp\user.exe
C:\Users\BREANN~1.CAM\AppData\Local\Temp\wininst.exe
C:\Users\BREANN~1.CAM\AppData\Local\Temp\system.exe
C:\Users\BREANN~1.CAM\AppData\Local\Temp\mdm.exe
C:\Users\BREANN~1.CAM\AppData\Local\Temp\sysedit.exe
C:\Users\BREANN~1.CAM\AppData\Local\Temp\drweb.exe
C:\Users\BREANN~1.CAM\AppData\Local\Temp\avp32.exe
C:\Users\BREANN~1.CAM\AppData\Local\Temp\debug.exe
C:\Users\BREANN~1.CAM\AppData\Local\Temp\win16.exe
C:\Users\BREANN~1.CAM\AppData\Local\Temp\taskmgr.exe
C:\windows\system32\wuauclt.exe
C:\Users\Cameron John\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Cameron John\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Cameron John\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
c:\program files\windows defender\MpCmdRun.exe
C:\Users\Cameron John\Downloads\Defogger (1).exe
C:\windows\system32\conhost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\vssvc.exe
C:\windows\System32\svchost.exe -k swprv
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\Users\Cameron John\Downloads\dds.scr
C:\windows\system32\conhost.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mDefault_Page_URL = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com
uInternet Settings,ProxyOverride = *.local
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
uRun: [MyTOSHIBA] "c:\program files\toshiba\my toshiba\MyToshiba.exe" /AUTO
uRun: [Steam] "c:\program files\steam\Steam.exe" -silent
uRun: [Google Update] "c:\users\cameron john\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [Search Protection] c:\program files\yahoo!\search protection\SearchProtection.exe
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"
uRun: [ManyCam] "c:\users\brandon\desktop\manycam\bin\ManyCam.exe" /silent
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
mRun: [<NO NAME>]
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
mRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
mRun: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
mRun: [TosWaitSrv] %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe
mRun: [ToshibaServiceStation] "c:\program files\toshiba\toshiba service station\ToshibaServiceStation.exe" /hide:60
mRun: [Teco] "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r
mRun: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun: [SmartFaceVWatcher] %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
mRun: [TosSENotify] c:\program files\toshiba\toshiba hdd ssd alert\TosWaitSrv.exe
mRun: [NortonOnlineBackupReminder] "c:\program files\toshiba\toshiba online backup\activation\TobuActivation.exe" UNATTENDED
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [YSearchProtection] "c:\program files\yahoo!\search protection\SearchProtection.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [XboxStat] "c:\program files\microsoft xbox 360 accessories\XboxStat.exe" silentrun
mRun: [amd_dc_opt] c:\program files\amd\dual-core optimizer\amd_dc_opt.exe
mRunOnce: [*Restore] c:\windows\system32\rstrui.exe /runonce
StartupFolder: c:\users\camero~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\limewi~1.lnk - c:\program files\limewire\LimeWire.exe
StartupFolder: c:\users\camero~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\mif5ba~1\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mif5ba~1\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\camero~1\appdata\roaming\mozilla\firefox\profiles\mw3hsryc.default\
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=ffds1&p=
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\cameron john\appdata\local\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\users\cameron john\appdata\local\yahoo!\browserplus\2.4.17\plugins\npybrowserplus_2.4.17.dll

---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - truec:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\toshiba\configfree\CFIWmxSvcs.exe [2009-8-10 185712]
R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2009-3-10 46448]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\toshiba\teco\TecoService.exe [2009-8-11 185712]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\drivers\TVALZFL.sys [2009-6-19 12920]
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2009-10-27 7680]
R3 PGEffect;Pangu effect driver;c:\windows\system32\drivers\PGEffect.sys [2009-10-27 24064]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-10-27 187392]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\drivers\rtl8192se.sys [2009-10-27 859136]
R3 TMachInfo;TMachInfo;c:\program files\toshiba\toshiba service station\TMachInfo.exe [2009-10-27 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\toshiba\toshiba hdd ssd alert\TosSmartSrv.exe [2009-8-3 111960]
R3 TPCHSrv;TPCH Service;c:\program files\toshiba\tphm\TPCHSrv.exe [2009-8-6 685424]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-8-16 136176]
S3 athrusb6;Atheros Wireless LAN USB device driver 6 Series;c:\windows\system32\drivers\athru6.sys [2007-7-5 873472]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2009-10-27 171520]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-3-1 1343400]

=============== Created Last 30 ================

2010-08-19 21:30:03 0 ----a-w- c:\users\cameron john\defogger_reenable
2010-08-18 17:23:22 0 d-----w- c:\users\cameron john\OESISTotal
2010-08-17 10:06:17 34304 ----a-w- c:\windows\system32\drivers\AmdLLD.sys
2010-08-17 10:06:16 0 d-----w- c:\program files\AMD
2010-08-17 10:06:03 0 d-----w- c:\windows\system32\AGEIA
2010-08-17 10:05:55 0 d-----w- c:\program files\common files\Wise Installation Wizard
2010-08-13 10:22:21 0 d-sh--w- c:\windows\system32\%APPDATA%
2010-08-11 08:45:11 0 d-----w- c:\program files\Comical
2010-08-06 18:04:05 0 d-----w- c:\windows\CheckSur
2010-08-03 15:58:46 65536 --sha-w- c:\users\cameron john\ntuser.dat{3a163c21-9f17-11df-9758-81891897a941}.TM.blf
2010-08-03 15:58:46 524288 --sha-w- c:\users\cameron john\ntuser.dat{3a163c21-9f17-11df-9758-81891897a941}.TMContainer00000000000000000002.regtrans-ms
2010-08-03 15:58:46 524288 --sha-w- c:\users\cameron john\ntuser.dat{3a163c21-9f17-11df-9758-81891897a941}.TMContainer00000000000000000001.regtrans-ms
2010-07-31 18:23:28 0 d-----w- c:\program files\VideoLAN
2010-07-30 16:27:18 65536 --sha-w- c:\users\cameron john\ntuser.dat{408e11aa-9bf7-11df-b626-001e33ff4ac9}.TM.blf
2010-07-30 16:27:18 524288 --sha-w- c:\users\cameron john\ntuser.dat{408e11aa-9bf7-11df-b626-001e33ff4ac9}.TMContainer00000000000000000002.regtrans-ms
2010-07-30 16:27:18 524288 --sha-w- c:\users\cameron john\ntuser.dat{408e11aa-9bf7-11df-b626-001e33ff4ac9}.TMContainer00000000000000000001.regtrans-ms
2010-07-23 13:59:08 0 d-----w- c:\program files\Microsoft Xbox 360 Accessories
2010-07-22 11:15:52 0 d-----w- c:\program files\iPod

==================== Find3M ====================

2010-07-29 06:30:49 197632 ----a-w- c:\windows\system32\ir32_32.dll
2010-07-29 06:30:34 82944 ----a-w- c:\windows\system32\iccvid.dll
2010-07-28 09:20:10 39554 ----a-w- c:\windows\fonts\EUDC.EUF
2010-07-28 09:20:10 111780 ----a-w- c:\windows\fonts\EUDC.TTE
2010-06-30 06:25:31 978432 ----a-w- c:\windows\system32\wininet.dll
2010-06-22 02:47:35 310784 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-22 02:47:21 307200 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-06-22 02:47:13 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-06-19 06:33:29 3955080 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-06-19 06:33:29 3899784 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-06-19 06:23:50 37376 ----a-w- c:\windows\system32\rtutils.dll
2010-06-19 04:07:18 2326016 ----a-w- c:\windows\system32\win32k.sys
2010-06-16 05:48:35 224256 ----a-w- c:\windows\system32\schannel.dll
2010-06-08 06:02:06 1233920 ----a-w- c:\windows\system32\msxml3.dll
2010-05-27 07:24:13 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-27 03:49:37 293888 ----a-w- c:\windows\system32\atmfd.dll
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2009-07-14 04:41:57 174 --sha-w- c:\program files\desktop.ini
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 21:26:35 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2010-04-16 04:54:24 16384 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\index.dat
2010-04-16 04:54:24 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2010-04-16 04:54:24 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\roaming\microsoft\windows\cookies\index.dat
2010-02-05 20:48:32 245760 --sha-w- c:\windows\system32\config\systemprofile\appdata\roaming\microsoft\windows\ietldcache\index.dat
2009-11-30 18:10:57 13 --sh--r- c:\windows\system32\drivers\fbd.sys
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

============= FINISH: 14:31:48.46 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 11/30/2009 10:10:07 AM
System Uptime: 8/19/2010 2:41:21 AM (12 hours ago)

Motherboard: TOSHIBA | | Portable PC
Processor: Intel® Core™2 Duo CPU T6500 @ 2.10GHz | CPU | 2100/800mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 223 GiB total, 108.808 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP222: 8/13/2010 12:59:25 AM - Windows Update
RP223: 8/13/2010 3:00:12 AM - Windows Update
RP224: 8/14/2010 3:00:17 AM - Windows Update
RP225: 8/15/2010 3:00:11 AM - Windows Update
RP226: 8/16/2010 3:00:12 AM - Windows Update
RP227: 8/16/2010 2:18:38 PM - Windows Update
RP228: 8/17/2010 3:00:17 AM - Windows Update
RP230: 8/17/2010 3:04:23 AM - Installed DirectX
RP231: 8/17/2010 3:05:25 AM - Installed Microsoft Visual C++ 2005 Redistributable
RP232: 8/18/2010 7:05:00 AM - Windows Update
RP233: 8/19/2010 5:56:06 AM - Windows Update
RP234: 8/19/2010 10:21:05 AM - Windows Update

==== Installed Programs ======================

µTorrent
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.1
Alien Swarm
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ask Toolbar
Bonjour
Canon iP2700 series Printer Driver
Comical 0.8
Compatibility Pack for the 2007 Office system
Counter-Strike: Source
Darwinia
DEFCON
Dual-Core Optimizer
Google Chrome
Google Earth Plug-in
Google Talk Plugin
Google Update Helper
Guitar Pro 5.2
Half-Life 2: Deathmatch
Half-Life 2: Episode One
Half-Life 2: Episode Two
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
iTunes
Java™ 6 Update 14
Junk Mail filter update
Label@Once 1.0
LimeWire 5.5.7
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Microsoft Xbox 360 Accessories 1.2
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
MobileMe Control Panel
Moonbase Alpha
Mozilla Firefox (3.6.8)
Mozilla Firefox (4.0b1)
MSVCRT
Multiwinia
Mumble and Murmur
NVIDIA PhysX v8.10.29
Portal
QuickTime
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Realtek WLAN Driver
Safari
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB978380)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB982135)
Skype Toolbars
Skype™ 4.2
Steam
Synaptics Pointing Device Driver
Team Fortress 2
Toshiba Application and Driver Installer
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Disc Creator
TOSHIBA DVD PLAYER
TOSHIBA eco Utility
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Face Recognition
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
Toshiba Online Backup
TOSHIBA PC Health Monitor
Toshiba Quality Application
TOSHIBA Recovery Media Creator
TOSHIBA Service Station
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
ToshibaRegistration
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Uplink
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Media Player Firefox Plugin
Windows Movie Maker 2.6
WinRAR archiver
World of Warcraft
Yahoo! Messenger
Yahoo! Search Protection
Yahoo! Software Update
Yahoo! Toolbar

==== Event Viewer Messages From Past Week ========

8/19/2010 5:59:42 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Works 9 (KB2092914).
8/19/2010 5:58:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for the 2007 Microsoft Office System (KB982331).
8/19/2010 5:57:56 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for the 2007 Microsoft Office System (KB2277947).
8/19/2010 5:57:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office Word 2007 (KB2251419).
8/18/2010 6:22:15 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR2.

==== End Of File ===========================

RkU Version: 3.8.388.590, Type LE (SR2)
==============================================
OS Name: Windows 7
Version 6.1.7600
Number of processors #2
==============================================
>Drivers
==============================================
0x91435000 C:\windows\system32\DRIVERS\igdkmd32.sys 6451200 bytes (Intel Corporation, Intel Graphics Kernel Mode Driver)
0x82C55000 C:\windows\system32\ntkrnlpa.exe 4259840 bytes (Microsoft Corporation, NT Kernel & System)
0x82C55000 PnpManager 4259840 bytes
0x82C55000 RAW 4259840 bytes
0x82C55000 WMIxWDM 4259840 bytes
0x97622000 C:\windows\system32\drivers\RTKVHDA.sys 2736128 bytes (Realtek Semiconductor Corp., Realtek® High Definition Audio Function Driver)
0x97E50000 Win32k 2400256 bytes
0x97E50000 C:\windows\System32\win32k.sys 2400256 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0x8B40B000 C:\windows\System32\drivers\tcpip.sys 1347584 bytes (Microsoft Corporation, TCP/IP Driver)
0x8B003000 C:\windows\System32\Drivers\Ntfs.sys 1241088 bytes (Microsoft Corporation, NT File System Driver)
0x95E13000 C:\windows\system32\DRIVERS\rtl8192se.sys 983040 bytes (Realtek Semiconductor Corporation , Realtek RTL81892SE NDIS Driverr)
0x952C6000 C:\windows\System32\Drivers\dump_iaStor.sys 892928 bytes
0x8AE05000 C:\windows\system32\DRIVERS\iaStor.sys 892928 bytes (Intel Corporation, Intel Matrix Storage Manager driver - ia32)
0x91A5C000 C:\windows\System32\drivers\dxgkrnl.sys 749568 bytes (Microsoft Corporation, DirectX Graphics Kernel)
0x8B206000 C:\windows\system32\drivers\ndis.sys 749568 bytes (Microsoft Corporation, NDIS 6.20 driver)
0x832D6000 C:\windows\system32\CI.dll 700416 bytes (Microsoft Corporation, Code Integrity Module)
0x9945D000 C:\windows\system32\drivers\peauth.sys 618496 bytes (Microsoft Corporation, Protected Environment Authentication and Authorization Export Driver)
0x8FE08000 C:\windows\system32\drivers\HTTP.sys 544768 bytes (Microsoft Corporation, HTTP Protocol Stack)
0x83203000 C:\windows\system32\mcupdate_GenuineIntel.dll 491520 bytes (Microsoft Corporation, Intel Microcode Update Library)
0x83381000 C:\windows\system32\drivers\Wdf01000.sys 462848 bytes (Microsoft Corporation, Kernel Mode Driver Framework Runtime)
0x8B170000 C:\windows\System32\Drivers\cng.sys 380928 bytes (Microsoft Corporation, Kernel Cryptography, Next Generation)
0x8AF63000 C:\windows\system32\drivers\afd.sys 368640 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x9957B000 C:\windows\System32\DRIVERS\srv.sys 331776 bytes (Microsoft Corporation, Server driver)
0x9952C000 C:\windows\System32\DRIVERS\srv2.sys 323584 bytes (Microsoft Corporation, Smb 2.0 Server driver)
0x98100000 C:\windows\System32\ATMFD.DLL 315392 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
0x91B57000 C:\windows\system32\DRIVERS\USBPORT.SYS 307200 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0x8ACD9000 C:\windows\System32\drivers\volmgrx.sys 307200 bytes (Microsoft Corporation, Volume Manager Extension Driver)
0x8AC17000 C:\windows\system32\DRIVERS\ACPI.sys 294912 bytes (Microsoft Corporation, ACPI Driver for NT)
0x8B320000 C:\windows\system32\DRIVERS\tos_sps32.sys 290816 bytes (TOSHIBA Corporation, tos_sps32)
0x953A0000 C:\windows\system32\DRIVERS\nwifi.sys 286720 bytes (Microsoft Corporation, NativeWiFi Miniport Driver)
0x95271000 C:\windows\system32\DRIVERS\usbhub.sys 278528 bytes (Microsoft Corporation, Default Hub Driver for USB)
0x83294000 C:\windows\system32\CLFS.SYS 270336 bytes (Microsoft Corporation, Common Log File System Driver)
0x8AD4F000 C:\windows\system32\DRIVERS\rdbss.sys 266240 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0x8B585000 C:\windows\system32\DRIVERS\volsnap.sys 258048 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0x8B2BD000 C:\windows\system32\drivers\NETIO.SYS 253952 bytes (Microsoft Corporation, Network I/O Subsystem)
0x8FEB0000 C:\windows\system32\DRIVERS\mrxsmb10.sys 241664 bytes (Microsoft Corporation, Longhorn SMB Downlevel SubRdr)
0x91B13000 C:\windows\System32\drivers\dxgmms1.sys 233472 bytes (Microsoft Corporation, DirectX Graphics MMS)
0x82C1E000 ACPI_HAL 225280 bytes
0x82C1E000 C:\windows\system32\halmacpi.dll 225280 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0x8AF1E000 C:\windows\system32\drivers\fltmgr.sys 212992 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0x95212000 C:\windows\system32\DRIVERS\ks.sys 212992 bytes (Microsoft Corporation, Kernel CSA Library)
0x95F32000 C:\windows\system32\DRIVERS\SynTP.sys 208896 bytes (Synaptics Incorporated, Synaptics Touchpad Driver)
0x8B377000 C:\windows\System32\DRIVERS\fvevol.sys 204800 bytes (Microsoft Corporation, BitLocker Drive Encryption Driver)
0x8FFAE000 C:\windows\System32\DRIVERS\netbt.sys 204800 bytes (Microsoft Corporation, MBT Transport driver)
0x8B554000 C:\windows\System32\drivers\fwpkclnt.sys 200704 bytes (Microsoft Corporation, FWP/IPsec Kernel-Mode API)
0x91400000 C:\windows\system32\DRIVERS\Rt86win7.sys 200704 bytes (Realtek , Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver )
0x978BE000 C:\windows\system32\drivers\portcls.sys 192512 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0x8B5D1000 C:\windows\System32\drivers\rdyboost.sys 184320 bytes (Microsoft Corporation, ReadyBoost Driver)
0x8B132000 C:\windows\System32\Drivers\msrpc.sys 176128 bytes (Microsoft Corporation, Kernel Remote Procedure Call Provider)
0xC205C000 C:\windows\System32\Drivers\fastfat.SYS 172032 bytes (Microsoft Corporation, Fast FAT File System Driver)
0x8AC70000 C:\windows\system32\DRIVERS\pci.sys 172032 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0x8B3BA000 C:\windows\system32\DRIVERS\CLASSPNP.SYS 151552 bytes (Microsoft Corporation, SCSI Class System Dll)
0x8B2FB000 C:\windows\System32\Drivers\ksecpkg.sys 151552 bytes (Microsoft Corporation, Kernel Security Support Provider Interface Packages)
0x97950000 C:\windows\System32\Drivers\usbvideo.sys 147456 bytes (Microsoft Corporation, USB Video Class Driver)
0x8AEE8000 C:\windows\system32\DRIVERS\ataport.SYS 143360 bytes (Microsoft Corporation, ATAPI Driver Extension)
0x8FE8D000 C:\windows\system32\DRIVERS\mrxsmb.sys 143360 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0x95FC6000 C:\windows\system32\DRIVERS\ndiswan.sys 139264 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0x994FE000 C:\windows\System32\DRIVERS\srvnet.sys 135168 bytes (Microsoft Corporation, Server Network driver)
0x8ADC2000 C:\windows\system32\DRIVERS\tunnel.sys 135168 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x8FF2D000 C:\windows\System32\drivers\VIDEOPRT.SYS 135168 bytes (Microsoft Corporation, Video Port Driver)
0x8FEF4000 C:\windows\system32\DRIVERS\cdrom.sys 126976 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0x91BB1000 C:\windows\system32\DRIVERS\HDAudBus.sys 126976 bytes (Microsoft Corporation, High Definition Audio Bus Driver)
0x8AFBD000 C:\windows\system32\DRIVERS\pacer.sys 126976 bytes (Microsoft Corporation, QoS Packet Scheduler)
0x97E00000 C:\windows\System32\cdd.dll 122880 bytes (Microsoft Corporation, Canonical Display Driver)
0x9797A000 C:\windows\system32\drivers\luafv.sys 110592 bytes (Microsoft Corporation, LUA File Virtualization Filter Driver)
0x9942A000 C:\windows\system32\DRIVERS\mrxsmb20.sys 110592 bytes (Microsoft Corporation, Longhorn SMB 2.0 Redirector)
0x97995000 C:\windows\system32\drivers\WudfPf.sys 106496 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Platform Driver)
0x97600000 C:\windows\system32\DRIVERS\bowser.sys 102400 bytes (Microsoft Corporation, NT Lan Manager Datagram Receiver Driver)
0x978ED000 C:\windows\system32\drivers\drmk.sys 102400 bytes (Microsoft Corporation, Microsoft Trusted Audio Drivers)
0x8AD9C000 C:\windows\System32\Drivers\dfsc.sys 98304 bytes (Microsoft Corporation, DFS Namespace Client Driver)
0x95F0D000 C:\windows\system32\DRIVERS\i8042prt.sys 98304 bytes (Microsoft Corporation, i8042 Port Driver)
0x95FA3000 C:\windows\system32\DRIVERS\rasl2tp.sys 98304 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0x95FE8000 C:\windows\system32\DRIVERS\raspppoe.sys 98304 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0x91BD0000 C:\windows\system32\DRIVERS\raspptp.sys 94208 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0x91BE7000 C:\windows\system32\DRIVERS\rassstp.sys 94208 bytes (Microsoft Corporation, RAS SSTP Miniport Call Manager)
0x8FF8C000 C:\windows\system32\DRIVERS\tdx.sys 94208 bytes (Microsoft Corporation, TDI Translation Driver)
0x97939000 C:\windows\system32\DRIVERS\usbccgp.sys 94208 bytes (Microsoft Corporation, USB Common Class Generic Parent Driver)
0x8AD24000 C:\windows\System32\drivers\mountmgr.sys 90112 bytes (Microsoft Corporation, Mount Point Manager)
0x8B15D000 C:\windows\System32\Drivers\ksecdd.sys 77824 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0x979CF000 C:\windows\system32\DRIVERS\rspndr.sys 77824 bytes (Microsoft Corporation, Link-Layer Topology Responder Driver for NDIS 6)
0x8B1E4000 C:\windows\system32\DRIVERS\wanarp.sys 77824 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0x95F91000 C:\windows\system32\DRIVERS\AgileVpn.sys 73728 bytes (Microsoft Corporation, RAS Agile Vpn Miniport Call Manager)
0x8ADE3000 C:\windows\system32\DRIVERS\intelppm.sys 73728 bytes (Microsoft Corporation, Processor Device Driver)
0x979EB000 C:\windows\System32\drivers\mpsdrv.sys 73728 bytes (Microsoft Corporation, Microsoft Protection Service Driver)
0x8B3A9000 C:\windows\system32\DRIVERS\disk.sys 69632 bytes (Microsoft Corporation, PnP Disk Driver)
0x97928000 C:\windows\System32\Drivers\dump_dumpfve.sys 69632 bytes
0x8AF52000 C:\windows\system32\drivers\fileinfo.sys 69632 bytes (Microsoft Corporation, FileInfo Filter Driver)
0x952B5000 C:\windows\System32\Drivers\NDProxy.SYS 69632 bytes (Microsoft Corporation, NDIS Proxy)
0x8ACA5000 C:\windows\System32\drivers\partmgr.sys 69632 bytes (Microsoft Corporation, Partition Management Driver)
0x8327B000 C:\windows\system32\PSHED.dll 69632 bytes (Microsoft Corporation, Platform Specific Hardware Error Driver)
0x8FFE7000 C:\windows\system32\DRIVERS\vwififlt.sys 69632 bytes (Microsoft Corporation, Virtual WiFi Filter Driver)
0x979AF000 C:\windows\system32\DRIVERS\lltdio.sys 65536 bytes (Microsoft Corporation, Link-Layer Topology Mapper I/O Driver)
0x8B367000 C:\windows\System32\Drivers\mup.sys 65536 bytes (Microsoft Corporation, Multiple UNC Provider Driver)
0x979BF000 C:\windows\system32\DRIVERS\ndisuio.sys 65536 bytes (Microsoft Corporation, NDIS User mode I/O driver)
0x8AFDC000 C:\windows\system32\DRIVERS\termdd.sys 65536 bytes (Microsoft Corporation, Remote Desktop Server Driver)
0x8ACC9000 C:\windows\system32\DRIVERS\volmgr.sys 65536 bytes (Microsoft Corporation, Volume Manager Driver)
0x95254000 C:\windows\system32\DRIVERS\AmdLLD.sys 61440 bytes (AMD, Inc., AMD Low Level Device Driver)
0x91BA2000 C:\windows\system32\DRIVERS\usbehci.sys 61440 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0x8ADB4000 C:\windows\system32\DRIVERS\blbdrive.sys 57344 bytes (Microsoft Corporation, BLB Drive Driver)
0x95246000 C:\windows\system32\DRIVERS\circlass.sys 57344 bytes (Microsoft Corporation, Consumer IR Class Driver for eHome)
0x8B3EC000 C:\windows\system32\DRIVERS\netbios.sys 57344 bytes (Microsoft Corporation, NetBIOS interface driver)
0x8FF7E000 C:\windows\System32\Drivers\Npfs.SYS 57344 bytes (Microsoft Corporation, NPFS Driver)
0x8AD41000 C:\windows\system32\DRIVERS\PCIIDEX.SYS 57344 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0x8B1CD000 C:\windows\System32\drivers\pcw.sys 57344 bytes (Microsoft Corporation, Performance Counters for Windows Driver)
0x95263000 C:\windows\system32\DRIVERS\umbus.sys 57344 bytes (Microsoft Corporation, User-Mode Bus Enumerator)
0x833F2000 C:\windows\system32\drivers\WDFLDR.SYS 57344 bytes (Microsoft Corporation, Kernel Mode Driver Framework Loader)
0x95F84000 C:\windows\system32\DRIVERS\CompositeBus.sys 53248 bytes (Microsoft Corporation, Multi-Transport Composite Bus Enumerator)
0x9791B000 C:\windows\System32\Drivers\crashdmp.sys 53248 bytes (Microsoft Corporation, Crash Dump Driver)
0x95F25000 C:\windows\system32\DRIVERS\kbdclass.sys 53248 bytes (Microsoft Corporation, Keyboard Class Driver)
0x95F67000 C:\windows\system32\DRIVERS\mouclass.sys 53248 bytes (Microsoft Corporation, Mouse Class Driver)
0x9951F000 C:\windows\System32\drivers\tcpipreg.sys 53248 bytes (Microsoft Corporation, TCP/IP Registry Compatibility Driver)
0x8FF4E000 C:\windows\System32\drivers\watchdog.sys 53248 bytes (Microsoft Corporation, Watchdog Driver)
0x8AD90000 C:\windows\System32\drivers\discache.sys 49152 bytes (Microsoft Corporation, System Indexer/Cache Driver)
0x8FF21000 C:\windows\System32\drivers\vga.sys 49152 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0x8ACBE000 C:\windows\system32\DRIVERS\BATTC.SYS 45056 bytes (Microsoft Corporation, Battery Class Driver)
0x97910000 C:\windows\system32\DRIVERS\monitor.sys 45056 bytes (Microsoft Corporation, Monitor Driver)
0x8FF73000 C:\windows\System32\Drivers\Msfs.SYS 45056 bytes (Microsoft Corporation, Mailslot driver)
0x95FBB000 C:\windows\system32\DRIVERS\ndistapi.sys 45056 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0x8FFA3000 C:\windows\system32\DRIVERS\TDI.SYS 45056 bytes (Microsoft Corporation, TDI Wrapper)
0x91B4C000 C:\windows\system32\DRIVERS\usbuhci.sys 45056 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0x8AC9A000 C:\windows\system32\DRIVERS\vdrvroot.sys 45056 bytes (Microsoft Corporation, Virtual Drive Root Enumerator)
0x97906000 C:\windows\System32\drivers\Dxapi.sys 40960 bytes (Microsoft Corporation, DirectX API Driver)
0x8AF0B000 C:\windows\system32\DRIVERS\msahci.sys 40960 bytes (Microsoft Corporation, MS AHCI 1.0 Standard Driver)
0x8AFF6000 C:\windows\system32\DRIVERS\mssmbios.sys 40960 bytes (Microsoft Corporation, System Management BIOS Driver)
0x8AFEC000 C:\windows\system32\drivers\nsiproxy.sys 40960 bytes (Microsoft Corporation, NSI Proxy)
0x994F4000 C:\windows\System32\Drivers\secdrv.SYS 40960 bytes (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., Macrovision SECURITY Driver)
0x95F74000 C:\windows\system32\DRIVERS\tdcmdpst.sys 40960 bytes (TOSHIBA Corporation., TOSHIBA ODD Writing Driver for x86.)
0x95F03000 C:\windows\system32\DRIVERS\vwifibus.sys 40960 bytes (Microsoft Corporation, Virtual WiFi Bus Driver)
0x8AF15000 C:\windows\system32\DRIVERS\amdxata.sys 36864 bytes (Advanced Micro Devices, Storage Filter Driver)
0x995CC000 C:\windows\system32\DRIVERS\asyncmac.sys 36864 bytes (Microsoft Corporation, MS Remote Access serial network driver)
0x8AEDF000 C:\windows\system32\DRIVERS\atapi.sys 36864 bytes (Microsoft Corporation, ATAPI IDE Miniport Driver)
0x8B1DB000 C:\windows\System32\Drivers\Fs_Rec.sys 36864 bytes (Microsoft Corporation, File System Recognizer Driver)
0xC20FF000 C:\windows\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver)
0x980B0000 C:\windows\System32\TSDDD.dll 36864 bytes (Microsoft Corporation, Framebuffer Display Driver)
0x979E2000 C:\windows\system32\DRIVERS\vwifimp.sys 36864 bytes (Microsoft Corporation, Virtual WiFi Miniport Driver)
0x8AC5F000 C:\windows\system32\DRIVERS\WMILIB.SYS 36864 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0x8328C000 C:\windows\system32\BOOTVID.dll 32768 bytes (Microsoft Corporation, VGA Boot Driver)
0x8ACB6000 C:\windows\system32\DRIVERS\compbatt.sys 32768 bytes (Microsoft Corporation, Composite Battery Driver)
0x8FE00000 C:\windows\system32\DRIVERS\FwLnk.sys 32768 bytes (TOSHIBA Corporation, TOSHIBA Firmware Linkage 32-bit Driver)
0x8B400000 C:\windows\System32\drivers\hwpolicy.sys 32768 bytes (Microsoft Corporation, Hardware Policy Driver)
0x80BC2000 C:\windows\system32\kdcom.dll 32768 bytes (Microsoft Corporation, Serial Kernel Debugger)
0x8AC68000 C:\windows\system32\DRIVERS\msisadrv.sys 32768 bytes (Microsoft Corporation, ISA Driver)
0x8FF5B000 C:\windows\System32\DRIVERS\RDPCDD.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x8FF63000 C:\windows\system32\drivers\rdpencdd.sys 32768 bytes (Microsoft Corporation, RDP Encoder Miniport)
0x8FF6B000 C:\windows\system32\drivers\rdprefmp.sys 32768 bytes (Microsoft Corporation, RDP Reflector Driver Miniport)
0x8B5C9000 C:\windows\System32\Drivers\spldr.sys 32768 bytes (Microsoft Corporation, loader for security processor)
0x8FF1A000 C:\windows\System32\Drivers\Beep.SYS 28672 bytes (Microsoft Corporation, BEEP Driver)
0x8FF13000 C:\windows\System32\Drivers\Null.SYS 28672 bytes (Microsoft Corporation, NULL Driver)
0x8AD3A000 C:\windows\system32\DRIVERS\pciide.sys 28672 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
0x8FFF8000 C:\windows\system32\DRIVERS\TVALZFL.sys 28672 bytes (TOSHIBA Corporation, TOSHIBA TVALZ Filter Driver)
0x8FFE0000 C:\windows\system32\DRIVERS\wfplwf.sys 28672 bytes (Microsoft Corporation, WFP NDIS 6.20 Lightweight Filter Driver)
0x95F7E000 C:\windows\system32\DRIVERS\GEARAspiWDM.sys 24576 bytes (GEAR Software Inc., CD DVD Filter)
0x97974000 C:\windows\system32\DRIVERS\pgeffect.sys 24576 bytes (TOSHIBA Corporation, TOSHIBA Universal Camera Filter Driver)
0x8B5C4000 C:\windows\system32\DRIVERS\TVALZ_O.SYS 20480 bytes (TOSHIBA Corporation, TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver)
0x8B3FA000 C:\windows\system32\DRIVERS\CmBatt.sys 16384 bytes (Microsoft Corporation, Control Method Battery Driver)
0x95E00000 C:\windows\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0x95F65000 C:\windows\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
==============================================
>Stealth
==============================================
0x04AF0000 Hidden Image-->PCHealthInfo.dll [ EPROCESS 0x890DAC88 ] PID: 2964, 110592 bytes
0x04B10000 Hidden Image-->SwUpdates.dll [ EPROCESS 0x890DAC88 ] PID: 2964, 126976 bytes
0xB804AF2E Unknown thread object [ ETHREAD 0x856ED020 ] , 600 bytes
0x084E0000 Hidden Image-->Microsoft.mshtml.dll [ EPROCESS 0x890DAC88 ] PID: 2964, 8015872 bytes
0x04570000 Hidden Image-->Alerts.dll [ EPROCESS 0x890DAC88 ] PID: 2964, 94208 bytes
MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 32-bit
Base Board Manufacturer: TOSHIBA
BIOS Manufacturer: INSYDE
System Manufacturer: TOSHIBA
System Product Name: Satellite L505
Logical Drives Mask: 0x0000000c

Kernel Drivers (total 190):
0x82C55000 \SystemRoot\system32\ntkrnlpa.exe
0x82C1E000 \SystemRoot\system32\halmacpi.dll
0x80BC2000 \SystemRoot\system32\kdcom.dll
0x83203000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x8327B000 \SystemRoot\system32\PSHED.dll
0x8328C000 \SystemRoot\system32\BOOTVID.dll
0x83294000 \SystemRoot\system32\CLFS.SYS
0x832D6000 \SystemRoot\system32\CI.dll
0x83381000 \SystemRoot\system32\drivers\Wdf01000.sys
0x833F2000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x8AC17000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x8AC5F000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x8AC68000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x8AC70000 \SystemRoot\system32\DRIVERS\pci.sys
0x8AC9A000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x8ACA5000 \SystemRoot\System32\drivers\partmgr.sys
0x8ACB6000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x8ACBE000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x8ACC9000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x8ACD9000 \SystemRoot\System32\drivers\volmgrx.sys
0x8AD24000 \SystemRoot\System32\drivers\mountmgr.sys
0x8AD3A000 \SystemRoot\system32\DRIVERS\pciide.sys
0x8AD41000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x8AE05000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x8AEDF000 \SystemRoot\system32\DRIVERS\atapi.sys
0x8AEE8000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x8AF0B000 \SystemRoot\system32\DRIVERS\msahci.sys
0x8AF15000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x8AF1E000 \SystemRoot\system32\drivers\fltmgr.sys
0x8AF52000 \SystemRoot\system32\drivers\fileinfo.sys
0x8B003000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8B132000 \SystemRoot\System32\Drivers\msrpc.sys
0x8B15D000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8B170000 \SystemRoot\System32\Drivers\cng.sys
0x8B1CD000 \SystemRoot\System32\drivers\pcw.sys
0x8B1DB000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x8B206000 \SystemRoot\system32\drivers\ndis.sys
0x8B2BD000 \SystemRoot\system32\drivers\NETIO.SYS
0x8B2FB000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x8B40B000 \SystemRoot\System32\drivers\tcpip.sys
0x8B554000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8B585000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x8B5C4000 \SystemRoot\system32\DRIVERS\TVALZ_O.SYS
0x8B320000 \SystemRoot\system32\DRIVERS\tos_sps32.sys
0x8B5C9000 \SystemRoot\System32\Drivers\spldr.sys
0x8B5D1000 \SystemRoot\System32\drivers\rdyboost.sys
0x8B367000 \SystemRoot\System32\Drivers\mup.sys
0x8B400000 \SystemRoot\System32\drivers\hwpolicy.sys
0x8B377000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x8B3A9000 \SystemRoot\system32\DRIVERS\disk.sys
0x8B3BA000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x8FEF4000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8FF13000 \SystemRoot\System32\Drivers\Null.SYS
0x8FF1A000 \SystemRoot\System32\Drivers\Beep.SYS
0x8FF21000 \SystemRoot\System32\drivers\vga.sys
0x8FF2D000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x8FF4E000 \SystemRoot\System32\drivers\watchdog.sys
0x8FF5B000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x8FF63000 \SystemRoot\system32\drivers\rdpencdd.sys
0x8FF6B000 \SystemRoot\system32\drivers\rdprefmp.sys
0x8FF73000 \SystemRoot\System32\Drivers\Msfs.SYS
0x8FF7E000 \SystemRoot\System32\Drivers\Npfs.SYS
0x8FF8C000 \SystemRoot\system32\DRIVERS\tdx.sys
0x8FFA3000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8AF63000 \SystemRoot\system32\drivers\afd.sys
0x8FFAE000 \SystemRoot\System32\DRIVERS\netbt.sys
0x8FFE0000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x8AFBD000 \SystemRoot\system32\DRIVERS\pacer.sys
0x8FFE7000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x8B3EC000 \SystemRoot\system32\DRIVERS\netbios.sys
0x8B1E4000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x8AFDC000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8AD4F000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x8AFEC000 \SystemRoot\system32\drivers\nsiproxy.sys
0x8AFF6000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8AD90000 \SystemRoot\System32\drivers\discache.sys
0x8AD9C000 \SystemRoot\System32\Drivers\dfsc.sys
0x8ADB4000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x8ADC2000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8FFF8000 \SystemRoot\system32\DRIVERS\TVALZFL.sys
0x8FE00000 \SystemRoot\system32\DRIVERS\FwLnk.sys
0x8ADE3000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8B3FA000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x91435000 \SystemRoot\system32\DRIVERS\igdkmd32.sys
0x91A5C000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x91B13000 \SystemRoot\System32\drivers\dxgmms1.sys
0x91B4C000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x91B57000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x91BA2000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x91BB1000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x91400000 \SystemRoot\system32\DRIVERS\Rt86win7.sys
0x95E13000 \SystemRoot\system32\DRIVERS\rtl8192se.sys
0x95F03000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x95F0D000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x95F25000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x95F32000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x95F65000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x95F67000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x95F74000 \SystemRoot\system32\DRIVERS\tdcmdpst.sys
0x95F7E000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x95F84000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x95F91000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x95FA3000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x95FBB000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x95FC6000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x95FE8000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x91BD0000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x91BE7000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x95E00000 \SystemRoot\system32\DRIVERS\swenum.sys
0x95212000 \SystemRoot\system32\DRIVERS\ks.sys
0x95246000 \SystemRoot\system32\DRIVERS\circlass.sys
0x95254000 \SystemRoot\system32\DRIVERS\AmdLLD.sys
0x95263000 \SystemRoot\system32\DRIVERS\umbus.sys
0x95271000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x952B5000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x97622000 \SystemRoot\system32\drivers\RTKVHDA.sys
0x978BE000 \SystemRoot\system32\drivers\portcls.sys
0x978ED000 \SystemRoot\system32\drivers\drmk.sys
0x97E50000 \SystemRoot\System32\win32k.sys
0x97906000 \SystemRoot\System32\drivers\Dxapi.sys
0x97910000 \SystemRoot\system32\DRIVERS\monitor.sys
0x980B0000 \SystemRoot\System32\TSDDD.dll
0x9791B000 \SystemRoot\System32\Drivers\crashdmp.sys
0x952C6000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x97928000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x97939000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x97950000 \SystemRoot\System32\Drivers\usbvideo.sys
0x97974000 \SystemRoot\system32\DRIVERS\pgeffect.sys
0x98100000 \SystemRoot\System32\ATMFD.DLL
0x9797A000 \SystemRoot\system32\drivers\luafv.sys
0x97995000 \SystemRoot\system32\drivers\WudfPf.sys
0x979AF000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x953A0000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x979BF000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x979CF000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x979E2000 \SystemRoot\system32\DRIVERS\vwifimp.sys
0x8FE08000 \SystemRoot\system32\drivers\HTTP.sys
0x97600000 \SystemRoot\system32\DRIVERS\bowser.sys
0x979EB000 \SystemRoot\System32\drivers\mpsdrv.sys
0x8FE8D000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x8FEB0000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x9942A000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x9945D000 \SystemRoot\system32\drivers\peauth.sys
0x994F4000 \SystemRoot\System32\Drivers\secdrv.SYS
0x994FE000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x9951F000 \SystemRoot\System32\drivers\tcpipreg.sys
0x9952C000 \SystemRoot\System32\DRIVERS\srv2.sys
0x9957B000 \SystemRoot\System32\DRIVERS\srv.sys
0x995CC000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0xC205C000 \SystemRoot\System32\Drivers\fastfat.SYS
0x97E00000 \SystemRoot\System32\cdd.dll
0x774B0000 \Windows\System32\ntdll.dll
0x47680000 \Windows\System32\smss.exe
0x776F0000 \Windows\System32\apisetschema.dll
0x00EB0000 \Windows\System32\autochk.exe
0x77350000 \Windows\System32\ole32.dll
0x776D0000 \Windows\System32\nsi.dll
0x77620000 \Windows\System32\msvcrt.dll
0x77600000 \Windows\System32\imm32.dll
0x77310000 \Windows\System32\ws2_32.dll
0x766C0000 \Windows\System32\shell32.dll
0x775F0000 \Windows\System32\lpk.dll
0x76640000 \Windows\System32\comdlg32.dll
0x765E0000 \Windows\System32\difxapi.dll
0x76540000 \Windows\System32\advapi32.dll
0x76470000 \Windows\System32\msctf.dll
0x76460000 \Windows\System32\normaliz.dll
0x76410000 \Windows\System32\Wldap32.dll
0x76330000 \Windows\System32\kernel32.dll
0x76190000 \Windows\System32\setupapi.dll
0x76050000 \Windows\System32\urlmon.dll
0x75F50000 \Windows\System32\wininet.dll
0x75EA0000 \Windows\System32\rpcrt4.dll
0x75E40000 \Windows\System32\shlwapi.dll
0x75DB0000 \Windows\System32\oleaut32.dll
0x75CE0000 \Windows\System32\user32.dll
0x75C50000 \Windows\System32\clbcatq.dll
0x75BB0000 \Windows\System32\usp10.dll
0x75B60000 \Windows\System32\gdi32.dll
0x75960000 \Windows\System32\iertutil.dll
0x75940000 \Windows\System32\sechost.dll
0x75930000 \Windows\System32\psapi.dll
0x75900000 \Windows\System32\imagehlp.dll
0x758B0000 \Windows\System32\KernelBase.dll
0x75890000 \Windows\System32\devobj.dll
0x75770000 \Windows\System32\crypt32.dll
0x756E0000 \Windows\System32\comctl32.dll
0x756B0000 \Windows\System32\wintrust.dll
0x75680000 \Windows\System32\cfgmgr32.dll
0x75670000 \Windows\System32\msasn1.dll

Processes (total 121):
0 System Idle Process
4 System
292 C:\Windows\System32\smss.exe
428 csrss.exe
484 C:\Windows\System32\wininit.exe
496 csrss.exe
544 C:\Windows\System32\services.exe
580 C:\Windows\System32\winlogon.exe
592 C:\Windows\System32\lsass.exe
600 C:\Windows\System32\lsm.exe
720 C:\Windows\System32\svchost.exe
796 C:\Windows\System32\svchost.exe
892 C:\Windows\System32\svchost.exe
924 C:\Windows\System32\svchost.exe
952 C:\Windows\System32\svchost.exe
1068 C:\Windows\System32\svchost.exe
1180 C:\Windows\System32\svchost.exe
1412 C:\Windows\System32\spoolsv.exe
1440 C:\Windows\System32\svchost.exe
1528 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1572 C:\Program Files\Bonjour\mDNSResponder.exe
1688 C:\Windows\System32\svchost.exe
1712 C:\Windows\System32\TODDSrv.exe
1752 C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
1836 C:\Program Files\TOSHIBA\TECO\TecoService.exe
1888 C:\Windows\System32\SearchIndexer.exe
2004 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
2064 C:\Windows\System32\svchost.exe
2140 C:\Windows\System32\svchost.exe
2324 C:\Windows\System32\taskhost.exe
2400 C:\Windows\System32\dwm.exe
2428 C:\Windows\explorer.exe
2616 C:\Windows\System32\igfxtray.exe
2624 C:\Windows\System32\hkcmd.exe
2636 C:\Windows\System32\igfxpers.exe
2648 C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
2708 C:\Windows\System32\igfxsrvc.exe
2848 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
2856 C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
2888 C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
2900 C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
2964 C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
3000 C:\Program Files\TOSHIBA\TECO\TEco.exe
3384 C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
3472 C:\Program Files\iTunes\iTunesHelper.exe
3488 C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
3668 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
3704 C:\Program Files\uTorrent\uTorrent.exe
2264 C:\Windows\System32\igfxext.exe
2544 C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
3072 C:\Program Files\iPod\bin\iPodService.exe
3564 C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe
3584 C:\Windows\System32\taskeng.exe
2956 C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
3756 C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
2080 C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
2380 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
972 C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
2112 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
3204 C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
4504 C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
4600 C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
4764 C:\Windows\System32\svchost.exe
4840 C:\Program Files\Windows Media Player\wmpnetwk.exe
4496 csrss.exe
368 C:\Windows\System32\winlogon.exe
3276 taskhost.exe
5440 dwm.exe
4612 explorer.exe
1392 hkcmd.exe
5740 igfxpers.exe
5004 RtHDVCpl.exe
1168 SynTPEnh.exe
2236 TPwrMain.exe
4716 SmoothView.exe
5696 TCrdMain.exe
3864 igfxsrvc.exe
3312 TEco.exe
3304 TPCHWMsg.exe
4924 TWebCamera.exe
5500 SearchProtection.exe
808 TosSENotify.exe
3944 iTunesHelper.exe
6120 XBoxStat.exe
5336 rundll32.exe
3364 rpkcakg.exe
3128 login.exe
5472 win32.exe
6132 hexdump.exe
4236 SynTPHelper.exe
3928 igfxext.exe
4348 lsass.exe
4100 spoolsv.exe
5908 win.exe
4756 C:\Windows\System32\LogonUI.exe
5284 user.exe
1664 wininst.exe
480 system.exe
5672 mdm.exe
3592 sysedit.exe
5524 smss.exe
3468 drweb.exe
6232 C:\Windows\System32\audiodg.exe
7824 avp32.exe
2684 debug.exe
5568 win16.exe
3112 taskmgr.exe
5964 C:\Windows\System32\wuauclt.exe
5424 C:\Users\Cameron John\AppData\Local\Google\Chrome\Application\chrome.exe
5128 C:\Users\Cameron John\AppData\Local\Google\Chrome\Application\chrome.exe
6476 C:\Users\Cameron John\Downloads\Defogger (1).exe
8148 C:\Windows\System32\conhost.exe
7264 C:\Windows\System32\wscript.exe
1928 C:\Users\Cameron John\AppData\Local\Google\Chrome\Application\chrome.exe
5912 C:\Windows\System32\SearchProtocolHost.exe
6964 C:\Windows\System32\SearchFilterHost.exe
5724 MpCmdRun.exe
6616 dllhost.exe
7272 dllhost.exe
6880 C:\Users\Cameron John\Downloads\MBRCheck.exe
2176 C:\Windows\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`5dd00000 (NTFS)

PhysicalDrive0 Model Number: HitachiHTS545025B9A300, Rev: PB2OC64G

Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected
SHA1: BBAD517F7EAC529451E4B9586C847AE190574F61


Done!

That should be it. Thank you for the help :thumbsup:

BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users