Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with a bunch of Sirefef.


  • Please log in to reply
21 replies to this topic

#1 malkinism

malkinism

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:36 PM

Posted 12 August 2012 - 10:59 AM

I came home to find MSE without a firewall and these viruses. At first, when I tried to remove them, it would just shut down. Now, no matter how I start up my computer, I have exactly one minute before it shuts down. I can barely get rkill going and a few seconds of Malwarebytes to scan.

I'm pretty sure I can handle the removal instructions I've seen on other topics, but getting my computer to stay on has been the pain in the rear for me so far. If anyone has any idea how to get my computer to stay on for a brief period of time while I fix it, I would greatly appreciate it. Thanks!

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:36 PM

Posted 12 August 2012 - 11:17 AM

Try a system restore to previous date via recovery console

http://www.bleepingcomputer.com/tutorials/windows-7-recovery-environment-command-prompt/

If its successful,do not run microsoft security essentials,wait for my instructions.

If you dont have restore points we have other ways to solve this issue,let me know

Edited by narenxp, 12 August 2012 - 11:18 AM.


#3 malkinism

malkinism
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:36 PM

Posted 12 August 2012 - 11:35 AM

I have Windows Vista and the OS was preinstalled; no OS cd came with the box. I'm not sure if the name is the same on Vista but I did get it to Figure 7 via that guide. I could not restore it, however.

Awaiting next instructions.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:36 PM

Posted 12 August 2012 - 11:40 AM

Posted Image

What happens when you click on SYSTEM RESTORE option?

#5 malkinism

malkinism
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:36 PM

Posted 12 August 2012 - 11:42 AM

It says the following:

The System Restore wizard is already running. This program will now exit.

#6 malkinism

malkinism
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:36 PM

Posted 12 August 2012 - 11:44 AM

Oh wait! Now it comes up with a title that says "Restore system files and settings."

System Restore can help fix problems that might be making your computer run slowly or stop responding.

System Restore does not affect any of your documents, pictures, or other personal data.

Options of Next and Cancel below.

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:36 PM

Posted 12 August 2012 - 11:51 AM

Select a previous date and restore.After restore completes

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#8 malkinism

malkinism
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:36 PM

Posted 12 August 2012 - 04:32 PM

13:35:33.0179 2084 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
13:35:33.0470 2084 ============================================================
13:35:33.0470 2084 Current date / time: 2012/08/12 13:35:33.0470
13:35:33.0471 2084 SystemInfo:
13:35:33.0471 2084
13:35:33.0471 2084 OS Version: 6.0.6002 ServicePack: 2.0
13:35:33.0471 2084 Product type: Workstation
13:35:33.0471 2084 ComputerName: D**M
13:35:33.0471 2084 UserName: D**** M*******
13:35:33.0471 2084 Windows directory: C:\Windows
13:35:33.0471 2084 System windows directory: C:\Windows
13:35:33.0471 2084 Processor architecture: Intel x86
13:35:33.0471 2084 Number of processors: 2
13:35:33.0471 2084 Page size: 0x1000
13:35:33.0471 2084 Boot type: Safe boot with network
13:35:33.0471 2084 ============================================================
13:35:34.0298 2084 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:35:34.0299 2084 ============================================================
13:35:34.0299 2084 \Device\Harddisk0\DR0:
13:35:34.0299 2084 MBR partitions:
13:35:34.0299 2084 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x2430F800
13:35:34.0299 2084 ============================================================
13:35:34.0339 2084 C: <-> \Device\Harddisk0\DR0\Partition0
13:35:34.0339 2084 ============================================================
13:35:34.0339 2084 Initialize success
13:35:34.0339 2084 ============================================================
13:35:52.0233 2396 ============================================================
13:35:52.0233 2396 Scan started
13:35:52.0233 2396 Mode: Manual; TDLFS;
13:35:52.0233 2396 ============================================================
13:35:57.0645 2396 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
13:35:57.0647 2396 ACPI - ok
13:35:57.0907 2396 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:35:57.0908 2396 AdobeFlashPlayerUpdateSvc - ok
13:35:58.0015 2396 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
13:35:58.0017 2396 adp94xx - ok
13:35:58.0067 2396 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
13:35:58.0068 2396 adpahci - ok
13:35:58.0104 2396 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
13:35:58.0105 2396 adpu160m - ok
13:35:58.0167 2396 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
13:35:58.0168 2396 adpu320 - ok
13:35:58.0268 2396 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
13:35:58.0269 2396 AeLookupSvc - ok
13:35:58.0370 2396 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
13:35:58.0373 2396 AFD - ok
13:35:58.0863 2396 AgereModemAudio (39e435c90c9c4f780fa0ed05ca3c3a1b) C:\Windows\system32\agrsmsvc.exe
13:35:58.0863 2396 AgereModemAudio - ok
13:35:59.0015 2396 AgereSoftModem (ce91b158fa490cf4c4d487a4130f4660) C:\Windows\system32\DRIVERS\AGRSM.sys
13:35:59.0034 2396 AgereSoftModem - ok
13:35:59.0299 2396 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
13:35:59.0300 2396 agp440 - ok
13:35:59.0342 2396 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
13:35:59.0342 2396 aic78xx - ok
13:35:59.0425 2396 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
13:35:59.0426 2396 ALG - ok
13:35:59.0467 2396 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
13:35:59.0468 2396 aliide - ok
13:35:59.0556 2396 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
13:35:59.0557 2396 amdagp - ok
13:35:59.0591 2396 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
13:35:59.0592 2396 amdide - ok
13:35:59.0629 2396 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
13:35:59.0630 2396 AmdK7 - ok
13:35:59.0668 2396 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
13:35:59.0669 2396 AmdK8 - ok
13:35:59.0764 2396 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
13:35:59.0764 2396 Appinfo - ok
13:36:01.0127 2396 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
13:36:01.0128 2396 arc - ok
13:36:01.0233 2396 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
13:36:01.0234 2396 arcsas - ok
13:36:01.0283 2396 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
13:36:01.0283 2396 AsyncMac - ok
13:36:01.0327 2396 atapi (0d83c87a801a3dfcd1bf73893fe7518c) C:\Windows\system32\drivers\atapi.sys
13:36:01.0327 2396 atapi - ok
13:36:01.0506 2396 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
13:36:01.0510 2396 AudioEndpointBuilder - ok
13:36:01.0521 2396 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
13:36:01.0524 2396 Audiosrv - ok
13:36:01.0625 2396 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
13:36:01.0625 2396 Beep - ok
13:36:01.0820 2396 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
13:36:01.0824 2396 BFE - ok
13:36:01.0913 2396 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
13:36:01.0914 2396 blbdrive - ok
13:36:01.0993 2396 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
13:36:01.0994 2396 bowser - ok
13:36:02.0119 2396 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
13:36:02.0119 2396 BrFiltLo - ok
13:36:02.0165 2396 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
13:36:02.0165 2396 BrFiltUp - ok
13:36:02.0259 2396 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
13:36:02.0260 2396 Browser - ok
13:36:02.0307 2396 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
13:36:02.0308 2396 Brserid - ok
13:36:02.0345 2396 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
13:36:02.0345 2396 BrSerWdm - ok
13:36:02.0399 2396 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
13:36:02.0399 2396 BrUsbMdm - ok
13:36:02.0419 2396 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
13:36:02.0420 2396 BrUsbSer - ok
13:36:02.0537 2396 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
13:36:02.0537 2396 BTHMODEM - ok
13:36:02.0680 2396 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
13:36:02.0680 2396 cdfs - ok
13:36:02.0781 2396 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
13:36:02.0782 2396 cdrom - ok
13:36:02.0913 2396 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
13:36:02.0914 2396 CertPropSvc - ok
13:36:02.0972 2396 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
13:36:02.0973 2396 circlass - ok
13:36:03.0174 2396 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
13:36:03.0175 2396 CLFS - ok
13:36:03.0361 2396 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:36:03.0364 2396 clr_optimization_v2.0.50727_32 - ok
13:36:03.0536 2396 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:36:03.0909 2396 clr_optimization_v4.0.30319_32 - ok
13:36:04.0088 2396 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
13:36:04.0088 2396 CmBatt - ok
13:36:04.0115 2396 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
13:36:04.0116 2396 cmdide - ok
13:36:04.0151 2396 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
13:36:04.0151 2396 Compbatt - ok
13:36:04.0154 2396 COMSysApp - ok
13:36:04.0401 2396 ConfigFree Service (c508b28b9da7563634a2a2b2eef4395d) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
13:36:04.0401 2396 ConfigFree Service - ok
13:36:04.0430 2396 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
13:36:04.0431 2396 crcdisk - ok
13:36:04.0471 2396 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
13:36:04.0472 2396 Crusoe - ok
13:36:04.0595 2396 CryptSvc (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
13:36:04.0596 2396 CryptSvc - ok
13:36:04.0706 2396 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
13:36:05.0029 2396 DcomLaunch - ok
13:36:05.0082 2396 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
13:36:05.0083 2396 DfsC - ok
13:36:05.0901 2396 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
13:36:06.0046 2396 DFSR - ok
13:36:06.0742 2396 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
13:36:06.0745 2396 Dhcp - ok
13:36:06.0925 2396 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
13:36:06.0926 2396 disk - ok
13:36:07.0044 2396 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
13:36:07.0045 2396 Dnscache - ok
13:36:07.0200 2396 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
13:36:07.0202 2396 dot3svc - ok
13:36:07.0344 2396 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
13:36:07.0345 2396 Dot4 - ok
13:36:07.0469 2396 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
13:36:07.0469 2396 Dot4Print - ok
13:36:07.0529 2396 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
13:36:07.0530 2396 dot4usb - ok
13:36:07.0617 2396 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
13:36:07.0619 2396 DPS - ok
13:36:07.0846 2396 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
13:36:07.0846 2396 drmkaud - ok
13:36:07.0925 2396 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
13:36:07.0930 2396 DXGKrnl - ok
13:36:07.0951 2396 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
13:36:07.0952 2396 E1G60 - ok
13:36:08.0030 2396 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
13:36:08.0031 2396 EapHost - ok
13:36:08.0167 2396 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
13:36:08.0168 2396 Ecache - ok
13:36:08.0246 2396 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
13:36:08.0250 2396 ehRecvr - ok
13:36:08.0278 2396 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
13:36:08.0279 2396 ehSched - ok
13:36:08.0281 2396 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
13:36:08.0281 2396 ehstart - ok
13:36:08.0422 2396 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
13:36:08.0424 2396 elxstor - ok
13:36:08.0528 2396 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
13:36:08.0536 2396 EMDMgmt - ok
13:36:08.0578 2396 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
13:36:08.0578 2396 ErrDev - ok
13:36:08.0692 2396 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
13:36:08.0695 2396 EventSystem - ok
13:36:08.0880 2396 EvtEng (306ac856622864c761cbdb5e816bb9d8) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
13:36:08.0893 2396 EvtEng - ok
13:36:08.0992 2396 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
13:36:08.0993 2396 exfat - ok
13:36:09.0068 2396 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
13:36:09.0070 2396 fastfat - ok
13:36:09.0150 2396 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
13:36:09.0150 2396 fdc - ok
13:36:09.0182 2396 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
13:36:09.0183 2396 fdPHost - ok
13:36:09.0208 2396 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
13:36:09.0208 2396 FDResPub - ok
13:36:09.0339 2396 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
13:36:09.0340 2396 FileInfo - ok
13:36:09.0368 2396 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
13:36:09.0368 2396 Filetrace - ok
13:36:09.0397 2396 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
13:36:09.0398 2396 flpydisk - ok
13:36:09.0577 2396 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
13:36:09.0578 2396 FltMgr - ok
13:36:09.0724 2396 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
13:36:09.0734 2396 FontCache - ok
13:36:09.0960 2396 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:36:09.0961 2396 FontCache3.0.0.0 - ok
13:36:10.0366 2396 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
13:36:10.0367 2396 fssfltr - ok
13:36:10.0866 2396 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
13:36:10.0876 2396 fsssvc - ok
13:36:11.0023 2396 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
13:36:11.0024 2396 Fs_Rec - ok
13:36:11.0046 2396 FwLnk (cbc22823628544735625b280665e434e) C:\Windows\system32\DRIVERS\FwLnk.sys
13:36:11.0047 2396 FwLnk - ok
13:36:11.0084 2396 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
13:36:11.0085 2396 gagp30kx - ok
13:36:11.0301 2396 GameConsoleService (9dcf7dfe5fdbb0a47f8ee01fe13c2876) C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
13:36:11.0302 2396 GameConsoleService - ok
13:36:11.0496 2396 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
13:36:11.0506 2396 gpsvc - ok
13:36:11.0783 2396 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
13:36:11.0784 2396 gupdate - ok
13:36:11.0887 2396 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
13:36:11.0888 2396 gupdatem - ok
13:36:11.0990 2396 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
13:36:11.0992 2396 HdAudAddService - ok
13:36:12.0114 2396 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:36:12.0118 2396 HDAudBus - ok
13:36:12.0205 2396 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
13:36:12.0205 2396 HidBth - ok
13:36:12.0217 2396 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
13:36:12.0218 2396 HidIr - ok
13:36:12.0319 2396 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
13:36:12.0320 2396 hidserv - ok
13:36:12.0402 2396 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
13:36:12.0402 2396 HidUsb - ok
13:36:12.0424 2396 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
13:36:12.0426 2396 hkmsvc - ok
13:36:12.0997 2396 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
13:36:12.0997 2396 HpCISSs - ok
13:36:13.0194 2396 hpqcxs08 (f50f7984fdd151edd8a70a8dbd9e2a44) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
13:36:13.0196 2396 hpqcxs08 - ok
13:36:13.0233 2396 hpqddsvc (df446ba625cc441617843e87798ce048) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
13:36:13.0234 2396 hpqddsvc - ok
13:36:13.0287 2396 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
13:36:13.0293 2396 HTTP - ok
13:36:13.0362 2396 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
13:36:13.0363 2396 i2omp - ok
13:36:13.0573 2396 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
13:36:13.0573 2396 i8042prt - ok
13:36:13.0631 2396 iaStor (707c1692214b1c290271067197f075f6) C:\Windows\system32\DRIVERS\iaStor.sys
13:36:13.0633 2396 iaStor - ok
13:36:13.0770 2396 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
13:36:13.0772 2396 iaStorV - ok
13:36:13.0980 2396 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
13:36:13.0980 2396 IDriverT - ok
13:36:14.0073 2396 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:36:14.0080 2396 idsvc - ok
13:36:14.0238 2396 igfx (6fb1858d1f0923d122b0331865695041) C:\Windows\system32\DRIVERS\igdkmd32.sys
13:36:14.0276 2396 igfx - ok
13:36:14.0422 2396 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
13:36:14.0422 2396 iirsp - ok
13:36:14.0572 2396 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
13:36:14.0579 2396 IKEEXT - ok
13:36:14.0756 2396 IntcAzAudAddService (b9cbd3dea7ca02868621173bf7a2af9f) C:\Windows\system32\drivers\RTKVHDA.sys
13:36:14.0843 2396 IntcAzAudAddService - ok
13:36:15.0031 2396 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
13:36:15.0031 2396 intelide - ok
13:36:15.0084 2396 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
13:36:15.0085 2396 intelppm - ok
13:36:15.0137 2396 IO_Memory - ok
13:36:15.0166 2396 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
13:36:15.0168 2396 IPBusEnum - ok
13:36:15.0214 2396 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:36:15.0215 2396 IpFilterDriver - ok
13:36:15.0218 2396 IpInIp - ok
13:36:15.0242 2396 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
13:36:15.0243 2396 IPMIDRV - ok
13:36:15.0284 2396 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
13:36:15.0285 2396 IPNAT - ok
13:36:15.0301 2396 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
13:36:15.0302 2396 IRENUM - ok
13:36:15.0331 2396 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
13:36:15.0332 2396 isapnp - ok
13:36:15.0397 2396 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
13:36:15.0399 2396 iScsiPrt - ok
13:36:15.0428 2396 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
13:36:15.0428 2396 iteatapi - ok
13:36:15.0460 2396 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
13:36:15.0460 2396 iteraid - ok
13:36:15.0785 2396 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
13:36:15.0786 2396 kbdclass - ok
13:36:15.0841 2396 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
13:36:15.0842 2396 kbdhid - ok
13:36:16.0172 2396 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
13:36:16.0174 2396 KeyIso - ok
13:36:16.0219 2396 KR10I (e8ca038f51f7761bd6e3a3b0b8014263) C:\Windows\system32\drivers\kr10i.sys
13:36:16.0220 2396 KR10I - ok
13:36:16.0268 2396 KR10N (6a4adb9186dd0e114e623daf57e42b31) C:\Windows\system32\drivers\kr10n.sys
13:36:16.0270 2396 KR10N - ok
13:36:16.0338 2396 KSecDD (4a1445efa932a3baf5bdb02d7131ee20) C:\Windows\system32\Drivers\ksecdd.sys
13:36:16.0341 2396 KSecDD - ok
13:36:16.0409 2396 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
13:36:16.0414 2396 KtmRm - ok
13:36:16.0460 2396 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
13:36:16.0464 2396 LanmanServer - ok
13:36:16.0543 2396 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
13:36:16.0591 2396 LanmanWorkstation - ok
13:36:16.0617 2396 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
13:36:16.0617 2396 lltdio - ok
13:36:16.0652 2396 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
13:36:16.0656 2396 lltdsvc - ok
13:36:16.0869 2396 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
13:36:16.0870 2396 lmhosts - ok
13:36:16.0894 2396 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
13:36:16.0895 2396 LSI_FC - ok
13:36:16.0927 2396 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
13:36:16.0928 2396 LSI_SAS - ok
13:36:16.0988 2396 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
13:36:16.0989 2396 LSI_SCSI - ok
13:36:17.0015 2396 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
13:36:17.0016 2396 luafv - ok
13:36:17.0211 2396 McciCMService (e6cb119ef2e148eaa1a247343550756e) C:\Program Files\Common Files\Motive\McciCMService.exe
13:36:17.0213 2396 McciCMService - ok
13:36:17.0256 2396 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
13:36:17.0258 2396 Mcx2Svc - ok
13:36:17.0325 2396 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
13:36:17.0325 2396 megasas - ok
13:36:17.0439 2396 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
13:36:17.0442 2396 MegaSR - ok
13:36:17.0957 2396 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office 2007\Office12\GrooveAuditService.exe
13:36:17.0958 2396 Microsoft Office Groove Audit Service - ok
13:36:18.0012 2396 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
13:36:18.0013 2396 MMCSS - ok
13:36:18.0036 2396 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
13:36:18.0037 2396 Modem - ok
13:36:18.0087 2396 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
13:36:18.0088 2396 monitor - ok
13:36:18.0151 2396 MotDev (80bda4ac4b2834ca522b7386fc1f6a20) C:\Windows\system32\DRIVERS\motodrv.sys
13:36:18.0151 2396 MotDev - ok
13:36:18.0206 2396 motmodem (fe80c18ba448ddd76b7bead9eb203d37) C:\Windows\system32\DRIVERS\motmodem.sys
13:36:18.0207 2396 motmodem - ok
13:36:18.0225 2396 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
13:36:18.0226 2396 mouclass - ok
13:36:18.0248 2396 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
13:36:18.0248 2396 mouhid - ok
13:36:18.0305 2396 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
13:36:18.0306 2396 MountMgr - ok
13:36:18.0431 2396 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:36:18.0431 2396 MozillaMaintenance - ok
13:36:18.0671 2396 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
13:36:18.0673 2396 MpFilter - ok
13:36:18.0848 2396 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
13:36:18.0849 2396 mpio - ok
13:36:18.0931 2396 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
13:36:18.0932 2396 mpsdrv - ok
13:36:19.0015 2396 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
13:36:19.0020 2396 MpsSvc - ok
13:36:19.0082 2396 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
13:36:19.0082 2396 Mraid35x - ok
13:36:19.0217 2396 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
13:36:19.0218 2396 MREMP50 - ok
13:36:19.0219 2396 MREMPR5 - ok
13:36:19.0220 2396 MRENDIS5 - ok
13:36:19.0279 2396 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
13:36:19.0279 2396 MRESP50 - ok
13:36:19.0324 2396 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
13:36:19.0326 2396 MRxDAV - ok
13:36:19.0354 2396 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:36:19.0355 2396 mrxsmb - ok
13:36:19.0409 2396 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:36:19.0411 2396 mrxsmb10 - ok
13:36:19.0417 2396 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:36:19.0418 2396 mrxsmb20 - ok
13:36:19.0488 2396 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
13:36:19.0488 2396 msahci - ok
13:36:19.0522 2396 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
13:36:19.0523 2396 msdsm - ok
13:36:19.0574 2396 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
13:36:19.0576 2396 MSDTC - ok
13:36:19.0777 2396 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
13:36:19.0778 2396 Msfs - ok
13:36:19.0852 2396 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
13:36:19.0853 2396 msisadrv - ok
13:36:19.0898 2396 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
13:36:19.0900 2396 MSiSCSI - ok
13:36:19.0903 2396 msiserver - ok
13:36:19.0973 2396 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
13:36:19.0974 2396 MSKSSRV - ok
13:36:20.0069 2396 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
13:36:20.0070 2396 MsMpSvc - ok
13:36:20.0088 2396 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
13:36:20.0088 2396 MSPCLOCK - ok
13:36:20.0104 2396 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
13:36:20.0105 2396 MSPQM - ok
13:36:20.0156 2396 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
13:36:20.0158 2396 MsRPC - ok
13:36:20.0208 2396 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
13:36:20.0209 2396 mssmbios - ok
13:36:20.0234 2396 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
13:36:20.0234 2396 MSTEE - ok
13:36:20.0275 2396 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
13:36:20.0275 2396 Mup - ok
13:36:20.0328 2396 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
13:36:20.0332 2396 napagent - ok
13:36:20.0394 2396 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
13:36:20.0396 2396 NativeWifiP - ok
13:36:20.0525 2396 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
13:36:20.0529 2396 NDIS - ok
13:36:20.0564 2396 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
13:36:20.0565 2396 NdisTapi - ok
13:36:20.0578 2396 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
13:36:20.0579 2396 Ndisuio - ok
13:36:20.0749 2396 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
13:36:20.0750 2396 NdisWan - ok
13:36:20.0790 2396 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
13:36:20.0791 2396 NDProxy - ok
13:36:20.0859 2396 Net Driver HPZ12 (51c6d8bfbd4ea5b62a1ba7f4469250d3) C:\Windows\system32\HPZinw12.dll
13:36:20.0860 2396 Net Driver HPZ12 - ok
13:36:20.0884 2396 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
13:36:20.0885 2396 NetBIOS - ok
13:36:20.0954 2396 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
13:36:20.0956 2396 netbt - ok
13:36:20.0998 2396 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
13:36:20.0999 2396 Netlogon - ok
13:36:21.0033 2396 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
13:36:21.0038 2396 Netman - ok
13:36:21.0054 2396 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
13:36:21.0057 2396 netprofm - ok
13:36:21.0144 2396 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:36:21.0145 2396 NetTcpPortSharing - ok
13:36:21.0367 2396 NETw5v32 (e559ea9138c77b5d1fda8c558764a25f) C:\Windows\system32\DRIVERS\NETw5v32.sys
13:36:21.0699 2396 NETw5v32 - ok
13:36:21.0914 2396 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
13:36:21.0915 2396 nfrd960 - ok
13:36:22.0027 2396 NisDrv (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
13:36:22.0029 2396 NisDrv - ok
13:36:22.0150 2396 NisSrv (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe
13:36:22.0153 2396 NisSrv - ok
13:36:22.0191 2396 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
13:36:22.0194 2396 NlaSvc - ok
13:36:22.0264 2396 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
13:36:22.0265 2396 Npfs - ok
13:36:22.0285 2396 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
13:36:22.0286 2396 nsi - ok
13:36:22.0295 2396 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
13:36:22.0295 2396 nsiproxy - ok
13:36:22.0386 2396 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
13:36:22.0393 2396 Ntfs - ok
13:36:22.0633 2396 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
13:36:22.0634 2396 ntrigdigi - ok
13:36:22.0711 2396 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\Windows\system32\DRIVERS\NuidFltr.sys
13:36:22.0712 2396 NuidFltr - ok
13:36:22.0763 2396 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
13:36:22.0763 2396 Null - ok
13:36:22.0798 2396 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
13:36:22.0799 2396 nvraid - ok
13:36:22.0868 2396 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
13:36:22.0869 2396 nvstor - ok
13:36:22.0900 2396 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
13:36:22.0901 2396 nv_agp - ok
13:36:22.0904 2396 NwlnkFlt - ok
13:36:22.0907 2396 NwlnkFwd - ok
13:36:23.0053 2396 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:36:23.0056 2396 odserv - ok
13:36:23.0150 2396 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
13:36:23.0150 2396 ohci1394 - ok
13:36:23.0231 2396 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:36:23.0232 2396 ose - ok
13:36:23.0299 2396 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:36:23.0309 2396 p2pimsvc - ok
13:36:23.0314 2396 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:36:23.0319 2396 p2psvc - ok
13:36:23.0363 2396 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
13:36:23.0364 2396 Parport - ok
13:36:23.0396 2396 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
13:36:23.0396 2396 partmgr - ok
13:36:23.0420 2396 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
13:36:23.0420 2396 Parvdm - ok
13:36:23.0688 2396 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
13:36:23.0690 2396 PcaSvc - ok
13:36:23.0750 2396 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
13:36:23.0751 2396 pci - ok
13:36:23.0786 2396 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\DRIVERS\pciide.sys
13:36:23.0787 2396 pciide - ok
13:36:23.0829 2396 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
13:36:23.0831 2396 pcmcia - ok
13:36:23.0917 2396 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
13:36:23.0932 2396 PEAUTH - ok
13:36:24.0040 2396 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
13:36:24.0062 2396 pla - ok
13:36:24.0240 2396 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
13:36:24.0243 2396 PlugPlay - ok
13:36:24.0319 2396 Pml Driver HPZ12 (79834aa2fbf9fe81eebb229024f6f7fc) C:\Windows\system32\HPZipm12.dll
13:36:24.0320 2396 Pml Driver HPZ12 - ok
13:36:24.0444 2396 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:36:24.0450 2396 PNRPAutoReg - ok
13:36:24.0456 2396 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:36:24.0461 2396 PNRPsvc - ok
13:36:24.0552 2396 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
13:36:24.0555 2396 PolicyAgent - ok
13:36:24.0598 2396 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
13:36:24.0598 2396 PptpMiniport - ok
13:36:24.0634 2396 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
13:36:24.0635 2396 Processor - ok
13:36:24.0731 2396 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
13:36:24.0734 2396 ProfSvc - ok
13:36:24.0765 2396 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
13:36:24.0766 2396 ProtectedStorage - ok
13:36:24.0824 2396 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
13:36:24.0824 2396 PSched - ok
13:36:24.0938 2396 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
13:36:24.0945 2396 ql2300 - ok
13:36:24.0993 2396 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
13:36:24.0994 2396 ql40xx - ok
13:36:25.0049 2396 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
13:36:25.0052 2396 QWAVE - ok
13:36:25.0061 2396 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
13:36:25.0062 2396 QWAVEdrv - ok
13:36:25.0070 2396 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
13:36:25.0071 2396 RasAcd - ok
13:36:25.0084 2396 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
13:36:25.0087 2396 RasAuto - ok
13:36:25.0140 2396 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:36:25.0141 2396 Rasl2tp - ok
13:36:25.0236 2396 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
13:36:25.0241 2396 RasMan - ok
13:36:25.0306 2396 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
13:36:25.0306 2396 RasPppoe - ok
13:36:25.0312 2396 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
13:36:25.0313 2396 RasSstp - ok
13:36:25.0371 2396 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
13:36:25.0373 2396 rdbss - ok
13:36:25.0396 2396 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:36:25.0397 2396 RDPCDD - ok
13:36:25.0423 2396 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
13:36:25.0425 2396 rdpdr - ok
13:36:25.0447 2396 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
13:36:25.0448 2396 RDPENCDD - ok
13:36:25.0492 2396 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
13:36:25.0494 2396 RDPWD - ok
13:36:25.0905 2396 RegSrvc (b33c88df3588acf250b87a004526c31a) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
13:36:25.0908 2396 RegSrvc - ok
13:36:26.0036 2396 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
13:36:26.0038 2396 RemoteAccess - ok
13:36:26.0105 2396 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
13:36:26.0108 2396 RemoteRegistry - ok
13:36:26.0171 2396 rimmptsk (c2ef513bbe069f0d4ee0938a76f975d3) C:\Windows\system32\DRIVERS\rimmptsk.sys
13:36:26.0171 2396 rimmptsk - ok
13:36:26.0180 2396 rimsptsk (c398bca91216755b098679a8da8a2300) C:\Windows\system32\DRIVERS\rimsptsk.sys
13:36:26.0181 2396 rimsptsk - ok
13:36:26.0194 2396 rismxdp (2a2554cb24506e0a0508fc395c4a1b42) C:\Windows\system32\DRIVERS\rixdptsk.sys
13:36:26.0195 2396 rismxdp - ok
13:36:26.0232 2396 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
13:36:26.0233 2396 RpcLocator - ok
13:36:26.0312 2396 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
13:36:26.0318 2396 RpcSs - ok
13:36:26.0349 2396 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
13:36:26.0350 2396 rspndr - ok
13:36:26.0398 2396 RTL8169 (7157e70a90cce49deb8885d23a073a39) C:\Windows\system32\DRIVERS\Rtlh86.sys
13:36:26.0400 2396 RTL8169 - ok
13:36:26.0432 2396 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
13:36:26.0433 2396 SamSs - ok
13:36:26.0480 2396 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
13:36:26.0481 2396 sbp2port - ok
13:36:26.0911 2396 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
13:36:26.0913 2396 SCardSvr - ok
13:36:26.0993 2396 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
13:36:27.0002 2396 Schedule - ok
13:36:27.0052 2396 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
13:36:27.0052 2396 SCPolicySvc - ok
13:36:27.0118 2396 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
13:36:27.0119 2396 sdbus - ok
13:36:27.0176 2396 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
13:36:27.0179 2396 SDRSVC - ok
13:36:27.0270 2396 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
13:36:27.0270 2396 secdrv - ok
13:36:27.0300 2396 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
13:36:27.0301 2396 seclogon - ok
13:36:27.0315 2396 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
13:36:27.0317 2396 SENS - ok
13:36:27.0335 2396 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
13:36:27.0335 2396 Serenum - ok
13:36:27.0363 2396 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
13:36:27.0364 2396 Serial - ok
13:36:27.0397 2396 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
13:36:27.0398 2396 sermouse - ok
13:36:27.0512 2396 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
13:36:27.0518 2396 SessionEnv - ok
13:36:27.0877 2396 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
13:36:27.0878 2396 sffdisk - ok
13:36:27.0898 2396 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
13:36:27.0898 2396 sffp_mmc - ok
13:36:27.0957 2396 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
13:36:27.0958 2396 sffp_sd - ok
13:36:27.0978 2396 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
13:36:27.0979 2396 sfloppy - ok
13:36:28.0074 2396 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
13:36:28.0078 2396 ShellHWDetection - ok
13:36:28.0103 2396 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
13:36:28.0104 2396 sisagp - ok
13:36:28.0377 2396 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
13:36:28.0378 2396 SiSRaid2 - ok
13:36:28.0397 2396 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
13:36:28.0398 2396 SiSRaid4 - ok
13:36:28.0767 2396 Skype C2C Service (0f97e7a47a52f4a36969f0fc319654c2) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
13:36:28.0786 2396 Skype C2C Service - ok
13:36:29.0051 2396 SkypeUpdate (ef3b592545676301cdeb7c2609eed7bf) C:\Program Files\Skype\Updater\Updater.exe
13:36:29.0053 2396 SkypeUpdate - ok
13:36:29.0345 2396 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
13:36:29.0390 2396 slsvc - ok
13:36:29.0814 2396 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
13:36:29.0816 2396 SLUINotify - ok
13:36:30.0795 2396 SmartFaceVWatchSrv (3566310df25ea5c3b2e9f50f5b50eac1) C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
13:36:30.0796 2396 SmartFaceVWatchSrv - ok
13:36:31.0029 2396 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
13:36:31.0030 2396 Smb - ok
13:36:31.0068 2396 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
13:36:31.0069 2396 SNMPTRAP - ok
13:36:31.0126 2396 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
13:36:31.0127 2396 spldr - ok
13:36:31.0169 2396 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
13:36:31.0172 2396 Spooler - ok
13:36:31.0298 2396 sptd (614deea4bdcec3fd5a07bdc705723ad7) C:\Windows\System32\Drivers\sptd.sys
13:36:31.0301 2396 sptd - ok
13:36:31.0434 2396 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
13:36:31.0438 2396 srv - ok
13:36:31.0480 2396 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
13:36:31.0482 2396 srv2 - ok
13:36:31.0945 2396 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
13:36:31.0947 2396 srvnet - ok
13:36:31.0990 2396 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
13:36:31.0993 2396 SSDPSRV - ok
13:36:32.0054 2396 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
13:36:32.0057 2396 SstpSvc - ok
13:36:32.0140 2396 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
13:36:32.0147 2396 stisvc - ok
13:36:32.0263 2396 SVRPEDRV (3e4239b92139f7174a0da7d53fe5e1ab) C:\Windows\System32\sysprep\PEDrv.sys
13:36:32.0263 2396 SVRPEDRV - ok
13:36:32.0316 2396 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
13:36:32.0316 2396 swenum - ok
13:36:32.0423 2396 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
13:36:32.0427 2396 swprv - ok
13:36:32.0512 2396 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
13:36:32.0513 2396 Symc8xx - ok
13:36:32.0590 2396 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
13:36:32.0591 2396 Sym_hi - ok
13:36:32.0615 2396 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
13:36:32.0616 2396 Sym_u3 - ok
13:36:32.0687 2396 SynTP (55f6e55cc2430ca8713387106fa79817) C:\Windows\system32\DRIVERS\SynTP.sys
13:36:32.0688 2396 SynTP - ok
13:36:32.0760 2396 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
13:36:32.0769 2396 SysMain - ok
13:36:32.0837 2396 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
13:36:32.0840 2396 TabletInputService - ok
13:36:32.0939 2396 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
13:36:32.0944 2396 TapiSrv - ok
13:36:32.0955 2396 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
13:36:32.0958 2396 TBS - ok
13:36:33.0036 2396 Tcpip (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\drivers\tcpip.sys
13:36:33.0042 2396 Tcpip - ok
13:36:33.0051 2396 Tcpip6 (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\DRIVERS\tcpip.sys
13:36:33.0058 2396 Tcpip6 - ok
13:36:33.0075 2396 tcpipreg (2c2d4cff5e09c73908f9b5af49a51365) C:\Windows\system32\drivers\tcpipreg.sys
13:36:33.0076 2396 tcpipreg - ok
13:36:33.0131 2396 tdcmdpst (6fdfba25002ce4bac463ac866ae71405) C:\Windows\system32\DRIVERS\tdcmdpst.sys
13:36:33.0132 2396 tdcmdpst - ok
13:36:33.0206 2396 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
13:36:33.0207 2396 TDPIPE - ok
13:36:33.0240 2396 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
13:36:33.0241 2396 TDTCP - ok
13:36:33.0289 2396 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
13:36:33.0290 2396 tdx - ok
13:36:33.0339 2396 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
13:36:33.0339 2396 TermDD - ok
13:36:33.0414 2396 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
13:36:33.0421 2396 TermService - ok
13:36:33.0852 2396 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
13:36:33.0855 2396 Themes - ok
13:36:33.0917 2396 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
13:36:33.0919 2396 THREADORDER - ok
13:36:34.0121 2396 TMachInfo (e09caafb2b323a6ff120cefb96da0a44) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
13:36:34.0121 2396 TMachInfo - ok
13:36:34.0149 2396 TNaviSrv (89f74c86523f5e334628dbce66e6d165) C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
13:36:34.0152 2396 TNaviSrv - ok
13:36:34.0203 2396 TODDSrv (c5ac715b65b01788abc22d10749dddd8) C:\Windows\system32\TODDSrv.exe
13:36:34.0206 2396 TODDSrv - ok
13:36:34.0295 2396 TosCoSrv (44dbac611b11646683b5b066a049b8e4) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
13:36:34.0298 2396 TosCoSrv - ok
13:36:34.0361 2396 TOSHIBA Bluetooth Service (8e10e654e354cf330ed75882769a0107) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
13:36:34.0363 2396 TOSHIBA Bluetooth Service - ok
13:36:34.0393 2396 TOSHIBA SMART Log Service (22690dffc7f2a18279a7a0489aa02bac) C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
13:36:34.0394 2396 TOSHIBA SMART Log Service - ok
13:36:34.0424 2396 Tosrfcom - ok
13:36:34.0447 2396 tosrfec (5c4103544612e5011ef46301b93d1aa6) C:\Windows\system32\DRIVERS\tosrfec.sys
13:36:34.0447 2396 tosrfec - ok
13:36:34.0532 2396 tos_sps32 (4399a9bf7d8f49991a07fd86590a1619) C:\Windows\system32\DRIVERS\tos_sps32.sys
13:36:34.0534 2396 tos_sps32 - ok
13:36:34.0630 2396 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
13:36:34.0632 2396 TrkWks - ok
13:36:34.0786 2396 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
13:36:34.0787 2396 TrustedInstaller - ok
13:36:34.0821 2396 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:36:34.0822 2396 tssecsrv - ok
13:36:34.0870 2396 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
13:36:34.0871 2396 tunmp - ok
13:36:34.0907 2396 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
13:36:34.0908 2396 tunnel - ok
13:36:34.0939 2396 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
13:36:34.0940 2396 TVALZ - ok
13:36:34.0963 2396 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
13:36:34.0964 2396 uagp35 - ok
13:36:35.0041 2396 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
13:36:35.0045 2396 udfs - ok
13:36:35.0071 2396 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
13:36:35.0073 2396 UI0Detect - ok
13:36:35.0177 2396 UleadBurningHelper (332d341d92b933600d41953b08360dfb) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
13:36:35.0178 2396 UleadBurningHelper - ok
13:36:35.0213 2396 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
13:36:35.0213 2396 uliagpkx - ok
13:36:35.0253 2396 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
13:36:35.0254 2396 uliahci - ok
13:36:35.0286 2396 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
13:36:35.0287 2396 UlSata - ok
13:36:35.0311 2396 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
13:36:35.0312 2396 ulsata2 - ok
13:36:35.0334 2396 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
13:36:35.0335 2396 umbus - ok
13:36:35.0393 2396 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
13:36:35.0398 2396 upnphost - ok
13:36:35.0431 2396 USBAAPL - ok
13:36:35.0469 2396 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
13:36:35.0470 2396 usbccgp - ok
13:36:35.0701 2396 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
13:36:35.0703 2396 usbcir - ok
13:36:35.0776 2396 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
13:36:35.0777 2396 usbehci - ok
13:36:35.0900 2396 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
13:36:35.0902 2396 usbhub - ok
13:36:36.0117 2396 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
13:36:36.0117 2396 usbohci - ok
13:36:36.0173 2396 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
13:36:36.0174 2396 usbprint - ok
13:36:36.0243 2396 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
13:36:36.0244 2396 usbscan - ok
13:36:36.0284 2396 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:36:36.0285 2396 USBSTOR - ok
13:36:36.0309 2396 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
13:36:36.0310 2396 usbuhci - ok
13:36:36.0378 2396 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
13:36:36.0380 2396 usbvideo - ok
13:36:36.0402 2396 UVCFTR (237c444fbd1c697a2e3fa60f02c61f22) C:\Windows\system32\Drivers\UVCFTR_S.SYS
13:36:36.0403 2396 UVCFTR - ok
13:36:36.0456 2396 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
13:36:36.0458 2396 UxSms - ok
13:36:36.0573 2396 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
13:36:36.0580 2396 vds - ok
13:36:36.0611 2396 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
13:36:36.0612 2396 vga - ok
13:36:36.0676 2396 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
13:36:36.0677 2396 VgaSave - ok
13:36:36.0785 2396 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
13:36:36.0786 2396 viaagp - ok
13:36:36.0812 2396 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
13:36:36.0813 2396 ViaC7 - ok
13:36:36.0830 2396 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
13:36:36.0831 2396 viaide - ok
13:36:36.0879 2396 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
13:36:36.0879 2396 volmgr - ok
13:36:36.0943 2396 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
13:36:36.0946 2396 volmgrx - ok
13:36:37.0011 2396 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
13:36:37.0013 2396 volsnap - ok
13:36:37.0078 2396 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
13:36:37.0080 2396 vsmraid - ok
13:36:37.0736 2396 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
13:36:37.0790 2396 VSS - ok
13:36:37.0854 2396 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
13:36:37.0858 2396 W32Time - ok
13:36:37.0909 2396 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
13:36:37.0910 2396 WacomPen - ok
13:36:37.0935 2396 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
13:36:37.0936 2396 Wanarp - ok
13:36:37.0938 2396 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
13:36:37.0939 2396 Wanarpv6 - ok
13:36:37.0969 2396 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
13:36:37.0975 2396 wcncsvc - ok
13:36:38.0012 2396 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
13:36:38.0015 2396 WcsPlugInService - ok
13:36:38.0049 2396 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
13:36:38.0050 2396 Wd - ok
13:36:38.0121 2396 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
13:36:38.0125 2396 Wdf01000 - ok
13:36:38.0145 2396 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
13:36:38.0148 2396 WdiServiceHost - ok
13:36:38.0150 2396 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
13:36:38.0152 2396 WdiSystemHost - ok
13:36:38.0217 2396 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
13:36:38.0221 2396 WebClient - ok
13:36:38.0262 2396 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
13:36:38.0265 2396 Wecsvc - ok
13:36:38.0299 2396 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
13:36:38.0302 2396 wercplsupport - ok
13:36:38.0362 2396 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
13:36:38.0365 2396 WerSvc - ok
13:36:38.0367 2396 WinHttpAutoProxySvc - ok
13:36:38.0421 2396 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
13:36:38.0423 2396 Winmgmt - ok
13:36:38.0883 2396 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
13:36:38.0900 2396 WinRM - ok
13:36:38.0994 2396 WinUSB (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\WinUSB.sys
13:36:38.0995 2396 WinUSB - ok
13:36:39.0076 2396 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
13:36:39.0084 2396 Wlansvc - ok
13:36:39.0284 2396 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:36:39.0285 2396 wlcrasvc - ok
13:36:39.0440 2396 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:36:39.0452 2396 wlidsvc - ok
13:36:39.0872 2396 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
13:36:39.0873 2396 WmiAcpi - ok
13:36:39.0996 2396 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
13:36:39.0997 2396 wmiApSrv - ok
13:36:40.0212 2396 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
13:36:40.0221 2396 WMPNetworkSvc - ok
13:36:40.0265 2396 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
13:36:40.0269 2396 WPCSvc - ok
13:36:40.0327 2396 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
13:36:40.0330 2396 WPDBusEnum - ok
13:36:40.0415 2396 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
13:36:40.0416 2396 WpdUsb - ok
13:36:40.0595 2396 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:36:40.0600 2396 WPFFontCache_v0400 - ok
13:36:40.0631 2396 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
13:36:40.0631 2396 ws2ifsl - ok
13:36:40.0692 2396 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
13:36:40.0694 2396 wscsvc - ok
13:36:40.0697 2396 WSearch - ok
13:36:40.0735 2396 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
13:36:40.0736 2396 WudfPf - ok
13:36:40.0773 2396 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:36:40.0775 2396 WUDFRd - ok
13:36:40.0801 2396 wudfsvc (2c0206ff8d2c75ac027d1096fa2fafda) C:\Windows\System32\WUDFSvc.dll
13:36:40.0867 2396 wudfsvc - ok
13:36:40.0906 2396 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
13:36:42.0311 2396 \Device\Harddisk0\DR0 - ok
13:36:42.0342 2396 Boot (0x1200) (2906d488426403c4d41b9bd6ffca51ec) \Device\Harddisk0\DR0\Partition0
13:36:42.0343 2396 \Device\Harddisk0\DR0\Partition0 - ok
13:36:42.0344 2396 ============================================================
13:36:42.0344 2396 Scan finished
13:36:42.0344 2396 ============================================================
13:36:42.0345 2388 Detected object count: 0
13:36:42.0345 2388 Actual detected object count: 0




aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-12 14:24:54
-----------------------------
14:24:54.291 OS Version: Windows 6.0.6002 Service Pack 2
14:24:54.291 Number of processors: 2 586 0x170A
14:24:54.291 ComputerName: D**M UserName:
14:25:32.980 Initialize success
14:26:02.588 AVAST engine defs: 12081200
14:26:06.644 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:26:06.660 Disk 0 Vendor: TOSHIBA_ LV01 Size: 305245MB BusType: 3
14:26:06.676 Disk 0 MBR read successfully
14:26:06.676 Disk 0 MBR scan
14:26:06.676 Disk 0 Windows VISTA default MBR code
14:26:06.691 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
14:26:06.707 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 296479 MB offset 3074048
14:26:06.738 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 7265 MB offset 610263040
14:26:06.754 Disk 0 scanning sectors +625141760
14:26:06.816 Disk 0 scanning C:\Windows\system32\drivers
14:26:18.142 Service scanning
14:26:47.984 Modules scanning
14:26:53.335 Disk 0 trace - called modules:
14:26:53.382 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
14:26:53.382 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x864bd728]
14:26:53.398 3 CLASSPNP.SYS[8ab0f8b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85a9a028]
14:26:54.568 AVAST engine scan C:\Windows
14:26:57.828 AVAST engine scan C:\Windows\system32
14:29:06.466 File: C:\Windows\assembly\GAC\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
14:30:33.794 AVAST engine scan C:\Windows\system32\drivers
14:31:04.136 AVAST engine scan C:\Users\D**** M*******
14:41:15.146 File: C:\Users\D**** M*******\AppData\Local\{482e0c65-3d90-d9c2-241f-655afc31ceec}\n **INFECTED** Win32:Trojan-gen
14:41:15.255 File: C:\Users\D**** M*******\AppData\Local\{482e0c65-3d90-d9c2-241f-655afc31ceec}\U\00000004.@ **INFECTED** Win32:Malware-gen
14:41:15.458 File: C:\Users\D**** M*******\AppData\Local\{482e0c65-3d90-d9c2-241f-655afc31ceec}\U\000000cb.@ **INFECTED** Win32:Malware-gen
14:41:15.582 File: C:\Users\D**** M*******\AppData\Local\{482e0c65-3d90-d9c2-241f-655afc31ceec}\U\80000000.@ **INFECTED** Win64:Sirefef-A [Trj]
14:46:24.114 Disk 0 MBR has been saved successfully to "C:\Users\D**** M*******\Desktop\Anti Malware\MBR.dat"
14:46:24.115 The log file has been saved successfully to "C:\Users\D**** M*******\Desktop\Anti Malware\aswMBR.txt"





C:\Program Files\1ClickDownload\ocmainpack.exe Win32/Adware.1ClickDownload.E application cleaned by deleting - quarantined
C:\Users\D**** M*******\AppData\Local\Temp\0.14931598870826712 a variant of Win32/Kryptik.AIGL trojan cleaned by deleting - quarantined
C:\Users\D**** M*******\AppData\Local\{482e0c65-3d90-d9c2-241f-655afc31ceec}\n Win32/Sirefef.EV trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\D**** M*******\AppData\Local\{482e0c65-3d90-d9c2-241f-655afc31ceec}\U\00000004.@ Win32/Conedex.D trojan cleaned by deleting - quarantined
C:\Users\D**** M*******\AppData\Local\{482e0c65-3d90-d9c2-241f-655afc31ceec}\U\000000cb.@ Win32/Conedex.E trojan cleaned by deleting - quarantined
C:\Users\D**** M*******\AppData\Local\{482e0c65-3d90-d9c2-241f-655afc31ceec}\U\80000000.@ a variant of Win32/Sirefef.FA trojan cleaned by deleting - quarantined
C:\Users\D**** M*******\AppData\Local\{482e0c65-3d90-d9c2-241f-655afc31ceec}\U\80000032.@ a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
C:\Users\D**** M*******\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\3893baa4-3574c048 multiple threats deleted - quarantined
C:\Users\D**** M*******\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\69928a3d-6073585f a variant of Java/TrojanDownloader.Agent.NDJ trojan deleted - quarantined
C:\Users\D**** M*******\AppData\Roaming\Mozilla\Firefox\Profiles\pa6ol793.default\extensions\lrlvzpcypg@lrlvzpcypg.org.xpi JS/Redirector.NCA trojan deleted - quarantined
C:\Users\D**** M*******\Downloads\Motorola_Mobile_Phone_Tools_Deluxe_4___USB_Driver.exe Win32/Adware.1ClickDownload.C application cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SF2N43G0\cat-and-dolphin-playing-together[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
Operating memory multiple threats

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:36 PM

Posted 12 August 2012 - 09:51 PM

Download

systemlook

Launch it and copy this script and paste in the BOX

:filefind
services.exe
:folderfind
{482e0c65-3d90-d9c2-241f-655afc31ceec}

Click on LOOK,post the generated log

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#10 malkinism

malkinism
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:36 PM

Posted 14 August 2012 - 12:18 PM

SystemLook 30.07.11 by jpshortstuff
Log created at 17:50 on 13/08/2012 by D**** M*******
Administrator - Elevation successful

========== filefind ==========

Searching for "services.exe"
C:\Windows\System32\services.exe --a---- 279552 bytes [03:11 21/09/2009] [06:27 11/04/2009] D4E6D91C1349B7BFB3599A6ADA56851B
C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe --a---- 279040 bytes [02:24 21/01/2008] [02:24 21/01/2008] 2B336AB6286D6C81FA02CBAB914E3C6C
C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe --a---- 279552 bytes [03:11 21/09/2009] [06:27 11/04/2009] D4E6D91C1349B7BFB3599A6ADA56851B

========== folderfind ==========

Searching for "{482e0c65-3d90-d9c2-241f-655afc31ceec}"
C:\Users\D**** M*******\AppData\Local\{482e0c65-3d90-d9c2-241f-655afc31ceec} d--hs-- [01:44 11/01/2012]
C:\Windows\Installer\{482e0c65-3d90-d9c2-241f-655afc31ceec} d--hs-- [01:44 11/01/2012]

-= EOF =-


MiniToolBox by Farbar Version: 23-07-2012
Ran by D**** M******* (administrator) on 14-08-2012 at 12:49:00
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: http=127.0.0.1:23012

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® Wireless WiFi Link 5100 = Wireless Network Connection (Connected)
Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0) = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : D**M
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Wireless WiFi Link 5100
Physical Address. . . . . . . . . : 00-22-FA-8A-43-D4
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::e835:ea59:687d:7d9d%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.102(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, August 13, 2012 7:25:34 PM
Lease Expires . . . . . . . . . . : Wednesday, August 15, 2012 10:17:38 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 301998842
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-04-95-FF-00-1E-33-96-FF-64
DNS Servers . . . . . . . . . . . : 75.75.76.76
75.75.75.75
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
Physical Address. . . . . . . . . : 00-1E-33-A9-07-66
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{C8E7E969-11DE-4EBC-B87A-AFA18A9F4AAC}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{0B85F634-3FEA-44AD-A93A-8DE2C2BC4365}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns02.comcast.net
Address: 75.75.76.76

Name: google.com
Addresses: 2607:f8b0:4009:803::1004
74.125.225.142
74.125.225.133
74.125.225.132
74.125.225.130
74.125.225.137
74.125.225.129
74.125.225.136
74.125.225.135
74.125.225.128
74.125.225.131
74.125.225.134


Pinging google.com [74.125.225.35] with 32 bytes of data:
Reply from 74.125.225.35: bytes=32 time=29ms TTL=52
Reply from 74.125.225.35: bytes=32 time=25ms TTL=52

Ping statistics for 74.125.225.35:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 25ms, Maximum = 29ms, Average = 27ms
Server: cdns02.comcast.net
Address: 75.75.76.76

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=108ms TTL=48
Reply from 98.138.253.109: bytes=32 time=57ms TTL=48

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 57ms, Maximum = 108ms, Average = 82ms
Server: cdns02.comcast.net
Address: 75.75.76.76

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11 ...00 22 fa 8a 43 d4 ...... Intel® Wireless WiFi Link 5100
10 ...00 1e 33 a9 07 66 ...... Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
1 ........................... Software Loopback Interface 1
12 ...00 00 00 00 00 00 00 e0 isatap.{C8E7E969-11DE-4EBC-B87A-AFA18A9F4AAC}
14 ...00 00 00 00 00 00 00 e0 isatap.{0B85F634-3FEA-44AD-A93A-8DE2C2BC4365}
13 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.102 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.102 281
192.168.1.102 255.255.255.255 On-link 192.168.1.102 281
192.168.1.255 255.255.255.255 On-link 192.168.1.102 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.102 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.102 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 281 fe80::/64 On-link
11 281 fe80::e835:ea59:687d:7d9d/128
On-link
1 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()
Catalog9 14 mswsock.dll [File Not found] ()
Catalog9 15 mswsock.dll [File Not found] ()
Catalog9 16 mswsock.dll [File Not found] ()
Catalog9 17 mswsock.dll [File Not found] ()
Catalog9 18 mswsock.dll [File Not found] ()
Catalog9 19 mswsock.dll [File Not found] ()
Catalog9 20 mswsock.dll [File Not found] ()
Catalog9 21 mswsock.dll [File Not found] ()
Catalog9 22 mswsock.dll [File Not found] ()
Catalog9 23 mswsock.dll [File Not found] ()
Catalog9 24 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/13/2012 07:25:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/13/2012 05:49:31 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/13/2012 05:49:04 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (08/13/2012 05:37:05 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2012 11:04:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2012 05:11:30 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2012 05:08:27 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2012 02:23:51 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (08/12/2012 02:18:00 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2012 01:29:09 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (08/14/2012 10:25:32 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.131.1879.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (08/13/2012 07:37:34 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.131.1879.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (08/13/2012 07:27:05 PM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (08/13/2012 07:25:36 PM) (Source: Service Control Manager) (User: )
Description: Windows Firewall5 (0x5)

Error: (08/13/2012 05:58:27 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.131.1879.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (08/13/2012 05:49:31 PM) (Source: Service Control Manager) (User: )
Description: MpFilter
spldr
sptd
Wanarpv6

Error: (08/13/2012 05:49:31 PM) (Source: Service Control Manager) (User: )
Description: Windows Firewall5 (0x5)

Error: (08/13/2012 05:49:31 PM) (Source: Service Control Manager) (User: )
Description: Computer BrowserServer%%1068

Error: (08/13/2012 05:49:27 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (08/13/2012 05:49:06 PM) (Source: DCOM) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer (Version: 1.0.0)
AC3Filter (remove only)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.270)
Adobe Flash Player 11 Plugin (Version: 11.3.300.270)
Adobe Reader 8.1.2 (Version: 8.1.2)
Aire Freshener 2.0
Bluetooth Stack for Windows by Toshiba (Version: v6.10.07(T))
BufferChm (Version: 100.0.170.000)
Camera Assistant Software for Toshiba (Version: 1.7.209.0807L)
CD/DVD Drive Acoustic Silencer (Version: 2.02.03)
Copy (Version: 100.0.170.000)
CustomerResearchQFolder (Version: 1.00.0000)
CyberLink PowerCinema for TOSHIBA (Version: 6.0.2001)
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.40.2.0131)
Destination Component (Version: 100.0.0.0)
DeviceDiscovery (Version: 100.0.190.000)
DeviceManagementQFolder (Version: 1.00.0000)
DivX Setup (Version: 2.2.1.2)
DJ_AIO_03_F4200_ProductContext (Version: 100.0.215.000)
DJ_AIO_03_F4200_Software (Version: 100.0.206.000)
DJ_AIO_03_F4200_Software_Min (Version: 100.0.213.000)
DVD MovieFactory for TOSHIBA (Version: 5.51)
ESET Online Scanner v3
eSupportQFolder (Version: 1.00.0000)
Eternal Eden 1.03 Cracked
Express Scribe
Final Fantasy VII - Ultima Edition
Final Media Player 2010
FlashFXP v4.0 (Version: 4.0.0.1525)
Google Update Helper (Version: 1.3.21.115)
GPBaseService (Version: 100.0.187.000)
HP Customer Participation Program 10.0 (Version: 10.0)
HP Deskjet F4200 All-In-One Driver Software 10.0 Rel .3 (Version: 10.0)
HP Imaging Device Functions 10.0 (Version: 10.0)
HP Photosmart Essential 2.5 (Version: 1.02.0000)
HP Photosmart Essential 2.5 (Version: 2.5)
HP Smart Web Printing (Version: 3.5)
HP Solution Center 10.0 (Version: 10.0)
HP Update (Version: 4.000.007.003)
HPProductAssistant (Version: 100.0.170.000)
HPSSupply (Version: 100.0.170.000)
Intel® Graphics Media Accelerator Driver
Intel® PROSet/Wireless WiFi Software (Version: 12.00.0004)
Intel® Matrix Storage Manager
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Java™ 6 Update 6 (Version: 1.6.0.60)
Junk Mail filter update (Version: 15.4.3502.0922)
League of Legends (Version: 1.3)
Malwarebytes' Anti-Malware
MarketResearch (Version: 100.0.170.000)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft XML Parser (Version: 8.20.8730.4)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
PSSWCORE (Version: 2.02.0000)
Realtek 8169 8168 8101E 8102E Ethernet Driver (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.5599)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.02 (Version: 3.54.02)
RPG Maker VX (Version: 1.02)
RPG Maker VX RTP (Version: 1.02)
Scan (Version: 10.0.0.0)
Segoe UI (Version: 15.4.2271.0615)
Shop for HP Supplies (Version: 10.0)
Skype Click to Call (Version: 6.1.10441)
Skype™ 5.10 (Version: 5.10.116)
SmartWebPrintingOC (Version: 100.0.189.000)
SolutionCenter (Version: 100.0.175.000)
Status (Version: 100.0.175.000)
Synaptics Pointing Device Driver (Version: 10.1.8.0)
Toolbox (Version: 100.0.170.000)
TOSHIBA Assist (Version: 2.01.05)
TOSHIBA ConfigFree (Version: 7.2.21)
TOSHIBA Desktop Links (Version: 1.7)
TOSHIBA Disc Creator (Version: 2.0.1.3)
TOSHIBA DVD PLAYER (Version: 1.31.14)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00)
TOSHIBA Face Recognition (Version: 2.0.2.32)
TOSHIBA Hardware Setup (Version: 2.00.08)
TOSHIBA PowerCinema Helper (Version: 1.00)
TOSHIBA Recovery Disc Creator (Version: 2.0.0.2)
Toshiba Registration (Version: 1.00.0000)
TOSHIBA SD Memory Utilities (Version: 1.8.1.3)
TOSHIBA Service Station (Version: 1.1.14)
TOSHIBA Software Modem (Version: 2.1.77 (SM2177ALD04))
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password (Version: 2.00.04)
TOSHIBA Value Added Package (Version: 1.1.19)
TrayApp (Version: 100.0.170.000)
UnloadSupport (Version: 10.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
VideoToolkit01 (Version: 100.0.128.000)
Viewpoint Media Player
VLC media player 2.0.0 (Version: 2.0.0)
vShare Plugin
WebReg (Version: 100.0.170.000)
WildTangent Games (Version: 1.0.0.62)
Winamp (Version: 5.581 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.3374)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows Mobile Device Updater Component (Version: 04.07.1407.00)
Windows Phone Intro Video (ENU) (Version: 04.07.0975.00)
WinRAR archiver
Xvid 1.2.1 final uninstall (Version: 1.2)

========================= Memory info: ===================================

Percentage of memory in use: 58%
Total physical RAM: 2939.25 MB
Available physical RAM: 1228.64 MB
Total Pagefile: 6084.76 MB
Available Pagefile: 4587.76 MB
Total Virtual: 2047.88 MB
Available Virtual: 1946.21 MB

========================= Partitions: =====================================

1 Drive c: (SQ004829V03) (Fixed) (Total:289.53 GB) (Free:142.92 GB) NTFS

========================= Users: ========================================

User accounts for \\D**M

Administrator D**** M******* Guest


**** End of log ****



Farbar Service Scanner Version: 06-08-2012
Ran by D**** M******* (administrator) on 14-08-2012 at 12:57:02
Running from "C:\Users\D**** M*******\Downloads"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to open SharedAccess registry key. The service key does not exist.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll
[2008-01-20 22:24] - [2008-01-20 22:24] - 0288256 ____A (Microsoft Corporation) E1499BD0FF76B1B2FBBF1AF339D91165

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****



# AdwCleaner v1.801 - Logfile created 08/14/2012 at 13:00:47
# Updated 14/08/2012 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : D**** M******* - D**M
# Boot Mode : Normal
# Running from : C:\Users\D**** M*******\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\D**** M*******\AppData\LocalLow\vShare
Folder Deleted : C:\ProgramData\Viewpoint
Folder Deleted : C:\Program Files\Viewpoint
Folder Deleted : C:\Program Files\vShare
Folder Deleted : C:\ProgramData\Partner
File Deleted : C:\Users\D****M~1\AppData\Local\Temp\Uninstall.exe

***** [Registry] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\vShare
Key Deleted : HKCU\Software\vShare
Key Deleted : HKLM\SOFTWARE\Classes\AppID\kt_bho_dll.dll
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\kt_bho.KettleBho.1
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\vsharechrome
Key Deleted : HKLM\SOFTWARE\Classes\vShare.IMedixProtocol
Key Deleted : HKLM\SOFTWARE\Classes\vShare.IMedixProtocol.1
Key Deleted : HKLM\SOFTWARE\Classes\vShare.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\vShare.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\vShare.ScriptHelpers
Key Deleted : HKLM\SOFTWARE\Classes\vShare.ScriptHelpers.1
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Freeze.com
Key Deleted : HKLM\SOFTWARE\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\vShare
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\SOFTWARE\Software
Key Deleted : HKLM\SOFTWARE\Viewpoint

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28A88B70-D874-4f73-BBBA-9B2B222FB7D6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{043C5167-00BB-4324-AF7E-62013FAEDACF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{20ED5AF7-D9C4-409E-9EB3-D2A44A77FB6D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3E315C81-442B-431C-AEC8-ED189699EC24}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{043C5167-00BB-4324-AF7E-62013FAEDACF}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{043C5167-00BB-4324-AF7E-62013FAEDACF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{043C5167-00BB-4324-AF7E-62013FAEDACF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{043C5167-00BB-4324-AF7E-62013FAEDACF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{043C5167-00BB-4324-AF7E-62013FAEDACF}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{043C5167-00BB-4324-AF7E-62013FAEDACF}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\D**** M*******\AppData\Roaming\Mozilla\Firefox\Profiles\pa6ol793.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [4504 octets] - [14/08/2012 13:00:47]

########## EOF - C:\AdwCleaner[S1].txt - [4632 octets] ##########

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:36 PM

Posted 14 August 2012 - 12:49 PM

Open your C drive

On top,click on Organize-folder and search options

Click on View tab and scroll down

Check mark Show hidden files
Uncheck Hide operating system files


Click ok,now go to

C:\Users\D**** M*******\AppData\Local\{482e0c65-3d90-d9c2-241f-655afc31ceec}
C:\Windows\Installer\{482e0c65-3d90-d9c2-241f-655afc31ceec}

delete the folders

Download

windefend
wuauserv
BITS
Sharedaccess

Launch them ,click YES

restart the PC

Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
Reset file permissions
Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache
Repair hosts


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Post the FSS log

#12 malkinism

malkinism
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:36 PM

Posted 14 August 2012 - 01:36 PM

I could not locate the first folder to delete, but did delete the second folder. I did not want to move on in this step without knowing about the first file folder.

#13 malkinism

malkinism
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:36 PM

Posted 14 August 2012 - 01:44 PM

Excuse me, I can locate it, but only by copy and paste methods. When I hit back, to view the folder beforehand, it does not send me the folder with that name. Am I okay just to delete contents in the folder and leave it or do I need to remove the folder in its entirety?

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:36 PM

Posted 14 August 2012 - 01:49 PM

Open your C drive

On top,click on Organize-folder and search options

Click on View tab and scroll down

Check mark Show hidden files
Uncheck Hide operating system files


Click ok


Pleas do this again

You should be able to view the folder

I could not locate the first folder to delete, but did delete the second folder. I did not want to move on in this step without knowing about the first file folder.


I cant help you locate the folder unless you post your USERNAME properly :thumbup2:

#15 malkinism

malkinism
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:36 PM

Posted 14 August 2012 - 02:45 PM

When my computer username and real name are the same, that information is going to be replaced with ****'s. I don't know who reads this. ;)


Farbar Service Scanner Version: 06-08-2012
Ran by D**** M******* (administrator) on 14-08-2012 at 15:44:30
Running from "C:\Users\D**** M*******\Downloads"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll
[2008-01-20 22:24] - [2008-01-20 22:24] - 0288256 ____A (Microsoft Corporation) E1499BD0FF76B1B2FBBF1AF339D91165

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users