Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Ran Malware, Still have Issues


  • Please log in to reply
11 replies to this topic

#1 twalsh87

twalsh87

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:19 PM

Posted 25 November 2012 - 09:20 PM

Hi, my computer is a Toshiba with a Vista OS. For a month now, it has not been able to start up regularly. It will only start in one of the "safe mode" functions. I downloaded Malwarebytes from your website, and removed all files it suggested. I rebooted and it still will not start up as normal. Below is the report from Malwarebytes. I appreciate any help you can provide.

Malwarebytes' Anti-Malware 1.41
Database version: 2775
Windows 6.0.6002 Service Pack 2 (Safe Mode)

12/27/2009 7:10:06 PM
mbam-log-2009-12-27 (19-10-06).txt

Scan type: Full Scan (C:\|)
Objects scanned: 215659
Time elapsed: 42 minute(s), 57 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 7

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\gvtl (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Gamevance (Adware.Gamevance) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\Gamevance (Adware.Gamevance) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files\Gamevance\ars.cfg (Adware.Gamevance) -> Quarantined and deleted successfully.
C:\Program Files\Gamevance\gamevance32.exe (Adware.Gamevance) -> Quarantined and deleted successfully.
C:\Program Files\Gamevance\gamevancelib32.dll (Adware.Gamevance) -> Quarantined and deleted successfully.
C:\Program Files\Gamevance\gvun.exe (Adware.Gamevance) -> Quarantined and deleted successfully.
C:\Program Files\Gamevance\icon.ico (Adware.Gamevance) -> Quarantined and deleted successfully.
C:\Windows\010112010146118114.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Windows\934fdfg34fgjf23 (Worm.KoobFace) -> Quarantined and deleted successfully.

Thank you.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:19 PM

Posted 25 November 2012 - 09:32 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 twalsh87

twalsh87
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:19 PM

Posted 26 November 2012 - 06:58 PM

18:53:43.0656 2620 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:53:43.0960 2620 ============================================================
18:53:43.0960 2620 Current date / time: 2012/11/26 18:53:43.0960
18:53:43.0960 2620 SystemInfo:
18:53:43.0960 2620
18:53:43.0960 2620 OS Version: 6.0.6002 ServicePack: 2.0
18:53:43.0960 2620 Product type: Workstation
18:53:43.0960 2620 ComputerName: TJ-PC
18:53:43.0960 2620 UserName: TJ
18:53:43.0960 2620 Windows directory: C:\Windows
18:53:43.0960 2620 System windows directory: C:\Windows
18:53:43.0960 2620 Processor architecture: Intel x86
18:53:43.0960 2620 Number of processors: 2
18:53:43.0960 2620 Page size: 0x1000
18:53:43.0960 2620 Boot type: Safe boot with network
18:53:43.0960 2620 ============================================================
18:53:44.0463 2620 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:53:44.0463 2620 ============================================================
18:53:44.0463 2620 \Device\Harddisk0\DR0:
18:53:44.0463 2620 MBR partitions:
18:53:44.0463 2620 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x2430F800
18:53:44.0463 2620 ============================================================
18:53:44.0510 2620 C: <-> \Device\Harddisk0\DR0\Partition1
18:53:44.0510 2620 ============================================================
18:53:44.0510 2620 Initialize success
18:53:44.0510 2620 ============================================================
18:56:07.0707 2812 ============================================================
18:56:07.0707 2812 Scan started
18:56:07.0707 2812 Mode: Manual;
18:56:07.0707 2812 ============================================================
18:56:08.0810 2812 ================ Scan system memory ========================
18:56:08.0810 2812 System memory - ok
18:56:08.0810 2812 ================ Scan services =============================
18:56:09.0002 2812 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
18:56:09.0007 2812 ACPI - ok
18:56:09.0129 2812 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:56:09.0135 2812 AdobeFlashPlayerUpdateSvc - ok
18:56:09.0215 2812 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:56:09.0223 2812 adp94xx - ok
18:56:09.0275 2812 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:56:09.0280 2812 adpahci - ok
18:56:09.0301 2812 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
18:56:09.0304 2812 adpu160m - ok
18:56:09.0348 2812 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:56:09.0351 2812 adpu320 - ok
18:56:09.0415 2812 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:56:09.0416 2812 AeLookupSvc - ok
18:56:09.0508 2812 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
18:56:09.0510 2812 AFD - ok
18:56:09.0572 2812 [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
18:56:09.0573 2812 AgereModemAudio - ok
18:56:09.0650 2812 [ CE91B158FA490CF4C4D487A4130F4660 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
18:56:09.0669 2812 AgereSoftModem - ok
18:56:09.0716 2812 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:56:09.0717 2812 agp440 - ok
18:56:09.0776 2812 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
18:56:09.0778 2812 aic78xx - ok
18:56:09.0807 2812 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
18:56:09.0809 2812 ALG - ok
18:56:09.0848 2812 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
18:56:09.0849 2812 aliide - ok
18:56:09.0889 2812 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
18:56:09.0891 2812 amdagp - ok
18:56:09.0913 2812 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
18:56:09.0914 2812 amdide - ok
18:56:09.0958 2812 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
18:56:09.0959 2812 AmdK7 - ok
18:56:09.0987 2812 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:56:09.0989 2812 AmdK8 - ok
18:56:10.0062 2812 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
18:56:10.0064 2812 Appinfo - ok
18:56:10.0228 2812 [ 5AA788D5A2C6737BB9C45933985BC1B8 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:56:10.0233 2812 Apple Mobile Device - ok
18:56:10.0311 2812 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
18:56:10.0314 2812 arc - ok
18:56:10.0344 2812 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:56:10.0346 2812 arcsas - ok
18:56:10.0397 2812 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:56:10.0397 2812 AsyncMac - ok
18:56:10.0454 2812 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
18:56:10.0456 2812 atapi - ok
18:56:10.0530 2812 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:56:10.0536 2812 AudioEndpointBuilder - ok
18:56:10.0550 2812 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
18:56:10.0553 2812 Audiosrv - ok
18:56:10.0765 2812 [ D45B7995761253A92AB071D576114F28 ] AVG Security Toolbar Service C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
18:56:10.0769 2812 AVG Security Toolbar Service - ok
18:56:11.0004 2812 [ 7A0F6A3E0E41425B9BA54616B482668A ] AVGIDSAgent C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
18:56:11.0215 2812 AVGIDSAgent - ok
18:56:11.0261 2812 [ 1C8D965BBCAA9EE5DEFDB54743437086 ] AVGIDSDriver C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
18:56:11.0264 2812 AVGIDSDriver - ok
18:56:11.0319 2812 [ C59C9BC3F0612BD207CCDC5D8CB9CE39 ] AVGIDSEH C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
18:56:11.0320 2812 AVGIDSEH - ok
18:56:11.0329 2812 [ C5559DE2EC66CEDE15A1664F6D183D8E ] AVGIDSFilter C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
18:56:11.0330 2812 AVGIDSFilter - ok
18:56:11.0359 2812 [ AE5E9667FA40206796D1BD5BD0427A8A ] AVGIDSShim C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
18:56:11.0360 2812 AVGIDSShim - ok
18:56:11.0414 2812 [ 4E796D3D2C3182B13B3E3B5A2AD4EF0A ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
18:56:11.0419 2812 Avgldx86 - ok
18:56:11.0441 2812 [ 5639DE66B37D02BD22DF4CF3155FBA60 ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
18:56:11.0442 2812 Avgmfx86 - ok
18:56:11.0517 2812 [ D1BAF652EDA0AE70896276A1FB32C2D4 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
18:56:11.0518 2812 Avgrkx86 - ok
18:56:11.0543 2812 [ AAF0EBCAD95F2164CFFB544E00392498 ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
18:56:11.0548 2812 Avgtdix - ok
18:56:11.0580 2812 [ FC2BC51120A945F7C70376495E4E7737 ] avgwd C:\Program Files\AVG\AVG10\avgwdsvc.exe
18:56:11.0585 2812 avgwd - ok
18:56:11.0649 2812 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
18:56:11.0650 2812 Beep - ok
18:56:11.0723 2812 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
18:56:11.0729 2812 BFE - ok
18:56:11.0810 2812 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
18:56:11.0823 2812 BITS - ok
18:56:11.0861 2812 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
18:56:11.0863 2812 blbdrive - ok
18:56:11.0951 2812 [ F832F1505AD8B83474BD9A5B1B985E01 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:56:11.0957 2812 Bonjour Service - ok
18:56:11.0984 2812 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:56:11.0986 2812 bowser - ok
18:56:12.0053 2812 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
18:56:12.0054 2812 BrFiltLo - ok
18:56:12.0075 2812 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
18:56:12.0076 2812 BrFiltUp - ok
18:56:12.0118 2812 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
18:56:12.0120 2812 Browser - ok
18:56:12.0153 2812 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
18:56:12.0155 2812 Brserid - ok
18:56:12.0186 2812 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
18:56:12.0187 2812 BrSerWdm - ok
18:56:12.0217 2812 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
18:56:12.0218 2812 BrUsbMdm - ok
18:56:12.0233 2812 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
18:56:12.0234 2812 BrUsbSer - ok
18:56:12.0292 2812 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:56:12.0293 2812 BTHMODEM - ok
18:56:12.0336 2812 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:56:12.0338 2812 cdfs - ok
18:56:12.0382 2812 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:56:12.0383 2812 cdrom - ok
18:56:12.0437 2812 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
18:56:12.0437 2812 CertPropSvc - ok
18:56:12.0455 2812 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
18:56:12.0456 2812 circlass - ok
18:56:12.0494 2812 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
18:56:12.0498 2812 CLFS - ok
18:56:12.0569 2812 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:56:12.0570 2812 clr_optimization_v2.0.50727_32 - ok
18:56:12.0668 2812 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:56:12.0672 2812 clr_optimization_v4.0.30319_32 - ok
18:56:12.0740 2812 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:56:12.0741 2812 CmBatt - ok
18:56:12.0764 2812 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:56:12.0765 2812 cmdide - ok
18:56:12.0783 2812 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:56:12.0784 2812 Compbatt - ok
18:56:12.0796 2812 COMSysApp - ok
18:56:12.0862 2812 [ C508B28B9DA7563634A2A2B2EEF4395D ] ConfigFree Service C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
18:56:12.0864 2812 ConfigFree Service - ok
18:56:12.0869 2812 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:56:12.0871 2812 crcdisk - ok
18:56:12.0892 2812 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
18:56:12.0894 2812 Crusoe - ok
18:56:12.0965 2812 [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:56:12.0968 2812 CryptSvc - ok
18:56:13.0037 2812 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:56:13.0047 2812 DcomLaunch - ok
18:56:13.0074 2812 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:56:13.0076 2812 DfsC - ok
18:56:13.0165 2812 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
18:56:13.0197 2812 DFSR - ok
18:56:13.0281 2812 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
18:56:13.0284 2812 Dhcp - ok
18:56:13.0307 2812 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
18:56:13.0308 2812 disk - ok
18:56:13.0374 2812 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:56:13.0376 2812 Dnscache - ok
18:56:13.0401 2812 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:56:13.0405 2812 dot3svc - ok
18:56:13.0460 2812 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
18:56:13.0463 2812 DPS - ok
18:56:13.0519 2812 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:56:13.0520 2812 drmkaud - ok
18:56:13.0558 2812 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:56:13.0569 2812 DXGKrnl - ok
18:56:13.0617 2812 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
18:56:13.0620 2812 E1G60 - ok
18:56:13.0655 2812 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
18:56:13.0657 2812 EapHost - ok
18:56:13.0742 2812 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
18:56:13.0744 2812 Ecache - ok
18:56:13.0808 2812 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:56:13.0813 2812 ehRecvr - ok
18:56:13.0829 2812 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
18:56:13.0831 2812 ehSched - ok
18:56:13.0849 2812 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
18:56:13.0850 2812 ehstart - ok
18:56:13.0913 2812 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:56:13.0919 2812 elxstor - ok
18:56:13.0960 2812 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
18:56:13.0970 2812 EMDMgmt - ok
18:56:14.0013 2812 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:56:14.0014 2812 ErrDev - ok
18:56:14.0047 2812 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
18:56:14.0050 2812 EventSystem - ok
18:56:14.0151 2812 [ 306AC856622864C761CBDB5E816BB9D8 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
18:56:14.0164 2812 EvtEng - ok
18:56:14.0234 2812 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
18:56:14.0236 2812 exfat - ok
18:56:14.0289 2812 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:56:14.0291 2812 fastfat - ok
18:56:14.0339 2812 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:56:14.0340 2812 fdc - ok
18:56:14.0371 2812 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
18:56:14.0373 2812 fdPHost - ok
18:56:14.0378 2812 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
18:56:14.0380 2812 FDResPub - ok
18:56:14.0425 2812 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:56:14.0427 2812 FileInfo - ok
18:56:14.0453 2812 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:56:14.0454 2812 Filetrace - ok
18:56:14.0483 2812 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:56:14.0484 2812 flpydisk - ok
18:56:14.0516 2812 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:56:14.0520 2812 FltMgr - ok
18:56:14.0606 2812 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
18:56:14.0620 2812 FontCache - ok
18:56:14.0715 2812 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:56:14.0717 2812 FontCache3.0.0.0 - ok
18:56:14.0743 2812 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:56:14.0744 2812 Fs_Rec - ok
18:56:14.0780 2812 [ CBC22823628544735625B280665E434E ] FwLnk C:\Windows\system32\DRIVERS\FwLnk.sys
18:56:14.0781 2812 FwLnk - ok
18:56:14.0806 2812 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:56:14.0808 2812 gagp30kx - ok
18:56:14.0865 2812 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\Drivers\GEARAspiWDM.sys
18:56:14.0867 2812 GEARAspiWDM - ok
18:56:14.0901 2812 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
18:56:14.0911 2812 gpsvc - ok
18:56:15.0031 2812 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
18:56:15.0034 2812 gupdate - ok
18:56:15.0040 2812 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
18:56:15.0041 2812 gupdatem - ok
18:56:15.0111 2812 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
18:56:15.0114 2812 gusvc - ok
18:56:15.0180 2812 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:56:15.0185 2812 HdAudAddService - ok
18:56:15.0240 2812 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:56:15.0249 2812 HDAudBus - ok
18:56:15.0269 2812 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:56:15.0270 2812 HidBth - ok
18:56:15.0297 2812 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
18:56:15.0298 2812 HidIr - ok
18:56:15.0330 2812 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
18:56:15.0331 2812 hidserv - ok
18:56:15.0380 2812 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:56:15.0381 2812 HidUsb - ok
18:56:15.0410 2812 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:56:15.0412 2812 hkmsvc - ok
18:56:15.0445 2812 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
18:56:15.0446 2812 HpCISSs - ok
18:56:15.0475 2812 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:56:15.0483 2812 HTTP - ok
18:56:15.0509 2812 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
18:56:15.0510 2812 i2omp - ok
18:56:15.0567 2812 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:56:15.0568 2812 i8042prt - ok
18:56:15.0629 2812 [ 707C1692214B1C290271067197F075F6 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
18:56:15.0631 2812 iaStor - ok
18:56:15.0672 2812 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
18:56:15.0676 2812 iaStorV - ok
18:56:15.0777 2812 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
18:56:15.0779 2812 IDriverT - ok
18:56:15.0868 2812 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:56:15.0882 2812 idsvc - ok
18:56:15.0984 2812 [ 6FB1858D1F0923D122B0331865695041 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
18:56:16.0022 2812 igfx - ok
18:56:16.0055 2812 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:56:16.0057 2812 iirsp - ok
18:56:16.0086 2812 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
18:56:16.0094 2812 IKEEXT - ok
18:56:16.0207 2812 [ B9CBD3DEA7CA02868621173BF7A2AF9F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
18:56:16.0240 2812 IntcAzAudAddService - ok
18:56:16.0301 2812 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
18:56:16.0302 2812 intelide - ok
18:56:16.0345 2812 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:56:16.0347 2812 intelppm - ok
18:56:16.0396 2812 IO_Memory - ok
18:56:16.0431 2812 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:56:16.0433 2812 IPBusEnum - ok
18:56:16.0456 2812 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:56:16.0456 2812 IpFilterDriver - ok
18:56:16.0511 2812 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:56:16.0516 2812 iphlpsvc - ok
18:56:16.0521 2812 IpInIp - ok
18:56:16.0540 2812 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
18:56:16.0542 2812 IPMIDRV - ok
18:56:16.0586 2812 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
18:56:16.0588 2812 IPNAT - ok
18:56:16.0649 2812 [ 8E5E5A8CC84DA3F683E3BBC045138D52 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:56:16.0662 2812 iPod Service - ok
18:56:16.0681 2812 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:56:16.0682 2812 IRENUM - ok
18:56:16.0708 2812 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:56:16.0710 2812 isapnp - ok
18:56:16.0769 2812 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
18:56:16.0772 2812 iScsiPrt - ok
18:56:16.0805 2812 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
18:56:16.0806 2812 iteatapi - ok
18:56:16.0848 2812 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
18:56:16.0850 2812 iteraid - ok
18:56:16.0864 2812 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:56:16.0865 2812 kbdclass - ok
18:56:16.0913 2812 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:56:16.0914 2812 kbdhid - ok
18:56:16.0959 2812 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
18:56:16.0960 2812 KeyIso - ok
18:56:16.0983 2812 [ E8CA038F51F7761BD6E3A3B0B8014263 ] KR10I C:\Windows\system32\drivers\kr10i.sys
18:56:16.0987 2812 KR10I - ok
18:56:17.0005 2812 [ 6A4ADB9186DD0E114E623DAF57E42B31 ] KR10N C:\Windows\system32\drivers\kr10n.sys
18:56:17.0009 2812 KR10N - ok
18:56:17.0045 2812 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:56:17.0053 2812 KSecDD - ok
18:56:17.0112 2812 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
18:56:17.0119 2812 KtmRm - ok
18:56:17.0176 2812 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
18:56:17.0179 2812 LanmanServer - ok
18:56:17.0215 2812 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:56:17.0218 2812 LanmanWorkstation - ok
18:56:17.0252 2812 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:56:17.0253 2812 lltdio - ok
18:56:17.0284 2812 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:56:17.0287 2812 lltdsvc - ok
18:56:17.0299 2812 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:56:17.0301 2812 lmhosts - ok
18:56:17.0320 2812 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:56:17.0323 2812 LSI_FC - ok
18:56:17.0343 2812 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:56:17.0345 2812 LSI_SAS - ok
18:56:17.0361 2812 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:56:17.0363 2812 LSI_SCSI - ok
18:56:17.0378 2812 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
18:56:17.0380 2812 luafv - ok
18:56:17.0446 2812 [ D6767D36902E4B9F9EBB2DDD3BBF1A35 ] mbamchameleon C:\Windows\system32\drivers\mbamchameleon.sys
18:56:17.0447 2812 mbamchameleon - ok
18:56:17.0487 2812 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:56:17.0488 2812 MBAMProtector - ok
18:56:17.0553 2812 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:56:17.0560 2812 MBAMScheduler - ok
18:56:17.0596 2812 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:56:17.0607 2812 MBAMService - ok
18:56:17.0638 2812 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\Windows\system32\drivers\mbamswissarmy.sys
18:56:17.0639 2812 MBAMSwissArmy - ok
18:56:17.0671 2812 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:56:17.0674 2812 Mcx2Svc - ok
18:56:17.0745 2812 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
18:56:17.0746 2812 megasas - ok
18:56:17.0825 2812 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
18:56:17.0832 2812 MegaSR - ok
18:56:17.0859 2812 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
18:56:17.0862 2812 MMCSS - ok
18:56:17.0875 2812 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
18:56:17.0876 2812 Modem - ok
18:56:17.0894 2812 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:56:17.0895 2812 monitor - ok
18:56:17.0910 2812 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:56:17.0911 2812 mouclass - ok
18:56:17.0933 2812 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:56:17.0934 2812 mouhid - ok
18:56:17.0956 2812 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
18:56:17.0958 2812 MountMgr - ok
18:56:18.0030 2812 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
18:56:18.0032 2812 mpio - ok
18:56:18.0062 2812 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:56:18.0063 2812 mpsdrv - ok
18:56:18.0091 2812 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
18:56:18.0097 2812 MpsSvc - ok
18:56:18.0114 2812 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
18:56:18.0116 2812 Mraid35x - ok
18:56:18.0154 2812 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:56:18.0156 2812 MRxDAV - ok
18:56:18.0203 2812 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:56:18.0204 2812 mrxsmb - ok
18:56:18.0238 2812 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:56:18.0240 2812 mrxsmb10 - ok
18:56:18.0259 2812 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:56:18.0260 2812 mrxsmb20 - ok
18:56:18.0326 2812 [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci C:\Windows\system32\drivers\msahci.sys
18:56:18.0327 2812 msahci - ok
18:56:18.0352 2812 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:56:18.0354 2812 msdsm - ok
18:56:18.0370 2812 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
18:56:18.0373 2812 MSDTC - ok
18:56:18.0436 2812 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:56:18.0437 2812 Msfs - ok
18:56:18.0500 2812 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:56:18.0501 2812 msisadrv - ok
18:56:18.0532 2812 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:56:18.0535 2812 MSiSCSI - ok
18:56:18.0539 2812 msiserver - ok
18:56:18.0604 2812 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:56:18.0605 2812 MSKSSRV - ok
18:56:18.0625 2812 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:56:18.0626 2812 MSPCLOCK - ok
18:56:18.0657 2812 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:56:18.0657 2812 MSPQM - ok
18:56:18.0689 2812 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:56:18.0690 2812 MsRPC - ok
18:56:18.0745 2812 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:56:18.0746 2812 mssmbios - ok
18:56:18.0770 2812 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:56:18.0771 2812 MSTEE - ok
18:56:18.0802 2812 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
18:56:18.0804 2812 Mup - ok
18:56:18.0837 2812 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
18:56:18.0844 2812 napagent - ok
18:56:18.0908 2812 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:56:18.0911 2812 NativeWifiP - ok
18:56:18.0978 2812 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:56:18.0987 2812 NDIS - ok
18:56:19.0026 2812 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:56:19.0026 2812 NdisTapi - ok
18:56:19.0050 2812 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:56:19.0051 2812 Ndisuio - ok
18:56:19.0113 2812 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:56:19.0114 2812 NdisWan - ok
18:56:19.0129 2812 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:56:19.0130 2812 NDProxy - ok
18:56:19.0146 2812 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:56:19.0147 2812 NetBIOS - ok
18:56:19.0177 2812 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
18:56:19.0181 2812 netbt - ok
18:56:19.0192 2812 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
18:56:19.0193 2812 Netlogon - ok
18:56:19.0217 2812 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
18:56:19.0222 2812 Netman - ok
18:56:19.0240 2812 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
18:56:19.0244 2812 netprofm - ok
18:56:19.0271 2812 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:56:19.0274 2812 NetTcpPortSharing - ok
18:56:19.0414 2812 [ E559EA9138C77B5D1FDA8C558764A25F ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys
18:56:19.0514 2812 NETw5v32 - ok
18:56:19.0541 2812 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:56:19.0542 2812 nfrd960 - ok
18:56:19.0580 2812 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:56:19.0584 2812 NlaSvc - ok
18:56:19.0621 2812 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:56:19.0622 2812 Npfs - ok
18:56:19.0640 2812 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
18:56:19.0641 2812 nsi - ok
18:56:19.0655 2812 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:56:19.0656 2812 nsiproxy - ok
18:56:19.0723 2812 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:56:19.0740 2812 Ntfs - ok
18:56:19.0769 2812 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
18:56:19.0770 2812 ntrigdigi - ok
18:56:19.0783 2812 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
18:56:19.0784 2812 Null - ok
18:56:19.0814 2812 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:56:19.0816 2812 nvraid - ok
18:56:19.0840 2812 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:56:19.0842 2812 nvstor - ok
18:56:19.0865 2812 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:56:19.0867 2812 nv_agp - ok
18:56:19.0872 2812 NwlnkFlt - ok
18:56:19.0878 2812 NwlnkFwd - ok
18:56:19.0981 2812 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:56:19.0988 2812 odserv - ok
18:56:20.0046 2812 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
18:56:20.0048 2812 ohci1394 - ok
18:56:20.0117 2812 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:56:20.0119 2812 ose - ok
18:56:20.0169 2812 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
18:56:20.0179 2812 p2pimsvc - ok
18:56:20.0193 2812 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
18:56:20.0199 2812 p2psvc - ok
18:56:20.0230 2812 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
18:56:20.0232 2812 Parport - ok
18:56:20.0272 2812 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:56:20.0273 2812 partmgr - ok
18:56:20.0300 2812 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
18:56:20.0301 2812 Parvdm - ok
18:56:20.0331 2812 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
18:56:20.0333 2812 PcaSvc - ok
18:56:20.0362 2812 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
18:56:20.0365 2812 pci - ok
18:56:20.0378 2812 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\DRIVERS\pciide.sys
18:56:20.0379 2812 pciide - ok
18:56:20.0430 2812 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:56:20.0434 2812 pcmcia - ok
18:56:20.0516 2812 [ 984FCAF5834BDEA232822EF5CA20EC4E ] PCToolsSSDMonitorSvc C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
18:56:20.0527 2812 PCToolsSSDMonitorSvc - ok
18:56:20.0595 2812 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:56:20.0608 2812 PEAUTH - ok
18:56:20.0676 2812 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
18:56:20.0699 2812 pla - ok
18:56:20.0726 2812 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:56:20.0732 2812 PlugPlay - ok
18:56:20.0758 2812 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
18:56:20.0764 2812 PNRPAutoReg - ok
18:56:20.0778 2812 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
18:56:20.0784 2812 PNRPsvc - ok
18:56:20.0808 2812 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:56:20.0815 2812 PolicyAgent - ok
18:56:20.0850 2812 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:56:20.0851 2812 PptpMiniport - ok
18:56:20.0869 2812 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
18:56:20.0870 2812 Processor - ok
18:56:20.0902 2812 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
18:56:20.0904 2812 ProfSvc - ok
18:56:20.0914 2812 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
18:56:20.0916 2812 ProtectedStorage - ok
18:56:20.0941 2812 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
18:56:20.0942 2812 PSched - ok
18:56:21.0019 2812 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:56:21.0038 2812 ql2300 - ok
18:56:21.0094 2812 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:56:21.0096 2812 ql40xx - ok
18:56:21.0140 2812 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
18:56:21.0143 2812 QWAVE - ok
18:56:21.0169 2812 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:56:21.0170 2812 QWAVEdrv - ok
18:56:21.0186 2812 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:56:21.0186 2812 RasAcd - ok
18:56:21.0206 2812 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
18:56:21.0209 2812 RasAuto - ok
18:56:21.0232 2812 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:56:21.0233 2812 Rasl2tp - ok
18:56:21.0268 2812 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
18:56:21.0272 2812 RasMan - ok
18:56:21.0316 2812 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:56:21.0317 2812 RasPppoe - ok
18:56:21.0329 2812 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:56:21.0330 2812 RasSstp - ok
18:56:21.0368 2812 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:56:21.0371 2812 rdbss - ok
18:56:21.0406 2812 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:56:21.0407 2812 RDPCDD - ok
18:56:21.0443 2812 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
18:56:21.0448 2812 rdpdr - ok
18:56:21.0453 2812 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:56:21.0454 2812 RDPENCDD - ok
18:56:21.0506 2812 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:56:21.0508 2812 RDPWD - ok
18:56:21.0576 2812 [ B33C88DF3588ACF250B87A004526C31A ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
18:56:21.0584 2812 RegSrvc - ok
18:56:21.0642 2812 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:56:21.0643 2812 RemoteAccess - ok
18:56:21.0679 2812 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:56:21.0681 2812 RemoteRegistry - ok
18:56:21.0751 2812 [ C2EF513BBE069F0D4EE0938A76F975D3 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
18:56:21.0752 2812 rimmptsk - ok
18:56:21.0765 2812 [ C398BCA91216755B098679A8DA8A2300 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
18:56:21.0767 2812 rimsptsk - ok
18:56:21.0780 2812 [ 2A2554CB24506E0A0508FC395C4A1B42 ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
18:56:21.0781 2812 rismxdp - ok
18:56:21.0815 2812 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
18:56:21.0816 2812 RpcLocator - ok
18:56:21.0849 2812 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
18:56:21.0854 2812 RpcSs - ok
18:56:21.0877 2812 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:56:21.0879 2812 rspndr - ok
18:56:21.0909 2812 [ BC83E99D5DFAD89D4589545A43498ACC ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
18:56:21.0913 2812 RTL8169 - ok
18:56:21.0918 2812 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
18:56:21.0919 2812 SamSs - ok
18:56:21.0934 2812 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:56:21.0936 2812 sbp2port - ok
18:56:21.0970 2812 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:56:21.0972 2812 SCardSvr - ok
18:56:22.0028 2812 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
18:56:22.0038 2812 Schedule - ok
18:56:22.0049 2812 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:56:22.0049 2812 SCPolicySvc - ok
18:56:22.0116 2812 [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
18:56:22.0119 2812 sdbus - ok
18:56:22.0147 2812 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:56:22.0149 2812 SDRSVC - ok
18:56:22.0180 2812 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:56:22.0181 2812 secdrv - ok
18:56:22.0193 2812 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
18:56:22.0195 2812 seclogon - ok
18:56:22.0214 2812 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
18:56:22.0216 2812 SENS - ok
18:56:22.0245 2812 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
18:56:22.0247 2812 Serenum - ok
18:56:22.0260 2812 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
18:56:22.0262 2812 Serial - ok
18:56:22.0291 2812 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:56:22.0292 2812 sermouse - ok
18:56:22.0325 2812 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
18:56:22.0327 2812 SessionEnv - ok
18:56:22.0343 2812 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:56:22.0344 2812 sffdisk - ok
18:56:22.0367 2812 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:56:22.0368 2812 sffp_mmc - ok
18:56:22.0391 2812 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:56:22.0392 2812 sffp_sd - ok
18:56:22.0415 2812 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:56:22.0416 2812 sfloppy - ok
18:56:22.0457 2812 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:56:22.0461 2812 SharedAccess - ok
18:56:22.0512 2812 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:56:22.0515 2812 ShellHWDetection - ok
18:56:22.0553 2812 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
18:56:22.0555 2812 sisagp - ok
18:56:22.0605 2812 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
18:56:22.0606 2812 SiSRaid2 - ok
18:56:22.0631 2812 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:56:22.0633 2812 SiSRaid4 - ok
18:56:22.0740 2812 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
18:56:22.0794 2812 slsvc - ok
18:56:22.0844 2812 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
18:56:22.0846 2812 SLUINotify - ok
18:56:22.0927 2812 [ 3566310DF25EA5C3B2E9F50F5B50EAC1 ] SmartFaceVWatchSrv C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
18:56:22.0930 2812 SmartFaceVWatchSrv - ok
18:56:22.0969 2812 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:56:22.0970 2812 Smb - ok
18:56:23.0054 2812 Smcinst - ok
18:56:23.0095 2812 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:56:23.0097 2812 SNMPTRAP - ok
18:56:23.0126 2812 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
18:56:23.0127 2812 spldr - ok
18:56:23.0178 2812 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
18:56:23.0180 2812 Spooler - ok
18:56:23.0212 2812 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:56:23.0214 2812 srv - ok
18:56:23.0245 2812 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:56:23.0246 2812 srv2 - ok
18:56:23.0276 2812 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:56:23.0278 2812 srvnet - ok
18:56:23.0311 2812 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:56:23.0314 2812 SSDPSRV - ok
18:56:23.0369 2812 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:56:23.0371 2812 SstpSvc - ok
18:56:23.0412 2812 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
18:56:23.0418 2812 stisvc - ok
18:56:23.0495 2812 [ 3E4239B92139F7174A0DA7D53FE5E1AB ] SVRPEDRV C:\Windows\System32\sysprep\PEDrv.sys
18:56:23.0520 2812 SVRPEDRV - ok
18:56:23.0532 2812 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:56:23.0533 2812 swenum - ok
18:56:23.0563 2812 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
18:56:23.0569 2812 swprv - ok
18:56:23.0596 2812 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
18:56:23.0597 2812 Symc8xx - ok
18:56:23.0625 2812 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
18:56:23.0626 2812 Sym_hi - ok
18:56:23.0649 2812 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
18:56:23.0651 2812 Sym_u3 - ok
18:56:23.0712 2812 [ 70534D1E4F9AC990536D5FB5B550B3DE ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
18:56:23.0716 2812 SynTP - ok
18:56:23.0818 2812 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
18:56:23.0827 2812 SysMain - ok
18:56:23.0847 2812 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:56:23.0849 2812 TabletInputService - ok
18:56:23.0885 2812 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:56:23.0888 2812 TapiSrv - ok
18:56:23.0904 2812 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
18:56:23.0906 2812 TBS - ok
18:56:23.0956 2812 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:56:23.0962 2812 Tcpip - ok
18:56:23.0981 2812 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
18:56:23.0987 2812 Tcpip6 - ok
18:56:24.0010 2812 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:56:24.0011 2812 tcpipreg - ok
18:56:24.0080 2812 [ 6FDFBA25002CE4BAC463AC866AE71405 ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys
18:56:24.0081 2812 tdcmdpst - ok
18:56:24.0128 2812 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:56:24.0128 2812 TDPIPE - ok
18:56:24.0142 2812 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:56:24.0143 2812 TDTCP - ok
18:56:24.0184 2812 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:56:24.0184 2812 tdx - ok
18:56:24.0213 2812 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:56:24.0215 2812 TermDD - ok
18:56:24.0241 2812 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
18:56:24.0248 2812 TermService - ok
18:56:24.0268 2812 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
18:56:24.0272 2812 Themes - ok
18:56:24.0282 2812 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
18:56:24.0284 2812 THREADORDER - ok
18:56:24.0368 2812 [ E09CAAFB2B323A6FF120CEFB96DA0A44 ] TMachInfo C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
18:56:24.0370 2812 TMachInfo - ok
18:56:24.0400 2812 [ 89F74C86523F5E334628DBCE66E6D165 ] TNaviSrv C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
18:56:24.0402 2812 TNaviSrv - ok
18:56:24.0449 2812 [ C5AC715B65B01788ABC22D10749DDDD8 ] TODDSrv C:\Windows\system32\TODDSrv.exe
18:56:24.0454 2812 TODDSrv - ok
18:56:24.0505 2812 [ 44DBAC611B11646683B5B066A049B8E4 ] TosCoSrv C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
18:56:24.0513 2812 TosCoSrv - ok
18:56:24.0580 2812 [ 8E10E654E354CF330ED75882769A0107 ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
18:56:24.0584 2812 TOSHIBA Bluetooth Service - ok
18:56:24.0605 2812 [ 22690DFFC7F2A18279A7A0489AA02BAC ] TOSHIBA SMART Log Service C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
18:56:24.0607 2812 TOSHIBA SMART Log Service - ok
18:56:24.0651 2812 Tosrfcom - ok
18:56:24.0691 2812 [ 5C4103544612E5011EF46301B93D1AA6 ] tosrfec C:\Windows\system32\DRIVERS\tosrfec.sys
18:56:24.0692 2812 tosrfec - ok
18:56:24.0742 2812 [ 4399A9BF7D8F49991A07FD86590A1619 ] tos_sps32 C:\Windows\system32\DRIVERS\tos_sps32.sys
18:56:24.0747 2812 tos_sps32 - ok
18:56:24.0792 2812 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
18:56:24.0794 2812 TrkWks - ok
18:56:24.0859 2812 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:56:24.0860 2812 TrustedInstaller - ok
18:56:24.0898 2812 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:56:24.0899 2812 tssecsrv - ok
18:56:24.0940 2812 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
18:56:24.0941 2812 tunmp - ok
18:56:24.0990 2812 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:56:24.0991 2812 tunnel - ok
18:56:25.0017 2812 [ 792A8B80F8188ABA4B2BE271583F3E46 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
18:56:25.0019 2812 TVALZ - ok
18:56:25.0043 2812 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:56:25.0044 2812 uagp35 - ok
18:56:25.0075 2812 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:56:25.0077 2812 udfs - ok
18:56:25.0124 2812 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:56:25.0126 2812 UI0Detect - ok
18:56:25.0227 2812 [ 332D341D92B933600D41953B08360DFB ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
18:56:25.0229 2812 UleadBurningHelper - ok
18:56:25.0269 2812 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:56:25.0270 2812 uliagpkx - ok
18:56:25.0296 2812 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
18:56:25.0300 2812 uliahci - ok
18:56:25.0315 2812 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
18:56:25.0318 2812 UlSata - ok
18:56:25.0335 2812 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
18:56:25.0338 2812 ulsata2 - ok
18:56:25.0367 2812 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:56:25.0368 2812 umbus - ok
18:56:25.0405 2812 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
18:56:25.0410 2812 upnphost - ok
18:56:25.0441 2812 [ 5C2BDC152BBAB34F36473DEAF7713F22 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
18:56:25.0443 2812 USBAAPL - ok
18:56:25.0508 2812 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:56:25.0510 2812 usbccgp - ok
18:56:25.0537 2812 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:56:25.0539 2812 usbcir - ok
18:56:25.0595 2812 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:56:25.0596 2812 usbehci - ok
18:56:25.0614 2812 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:56:25.0618 2812 usbhub - ok
18:56:25.0634 2812 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:56:25.0635 2812 usbohci - ok
18:56:25.0669 2812 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:56:25.0670 2812 usbprint - ok
18:56:25.0722 2812 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:56:25.0724 2812 USBSTOR - ok
18:56:25.0755 2812 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:56:25.0757 2812 usbuhci - ok
18:56:25.0800 2812 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:56:25.0803 2812 usbvideo - ok
18:56:25.0862 2812 [ 237C444FBD1C697A2E3FA60F02C61F22 ] UVCFTR C:\Windows\system32\Drivers\UVCFTR_S.SYS
18:56:25.0878 2812 UVCFTR - ok
18:56:25.0894 2812 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
18:56:25.0909 2812 UxSms - ok
18:56:25.0940 2812 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
18:56:25.0940 2812 vds - ok
18:56:25.0972 2812 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:56:25.0972 2812 vga - ok
18:56:26.0003 2812 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
18:56:26.0003 2812 VgaSave - ok
18:56:26.0018 2812 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
18:56:26.0018 2812 viaagp - ok
18:56:26.0050 2812 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
18:56:26.0050 2812 ViaC7 - ok
18:56:26.0065 2812 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
18:56:26.0081 2812 viaide - ok
18:56:26.0096 2812 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:56:26.0096 2812 volmgr - ok
18:56:26.0143 2812 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:56:26.0159 2812 volmgrx - ok
18:56:26.0174 2812 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:56:26.0174 2812 volsnap - ok
18:56:26.0206 2812 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:56:26.0206 2812 vsmraid - ok
18:56:26.0268 2812 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
18:56:26.0284 2812 VSS - ok
18:56:26.0377 2812 [ 8ED347BAD8D1FB7C40B593BFB01786D2 ] vToolbarUpdater11.2.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
18:56:26.0393 2812 vToolbarUpdater11.2.0 - ok
18:56:26.0408 2812 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
18:56:26.0424 2812 W32Time - ok
18:56:26.0455 2812 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:56:26.0455 2812 WacomPen - ok
18:56:26.0486 2812 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
18:56:26.0502 2812 Wanarp - ok
18:56:26.0502 2812 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:56:26.0502 2812 Wanarpv6 - ok
18:56:26.0518 2812 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:56:26.0518 2812 wcncsvc - ok
18:56:26.0549 2812 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:56:26.0549 2812 WcsPlugInService - ok
18:56:26.0564 2812 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
18:56:26.0564 2812 Wd - ok
18:56:26.0596 2812 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:56:26.0611 2812 Wdf01000 - ok
18:56:26.0627 2812 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:56:26.0627 2812 WdiServiceHost - ok
18:56:26.0642 2812 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:56:26.0642 2812 WdiSystemHost - ok
18:56:26.0674 2812 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
18:56:26.0674 2812 WebClient - ok
18:56:26.0720 2812 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:56:26.0736 2812 Wecsvc - ok
18:56:26.0752 2812 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:56:26.0752 2812 wercplsupport - ok
18:56:26.0798 2812 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
18:56:26.0798 2812 WerSvc - ok
18:56:26.0845 2812 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
18:56:26.0845 2812 WinDefend - ok
18:56:26.0845 2812 WinHttpAutoProxySvc - ok
18:56:26.0892 2812 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:56:26.0892 2812 Winmgmt - ok
18:56:26.0970 2812 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
18:56:26.0970 2812 WinRM - ok
18:56:27.0048 2812 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:56:27.0048 2812 Wlansvc - ok
18:56:27.0095 2812 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:56:27.0095 2812 WmiAcpi - ok
18:56:27.0142 2812 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:56:27.0142 2812 wmiApSrv - ok
18:56:27.0204 2812 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
18:56:27.0220 2812 WMPNetworkSvc - ok
18:56:27.0235 2812 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:56:27.0235 2812 WPCSvc - ok
18:56:27.0266 2812 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:56:27.0266 2812 WPDBusEnum - ok
18:56:27.0298 2812 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
18:56:27.0298 2812 WpdUsb - ok
18:56:27.0407 2812 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:56:27.0422 2812 WPFFontCache_v0400 - ok
18:56:27.0438 2812 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:56:27.0438 2812 ws2ifsl - ok
18:56:27.0469 2812 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
18:56:27.0469 2812 wscsvc - ok
18:56:27.0469 2812 WSearch - ok
18:56:27.0547 2812 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
18:56:27.0578 2812 wuauserv - ok
18:56:27.0610 2812 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:56:27.0610 2812 WUDFRd - ok
18:56:27.0656 2812 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:56:27.0656 2812 wudfsvc - ok
18:56:27.0703 2812 ================ Scan global ===============================
18:56:27.0734 2812 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
18:56:27.0797 2812 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
18:56:27.0812 2812 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
18:56:27.0875 2812 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
18:56:27.0890 2812 [Global] - ok
18:56:27.0890 2812 ================ Scan MBR ==================================
18:56:27.0922 2812 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
18:56:28.0265 2812 \Device\Harddisk0\DR0 - ok
18:56:28.0265 2812 ================ Scan VBR ==================================
18:56:28.0265 2812 [ 538C595F76849815DCD801C79AC97FED ] \Device\Harddisk0\DR0\Partition1
18:56:28.0280 2812 \Device\Harddisk0\DR0\Partition1 - ok
18:56:28.0280 2812 ============================================================
18:56:28.0280 2812 Scan finished
18:56:28.0280 2812 ============================================================
18:56:28.0280 1488 Detected object count: 0
18:56:28.0280 1488 Actual detected object count: 0
**End**

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-25 23:44:13
-----------------------------
23:44:13.599 OS Version: Windows 6.0.6002 Service Pack 2
23:44:13.599 Number of processors: 2 586 0x170A
23:44:13.599 ComputerName: TJ-PC UserName: TJ
23:44:50.282 Initialize success
23:45:34.428 AVAST engine defs: 12112501
23:45:47.364 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
23:45:47.364 Disk 0 Vendor: TOSHIBA_ LV01 Size: 305245MB BusType: 3
23:45:47.379 Disk 0 MBR read successfully
23:45:47.395 Disk 0 MBR scan
23:45:47.395 Disk 0 Windows VISTA default MBR code
23:45:47.411 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
23:45:47.426 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 296479 MB offset 3074048
23:45:47.442 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 7265 MB offset 610263040
23:45:47.457 Disk 0 scanning sectors +625141760
23:45:47.520 Disk 0 scanning C:\Windows\system32\drivers
23:45:58.628 Service scanning
23:46:28.066 Modules scanning
23:46:33.838 Disk 0 trace - called modules:
23:46:33.900 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
23:46:33.900 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85ef7780]
23:46:33.900 3 CLASSPNP.SYS[8a1138b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85489028]
23:46:34.709 AVAST engine scan C:\Windows
23:46:38.154 AVAST engine scan C:\Windows\system32
23:49:37.278 AVAST engine scan C:\Windows\system32\drivers
23:49:52.971 AVAST engine scan C:\Users\TJ
00:11:22.340 AVAST engine scan C:\ProgramData
00:14:46.606 Scan finished successfully
07:53:56.092 Disk 0 MBR has been saved successfully to "C:\Users\TJ\Desktop\MBR.dat"
07:53:56.098 The log file has been saved successfully to "C:\Users\TJ\Desktop\aswMBR.txt"
**End**

C:\Users\TJ\Downloads\Unconfirmed 82109.crdownload Win32/TopMedia.A application cleaned by deleting - quarantined
**End**

Thanks.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:19 PM

Posted 27 November 2012 - 12:28 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 twalsh87

twalsh87
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:19 PM

Posted 28 November 2012 - 11:24 PM

Malwarebytes' Anti-Malware 1.41
Database version: 2775
Windows 6.0.6002 Service Pack 2 (Safe Mode)

12/27/2009 7:10:06 PM
mbam-log-2009-12-27 (19-10-06).txt

Scan type: Full Scan (C:\|)
Objects scanned: 215659
Time elapsed: 42 minute(s), 57 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 7

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\gvtl (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Gamevance (Adware.Gamevance) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\Gamevance (Adware.Gamevance) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files\Gamevance\ars.cfg (Adware.Gamevance) -> Quarantined and deleted successfully.
C:\Program Files\Gamevance\gamevance32.exe (Adware.Gamevance) -> Quarantined and deleted successfully.
C:\Program Files\Gamevance\gamevancelib32.dll (Adware.Gamevance) -> Quarantined and deleted successfully.
C:\Program Files\Gamevance\gvun.exe (Adware.Gamevance) -> Quarantined and deleted successfully.
C:\Program Files\Gamevance\icon.ico (Adware.Gamevance) -> Quarantined and deleted successfully.
C:\Windows\010112010146118114.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Windows\934fdfg34fgjf23 (Worm.KoobFace) -> Quarantined and deleted successfully.

**End of Log**

MiniToolBox by Farbar Version: 25-11-2012
Ran by TJ (administrator) on 28-11-2012 at 22:55:17
Running from "C:\Users\TJ\Downloads"
Windows Vista ™ Home Premium Service Pack 2 (X86)
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® Wireless WiFi Link 5100 = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : TJ-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Intel® Wireless WiFi Link 5100
Physical Address. . . . . . . . . : 00-22-FA-0B-0E-94
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.1.6(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, November 28, 2012 10:50:00 PM
Lease Expires . . . . . . . . . . : Thursday, November 29, 2012 10:50:00 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 00-1E-33-8B-39-91
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.home
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 16:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{29971CE0-ED76-4A76-86C2-217595A139F4}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4004:800::1006
74.125.228.14
74.125.228.8
74.125.228.3
74.125.228.5
74.125.228.6
74.125.228.1
74.125.228.7
74.125.228.0
74.125.228.9
74.125.228.2
74.125.228.4



Pinging google.com [74.125.228.3] with 32 bytes of data:

Reply from 74.125.228.3: bytes=32 time=28ms TTL=252

Reply from 74.125.228.3: bytes=32 time=21ms TTL=252



Ping statistics for 74.125.228.3:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 21ms, Maximum = 28ms, Average = 24ms

Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.138.253.109
72.30.38.140
98.139.183.24



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:

Reply from 72.30.38.140: bytes=32 time=180ms TTL=250

Reply from 72.30.38.140: bytes=32 time=194ms TTL=250



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 180ms, Maximum = 194ms, Average = 187ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
11 ...00 22 fa 0b 0e 94 ...... Intel® Wireless WiFi Link 5100
10 ...00 1e 33 8b 39 91 ...... Realtek PCIe FE Family Controller
1 ........................... Software Loopback Interface 1
18 ...00 00 00 00 00 00 00 e0 isatap.home
13 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
12 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
14 ...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #2
15 ...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #3
17 ...00 00 00 00 00 00 00 e0 isatap.{29971CE0-ED76-4A76-86C2-217595A139F4}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.6 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.6 281
192.168.1.6 255.255.255.255 On-link 192.168.1.6 281
192.168.1.255 255.255.255.255 On-link 192.168.1.6 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.6 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.6 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/28/2012 10:50:33 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/28/2012 10:50:02 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c


System errors:
=============
Error: (11/28/2012 10:50:34 PM) (Source: Service Control Manager) (User: )
Description: Avgldx86
Avgmfx86
spldr
Wanarpv6

Error: (11/28/2012 10:50:34 PM) (Source: Service Control Manager) (User: )
Description: Computer BrowserServer%%1068

Error: (11/28/2012 10:50:23 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (11/28/2012 10:50:07 PM) (Source: DCOM) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}

Error: (11/28/2012 10:50:02 PM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (11/28/2012 10:49:55 PM) (Source: DCOM) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (11/28/2012 10:49:52 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: C:\Windows\System32\IWMSSvc.dll21


Microsoft Office Sessions:
=========================
Error: (11/01/2011 09:40:24 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 5 seconds with 0 seconds of active time. This session ended with a crash.

Error: (08/23/2010 01:51:00 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 7 seconds with 0 seconds of active time. This session ended with a crash.

Error: (05/06/2009 07:55:57 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 3942 seconds with 2160 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2012-11-27 00:54:56.442
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG10\Drivers\Vista\AVGIDSDriver.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-27 00:54:56.239
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG10\Drivers\Vista\AVGIDSDriver.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-27 00:54:56.036
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG10\Drivers\Vista\AVGIDSDriver.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-27 00:54:55.834
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG10\Drivers\Vista\AVGIDSDriver.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-27 00:54:55.631
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG10\Drivers\Vista\AVGIDSDriver.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-27 00:54:55.428
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG10\Drivers\Vista\AVGIDSDriver.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-27 00:54:55.116
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG10\Drivers\ErHrVx86\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-27 00:54:54.913
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG10\Drivers\ErHrVx86\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-27 00:54:54.726
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG10\Drivers\ErHrVx86\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-27 00:54:54.523
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG10\Drivers\ErHrVx86\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
2007 Microsoft Office system (Version: 12.0.6612.1000)
Adobe Flash Player 10 Plugin (Version: 10.0.32.18)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.265)
Adobe Reader 8.1.5 (Version: 8.1.5)
Adobe Shockwave Player 11.5 (Version: 11.5)
Age of Empires III (Version: 1.00.0000)
AnswerWorks 5.0 English Runtime (Version: 5.0.7)
Apple Application Support (Version: 1.4.1)
Apple Mobile Device Support (Version: 3.3.1.3)
Apple Software Update (Version: 2.1.1.116)
AVG 2011 (Version: 10.0.1424)
AVG 2011 (Version: 10.0.2437)
Backyard Baseball 2003
Bluetooth Stack for Windows by Toshiba (Version: v6.10.07(T))
Bonjour (Version: 2.0.4.0)
Camera Assistant Software for Toshiba (Version: 1.7.209.0807L)
CD/DVD Drive Acoustic Silencer (Version: 2.02.03)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
CyberLink PowerCinema for TOSHIBA (Version: 6.0.2001)
DVD MovieFactory for TOSHIBA (Version: 5.51)
ESET Online Scanner v3
GearDrvs (Version: 5.0.0.2)
Google Chrome (Version: 21.0.1180.83)
Google Earth (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.115)
InstallIQ Updater (Version: 1.4.3.0)
Intel PROSet Wireless
Intel® Graphics Media Accelerator Driver
Intel® PROSet/Wireless WiFi Software (Version: 12.00.0004)
Intel® Matrix Storage Manager
iTunes (Version: 10.1.2.17)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 6 (Version: 1.6.0.60)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
KB408682
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Age of Empires II
Microsoft Age of Empires II: The Conquerors Expansion
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Small Business Edition 2003 (Version: 11.0.8173.0)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Rise Of Nations
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft XML Parser (Version: 8.20.8730.4)
Move Media Player
Mozilla Firefox (3.0.19) (Version: 3.0.19 (en-US))
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML4 Parser (Version: 1.0.0)
NetAssistant (Version: 3.6.5)
NetAssistant for Firefox (Version: 3.6.5)
Norton Security Scan (Version: 2.7.0.52)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Picasa 3 (Version: 3.8)
Quicken 2008 (Version: 17.1.3.7)
QuickTime (Version: 7.69.80.9)
Realtek 8169 8168 8101E 8102E Ethernet Driver (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.5599)
Registry Mechanic 9.0 (Version: 9.0)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.02 (Version: 3.54.02)
Rise of Nations Thrones and Patriots
Sid Meier's Civilization 4 Gold (Version: 1.72)
Skype™ 4.0 (Version: 4.0.226)
Synaptics Pointing Device Driver (Version: 11.2.4.0)
TOSHIBA Assist (Version: 2.01.05)
TOSHIBA ConfigFree (Version: 7.2.21)
TOSHIBA Desktop Links (Version: 1.7)
TOSHIBA Disc Creator (Version: 2.0.1.3)
TOSHIBA DVD PLAYER (Version: 1.31.14)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00)
TOSHIBA Face Recognition (Version: 2.0.2.32)
TOSHIBA Hardware Setup (Version: 2.00.08)
TOSHIBA PowerCinema Helper (Version: 1.00)
TOSHIBA Recovery Disc Creator (Version: 2.0.0.2)
TOSHIBA SD Memory Utilities (Version: 1.8.1.3)
TOSHIBA Service Station (Version: 1.1.14)
TOSHIBA Software Modem (Version: 2.1.77 (SM2177ALD04))
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password (Version: 2.00.04)
TOSHIBA Value Added Package (Version: 1.1.19)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687400) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
vShare.tv plugin 1.3 (Version: 1.3)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.3374)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)

========================= Memory info: ===================================

Percentage of memory in use: 18%
Total physical RAM: 2939.25 MB
Available physical RAM: 2386.12 MB
Total Pagefile: 6084.78 MB
Available Pagefile: 5698.11 MB
Total Virtual: 2047.88 MB
Available Virtual: 1965.54 MB

========================= Partitions: =====================================

1 Drive c: (SQ004829V03) (Fixed) (Total:289.53 GB) (Free:164.15 GB) NTFS

========================= Users: ========================================

User accounts for \\TJ-PC

Administrator Guest TJ

========================= Restore Points ==================================

28-04-2012 00:26:25 Scheduled Checkpoint
08-05-2012 04:08:38 Scheduled Checkpoint
12-05-2012 00:57:32 Scheduled Checkpoint
12-05-2012 07:00:45 Windows Update
29-05-2012 02:10:57 Scheduled Checkpoint
31-05-2012 16:44:39 Scheduled Checkpoint
04-06-2012 00:32:25 Scheduled Checkpoint
06-06-2012 07:00:12 Windows Update
13-06-2012 07:00:26 Windows Update
15-06-2012 04:30:38 Scheduled Checkpoint
19-06-2012 01:07:42 Windows Update
07-07-2012 02:33:29 Removed Java™ 6 Update 31
07-07-2012 02:35:26 Installed Java™ 7 Update 5
07-07-2012 02:37:18 Installed JavaFX 2.1.1
11-07-2012 07:00:40 Windows Update
17-07-2012 00:04:30 Scheduled Checkpoint
24-07-2012 00:05:10 Scheduled CheckpointFarbar Service Scanner Version: 09-11-2012
Ran by TJ (administrator) on 28-11-2012 at 23:04:19
Running from "C:\Users\TJ\Downloads"
Windows Vista ™ Home Premium Service Pack 2 (X86)
Boot Mode: Network
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll
[2008-01-20 21:24] - [2008-01-20 21:24] - 0288256 ____A (Microsoft Corporation) E1499BD0FF76B1B2FBBF1AF339D91165

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****
30-07-2012 09:03:01 Scheduled Checkpoint
01-08-2012 03:32:07 Scheduled Checkpoint
05-08-2012 20:59:53 Scheduled Checkpoint
15-08-2012 07:00:42 Windows Update
31-08-2012 07:58:44 Scheduled Checkpoint

**** End of log ****

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 3.6.1 (11.28.2012:5)
OS: Windows Vista ™ Home Premium x86
Ran by TJ on Wed 11/28/2012 at 23:18:55.20
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [Folder] C:\Users\TJ\AppData\Roaming\mozilla\firefox\profiles\jl8sabio.default\extensions\reader_plugin@ebrary.com



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 11/28/2012 at 23:20:20.54
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I ran the adware cleaner but it forced me to restart regularly (not in safe mode) and the report did not populate after I restarted in safe mode.

Thanks.

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:19 PM

Posted 29 November 2012 - 05:36 AM

Uninstall AVG from safemode with networking using the AVG removal tool

http://download.avg.com/filedir/util/avgrem/avg_remover_stf_x86_2012_2125.exe

You should be able to boot into normal mode now.

Run all the scans in normal mode.Post the new logs

Edited by narenxp, 29 November 2012 - 05:38 AM.


#7 twalsh87

twalsh87
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:19 PM

Posted 29 November 2012 - 10:41 AM

It still won't start in normal mode. I enter my windows password and it gets stuck in the loading screen. Thanks.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:19 PM

Posted 29 November 2012 - 06:25 PM

Try clean boot using this guide

http://www.askdrtech.com/solutions/post/How-to-perform-a-clean-startup-%28clean-boot%29-in-Windows-7.aspx

#9 twalsh87

twalsh87
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:19 PM

Posted 29 November 2012 - 09:36 PM

Still no luck. Thanks.

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:19 PM

Posted 30 November 2012 - 01:33 AM

Create a new user account in safemode and boot into it.

Do you have a previous restore point when it worked?

#11 twalsh87

twalsh87
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:19 PM

Posted 07 January 2013 - 09:00 PM

It won't reboot in normal mode with the new account I created. I do not have a previous restore point that works.

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:19 PM

Posted 08 January 2013 - 07:50 AM

I dont think we have any more options left.

I would recommend you to back up your data and perform a clean install and see if it helps.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users