Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with TDSS et keep redirecting


  • This topic is locked This topic is locked
33 replies to this topic

#1 sÚpadubidon

sÚpadubidon

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:06:54 PM

Posted 12 November 2013 - 07:43 AM

i do not know how to remove...

 

i have bads entries i cannot
 remove with hijackthis.exe (Windows7 sans echec mode)?

i have after execute    combofix,

                                   malware byte

                                   adwcleaner

                                   jrt

                                   rkill

                                   roguekiller

                                   tdskiller
      and   finally with    tweaking windows repair...
                                
and the bad entries are always there...
with hijackthis.exe...(in red on ie)  -----> can be hijackthis gives errors that are not!
 

can you be so kind to help me if you can
Thank you in advance

 

sépadubidon

 

Attached Files



BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:54 PM

Posted 12 November 2013 - 08:35 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

Please post up C:\combofix.txt


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 sÚpadubidon

sÚpadubidon
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:06:54 PM

Posted 12 November 2013 - 09:07 AM

My first language is not english me too, it is difficult sometimes for me...

combofix from this morning, since i have uninstall cdex and réinstall it...

 

ok?

 

ComboFix 13-11-11.01 - nne 12/11/2013  11:02:31.1.8 - x64 NETWORK
Microsoft Windows 7 Édition Familiale Premium   6.1.7601.1.1252.32.1036.18.8060.7053 [GMT 1:00]
Lancé depuis: c:\users\nne\Desktop\ComboFix.exe
AV: avast! Internet Security *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Enabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Un nouveau point de restauration a été créé
.
.
((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\nne\AppData\Roaming\inst.exe
c:\users\nne\AppData\Roaming\vso_ts_preview.xml
c:\users\nne\jqs.exe
c:\users\nne\mstsc.exe
c:\users\nne\notepad.exe
c:\users\nne\skype.exe
c:\users\nne\teamviewer.exe
c:\windows\SysWow64\FlashPlayerApp.exe
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((((((((   Fichiers créés du 2013-10-12 au 2013-11-12  ))))))))))))))))))))))))))))))))))))
.
.
2013-11-12 10:09 . 2013-11-12 10:09    --------    d-----w-    c:\users\Default\AppData\Local\temp
2013-11-12 09:19 . 2013-11-12 09:19    --------    d-----w-    c:\windows\ERUNT
2013-11-12 08:46 . 2013-11-12 08:51    --------    d-----w-    c:\windows\system32\catroot2
2013-11-11 23:20 . 2013-11-12 09:49    --------    d-----w-    c:\windows\system32\wbem\repository
2013-11-11 23:19 . 2013-11-11 23:19    --------    d-----w-    c:\windows\SysWow64\wbem\Performance
2013-11-11 23:15 . 2013-11-11 23:31    181064    ----a-w-    c:\windows\PSEXESVC.EXE
2013-11-11 23:12 . 2013-11-11 23:12    --------    d-----w-    C:\RegBackup
2013-11-11 22:19 . 2013-04-04 13:50    25928    ----a-w-    c:\windows\system32\drivers\mbam.sys
2013-11-11 22:17 . 2013-11-11 22:17    --------    d-----w-    c:\program files (x86)\Tweaking.com
2013-11-09 23:03 . 2013-11-09 23:03    --------    d-----w-    c:\program files (x86)\CDex_150
2013-11-09 22:27 . 2013-11-09 22:27    --------    d-----w-    c:\program files (x86)\TopByteLabs
2013-11-09 22:24 . 2013-11-09 22:24    --------    d-----w-    c:\windows\SysWow64\%TEMP%
2013-11-08 23:01 . 2013-10-14 07:12    10280728    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{C25ECBB0-7B52-4934-A204-AEEBBBFB665F}\mpengine.dll
2013-11-07 18:57 . 2013-11-07 20:00    --------    d-----w-    c:\program files (x86)\ZHPDiag
2013-11-07 18:57 . 2013-11-07 19:01    --------    d-----w-    c:\users\nne\AppData\Roaming\ZHP
2013-11-07 18:33 . 2013-11-07 18:46    --------    d-----w-    c:\users\nne\AppData\Local\ElevatedDiagnostics
2013-11-07 09:22 . 2013-11-12 09:09    --------    d-----w-    C:\AdwCleaner
2013-11-06 15:54 . 2013-11-06 15:54    --------    d-----w-    c:\programdata\Oracle
2013-11-03 11:24 . 2013-11-03 11:24    --------    d-----w-    c:\users\nne\AppData\Local\Eraser 6
2013-11-03 09:05 . 2013-11-06 22:19    --------    d-----w-    c:\program files (x86)\Adblock Plus for IE
2013-11-02 22:31 . 2013-11-07 20:00    --------    d-----w-    c:\program files\Eraser
2013-11-02 13:24 . 2013-11-02 13:24    --------    d-----w-    c:\users\nne\AppData\Roaming\Malwarebytes
2013-11-02 13:24 . 2013-11-02 13:24    --------    d-----w-    c:\programdata\Malwarebytes
2013-11-02 13:24 . 2013-11-11 22:19    --------    d-----w-    c:\program files (x86)\Malwarebytes' Anti-Malware
2013-10-22 10:23 . 2013-09-06 12:27    238352    ----a-w-    c:\windows\system32\drivers\VBoxDrv.sys
2013-10-22 10:23 . 2013-09-06 12:25    119056    ----a-w-    c:\windows\system32\drivers\VBoxUSBMon.sys
2013-10-21 13:38 . 2013-10-22 10:24    --------    d-----w-    c:\users\nne\VirtualBox VMs
2013-10-21 13:33 . 2013-10-22 11:28    --------    d-----w-    c:\users\nne\.VirtualBox
2013-10-21 13:32 . 2013-10-22 10:23    --------    dc----w-    c:\windows\system32\DRVSTORE
2013-10-21 11:33 . 2013-10-21 11:33    --------    d-----w-    c:\program files (x86)\LinuxLive USB Creator
2013-10-20 05:53 . 2013-10-20 05:53    --------    d-----w-    c:\program files (x86)\Vodafone
2013-10-19 19:14 . 2013-10-19 19:20    --------    d-----w-    c:\programdata\Ralink
2013-10-19 19:13 . 2013-10-19 19:13    --------    d-----w-    c:\programdata\TP-LINK Driver
2013-10-19 19:13 . 2013-10-19 19:13    --------    d-----w-    c:\program files (x86)\Cisco
2013-10-19 19:13 . 2013-10-19 19:13    --------    d-----w-    c:\windows\system32\RaLanguages
2013-10-19 19:13 . 2011-03-17 08:43    1607008    ----a-w-    c:\windows\SysWow64\RaCertMgr.dll
2013-10-19 19:13 . 2011-03-17 08:43    792416    ----a-w-    c:\windows\system32\DiagFunc.dll
2013-10-19 19:13 . 2011-03-17 08:43    2399584    ----a-w-    c:\windows\system32\RaCertMgr.dll
2013-10-19 19:13 . 2011-03-17 08:43    128864    ----a-w-    c:\windows\SysWow64\RAEXTUI.dll
2013-10-19 19:13 . 2011-03-17 08:43    128864    ----a-w-    c:\windows\system32\RAEXTUI.dll
2013-10-19 19:13 . 2011-03-17 08:43    1112928    ----a-w-    c:\windows\SysWow64\RAIHV.dll
2013-10-19 19:13 . 2011-03-17 08:43    1112928    ----a-w-    c:\windows\system32\RAIHV.dll
2013-10-19 19:13 . 2011-03-17 08:43    792416    ----a-w-    c:\windows\SysWow64\DiagFunc.dll
2013-10-19 19:13 . 2013-10-19 19:13    --------    d-----w-    c:\program files (x86)\TP-LINK
2013-10-17 15:46 . 2013-10-17 15:51    --------    d-----w-    c:\program files (x86)\RAR Password Unlocker
2013-10-17 15:46 . 2013-10-17 15:46    --------    d-----w-    c:\users\nne\AppData\Local\Programs
2013-10-17 14:24 . 2013-10-17 14:24    --------    d-----w-    c:\program files (x86)\Hercules
2013-10-13 10:49 . 2013-10-13 10:49    --------    d-----w-    c:\users\nne\AppData\Roaming\gnupg
.
.
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-29 21:11 . 2012-12-03 13:52    165232    ---ha-w-    c:\users\nne\AppData\Roaming\Microsoft\Virtual PC\VPCKeyboard.dll
2013-10-17 10:50 . 2012-11-27 18:23    1004    --sha-w-    c:\programdata\KGyGaAvL.sys
2013-10-10 20:24 . 2012-12-09 10:42    80541720    ----a-w-    c:\windows\system32\MRT.exe
2013-10-10 10:09 . 2012-12-03 12:06    71048    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-30 15:53 . 2012-11-27 15:06    829264    ----a-w-    c:\windows\system32\msvcr100.dll
2013-09-30 15:53 . 2012-11-27 15:06    608080    ----a-w-    c:\windows\system32\msvcp100.dll
2013-09-22 23:28 . 2013-10-10 20:32    1767936    ----a-w-    c:\windows\SysWow64\wininet.dll
2013-09-22 23:27 . 2013-10-10 20:32    2876928    ----a-w-    c:\windows\SysWow64\jscript9.dll
2013-09-22 23:27 . 2013-10-10 20:32    61440    ----a-w-    c:\windows\SysWow64\iesetup.dll
2013-09-22 23:27 . 2013-10-10 20:32    109056    ----a-w-    c:\windows\SysWow64\iesysprep.dll
2013-09-22 22:55 . 2013-10-10 20:32    51712    ----a-w-    c:\windows\system32\ie4uinit.exe
2013-09-22 22:55 . 2013-10-10 20:32    2241024    ----a-w-    c:\windows\system32\wininet.dll
2013-09-22 22:55 . 2013-10-10 20:32    1365504    ----a-w-    c:\windows\system32\urlmon.dll
2013-09-22 22:54 . 2013-10-10 20:32    603136    ----a-w-    c:\windows\system32\msfeeds.dll
2013-09-22 22:54 . 2013-10-10 20:31    19252224    ----a-w-    c:\windows\system32\mshtml.dll
2013-09-22 22:54 . 2013-10-10 20:32    855552    ----a-w-    c:\windows\system32\jscript.dll
2013-09-22 22:54 . 2013-10-10 20:32    3959296    ----a-w-    c:\windows\system32\jscript9.dll
2013-09-22 22:54 . 2013-10-10 20:32    53248    ----a-w-    c:\windows\system32\jsproxy.dll
2013-09-22 22:54 . 2013-10-10 20:32    526336    ----a-w-    c:\windows\system32\ieui.dll
2013-09-22 22:54 . 2013-10-10 20:32    67072    ----a-w-    c:\windows\system32\iesetup.dll
2013-09-22 22:54 . 2013-10-10 20:32    39936    ----a-w-    c:\windows\system32\iernonce.dll
2013-09-22 22:54 . 2013-10-10 20:32    136704    ----a-w-    c:\windows\system32\iesysprep.dll
2013-09-22 22:54 . 2013-10-10 20:32    2647552    ----a-w-    c:\windows\system32\iertutil.dll
2013-09-22 22:54 . 2013-10-10 20:31    15404544    ----a-w-    c:\windows\system32\ieframe.dll
2013-09-21 03:38 . 2013-10-10 20:32    2706432    ----a-w-    c:\windows\system32\mshtml.tlb
2013-09-21 03:30 . 2013-10-10 20:32    2706432    ----a-w-    c:\windows\SysWow64\mshtml.tlb
2013-09-21 02:48 . 2013-10-10 20:32    89600    ----a-w-    c:\windows\system32\RegisterIEPKEYs.exe
2013-09-21 02:39 . 2013-10-10 20:32    71680    ----a-w-    c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-09-12 14:29 . 2013-09-12 14:29    82432    ----a-w-    c:\users\nne\AppData\Roaming\Microsoft\MSXML2\msxml4r.dll
2013-09-12 14:29 . 2013-09-12 14:29    44544    ----a-w-    c:\users\nne\AppData\Roaming\Microsoft\MSXML2\msxml4a.dll
2013-09-12 14:29 . 2013-09-12 14:29    1275392    ----a-w-    c:\users\nne\AppData\Roaming\Microsoft\MSXML2\msxml4.dll
2013-09-06 12:25 . 2013-09-06 12:25    131856    ----a-w-    c:\windows\system32\drivers\VBoxNetAdp.sys
2013-09-04 12:12 . 2013-10-12 08:19    343040    ----a-w-    c:\windows\system32\drivers\usbhub.sys
2013-09-04 12:11 . 2013-10-12 08:19    325120    ----a-w-    c:\windows\system32\drivers\usbport.sys
2013-09-04 12:11 . 2013-10-12 08:19    99840    ----a-w-    c:\windows\system32\drivers\usbccgp.sys
2013-09-04 12:11 . 2013-10-12 08:19    52736    ----a-w-    c:\windows\system32\drivers\usbehci.sys
2013-09-04 12:11 . 2013-10-12 08:19    30720    ----a-w-    c:\windows\system32\drivers\usbuhci.sys
2013-09-04 12:11 . 2013-10-12 08:19    25600    ----a-w-    c:\windows\system32\drivers\usbohci.sys
2013-09-04 12:11 . 2013-10-12 08:19    7808    ----a-w-    c:\windows\system32\drivers\usbd.sys
2013-09-03 12:35 . 2012-12-03 09:22    278800    ------w-    c:\windows\system32\MpSigStub.exe
2013-08-30 07:48 . 2013-03-18 16:47    65336    ----a-w-    c:\windows\system32\drivers\aswRvrt.sys
2013-08-30 07:48 . 2013-03-18 16:47    204880    ----a-w-    c:\windows\system32\drivers\aswVmm.sys
2013-08-30 07:48 . 2012-12-03 10:51    378944    ----a-w-    c:\windows\system32\drivers\aswSP.sys
2013-08-30 07:48 . 2012-12-03 10:51    72016    ----a-w-    c:\windows\system32\drivers\aswRdr2.sys
2013-08-30 07:48 . 2012-12-03 10:51    64288    ----a-w-    c:\windows\system32\drivers\aswTdi.sys
2013-08-30 07:48 . 2012-12-03 10:51    1030952    ----a-w-    c:\windows\system32\drivers\aswSnx.sys
2013-08-30 07:48 . 2013-08-27 08:02    270824    ----a-w-    c:\windows\system32\drivers\aswNdis2.sys
2013-08-30 07:48 . 2013-08-27 08:02    131232    ----a-w-    c:\windows\system32\drivers\aswFW.sys
2013-08-30 07:48 . 2012-12-03 10:51    33400    ----a-w-    c:\windows\system32\drivers\aswFsBlk.sys
2013-08-30 07:48 . 2012-12-03 10:51    80816    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2013-08-30 07:48 . 2012-12-03 10:51    22600    ----a-w-    c:\windows\system32\drivers\aswKbd.sys
2013-08-30 07:47 . 2012-12-03 10:51    41664    ----a-w-    c:\windows\avastSS.scr
2013-08-30 07:47 . 2012-12-03 10:51    287840    ----a-w-    c:\windows\system32\aswBoot.exe
2013-08-28 01:21 . 2013-10-10 15:38    3155968    ----a-w-    c:\windows\system32\win32k.sys
2013-08-19 09:15 . 2013-08-19 09:15    0    ----a-w-    c:\users\nne\icq.exe
2009-09-27 07:39    369152    --sh--w-    c:\windows\SysWOW64\avisynth.dll
2005-07-14 10:31    32256    --sh--w-    c:\windows\SysWOW64\AVSredirect.dll
2004-02-22 08:11    719872    --sh--w-    c:\windows\SysWOW64\devil.dll
2004-01-24 22:00    70656    --sh--w-    c:\windows\SysWOW64\i420vfw.dll
2004-06-26 15:39    438272    --sh--w-    c:\windows\SysWOW64\vp6vfw.dll
2004-01-24 22:00    70656    --sh--w-    c:\windows\SysWOW64\yv12vfw.dll
.
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2010-03-03 4581280]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2013-07-15 1564016]
"KiesAirMessage"="c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe" [2013-03-20 578560]
"ISUSPM"="c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NBAgent"="c:\program files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" [2010-03-08 1086760]
"TUSBSleepChargeSrv"="%ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe" [BU]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2011-02-11 1295736]
"TRCMan"="c:\program files (x86)\TOSHIBA\TRCMan\TRCMan.exe" [2010-06-02 714104]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-05-01 2454840]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-07-15 311152]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968]
"beidsystemtray"="c:\program files (x86)\Belgium Identity Card\beidsystemtray.exe" [2007-02-19 188416]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2009-11-10 417792]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"RohosLogon"="c:\program files (x86)\Rohos\welcome-user.exe" [2013-06-14 1136224]
"MPlayerForWindows_AutoUpdateV2"="c:\program files (x86)\MPlayer for Windows\Updater.exe" [2013-09-29 360001]
"MobileBroadband"="c:\program files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe" [2013-02-05 76288]
"VmbNotifier"="c:\program files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe" [2013-02-05 1861632]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2010-03-03 4581280]
.
c:\users\nne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
PRTG Enterprise Console.lnk - c:\program files (x86)\PRTG Network Monitor\PRTG Enterprise Console.exe tray [2013-9-21 9063136]
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2010-6-28 2721184]
PHOTOfunSTUDIO 5.1 HD Edition.lnk - c:\program files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe -e "c:\program files (x86)\Panasonic\PHOTOfunSTUDIO 5.1 HD\PHOTOfunSTUDIO.exe" [2013-4-2 172544]
TP-LINK Wireless Utility.lnk - c:\program files (x86)\TP-LINK\COMMON\TWCU.exe -s [2013-10-19 10918400]
WiFi Station.lnk - c:\program files (x86)\Hercules\WiFi Station\WiFiStation.exe -s [2013-10-17 99624]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Rohos]
@="Service"
.
R0 aswRvrt;aswRvrt; [x]
R0 aswVmm;aswVmm; [x]
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
R2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
R2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys;c:\windows\SYSNATIVE\drivers\cpuz135_x64.sys [x]
R2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
R2 DLABMFSE;DLABMFSE;c:\windows\system32\Drivers\DLABMFSE.SYS;c:\windows\SYSNATIVE\Drivers\DLABMFSE.SYS [x]
R2 DLABOIOE;DLABOIOE;c:\windows\system32\Drivers\DLABOIOE.SYS;c:\windows\SYSNATIVE\Drivers\DLABOIOE.SYS [x]
R2 DLADResE;DLADResE;c:\windows\system32\Drivers\DLADResE.SYS;c:\windows\SYSNATIVE\Drivers\DLADResE.SYS [x]
R2 DLAIFS_E;DLAIFS_E;c:\windows\system32\Drivers\DLAIFS_E.SYS;c:\windows\SYSNATIVE\Drivers\DLAIFS_E.SYS [x]
R2 DLAOPIOE;DLAOPIOE;c:\windows\system32\Drivers\DLAOPIOE.SYS;c:\windows\SYSNATIVE\Drivers\DLAOPIOE.SYS [x]
R2 DLAPoolE;DLAPoolE;c:\windows\system32\Drivers\DLAPoolE.SYS;c:\windows\SYSNATIVE\Drivers\DLAPoolE.SYS [x]
R2 DLAUDF_E;DLAUDF_E;c:\windows\system32\Drivers\DLAUDF_E.SYS;c:\windows\SYSNATIVE\Drivers\DLAUDF_E.SYS [x]
R2 DLAUDFAE;DLAUDFAE;c:\windows\system32\Drivers\DLAUDFAE.SYS;c:\windows\SYSNATIVE\Drivers\DLAUDFAE.SYS [x]
R2 DRVEDDM;DRVEDDM;c:\windows\system32\Drivers\DRVEDDM.SYS;c:\windows\SYSNATIVE\Drivers\DRVEDDM.SYS [x]
R2 eID CRL Service;eID CRL Service;c:\windows\SysWOW64\beidservicecrl.exe;c:\windows\SysWOW64\beidservicecrl.exe [x]
R2 eID Privacy Service;eID Privacy Service;c:\windows\SysWOW64\beidservicepcsc.exe;c:\windows\SysWOW64\beidservicepcsc.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\McSACore.exe;c:\progra~2\mcafee\SITEAD~1\McSACore.exe [x]
R2 PRTGCoreService;PRTG Core Server Service;c:\program files (x86)\PRTG Network Monitor\64 bit\PRTG Server.exe;c:\program files (x86)\PRTG Network Monitor\64 bit\PRTG Server.exe [x]
R2 PRTGProbeService;PRTG Probe Service;c:\program files (x86)\PRTG Network Monitor\PRTG Probe.exe;c:\program files (x86)\PRTG Network Monitor\PRTG Probe.exe [x]
R2 RalinkRegistryWriter64;Ralink Registry Writer 64;c:\program files (x86)\TP-LINK\COMMON\RaRegistry64.exe;c:\program files (x86)\TP-LINK\COMMON\RaRegistry64.exe [x]
R2 regi;regi;c:\windows\system32\drivers\regi.sys;c:\windows\SYSNATIVE\drivers\regi.sys [x]
R2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe;c:\program files\TOSHIBA\TECO\TecoService.exe [x]
R2 TpMediaServer;TpMediaServer;c:\program files (x86)\TP-LINK\COMMON\RaMediaServer.exe;c:\program files (x86)\TP-LINK\COMMON\RaMediaServer.exe [x]
R2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
R2 VmbService;Service Vodafone Mobile Broadband;c:\program files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe;c:\program files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [x]
R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys;c:\windows\SYSNATIVE\DRIVERS\a38usb.sys [x]
R3 DIRECTIO;DIRECTIO;c:\program files\PerformanceTest\DirectIo64.sys;c:\program files\PerformanceTest\DirectIo64.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 netr7364;Pilote de carte LAN sans fil USB RT73 pour Vista;c:\windows\system32\DRIVERS\netr7364.sys;c:\windows\SYSNATIVE\DRIVERS\netr7364.sys [x]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x]
R3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
R3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
R3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
R3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
R3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);c:\windows\system32\drivers\WPRO_41_2001.sys;c:\windows\SYSNATIVE\drivers\WPRO_41_2001.sys [x]
S0 aswKbd;aswKbd; [x]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdis.sys [x]
S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
S0 DLACDBHE;DLACDBHE;c:\windows\System32\Drivers\DLACDBHE.SYS;c:\windows\SYSNATIVE\Drivers\DLACDBHE.SYS [x]
S0 DRVECDB;DRVECDB;c:\windows\System32\Drivers\DRVECDB.SYS;c:\windows\SYSNATIVE\Drivers\DRVECDB.SYS [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys;c:\windows\SYSNATIVE\DRIVERS\thpdrv.sys [x]
S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS;c:\windows\SYSNATIVE\DRIVERS\Thpevm.SYS [x]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys;c:\windows\SYSNATIVE\DRIVERS\tos_sps64.sys [x]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 DLARTL_E;DLARTL_E;c:\windows\system32\Drivers\DLARTL_E.SYS;c:\windows\SYSNATIVE\Drivers\DLARTL_E.SYS [x]
S2 Rohos;Rohos welcome screen elements;c:\program files (x86)\Rohos\ntserv.exe;c:\program files (x86)\Rohos\ntserv.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 hidshim;Service for HID-KMDF Shim layer;c:\windows\system32\DRIVERS\hidshim.sys;c:\windows\SYSNATIVE\DRIVERS\hidshim.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 nuvotoncir;Nuvoton IR Transceiver;c:\windows\system32\DRIVERS\nuvotoncir.sys;c:\windows\SYSNATIVE\DRIVERS\nuvotoncir.sys [x]
S3 nuvotonhidcir;Nuvoton HID CIR Receiver;c:\windows\system32\DRIVERS\nuvotonhidcir.sys;c:\windows\SYSNATIVE\DRIVERS\nuvotonhidcir.sys [x]
S3 O2MDGRDR;O2MDGRDR;c:\windows\system32\DRIVERS\o2mdgx64.sys;c:\windows\SYSNATIVE\DRIVERS\o2mdgx64.sys [x]
S3 O2SDGRDR;O2SDGRDR;c:\windows\system32\DRIVERS\o2sdgx64.sys;c:\windows\SYSNATIVE\DRIVERS\o2sdgx64.sys [x]
S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys;c:\windows\SYSNATIVE\DRIVERS\QIOMem.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192se.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - PXHLPA64
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
.
Contenu du dossier 'Tâches planifiées'
.
2013-11-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-03 10:09]
.
2013-11-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-08 14:27]
.
2013-11-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-08 14:27]
.
2013-11-12 c:\windows\Tasks\HP Photo Creations Communicator.job
- c:\programdata\HP Photo Creations\Communicator.exe [2012-12-04 15:24]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-08-30 07:47    133840    ----a-w-    c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"="c:\windows\system32\thpsrv" [X]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2010-05-11 1050072]
"HSON"="c:\program files (x86)\TOSHIBA\TBS\HSON.exe" [BU]
"TPwrMain"="c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE" [BU]
"SmoothView"="c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe" [BU]
"00TCrdMain"="c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe" [BU]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2010-04-28 307768]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SmartFaceVWatcher"="c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe" [BU]
"Teco"="c:\program files (x86)\TOSHIBA\TECO\Teco.exe" [BU]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-05 709976]
"HDMICtrlMan"="c:\program files (x86)\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe" [BU]
"TosWaitSrv"="c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe" [BU]
"TosNC"="c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe" [BU]
"TosReelTimeMonitor"="c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [BU]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaReminder.exe" [2010-04-19 136136]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.be/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Download Video on This Page - c:\program files (x86)\Tomato\YouTube Video Downloader\MDIEEx.dll/211
IE: Download Video This Links To - c:\program files (x86)\Tomato\YouTube Video Downloader\MDIEEx.dll/212
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: Tout télécharger avec Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlall.htm
IE: Télécharger avec Free Download Manager - file://c:\program files (x86)\Free Download Manager\dllink.htm
IE: Télécharger avec Mipony
IE: Télécharger la sélection avec Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlselected.htm
IE: Télécharger la vidéo avec Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlfvideo.htm
IE: {{11F19C45-9675-488A-A8E0-8E8234DC245D} - res://c:\program files (x86)\Tomato\YouTube Video Downloader\MDIEEx.dll/211
TCP: DhcpNameServer = 195.238.2.21 195.238.2.22
FF - ProfilePath - c:\users\nne\AppData\Roaming\Mozilla\Firefox\Profiles\8ddkxp5f.default\
FF - prefs.js: browser.startup.homepage - www.google.be
FF - ExtSQL: 2013-11-07 21:00; {4ED1F68A-5463-4931-9384-8FFF5ED91D92}; c:\program files (x86)\McAfee\SiteAdvisor
FF - ExtSQL: 2013-11-07 22:48; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\nne\AppData\Roaming\Mozilla\Firefox\Profiles\8ddkxp5f.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
AddRemove-FLV Player - c:\users\nne\AppData\Local\WebPlayer\uninstall.exe
AddRemove-GoforFiles - c:\program files (x86)\GoforFiles\uninstall.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@SACL=
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@SACL=
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\°ó+*]
"C040110900063D11C8EF10054038389C"="C?\\Windows\\SysWOW64\\FM20ENU.DLL"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
Heure de fin: 2013-11-12  11:12:16
ComboFix-quarantined-files.txt  2013-11-12 10:12
ComboFix2.txt  2013-11-07 09:11
.
Avant-CF: 136.144.801.792 octets libres
Après-CF: 135.787.409.408 octets libres
.
- - End Of File - - F5BBF7B0051473AB2E46D0BF22EB5DD7
A36C5E4F47E84449FF07ED3517B43A31
 



#4 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:54 PM

Posted 12 November 2013 - 09:18 AM

Most of the tools you ran shouldn´t be executed without exactly knowing what you are doing.

They may turn your computer into a very expensive door stop so please don´t repeat that.

 

 

 

Scan with aswMBR

Please download aswMBR ( 4.5MB ) to your desktop.

  • Double click the aswMBR.exe icon, and click Run.
  • There will be a short delay before the next dialog box comes up. Please just wait a minute or two.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Typically this is about a 100MB download so depending on your connection speed it can take a short while to download and become ready.
  • Click the Scan button to start the scan once the update has finished downloading
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

Note: There will also be a file on your desktop named MBR.dat do not delete this for now. It is an actual backup of the MBR (master boot record).

 

 

 

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#5 sÚpadubidon

sÚpadubidon
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:06:54 PM

Posted 12 November 2013 - 10:07 AM

ok good Marius,

 

i open aswMBR ,

open windows avast on my pc, ask "mise à jour"

and then programme start "mise à niveau avast 2014..."

then reboot...,

i open aswMBR,

ask "mise à jour base virale avast"  said "deja à jour"

and i start scan aswMBR at 15h42'

 

well Marius can i post the logs later in this evening? i must go with my two dogs for the daily walk...it is time...

when aswMBR is finished it say it?(there is one red line)



#6 sÚpadubidon

sÚpadubidon
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:06:54 PM

Posted 12 November 2013 - 10:11 AM

 aswMBR has finished...

the log:

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-11-12 15:48:30
-----------------------------
15:48:30.626    OS Version: Windows x64 6.1.7601 Service Pack 1
15:48:30.626    Number of processors: 8 586 0x1E05
15:48:30.626    ComputerName: AZERTY  UserName: nne
15:48:33.636    Initialize success
15:48:33.839    AVAST engine defs: 13111200
15:50:17.794    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
15:50:17.797    Disk 0 Vendor: Hitachi_HTS725050A9A360 PC4OC71E Size: 476940MB BusType: 3
15:50:17.802    Disk 1  \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-1
15:50:17.809    Disk 1 Vendor: Hitachi_HTS725050A9A360 PC4OC71E Size: 476940MB BusType: 3
15:50:18.021    Disk 0 MBR read successfully
15:50:18.025    Disk 0 MBR scan
15:50:18.030    Disk 0 Windows 7 default MBR code
15:50:18.062    Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS          399 MB offset 2048
15:50:18.104    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       237917 MB offset 819200
15:50:18.147    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       238623 MB offset 488073216
15:50:18.376    Disk 0 scanning C:\Windows\system32\drivers
15:50:38.864    Service scanning
15:51:08.317    Modules scanning
15:51:08.832    Disk 0 trace - called modules:
15:51:08.847    ntoskrnl.exe CLASSPNP.SYS disk.sys thpdrv.sys ataport.SYS pciide.sys
15:51:08.863    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007de5790]
15:51:08.879    3 CLASSPNP.SYS[fffff880011d143f] -> nt!IofCallDriver -> \Device\THPDRV1[0xfffffa8007ddf710]
15:51:08.879    5 thpdrv.sys[fffff880019e20d0] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8007ba7060]
15:51:10.174    AVAST engine scan C:\Windows
15:51:14.588    AVAST engine scan C:\Windows\system32
15:54:47.497    AVAST engine scan C:\Windows\system32\drivers
15:55:11.600    AVAST engine scan C:\Users\nne
16:04:19.349    File: C:\Users\nne\Downloads\L.Age.de.glace.4.La_derive.des.continents.Drift.2012.FRENCH.DVDRip.XviD-NERD-zanaka.avi.exe  **INFECTED** Win32:Downloader-TBH [Adw]
16:04:26.649    AVAST engine scan C:\ProgramData
16:07:22.239    Scan finished successfully
16:08:43.269    Disk 0 MBR has been saved successfully to "C:\Users\nne\Desktop\MBR.dat"
16:08:43.279    The log file has been saved successfully to "C:\Users\nne\Desktop\aswMBR.txt"

i start the next step...



#7 sÚpadubidon

sÚpadubidon
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:06:54 PM

Posted 12 November 2013 - 01:17 PM

hello Marius,

 

the soft aswMBR is always open with a red line and

the scan of 'eset' is finished,

 

when you want,

 

sépadubidon!

 

here is the file save:

 

C:\AdwCleaner\Quarantine\C\Program Files\IB Updater\Extension32.dll.vir    a variant of Win32/Toolbar.Perion.A application
C:\AdwCleaner\Quarantine\C\Program Files\IB Updater\InstallerHelper.dll.vir    a variant of Win32/Toolbar.BitCocktail.A application
C:\AdwCleaner\Quarantine\C\Program Files\IB Updater\resources\localscript.js.vir    Win32/Toolbar.Perion.E application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Barre_de_Recherche_Trad-Fr\ldrtbBarr.dll.vir    a variant of Win32/Toolbar.Conduit.P application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Barre_de_Recherche_Trad-Fr\tbBarr.dll.vir    a variant of Win32/Toolbar.Conduit.B application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\goforfiles\GFFUpdater.exe.vir    Win32/YourFileDownloader.B application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\goforfiles\GoforFiles.exe.vir    a variant of Win32/YourFileDownloader.B application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\goforfiles\goforfilesdl.exe.vir    Win32/YourFileDownloader.B application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\goforfiles\uninstall.exe.vir    a variant of Win32/ExpressDownloader.H application
C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir    a variant of Win32/Adware.Yontoo.B application
C:\AdwCleaner\Quarantine\C\Users\nne\AppData\Local\lollipop\Lollipop.exe.vir    a variant of Win32/Kryptik.BEQH trojan
C:\AdwCleaner\Quarantine\C\Users\nne\AppData\Local\torch\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.530_0\background.html.vir    Win32/Toolbar.Perion.D application
C:\AdwCleaner\Quarantine\C\Users\nne\AppData\LocalLow\Barre_de_Recherche_Trad-Fr\ldrtbBar0.dll.vir    a variant of Win32/Toolbar.Conduit.P application
C:\AdwCleaner\Quarantine\C\Users\nne\AppData\LocalLow\Barre_de_Recherche_Trad-Fr\ldrtbBarr.dll.vir    a variant of Win32/Toolbar.Conduit.P application
C:\AdwCleaner\Quarantine\C\Users\nne\AppData\LocalLow\Barre_de_Recherche_Trad-Fr\tbBar0.dll.vir    a variant of Win32/Toolbar.Conduit.B application
C:\AdwCleaner\Quarantine\C\Users\nne\AppData\LocalLow\Barre_de_Recherche_Trad-Fr\tbBarr.dll.vir    a variant of Win32/Toolbar.Conduit.B application
C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\ARFC\wrtc.exe.vir    a variant of Win32/Toolbar.Perion.G application
C:\Downloads\Software\Barre_de_Recherche_Trad-Fr.exe    multiple threats
C:\Downloads\Software\PC%20Inspector%20File%20Recovery.exe    a variant of Win32/FirseriaInstaller.A application
C:\Qoobox\Quarantine\C\Users\nne\AppData\Local\Lollipop\Lollipop.exe.vir    a variant of Win32/Kryptik.BEQH trojan
C:\Users\nne\Desktop\dossierss\dossiers\moment\PROGRAMS\Keyfinder\keyfinderpe.exe    a variant of Win32/PSWTool.RAS.A application
C:\Users\nne\Downloads\DownloadManagerSetup.exe    a variant of Win32/InstallCore.AZ application
C:\Users\nne\Downloads\L.Age.de.glace.4.La_derive.des.continents.Drift.2012.FRENCH.DVDRip.XviD-NERD-zanaka.avi.exe    Win32/InstalleRex.I application
C:\Users\nne\Downloads\mp3addin.exe    a variant of Win32/Somoto.A application
C:\Users\nne\Downloads\Webplayer_FR.exe    a variant of Win32/InstallCore.AZ application
C:\Users\nne\Downloads\WinZip170.exe    a variant of Win32/OpenInstall application
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2SKALB1U\update[1]    multiple threats
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2SKALB1U\update[1]    multiple threats
D:\Downloads\mp3 add in pour powerpoint 2003\mp3addin.exe    a variant of Win32/Somoto.A application
D:\Downloads\Software\PC%20Inspector%20File%20Recovery.exe    a variant of Win32/FirseriaInstaller.A application
D:\Downloads\Software\SoftonicDownloader_pour_openoffice-org-portable.exe    a variant of Win32/SoftonicDownloader.E application
 



#8 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:54 PM

Posted 13 November 2013 - 03:50 AM

Combofix scripting

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Download the attached CFScript.txt and save it to the location where Combofix is.


CFScriptB-4.gif


Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

 

 

 

Full System Scan with Malwarebytes Antimalware
 

  • If not existing, please download Malwarebytes' Anti-Malware to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform fullscan, place a checkmark on all hard drives, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location.
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Post that log back here.

 

Attached Files


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#9 sÚpadubidon

sÚpadubidon
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:06:54 PM

Posted 13 November 2013 - 07:15 AM

Well Marius,

 

I must say that when stopping windows yesterday, there is one update windows installed i don't know what,

 

and in the removes elements of combofix there is mp3addin.exe, i have use to install in powerpoint 2003,

i have made one diaporama with a mp3 in place of a ".wav" and i have send that!

 

Must i say to the person that the diapo is infected perhaps?

 

here is the combofix.txt:

 

ComboFix 13-11-12.01 - nne 13/11/2013  11:01:10.2.8 - x64
Microsoft Windows 7 Édition Familiale Premium   6.1.7601.1.1252.32.1036.18.8060.5866 [GMT 1:00]
Lancé depuis: c:\users\nne\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\users\nne\Desktop\CFScript.txt
AV: avast! Internet Security *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Internet Security *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Internet Security *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\downloads\Software\Barre_de_Recherche_Trad-Fr.exe"
"c:\downloads\Software\PC%20Inspector%20File%20Recovery.exe"
"c:\users\nne\Desktop\dossierss\dossiers\moment\PROGRAMS\Keyfinder\keyfinderpe.exe"
"c:\users\nne\Downloads\DownloadManagerSetup.exe"
"c:\users\nne\Downloads\L.Age.de.glace.4.La_derive.des.continents.Drift.2012.FRENCH.DVDRip.XviD-NERD-zanaka.avi.exe"
"c:\users\nne\Downloads\mp3addin.exe"
"c:\users\nne\Downloads\Webplayer_FR.exe"
"c:\users\nne\Downloads\WinZip170.exe"
"d:\downloads\mp3 add in pour powerpoint 2003\mp3addin.exe"
"d:\downloads\Software\PC%20Inspector%20File%20Recovery.exe"
"d:\downloads\Software\SoftonicDownloader_pour_openoffice-org-portable.exe"
.
.
((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\downloads\Software\Barre_de_Recherche_Trad-Fr.exe
c:\downloads\Software\PC%20Inspector%20File%20Recovery.exe
c:\users\nne\Desktop\dossierss\dossiers\moment\PROGRAMS\Keyfinder\keyfinderpe.exe
c:\users\nne\Downloads\DownloadManagerSetup.exe
c:\users\nne\Downloads\L.Age.de.glace.4.La_derive.des.continents.Drift.2012.FRENCH.DVDRip.XviD-NERD-zanaka.avi.exe
c:\users\nne\Downloads\mp3addin.exe
c:\users\nne\Downloads\Webplayer_FR.exe
c:\users\nne\Downloads\WinZip170.exe
d:\downloads\mp3 add in pour powerpoint 2003\mp3addin.exe
d:\downloads\Software\PC%20Inspector%20File%20Recovery.exe
d:\downloads\Software\SoftonicDownloader_pour_openoffice-org-portable.exe
.
.
(((((((((((((((((((((((((((((   Fichiers créés du 2013-10-13 au 2013-11-13  ))))))))))))))))))))))))))))))))))))
.
.
2013-11-13 10:14 . 2013-11-13 10:14    --------    d-----w-    c:\users\Default\AppData\Local\temp
2013-11-13 09:34 . 2013-11-13 09:34    96784    ----a-w-    c:\windows\SysWow64\WPRO_41_2001woem.tmp
2013-11-13 09:34 . 2013-11-13 09:34    35344    ----a-w-    c:\windows\system32\drivers\WPRO_41_2001.sys
2013-11-13 09:31 . 2013-10-14 07:12    10280728    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{6A79F88D-27D1-41B1-8DAF-95AEE8A6B55A}\mpengine.dll
2013-11-12 15:17 . 2013-11-12 15:17    --------    d-----w-    c:\program files (x86)\ESET
2013-11-12 14:46 . 2013-11-12 14:46    --------    d-----w-    c:\users\nne\AppData\Roaming\AVAST Software
2013-11-12 10:41 . 2013-11-12 10:56    --------    d-----w-    c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-11-12 10:41 . 2013-11-12 10:41    116440    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
2013-11-12 10:40 . 2013-11-12 10:40    91352    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2013-11-12 09:19 . 2013-11-12 09:19    --------    d-----w-    c:\windows\ERUNT
2013-11-12 08:46 . 2013-11-12 08:51    --------    d-----w-    c:\windows\system32\catroot2
2013-11-11 23:20 . 2013-11-13 09:34    --------    d-----w-    c:\windows\system32\wbem\repository
2013-11-11 23:19 . 2013-11-11 23:19    --------    d-----w-    c:\windows\SysWow64\wbem\Performance
2013-11-11 23:15 . 2013-11-11 23:31    181064    ----a-w-    c:\windows\PSEXESVC.EXE
2013-11-11 23:12 . 2013-11-11 23:12    --------    d-----w-    C:\RegBackup
2013-11-11 22:19 . 2013-04-04 13:50    25928    ----a-w-    c:\windows\system32\drivers\mbam.sys
2013-11-11 22:17 . 2013-11-11 22:17    --------    d-----w-    c:\program files (x86)\Tweaking.com
2013-11-09 23:03 . 2013-11-12 13:16    --------    d-----w-    c:\program files (x86)\CDex_150
2013-11-09 22:27 . 2013-11-09 22:27    --------    d-----w-    c:\program files (x86)\TopByteLabs
2013-11-09 22:24 . 2013-11-09 22:24    --------    d-----w-    c:\windows\SysWow64\%TEMP%
2013-11-07 18:57 . 2013-11-07 20:00    --------    d-----w-    c:\program files (x86)\ZHPDiag
2013-11-07 18:57 . 2013-11-07 19:01    --------    d-----w-    c:\users\nne\AppData\Roaming\ZHP
2013-11-07 18:33 . 2013-11-07 18:46    --------    d-----w-    c:\users\nne\AppData\Local\ElevatedDiagnostics
2013-11-07 09:22 . 2013-11-12 09:09    --------    d-----w-    C:\AdwCleaner
2013-11-06 15:54 . 2013-11-06 15:54    --------    d-----w-    c:\programdata\Oracle
2013-11-03 11:24 . 2013-11-03 11:24    --------    d-----w-    c:\users\nne\AppData\Local\Eraser 6
2013-11-03 09:05 . 2013-11-06 22:19    --------    d-----w-    c:\program files (x86)\Adblock Plus for IE
2013-11-02 22:31 . 2013-11-07 20:00    --------    d-----w-    c:\program files\Eraser
2013-11-02 13:24 . 2013-11-02 13:24    --------    d-----w-    c:\users\nne\AppData\Roaming\Malwarebytes
2013-11-02 13:24 . 2013-11-02 13:24    --------    d-----w-    c:\programdata\Malwarebytes
2013-11-02 13:24 . 2013-11-11 22:19    --------    d-----w-    c:\program files (x86)\Malwarebytes' Anti-Malware
2013-10-22 10:23 . 2013-09-06 12:27    238352    ----a-w-    c:\windows\system32\drivers\VBoxDrv.sys
2013-10-22 10:23 . 2013-09-06 12:25    119056    ----a-w-    c:\windows\system32\drivers\VBoxUSBMon.sys
2013-10-21 13:38 . 2013-10-22 10:24    --------    d-----w-    c:\users\nne\VirtualBox VMs
2013-10-21 13:33 . 2013-10-22 11:28    --------    d-----w-    c:\users\nne\.VirtualBox
2013-10-21 13:32 . 2013-10-22 10:23    --------    dc----w-    c:\windows\system32\DRVSTORE
2013-10-21 11:33 . 2013-10-21 11:33    --------    d-----w-    c:\program files (x86)\LinuxLive USB Creator
2013-10-20 05:53 . 2013-10-20 05:53    --------    d-----w-    c:\program files (x86)\Vodafone
2013-10-19 19:14 . 2013-10-19 19:20    --------    d-----w-    c:\programdata\Ralink
2013-10-19 19:13 . 2013-10-19 19:13    --------    d-----w-    c:\programdata\TP-LINK Driver
2013-10-19 19:13 . 2013-10-19 19:13    --------    d-----w-    c:\program files (x86)\Cisco
2013-10-19 19:13 . 2013-10-19 19:13    --------    d-----w-    c:\windows\system32\RaLanguages
2013-10-19 19:13 . 2011-03-17 08:43    1607008    ----a-w-    c:\windows\SysWow64\RaCertMgr.dll
2013-10-19 19:13 . 2011-03-17 08:43    792416    ----a-w-    c:\windows\system32\DiagFunc.dll
2013-10-19 19:13 . 2011-03-17 08:43    2399584    ----a-w-    c:\windows\system32\RaCertMgr.dll
2013-10-19 19:13 . 2011-03-17 08:43    128864    ----a-w-    c:\windows\SysWow64\RAEXTUI.dll
2013-10-19 19:13 . 2011-03-17 08:43    128864    ----a-w-    c:\windows\system32\RAEXTUI.dll
2013-10-19 19:13 . 2011-03-17 08:43    1112928    ----a-w-    c:\windows\SysWow64\RAIHV.dll
2013-10-19 19:13 . 2011-03-17 08:43    1112928    ----a-w-    c:\windows\system32\RAIHV.dll
2013-10-19 19:13 . 2011-03-17 08:43    792416    ----a-w-    c:\windows\SysWow64\DiagFunc.dll
2013-10-19 19:13 . 2013-10-19 19:13    --------    d-----w-    c:\program files (x86)\TP-LINK
2013-10-17 15:46 . 2013-10-17 15:51    --------    d-----w-    c:\program files (x86)\RAR Password Unlocker
2013-10-17 15:46 . 2013-10-17 15:46    --------    d-----w-    c:\users\nne\AppData\Local\Programs
2013-10-17 14:24 . 2013-10-17 14:24    --------    d-----w-    c:\program files (x86)\Hercules
.
.
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-12 19:58 . 2012-12-03 13:52    165232    ---ha-w-    c:\users\nne\AppData\Roaming\Microsoft\Virtual PC\VPCKeyboard.dll
2013-11-12 14:40 . 2013-03-18 16:47    65776    ----a-w-    c:\windows\system32\drivers\aswRvrt.sys
2013-11-12 14:40 . 2013-03-18 16:47    205320    ----a-w-    c:\windows\system32\drivers\aswVmm.sys
2013-11-12 14:40 . 2012-12-03 10:51    409832    ----a-w-    c:\windows\system32\drivers\aswSP.sys
2013-11-12 14:40 . 2012-12-03 10:51    38984    ----a-w-    c:\windows\system32\drivers\aswFsBlk.sys
2013-11-12 14:40 . 2012-12-03 10:51    84328    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2013-11-12 14:40 . 2012-12-03 10:51    65264    ----a-w-    c:\windows\system32\drivers\aswTdi.sys
2013-11-12 14:40 . 2012-12-03 10:51    1032416    ----a-w-    c:\windows\system32\drivers\aswSnx.sys
2013-11-12 14:40 . 2012-12-03 10:51    334648    ----a-w-    c:\windows\system32\aswBoot.exe
2013-11-12 14:40 . 2012-12-03 10:51    92544    ----a-w-    c:\windows\system32\drivers\aswRdr2.sys
2013-11-12 14:40 . 2012-12-03 10:51    43152    ----a-w-    c:\windows\avastSS.scr
2013-11-12 14:40 . 2012-12-03 10:51    28184    ----a-w-    c:\windows\system32\drivers\aswKbd.sys
2013-11-12 14:40 . 2013-08-27 08:02    447888    ----a-w-    c:\windows\system32\drivers\aswNdisFlt.sys
2013-10-31 06:46 . 2013-08-27 08:02    270824    ----a-w-    c:\windows\system32\drivers\aswNdis2.sys
2013-10-31 06:46 . 2013-08-27 08:02    131232    ----a-w-    c:\windows\system32\drivers\aswFW.sys
2013-10-17 10:50 . 2012-11-27 18:23    1004    --sha-w-    c:\programdata\KGyGaAvL.sys
2013-10-10 20:24 . 2012-12-09 10:42    80541720    ----a-w-    c:\windows\system32\MRT.exe
2013-10-10 10:09 . 2012-12-03 12:06    71048    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-30 15:53 . 2012-11-27 15:06    829264    ----a-w-    c:\windows\system32\msvcr100.dll
2013-09-30 15:53 . 2012-11-27 15:06    608080    ----a-w-    c:\windows\system32\msvcp100.dll
2013-09-22 23:28 . 2013-10-10 20:32    1767936    ----a-w-    c:\windows\SysWow64\wininet.dll
2013-09-22 23:27 . 2013-10-10 20:32    2876928    ----a-w-    c:\windows\SysWow64\jscript9.dll
2013-09-22 23:27 . 2013-10-10 20:32    61440    ----a-w-    c:\windows\SysWow64\iesetup.dll
2013-09-22 23:27 . 2013-10-10 20:32    109056    ----a-w-    c:\windows\SysWow64\iesysprep.dll
2013-09-22 22:55 . 2013-10-10 20:32    51712    ----a-w-    c:\windows\system32\ie4uinit.exe
2013-09-22 22:55 . 2013-10-10 20:32    2241024    ----a-w-    c:\windows\system32\wininet.dll
2013-09-22 22:55 . 2013-10-10 20:32    1365504    ----a-w-    c:\windows\system32\urlmon.dll
2013-09-22 22:54 . 2013-10-10 20:32    603136    ----a-w-    c:\windows\system32\msfeeds.dll
2013-09-22 22:54 . 2013-10-10 20:31    19252224    ----a-w-    c:\windows\system32\mshtml.dll
2013-09-22 22:54 . 2013-10-10 20:32    855552    ----a-w-    c:\windows\system32\jscript.dll
2013-09-22 22:54 . 2013-10-10 20:32    3959296    ----a-w-    c:\windows\system32\jscript9.dll
2013-09-22 22:54 . 2013-10-10 20:32    53248    ----a-w-    c:\windows\system32\jsproxy.dll
2013-09-22 22:54 . 2013-10-10 20:32    526336    ----a-w-    c:\windows\system32\ieui.dll
2013-09-22 22:54 . 2013-10-10 20:32    67072    ----a-w-    c:\windows\system32\iesetup.dll
2013-09-22 22:54 . 2013-10-10 20:32    39936    ----a-w-    c:\windows\system32\iernonce.dll
2013-09-22 22:54 . 2013-10-10 20:32    136704    ----a-w-    c:\windows\system32\iesysprep.dll
2013-09-22 22:54 . 2013-10-10 20:32    2647552    ----a-w-    c:\windows\system32\iertutil.dll
2013-09-22 22:54 . 2013-10-10 20:31    15404544    ----a-w-    c:\windows\system32\ieframe.dll
2013-09-21 03:38 . 2013-10-10 20:32    2706432    ----a-w-    c:\windows\system32\mshtml.tlb
2013-09-21 03:30 . 2013-10-10 20:32    2706432    ----a-w-    c:\windows\SysWow64\mshtml.tlb
2013-09-21 02:48 . 2013-10-10 20:32    89600    ----a-w-    c:\windows\system32\RegisterIEPKEYs.exe
2013-09-21 02:39 . 2013-10-10 20:32    71680    ----a-w-    c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-09-12 14:29 . 2013-09-12 14:29    82432    ----a-w-    c:\users\nne\AppData\Roaming\Microsoft\MSXML2\msxml4r.dll
2013-09-12 14:29 . 2013-09-12 14:29    44544    ----a-w-    c:\users\nne\AppData\Roaming\Microsoft\MSXML2\msxml4a.dll
2013-09-12 14:29 . 2013-09-12 14:29    1275392    ----a-w-    c:\users\nne\AppData\Roaming\Microsoft\MSXML2\msxml4.dll
2013-09-06 12:25 . 2013-09-06 12:25    131856    ----a-w-    c:\windows\system32\drivers\VBoxNetAdp.sys
2013-09-04 12:12 . 2013-10-12 08:19    343040    ----a-w-    c:\windows\system32\drivers\usbhub.sys
2013-09-04 12:11 . 2013-10-12 08:19    325120    ----a-w-    c:\windows\system32\drivers\usbport.sys
2013-09-04 12:11 . 2013-10-12 08:19    99840    ----a-w-    c:\windows\system32\drivers\usbccgp.sys
2013-09-04 12:11 . 2013-10-12 08:19    52736    ----a-w-    c:\windows\system32\drivers\usbehci.sys
2013-09-04 12:11 . 2013-10-12 08:19    30720    ----a-w-    c:\windows\system32\drivers\usbuhci.sys
2013-09-04 12:11 . 2013-10-12 08:19    25600    ----a-w-    c:\windows\system32\drivers\usbohci.sys
2013-09-04 12:11 . 2013-10-12 08:19    7808    ----a-w-    c:\windows\system32\drivers\usbd.sys
2013-09-03 12:35 . 2012-12-03 09:22    278800    ------w-    c:\windows\system32\MpSigStub.exe
2013-08-28 01:21 . 2013-10-10 15:38    3155968    ----a-w-    c:\windows\system32\win32k.sys
2009-09-27 07:39    369152    --sh--w-    c:\windows\SysWOW64\avisynth.dll
2005-07-14 10:31    32256    --sh--w-    c:\windows\SysWOW64\AVSredirect.dll
2004-02-22 08:11    719872    --sh--w-    c:\windows\SysWOW64\devil.dll
2004-01-24 22:00    70656    --sh--w-    c:\windows\SysWOW64\i420vfw.dll
2004-06-26 15:39    438272    --sh--w-    c:\windows\SysWOW64\vp6vfw.dll
2004-01-24 22:00    70656    --sh--w-    c:\windows\SysWOW64\yv12vfw.dll
.
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2010-03-03 4581280]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2013-07-15 1564016]
"KiesAirMessage"="c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe" [2013-03-20 578560]
"ISUSPM"="c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NBAgent"="c:\program files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" [2010-03-08 1086760]
"TUSBSleepChargeSrv"="%ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe" [BU]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2011-02-11 1295736]
"TRCMan"="c:\program files (x86)\TOSHIBA\TRCMan\TRCMan.exe" [2010-06-02 714104]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-05-01 2454840]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-07-15 311152]
"beidsystemtray"="c:\program files (x86)\Belgium Identity Card\beidsystemtray.exe" [2007-02-19 188416]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2009-11-10 417792]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"RohosLogon"="c:\program files (x86)\Rohos\welcome-user.exe" [2013-06-14 1136224]
"MPlayerForWindows_AutoUpdateV2"="c:\program files (x86)\MPlayer for Windows\Updater.exe" [2013-09-29 360001]
"MobileBroadband"="c:\program files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe" [2013-02-05 76288]
"VmbNotifier"="c:\program files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe" [2013-02-05 1861632]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-11-12 3568312]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2010-03-03 4581280]
.
c:\users\nne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
PRTG Enterprise Console.lnk - c:\program files (x86)\PRTG Network Monitor\PRTG Enterprise Console.exe tray [2013-9-21 9063136]
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2010-6-28 2721184]
PHOTOfunSTUDIO 5.1 HD Edition.lnk - c:\program files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe -e "c:\program files (x86)\Panasonic\PHOTOfunSTUDIO 5.1 HD\PHOTOfunSTUDIO.exe" [2013-4-2 172544]
TP-LINK Wireless Utility.lnk - c:\program files (x86)\TP-LINK\COMMON\TWCU.exe -s [2013-10-19 10918400]
WiFi Station.lnk - c:\program files (x86)\Hercules\WiFi Station\WiFiStation.exe -s [2013-10-17 99624]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Rohos]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 TpMediaServer;TpMediaServer;c:\program files (x86)\TP-LINK\COMMON\RaMediaServer.exe;c:\program files (x86)\TP-LINK\COMMON\RaMediaServer.exe [x]
R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys;c:\windows\SYSNATIVE\DRIVERS\a38usb.sys [x]
R3 DIRECTIO;DIRECTIO;c:\program files\PerformanceTest\DirectIo64.sys;c:\program files\PerformanceTest\DirectIo64.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 netr7364;Pilote de carte LAN sans fil USB RT73 pour Vista;c:\windows\system32\DRIVERS\netr7364.sys;c:\windows\SYSNATIVE\DRIVERS\netr7364.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 DLACDBHE;DLACDBHE;c:\windows\System32\Drivers\DLACDBHE.SYS;c:\windows\SYSNATIVE\Drivers\DLACDBHE.SYS [x]
S0 DRVECDB;DRVECDB;c:\windows\System32\Drivers\DRVECDB.SYS;c:\windows\SYSNATIVE\Drivers\DRVECDB.SYS [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys;c:\windows\SYSNATIVE\DRIVERS\thpdrv.sys [x]
S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS;c:\windows\SYSNATIVE\DRIVERS\Thpevm.SYS [x]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys;c:\windows\SYSNATIVE\DRIVERS\tos_sps64.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 DLARTL_E;DLARTL_E;c:\windows\system32\Drivers\DLARTL_E.SYS;c:\windows\SYSNATIVE\Drivers\DLARTL_E.SYS [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys;c:\windows\SYSNATIVE\drivers\aswFsBlk.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys;c:\windows\SYSNATIVE\drivers\cpuz135_x64.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DLABMFSE;DLABMFSE;c:\windows\system32\Drivers\DLABMFSE.SYS;c:\windows\SYSNATIVE\Drivers\DLABMFSE.SYS [x]
S2 DLABOIOE;DLABOIOE;c:\windows\system32\Drivers\DLABOIOE.SYS;c:\windows\SYSNATIVE\Drivers\DLABOIOE.SYS [x]
S2 DLADResE;DLADResE;c:\windows\system32\Drivers\DLADResE.SYS;c:\windows\SYSNATIVE\Drivers\DLADResE.SYS [x]
S2 DLAIFS_E;DLAIFS_E;c:\windows\system32\Drivers\DLAIFS_E.SYS;c:\windows\SYSNATIVE\Drivers\DLAIFS_E.SYS [x]
S2 DLAOPIOE;DLAOPIOE;c:\windows\system32\Drivers\DLAOPIOE.SYS;c:\windows\SYSNATIVE\Drivers\DLAOPIOE.SYS [x]
S2 DLAPoolE;DLAPoolE;c:\windows\system32\Drivers\DLAPoolE.SYS;c:\windows\SYSNATIVE\Drivers\DLAPoolE.SYS [x]
S2 DLAUDF_E;DLAUDF_E;c:\windows\system32\Drivers\DLAUDF_E.SYS;c:\windows\SYSNATIVE\Drivers\DLAUDF_E.SYS [x]
S2 DLAUDFAE;DLAUDFAE;c:\windows\system32\Drivers\DLAUDFAE.SYS;c:\windows\SYSNATIVE\Drivers\DLAUDFAE.SYS [x]
S2 DRVEDDM;DRVEDDM;c:\windows\system32\Drivers\DRVEDDM.SYS;c:\windows\SYSNATIVE\Drivers\DRVEDDM.SYS [x]
S2 eID CRL Service;eID CRL Service;c:\windows\SysWOW64\beidservicecrl.exe;c:\windows\SysWOW64\beidservicecrl.exe [x]
S2 eID Privacy Service;eID Privacy Service;c:\windows\SysWOW64\beidservicepcsc.exe;c:\windows\SysWOW64\beidservicepcsc.exe [x]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\McSACore.exe;c:\progra~2\mcafee\SITEAD~1\McSACore.exe [x]
S2 PRTGCoreService;PRTG Core Server Service;c:\program files (x86)\PRTG Network Monitor\64 bit\PRTG Server.exe;c:\program files (x86)\PRTG Network Monitor\64 bit\PRTG Server.exe [x]
S2 PRTGProbeService;PRTG Probe Service;c:\program files (x86)\PRTG Network Monitor\PRTG Probe.exe;c:\program files (x86)\PRTG Network Monitor\PRTG Probe.exe [x]
S2 RalinkRegistryWriter64;Ralink Registry Writer 64;c:\program files (x86)\TP-LINK\COMMON\RaRegistry64.exe;c:\program files (x86)\TP-LINK\COMMON\RaRegistry64.exe [x]
S2 regi;regi;c:\windows\system32\drivers\regi.sys;c:\windows\SYSNATIVE\drivers\regi.sys [x]
S2 Rohos;Rohos welcome screen elements;c:\program files (x86)\Rohos\ntserv.exe;c:\program files (x86)\Rohos\ntserv.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe;c:\program files\TOSHIBA\TECO\TecoService.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S2 VmbService;Service Vodafone Mobile Broadband;c:\program files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe;c:\program files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [x]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 hidshim;Service for HID-KMDF Shim layer;c:\windows\system32\DRIVERS\hidshim.sys;c:\windows\SYSNATIVE\DRIVERS\hidshim.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 nuvotoncir;Nuvoton IR Transceiver;c:\windows\system32\DRIVERS\nuvotoncir.sys;c:\windows\SYSNATIVE\DRIVERS\nuvotoncir.sys [x]
S3 nuvotonhidcir;Nuvoton HID CIR Receiver;c:\windows\system32\DRIVERS\nuvotonhidcir.sys;c:\windows\SYSNATIVE\DRIVERS\nuvotonhidcir.sys [x]
S3 O2MDGRDR;O2MDGRDR;c:\windows\system32\DRIVERS\o2mdgx64.sys;c:\windows\SYSNATIVE\DRIVERS\o2mdgx64.sys [x]
S3 O2SDGRDR;O2SDGRDR;c:\windows\system32\DRIVERS\o2sdgx64.sys;c:\windows\SYSNATIVE\DRIVERS\o2sdgx64.sys [x]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys;c:\windows\SYSNATIVE\DRIVERS\QIOMem.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192se.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
S3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);c:\windows\system32\drivers\WPRO_41_2001.sys;c:\windows\SYSNATIVE\drivers\WPRO_41_2001.sys [x]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - WPRO_41_2001
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
.
Contenu du dossier 'Tâches planifiées'
.
2013-11-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-03 10:09]
.
2013-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-08 14:27]
.
2013-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-08 14:27]
.
2013-11-13 c:\windows\Tasks\HP Photo Creations Communicator.job
- c:\programdata\HP Photo Creations\Communicator.exe [2012-12-04 15:24]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-11-12 14:40    326944    ----a-w-    c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"="c:\windows\system32\thpsrv" [X]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2010-05-11 1050072]
"HSON"="c:\program files (x86)\TOSHIBA\TBS\HSON.exe" [BU]
"TPwrMain"="c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE" [BU]
"SmoothView"="c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe" [BU]
"00TCrdMain"="c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe" [BU]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2010-04-28 307768]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SmartFaceVWatcher"="c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe" [BU]
"Teco"="c:\program files (x86)\TOSHIBA\TECO\Teco.exe" [BU]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-05 709976]
"HDMICtrlMan"="c:\program files (x86)\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe" [BU]
"TosWaitSrv"="c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe" [BU]
"TosNC"="c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe" [BU]
"TosReelTimeMonitor"="c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [BU]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaReminder.exe" [2010-04-19 136136]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.be/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Download Video on This Page - c:\program files (x86)\Tomato\YouTube Video Downloader\MDIEEx.dll/211
IE: Download Video This Links To - c:\program files (x86)\Tomato\YouTube Video Downloader\MDIEEx.dll/212
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: Tout télécharger avec Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlall.htm
IE: Télécharger avec Free Download Manager - file://c:\program files (x86)\Free Download Manager\dllink.htm
IE: Télécharger avec Mipony
IE: Télécharger la sélection avec Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlselected.htm
IE: Télécharger la vidéo avec Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlfvideo.htm
IE: {{11F19C45-9675-488A-A8E0-8E8234DC245D} - res://c:\program files (x86)\Tomato\YouTube Video Downloader\MDIEEx.dll/211
TCP: DhcpNameServer = 192.168.9.1 192.168.9.1
FF - ProfilePath - c:\users\nne\AppData\Roaming\Mozilla\Firefox\Profiles\8ddkxp5f.default\
FF - prefs.js: browser.startup.homepage - www.google.be
FF - ExtSQL: 2013-11-07 21:00; {4ED1F68A-5463-4931-9384-8FFF5ED91D92}; c:\program files (x86)\McAfee\SiteAdvisor
FF - ExtSQL: 2013-11-07 22:48; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\nne\AppData\Roaming\Mozilla\Firefox\Profiles\8ddkxp5f.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@SACL=
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@SACL=
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\°ó+*]
"C040110900063D11C8EF10054038389C"="C?\\Windows\\SysWOW64\\FM20ENU.DLL"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
Heure de fin: 2013-11-13  11:32:49
ComboFix-quarantined-files.txt  2013-11-13 10:32
ComboFix2.txt  2013-11-12 10:12
ComboFix3.txt  2013-11-07 09:11
.
Avant-CF: 134.544.769.024 octets libres
Après-CF: 134.094.974.976 octets libres
.
- - End Of File - - 0D17414CE12D98DC5BCDE6D579EF8DFF
A36C5E4F47E84449FF07ED3517B43A31

 

then here is the mbam log:(i must reboot!)

*********************************

Malwarebytes Anti-Malware (Essai) 1.75.0.1300
www.malwarebytes.org

Version de la base de données: v2013.11.13.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
nne :: AZERTY [administrateur]

Protection: Désactivé

13/11/2013 11:56:58
mbam-log-2013-11-13 (11-56-58).txt

Type d'examen: Examen complet (C:\|D:\|E:\|Q:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 444738
Temps écoulé: 1 heure(s), 3 minute(s), 41 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 14
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Barre_de_Recherche_Trad-Fr\Barre_de_Recherche_Trad-FrToolbarHelper.exe.vir (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\goforfiles\uninstall.exe.vir (PUP.Optional.GoForFiles.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Windows\System32\ljkb\lmrn.dll.vir (PUP.Optional.Sweetpacks) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\ARFC\wrtc.exe.vir (PUP.Optional.InstallBrain.A) -> Mis en quarantaine et supprimé avec succès.
C:\Downloads\Software\iLividSetup-r362-n-bi.exe (PUP.Optional.Bandoo) -> Mis en quarantaine et supprimé avec succès.
C:\Qoobox\Quarantine\C\Downloads\Software\Barre_de_Recherche_Trad-Fr.exe.vir (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
C:\Qoobox\Quarantine\C\Downloads\Software\PC%20I~1.EXE.vir (PUP.Optional.FirSeriaInstaller) -> Mis en quarantaine et supprimé avec succès.
C:\Qoobox\Quarantine\C\Users\nne\Downloads\mp3addin.exe.vir (PUP.Optional.Somoto) -> Mis en quarantaine et supprimé avec succès.
C:\Qoobox\Quarantine\D\av1.zip (PUP.Optional.Somoto) -> Mis en quarantaine et supprimé avec succès.
C:\Qoobox\Quarantine\D\Downloads\mp3 add in pour powerpoint 2003\mp3addin.exe.vir (PUP.Optional.Somoto) -> Mis en quarantaine et supprimé avec succès.
C:\Qoobox\Quarantine\D\Downloads\Software\PC%20I~1.EXE.vir (PUP.Optional.FirSeriaInstaller) -> Mis en quarantaine et supprimé avec succès.
C:\Qoobox\Quarantine\D\Downloads\Software\SoftonicDownloader_pour_openoffice-org-portable.exe.vir (PUP.Optional.Softonic.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\nne\Desktop\dossierss\dossiers\moment\PROGRAMS\PassPro\PasswordsPro.exe (PUP.PasswordsPro) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\System32\%TEMP%\InstallManager.exe (PUP.Optional.InstallMonetizer.A) -> Mis en quarantaine et supprimé avec succès.

(fin)
 

we arrive at the end?can i activate avast ?



#10 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:54 PM

Posted 13 November 2013 - 08:04 AM

The mp3 addin is no malware, but contains security risks.

 

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.


  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[S1].txt also


SecurityCheck

Please download SecurityCheck: LINK1 LINK2

  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#11 sÚpadubidon

sÚpadubidon
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:06:54 PM

Posted 13 November 2013 - 11:42 AM

good evening,
sinds adwcleaner i have no connection possible to internet(no server dns accessibke)next message possible tomorriw same hour(from gsm another wifi)
sorry marius

#12 sÚpadubidon

sÚpadubidon
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:06:54 PM

Posted 13 November 2013 - 05:51 PM

good evening 2

 

Well i have retore pc to the day before at 15h35 then before combofix.

My connection to internet work with firefox, internet explorer is out,

bye



#13 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:54 PM

Posted 14 November 2013 - 02:59 AM

Why did you restore the computer without awaiting my advice? :-/

 

Scan with DDS

Download DDS and save it to your desktop from here or here or
here.

Disable any script blocker, and then double click dds.scr to run the tool.

When done, DDS will open two (2) logs

DDS.txt: save to your desktop then post its contents in your topic
Attach.txt: save to your desktop then attach it to your next reply

 

 

 

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.exe and save it to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please post the contents of that log in your next reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#14 sÚpadubidon

sÚpadubidon
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:06:54 PM

Posted 14 November 2013 - 05:57 AM

hello Marius,

 

At that moment i have NO connection internet, no firefox and no internet explorer,

and thus i cannot ask your advice,

Now:

actually i cannot activate avast internet security...! i have lost the connection with my identity,thus no permition to activate...

internet explorer can open a empty windows without anythink.(firefox work as default explorer), i cannot click on anythink.

 

My connection internet is usb 3g or if possible "belgacom-fon" public network with many cuts.

 

I make my possible, it is not easy...i am not in my home.

 

i know your task is not easy too.

 

thank you,

 

peter

 

here is the logs:

attach-tds.txt:

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Édition Familiale Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 27/11/2012 14:58:44
System Uptime: 14/11/2013 10:35:46 (1 hours ago)
.
Motherboard: TOSHIBA |  | SATELLITE P500
Processor: Intel® Core™ i7 CPU       Q 740  @ 1.73GHz | CPU 1 | 1734/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 232 GiB total, 125,09 GiB free.
D: is FIXED (NTFS) - 466 GiB total, 353,485 GiB free.
E: is FIXED (NTFS) - 233 GiB total, 24,428 GiB free.
F: is CDROM ()
G: is Removable
K: is Removable
L: is FIXED (NTFS) - 466 GiB total, 11,447 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP139: 11/11/2013 18:57:49 - RegClean Pro lun., nov. 11, 13  18:57
RP140: 12/11/2013 00:11:08 - Tweaking.com - Windows Repair
RP141: 12/11/2013 15:35:43 - avast! antivirus system restore point
RP142: 13/11/2013 10:31:09 - Windows Update
RP143: 13/11/2013 13:52:02 - Windows Update
RP144: 13/11/2013 21:33:14 - Opération de restauration
RP145: 13/11/2013 21:42:08 - avast! antivirus system restore point
RP146: 13/11/2013 22:38:38 - Opération de restauration
RP147: 13/11/2013 22:59:56 - Programme d’installation pour les modules Windows
.
==== Installed Programs ======================
.
ACR38/100/122 PC/SC Driver 1.1.3.0
Adblock Plus for IE
Adblock Plus for IE (32-bit)
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.05) - Français
Advanced Archive Password Recovery
Apple Application Support
Apple Software Update
Applet
ArcSoft Software Suite
avast! Internet Security
Bluetooth Stack for Windows by Toshiba
CCleaner
CDex - Open Source Digital Audio CD Extractor
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Conexant HD Audio
Convert VOB to AVI
CPUID CPU-Z 1.58
Dolby Control Center
DVD Decrypter (Remove Only)
DVD Shrink 3.2
Free Download Manager 3.9.2
GIMP 2.8.2
Google Toolbar for Internet Explorer
Google Update Helper
Google Earth
HDMI Control Manager
Hercules WiFi Station
HP Deskjet 2050 J510 series - Enquête sur l'amélioration du produit
L'Age de Glace 2
LinuxLive USB Creator
LocK-A-FoLdeR
Logiciel de base du périphérique HP Deskjet 2050 J510 series
Malwarebytes Anti-Malware version 1.75.0.1300
McAfee SiteAdvisor
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office « Démarrer en un clic » 2010
Microsoft Office 2010
Microsoft Office Professional Edition 2003
Microsoft Silverlight
Microsoft SQL Server Compact 3.5 SP1 English
Microsoft SQL Server Compact 3.5 SP1 x64 English
Microsoft Virtual PC 2007
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mipony Download Manager Packages
Module de compatibilité pour Microsoft Office System 2007
Mozilla Firefox 25.0 (x86 fr)
Mozilla Maintenance Service
MP3 AddIn
MPlayer for Windows
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA Install Application
NVIDIA Pilote audio HD : 1.3.18.0
O2Micro Flash Memory Card Windows Driver
Oracle VM VirtualBox 4.2.18
Package de pilotes Windows - ACS (A38CCID) SmartCardReader  (12/16/2009 1.1.6.5)
Package de pilotes Windows - ACS (ACR122U) SmartCardReader  (12/16/2009 1.1.6.3)
Package de pilotes Windows - ACS (ACSSCR) SmartCardReader  (12/15/2009 1.1.6.2)
PerformanceTest v8.0
PHOTOfunSTUDIO 5.1 HD Edition
PlayReady PC Runtime amd64
PRTG Network Monitor
QuickTime
RAR Password Unlocker
Rohos Logon Key 3.0
Roxio Activation Module
Roxio Creator Audio
Roxio Creator BDAV Plugin
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Drag-to-Disc
Roxio Express Labeler 3
Roxio Update Manager
Samsung Story Album Viewer
SAMSUNG USB Driver for Mobile Phones
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Sonic CinePlayer Decoder Pack
Synaptics Pointing Device Driver
TOSHIBA Bulletin Board
TOSHIBA Disc Creator
TOSHIBA eco Utility
TOSHIBA Face Recognition
TOSHIBA Hardware Setup
TOSHIBA HDD Protection
TOSHIBA HDD/SSD Alert
TOSHIBA PC Health Monitor
TOSHIBA Recovery Media Creator
TOSHIBA ReelTime
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
TP-LINK Wireless Utility
TRORMCLauncher
Tweaking.com - Windows Repair (All in One)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
VLC media player 2.0.8
Vodafone Mobile Broadband
VPNFacile - Sécurisation de votre ligne internet
Windows Live ID Sign-in Assistant
WinRAR 4.20 (64-bit)
WinZip 17.0
Xvid 1.2.2 final uninstall
YouTube Video Downloader 2.6.6
.
==== End Of File ===========================
 

dds.txt:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16496
Run by nne at 11:11:30 on 2013-11-14
Microsoft Windows 7 Édition Familiale Premium   6.1.7601.1.1252.32.1036.18.8060.5239 [GMT 1:00]
.
AV: avast! Internet Security *Disabled/Outdated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Internet Security *Disabled/Outdated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: avast! Internet Security *Enabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files (x86)\Rohos\ntserv.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\SysWOW64\bgsvcgen.exe
C:\Windows\SysWOW64\beidservicecrl.exe
C:\Windows\SysWOW64\beidservicepcsc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe
c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Windows\system32\DRIVERS\o2flash.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\PRTG Network Monitor\64 bit\PRTG Server.exe
C:\Program Files (x86)\PRTG Network Monitor\PRTG Probe.exe
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\TP-LINK\COMMON\RaRegistry.exe
C:\Program Files (x86)\TP-LINK\COMMON\RaRegistry64.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
C:\Windows\system32\ThpSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\System32\WUDFHost.exe
C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\ThpSrv.exe
C:\Program Files\Toshiba\TECO\Teco.exe
C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe
C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe
C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
C:\Program Files\TOSHIBA\FlashCards\Hotkey\TcrdKBB.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files (x86)\TP-LINK\COMMON\TWCU.exe
C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Hercules\WiFi Station\WiFiStation.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Belgium Identity Card\beidsystemtray.exe
C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe
C:\Program Files (x86)\PRTG Network Monitor\PRTG Enterprise Console.exe
C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\perfmon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\ProgramData\HP Photo Creations\Communicator.exe
C:\Windows\system32\taskhost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.be/
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Free Download Manager: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Adblock Plus for IE Browser Helper Object: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Adblock Plus for IE\AdblockPlus32.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
uRun: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
uRun: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
mRun: [NBAgent] "c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart
mRun: [TUSBSleepChargeSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [TRCMan] C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe
mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [beidsystemtray] C:\Program Files (x86)\Belgium Identity Card\beidsystemtray.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [RohosLogon] "C:\Program Files (x86)\Rohos\welcome-user.exe" per-user
mRun: [MPlayerForWindows_AutoUpdateV2] "C:\Program Files (x86)\MPlayer for Windows\Updater.exe" /L=1033 /AutoCheck
mRun: [MobileBroadband] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent
mRun: [VmbNotifier] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe
dRun: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe
StartupFolder: C:\Users\nne\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\PRTGEN~1.LNK - C:\Program Files (x86)\PRTG Network Monitor\PRTG Enterprise Console.exe
StartupFolder: C:\Users\nne\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\TRDCRE~1.LNK - C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PHOTOF~1.LNK - C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\TP-LIN~1.LNK - C:\Program Files (x86)\TP-LINK\COMMON\TWCU.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WIFIST~1.LNK - C:\Program Files (x86)\Hercules\WiFi Station\WiFiStation.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Download Video on This Page - C:\Program Files (x86)\Tomato\YouTube Video Downloader\MDIEEx.dll/211
IE: Download Video This Links To - C:\Program Files (x86)\Tomato\YouTube Video Downloader\MDIEEx.dll/212
IE: E&xporter vers Microsoft Excel - C:\PROGRA~2\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: Tout télécharger avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm
IE: Télécharger avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm
IE: Télécharger avec Mipony - <no file>
IE: Télécharger la sélection avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm
IE: Télécharger la vidéo avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
IE: {11F19C45-9675-488A-A8E0-8E8234DC245D} - C:\Program Files (x86)\Tomato\YouTube Video Downloader\MDIEEx.dll/211
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
TCP: NameServer = 195.238.2.21 195.238.2.22
TCP: Interfaces\{44B5A64E-6EB9-48CB-97A5-415BF5D9EA25} : DHCPNameServer = 195.238.2.21 195.238.2.22
TCP: Interfaces\{44B5A64E-6EB9-48CB-97A5-415BF5D9EA25}\65F4F4F584F4D4543505F445 : DHCPNameServer = 109.88.203.3 62.197.111.140
TCP: Interfaces\{99412DD7-3959-4513-A69A-2625D3784F73} : DHCPNameServer = 192.168.9.1 192.168.9.1
TCP: Interfaces\{CCFC86CC-5782-4F73-843D-4F56889CA3DB} : DHCPNameServer = 192.168.182.1
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
SSODL: WebCheck - <orphaned>
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [SmoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe
x64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [ThpSrv] C:\Windows\System32\thpsrv /logon
x64-Run: [SmartFaceVWatcher] C:\Program Files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [HDMICtrlMan] C:\Program Files (x86)\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
x64-Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaReminder.exe
x64-DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\Windows\System32\ieudinit.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\nne\AppData\Roaming\Mozilla\Firefox\Profiles\8ddkxp5f.default\
FF - prefs.js: browser.startup.homepage - www.google.be
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
FF - ExtSQL: 2013-11-07 21:00; {4ED1F68A-5463-4931-9384-8FFF5ED91D92}; C:\Program Files (x86)\McAfee\SiteAdvisor
FF - ExtSQL: 2013-11-07 22:48; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\nne\AppData\Roaming\Mozilla\Firefox\Profiles\8ddkxp5f.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2012-12-3 22600]
R0 aswNdis;avast! Firewall NDIS Filter Service;C:\Windows\System32\drivers\aswNdis.sys [2013-8-27 12368]
R0 aswNdis2;avast! Firewall Core Firewall Service;C:\Windows\System32\drivers\aswNdis2.sys [2013-8-27 270824]
R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-18 65336]
R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-3-18 189936]
R0 DLACDBHE;DLACDBHE;C:\Windows\System32\drivers\DLACDBHE.SYS [2013-3-28 17776]
R0 DRVECDB;DRVECDB;C:\Windows\System32\drivers\DRVECDB.SYS [2013-3-28 124112]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2013-3-28 53488]
R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\Windows\System32\drivers\thpdrv.sys [2009-6-29 34880]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\Windows\System32\drivers\Thpevm.sys [2009-6-29 14784]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\Windows\System32\drivers\tos_sps64.sys [2012-11-27 482384]
R1 aswFW;avast! TDI Firewall driver;C:\Windows\System32\drivers\aswFW.sys [2013-8-27 131232]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-12-3 1030952]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-12-3 378944]
R1 DLARTL_E;DLARTL_E;C:\Windows\System32\drivers\DLARTL_E.SYS [2013-3-28 41072]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-12-3 33400]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-12-3 80816]
R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2013-11-12 137960]
R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-1-28 249200]
R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-3-10 46448]
R2 cpuz135;cpuz135;C:\Windows\System32\drivers\cpuz135_x64.sys [2012-12-3 21992]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 DLABMFSE;DLABMFSE;C:\Windows\System32\drivers\DLABMFSE.SYS [2013-3-28 46448]
R2 DLABOIOE;DLABOIOE;C:\Windows\System32\drivers\DLABOIOE.SYS [2013-3-28 42352]
R2 DLADResE;DLADResE;C:\Windows\System32\drivers\DLADResE.SYS [2013-3-28 9968]
R2 DLAIFS_E;DLAIFS_E;C:\Windows\System32\drivers\DLAIFS_E.SYS [2013-3-28 146672]
R2 DLAOPIOE;DLAOPIOE;C:\Windows\System32\drivers\DLAOPIOE.SYS [2013-3-28 35056]
R2 DLAPoolE;DLAPoolE;C:\Windows\System32\drivers\DLAPoolE.SYS [2013-3-28 19824]
R2 DLAUDF_E;DLAUDF_E;C:\Windows\System32\drivers\DLAUDF_E.SYS [2013-3-28 144112]
R2 DLAUDFAE;DLAUDFAE;C:\Windows\System32\drivers\DLAUDFAE.SYS [2013-3-28 135152]
R2 DRVEDDM;DRVEDDM;C:\Windows\System32\drivers\DRVEDDM.SYS [2013-3-28 63984]
R2 eID CRL Service;eID CRL Service;C:\Windows\SysWOW64\beidservicecrl.exe [2007-2-19 225280]
R2 eID Privacy Service;eID Privacy Service;C:\Windows\SysWOW64\beidservicepcsc.exe [2007-2-19 331776]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-11-11 418376]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe [2013-9-11 120592]
R2 PRTGCoreService;PRTG Core Server Service;C:\Program Files (x86)\PRTG Network Monitor\64 bit\PRTG Server.exe [2013-9-21 7487488]
R2 PRTGProbeService;PRTG Probe Service;C:\Program Files (x86)\PRTG Network Monitor\PRTG Probe.exe [2013-9-21 8813280]
R2 RalinkRegistryWriter;Ralink Registry Writer;C:\Program Files (x86)\TP-LINK\COMMON\RaRegistry.exe [2013-10-19 374112]
R2 RalinkRegistryWriter64;Ralink Registry Writer 64;C:\Program Files (x86)\TP-LINK\COMMON\RaRegistry64.exe [2013-10-19 451936]
R2 regi;regi;C:\Windows\System32\drivers\regi.sys [2012-11-27 14112]
R2 Rohos;Rohos welcome screen elements;C:\Program Files (x86)\Rohos\ntserv.exe [2013-9-12 69632]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-5-11 124368]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\Toshiba\TECO\TecoService.exe [2010-7-28 267192]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\Windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-11-27 2320920]
R2 VmbService;Service Vodafone Mobile Broadband;C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [2013-2-5 8704]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 hidshim;Service for HID-KMDF Shim layer;C:\Windows\System32\drivers\hidshim.sys [2009-8-31 6656]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2009-11-27 67072]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-11-11 25928]
R3 nuvotoncir;Nuvoton IR Transceiver;C:\Windows\System32\drivers\nuvotoncir.sys [2009-8-31 48128]
R3 nuvotonhidcir;Nuvoton HID CIR Receiver;C:\Windows\System32\drivers\nuvotonhidcir.sys [2009-8-31 26624]
R3 O2MDGRDR;O2MDGRDR;C:\Windows\System32\drivers\o2mdgx64.sys [2010-8-4 76136]
R3 O2SDGRDR;O2SDGRDR;C:\Windows\System32\drivers\o2sdgx64.sys [2009-8-18 49568]
R3 PGEffect;Pangu effect driver;C:\Windows\System32\drivers\PGEffect.sys [2012-11-27 35008]
R3 QIOMem;Generic IO & Memory Access;C:\Windows\System32\drivers\QIOMem.sys [2009-6-15 12800]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\System32\drivers\rtl8192se.sys [2011-6-20 1225832]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2012-11-27 54136]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
R3 TPCHSrv;TPCH Service;C:\Program Files\Toshiba\TPHM\TPCHSrv.exe [2010-7-22 822192]
R3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);C:\Windows\System32\drivers\WPRO_41_2001.sys [2013-11-14 35344]
S2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-11-12 46808]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-11-11 701512]
S2 TpMediaServer;TpMediaServer;C:\Program Files (x86)\TP-LINK\COMMON\RaMediaServer.exe [2013-10-19 619872]
S3 ACSSCR;ACR38 Smart Card Reader;C:\Windows\System32\drivers\a38usb.sys [2009-12-15 44928]
S3 DIRECTIO;DIRECTIO;C:\Program Files\PerformanceTest\DirectIo64.sys [2012-12-9 25704]
S3 FsUsbExDisk;FsUsbExDisk;C:\Windows\SysWOW64\FsUsbExDisk.Sys [2013-3-8 37344]
S3 netr7364;Pilote de carte LAN sans fil USB RT73 pour Vista;C:\Windows\System32\drivers\netr7364.sys [2009-6-10 707072]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-7-25 19456]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2013-6-14 169288]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2013-6-14 21320]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2013-6-14 188232]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\System32\drivers\ssadserd.sys [2013-6-14 158024]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-7-25 57856]
S3 WatAdminSvc;Service Windows Activation Technologies;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-12-9 1255736]
.
=============== Created Last 30 ================
.
2013-11-14 09:37:41    96784    ----a-w-    C:\Windows\SysWow64\WPRO_41_2001woem.tmp
2013-11-14 09:37:41    35344    ----a-w-    C:\Windows\System32\drivers\WPRO_41_2001.sys
2013-11-13 21:49:45    10280728    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5C91F19B-DFA6-41A3-84EF-E60EF47D46D0}\mpengine.dll
2013-11-13 12:20:23    --------    d-----w-    C:\Users\nne\AppData\Local\CrashDumps
2013-11-12 15:17:48    --------    d-----w-    C:\Program Files (x86)\ESET
2013-11-12 14:46:14    --------    d-----w-    C:\Users\nne\AppData\Roaming\AVAST Software
2013-11-12 10:41:41    116440    ----a-w-    C:\Windows\System32\drivers\MBAMSwissArmy.sys
2013-11-12 10:41:41    --------    d-----w-    C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-11-12 10:40:33    91352    ----a-w-    C:\Windows\System32\drivers\mbamchameleon.sys
2013-11-12 10:12:20    --------    d-sh--w-    C:\$RECYCLE.BIN
2013-11-12 10:01:39    98816    ----a-w-    C:\Windows\sed.exe
2013-11-12 10:01:39    256000    ----a-w-    C:\Windows\PEV.exe
2013-11-12 10:01:39    208896    ----a-w-    C:\Windows\MBR.exe
2013-11-12 09:19:05    --------    d-----w-    C:\Windows\ERUNT
2013-11-12 08:46:09    --------    d-----w-    C:\Windows\System32\catroot2
2013-11-11 23:20:27    --------    d-----w-    C:\Windows\System32\wbem\repository
2013-11-11 23:19:47    --------    d-----w-    C:\Windows\SysWow64\wbem\Performance
2013-11-11 23:12:34    --------    d-----w-    C:\RegBackup
2013-11-11 22:19:51    25928    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2013-11-11 22:17:47    --------    d-----w-    C:\Program Files (x86)\Tweaking.com
2013-11-09 23:03:46    --------    d-----w-    C:\Program Files (x86)\CDex_150
2013-11-09 22:27:00    --------    d-----w-    C:\Program Files (x86)\TopByteLabs
2013-11-09 22:24:57    --------    d-----w-    C:\Windows\SysWow64\%TEMP%
2013-11-07 18:57:37    --------    d-----w-    C:\Users\nne\AppData\Roaming\ZHP
2013-11-07 18:57:37    --------    d-----w-    C:\Program Files (x86)\ZHPDiag
2013-11-07 18:33:29    --------    d-----w-    C:\Users\nne\AppData\Local\ElevatedDiagnostics
2013-11-07 09:22:25    --------    d-----w-    C:\AdwCleaner
2013-11-06 15:54:35    --------    d-----w-    C:\ProgramData\Oracle
2013-11-03 11:24:44    --------    d-----w-    C:\Users\nne\AppData\Local\Eraser 6
2013-11-03 09:05:28    --------    d-----w-    C:\Program Files (x86)\Adblock Plus for IE
2013-11-02 22:31:01    --------    d-----w-    C:\Program Files\Eraser
2013-11-02 13:24:50    --------    d-----w-    C:\Users\nne\AppData\Roaming\Malwarebytes
2013-11-02 13:24:38    --------    d-----w-    C:\ProgramData\Malwarebytes
2013-11-02 13:24:37    --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-22 10:23:20    238352    ----a-w-    C:\Windows\System32\drivers\VBoxDrv.sys
2013-10-22 10:23:17    119056    ----a-w-    C:\Windows\System32\drivers\VBoxUSBMon.sys
2013-10-21 13:38:45    --------    d-----w-    C:\Users\nne\VirtualBox VMs
2013-10-21 13:33:33    --------    d-----w-    C:\Users\nne\.VirtualBox
2013-10-21 11:33:30    --------    d-----w-    C:\Program Files (x86)\LinuxLive USB Creator
2013-10-20 05:53:00    --------    d-----w-    C:\Program Files (x86)\Vodafone
2013-10-19 19:14:48    --------    d-----w-    C:\ProgramData\Ralink
2013-10-19 19:13:55    --------    d-----w-    C:\ProgramData\TP-LINK Driver
2013-10-19 19:13:43    --------    d-----w-    C:\Program Files (x86)\Cisco
2013-10-19 19:13:35    792416    ----a-w-    C:\Windows\System32\DiagFunc.dll
2013-10-19 19:13:35    2399584    ----a-w-    C:\Windows\System32\RaCertMgr.dll
2013-10-19 19:13:35    1607008    ----a-w-    C:\Windows\SysWow64\RaCertMgr.dll
2013-10-19 19:13:35    128864    ----a-w-    C:\Windows\SysWow64\RAEXTUI.dll
2013-10-19 19:13:35    128864    ----a-w-    C:\Windows\System32\RAEXTUI.dll
2013-10-19 19:13:35    1112928    ----a-w-    C:\Windows\SysWow64\RAIHV.dll
2013-10-19 19:13:35    1112928    ----a-w-    C:\Windows\System32\RAIHV.dll
2013-10-19 19:13:35    --------    d-----w-    C:\Windows\System32\RaLanguages
2013-10-19 19:13:34    792416    ----a-w-    C:\Windows\SysWow64\DiagFunc.dll
2013-10-19 19:13:33    --------    d-----w-    C:\Program Files (x86)\TP-LINK
2013-10-17 15:46:30    --------    d-----w-    C:\Program Files (x86)\RAR Password Unlocker
2013-10-17 15:46:21    --------    d-----w-    C:\Users\nne\AppData\Local\Programs
2013-10-17 14:24:00    --------    d-----w-    C:\Program Files (x86)\Hercules
.
==================== Find3M  ====================
.
2013-10-31 06:46:14    189936    ----a-w-    C:\Windows\System32\drivers\aswVmm.sys
2013-10-31 06:46:13    72016    ----a-w-    C:\Windows\System32\drivers\aswRdr2.sys
2013-10-31 06:46:13    65336    ----a-w-    C:\Windows\System32\drivers\aswRvrt.sys
2013-10-31 06:46:13    270824    ----a-w-    C:\Windows\System32\drivers\aswNdis2.sys
2013-10-31 06:46:13    1030952    ----a-w-    C:\Windows\System32\drivers\aswSnx.sys
2013-10-31 06:46:12    80816    ----a-w-    C:\Windows\System32\drivers\aswMonFlt.sys
2013-10-31 06:46:12    22600    ----a-w-    C:\Windows\System32\drivers\aswKbd.sys
2013-10-31 06:46:12    131232    ----a-w-    C:\Windows\System32\drivers\aswFW.sys
2013-10-31 06:45:43    41664    ----a-w-    C:\Windows\avastSS.scr
2013-10-17 10:50:55    1004    --sha-w-    C:\ProgramData\KGyGaAvL.sys
2013-10-10 10:09:04    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-30 15:53:00    829264    ----a-w-    C:\Windows\System32\msvcr100.dll
2013-09-30 15:53:00    608080    ----a-w-    C:\Windows\System32\msvcp100.dll
2013-09-06 12:25:40    131856    ----a-w-    C:\Windows\System32\drivers\VBoxNetAdp.sys
2013-09-04 12:12:11    343040    ----a-w-    C:\Windows\System32\drivers\usbhub.sys
2013-09-04 12:11:51    325120    ----a-w-    C:\Windows\System32\drivers\usbport.sys
2013-09-04 12:11:49    99840    ----a-w-    C:\Windows\System32\drivers\usbccgp.sys
2013-09-04 12:11:43    52736    ----a-w-    C:\Windows\System32\drivers\usbehci.sys
2013-09-04 12:11:43    30720    ----a-w-    C:\Windows\System32\drivers\usbuhci.sys
2013-09-04 12:11:42    25600    ----a-w-    C:\Windows\System32\drivers\usbohci.sys
2013-09-04 12:11:40    7808    ----a-w-    C:\Windows\System32\drivers\usbd.sys
2013-09-03 12:35:10    278800    ----a-w-    C:\Windows\System32\MpSigStub.exe
2013-08-28 01:21:06    3155968    ----a-w-    C:\Windows\System32\win32k.sys
2009-09-27 07:39:26    369152    --sh--w-    C:\Windows\SysWOW64\avisynth.dll
2005-07-14 10:31:20    32256    --sh--w-    C:\Windows\SysWOW64\AVSredirect.dll
2004-02-22 08:11:08    719872    --sh--w-    C:\Windows\SysWOW64\devil.dll
2004-01-24 22:00:00    70656    --sh--w-    C:\Windows\SysWOW64\i420vfw.dll
2004-06-26 15:39:18    438272    --sh--w-    C:\Windows\SysWOW64\vp6vfw.dll
2004-01-24 22:00:00    70656    --sh--w-    C:\Windows\SysWOW64\yv12vfw.dll
.
============= FINISH: 11:12:04,17 ===============
 

and finally log tdskiller:

 

11:30:19.0000 8092  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:30:21.0012 8092  ============================================================
11:30:21.0012 8092  Current date / time: 2013/11/14 11:30:21.0012
11:30:21.0012 8092  SystemInfo:
11:30:21.0012 8092  
11:30:21.0012 8092  OS Version: 6.1.7601 ServicePack: 1.0
11:30:21.0012 8092  Product type: Workstation
11:30:21.0012 8092  ComputerName: AZERTY
11:30:21.0012 8092  UserName: nne
11:30:21.0012 8092  Windows directory: C:\Windows
11:30:21.0012 8092  System windows directory: C:\Windows
11:30:21.0012 8092  Running under WOW64
11:30:21.0012 8092  Processor architecture: Intel x64
11:30:21.0012 8092  Number of processors: 8
11:30:21.0012 8092  Page size: 0x1000
11:30:21.0012 8092  Boot type: Normal boot
11:30:21.0012 8092  ============================================================
11:30:22.0182 8092  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:30:22.0494 8092  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:30:22.0525 8092  Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:30:25.0661 8092  Drive \Device\Harddisk4\DR4 - Size: 0x3B6000000 (14.84 Gb), SectorSize: 0x200, Cylinders: 0x791, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:30:25.0677 8092  ============================================================
11:30:25.0677 8092  \Device\Harddisk0\DR0:
11:30:25.0692 8092  MBR partitions:
11:30:25.0692 8092  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC8000, BlocksNum 0x1D0AE800
11:30:25.0692 8092  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D176800, BlocksNum 0x1D20F800
11:30:25.0692 8092  \Device\Harddisk1\DR1:
11:30:26.0020 8092  MBR partitions:
11:30:26.0020 8092  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
11:30:26.0020 8092  \Device\Harddisk2\DR2:
11:30:26.0020 8092  MBR partitions:
11:30:26.0020 8092  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
11:30:26.0020 8092  \Device\Harddisk4\DR4:
11:30:26.0020 8092  MBR partitions:
11:30:26.0020 8092  \Device\Harddisk4\DR4\Partition1: MBR, Type 0xC, StartLBA 0x928, BlocksNum 0x1DAF6D8
11:30:26.0020 8092  ============================================================
11:30:26.0051 8092  C: <-> \Device\Harddisk0\DR0\Partition1
11:30:26.0067 8092  D: <-> \Device\Harddisk1\DR1\Partition1
11:30:26.0098 8092  E: <-> \Device\Harddisk0\DR0\Partition2
11:30:26.0129 8092  L: <-> \Device\Harddisk2\DR2\Partition1
11:30:26.0129 8092  ============================================================
11:30:26.0129 8092  Initialize success
11:30:26.0129 8092  ============================================================
11:32:11.0206 1436  ============================================================
11:32:11.0206 1436  Scan started
11:32:11.0206 1436  Mode: Manual;
11:32:11.0206 1436  ============================================================
11:32:12.0263 1436  ================ Scan system memory ========================
11:32:12.0263 1436  System memory - ok
11:32:12.0263 1436  ================ Scan services =============================
11:32:12.0388 1436  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:32:12.0388 1436  1394ohci - ok
11:32:12.0403 1436  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:32:12.0419 1436  ACPI - ok
11:32:12.0419 1436  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:32:12.0419 1436  AcpiPmi - ok
11:32:12.0450 1436  [ 58F7D09BACA61B019227AF0D07564739 ] ACSSCR          C:\Windows\system32\DRIVERS\a38usb.sys
11:32:12.0450 1436  ACSSCR - ok
11:32:12.0513 1436  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:32:12.0513 1436  AdobeARMservice - ok
11:32:12.0622 1436  [ A283108E14F3970432C21AF4C0CB1BCE ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:32:12.0637 1436  AdobeFlashPlayerUpdateSvc - ok
11:32:12.0669 1436  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
11:32:12.0669 1436  adp94xx - ok
11:32:12.0700 1436  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
11:32:12.0700 1436  adpahci - ok
11:32:12.0715 1436  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
11:32:12.0715 1436  adpu320 - ok
11:32:12.0731 1436  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:32:12.0731 1436  AeLookupSvc - ok
11:32:12.0762 1436  [ 0D0E5281784C2C526BA43C2ECD374288 ] Afc             C:\Windows\syswow64\drivers\Afc.sys
11:32:12.0778 1436  Afc - ok
11:32:12.0809 1436  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
11:32:12.0809 1436  AFD - ok
11:32:12.0840 1436  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
11:32:12.0840 1436  agp440 - ok
11:32:12.0871 1436  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
11:32:12.0871 1436  ALG - ok
11:32:12.0887 1436  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:32:12.0903 1436  aliide - ok
11:32:12.0918 1436  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
11:32:12.0918 1436  amdide - ok
11:32:12.0949 1436  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
11:32:12.0949 1436  AmdK8 - ok
11:32:12.0965 1436  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
11:32:12.0965 1436  AmdPPM - ok
11:32:12.0996 1436  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:32:12.0996 1436  amdsata - ok
11:32:13.0012 1436  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
11:32:13.0012 1436  amdsbs - ok
11:32:13.0027 1436  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:32:13.0027 1436  amdxata - ok
11:32:13.0059 1436  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
11:32:13.0059 1436  AppID - ok
11:32:13.0090 1436  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:32:13.0090 1436  AppIDSvc - ok
11:32:13.0137 1436  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
11:32:13.0137 1436  Appinfo - ok
11:32:13.0168 1436  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
11:32:13.0168 1436  arc - ok
11:32:13.0183 1436  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
11:32:13.0183 1436  arcsas - ok
11:32:13.0230 1436  [ E890B3CD47B013692960BFA6607D10C0 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
11:32:13.0230 1436  aswFsBlk - ok
11:32:13.0277 1436  [ 84F74D9072858B8E7D25A88FB94FBB57 ] aswFW           C:\Windows\system32\drivers\aswFW.sys
11:32:13.0277 1436  aswFW - ok
11:32:13.0308 1436  [ 913CA1EC22C2A1717B21447DE0594640 ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
11:32:13.0308 1436  aswKbd - ok
11:32:13.0324 1436  [ D4C39799426382DDA073CD44E65AF533 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
11:32:13.0324 1436  aswMonFlt - ok
11:32:13.0355 1436  [ 518B8D447A1975AB46DA093A2E743256 ] aswNdis         C:\Windows\system32\DRIVERS\aswNdis.sys
11:32:13.0355 1436  aswNdis - ok
11:32:13.0402 1436  [ D92F69F96E8DB3A2C1773CAB21FC3BC2 ] aswNdis2        C:\Windows\system32\drivers\aswNdis2.sys
11:32:13.0402 1436  aswNdis2 - ok
11:32:13.0417 1436  [ 54E6D9551DCBC13604DD3257C14C08D8 ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
11:32:13.0417 1436  aswRdr - ok
11:32:13.0433 1436  [ 27BE5089DE6D19AD78894949630488FD ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
11:32:13.0433 1436  aswRvrt - ok
11:32:13.0464 1436  [ B18E19313FFB92E173DAF93C38148893 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
11:32:13.0464 1436  aswSnx - ok
11:32:13.0495 1436  [ 4513474C63D67EEE4734D4D2ACFD19E7 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
11:32:13.0495 1436  aswSP - ok
11:32:13.0527 1436  [ 7DFB9A17DDBF9B6AA7859923A3C8FE62 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
11:32:13.0527 1436  aswTdi - ok
11:32:13.0542 1436  [ 18A402335BAA2C6D3334596CA71BB3CF ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
11:32:13.0542 1436  aswVmm - ok
11:32:13.0558 1436  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:32:13.0558 1436  AsyncMac - ok
11:32:13.0573 1436  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
11:32:13.0573 1436  atapi - ok
11:32:13.0620 1436  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:32:13.0636 1436  AudioEndpointBuilder - ok
11:32:13.0636 1436  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:32:13.0636 1436  AudioSrv - ok
11:32:13.0714 1436  [ 9330941C8F6DF417F6DBBE998DB6687E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
11:32:13.0714 1436  avast! Antivirus - ok
11:32:13.0761 1436  [ 68E3356BC848124F56BDAC3C70C2E54B ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
11:32:13.0761 1436  avast! Firewall - ok
11:32:13.0792 1436  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:32:13.0792 1436  AxInstSV - ok
11:32:13.0823 1436  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
11:32:13.0823 1436  b06bdrv - ok
11:32:13.0854 1436  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:32:13.0854 1436  b57nd60a - ok
11:32:13.0885 1436  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:32:13.0885 1436  BDESVC - ok
11:32:13.0885 1436  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:32:13.0885 1436  Beep - ok
11:32:13.0948 1436  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
11:32:13.0948 1436  BFE - ok
11:32:13.0979 1436  [ ACC9C8C560C567FAD6F79C977AB2EA09 ] bgsvcgen        C:\Windows\SysWOW64\bgsvcgen.exe
11:32:13.0979 1436  bgsvcgen - ok
11:32:14.0010 1436  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
11:32:14.0026 1436  BITS - ok
11:32:14.0026 1436  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:32:14.0041 1436  blbdrive - ok
11:32:14.0057 1436  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:32:14.0057 1436  bowser - ok
11:32:14.0088 1436  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:32:14.0088 1436  BrFiltLo - ok
11:32:14.0088 1436  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:32:14.0104 1436  BrFiltUp - ok
11:32:14.0135 1436  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
11:32:14.0135 1436  BridgeMP - ok
11:32:14.0182 1436  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
11:32:14.0182 1436  Browser - ok
11:32:14.0197 1436  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:32:14.0197 1436  Brserid - ok
11:32:14.0197 1436  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:32:14.0197 1436  BrSerWdm - ok
11:32:14.0213 1436  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:32:14.0213 1436  BrUsbMdm - ok
11:32:14.0213 1436  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:32:14.0213 1436  BrUsbSer - ok
11:32:14.0229 1436  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
11:32:14.0229 1436  BTHMODEM - ok
11:32:14.0244 1436  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
11:32:14.0244 1436  bthserv - ok
11:32:14.0244 1436  catchme - ok
11:32:14.0260 1436  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:32:14.0260 1436  cdfs - ok
11:32:14.0291 1436  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:32:14.0307 1436  cdrom - ok
11:32:14.0338 1436  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
11:32:14.0338 1436  CertPropSvc - ok
11:32:14.0400 1436  [ 41E7C4FA6491747402CFCA77CC1C7AAB ] cfWiMAXService  C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
11:32:14.0400 1436  cfWiMAXService - ok
11:32:14.0431 1436  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
11:32:14.0431 1436  circlass - ok
11:32:14.0447 1436  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
11:32:14.0447 1436  CLFS - ok
11:32:14.0494 1436  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:32:14.0494 1436  clr_optimization_v2.0.50727_32 - ok
11:32:14.0541 1436  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:32:14.0541 1436  clr_optimization_v2.0.50727_64 - ok
11:32:14.0603 1436  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:32:14.0603 1436  clr_optimization_v4.0.30319_32 - ok
11:32:14.0650 1436  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:32:14.0650 1436  clr_optimization_v4.0.30319_64 - ok
11:32:14.0681 1436  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
11:32:14.0681 1436  CmBatt - ok
11:32:14.0712 1436  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:32:14.0712 1436  cmdide - ok
11:32:14.0759 1436  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
11:32:14.0759 1436  CNG - ok
11:32:14.0790 1436  [ A7D943BCFB70F1F053C274B348267B55 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
11:32:14.0806 1436  CnxtHdAudService - ok
11:32:14.0821 1436  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
11:32:14.0821 1436  Compbatt - ok
11:32:14.0837 1436  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
11:32:14.0853 1436  CompositeBus - ok
11:32:14.0853 1436  COMSysApp - ok
11:32:14.0884 1436  [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
11:32:14.0884 1436  ConfigFree Service - ok
11:32:14.0899 1436  [ 262969A3FAB32B9E17E63E2D17A57744 ] cpuz135         C:\Windows\system32\drivers\cpuz135_x64.sys
11:32:14.0899 1436  cpuz135 - ok
11:32:14.0915 1436  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
11:32:14.0915 1436  crcdisk - ok
11:32:14.0946 1436  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:32:14.0946 1436  CryptSvc - ok
11:32:15.0024 1436  [ FD557A50A65E44041CD2FCEF4BEB04DB ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
11:32:15.0040 1436  cvhsvc - ok
11:32:15.0071 1436  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:32:15.0071 1436  DcomLaunch - ok
11:32:15.0102 1436  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
11:32:15.0102 1436  defragsvc - ok
11:32:15.0133 1436  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:32:15.0133 1436  DfsC - ok
11:32:15.0180 1436  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:32:15.0180 1436  Dhcp - ok
11:32:15.0227 1436  [ 8FBB1FFC6F13F9D5EE8480B36BAFFC52 ] DIRECTIO        C:\Program Files\PerformanceTest\DirectIo64.sys
11:32:15.0227 1436  DIRECTIO - ok
11:32:15.0243 1436  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
11:32:15.0243 1436  discache - ok
11:32:15.0274 1436  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
11:32:15.0274 1436  Disk - ok
11:32:15.0305 1436  [ EA30E307C7597CD63FD80789381AA7EE ] DLABMFSE        C:\Windows\system32\Drivers\DLABMFSE.SYS
11:32:15.0321 1436  DLABMFSE - ok
11:32:15.0336 1436  [ 1D393BA0B3E3CD9C104CB38FF72FBE95 ] DLABOIOE        C:\Windows\system32\Drivers\DLABOIOE.SYS
11:32:15.0336 1436  DLABOIOE - ok
11:32:15.0352 1436  [ 2575C3CA7C51B9D14A3ABFC622C9E6C7 ] DLACDBHE        C:\Windows\system32\Drivers\DLACDBHE.SYS
11:32:15.0352 1436  DLACDBHE - ok
11:32:15.0367 1436  [ C5E51BD669E3C04A1FD4184EF6CAA6AF ] DLADResE        C:\Windows\system32\Drivers\DLADResE.SYS
11:32:15.0367 1436  DLADResE - ok
11:32:15.0383 1436  [ 431F127D564ABADE3AC737B4575C6B9C ] DLAIFS_E        C:\Windows\system32\Drivers\DLAIFS_E.SYS
11:32:15.0383 1436  DLAIFS_E - ok
11:32:15.0414 1436  [ EC379D9C31DD6597CFDF97DB44C3B370 ] DLAOPIOE        C:\Windows\system32\Drivers\DLAOPIOE.SYS
11:32:15.0414 1436  DLAOPIOE - ok
11:32:15.0430 1436  [ 4F64A963E4213FC83943B8D6E6C4C5C6 ] DLAPoolE        C:\Windows\system32\Drivers\DLAPoolE.SYS
11:32:15.0430 1436  DLAPoolE - ok
11:32:15.0445 1436  [ 6D818721DD4A5E86683CC4BC5FD447FB ] DLARTL_E        C:\Windows\system32\Drivers\DLARTL_E.SYS
11:32:15.0445 1436  DLARTL_E - ok
11:32:15.0477 1436  [ 3ADEF2CF78438F74035F5D1248204124 ] DLAUDFAE        C:\Windows\system32\Drivers\DLAUDFAE.SYS
11:32:15.0477 1436  DLAUDFAE - ok
11:32:15.0508 1436  [ ADF79D03473E320788EC0F2CFF3091D4 ] DLAUDF_E        C:\Windows\system32\Drivers\DLAUDF_E.SYS
11:32:15.0508 1436  DLAUDF_E - ok
11:32:15.0539 1436  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:32:15.0539 1436  Dnscache - ok
11:32:15.0586 1436  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:32:15.0586 1436  dot3svc - ok
11:32:15.0633 1436  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
11:32:15.0633 1436  DPS - ok
11:32:15.0648 1436  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:32:15.0648 1436  drmkaud - ok
11:32:15.0664 1436  [ 0E0C5B8768CFB27A513FE8528A291EF9 ] DRVECDB         C:\Windows\system32\Drivers\DRVECDB.SYS
11:32:15.0664 1436  DRVECDB - ok
11:32:15.0679 1436  [ FBF2605C90BD04C3B625A67961EEABB6 ] DRVEDDM         C:\Windows\system32\Drivers\DRVEDDM.SYS
11:32:15.0695 1436  DRVEDDM - ok
11:32:15.0742 1436  [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:32:15.0757 1436  DXGKrnl - ok
11:32:15.0773 1436  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
11:32:15.0773 1436  EapHost - ok
11:32:15.0851 1436  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
11:32:15.0882 1436  ebdrv - ok
11:32:15.0913 1436  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
11:32:15.0913 1436  EFS - ok
11:32:15.0960 1436  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:32:15.0976 1436  ehRecvr - ok
11:32:16.0007 1436  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
11:32:16.0007 1436  ehSched - ok
11:32:16.0054 1436  [ 2D96062588769E5F31DBE0C1C99EB086 ] eID CRL Service C:\Windows\SysWOW64\beidservicecrl.exe
11:32:16.0054 1436  eID CRL Service - ok
11:32:16.0085 1436  [ 2CCCD74F69473B60CB904DC466077AC0 ] eID Privacy Service C:\Windows\SysWOW64\beidservicepcsc.exe
11:32:16.0085 1436  eID Privacy Service - ok
11:32:16.0116 1436  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
11:32:16.0116 1436  elxstor - ok
11:32:16.0163 1436  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:32:16.0179 1436  ErrDev - ok
11:32:16.0272 1436  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
11:32:16.0350 1436  EventSystem - ok
11:32:16.0397 1436  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
11:32:16.0397 1436  exfat - ok
11:32:16.0413 1436  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:32:16.0413 1436  fastfat - ok
11:32:16.0459 1436  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
11:32:16.0459 1436  Fax - ok
11:32:16.0475 1436  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
11:32:16.0475 1436  fdc - ok
11:32:16.0491 1436  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
11:32:16.0491 1436  fdPHost - ok
11:32:16.0506 1436  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:32:16.0506 1436  FDResPub - ok
11:32:16.0522 1436  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:32:16.0522 1436  FileInfo - ok
11:32:16.0537 1436  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:32:16.0537 1436  Filetrace - ok
11:32:16.0569 1436  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
11:32:16.0569 1436  flpydisk - ok
11:32:16.0600 1436  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:32:16.0600 1436  FltMgr - ok
11:32:16.0647 1436  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
11:32:16.0678 1436  FontCache - ok
11:32:16.0740 1436  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:32:16.0740 1436  FontCache3.0.0.0 - ok
11:32:16.0756 1436  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:32:16.0771 1436  FsDepends - ok
11:32:16.0803 1436  [ DDEE99DC54EFA20BD5A442CD733C4462 ] FsUsbExDisk     C:\Windows\SysWOW64\FsUsbExDisk.SYS
11:32:16.0803 1436  FsUsbExDisk - ok
11:32:16.0818 1436  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:32:16.0818 1436  Fs_Rec - ok
11:32:16.0865 1436  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:32:16.0865 1436  fvevol - ok
11:32:16.0896 1436  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
11:32:16.0896 1436  gagp30kx - ok
11:32:16.0943 1436  [ 1A0B9D84BEB3306F728BC3009D432F5C ] GameConsoleService C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
11:32:16.0959 1436  GameConsoleService - ok
11:32:17.0037 1436  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
11:32:17.0052 1436  gpsvc - ok
11:32:17.0161 1436  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:32:17.0161 1436  gupdate - ok
11:32:17.0177 1436  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:32:17.0177 1436  gupdatem - ok
11:32:17.0239 1436  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
11:32:17.0239 1436  gusvc - ok
11:32:17.0302 1436  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:32:17.0302 1436  hcw85cir - ok
11:32:17.0349 1436  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:32:17.0364 1436  HdAudAddService - ok
11:32:17.0380 1436  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
11:32:17.0380 1436  HDAudBus - ok
11:32:17.0427 1436  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
11:32:17.0427 1436  HECIx64 - ok
11:32:17.0442 1436  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
11:32:17.0442 1436  HidBatt - ok
11:32:17.0458 1436  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
11:32:17.0458 1436  HidBth - ok
11:32:17.0473 1436  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
11:32:17.0473 1436  HidIr - ok
11:32:17.0489 1436  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
11:32:17.0489 1436  hidserv - ok
11:32:17.0520 1436  [ F44381F466CFCEE8E850DE6BBFA43FE2 ] hidshim         C:\Windows\system32\DRIVERS\hidshim.sys
11:32:17.0520 1436  hidshim - ok
11:32:17.0551 1436  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:32:17.0551 1436  HidUsb - ok
11:32:17.0583 1436  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:32:17.0598 1436  hkmsvc - ok
11:32:17.0645 1436  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:32:17.0645 1436  HomeGroupListener - ok
11:32:17.0661 1436  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:32:17.0661 1436  HomeGroupProvider - ok
11:32:17.0692 1436  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:32:17.0692 1436  HpSAMD - ok
11:32:17.0723 1436  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:32:17.0723 1436  HTTP - ok
11:32:17.0739 1436  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:32:17.0739 1436  hwpolicy - ok
11:32:17.0770 1436  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
11:32:17.0770 1436  i8042prt - ok
11:32:17.0801 1436  [ 5E60DD5F090AB4A563C7204C289C4650 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
11:32:17.0801 1436  iaStor - ok
11:32:17.0848 1436  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:32:17.0863 1436  iaStorV - ok
11:32:17.0895 1436  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
11:32:17.0895 1436  IDriverT - ok
11:32:17.0957 1436  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:32:17.0957 1436  idsvc - ok
11:32:17.0973 1436  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
11:32:17.0973 1436  iirsp - ok
11:32:18.0035 1436  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
11:32:18.0035 1436  IKEEXT - ok
11:32:18.0066 1436  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
11:32:18.0066 1436  intelide - ok
11:32:18.0082 1436  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:32:18.0082 1436  intelppm - ok
11:32:18.0113 1436  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:32:18.0113 1436  IPBusEnum - ok
11:32:18.0144 1436  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:32:18.0160 1436  IpFilterDriver - ok
11:32:18.0191 1436  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:32:18.0207 1436  iphlpsvc - ok
11:32:18.0238 1436  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:32:18.0238 1436  IPMIDRV - ok
11:32:18.0269 1436  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:32:18.0269 1436  IPNAT - ok
11:32:18.0285 1436  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:32:18.0285 1436  IRENUM - ok
11:32:18.0285 1436  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:32:18.0285 1436  isapnp - ok
11:32:18.0300 1436  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:32:18.0316 1436  iScsiPrt - ok
11:32:18.0363 1436  [ F415A88162D23977B5EDAE4F0410E903 ] IviRegMgr       C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
11:32:18.0363 1436  IviRegMgr - ok
11:32:18.0378 1436  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
11:32:18.0378 1436  kbdclass - ok
11:32:18.0378 1436  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
11:32:18.0378 1436  kbdhid - ok
11:32:18.0394 1436  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
11:32:18.0409 1436  KeyIso - ok
11:32:18.0425 1436  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:32:18.0425 1436  KSecDD - ok
11:32:18.0472 1436  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:32:18.0472 1436  KSecPkg - ok
11:32:18.0472 1436  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:32:18.0472 1436  ksthunk - ok
11:32:18.0503 1436  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:32:18.0503 1436  KtmRm - ok
11:32:18.0534 1436  [ FF60E112FC03F6D0EB74B3BFD7D6B7C9 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
11:32:18.0534 1436  L1C - ok
11:32:18.0581 1436  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
11:32:18.0581 1436  LanmanServer - ok
11:32:18.0612 1436  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:32:18.0612 1436  LanmanWorkstation - ok
11:32:18.0643 1436  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:32:18.0643 1436  lltdio - ok
11:32:18.0690 1436  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:32:18.0690 1436  lltdsvc - ok
11:32:18.0706 1436  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:32:18.0706 1436  lmhosts - ok
11:32:18.0784 1436  [ DBC1136A62BD4DECC3632DF650284C2E ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
11:32:18.0784 1436  LMS - ok
11:32:18.0815 1436  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
11:32:18.0815 1436  LSI_FC - ok
11:32:18.0815 1436  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
11:32:18.0815 1436  LSI_SAS - ok
11:32:18.0831 1436  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:32:18.0831 1436  LSI_SAS2 - ok
11:32:18.0846 1436  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:32:18.0846 1436  LSI_SCSI - ok
11:32:18.0862 1436  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
11:32:18.0862 1436  luafv - ok
11:32:18.0955 1436  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
11:32:18.0955 1436  MBAMProtector - ok
11:32:19.0018 1436  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
11:32:19.0018 1436  MBAMScheduler - ok
11:32:19.0065 1436  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:32:19.0080 1436  MBAMService - ok
11:32:19.0127 1436  [ 0F8FE97E6B8F4566518469A1A9738C6D ] McAfee SiteAdvisor Service c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe
11:32:19.0127 1436  McAfee SiteAdvisor Service - ok
11:32:19.0158 1436  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:32:19.0158 1436  Mcx2Svc - ok
11:32:19.0205 1436  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
11:32:19.0205 1436  megasas - ok
11:32:19.0236 1436  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
11:32:19.0252 1436  MegaSR - ok
11:32:19.0283 1436  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
11:32:19.0283 1436  MMCSS - ok
11:32:19.0299 1436  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
11:32:19.0299 1436  Modem - ok
11:32:19.0314 1436  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:32:19.0314 1436  monitor - ok
11:32:19.0345 1436  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:32:19.0345 1436  mouclass - ok
11:32:19.0345 1436  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:32:19.0345 1436  mouhid - ok
11:32:19.0377 1436  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:32:19.0377 1436  mountmgr - ok
11:32:19.0439 1436  [ 5D494509432897338AFC19DB78A76DCB ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:32:19.0439 1436  MozillaMaintenance - ok
11:32:19.0470 1436  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:32:19.0486 1436  mpio - ok
11:32:19.0501 1436  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:32:19.0501 1436  mpsdrv - ok
11:32:19.0548 1436  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:32:19.0564 1436  MpsSvc - ok
11:32:19.0595 1436  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:32:19.0595 1436  MRxDAV - ok
11:32:19.0626 1436  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:32:19.0626 1436  mrxsmb - ok
11:32:19.0642 1436  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:32:19.0642 1436  mrxsmb10 - ok
11:32:19.0657 1436  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:32:19.0657 1436  mrxsmb20 - ok
11:32:19.0689 1436  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:32:19.0689 1436  msahci - ok
11:32:19.0720 1436  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:32:19.0720 1436  msdsm - ok
11:32:19.0735 1436  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
11:32:19.0735 1436  MSDTC - ok
11:32:19.0798 1436  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:32:19.0798 1436  Msfs - ok
11:32:19.0813 1436  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:32:19.0813 1436  mshidkmdf - ok
11:32:19.0829 1436  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:32:19.0829 1436  msisadrv - ok
11:32:19.0845 1436  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:32:19.0860 1436  MSiSCSI - ok
11:32:19.0860 1436  msiserver - ok
11:32:19.0876 1436  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:32:19.0876 1436  MSKSSRV - ok
11:32:19.0891 1436  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:32:19.0891 1436  MSPCLOCK - ok
11:32:19.0907 1436  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:32:19.0907 1436  MSPQM - ok
11:32:19.0938 1436  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:32:19.0938 1436  MsRPC - ok
11:32:19.0969 1436  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
11:32:19.0969 1436  mssmbios - ok
11:32:19.0985 1436  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:32:19.0985 1436  MSTEE - ok
11:32:20.0001 1436  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
11:32:20.0001 1436  MTConfig - ok
11:32:20.0016 1436  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
11:32:20.0016 1436  Mup - ok
11:32:20.0047 1436  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
11:32:20.0063 1436  napagent - ok
11:32:20.0094 1436  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:32:20.0094 1436  NativeWifiP - ok
11:32:20.0141 1436  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:32:20.0141 1436  NDIS - ok
11:32:20.0157 1436  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:32:20.0157 1436  NdisCap - ok
11:32:20.0172 1436  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:32:20.0172 1436  NdisTapi - ok
11:32:20.0203 1436  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:32:20.0203 1436  Ndisuio - ok
11:32:20.0235 1436  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:32:20.0235 1436  NdisWan - ok
11:32:20.0250 1436  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:32:20.0250 1436  NDProxy - ok
11:32:20.0328 1436  [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
11:32:20.0344 1436  Nero BackItUp Scheduler 4.0 - ok
11:32:20.0359 1436  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:32:20.0375 1436  NetBIOS - ok
11:32:20.0391 1436  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:32:20.0391 1436  NetBT - ok
11:32:20.0406 1436  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
11:32:20.0406 1436  Netlogon - ok
11:32:20.0437 1436  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
11:32:20.0437 1436  Netman - ok
11:32:20.0453 1436  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
11:32:20.0469 1436  netprofm - ok
11:32:20.0531 1436  [ 81B8D0C1CE44A7FDBD596B693783950C ] netr7364        C:\Windows\system32\DRIVERS\netr7364.sys
11:32:20.0531 1436  netr7364 - ok
11:32:20.0562 1436  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:32:20.0562 1436  NetTcpPortSharing - ok
11:32:20.0593 1436  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
11:32:20.0593 1436  nfrd960 - ok
11:32:20.0609 1436  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:32:20.0625 1436  NlaSvc - ok
11:32:20.0640 1436  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:32:20.0640 1436  Npfs - ok
11:32:20.0656 1436  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
11:32:20.0656 1436  nsi - ok
11:32:20.0671 1436  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:32:20.0687 1436  nsiproxy - ok
11:32:20.0749 1436  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:32:20.0765 1436  Ntfs - ok
11:32:20.0781 1436  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
11:32:20.0781 1436  Null - ok
11:32:20.0812 1436  [ 4F990BD111CF94891104193F8787788F ] nuvotoncir      C:\Windows\system32\DRIVERS\nuvotoncir.sys
11:32:20.0812 1436  nuvotoncir - ok
11:32:20.0812 1436  [ 05416052F584E7488DCE7F6BCE4E75A1 ] nuvotonhidcir   C:\Windows\system32\DRIVERS\nuvotonhidcir.sys
11:32:20.0827 1436  nuvotonhidcir - ok
11:32:20.0859 1436  [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
11:32:20.0859 1436  NVHDA - ok
11:32:21.0077 1436  [ 6850D89C7ABDD8B4FB0B3659DA961379 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:32:21.0139 1436  nvlddmkm - ok
11:32:21.0233 1436  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:32:21.0233 1436  nvraid - ok
11:32:21.0249 1436  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:32:21.0264 1436  nvstor - ok
11:32:21.0295 1436  [ 2CBAF74C49C472160EBD73ADAB8DAB50 ] nvsvc           C:\Windows\system32\nvvsvc.exe
11:32:21.0295 1436  nvsvc - ok
11:32:21.0327 1436  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:32:21.0327 1436  nv_agp - ok
11:32:21.0358 1436  [ D955D5DE998DB2476BF0892BE3A96C26 ] O2FLASH         C:\Windows\system32\DRIVERS\o2flash.exe
11:32:21.0358 1436  O2FLASH - ok
11:32:21.0373 1436  [ 74C90D2A1CF5E49A2F8D64B7245372DD ] O2MDGRDR        C:\Windows\system32\DRIVERS\o2mdgx64.sys
11:32:21.0373 1436  O2MDGRDR - ok
11:32:21.0389 1436  [ FA1EED3A10992EBA9A39172B50346434 ] O2SDGRDR        C:\Windows\system32\DRIVERS\o2sdgx64.sys
11:32:21.0389 1436  O2SDGRDR - ok
11:32:21.0436 1436  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:32:21.0436 1436  ohci1394 - ok
11:32:21.0545 1436  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:32:21.0576 1436  ose - ok
11:32:21.0748 1436  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:32:21.0795 1436  osppsvc - ok
11:32:21.0826 1436  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:32:21.0841 1436  p2pimsvc - ok
11:32:21.0841 1436  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
11:32:21.0857 1436  p2psvc - ok
11:32:21.0873 1436  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
11:32:21.0873 1436  Parport - ok
11:32:21.0904 1436  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:32:21.0904 1436  partmgr - ok
11:32:21.0919 1436  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:32:21.0919 1436  PcaSvc - ok
11:32:21.0951 1436  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
11:32:21.0966 1436  pci - ok
11:32:21.0997 1436  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
11:32:21.0997 1436  pciide - ok
11:32:22.0013 1436  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
11:32:22.0013 1436  pcmcia - ok
11:32:22.0044 1436  [ AF7CE12C4F3DC8CB2B07685C916BBCFE ] pcouffin        C:\Windows\system32\Drivers\pcouffin.sys
11:32:22.0044 1436  pcouffin - ok
11:32:22.0060 1436  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:32:22.0060 1436  pcw - ok
11:32:22.0075 1436  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:32:22.0091 1436  PEAUTH - ok
11:32:22.0153 1436  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:32:22.0153 1436  PerfHost - ok
11:32:22.0185 1436  [ 663962900E7FEA522126BA287715BB4A ] PGEffect        C:\Windows\system32\DRIVERS\pgeffect.sys
11:32:22.0185 1436  PGEffect - ok
11:32:22.0247 1436  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
11:32:22.0247 1436  pla - ok
11:32:22.0294 1436  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:32:22.0309 1436  PlugPlay - ok
11:32:22.0325 1436  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:32:22.0325 1436  PNRPAutoReg - ok
11:32:22.0341 1436  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:32:22.0356 1436  PNRPsvc - ok
11:32:22.0387 1436  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:32:22.0387 1436  PolicyAgent - ok
11:32:22.0419 1436  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
11:32:22.0434 1436  Power - ok
11:32:22.0465 1436  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:32:22.0465 1436  PptpMiniport - ok
11:32:22.0481 1436  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
11:32:22.0481 1436  Processor - ok
11:32:22.0512 1436  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:32:22.0512 1436  ProfSvc - ok
11:32:22.0528 1436  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:32:22.0528 1436  ProtectedStorage - ok
11:32:22.0746 1436  [ CE553162FE1BD8D2BF083D94E19B6EFB ] PRTGCoreService C:\Program Files (x86)\PRTG Network Monitor\64 bit\PRTG Server.exe
11:32:22.0809 1436  PRTGCoreService - ok
11:32:23.0011 1436  [ 8C3A5E2952AC459AAE8C2AEDEADF3F91 ] PRTGProbeService C:\Program Files (x86)\PRTG Network Monitor\PRTG Probe.exe
11:32:23.0058 1436  PRTGProbeService - ok
11:32:23.0089 1436  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:32:23.0089 1436  Psched - ok
11:32:23.0121 1436  [ F036CFB275D0C55F4E45FBBF5F98B3C8 ] PSI_SVC_2       C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
11:32:23.0121 1436  PSI_SVC_2 - ok
11:32:23.0167 1436  [ 05F46042208E515B9C240AAFC54E7AA2 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
11:32:23.0167 1436  PxHlpa64 - ok
11:32:23.0183 1436  [ C8FCB4899F8B70CC34E0D9876A80963C ] QIOMem          C:\Windows\system32\DRIVERS\QIOMem.sys
11:32:23.0183 1436  QIOMem - ok
11:32:23.0230 1436  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
11:32:23.0245 1436  ql2300 - ok
11:32:23.0245 1436  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
11:32:23.0261 1436  ql40xx - ok
11:32:23.0277 1436  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
11:32:23.0292 1436  QWAVE - ok
11:32:23.0292 1436  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:32:23.0292 1436  QWAVEdrv - ok
11:32:23.0370 1436  [ 3FC8252625F2574036777D2981F839EE ] RalinkRegistryWriter C:\Program Files (x86)\TP-LINK\COMMON\RaRegistry.exe
11:32:23.0370 1436  RalinkRegistryWriter - ok
11:32:23.0386 1436  [ 3A6F58A249DF7466F9844F70499627F7 ] RalinkRegistryWriter64 C:\Program Files (x86)\TP-LINK\COMMON\RaRegistry64.exe
11:32:23.0386 1436  RalinkRegistryWriter64 - ok
11:32:23.0417 1436  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:32:23.0417 1436  RasAcd - ok
11:32:23.0448 1436  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:32:23.0448 1436  RasAgileVpn - ok
11:32:23.0464 1436  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
11:32:23.0464 1436  RasAuto - ok
11:32:23.0479 1436  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:32:23.0479 1436  Rasl2tp - ok
11:32:23.0526 1436  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
11:32:23.0526 1436  RasMan - ok
11:32:23.0542 1436  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:32:23.0542 1436  RasPppoe - ok
11:32:23.0573 1436  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:32:23.0573 1436  RasSstp - ok
11:32:23.0589 1436  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:32:23.0589 1436  rdbss - ok
11:32:23.0604 1436  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
11:32:23.0604 1436  rdpbus - ok
11:32:23.0620 1436  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:32:23.0620 1436  RDPCDD - ok
11:32:23.0620 1436  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:32:23.0620 1436  RDPENCDD - ok
11:32:23.0651 1436  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:32:23.0651 1436  RDPREFMP - ok
11:32:23.0682 1436  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:32:23.0682 1436  RdpVideoMiniport - ok
11:32:23.0698 1436  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:32:23.0698 1436  RDPWD - ok
11:32:23.0713 1436  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:32:23.0713 1436  rdyboost - ok
11:32:23.0729 1436  [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi            C:\Windows\system32\drivers\regi.sys
11:32:23.0729 1436  regi - ok
11:32:23.0776 1436  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:32:23.0776 1436  RemoteAccess - ok
11:32:23.0807 1436  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:32:23.0807 1436  RemoteRegistry - ok
11:32:23.0885 1436  [ 4A1A97F32B84B924FDD82EBEBC915924 ] Rohos           C:\Program Files (x86)\Rohos\ntserv.exe
11:32:23.0885 1436  Rohos - ok
11:32:23.0885 1436  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:32:23.0901 1436  RpcEptMapper - ok
11:32:23.0916 1436  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
11:32:23.0916 1436  RpcLocator - ok
11:32:23.0947 1436  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\System32\rpcss.dll
11:32:23.0947 1436  RpcSs - ok
11:32:23.0979 1436  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:32:23.0979 1436  rspndr - ok
11:32:24.0010 1436  [ 3EC7911ED886DC5D8A9F70129254679C ] RTL8187Se       C:\Windows\system32\DRIVERS\RTL8187Se.sys
11:32:24.0025 1436  RTL8187Se - ok
11:32:24.0072 1436  [ 789C177A1529F0453C625C68A4EF2F00 ] rtl8192se       C:\Windows\system32\DRIVERS\rtl8192se.sys
11:32:24.0072 1436  rtl8192se - ok
11:32:24.0088 1436  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
11:32:24.0088 1436  SamSs - ok
11:32:24.0135 1436  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:32:24.0135 1436  sbp2port - ok
11:32:24.0166 1436  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:32:24.0166 1436  SCardSvr - ok
11:32:24.0197 1436  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:32:24.0197 1436  scfilter - ok
11:32:24.0259 1436  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
11:32:24.0275 1436  Schedule - ok
11:32:24.0275 1436  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:32:24.0291 1436  SCPolicySvc - ok
11:32:24.0306 1436  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\drivers\sdbus.sys
11:32:24.0306 1436  sdbus - ok
11:32:24.0337 1436  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:32:24.0353 1436  SDRSVC - ok
11:32:24.0384 1436  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:32:24.0384 1436  secdrv - ok
11:32:24.0384 1436  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
11:32:24.0400 1436  seclogon - ok
11:32:24.0415 1436  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
11:32:24.0415 1436  SENS - ok
11:32:24.0431 1436  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:32:24.0447 1436  SensrSvc - ok
11:32:24.0462 1436  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
11:32:24.0462 1436  Serenum - ok
11:32:24.0462 1436  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
11:32:24.0478 1436  Serial - ok
11:32:24.0493 1436  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
11:32:24.0509 1436  sermouse - ok
11:32:24.0556 1436  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
11:32:24.0556 1436  SessionEnv - ok
11:32:24.0571 1436  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:32:24.0587 1436  sffdisk - ok
11:32:24.0587 1436  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:32:24.0587 1436  sffp_mmc - ok
11:32:24.0603 1436  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:32:24.0603 1436  sffp_sd - ok
11:32:24.0618 1436  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
11:32:24.0618 1436  sfloppy - ok
11:32:24.0649 1436  [ 2046AA7491DE7EFA4D70E615D9BC9D09 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
11:32:24.0665 1436  Sftfs - ok
11:32:24.0712 1436  [ 77C5A741A7452812F278EF2C18478862 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
11:32:24.0727 1436  sftlist - ok
11:32:24.0759 1436  [ 0E0446BC4D51BE4263ACB7E33491191C ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
11:32:24.0759 1436  Sftplay - ok
11:32:24.0759 1436  [ C5FB982CD266E604ED3142102C26D62C ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
11:32:24.0759 1436  Sftredir - ok
11:32:24.0774 1436  [ 2575511AF67AA1FA068CCC4918E2C2A3 ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
11:32:24.0774 1436  Sftvol - ok
11:32:24.0790 1436  [ 39B1D0A636A400304565D4521FAD6D77 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
11:32:24.0790 1436  sftvsa - ok
11:32:24.0837 1436  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:32:24.0852 1436  SharedAccess - ok
11:32:24.0883 1436  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:32:24.0899 1436  ShellHWDetection - ok
11:32:24.0915 1436  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:32:24.0915 1436  SiSRaid2 - ok
11:32:24.0930 1436  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
11:32:24.0930 1436  SiSRaid4 - ok
11:32:24.0961 1436  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:32:24.0961 1436  Smb - ok
11:32:25.0024 1436  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:32:25.0024 1436  SNMPTRAP - ok
11:32:25.0055 1436  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:32:25.0055 1436  spldr - ok
11:32:25.0117 1436  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
11:32:25.0133 1436  Spooler - ok
11:32:25.0211 1436  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
11:32:25.0258 1436  sppsvc - ok
11:32:25.0289 1436  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:32:25.0305 1436  sppuinotify - ok
11:32:25.0320 1436  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:32:25.0336 1436  srv - ok
11:32:25.0351 1436  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:32:25.0351 1436  srv2 - ok
11:32:25.0367 1436  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:32:25.0367 1436  srvnet - ok
11:32:25.0398 1436  [ 52D6F40B50ECFC051979FEC68E74F0F8 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
11:32:25.0398 1436  ssadbus - ok
11:32:25.0414 1436  [ D6CFD3B2EABCF9327DE39C62BABFA1E3 ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
11:32:25.0414 1436  ssadmdfl - ok
11:32:25.0461 1436  [ 5EB01E6148742C3EC2185AC92F6D16FD ] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys
11:32:25.0461 1436  ssadmdm - ok
11:32:25.0476 1436  [ FF20F67DD5644BD1D2E7FCD95AF7F03B ] ssadserd        C:\Windows\system32\DRIVERS\ssadserd.sys
11:32:25.0476 1436  ssadserd - ok
11:32:25.0523 1436  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:32:25.0539 1436  SSDPSRV - ok
11:32:25.0554 1436  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:32:25.0570 1436  SstpSvc - ok
11:32:25.0601 1436  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
11:32:25.0601 1436  stexstor - ok
11:32:25.0648 1436  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
11:32:25.0663 1436  stisvc - ok
11:32:25.0710 1436  [ DE3E7A2345EBAA3CE8E6957DFB55FB15 ] stllssvr        C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
11:32:25.0726 1436  stllssvr - ok
11:32:25.0757 1436  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
11:32:25.0757 1436  swenum - ok
11:32:25.0773 1436  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
11:32:25.0788 1436  swprv - ok
11:32:25.0819 1436  [ 56F16A398AFFE40AFAB04BA0081CDC27 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
11:32:25.0819 1436  SynTP - ok
11:32:25.0897 1436  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
11:32:25.0929 1436  SysMain - ok
11:32:25.0960 1436  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:32:25.0960 1436  TabletInputService - ok
11:32:26.0007 1436  [ F9BE29D5E097F03F81D3CD12B794CB66 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
11:32:26.0007 1436  tap0901 - ok
11:32:26.0038 1436  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:32:26.0053 1436  TapiSrv - ok
11:32:26.0069 1436  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
11:32:26.0085 1436  TBS - ok
11:32:26.0147 1436  [ DB74544B75566C974815E79A62433F29 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:32:26.0178 1436  Tcpip - ok
11:32:26.0194 1436  [ DB74544B75566C974815E79A62433F29 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:32:26.0209 1436  TCPIP6 - ok
11:32:26.0241 1436  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:32:26.0241 1436  tcpipreg - ok
11:32:26.0287 1436  [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst        C:\Windows\system32\DRIVERS\tdcmdpst.sys
11:32:26.0287 1436  tdcmdpst - ok
11:32:26.0319 1436  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:32:26.0319 1436  TDPIPE - ok
11:32:26.0334 1436  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:32:26.0334 1436  TDTCP - ok
11:32:26.0365 1436  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:32:26.0365 1436  tdx - ok
11:32:26.0428 1436  [ 40E154B3125E17CE6F2AFAD57AFCFEB2 ] TemproMonitoringService C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
11:32:26.0428 1436  TemproMonitoringService - ok
11:32:26.0459 1436  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
11:32:26.0459 1436  TermDD - ok
11:32:26.0506 1436  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
11:32:26.0521 1436  TermService - ok
11:32:26.0553 1436  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
11:32:26.0553 1436  Themes - ok
11:32:26.0584 1436  [ C013F6ACAA9761F571BD28DADA7C157D ] Thpdrv          C:\Windows\system32\DRIVERS\thpdrv.sys
11:32:26.0584 1436  Thpdrv - ok
11:32:26.0599 1436  [ B4E609047434ED948AF7BDEF2FA66E38 ] Thpevm          C:\Windows\system32\DRIVERS\Thpevm.SYS
11:32:26.0599 1436  Thpevm - ok
11:32:26.0615 1436  [ F6927BBA3B09AFF26A53A9191F7378F9 ] Thpsrv          C:\Windows\system32\ThpSrv.exe
11:32:26.0615 1436  Thpsrv - ok
11:32:26.0677 1436  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
11:32:26.0677 1436  THREADORDER - ok
11:32:26.0724 1436  [ F120967184A27E927052E8DDBB727851 ] TMachInfo       C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
11:32:26.0724 1436  TMachInfo - ok
11:32:26.0755 1436  [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv         C:\Windows\system32\TODDSrv.exe
11:32:26.0755 1436  TODDSrv - ok
11:32:26.0865 1436  [ 98C864481D62F86EC8AF65BE3419A95B ] TosCoSrv        C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
11:32:26.0865 1436  TosCoSrv - ok
11:32:26.0927 1436  [ 8F099BE5DB17D025E19652851399B9F1 ] TOSHIBA Bluetooth Service C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
11:32:26.0927 1436  TOSHIBA Bluetooth Service - ok
11:32:26.0974 1436  [ 152DA63A2843E7E63ECA8AE90D853763 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
11:32:26.0989 1436  TOSHIBA eco Utility Service - ok
11:32:27.0036 1436  [ 74C2FA8C3765EE71A9C22182EC108457 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
11:32:27.0036 1436  TOSHIBA HDD SSD Alert Service - ok
11:32:27.0067 1436  [ 8021F63311797085949FA387F7C83583 ] tosporte        C:\Windows\system32\DRIVERS\tosporte.sys
11:32:27.0067 1436  tosporte - ok
11:32:27.0099 1436  [ 3FA1857F4A99AF19D1F4106697793E0E ] tosrfbd         C:\Windows\system32\DRIVERS\tosrfbd.sys
11:32:27.0099 1436  tosrfbd - ok
11:32:27.0114 1436  [ 62512B5277D88600F8BD4B7AEC43569D ] tosrfbnp        C:\Windows\system32\Drivers\tosrfbnp.sys
11:32:27.0114 1436  tosrfbnp - ok
11:32:27.0145 1436  [ C523A9186C39D65CC9ADEBB2E1B93CCD ] Tosrfcom        C:\Windows\system32\Drivers\tosrfcom.sys
11:32:27.0145 1436  Tosrfcom - ok
11:32:27.0192 1436  [ F5E3AC4CBCD154EE80849B21887FD0B0 ] tosrfec         C:\Windows\system32\DRIVERS\tosrfec.sys
11:32:27.0192 1436  tosrfec - ok
11:32:27.0208 1436  [ 451B8C1815C6CC39650AF916C2A382CD ] Tosrfhid        C:\Windows\system32\DRIVERS\Tosrfhid.sys
11:32:27.0208 1436  Tosrfhid - ok
11:32:27.0223 1436  [ B6FDC3C76FFE9C5171EEA9C37EA367C2 ] tosrfnds        C:\Windows\system32\DRIVERS\tosrfnds.sys
11:32:27.0223 1436  tosrfnds - ok
11:32:27.0239 1436  [ 7052B10E54B48AF12BD5606596A8E039 ] TosRfSnd        C:\Windows\system32\drivers\tosrfsnd.sys
11:32:27.0239 1436  TosRfSnd - ok
11:32:27.0270 1436  [ 8197B0EAE0D804AC3466045DDC5DA98B ] Tosrfusb        C:\Windows\system32\DRIVERS\tosrfusb.sys
11:32:27.0270 1436  Tosrfusb - ok
11:32:27.0301 1436  [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64       C:\Windows\system32\DRIVERS\tos_sps64.sys
11:32:27.0301 1436  tos_sps64 - ok
11:32:27.0333 1436  [ 6F9E17819BFA53CFF67CB1E16669500F ] TPCHSrv         C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
11:32:27.0348 1436  TPCHSrv - ok
11:32:27.0411 1436  [ 25F16B72A7CC494EAC01A90A44218456 ] TpMediaServer   C:\Program Files (x86)\TP-LINK\COMMON\RaMediaServer.exe
11:32:27.0426 1436  TpMediaServer - ok
11:32:27.0457 1436  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
11:32:27.0457 1436  TrkWks - ok
11:32:27.0520 1436  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:32:27.0520 1436  TrustedInstaller - ok
11:32:27.0551 1436  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:32:27.0551 1436  tssecsrv - ok
11:32:27.0582 1436  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:32:27.0582 1436  TsUsbFlt - ok
11:32:27.0613 1436  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:32:27.0613 1436  tunnel - ok
11:32:27.0629 1436  [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ           C:\Windows\system32\DRIVERS\TVALZ_O.SYS
11:32:27.0645 1436  TVALZ - ok
11:32:27.0660 1436  [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL         C:\Windows\system32\DRIVERS\TVALZFL.sys
11:32:27.0660 1436  TVALZFL - ok
11:32:27.0691 1436  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
11:32:27.0691 1436  uagp35 - ok
11:32:27.0707 1436  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:32:27.0723 1436  udfs - ok
11:32:27.0754 1436  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:32:27.0769 1436  UI0Detect - ok
11:32:27.0801 1436  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:32:27.0801 1436  uliagpkx - ok
11:32:27.0816 1436  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
11:32:27.0816 1436  umbus - ok
11:32:27.0832 1436  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
11:32:27.0832 1436  UmPass - ok
11:32:27.0925 1436  [ 7466809E6DA561D60C2F1CE8EDE3C73F ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
11:32:27.0957 1436  UNS - ok
11:32:27.0988 1436  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
11:32:27.0988 1436  upnphost - ok
11:32:28.0035 1436  [ ACCEA6BC68D0C9A78EB97EE159028B4E ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:32:28.0035 1436  usbccgp - ok
11:32:28.0050 1436  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:32:28.0050 1436  usbcir - ok
11:32:28.0097 1436  [ 311C1DD1088E55BEAE15954D17F50646 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
11:32:28.0097 1436  usbehci - ok
11:32:28.0113 1436  [ 280E90CBF4B2DDD169F0728CB44D726F ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:32:28.0113 1436  usbhub - ok
11:32:28.0128 1436  [ 9406D801042FAF859CF81B2C886413DC ] usbohci         C:\Windows\system32\drivers\usbohci.sys
11:32:28.0128 1436  usbohci - ok
11:32:28.0159 1436  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:32:28.0159 1436  usbprint - ok
11:32:28.0206 1436  [ 9661DA76B4531B2DA272ECCE25A8AF24 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
11:32:28.0206 1436  usbscan - ok
11:32:28.0222 1436  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:32:28.0222 1436  USBSTOR - ok
11:32:28.0237 1436  [ A83D0EC9AE4C31704442099D40BA2471 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
11:32:28.0237 1436  usbuhci - ok
11:32:28.0269 1436  [ 1F775DA4CF1A3A1834207E975A72E9D7 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
11:32:28.0269 1436  usbvideo - ok
11:32:28.0300 1436  [ 7B28E2FBE75115660FAB31079C0A9F29 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
11:32:28.0300 1436  usb_rndisx - ok
11:32:28.0331 1436  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
11:32:28.0331 1436  UxSms - ok
11:32:28.0347 1436  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
11:32:28.0347 1436  VaultSvc - ok
11:32:28.0393 1436  [ 2292941A3522B2AEB2C4138B8336027B ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
11:32:28.0409 1436  VBoxDrv - ok
11:32:28.0440 1436  [ 7BA06676AC91AF2EEAB05BCC70F14003 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
11:32:28.0440 1436  VBoxNetAdp - ok
11:32:28.0471 1436  [ 93BDA0BF20F02E509354D1EBDE69E300 ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
11:32:28.0471 1436  VBoxUSBMon - ok
11:32:28.0503 1436  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:32:28.0503 1436  vdrvroot - ok
11:32:28.0549 1436  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
11:32:28.0549 1436  vds - ok
11:32:28.0581 1436  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:32:28.0581 1436  vga - ok
11:32:28.0596 1436  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:32:28.0596 1436  VgaSave - ok
11:32:28.0612 1436  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:32:28.0612 1436  vhdmp - ok
11:32:28.0643 1436  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:32:28.0643 1436  viaide - ok
11:32:28.0721 1436  [ A56DD75BCDA446D2305F00E793406493 ] VmbService      C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
11:32:28.0721 1436  VmbService - ok
11:32:28.0783 1436  [ 091E009EF749C9D65CF9ADFAD316D251 ] vmm             C:\Windows\system32\Pilotes\vmm.sys
11:32:28.0783 1436  vmm - ok
11:32:28.0815 1436  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:32:28.0815 1436  volmgr - ok
11:32:28.0861 1436  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:32:28.0861 1436  volmgrx - ok
11:32:28.0893 1436  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:32:28.0893 1436  volsnap - ok
11:32:28.0924 1436  [ B4A73CA4EF9A02B9738CEA9AD5FE5917 ] vpcbus          C:\Windows\system32\DRIVERS\vpchbus.sys
11:32:28.0924 1436  vpcbus - ok
11:32:28.0971 1436  [ BC2EA40B98B5E866D9A4F98AFB66B682 ] VPCNetS2        C:\Windows\system32\DRIVERS\VMNetSrv.sys
11:32:28.0971 1436  VPCNetS2 - ok
11:32:29.0002 1436  [ E675FB2B48C54F09895482E2253B289C ] vpcnfltr        C:\Windows\system32\DRIVERS\vpcnfltr.sys
11:32:29.0002 1436  vpcnfltr - ok
11:32:29.0049 1436  [ 5FB42082B0D19A0268705F1DD343DF20 ] vpcusb          C:\Windows\system32\DRIVERS\vpcusb.sys
11:32:29.0049 1436  vpcusb - ok
11:32:29.0095 1436  [ 207B6539799CC1C112661A9B620DD233 ] vpcvmm          C:\Windows\system32\drivers\vpcvmm.sys
11:32:29.0095 1436  vpcvmm - ok
11:32:29.0127 1436  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
11:32:29.0127 1436  vsmraid - ok
11:32:29.0173 1436  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
11:32:29.0189 1436  VSS - ok
11:32:29.0205 1436  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
11:32:29.0205 1436  vwifibus - ok
11:32:29.0220 1436  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:32:29.0220 1436  vwififlt - ok
11:32:29.0251 1436  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
11:32:29.0251 1436  vwifimp - ok
11:32:29.0283 1436  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
11:32:29.0298 1436  W32Time - ok
11:32:29.0314 1436  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
11:32:29.0314 1436  WacomPen - ok
11:32:29.0345 1436  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:32:29.0345 1436  WANARP - ok
11:32:29.0345 1436  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:32:29.0345 1436  Wanarpv6 - ok
11:32:29.0407 1436  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
11:32:29.0423 1436  WatAdminSvc - ok
11:32:29.0470 1436  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
11:32:29.0501 1436  wbengine - ok
11:32:29.0517 1436  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:32:29.0517 1436  WbioSrvc - ok
11:32:29.0563 1436  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:32:29.0563 1436  wcncsvc - ok
11:32:29.0595 1436  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:32:29.0595 1436  WcsPlugInService - ok
11:32:29.0610 1436  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
11:32:29.0626 1436  Wd - ok
11:32:29.0673 1436  [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:32:29.0673 1436  Wdf01000 - ok
11:32:29.0704 1436  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:32:29.0704 1436  WdiServiceHost - ok
11:32:29.0719 1436  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:32:29.0719 1436  WdiSystemHost - ok
11:32:29.0735 1436  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
11:32:29.0751 1436  WebClient - ok
11:32:29.0766 1436  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:32:29.0766 1436  Wecsvc - ok
11:32:29.0766 1436  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:32:29.0782 1436  wercplsupport - ok
11:32:29.0797 1436  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:32:29.0797 1436  WerSvc - ok
11:32:29.0813 1436  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:32:29.0813 1436  WfpLwf - ok
11:32:29.0829 1436  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:32:29.0829 1436  WIMMount - ok
11:32:29.0860 1436  WinDefend - ok
11:32:29.0860 1436  WinHttpAutoProxySvc - ok
11:32:29.0922 1436  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:32:29.0922 1436  Winmgmt - ok
11:32:29.0985 1436  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
11:32:30.0016 1436  WinRM - ok
11:32:30.0063 1436  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:32:30.0078 1436  Wlansvc - ok
11:32:30.0187 1436  [ 98F138897EF4246381D197CB81846D62 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:32:30.0219 1436  wlidsvc - ok
11:32:30.0250 1436  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
11:32:30.0250 1436  WmiAcpi - ok
11:32:30.0265 1436  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:32:30.0265 1436  wmiApSrv - ok
11:32:30.0281 1436  WMPNetworkSvc - ok
11:32:30.0312 1436  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:32:30.0328 1436  WPCSvc - ok
11:32:30.0359 1436  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:32:30.0375 1436  WPDBusEnum - ok
11:32:30.0421 1436  [ 58D2753FAD6D812A5B8BD51DA9D26294 ] WPRO_41_2001    C:\Windows\system32\drivers\WPRO_41_2001.sys
11:32:30.0421 1436  WPRO_41_2001 - ok
11:32:30.0437 1436  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:32:30.0437 1436  ws2ifsl - ok
11:32:30.0484 1436  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
11:32:30.0499 1436  wscsvc - ok
11:32:30.0499 1436  WSearch - ok
11:32:30.0577 1436  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:32:30.0609 1436  wuauserv - ok
11:32:30.0640 1436  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:32:30.0640 1436  WudfPf - ok
11:32:30.0655 1436  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:32:30.0655 1436  WUDFRd - ok
11:32:30.0702 1436  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:32:30.0702 1436  wudfsvc - ok
11:32:30.0733 1436  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:32:30.0733 1436  WwanSvc - ok
11:32:30.0827 1436  ================ Scan global ===============================
11:32:30.0858 1436  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:32:30.0889 1436  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
11:32:30.0921 1436  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
11:32:30.0936 1436  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:32:30.0983 1436  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:32:30.0983 1436  [Global] - ok
11:32:30.0983 1436  ================ Scan MBR ==================================
11:32:31.0014 1436  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:32:31.0295 1436  \Device\Harddisk0\DR0 - ok
11:32:31.0311 1436  [ F05261C246CE4B3C544521FFFF7AEF5D ] \Device\Harddisk1\DR1
11:32:33.0885 1436  \Device\Harddisk1\DR1 - ok
11:32:33.0900 1436  [ E64B2A49894D1FD5A0201870E3E41A51 ] \Device\Harddisk2\DR2
11:32:33.0900 1436  \Device\Harddisk2\DR2 - ok
11:32:33.0900 1436  [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk4\DR4
11:32:33.0916 1436  \Device\Harddisk4\DR4 - ok
11:32:33.0916 1436  ================ Scan VBR ==================================
11:32:33.0931 1436  [ 326DB91B4E283BEAD3A5D2636B00F64D ] \Device\Harddisk0\DR0\Partition1
11:32:33.0931 1436  \Device\Harddisk0\DR0\Partition1 - ok
11:32:33.0963 1436  [ A0FBD6EC63E0ECB92857DB34D987E824 ] \Device\Harddisk0\DR0\Partition2
11:32:33.0963 1436  \Device\Harddisk0\DR0\Partition2 - ok
11:32:34.0275 1436  [ B281B195D9FC79362B46D58501FABA52 ] \Device\Harddisk1\DR1\Partition1
11:32:34.0290 1436  \Device\Harddisk1\DR1\Partition1 - ok
11:32:34.0290 1436  [ 8ED09222CBF92D2BC008F1EFF84CFA30 ] \Device\Harddisk2\DR2\Partition1
11:32:34.0290 1436  \Device\Harddisk2\DR2\Partition1 - ok
11:32:34.0306 1436  [ 0CBF8A6E047844A489C526C7CE5F3DFB ] \Device\Harddisk4\DR4\Partition1
11:32:34.0306 1436  \Device\Harddisk4\DR4\Partition1 - ok
11:32:34.0306 1436  ============================================================
11:32:34.0306 1436  Scan finished
11:32:34.0306 1436  ============================================================
11:32:34.0321 7284  Detected object count: 0
11:32:34.0321 7284  Actual detected object count: 0
 



#15 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:54 PM

Posted 14 November 2013 - 06:06 AM

Let´s check the conenction:

 

Scan with Farbar´s Service Scanner

Please download Farbar Service Scanner and run it on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender

  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users