Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

I think I'm infected help please

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

I think I'm infected help please

Unread postby rmrrar » December 10th, 2014, 9:09 am

Hello, I think I am infected with malware at least prolly more I don't no. I have noticed that when I go to restart my pc it always has background process that are running that I have to force closed. Also I have noticed odd email addresses in my that are remembered when I go to log onto my email and such. Thank you for any help. rmrrar.


DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17496
Run by Robert at 7:03:45 on 2014-12-10
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3836.2328 [GMT -6:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k HsfXAudioService
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
C:\windows\system32\atieclxx.exe
C:\windows\system32\vssvc.exe
C:\windows\System32\svchost.exe -k swprv
C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\TOSHIBA\TECO\Teco.exe
C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\TOSHIBA\Toshiba App Place\ToshibaAppPlace.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
uDefault_Page_URL = hxxp://start.toshiba.com/
uProxyOverride = <local>
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
mRun: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
mRun: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED
mRun: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
dRunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{01E389AE-F7B8-4E6A-98ED-E570511F399C} : DHCPNameServer = 192.168.1.254
SSODL: WebCheck - <orphaned>
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe
x64-Run: [SmoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe
x64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r
x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
x64-Run: [SmartFaceVWatcher] C:\Program Files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\windows\System32\drivers\aswRvrt.sys [2014-9-19 65776]
R0 aswVmm;avast! VM Monitor;C:\windows\System32\drivers\aswVmm.sys [2014-9-19 267632]
R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswsnx.sys [2014-9-19 1050432]
R1 aswSP;aswSP;C:\windows\System32\drivers\aswsp.sys [2014-9-19 436624]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2014-9-19 202752]
R2 aswHwid;avast! HardwareID;C:\windows\System32\drivers\aswHwid.sys [2014-9-19 29208]
R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2014-9-19 83280]
R2 aswStm;aswStm;C:\windows\System32\drivers\aswStm.sys [2014-9-19 116728]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-26 50344]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 HsfXAudioService;HsfXAudioService;C:\windows\System32\svchost.exe -k HsfXAudioService [2009-7-13 27136]
R2 regi;regi;C:\windows\System32\drivers\regi.sys [2014-9-19 14112]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-4-6 258928]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
R2 VBoxAswDrv;VBoxAsw Support Driver;C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2014-11-26 271752]
R3 AvastVBoxSvc;AvastVBox COM Service;C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2014-11-26 4012248]
R3 CAXHWAZL;CAXHWAZL;C:\windows\System32\drivers\CAXHWAZL.sys [2009-2-12 292864]
R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2014-9-19 35008]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2014-9-19 325152]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtl8192ce.sys [2014-9-19 932384]
R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2014-9-19 54136]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-2-23 835952]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe /s --> C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe [?]
S2 PCCUJobMgr;Common Client Job Manager Service;"C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe" /s "PCCUJobMgr" /m "C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\diMaster.dll" /prefetch:1 --> C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe [?]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-12-9 114688]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2014-9-19 232992]
S3 SrvHsfHDA;SrvHsfHDA;C:\windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 taphss6;Anchorfree HSS VPN Adapter;C:\windows\System32\drivers\taphss6.sys [2014-5-16 42184]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2014-9-21 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2014-9-24 1255736]
.
=============== Created Last 30 ================
.
2014-12-10 09:14:55 -------- d-----w- C:\windows\System32\appraiser
2014-12-10 09:01:48 55808 ----a-w- C:\windows\System32\rrinstaller.exe
2014-12-10 09:01:48 24576 ----a-w- C:\windows\System32\mfpmp.exe
2014-12-10 09:01:48 23040 ----a-w- C:\windows\SysWow64\mfpmp.exe
2014-12-10 09:01:48 2048 ----a-w- C:\windows\SysWow64\mferror.dll
2014-12-10 09:01:48 2048 ----a-w- C:\windows\System32\mferror.dll
2014-12-10 09:01:47 50176 ----a-w- C:\windows\SysWow64\rrinstaller.exe
2014-12-10 09:01:47 3209728 ----a-w- C:\windows\SysWow64\mf.dll
2014-12-10 09:01:47 206848 ----a-w- C:\windows\System32\mfps.dll
2014-12-10 09:01:47 103424 ----a-w- C:\windows\SysWow64\mfps.dll
2014-12-10 09:01:46 4121600 ----a-w- C:\windows\System32\mf.dll
2014-12-10 05:50:05 -------- d-----w- C:\Users\Robert\AppData\Local\Deployment
2014-12-10 05:50:05 -------- d-----w- C:\Users\Robert\AppData\Local\Apps
2014-12-10 04:51:59 742400 ----a-w- C:\Program Files\Internet Explorer\ieproxy.dll
2014-12-10 04:48:06 11632448 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{040CCE9A-DFF1-4FCF-B2EA-34E058F722A2}\mpengine.dll
2014-11-26 15:20:41 -------- d-----w- C:\windows\SysWow64\vbox
2014-11-26 15:20:39 -------- d-----w- C:\windows\System32\vbox
2014-11-26 15:09:07 43152 ----a-w- C:\windows\avastSS.scr
2014-11-23 05:03:38 -------- d-----w- C:\Users\Robert\AppData\Roaming\PFStaticIP
2014-11-23 05:01:36 -------- d-----w- C:\Users\Robert\AppData\Roaming\PortForward.com
2014-11-23 05:01:17 -------- d-----w- C:\Users\Robert\AppData\Local\Downloaded Installations
2014-11-18 23:00:32 728064 ----a-w- C:\windows\System32\kerberos.dll
2014-11-18 23:00:32 241152 ----a-w- C:\windows\System32\pku2u.dll
2014-11-18 23:00:32 186880 ----a-w- C:\windows\SysWow64\pku2u.dll
2014-11-18 23:00:31 550912 ----a-w- C:\windows\SysWow64\kerberos.dll
2014-11-15 16:54:02 -------- d-----w- C:\Users\Robert\AppData\Local\ElevatedDiagnostics
2014-11-15 16:36:10 -------- d-sh--w- C:\Users\Robert\AppData\Local\EmieBrowserModeList
2014-11-12 06:32:48 683520 ----a-w- C:\windows\System32\termsrv.dll
2014-11-12 06:32:48 681984 ----a-w- C:\windows\System32\adtschema.dll
2014-11-12 06:32:48 155064 ----a-w- C:\windows\System32\drivers\ksecpkg.sys
2014-11-12 06:32:47 681984 ----a-w- C:\windows\SysWow64\adtschema.dll
2014-11-12 06:32:47 22016 ----a-w- C:\windows\SysWow64\secur32.dll
2014-11-12 06:32:47 146432 ----a-w- C:\windows\SysWow64\msaudite.dll
2014-11-12 06:32:47 146432 ----a-w- C:\windows\System32\msaudite.dll
2014-11-12 06:32:47 1460736 ----a-w- C:\windows\System32\lsasrv.dll
2014-11-12 06:32:45 96768 ----a-w- C:\windows\SysWow64\sspicli.dll
2014-11-11 11:24:18 195272 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\LICLUA.EXE
.
==================== Find3M ====================
.
2014-12-04 02:50:55 413184 ----a-w- C:\windows\System32\generaltel.dll
2014-12-04 02:50:45 741376 ----a-w- C:\windows\System32\invagent.dll
2014-12-04 02:50:40 396800 ----a-w- C:\windows\System32\devinv.dll
2014-12-04 02:50:38 830976 ----a-w- C:\windows\System32\appraiser.dll
2014-12-04 02:50:37 227328 ----a-w- C:\windows\System32\aepdu.dll
2014-12-04 02:50:37 192000 ----a-w- C:\windows\System32\aepic.dll
2014-12-04 02:44:48 1083392 ----a-w- C:\windows\System32\aeinv.dll
2014-12-01 23:28:44 1232040 ----a-w- C:\windows\System32\aitstatic.exe
2014-11-26 15:09:46 1050432 ----a-w- C:\windows\System32\drivers\aswsnx.sys
2014-11-26 15:09:12 65776 ----a-w- C:\windows\System32\drivers\aswRvrt.sys
2014-11-26 15:09:12 267632 ----a-w- C:\windows\System32\drivers\aswVmm.sys
2014-11-26 15:09:12 116728 ----a-w- C:\windows\System32\drivers\aswStm.sys
2014-11-26 15:09:11 93568 ----a-w- C:\windows\System32\drivers\aswRdr2.sys
2014-11-26 15:09:11 83280 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys
2014-11-26 15:09:11 29208 ----a-w- C:\windows\System32\drivers\aswHwid.sys
2014-11-22 03:06:23 2724864 ----a-w- C:\windows\System32\mshtml.tlb
2014-11-22 03:06:11 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
2014-11-22 02:50:39 66560 ----a-w- C:\windows\System32\iesetup.dll
2014-11-22 02:50:10 580096 ----a-w- C:\windows\System32\vbscript.dll
2014-11-22 02:49:54 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
2014-11-22 02:48:20 88064 ----a-w- C:\windows\System32\MshtmlDac.dll
2014-11-22 02:35:43 144384 ----a-w- C:\windows\System32\ieUnatt.exe
2014-11-22 02:35:29 114688 ----a-w- C:\windows\System32\ieetwcollector.exe
2014-11-22 02:34:51 814080 ----a-w- C:\windows\System32\jscript9diag.dll
2014-11-22 02:34:07 6039552 ----a-w- C:\windows\System32\jscript9.dll
2014-11-22 02:26:31 968704 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe
2014-11-22 02:20:44 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2014-11-22 02:14:16 77824 ----a-w- C:\windows\System32\JavaScriptCollectionAgent.dll
2014-11-22 02:07:43 501248 ----a-w- C:\windows\SysWow64\vbscript.dll
2014-11-22 02:07:17 62464 ----a-w- C:\windows\SysWow64\iesetup.dll
2014-11-22 02:06:32 47616 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05:02 64000 ----a-w- C:\windows\SysWow64\MshtmlDac.dll
2014-11-22 01:55:16 115712 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2014-11-22 01:54:30 620032 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2014-11-22 01:47:10 1359360 ----a-w- C:\windows\System32\mshtmlmedia.dll
2014-11-22 01:46:58 2125312 ----a-w- C:\windows\System32\inetcpl.cpl
2014-11-22 01:40:04 60416 ----a-w- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29:26 4299264 ----a-w- C:\windows\SysWow64\jscript9.dll
2014-11-22 01:28:21 2358272 ----a-w- C:\windows\System32\wininet.dll
2014-11-22 01:22:49 2052096 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2014-11-22 01:21:57 1155072 ----a-w- C:\windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:00:20 1888256 ----a-w- C:\windows\SysWow64\wininet.dll
2014-11-11 03:09:06 1424384 ----a-w- C:\windows\System32\WindowsCodecs.dll
2014-11-11 02:44:45 1230336 ----a-w- C:\windows\SysWow64\WindowsCodecs.dll
2014-11-11 01:46:26 119296 ----a-w- C:\windows\System32\drivers\tdx.sys
2014-11-08 03:16:08 2048 ----a-w- C:\windows\System32\tzres.dll
2014-11-08 02:45:09 2048 ----a-w- C:\windows\SysWow64\tzres.dll
2014-11-04 20:30:58 275080 ------w- C:\windows\System32\MpSigStub.exe
2014-10-30 02:04:21 1480192 ----a-w- C:\windows\System32\crypt32.dll
2014-10-30 02:03:43 165888 ----a-w- C:\windows\System32\charmap.exe
2014-10-30 01:46:24 1174528 ----a-w- C:\windows\SysWow64\crypt32.dll
2014-10-30 01:45:43 155136 ----a-w- C:\windows\SysWow64\charmap.exe
2014-10-25 01:57:59 77824 ----a-w- C:\windows\System32\packager.dll
2014-10-25 01:32:37 67584 ----a-w- C:\windows\SysWow64\packager.dll
2014-10-18 02:05:23 861696 ----a-w- C:\windows\System32\oleaut32.dll
2014-10-18 01:33:18 571904 ----a-w- C:\windows\SysWow64\oleaut32.dll
2014-10-14 02:13:00 3241984 ----a-w- C:\windows\System32\msi.dll
2014-10-14 01:50:41 2363904 ----a-w- C:\windows\SysWow64\msi.dll
2014-10-10 00:57:42 3198976 ----a-w- C:\windows\System32\win32k.sys
2014-10-03 02:12:23 310272 ----a-w- C:\windows\System32\WsmWmiPl.dll
2014-10-03 02:12:23 2020352 ----a-w- C:\windows\System32\WsmSvc.dll
2014-10-03 02:12:22 346624 ----a-w- C:\windows\System32\WSManMigrationPlugin.dll
2014-10-03 02:12:22 181248 ----a-w- C:\windows\System32\WsmAuto.dll
2014-10-03 02:12:00 500224 ----a-w- C:\windows\System32\AUDIOKSE.dll
2014-10-03 02:11:54 284672 ----a-w- C:\windows\System32\EncDump.dll
2014-10-03 02:11:51 680960 ----a-w- C:\windows\System32\audiosrv.dll
2014-10-03 02:11:51 440832 ----a-w- C:\windows\System32\AudioEng.dll
2014-10-03 02:11:51 296448 ----a-w- C:\windows\System32\AudioSes.dll
2014-10-03 02:11:49 266240 ----a-w- C:\windows\System32\WSManHTTPConfig.exe
2014-10-03 01:45:03 248832 ----a-w- C:\windows\SysWow64\WSManMigrationPlugin.dll
2014-10-03 01:45:03 214016 ----a-w- C:\windows\SysWow64\WsmWmiPl.dll
2014-10-03 01:45:03 145920 ----a-w- C:\windows\SysWow64\WsmAuto.dll
2014-10-03 01:45:03 1177088 ----a-w- C:\windows\SysWow64\WsmSvc.dll
2014-10-03 01:44:42 442880 ----a-w- C:\windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44:26 374784 ----a-w- C:\windows\SysWow64\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- C:\windows\SysWow64\AudioSes.dll
2014-10-03 01:44:25 198656 ----a-w- C:\windows\SysWow64\WSManHTTPConfig.exe
2014-09-26 19:19:01 878080 ----a-w- C:\windows\System32\advapi32.dll
2014-09-26 19:19:01 859648 ----a-w- C:\windows\System32\tdh.dll
2014-09-26 19:19:01 640512 ----a-w- C:\windows\SysWow64\advapi32.dll
2014-09-26 19:19:01 619520 ----a-w- C:\windows\SysWow64\tdh.dll
2014-09-26 19:19:01 1732032 ----a-w- C:\windows\System32\ntdll.dll
2014-09-26 19:19:01 1292192 ----a-w- C:\windows\SysWow64\ntdll.dll
2014-09-26 19:18:15 327168 ----a-w- C:\windows\System32\mswsock.dll
2014-09-26 19:18:15 231424 ----a-w- C:\windows\SysWow64\mswsock.dll
2014-09-26 19:12:29 1887232 ----a-w- C:\windows\System32\d3d11.dll
2014-09-26 19:12:29 1505280 ----a-w- C:\windows\SysWow64\d3d11.dll
2014-09-25 02:08:38 371712 ----a-w- C:\windows\System32\qdvd.dll
2014-09-25 01:40:50 519680 ----a-w- C:\windows\SysWow64\qdvd.dll
2014-09-22 11:33:44 152576 ----a-w- C:\windows\SysWow64\msclmd.dll
2014-09-22 11:33:43 175616 ----a-w- C:\windows\System32\msclmd.dll
2014-09-20 01:01:42 0 ----a-w- C:\windows\ativpsrm.bin
2014-09-19 09:42:52 210944 ----a-w- C:\windows\System32\wdigest.dll
2014-09-19 09:42:51 86528 ----a-w- C:\windows\System32\TSpkg.dll
2014-09-19 09:42:49 342016 ----a-w- C:\windows\System32\schannel.dll
2014-09-19 09:42:47 314880 ----a-w- C:\windows\System32\msv1_0.dll
2014-09-19 09:42:47 309760 ----a-w- C:\windows\System32\ncrypt.dll
2014-09-19 09:42:41 22016 ----a-w- C:\windows\System32\credssp.dll
2014-09-19 09:23:55 172032 ----a-w- C:\windows\SysWow64\wdigest.dll
2014-09-19 09:23:52 65536 ----a-w- C:\windows\SysWow64\TSpkg.dll
.
============= FINISH: 7:04:14.48 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 9/19/2014 6:41:57 PM
System Uptime: 12/10/2014 3:16:01 AM (4 hours ago)
.
Motherboard: TOSHIBA | | NALAE
Processor: AMD Turion(tm) II P540 Dual-Core Processor | Socket M2/S1G1 | 2400/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 286 GiB total, 207.614 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP42: 11/11/2014 2:15:59 AM - Windows Update
RP43: 11/12/2014 3:00:20 AM - Windows Update
RP44: 11/18/2014 2:14:48 AM - Windows Update
RP45: 11/18/2014 4:02:07 AM - Removed Toshiba Book Place
RP46: 11/19/2014 3:00:19 AM - Windows Update
RP47: 11/25/2014 5:54:56 AM - Windows Update
RP48: 11/26/2014 8:52:07 AM - avast! antivirus system restore point
RP49: 12/2/2014 6:35:13 AM - Windows Update
RP50: 12/9/2014 10:46:59 PM - Windows Update
RP51: 12/10/2014 3:00:14 AM - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3
ATI Catalyst Install Manager
Avast Free Antivirus
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Corel WinDVD
Google Chrome
Google Update Helper
HDAUDIO Soft Data Fax Modem with SmartCP
Java(TM) 6 Update 17
Label@Once 1.0
Microsoft .NET Framework 4.5.1
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MSXML 4.0 SP3 Parser (KB2758694)
MSXML 4.0 SP3 Parser (KB973685)
PlayReady PC Runtime amd64
Quickbooks Financial Center
Realtek Ethernet Controller Driver For Windows 7
Realtek HDMI Audio Driver for ATI
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Realtek WLAN Driver
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Skype Launcher
Synaptics Pointing Device Driver
Toshiba App Place
TOSHIBA Application Installer
TOSHIBA Assist
TOSHIBA Bulletin Board
TOSHIBA Disc Creator
TOSHIBA eco Utility
TOSHIBA Face Recognition
TOSHIBA Flash Cards Support Utility
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
Toshiba Laptop Checkup
TOSHIBA Media Controller
TOSHIBA Media Controller Plug-in
Toshiba Online Backup
TOSHIBA PC Health Monitor
TOSHIBA Quality Application
TOSHIBA Recovery Media Creator
TOSHIBA ReelTime
TOSHIBA Service Station
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
ToshibaRegistration
Utility Common Driver
V.92 Modem On Hold
.
==== Event Viewer Messages From Past Week ========
.
12/8/2014 11:18:04 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR2.
12/8/2014 11:17:05 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
12/10/2014 3:20:30 AM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: %%-2147023113
12/10/2014 3:17:21 AM, Error: Service Control Manager [7000] - The Toshiba Laptop Checkup Application Launcher service failed to start due to the following error: The system cannot find the file specified.
12/10/2014 3:17:21 AM, Error: Service Control Manager [7000] - The Common Client Job Manager Service service failed to start due to the following error: The system cannot find the file specified.
.
==== End Of File ===========================
rmrrar
Regular Member
 
Posts: 105
Joined: May 19th, 2013, 8:09 am
Advertisement
Register to Remove

Re: I think I'm infected help please

Unread postby nunped » December 12th, 2014, 4:33 pm

Hello rmrrar, and welcome to the forum.

My name is nunped and I'll be helping you with any malware problems.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Here are some guidelines for the cleaning process to run as easy as possible.

  1. Please read this topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.
  2. The instructions being given are for YOUR computer and system only! Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  3. You must have Administrator rights permissions for this computer.
  4. DO NOT run any other fix or removal tools unless instructed to do so!
  5. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
  6. Only post your problem at one help site. Applying fixes from multiple help sites can cause problems.
  7. Only reply to this thread. Do not start another thread.
  8. The absence of symptoms does not imply the absence of malware. Please continue responding until I give you the "All Clean".
  9. No Reply Within 3 Days will result in your topic being closed!


Read through these instructions with your full attention.
Please ask first if you have any doubts.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions.
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: I think I'm infected help please

Unread postby nunped » December 12th, 2014, 4:49 pm

Hello rmrrar,

Can you specify which processes you have to close?

Also, run the following scan:
Scan with FRST
Please download FRST ... by Farbar, from the link below and save it to your Desktop.

For 64 bit Systems

  • Right-click FRST.exe and select " Run as administrator " to run it.
  • When the tool opens click Yes to the disclaimer.
  • Press Scan button. ... When finished a log will be created, FRST.txt.
  • Please post the content of the FRST.txt in your next reply.
  • The first time the tool is run, it will create another log... Addition.txt.
  • Please post the content of the Addition.txt in your next reply.
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: I think I'm infected help please

Unread postby rmrrar » December 13th, 2014, 6:59 am

Hello, like an idiot I didnt take note of the name of the process. If I recall it was something like svc host 32 or remote host proxy 32. I dont know if that helps any lol .

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-12-2014
Ran by Robert (administrator) on ROBERT-PC on 13-12-2014 04:51:47
Running from C:\Users\Robert\Desktop
Loaded Profile: Robert (Available profiles: Robert)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Toshiba) C:\Program Files (x86)\TOSHIBA\Toshiba App Place\ToshibaAppPlace.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10134560 2010-03-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [896032 2010-03-22] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [505696 2009-11-05] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [913720 2010-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1489760 2010-04-06] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-23] (TOSHIBA Corporation)
HKLM\...\Run: [SmartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-03-19] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35672 2010-03-03] (TOSHIBA Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SVPWUTIL] => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [352256 2010-02-22] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2009-12-25] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1295736 2011-02-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-02-24] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe [3218792 2010-06-02] (Toshiba)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-06-11] (Toshiba)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-11-26] (AVAST Software)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\windows\System32\SPReview\SPReview.exe [301568 2014-09-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2325119849-3864351640-63484205-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/
HKU\S-1-5-21-2325119849-3864351640-63484205-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://start.toshiba.com/g/
SearchScopes: HKLM -> {2D91B238-D4A2-4889-9F0E-C3ECD275DD97} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND
SearchScopes: HKLM-x32 -> {4EAF0291-386C-41CE-A80D-F3A3BF533E2E} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND
SearchScopes: HKU\S-1-5-21-2325119849-3864351640-63484205-1000 -> {2D91B238-D4A2-4889-9F0E-C3ECD275DD97} URL =
SearchScopes: HKU\S-1-5-21-2325119849-3864351640-63484205-1000 -> {398D9C99-28D1-4BAD-8770-D51A9CCD1431} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND
SearchScopes: HKU\S-1-5-21-2325119849-3864351640-63484205-1000 -> {4EAF0291-386C-41CE-A80D-F3A3BF533E2E} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-19]

Chrome:
=======
CHR Profile: C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-09]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-09]
CHR Extension: (YouTube) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-09]
CHR Extension: (Google Search) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-09]
CHR Extension: (Google Wallet) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-09]
CHR Extension: (Gmail) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-09]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-26]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-26] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-26] (Avast Software)
S2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe /s [X]
S2 PCCUJobMgr; "C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe" /s "PCCUJobMgr" /m "C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\diMaster.dll" /prefetch:1

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-26] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-26] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-26] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-26] ()
R2 regi; C:\windows\SysWOW64\drivers\regi.sys [11032 2007-04-17] (InterVideo)
S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-16] (Anchorfree Inc.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-26] (Avast Software)
S3 Andbus; system32\DRIVERS\lgandbus64.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag64.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps64.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem64.sys [X]
S3 androidusb; System32\Drivers\lgandadb.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-13 04:51 - 2014-12-13 04:52 - 00014169 _____ () C:\Users\Robert\Desktop\FRST.txt
2014-12-13 04:51 - 2014-12-13 04:51 - 00000000 ____D () C:\FRST
2014-12-13 04:50 - 2014-12-13 04:50 - 02119168 _____ (Farbar) C:\Users\Robert\Downloads\FRST64.exe
2014-12-13 04:50 - 2014-12-13 04:50 - 02119168 _____ (Farbar) C:\Users\Robert\Desktop\FRST64.exe
2014-12-13 04:43 - 2014-12-13 04:43 - 00000280 _____ () C:\windows\system32\2014-12-13-10-43-03.058-aswFe.exe-5396.log
2014-12-13 04:42 - 2014-12-13 04:42 - 00000280 _____ () C:\windows\system32\2014-12-13-10-42-11.036-aswFe.exe-276.log
2014-12-13 03:35 - 2014-12-13 03:35 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-13 03:10 - 2014-12-13 03:10 - 00000000 ____D () C:\Users\Robert\New folder
2014-12-13 01:42 - 2014-12-13 01:42 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_lgandadb_01005.Wdf
2014-12-13 01:28 - 2011-07-18 02:33 - 01919968 _____ (Microsoft Corporation) C:\windows\system32\wdfcoinstaller01005.dll
2014-12-13 01:27 - 2014-12-13 01:27 - 00003138 _____ () C:\windows\System32\Tasks\{B692C068-DA7E-4E98-8D29-5DC6640BB6AD}
2014-12-12 03:16 - 2014-12-12 03:16 - 00000197 _____ () C:\windows\system32\2014-12-12-09-16-05.011-AvastVBoxSVC.exe-2928.log
2014-12-10 07:04 - 2014-12-10 07:04 - 00022657 _____ () C:\Users\Robert\Desktop\dds.txt
2014-12-10 07:04 - 2014-12-10 07:04 - 00005055 _____ () C:\Users\Robert\Desktop\attach.txt
2014-12-10 07:03 - 2014-12-10 07:02 - 00688992 ____R (Swearware) C:\Users\Robert\Desktop\dds.scr
2014-12-10 07:02 - 2014-12-10 07:02 - 00688992 _____ (Swearware) C:\Users\Robert\Downloads\dds.scr
2014-12-10 03:18 - 2014-12-10 03:18 - 00000197 _____ () C:\windows\system32\2014-12-10-09-18-32.052-AvastVBoxSVC.exe-3024.log
2014-12-10 03:14 - 2014-12-10 03:14 - 00000000 ____D () C:\windows\system32\appraiser
2014-12-10 03:01 - 2014-10-17 20:05 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2014-12-10 03:01 - 2014-10-17 19:33 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2014-12-10 03:01 - 2014-07-06 20:06 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2014-12-10 03:01 - 2014-07-06 20:06 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2014-12-10 03:01 - 2014-07-06 20:06 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2014-12-10 03:01 - 2014-07-06 20:02 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2014-12-10 03:01 - 2014-07-06 19:40 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2014-12-10 03:01 - 2014-07-06 19:39 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2014-12-10 03:01 - 2014-07-06 19:39 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2014-12-10 03:01 - 2014-07-06 19:37 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2014-12-09 23:53 - 2014-12-09 23:53 - 00002226 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-09 23:53 - 2014-12-09 23:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-09 23:50 - 2014-12-13 03:55 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-09 23:50 - 2014-12-13 00:28 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-09 23:50 - 2014-12-09 23:50 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-12-09 23:50 - 2014-12-09 23:50 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-12-09 23:50 - 2014-12-09 23:50 - 00000000 ____D () C:\Users\Robert\AppData\Local\Deployment
2014-12-09 23:50 - 2014-12-09 23:50 - 00000000 ____D () C:\Users\Robert\AppData\Local\Apps\2.0
2014-12-09 22:52 - 2014-12-03 20:50 - 00830976 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2014-12-09 22:52 - 2014-12-03 20:50 - 00741376 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2014-12-09 22:52 - 2014-12-03 20:50 - 00413184 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-12-09 22:52 - 2014-12-03 20:50 - 00396800 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2014-12-09 22:52 - 2014-12-03 20:50 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-12-09 22:52 - 2014-12-03 20:50 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2014-12-09 22:52 - 2014-12-03 20:44 - 01083392 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-12-09 22:52 - 2014-12-01 17:28 - 01232040 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2014-12-09 22:52 - 2014-11-26 19:43 - 00389296 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-12-09 22:52 - 2014-11-26 19:10 - 00342200 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-12-09 22:52 - 2014-11-21 21:06 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-12-09 22:52 - 2014-11-21 21:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-12-09 22:52 - 2014-11-21 20:50 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-12-09 22:52 - 2014-11-21 20:49 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-12-09 22:52 - 2014-11-21 20:40 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-12-09 22:52 - 2014-11-21 20:35 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-12-09 22:52 - 2014-11-21 20:26 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-12-09 22:52 - 2014-11-21 20:22 - 19749376 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-12-09 22:52 - 2014-11-21 20:20 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-12-09 22:52 - 2014-11-21 20:14 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-12-09 22:52 - 2014-11-21 20:07 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-12-09 22:52 - 2014-11-21 20:06 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-12-09 22:52 - 2014-11-21 20:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-12-09 22:52 - 2014-11-21 20:01 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-12-09 22:52 - 2014-11-21 19:59 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-12-09 22:52 - 2014-11-21 19:58 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-12-09 22:52 - 2014-11-21 19:56 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-12-09 22:52 - 2014-11-21 19:55 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-12-09 22:52 - 2014-11-21 19:54 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-12-09 22:52 - 2014-11-21 19:49 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-12-09 22:52 - 2014-11-21 19:49 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-12-09 22:52 - 2014-11-21 19:45 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-12-09 22:52 - 2014-11-21 19:40 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-09 22:52 - 2014-11-21 19:35 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-12-09 22:52 - 2014-11-21 19:33 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-12-09 22:52 - 2014-11-21 19:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-12-09 22:52 - 2014-11-21 19:22 - 02052096 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-12-09 22:52 - 2014-11-21 19:15 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-12-09 22:52 - 2014-11-21 19:13 - 12836864 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-12-09 22:52 - 2014-11-21 19:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-12-09 22:52 - 2014-11-21 18:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-12-09 22:52 - 2014-11-21 18:54 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-12-09 22:52 - 2014-11-10 21:09 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-12-09 22:52 - 2014-11-10 20:44 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-12-09 22:52 - 2014-11-10 19:46 - 00119296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2014-12-09 22:51 - 2014-11-21 21:13 - 25059840 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-12-09 22:51 - 2014-11-21 20:50 - 00580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-12-09 22:51 - 2014-11-21 20:49 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-12-09 22:51 - 2014-11-21 20:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-12-09 22:51 - 2014-11-21 20:41 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-12-09 22:51 - 2014-11-21 20:37 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-12-09 22:51 - 2014-11-21 20:35 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-12-09 22:51 - 2014-11-21 20:34 - 06039552 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-12-09 22:51 - 2014-11-21 20:34 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-12-09 22:51 - 2014-11-21 20:22 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-12-09 22:51 - 2014-11-21 20:09 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-12-09 22:51 - 2014-11-21 20:08 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-12-09 22:51 - 2014-11-21 20:07 - 00501248 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-12-09 22:51 - 2014-11-21 20:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-12-09 22:51 - 2014-11-21 19:47 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-12-09 22:51 - 2014-11-21 19:46 - 02125312 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-12-09 22:51 - 2014-11-21 19:43 - 14412800 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-12-09 22:51 - 2014-11-21 19:36 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-12-09 22:51 - 2014-11-21 19:29 - 04299264 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-12-09 22:51 - 2014-11-21 19:28 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-12-09 22:51 - 2014-11-21 19:21 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-12-09 22:51 - 2014-11-21 19:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-12-09 22:47 - 2014-11-07 21:16 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-12-09 22:47 - 2014-11-07 20:45 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2014-12-09 22:47 - 2014-10-29 20:03 - 00165888 _____ (Microsoft Corporation) C:\windows\system32\charmap.exe
2014-12-09 22:47 - 2014-10-29 19:45 - 00155136 _____ (Microsoft Corporation) C:\windows\SysWOW64\charmap.exe
2014-12-09 22:47 - 2014-10-02 20:12 - 02020352 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
2014-12-09 22:47 - 2014-10-02 20:12 - 00346624 _____ (Microsoft Corporation) C:\windows\system32\WSManMigrationPlugin.dll
2014-12-09 22:47 - 2014-10-02 20:12 - 00310272 _____ (Microsoft Corporation) C:\windows\system32\WsmWmiPl.dll
2014-12-09 22:47 - 2014-10-02 20:12 - 00181248 _____ (Microsoft Corporation) C:\windows\system32\WsmAuto.dll
2014-12-09 22:47 - 2014-10-02 20:11 - 00266240 _____ (Microsoft Corporation) C:\windows\system32\WSManHTTPConfig.exe
2014-12-09 22:47 - 2014-10-02 19:45 - 01177088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2014-12-09 22:47 - 2014-10-02 19:45 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-09 22:47 - 2014-10-02 19:45 - 00214016 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmWmiPl.dll
2014-12-09 22:47 - 2014-10-02 19:45 - 00145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmAuto.dll
2014-12-09 22:47 - 2014-10-02 19:44 - 00198656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManHTTPConfig.exe
2014-12-03 21:51 - 2014-12-03 21:52 - 00000197 _____ () C:\windows\system32\2014-12-04-03-51-59.036-AvastVBoxSVC.exe-3240.log
2014-11-29 16:16 - 2014-11-29 16:16 - 00107997 _____ () C:\Users\Robert\Downloads\getimage.tif
2014-11-26 10:31 - 2014-11-26 10:31 - 00000247 _____ () C:\windows\system32\2014-11-26-16-31-29.057-aswFe.exe-1592.log
2014-11-26 10:24 - 2014-11-26 10:31 - 00000247 _____ () C:\windows\system32\2014-11-26-16-24-25.016-aswFe.exe-1448.log
2014-11-26 10:24 - 2014-11-26 10:24 - 00000197 _____ () C:\windows\system32\2014-11-26-16-24-17.087-AvastVBoxSVC.exe-3200.log
2014-11-26 09:20 - 2014-11-26 09:38 - 00000000 ____D () C:\windows\SysWOW64\vbox
2014-11-26 09:20 - 2014-11-26 09:38 - 00000000 ____D () C:\windows\system32\vbox
2014-11-26 09:09 - 2014-11-26 09:09 - 00364512 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-11-26 09:09 - 2014-11-26 09:09 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-11-26 09:09 - 2014-11-26 09:09 - 00001975 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-11-26 08:41 - 2014-11-26 08:41 - 02148864 _____ () C:\Users\Robert\Desktop\AdwCleaner.exe
2014-11-26 08:40 - 2014-11-26 08:41 - 02148864 _____ () C:\Users\Robert\Downloads\AdwCleaner.exe
2014-11-23 11:16 - 2014-11-15 20:16 - 01707532 _____ (Thisisu) C:\Users\Robert\Desktop\JRT_NEW.exe
2014-11-22 23:03 - 2014-11-22 23:03 - 00000000 ____D () C:\Users\Robert\AppData\Roaming\PFStaticIP
2014-11-22 23:01 - 2014-11-22 23:03 - 00000000 ____D () C:\Users\Robert\AppData\Roaming\PortForward.com
2014-11-22 23:01 - 2014-11-22 23:01 - 00000000 ____D () C:\Users\Robert\AppData\Local\Downloaded Installations
2014-11-22 23:00 - 2014-11-22 23:01 - 03611184 _____ (Portforward, LLC) C:\Users\Robert\Downloads\setup-network-utilities.exe
2014-11-18 17:00 - 2014-11-10 21:08 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-11-18 17:00 - 2014-11-10 21:08 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2014-11-18 17:00 - 2014-11-10 20:44 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-11-18 17:00 - 2014-11-10 20:44 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll
2014-11-15 10:36 - 2014-11-15 10:36 - 00000000 __SHD () C:\Users\Robert\AppData\Local\EmieBrowserModeList

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-13 04:41 - 2010-07-22 18:50 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-13 04:32 - 2009-07-13 23:13 - 00782744 _____ () C:\windows\system32\PerfStringBackup.INI
2014-12-13 04:31 - 2014-09-19 18:59 - 01489997 _____ () C:\windows\WindowsUpdate.log
2014-12-13 04:31 - 2009-07-13 22:51 - 00032995 _____ () C:\windows\setupact.log
2014-12-13 03:10 - 2014-09-19 17:42 - 00000000 ____D () C:\Users\Robert
2014-12-13 01:45 - 2009-07-13 22:45 - 00019248 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-13 01:45 - 2009-07-13 22:45 - 00019248 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-12 03:53 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\rescache
2014-12-12 03:13 - 2009-07-13 23:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-12-10 03:17 - 2010-07-22 19:15 - 00300268 _____ () C:\windows\PFRO.log
2014-12-10 03:14 - 2014-09-19 22:38 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-12-10 03:14 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-12-10 03:14 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\AppCompat
2014-12-10 03:06 - 2014-09-19 22:47 - 00000000 ____D () C:\windows\system32\MRT
2014-12-10 03:03 - 2014-09-19 22:47 - 112710672 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-12-09 23:53 - 2014-09-19 18:40 - 00000000 ____D () C:\Users\Robert\AppData\Local\Google
2014-12-09 23:53 - 2010-07-22 18:58 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-07 07:39 - 2014-09-19 18:52 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-11-26 09:09 - 2014-09-19 18:52 - 01050432 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2014-11-26 09:09 - 2014-09-19 18:52 - 00436624 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2014-11-26 09:09 - 2014-09-19 18:52 - 00267632 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-11-26 09:09 - 2014-09-19 18:52 - 00116728 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2014-11-26 09:09 - 2014-09-19 18:52 - 00093568 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-11-26 09:09 - 2014-09-19 18:52 - 00083280 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-11-26 09:09 - 2014-09-19 18:52 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-11-26 09:09 - 2014-09-19 18:52 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-11-26 08:44 - 2014-11-01 17:30 - 00000000 ____D () C:\AdwCleaner
2014-11-26 08:44 - 2014-10-23 12:54 - 00000000 ____D () C:\Users\Robert\AppData\Roaming\SoftGrid Client
2014-11-25 23:01 - 2009-07-14 01:44 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-11-18 04:02 - 2010-07-22 18:51 - 00000000 ____D () C:\Program Files (x86)\TOSHIBA
2014-11-18 04:02 - 2010-07-22 18:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2014-11-18 04:00 - 2014-09-19 19:23 - 00000000 ____D () C:\ProgramData\WildTangent
2014-11-18 04:00 - 2014-09-19 19:23 - 00000000 ____D () C:\Program Files (x86)\TOSHIBA Games
2014-11-18 04:00 - 2009-07-13 23:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-15 10:35 - 2014-11-09 05:03 - 00000000 ____D () C:\Program Files (x86)\Real
2014-11-15 10:34 - 2014-11-09 05:03 - 00000000 ____D () C:\Users\Robert\AppData\Roaming\Real
2014-11-15 10:34 - 2014-11-01 08:10 - 00000000 ____D () C:\ProgramData\Real

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-05 00:47

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-12-2014
Ran by Robert at 2014-12-13 04:53:08
Running from C:\Users\Robert\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.2.152.32 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.1.53.64 - Adobe Systems Incorporated)
Adobe Reader 9.3 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A93000000001}) (Version: 9.3.0 - Adobe Systems Incorporated)
ATI Catalyst Install Manager (HKLM\...\{BE3DFCA2-6F42-509D-555C-68A923314062}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
ccc-core-static (x32 Version: 2010.0315.1050.17562 - ATI) Hidden
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.349 - Corel Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.4.50 - Conexant Systems)
Java(TM) 6 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216017FF}) (Version: 6.0.170 - Sun Microsystems, Inc.)
Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Quickbooks Financial Center (HKLM-x32\...\{3B843B38-04B1-4CE6-8888-586273E0F289}) (Version: 2.02 - TOSHIBA Corporation)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.13.112.2010 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.5992 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6069 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0013 - REALTEK Semiconductor Corp.)
Skype Launcher (HKLM-x32\...\{DA84ECBF-4B79-47F2-B34C-95C38484C058}) (Version: 2.01 - TOSHIBA Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.2.0 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.1 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.11 - TOSHIBA CORPORATION)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.07.64 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.11.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.6C - TOSHIBA CORPORATION)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.22C - TOSHIBA CORPORATION)
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
Toshiba Laptop Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.3.198 - Symantec Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.3.64 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.8.0 - TOSHIBA CORPORATION)
Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.24 - Toshiba)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.6.0.64 - TOSHIBA Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 for x64 - TOSHIBA Corporation)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}) (Version: 1.6.06.64 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.9 - TOSHIBA)
TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.9C - TOSHIBA CORPORATION)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.3.64 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.15 - TOSHIBA Corporation)
ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.4 - Toshiba)
Utility Common Driver (x32 Version: 1.0.52.1C - TOSHIBA) Hidden
V.92 Modem On Hold (HKLM-x32\...\{154C378D-D990-42DF-BDFD-5225E2EE3D8C}) (Version: 2.5.70.0 - Avanquest software)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

11-11-2014 08:15:59 Windows Update
12-11-2014 09:00:20 Windows Update
18-11-2014 08:14:48 Windows Update
18-11-2014 10:02:07 Removed Toshiba Book Place
19-11-2014 09:00:19 Windows Update
25-11-2014 11:54:56 Windows Update
26-11-2014 14:52:07 avast! antivirus system restore point
02-12-2014 12:35:13 Windows Update
10-12-2014 04:46:59 Windows Update
10-12-2014 09:00:14 Windows Update
12-12-2014 09:00:14 Windows Update
13-12-2014 07:27:57 Installed LG United Mobile Driver
13-12-2014 09:20:54 Installed LG United Mobile Driver
13-12-2014 09:23:10 Installed LG United Mobile Driver
13-12-2014 09:35:26 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
13-12-2014 10:39:22 Removed LG United Mobile Driver

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {17D1D88F-1660-4D7D-9C82-1E5E42C5E24B} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2325119849-3864351640-63484205-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe
Task: {39352DBC-9E1B-4C9C-B341-927D82B9B388} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-09] (Google Inc.)
Task: {819A6B77-0D98-43EC-AB58-DCEBE49B02EC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-09] (Google Inc.)
Task: {825F046B-1320-422F-B5E3-90B50D65E145} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2325119849-3864351640-63484205-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe
Task: {9DE93276-10B6-461E-BF3F-E706109EB9CE} - System32\Tasks\{B692C068-DA7E-4E98-8D29-5DC6640BB6AD} => pcalua.exe -a C:\Users\Robert\Downloads\B2CAppSetup.exe -d C:\Users\Robert\Downloads
Task: {B88DEBC7-1E93-49BF-B9F6-35A8EF8DC2D4} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {D8526C79-1438-484F-B2C5-35E05C40AF42} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-26] (AVAST Software)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-11-26 09:08 - 2014-11-26 09:08 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-11-26 09:08 - 2014-11-26 09:08 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2010-03-03 15:15 - 2010-03-03 15:15 - 08762680 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2009-11-03 14:26 - 2009-11-03 14:26 - 00053560 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
2010-03-03 15:15 - 2010-03-03 15:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll
2010-03-03 15:15 - 2010-03-03 15:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll
2010-07-22 18:50 - 2009-06-22 16:40 - 00022328 _____ () C:\Program Files\TOSHIBA\Toshiba Assist\NotifyX.dll
2009-03-12 20:08 - 2009-03-12 20:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll
2009-07-25 18:38 - 2009-07-25 18:38 - 00017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2010-02-05 18:44 - 2010-02-05 18:44 - 00079192 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2009-10-13 11:00 - 2009-10-13 11:00 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-09-19 19:00 - 2014-09-19 19:00 - 00270336 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-12-09 23:53 - 2014-12-05 19:16 - 01408328 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-09 23:53 - 2014-12-05 19:16 - 00204616 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-09 23:53 - 2014-12-05 19:17 - 10689352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-09 23:53 - 2014-12-05 19:16 - 01856840 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-11 07:27 - 2014-12-11 07:27 - 02905600 _____ () C:\Program Files\AVAST Software\Avast\defs\14121100\algo.dll
2014-11-26 09:08 - 2014-11-26 09:08 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-12-13 03:15 - 2014-12-13 03:15 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14121300\algo.dll
2014-11-26 09:08 - 2014-11-26 09:09 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2325119849-3864351640-63484205-500 - Administrator - Disabled)
Guest (S-1-5-21-2325119849-3864351640-63484205-501 - Limited - Disabled)
Robert (S-1-5-21-2325119849-3864351640-63484205-1000 - Administrator - Enabled) => C:\Users\Robert

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/12/2014 03:14:08 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -1305.

Error: (12/11/2014 11:09:00 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (12/10/2014 06:37:57 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:
(no response)
Stack Trace:
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)

Error: (12/10/2014 06:27:57 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:
(no response)
Stack Trace:
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)

Error: (12/10/2014 06:17:57 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:
(no response)
Stack Trace:
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)

Error: (12/10/2014 06:07:57 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:
(no response)
Stack Trace:
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)

Error: (12/10/2014 05:57:57 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:
(no response)
Stack Trace:
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)

Error: (12/10/2014 05:47:57 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:
(no response)
Stack Trace:
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)

Error: (12/10/2014 05:37:57 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:
(no response)
Stack Trace:
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)

Error: (12/10/2014 05:27:57 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:
(no response)
Stack Trace:
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)


System errors:
=============
Error: (12/13/2014 04:25:25 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR22.

Error: (12/13/2014 04:03:48 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR18.

Error: (12/13/2014 04:03:48 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR18.

Error: (12/12/2014 03:13:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Common Client Job Manager Service service failed to start due to the following error:
%%2

Error: (12/12/2014 03:13:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Toshiba Laptop Checkup Application Launcher service failed to start due to the following error:
%%2

Error: (12/10/2014 03:20:30 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Defender service terminated with the following error:
%%-2147023113

Error: (12/10/2014 03:17:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Common Client Job Manager Service service failed to start due to the following error:
%%2

Error: (12/10/2014 03:17:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Toshiba Laptop Checkup Application Launcher service failed to start due to the following error:
%%2

Error: (12/08/2014 11:18:04 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.

Error: (12/08/2014 11:18:02 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.


Microsoft Office Sessions:
=========================
Error: (12/12/2014 03:14:08 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -1305

Error: (12/11/2014 11:09:00 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (12/10/2014 06:37:57 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:
(no response)
Stack Trace:
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)

Error: (12/10/2014 06:27:57 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:
(no response)
Stack Trace:
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)

Error: (12/10/2014 06:17:57 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:
(no response)
Stack Trace:
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)

Error: (12/10/2014 06:07:57 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:
(no response)
Stack Trace:
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)

Error: (12/10/2014 05:57:57 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:
(no response)
Stack Trace:
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)

Error: (12/10/2014 05:47:57 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:
(no response)
Stack Trace:
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)

Error: (12/10/2014 05:37:57 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:
(no response)
Stack Trace:
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)

Error: (12/10/2014 05:27:57 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:
(no response)
Stack Trace:
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)


==================== Memory info ===========================

Processor: AMD Turion(tm) II P540 Dual-Core Processor
Percentage of memory in use: 33%
Total physical RAM: 3835.68 MB
Available physical RAM: 2547.35 MB
Total Pagefile: 7669.55 MB
Available Pagefile: 5719.8 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (TI105955W0C) (Fixed) (Total:285.75 GB) (Free:192.15 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 085A7FD7)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=285.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=10.9 GB) - (Type=17)

==================== End Of Log ============================
rmrrar
Regular Member
 
Posts: 105
Joined: May 19th, 2013, 8:09 am

Re: I think I'm infected help please

Unread postby rmrrar » December 13th, 2014, 7:11 am

I was looking through the logs and noticed that it said these programs were installed and I didn't install them. rmrrar

13-12-2014 07:27:57 Installed LG United Mobile Driver
13-12-2014 09:20:54 Installed LG United Mobile Driver
13-12-2014 09:23:10 Installed LG United Mobile Driver
13-12-2014 09:35:26 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
13-12-2014 10:39:22 Removed LG United Mobile Driver
rmrrar
Regular Member
 
Posts: 105
Joined: May 19th, 2013, 8:09 am

Re: I think I'm infected help please

Unread postby nunped » December 13th, 2014, 7:56 am

Hi rmrrar,

I was looking through the logs and noticed that it said these programs were installed and I didn't install them. rmrrar

This probably was installed after connecting an LG phone to the computer. Does it seem correct?

Your logs look clean...
Please take some time to see if the problem arises again and take note if it does.
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: I think I'm infected help please

Unread postby rmrrar » December 13th, 2014, 11:04 pm

Hello, I guess it could have been caused by my phone. I went to get on my pc today, i leave it powered on but I log out of my profile when I am away from it. I went to log in and it went to a black screen. I had no icons at all on my display so I pressed ctrl alt del and it brought up task mgr. I had 55 process running but was unable to get my desktop to load. I restarted my pc and it displayed the waiting for programs to close and quickly shut down. It restarted with no problem tho. any idea what could be going on ?
rmrrar
Regular Member
 
Posts: 105
Joined: May 19th, 2013, 8:09 am

Re: I think I'm infected help please

Unread postby nunped » December 14th, 2014, 9:39 am

Hi rmrrar,

Let's run a couple of scans:
Step 1 - ESET online scannner
Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Note: If you are using Windows Vista or Windows 7, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

  • First please Disable any Antivirus you have active, as shown in This topic.
  • Note: Don't forget to re-enable it after the scan.
  • Next hold down Control then click on the following link to open a new window to ESET online scannner
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • When prompted allow the Add-On/Active X to install.
  • Click on Run ESET Online Scanner, then elect the option YES, I accept the Terms of Use, then click Start.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on Start.
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on Finish.
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

Step 2 - TDSSKiller

Please download TDSSKiller.exe and save it to your Desktop.
  • Double click on TDSSKiller.exe to launch it.
  • Click on Start Scan, the scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • DO NOT TRY TO FIX ANYTHING AT THIS POINT
  • Now click on Report to open the log file created by TDSSKiller in your root directory C:\
  • To find the log go to Start > Computer > C:
  • The log is like UtilityName.Version_Date_Time_log.txt. for example, C:\TDSSKiller.2.4.1.2_20.04.2010_15.31.43_log.txt.
  • Post the contents of that log in your next reply please.
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: I think I'm infected help please

Unread postby rmrrar » December 17th, 2014, 12:59 am

Sorry I had ran the eset online scanner and it froze up my pc I just now was able to get it to power up . Do you want me to run the tdsskiller still ?
rmrrar
Regular Member
 
Posts: 105
Joined: May 19th, 2013, 8:09 am

Re: I think I'm infected help please

Unread postby rmrrar » December 17th, 2014, 8:23 am

Here is the report from tdsskiller.

06:15:19.0966 0x1328 TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
06:15:33.0820 0x1328 ============================================================
06:15:33.0820 0x1328 Current date / time: 2014/12/17 06:15:33.0820
06:15:33.0820 0x1328 SystemInfo:
06:15:33.0820 0x1328
06:15:33.0820 0x1328 OS Version: 6.1.7601 ServicePack: 1.0
06:15:33.0820 0x1328 Product type: Workstation
06:15:33.0820 0x1328 ComputerName: ROBERT-PC
06:15:33.0820 0x1328 UserName: Robert
06:15:33.0820 0x1328 Windows directory: C:\windows
06:15:33.0820 0x1328 System windows directory: C:\windows
06:15:33.0820 0x1328 Running under WOW64
06:15:33.0820 0x1328 Processor architecture: Intel x64
06:15:33.0820 0x1328 Number of processors: 2
06:15:33.0820 0x1328 Page size: 0x1000
06:15:33.0820 0x1328 Boot type: Normal boot
06:15:33.0820 0x1328 ============================================================
06:15:36.0566 0x1328 KLMD registered as C:\windows\system32\drivers\48379293.sys
06:15:37.0299 0x1328 System UUID: {AD069046-8F6B-8D73-845D-B3D74330791D}
06:15:38.0703 0x1328 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
06:15:38.0719 0x1328 ============================================================
06:15:38.0719 0x1328 \Device\Harddisk0\DR0:
06:15:38.0734 0x1328 MBR partitions:
06:15:38.0734 0x1328 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x23B81000
06:15:38.0734 0x1328 ============================================================
06:15:38.0797 0x1328 C: <-> \Device\Harddisk0\DR0\Partition1
06:15:38.0797 0x1328 ============================================================
06:15:38.0797 0x1328 Initialize success
06:15:38.0797 0x1328 ============================================================
06:15:57.0987 0x0e68 ============================================================
06:15:57.0987 0x0e68 Scan started
06:15:57.0987 0x0e68 Mode: Manual;
06:15:57.0987 0x0e68 ============================================================
06:15:57.0987 0x0e68 KSN ping started
06:16:40.0594 0x0e68 KSN ping finished: true
06:16:41.0436 0x0e68 ================ Scan system memory ========================
06:16:41.0436 0x0e68 System memory - ok
06:16:41.0436 0x0e68 ================ Scan services =============================
06:16:41.0639 0x0e68 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
06:16:41.0654 0x0e68 1394ohci - ok
06:16:41.0732 0x0e68 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\windows\system32\drivers\ACPI.sys
06:16:41.0748 0x0e68 ACPI - ok
06:16:41.0810 0x0e68 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
06:16:41.0810 0x0e68 AcpiPmi - ok
06:16:41.0888 0x0e68 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
06:16:41.0920 0x0e68 adp94xx - ok
06:16:41.0998 0x0e68 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
06:16:42.0013 0x0e68 adpahci - ok
06:16:42.0076 0x0e68 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
06:16:42.0091 0x0e68 adpu320 - ok
06:16:42.0138 0x0e68 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
06:16:42.0138 0x0e68 AeLookupSvc - ok
06:16:42.0232 0x0e68 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\windows\system32\drivers\afd.sys
06:16:42.0263 0x0e68 AFD - ok
06:16:42.0389 0x0e68 [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem C:\windows\system32\DRIVERS\agrsm64.sys
06:16:42.0467 0x0e68 AgereSoftModem - ok
06:16:42.0529 0x0e68 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\windows\system32\drivers\agp440.sys
06:16:42.0545 0x0e68 agp440 - ok
06:16:42.0591 0x0e68 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\windows\System32\alg.exe
06:16:42.0607 0x0e68 ALG - ok
06:16:42.0638 0x0e68 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\windows\system32\drivers\aliide.sys
06:16:42.0638 0x0e68 aliide - ok
06:16:42.0701 0x0e68 [ 57B773D82E8CC3C6D7E02CC8A6632043, 8E3BEF76976E884E9E68BEC34963E4C6C0D523630D5FB1325B3A622B6369FF4E ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
06:16:42.0716 0x0e68 AMD External Events Utility - ok
06:16:42.0763 0x0e68 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\windows\system32\drivers\amdide.sys
06:16:42.0763 0x0e68 amdide - ok
06:16:42.0810 0x0e68 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
06:16:42.0810 0x0e68 AmdK8 - ok
06:16:43.0325 0x0e68 [ AEFAF27F1B7E52C705DF4FB6C96732F6, 83F8A4EB3B0EA02E4F6F648F93014A3BC10A25CB0557DE2D50A26F338B278165 ] amdkmdag C:\windows\system32\DRIVERS\atipmdag.sys
06:16:43.0808 0x0e68 amdkmdag - ok
06:16:43.0949 0x0e68 [ 8149DB73BE27950EC72767A1193153A6, 2EE3E241695C6EEE0C013E6E5DC2C0D71B0474032D138E9958E6A191C691B481 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
06:16:43.0949 0x0e68 amdkmdap - ok
06:16:43.0995 0x0e68 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
06:16:44.0011 0x0e68 AmdPPM - ok
06:16:44.0058 0x0e68 [ 53D8D46D51D390ABDB54ECA623165CB7, D16A3604412D0DC3EA68320FB6980D146ED60D587AAB6B65810C038AFF1EC237 ] amdsata C:\windows\system32\DRIVERS\amdsata.sys
06:16:44.0058 0x0e68 amdsata - ok
06:16:44.0105 0x0e68 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
06:16:44.0120 0x0e68 amdsbs - ok
06:16:44.0151 0x0e68 [ 75C51148154E34EB3D7BB84749A758D5, 8865F223CBAE166A9BF6CBCDA66F63369F151CCB449A28E95560C36AD45D0C85 ] amdxata C:\windows\system32\DRIVERS\amdxata.sys
06:16:44.0151 0x0e68 amdxata - ok
06:16:44.0167 0x0e68 Andbus - ok
06:16:44.0183 0x0e68 AndDiag - ok
06:16:44.0198 0x0e68 AndGps - ok
06:16:44.0214 0x0e68 ANDModem - ok
06:16:44.0229 0x0e68 androidusb - ok
06:16:44.0292 0x0e68 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\windows\system32\drivers\appid.sys
06:16:44.0292 0x0e68 AppID - ok
06:16:44.0339 0x0e68 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\windows\System32\appidsvc.dll
06:16:44.0339 0x0e68 AppIDSvc - ok
06:16:44.0401 0x0e68 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\windows\System32\appinfo.dll
06:16:44.0417 0x0e68 Appinfo - ok
06:16:44.0479 0x0e68 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\windows\system32\DRIVERS\arc.sys
06:16:44.0479 0x0e68 arc - ok
06:16:44.0495 0x0e68 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
06:16:44.0510 0x0e68 arcsas - ok
06:16:44.0651 0x0e68 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
06:16:44.0651 0x0e68 aspnet_state - ok
06:16:44.0697 0x0e68 [ 9BE9F2B83DE80E2752B1405CC427E2EC, 6015CA66553B3B882083B33F24FB338249A110D9769831C3D3D3C681AAFA9411 ] aswHwid C:\windows\system32\drivers\aswHwid.sys
06:16:44.0697 0x0e68 aswHwid - ok
06:16:44.0729 0x0e68 [ 2DA1C1AEDF454F8E32A863A1AEACDD8C, F02E4D197AE00B9A9507CF6007A7B7BEA54AF0F255B752FBA7174FA2596D1CA9 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
06:16:44.0744 0x0e68 aswMonFlt - ok
06:16:44.0775 0x0e68 [ 4750016EF9CC1DEC6DA3FE5AF9A7F095, C4CF46246D8A3FF9BD8D2FE899685654ADD45EB9B032F33804D0B8131882BC74 ] aswRdr C:\windows\system32\drivers\aswRdr2.sys
06:16:44.0791 0x0e68 aswRdr - ok
06:16:44.0838 0x0e68 [ 1323269A92645705DEFA053F3596829D, 83EC58E0577A1E45D1FCBC0C0AF182099FB70B9005B9F8161166EBB4E9F58F35 ] aswRvrt C:\windows\system32\drivers\aswRvrt.sys
06:16:44.0838 0x0e68 aswRvrt - ok
06:16:44.0947 0x0e68 [ E74FD717476B30E23F45354B8F3ACB30, 951D1655E1FA4CF0ACB29F2EEDDB3B42522D392F46DD826C63DCA8941E17ABA8 ] aswSnx C:\windows\system32\drivers\aswSnx.sys
06:16:45.0025 0x0e68 aswSnx - ok
06:16:45.0103 0x0e68 [ B1881A01E301990B671694CA1623F1B6, 5299C713EA7CF96F0550943DB37E963CDA09258F65C471CCEEAB44C4736B7A08 ] aswSP C:\windows\system32\drivers\aswSP.sys
06:16:45.0134 0x0e68 aswSP - ok
06:16:45.0181 0x0e68 [ 7509F07BA6F84C1E3B2C0D78A1F6F782, A90A36E8E23F58E430DE98B3623688DC09D34B62906EF7796DFC90F581FC385F ] aswStm C:\windows\system32\drivers\aswStm.sys
06:16:45.0181 0x0e68 aswStm - ok
06:16:45.0243 0x0e68 [ 1A5BDDE65B648DC3AD48B6ECAA3AE9C8, 858F674C3B775F9C8C782B7AFAC0B02AE9410C9F3B7F5B3AE1C4AD3BF6448C14 ] aswVmm C:\windows\system32\drivers\aswVmm.sys
06:16:45.0259 0x0e68 aswVmm - ok
06:16:45.0290 0x0e68 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
06:16:45.0290 0x0e68 AsyncMac - ok
06:16:45.0353 0x0e68 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\windows\system32\drivers\atapi.sys
06:16:45.0353 0x0e68 atapi - ok
06:16:45.0415 0x0e68 [ 7C5D273E29DCC5505469B299C6F29163, 206CAB85CE12A3953F0861C811575DC7FD000147436219EEE334584A33370B3A ] AtiPcie C:\windows\system32\DRIVERS\AtiPcie.sys
06:16:45.0415 0x0e68 AtiPcie - ok
06:16:45.0524 0x0e68 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
06:16:45.0571 0x0e68 AudioEndpointBuilder - ok
06:16:45.0618 0x0e68 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\windows\System32\Audiosrv.dll
06:16:45.0665 0x0e68 AudioSrv - ok
06:16:45.0805 0x0e68 [ E3F7EC811923F3F1A77B185F22638E5E, 324041256314C1471B5F123FA8DECC8F374A6B497A6419D4CAF61E68E1733265 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
06:16:45.0805 0x0e68 avast! Antivirus - ok
06:16:46.0226 0x0e68 [ 4F4EBF6163D3A02D52A66BBD145B0069, 179B2FD2671F6BB8D3F77B39001F546A0DEBE85BFF9782060AF1DC50DFA071EF ] AvastVBoxSvc C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
06:16:46.0554 0x0e68 AvastVBoxSvc - ok
06:16:46.0663 0x0e68 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\windows\System32\AxInstSV.dll
06:16:46.0679 0x0e68 AxInstSV - ok
06:16:46.0757 0x0e68 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
06:16:46.0788 0x0e68 b06bdrv - ok
06:16:46.0850 0x0e68 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
06:16:46.0866 0x0e68 b57nd60a - ok
06:16:46.0913 0x0e68 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\windows\System32\bdesvc.dll
06:16:46.0928 0x0e68 BDESVC - ok
06:16:46.0944 0x0e68 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\windows\system32\drivers\Beep.sys
06:16:46.0944 0x0e68 Beep - ok
06:16:47.0069 0x0e68 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\windows\System32\bfe.dll
06:16:47.0115 0x0e68 BFE - ok
06:16:47.0209 0x0e68 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\windows\System32\qmgr.dll
06:16:47.0271 0x0e68 BITS - ok
06:16:47.0334 0x0e68 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
06:16:47.0334 0x0e68 blbdrive - ok
06:16:47.0381 0x0e68 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\windows\system32\DRIVERS\bowser.sys
06:16:47.0381 0x0e68 bowser - ok
06:16:47.0427 0x0e68 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
06:16:47.0443 0x0e68 BrFiltLo - ok
06:16:47.0443 0x0e68 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
06:16:47.0443 0x0e68 BrFiltUp - ok
06:16:47.0505 0x0e68 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\windows\System32\browser.dll
06:16:47.0521 0x0e68 Browser - ok
06:16:47.0583 0x0e68 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\windows\System32\Drivers\Brserid.sys
06:16:47.0599 0x0e68 Brserid - ok
06:16:47.0630 0x0e68 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
06:16:47.0630 0x0e68 BrSerWdm - ok
06:16:47.0677 0x0e68 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
06:16:47.0677 0x0e68 BrUsbMdm - ok
06:16:47.0677 0x0e68 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
06:16:47.0677 0x0e68 BrUsbSer - ok
06:16:47.0693 0x0e68 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
06:16:47.0693 0x0e68 BTHMODEM - ok
06:16:47.0724 0x0e68 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\windows\system32\bthserv.dll
06:16:47.0724 0x0e68 bthserv - ok
06:16:47.0802 0x0e68 [ D1787E11C6A0078DDEAF8CF3EE2AB293, 15362A48EFF3DDD6C6D9B333CB7F5FE835B60A256B29467AD749DCFAC6C761D3 ] CAXHWAZL C:\windows\system32\DRIVERS\CAXHWAZL.sys
06:16:47.0817 0x0e68 CAXHWAZL - ok
06:16:47.0849 0x0e68 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
06:16:47.0849 0x0e68 cdfs - ok
06:16:47.0927 0x0e68 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\windows\system32\drivers\cdrom.sys
06:16:47.0942 0x0e68 cdrom - ok
06:16:47.0989 0x0e68 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\windows\System32\certprop.dll
06:16:48.0005 0x0e68 CertPropSvc - ok
06:16:48.0036 0x0e68 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\windows\system32\DRIVERS\circlass.sys
06:16:48.0051 0x0e68 circlass - ok
06:16:48.0114 0x0e68 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\windows\system32\CLFS.sys
06:16:48.0129 0x0e68 CLFS - ok
06:16:48.0223 0x0e68 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
06:16:48.0223 0x0e68 clr_optimization_v2.0.50727_32 - ok
06:16:48.0285 0x0e68 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
06:16:48.0285 0x0e68 clr_optimization_v2.0.50727_64 - ok
06:16:48.0395 0x0e68 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
06:16:48.0395 0x0e68 clr_optimization_v4.0.30319_32 - ok
06:16:48.0441 0x0e68 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
06:16:48.0441 0x0e68 clr_optimization_v4.0.30319_64 - ok
06:16:48.0504 0x0e68 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
06:16:48.0504 0x0e68 CmBatt - ok
06:16:48.0535 0x0e68 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\windows\system32\drivers\cmdide.sys
06:16:48.0535 0x0e68 cmdide - ok
06:16:48.0613 0x0e68 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\windows\system32\Drivers\cng.sys
06:16:48.0644 0x0e68 CNG - ok
06:16:48.0707 0x0e68 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
06:16:48.0707 0x0e68 Compbatt - ok
06:16:48.0753 0x0e68 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
06:16:48.0753 0x0e68 CompositeBus - ok
06:16:48.0769 0x0e68 COMSysApp - ok
06:16:48.0831 0x0e68 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
06:16:48.0831 0x0e68 crcdisk - ok
06:16:48.0894 0x0e68 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\windows\system32\cryptsvc.dll
06:16:48.0909 0x0e68 CryptSvc - ok
06:16:49.0065 0x0e68 [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
06:16:49.0112 0x0e68 cvhsvc - ok
06:16:49.0159 0x0e68 [ D06E443457FADC6B1AFAF3AA4B6936F6, 109B4D05E156604AFB3D63B380CC063B900AEB12F57A1D235B9F9399EE0909C7 ] dc3d C:\windows\system32\DRIVERS\dc3d.sys
06:16:49.0175 0x0e68 dc3d - ok
06:16:49.0268 0x0e68 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\windows\system32\rpcss.dll
06:16:49.0315 0x0e68 DcomLaunch - ok
06:16:49.0377 0x0e68 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\windows\System32\defragsvc.dll
06:16:49.0393 0x0e68 defragsvc - ok
06:16:49.0455 0x0e68 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\windows\system32\Drivers\dfsc.sys
06:16:49.0471 0x0e68 DfsC - ok
06:16:49.0533 0x0e68 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\windows\system32\dhcpcore.dll
06:16:49.0565 0x0e68 Dhcp - ok
06:16:49.0611 0x0e68 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\windows\system32\drivers\discache.sys
06:16:49.0611 0x0e68 discache - ok
06:16:49.0658 0x0e68 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\windows\system32\DRIVERS\disk.sys
06:16:49.0658 0x0e68 Disk - ok
06:16:49.0736 0x0e68 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\windows\System32\dnsrslvr.dll
06:16:49.0752 0x0e68 Dnscache - ok
06:16:49.0830 0x0e68 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\windows\System32\dot3svc.dll
06:16:49.0845 0x0e68 dot3svc - ok
06:16:49.0908 0x0e68 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\windows\system32\dps.dll
06:16:49.0908 0x0e68 DPS - ok
06:16:49.0986 0x0e68 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
06:16:50.0001 0x0e68 drmkaud - ok
06:16:50.0111 0x0e68 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
06:16:50.0189 0x0e68 DXGKrnl - ok
06:16:50.0235 0x0e68 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\windows\System32\eapsvc.dll
06:16:50.0251 0x0e68 EapHost - ok
06:16:50.0547 0x0e68 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
06:16:50.0797 0x0e68 ebdrv - ok
06:16:50.0844 0x0e68 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\windows\System32\lsass.exe
06:16:50.0859 0x0e68 EFS - ok
06:16:50.0969 0x0e68 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\windows\ehome\ehRecvr.exe
06:16:51.0031 0x0e68 ehRecvr - ok
06:16:51.0078 0x0e68 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\windows\ehome\ehsched.exe
06:16:51.0093 0x0e68 ehSched - ok
06:16:51.0187 0x0e68 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
06:16:51.0234 0x0e68 elxstor - ok
06:16:51.0265 0x0e68 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\windows\system32\drivers\errdev.sys
06:16:51.0265 0x0e68 ErrDev - ok
06:16:51.0359 0x0e68 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\windows\system32\es.dll
06:16:51.0390 0x0e68 EventSystem - ok
06:16:51.0452 0x0e68 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\windows\system32\drivers\exfat.sys
06:16:51.0452 0x0e68 exfat - ok
06:16:51.0499 0x0e68 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\windows\system32\drivers\fastfat.sys
06:16:51.0515 0x0e68 fastfat - ok
06:16:51.0624 0x0e68 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\windows\system32\fxssvc.exe
06:16:51.0671 0x0e68 Fax - ok
06:16:51.0702 0x0e68 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\windows\system32\DRIVERS\fdc.sys
06:16:51.0717 0x0e68 fdc - ok
06:16:51.0749 0x0e68 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\windows\system32\fdPHost.dll
06:16:51.0749 0x0e68 fdPHost - ok
06:16:51.0764 0x0e68 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\windows\system32\fdrespub.dll
06:16:51.0780 0x0e68 FDResPub - ok
06:16:51.0795 0x0e68 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\windows\system32\drivers\fileinfo.sys
06:16:51.0811 0x0e68 FileInfo - ok
06:16:51.0811 0x0e68 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\windows\system32\drivers\filetrace.sys
06:16:51.0827 0x0e68 Filetrace - ok
06:16:51.0861 0x0e68 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
06:16:51.0861 0x0e68 flpydisk - ok
06:16:51.0923 0x0e68 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
06:16:51.0954 0x0e68 FltMgr - ok
06:16:52.0095 0x0e68 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\windows\system32\FntCache.dll
06:16:52.0173 0x0e68 FontCache - ok
06:16:52.0238 0x0e68 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
06:16:52.0254 0x0e68 FontCache3.0.0.0 - ok
06:16:52.0285 0x0e68 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\windows\system32\drivers\FsDepends.sys
06:16:52.0301 0x0e68 FsDepends - ok
06:16:52.0347 0x0e68 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
06:16:52.0347 0x0e68 Fs_Rec - ok
06:16:52.0410 0x0e68 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
06:16:52.0425 0x0e68 fvevol - ok
06:16:52.0472 0x0e68 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
06:16:52.0488 0x0e68 gagp30kx - ok
06:16:52.0581 0x0e68 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\windows\System32\gpsvc.dll
06:16:52.0628 0x0e68 gpsvc - ok
06:16:52.0737 0x0e68 [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
06:16:52.0737 0x0e68 gupdate - ok
06:16:52.0753 0x0e68 [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
06:16:52.0769 0x0e68 gupdatem - ok
06:16:52.0800 0x0e68 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
06:16:52.0800 0x0e68 hcw85cir - ok
06:16:52.0893 0x0e68 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
06:16:52.0925 0x0e68 HdAudAddService - ok
06:16:52.0956 0x0e68 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
06:16:52.0971 0x0e68 HDAudBus - ok
06:16:53.0003 0x0e68 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
06:16:53.0003 0x0e68 HidBatt - ok
06:16:53.0034 0x0e68 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
06:16:53.0034 0x0e68 HidBth - ok
06:16:53.0049 0x0e68 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\windows\system32\DRIVERS\hidir.sys
06:16:53.0049 0x0e68 HidIr - ok
06:16:53.0096 0x0e68 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\windows\system32\hidserv.dll
06:16:53.0096 0x0e68 hidserv - ok
06:16:53.0143 0x0e68 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
06:16:53.0143 0x0e68 HidUsb - ok
06:16:53.0205 0x0e68 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\windows\system32\kmsvc.dll
06:16:53.0221 0x0e68 hkmsvc - ok
06:16:53.0283 0x0e68 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
06:16:53.0299 0x0e68 HomeGroupListener - ok
06:16:53.0361 0x0e68 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
06:16:53.0393 0x0e68 HomeGroupProvider - ok
06:16:53.0439 0x0e68 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
06:16:53.0439 0x0e68 HpSAMD - ok
06:16:53.0580 0x0e68 [ 447256D1C026654C5CD3CC17E7B20631, F89589AC17BC50483E6687963370937E6CD19D6030F30D70577A7DA266116919 ] HsfXAudioService C:\windows\SysWOW64\XAudio64.dll
06:16:53.0611 0x0e68 HsfXAudioService - ok
06:16:53.0767 0x0e68 [ 26C5D00321937E49B6BC91029947D094, 610BBA49EAB5926FBC4B7990A64A8C3E5B7634CB25A39FC4D9104DD60FA3451A ] HSF_DPV C:\windows\system32\DRIVERS\CAX_DPV.sys
06:16:53.0861 0x0e68 HSF_DPV - ok
06:16:53.0970 0x0e68 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\windows\system32\drivers\HTTP.sys
06:16:54.0032 0x0e68 HTTP - ok
06:16:54.0079 0x0e68 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
06:16:54.0079 0x0e68 hwpolicy - ok
06:16:54.0126 0x0e68 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\windows\system32\drivers\i8042prt.sys
06:16:54.0141 0x0e68 i8042prt - ok
06:16:54.0219 0x0e68 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
06:16:54.0251 0x0e68 iaStorV - ok
06:16:54.0375 0x0e68 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
06:16:54.0438 0x0e68 idsvc - ok
06:16:54.0485 0x0e68 IEEtwCollectorService - ok
06:16:54.0531 0x0e68 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
06:16:54.0531 0x0e68 iirsp - ok
06:16:54.0656 0x0e68 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\windows\System32\ikeext.dll
06:16:54.0687 0x0e68 IKEEXT - ok
06:16:54.0859 0x0e68 [ 490947A9AFF7CA31EF2E08F5776105EB, C817D60DBA6B276AD4EF2E0FDF5547F152294AFEF6264C28B8F4DC20B3A85515 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
06:16:54.0937 0x0e68 IntcAzAudAddService - ok
06:16:54.0984 0x0e68 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\windows\system32\drivers\intelide.sys
06:16:54.0984 0x0e68 intelide - ok
06:16:55.0031 0x0e68 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
06:16:55.0031 0x0e68 intelppm - ok
06:16:55.0077 0x0e68 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\windows\system32\ipbusenum.dll
06:16:55.0077 0x0e68 IPBusEnum - ok
06:16:55.0140 0x0e68 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
06:16:55.0140 0x0e68 IpFilterDriver - ok
06:16:55.0218 0x0e68 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\windows\System32\iphlpsvc.dll
06:16:55.0265 0x0e68 iphlpsvc - ok
06:16:55.0311 0x0e68 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
06:16:55.0311 0x0e68 IPMIDRV - ok
06:16:55.0358 0x0e68 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\windows\system32\drivers\ipnat.sys
06:16:55.0374 0x0e68 IPNAT - ok
06:16:55.0421 0x0e68 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\windows\system32\drivers\irenum.sys
06:16:55.0421 0x0e68 IRENUM - ok
06:16:55.0467 0x0e68 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\windows\system32\drivers\isapnp.sys
06:16:55.0467 0x0e68 isapnp - ok
06:16:55.0530 0x0e68 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
06:16:55.0545 0x0e68 iScsiPrt - ok
06:16:55.0592 0x0e68 [ 213822072085B5BBAD9AF30AB577D817, 2C373B804D840933EC3A5F3ABFC43E47C2636CDB2431AB51846C565077B7C468 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
06:16:55.0608 0x0e68 IviRegMgr - ok
06:16:55.0639 0x0e68 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
06:16:55.0639 0x0e68 kbdclass - ok
06:16:55.0701 0x0e68 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
06:16:55.0701 0x0e68 kbdhid - ok
06:16:55.0733 0x0e68 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\windows\system32\lsass.exe
06:16:55.0733 0x0e68 KeyIso - ok
06:16:55.0748 0x0e68 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
06:16:55.0764 0x0e68 KSecDD - ok
06:16:55.0811 0x0e68 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
06:16:55.0826 0x0e68 KSecPkg - ok
06:16:55.0873 0x0e68 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\windows\system32\drivers\ksthunk.sys
06:16:55.0873 0x0e68 ksthunk - ok
06:16:55.0935 0x0e68 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\windows\system32\msdtckrm.dll
06:16:55.0967 0x0e68 KtmRm - ok
06:16:56.0045 0x0e68 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\windows\system32\srvsvc.dll
06:16:56.0060 0x0e68 LanmanServer - ok
06:16:56.0107 0x0e68 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
06:16:56.0123 0x0e68 LanmanWorkstation - ok
06:16:56.0185 0x0e68 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
06:16:56.0185 0x0e68 lltdio - ok
06:16:56.0247 0x0e68 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\windows\System32\lltdsvc.dll
06:16:56.0279 0x0e68 lltdsvc - ok
06:16:56.0294 0x0e68 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\windows\System32\lmhsvc.dll
06:16:56.0310 0x0e68 lmhosts - ok
06:16:56.0357 0x0e68 [ 41E122F6D1448C94CC05196BC41D6BFB, DC027B897A14359669C6C93CCC7FCEEA2FDCEE281489589DDAEE008FAD0B15E2 ] LPCFilter C:\windows\system32\DRIVERS\LPCFilter.sys
06:16:56.0357 0x0e68 LPCFilter - ok
06:16:56.0419 0x0e68 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
06:16:56.0435 0x0e68 LSI_FC - ok
06:16:56.0450 0x0e68 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
06:16:56.0466 0x0e68 LSI_SAS - ok
06:16:56.0481 0x0e68 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
06:16:56.0481 0x0e68 LSI_SAS2 - ok
06:16:56.0513 0x0e68 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
06:16:56.0528 0x0e68 LSI_SCSI - ok
06:16:56.0575 0x0e68 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\windows\system32\drivers\luafv.sys
06:16:56.0575 0x0e68 luafv - ok
06:16:56.0653 0x0e68 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
06:16:56.0669 0x0e68 Mcx2Svc - ok
06:16:56.0684 0x0e68 [ E4F44EC214B3E381E1FC844A02926666, 6EE8C87EFCEFFBEA08B9B9DA036B37564542EE4D31942115CDBF895295DD5FE2 ] mdmxsdk C:\windows\system32\DRIVERS\mdmxsdk.sys
06:16:56.0700 0x0e68 mdmxsdk - ok
06:16:56.0715 0x0e68 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\windows\system32\DRIVERS\megasas.sys
06:16:56.0731 0x0e68 megasas - ok
06:16:56.0778 0x0e68 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
06:16:56.0793 0x0e68 MegaSR - ok
06:16:56.0840 0x0e68 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\windows\system32\mmcss.dll
06:16:56.0856 0x0e68 MMCSS - ok
06:16:56.0871 0x0e68 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\windows\system32\drivers\modem.sys
06:16:56.0871 0x0e68 Modem - ok
06:16:56.0903 0x0e68 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\windows\system32\DRIVERS\monitor.sys
06:16:56.0918 0x0e68 monitor - ok
06:16:56.0949 0x0e68 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
06:16:56.0965 0x0e68 mouclass - ok
06:16:57.0012 0x0e68 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
06:16:57.0012 0x0e68 mouhid - ok
06:16:57.0059 0x0e68 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
06:16:57.0074 0x0e68 mountmgr - ok
06:16:57.0137 0x0e68 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\windows\system32\drivers\mpio.sys
06:16:57.0152 0x0e68 mpio - ok
06:16:57.0230 0x0e68 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
06:16:57.0230 0x0e68 mpsdrv - ok
06:16:57.0339 0x0e68 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\windows\system32\mpssvc.dll
06:16:57.0402 0x0e68 MpsSvc - ok
06:16:57.0464 0x0e68 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
06:16:57.0464 0x0e68 MRxDAV - ok
06:16:57.0542 0x0e68 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
06:16:57.0558 0x0e68 mrxsmb - ok
06:16:57.0605 0x0e68 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
06:16:57.0620 0x0e68 mrxsmb10 - ok
06:16:57.0667 0x0e68 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
06:16:57.0667 0x0e68 mrxsmb20 - ok
06:16:57.0714 0x0e68 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\windows\system32\drivers\msahci.sys
06:16:57.0729 0x0e68 msahci - ok
06:16:57.0745 0x0e68 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\windows\system32\drivers\msdsm.sys
06:16:57.0761 0x0e68 msdsm - ok
06:16:57.0792 0x0e68 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\windows\System32\msdtc.exe
06:16:57.0823 0x0e68 MSDTC - ok
06:16:57.0854 0x0e68 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\windows\system32\drivers\Msfs.sys
06:16:57.0870 0x0e68 Msfs - ok
06:16:57.0885 0x0e68 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
06:16:57.0901 0x0e68 mshidkmdf - ok
06:16:57.0948 0x0e68 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
06:16:57.0948 0x0e68 msisadrv - ok
06:16:57.0995 0x0e68 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\windows\system32\iscsiexe.dll
06:16:58.0010 0x0e68 MSiSCSI - ok
06:16:58.0026 0x0e68 msiserver - ok
06:16:58.0088 0x0e68 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
06:16:58.0088 0x0e68 MSKSSRV - ok
06:16:58.0104 0x0e68 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
06:16:58.0104 0x0e68 MSPCLOCK - ok
06:16:58.0119 0x0e68 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\windows\system32\drivers\MSPQM.sys
06:16:58.0119 0x0e68 MSPQM - ok
06:16:58.0182 0x0e68 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
06:16:58.0213 0x0e68 MsRPC - ok
06:16:58.0260 0x0e68 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
06:16:58.0275 0x0e68 mssmbios - ok
06:16:58.0307 0x0e68 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\windows\system32\drivers\MSTEE.sys
06:16:58.0307 0x0e68 MSTEE - ok
06:16:58.0338 0x0e68 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
06:16:58.0338 0x0e68 MTConfig - ok
06:16:58.0369 0x0e68 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\windows\system32\Drivers\mup.sys
06:16:58.0385 0x0e68 Mup - ok
06:16:58.0463 0x0e68 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\windows\system32\qagentRT.dll
06:16:58.0494 0x0e68 napagent - ok
06:16:58.0556 0x0e68 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
06:16:58.0587 0x0e68 NativeWifiP - ok
06:16:58.0697 0x0e68 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\windows\system32\drivers\ndis.sys
06:16:58.0775 0x0e68 NDIS - ok
06:16:58.0821 0x0e68 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
06:16:58.0821 0x0e68 NdisCap - ok
06:16:58.0868 0x0e68 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
06:16:58.0868 0x0e68 NdisTapi - ok
06:16:58.0915 0x0e68 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
06:16:58.0931 0x0e68 Ndisuio - ok
06:16:58.0977 0x0e68 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
06:16:58.0993 0x0e68 NdisWan - ok
06:16:59.0040 0x0e68 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
06:16:59.0040 0x0e68 NDProxy - ok
06:16:59.0087 0x0e68 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
06:16:59.0087 0x0e68 NetBIOS - ok
06:16:59.0149 0x0e68 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
06:16:59.0165 0x0e68 NetBT - ok
06:16:59.0196 0x0e68 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\windows\system32\lsass.exe
06:16:59.0196 0x0e68 Netlogon - ok
06:16:59.0274 0x0e68 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\windows\System32\netman.dll
06:16:59.0305 0x0e68 Netman - ok
06:16:59.0399 0x0e68 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:16:59.0399 0x0e68 NetMsmqActivator - ok
06:16:59.0414 0x0e68 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:16:59.0430 0x0e68 NetPipeActivator - ok
06:16:59.0508 0x0e68 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\windows\System32\netprofm.dll
06:16:59.0555 0x0e68 netprofm - ok
06:16:59.0586 0x0e68 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:16:59.0601 0x0e68 NetTcpActivator - ok
06:16:59.0617 0x0e68 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:16:59.0633 0x0e68 NetTcpPortSharing - ok
06:16:59.0679 0x0e68 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
06:16:59.0679 0x0e68 nfrd960 - ok
06:16:59.0726 0x0e68 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\windows\System32\nlasvc.dll
06:16:59.0757 0x0e68 NlaSvc - ok
06:16:59.0789 0x0e68 Norton PC Checkup Application Launcher - ok
06:16:59.0835 0x0e68 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\windows\system32\drivers\Npfs.sys
06:16:59.0851 0x0e68 Npfs - ok
06:16:59.0882 0x0e68 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\windows\system32\nsisvc.dll
06:16:59.0882 0x0e68 nsi - ok
06:16:59.0913 0x0e68 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
06:16:59.0913 0x0e68 nsiproxy - ok
06:17:00.0085 0x0e68 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
06:17:00.0194 0x0e68 Ntfs - ok
06:17:00.0241 0x0e68 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\windows\system32\drivers\Null.sys
06:17:00.0241 0x0e68 Null - ok
06:17:00.0303 0x0e68 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\windows\system32\drivers\nvraid.sys
06:17:00.0319 0x0e68 nvraid - ok
06:17:00.0366 0x0e68 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\windows\system32\drivers\nvstor.sys
06:17:00.0366 0x0e68 nvstor - ok
06:17:00.0444 0x0e68 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\windows\system32\drivers\nv_agp.sys
06:17:00.0444 0x0e68 nv_agp - ok
06:17:00.0491 0x0e68 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
06:17:00.0506 0x0e68 ohci1394 - ok
06:17:00.0553 0x0e68 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
06:17:00.0569 0x0e68 ose - ok
06:17:01.0021 0x0e68 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
06:17:01.0442 0x0e68 osppsvc - ok
06:17:01.0567 0x0e68 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
06:17:01.0598 0x0e68 p2pimsvc - ok
06:17:01.0661 0x0e68 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\windows\system32\p2psvc.dll
06:17:01.0692 0x0e68 p2psvc - ok
06:17:01.0754 0x0e68 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\windows\system32\DRIVERS\parport.sys
06:17:01.0754 0x0e68 Parport - ok
06:17:01.0801 0x0e68 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\windows\system32\drivers\partmgr.sys
06:17:01.0817 0x0e68 partmgr - ok
06:17:01.0863 0x0e68 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\windows\System32\pcasvc.dll
06:17:01.0879 0x0e68 PcaSvc - ok
06:17:01.0895 0x0e68 PCCUJobMgr - ok
06:17:01.0957 0x0e68 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\windows\system32\drivers\pci.sys
06:17:01.0957 0x0e68 pci - ok
06:17:02.0019 0x0e68 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\windows\system32\drivers\pciide.sys
06:17:02.0019 0x0e68 pciide - ok
06:17:02.0066 0x0e68 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
06:17:02.0082 0x0e68 pcmcia - ok
06:17:02.0129 0x0e68 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\windows\system32\drivers\pcw.sys
06:17:02.0129 0x0e68 pcw - ok
06:17:02.0207 0x0e68 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\windows\system32\drivers\peauth.sys
06:17:02.0253 0x0e68 PEAUTH - ok
06:17:02.0300 0x0e68 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\windows\SysWow64\perfhost.exe
06:17:02.0300 0x0e68 PerfHost - ok
06:17:02.0363 0x0e68 [ 663962900E7FEA522126BA287715BB4A, 95CE12CA11E705C293BE4E18845581037D819A7EC812349BCAF4EABC8E7087B1 ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
06:17:02.0363 0x0e68 PGEffect - ok
06:17:02.0503 0x0e68 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\windows\system32\pla.dll
06:17:02.0612 0x0e68 pla - ok
06:17:02.0690 0x0e68 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\windows\system32\umpnpmgr.dll
06:17:02.0721 0x0e68 PlugPlay - ok
06:17:02.0737 0x0e68 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
06:17:02.0753 0x0e68 PNRPAutoReg - ok
06:17:02.0799 0x0e68 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
06:17:02.0831 0x0e68 PNRPsvc - ok
06:17:02.0924 0x0e68 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
06:17:02.0955 0x0e68 PolicyAgent - ok
06:17:03.0018 0x0e68 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\windows\system32\umpo.dll
06:17:03.0033 0x0e68 Power - ok
06:17:03.0080 0x0e68 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
06:17:03.0096 0x0e68 PptpMiniport - ok
06:17:03.0143 0x0e68 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\windows\system32\DRIVERS\processr.sys
06:17:03.0143 0x0e68 Processor - ok
06:17:03.0205 0x0e68 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\windows\system32\profsvc.dll
06:17:03.0236 0x0e68 ProfSvc - ok
06:17:03.0252 0x0e68 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\windows\system32\lsass.exe
06:17:03.0252 0x0e68 ProtectedStorage - ok
06:17:03.0314 0x0e68 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\windows\system32\DRIVERS\pacer.sys
06:17:03.0330 0x0e68 Psched - ok
06:17:03.0377 0x0e68 [ A6A7AD767BF5141665F5C675F671B3E1, 11D43F732C3B82679E53516F83E675B60B0EFEDE3F4EE3C42AC752AD8D5155AF ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
06:17:03.0392 0x0e68 PSI_SVC_2 - ok
06:17:03.0548 0x0e68 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
06:17:03.0642 0x0e68 ql2300 - ok
06:17:03.0704 0x0e68 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
06:17:03.0704 0x0e68 ql40xx - ok
06:17:03.0767 0x0e68 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\windows\system32\qwave.dll
06:17:03.0798 0x0e68 QWAVE - ok
06:17:03.0813 0x0e68 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
06:17:03.0829 0x0e68 QWAVEdrv - ok
06:17:03.0845 0x0e68 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
06:17:03.0845 0x0e68 RasAcd - ok
06:17:03.0907 0x0e68 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
06:17:03.0907 0x0e68 RasAgileVpn - ok
06:17:03.0969 0x0e68 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\windows\System32\rasauto.dll
06:17:03.0985 0x0e68 RasAuto - ok
06:17:04.0047 0x0e68 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
06:17:04.0063 0x0e68 Rasl2tp - ok
06:17:04.0125 0x0e68 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\windows\System32\rasmans.dll
06:17:04.0157 0x0e68 RasMan - ok
06:17:04.0203 0x0e68 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
06:17:04.0219 0x0e68 RasPppoe - ok
06:17:04.0250 0x0e68 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
06:17:04.0250 0x0e68 RasSstp - ok
06:17:04.0313 0x0e68 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
06:17:04.0344 0x0e68 rdbss - ok
06:17:04.0375 0x0e68 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
06:17:04.0375 0x0e68 rdpbus - ok
06:17:04.0406 0x0e68 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
06:17:04.0406 0x0e68 RDPCDD - ok
06:17:04.0453 0x0e68 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
06:17:04.0453 0x0e68 RDPENCDD - ok
06:17:04.0484 0x0e68 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
06:17:04.0484 0x0e68 RDPREFMP - ok
06:17:04.0547 0x0e68 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\windows\system32\drivers\RDPWD.sys
06:17:04.0562 0x0e68 RDPWD - ok
06:17:04.0625 0x0e68 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\windows\system32\drivers\rdyboost.sys
06:17:04.0640 0x0e68 rdyboost - ok
06:17:04.0687 0x0e68 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6, A0E808EA9A58FC99D694A9EBF1F7248B79CAA44D9E6E30A07CDEDBC72A8F3610 ] regi C:\windows\system32\drivers\regi.sys
06:17:04.0703 0x0e68 regi - ok
06:17:04.0734 0x0e68 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\windows\System32\mprdim.dll
06:17:04.0749 0x0e68 RemoteAccess - ok
06:17:04.0796 0x0e68 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\windows\system32\regsvc.dll
06:17:04.0812 0x0e68 RemoteRegistry - ok
06:17:04.0843 0x0e68 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
06:17:04.0859 0x0e68 RpcEptMapper - ok
06:17:04.0905 0x0e68 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\windows\system32\locator.exe
06:17:04.0905 0x0e68 RpcLocator - ok
06:17:04.0999 0x0e68 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\windows\system32\rpcss.dll
06:17:05.0030 0x0e68 RpcSs - ok
06:17:05.0093 0x0e68 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
06:17:05.0093 0x0e68 rspndr - ok
06:17:05.0139 0x0e68 [ 907C4464381B5EBDFDC60F6C7D0DEDFC, A39EB4C0858A3CA2D8AFE6D52809EC41795FD7A2F3F157D9CBCCB84BE7958A89 ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
06:17:05.0155 0x0e68 RSUSBSTOR - ok
06:17:05.0217 0x0e68 [ 4E821C740A675F6D040BE41D59A62B1D, F09A0247DD21580AEE268FB88371D581B6383FC354B5FBBD147E5338BF7681A4 ] RTHDMIAzAudService C:\windows\system32\drivers\RtHDMIVX.sys
06:17:05.0217 0x0e68 RTHDMIAzAudService - ok
06:17:05.0311 0x0e68 [ FD978B2BF8A9B2390DCBEF435E9C1F9F, 52CFFE354006CCF087D3651D9D2AF201FD8A8FE8FB7D9CAAC8A527E91838ACE6 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
06:17:05.0327 0x0e68 RTL8167 - ok
06:17:05.0436 0x0e68 [ FFC748D848740D1BC8F330A8879C2674, 1D6DF95585D742329FF32E45E9A53EF80DE8E17F46BF12408638CCFC1576EB90 ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
06:17:05.0514 0x0e68 RTL8192Ce - ok
06:17:05.0529 0x0e68 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\windows\system32\lsass.exe
06:17:05.0529 0x0e68 SamSs - ok
06:17:05.0592 0x0e68 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
06:17:05.0592 0x0e68 sbp2port - ok
06:17:05.0639 0x0e68 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\windows\System32\SCardSvr.dll
06:17:05.0670 0x0e68 SCardSvr - ok
06:17:05.0717 0x0e68 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
06:17:05.0717 0x0e68 scfilter - ok
06:17:05.0841 0x0e68 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\windows\system32\schedsvc.dll
06:17:05.0935 0x0e68 Schedule - ok
06:17:05.0982 0x0e68 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\windows\System32\certprop.dll
06:17:05.0997 0x0e68 SCPolicySvc - ok
06:17:06.0013 0x0e68 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\windows\System32\SDRSVC.dll
06:17:06.0029 0x0e68 SDRSVC - ok
06:17:06.0075 0x0e68 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys
06:17:06.0075 0x0e68 secdrv - ok
06:17:06.0122 0x0e68 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\windows\system32\seclogon.dll
06:17:06.0138 0x0e68 seclogon - ok
06:17:06.0169 0x0e68 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\windows\System32\sens.dll
06:17:06.0185 0x0e68 SENS - ok
06:17:06.0216 0x0e68 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\windows\system32\sensrsvc.dll
06:17:06.0231 0x0e68 SensrSvc - ok
06:17:06.0247 0x0e68 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
06:17:06.0247 0x0e68 Serenum - ok
06:17:06.0309 0x0e68 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\windows\system32\DRIVERS\serial.sys
06:17:06.0309 0x0e68 Serial - ok
06:17:06.0372 0x0e68 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
06:17:06.0372 0x0e68 sermouse - ok
06:17:06.0434 0x0e68 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\windows\system32\sessenv.dll
06:17:06.0450 0x0e68 SessionEnv - ok
06:17:06.0481 0x0e68 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\windows\system32\drivers\sffdisk.sys
06:17:06.0497 0x0e68 sffdisk - ok
06:17:06.0512 0x0e68 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
06:17:06.0512 0x0e68 sffp_mmc - ok
06:17:06.0528 0x0e68 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
06:17:06.0543 0x0e68 sffp_sd - ok
06:17:06.0575 0x0e68 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
06:17:06.0575 0x0e68 sfloppy - ok
06:17:06.0684 0x0e68 [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
06:17:06.0731 0x0e68 Sftfs - ok
06:17:06.0855 0x0e68 [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
06:17:06.0887 0x0e68 sftlist - ok
06:17:06.0933 0x0e68 [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
06:17:06.0949 0x0e68 Sftplay - ok
06:17:06.0980 0x0e68 [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
06:17:06.0980 0x0e68 Sftredir - ok
06:17:07.0011 0x0e68 [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
06:17:07.0027 0x0e68 Sftvol - ok
06:17:07.0058 0x0e68 [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
06:17:07.0074 0x0e68 sftvsa - ok
06:17:07.0136 0x0e68 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\windows\System32\ipnathlp.dll
06:17:07.0152 0x0e68 SharedAccess - ok
06:17:07.0230 0x0e68 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
06:17:07.0277 0x0e68 ShellHWDetection - ok
06:17:07.0323 0x0e68 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
06:17:07.0323 0x0e68 SiSRaid2 - ok
06:17:07.0339 0x0e68 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
06:17:07.0355 0x0e68 SiSRaid4 - ok
06:17:07.0401 0x0e68 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\windows\system32\DRIVERS\smb.sys
06:17:07.0401 0x0e68 Smb - ok
06:17:07.0479 0x0e68 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\windows\System32\snmptrap.exe
06:17:07.0495 0x0e68 SNMPTRAP - ok
06:17:07.0542 0x0e68 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\windows\system32\drivers\spldr.sys
06:17:07.0542 0x0e68 spldr - ok
06:17:07.0620 0x0e68 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\windows\System32\spoolsv.exe
06:17:07.0667 0x0e68 Spooler - ok
06:17:07.0979 0x0e68 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\windows\system32\sppsvc.exe
06:17:08.0213 0x0e68 sppsvc - ok
06:17:08.0291 0x0e68 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\windows\system32\sppuinotify.dll
06:17:08.0306 0x0e68 sppuinotify - ok
06:17:08.0369 0x0e68 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\windows\system32\DRIVERS\srv.sys
06:17:08.0400 0x0e68 srv - ok
06:17:08.0462 0x0e68 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
06:17:08.0493 0x0e68 srv2 - ok
06:17:08.0556 0x0e68 [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA C:\windows\system32\DRIVERS\VSTAZL6.SYS
06:17:08.0571 0x0e68 SrvHsfHDA - ok
06:17:08.0727 0x0e68 [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92 C:\windows\system32\DRIVERS\VSTDPV6.SYS
06:17:08.0821 0x0e68 SrvHsfV92 - ok
06:17:08.0946 0x0e68 [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac C:\windows\system32\DRIVERS\VSTCNXT6.SYS
06:17:08.0993 0x0e68 SrvHsfWinac - ok
06:17:09.0039 0x0e68 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
06:17:09.0055 0x0e68 srvnet - ok
06:17:09.0117 0x0e68 [ ED161B91FDF7EAA39469D72D463D5F4E, FC793E378FB709313D0AC44F59BF5C9488D73235AA2B1A21C50C3DED91C6BE62 ] sscdbus C:\windows\system32\DRIVERS\sscdbus.sys
06:17:09.0133 0x0e68 sscdbus - ok
06:17:09.0164 0x0e68 [ 4CB09E77593DBD8D7AF33B37375CA715, 7B14851A8EDAA996D28335FD4DA812C6114DD5012E1E929F4813797CDC77E5BC ] sscdmdfl C:\windows\system32\DRIVERS\sscdmdfl.sys
06:17:09.0164 0x0e68 sscdmdfl - ok
06:17:09.0227 0x0e68 [ C7B4CF53497A6E5363F3439427663882, 993278ADAAC18F12FE00CCF76681461451DA335F67BB581FC7326045048EC085 ] sscdmdm C:\windows\system32\DRIVERS\sscdmdm.sys
06:17:09.0242 0x0e68 sscdmdm - ok
06:17:09.0273 0x0e68 [ 05FFA552F578E27AB2D41B6828DB477F, F3292A431D656C039F4300AA584FA13F26A69B351C2F903B3E47CEF464A6233A ] sscdserd C:\windows\system32\DRIVERS\sscdserd.sys
06:17:09.0289 0x0e68 sscdserd - ok
06:17:09.0336 0x0e68 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
06:17:09.0367 0x0e68 SSDPSRV - ok
06:17:09.0383 0x0e68 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\windows\system32\sstpsvc.dll
06:17:09.0398 0x0e68 SstpSvc - ok
06:17:09.0429 0x0e68 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
06:17:09.0445 0x0e68 stexstor - ok
06:17:09.0539 0x0e68 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\windows\System32\wiaservc.dll
06:17:09.0585 0x0e68 stisvc - ok
06:17:09.0632 0x0e68 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\windows\system32\drivers\swenum.sys
06:17:09.0632 0x0e68 swenum - ok
06:17:09.0726 0x0e68 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\windows\System32\swprv.dll
06:17:09.0773 0x0e68 swprv - ok
06:17:09.0866 0x0e68 [ 470C47DABA9CA3966F0AB3F835D7D135, BF98E48B05F37F8ABE264BF77355391A08955057E24AE456A5637D56BDFD40A5 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
06:17:09.0897 0x0e68 SynTP - ok
06:17:10.0085 0x0e68 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\windows\system32\sysmain.dll
06:17:10.0209 0x0e68 SysMain - ok
06:17:10.0256 0x0e68 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
06:17:10.0272 0x0e68 TabletInputService - ok
06:17:10.0319 0x0e68 [ BCF5E78E87D258088346E399E406E501, FD75AC5A7085E08AB00A2D0CE01970873598E381B6542DC5EBAC240D727AF6D7 ] taphss6 C:\windows\system32\DRIVERS\taphss6.sys
rmrrar
Regular Member
 
Posts: 105
Joined: May 19th, 2013, 8:09 am

Re: I think I'm infected help please

Unread postby rmrrar » December 17th, 2014, 8:25 am

This is the rest of the log it was too long so I had to split it into two . thanks.

06:17:10.0334 0x0e68 taphss6 - ok
06:17:10.0381 0x0e68 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\windows\System32\tapisrv.dll
06:17:10.0412 0x0e68 TapiSrv - ok
06:17:10.0459 0x0e68 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\windows\System32\tbssvc.dll
06:17:10.0475 0x0e68 TBS - ok
06:17:10.0662 0x0e68 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\windows\system32\drivers\tcpip.sys
06:17:10.0787 0x0e68 Tcpip - ok
06:17:11.0005 0x0e68 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
06:17:11.0114 0x0e68 TCPIP6 - ok
06:17:11.0192 0x0e68 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
06:17:11.0192 0x0e68 tcpipreg - ok
06:17:11.0255 0x0e68 [ FD542B661BD22FA69CA789AD0AC58C29, 75FFAF1834B1E22DF37608ED451F161052FF1FE3C681B4E20A68DCA92CC7FD8C ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
06:17:11.0255 0x0e68 tdcmdpst - ok
06:17:11.0286 0x0e68 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
06:17:11.0286 0x0e68 TDPIPE - ok
06:17:11.0333 0x0e68 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
06:17:11.0333 0x0e68 TDTCP - ok
06:17:11.0379 0x0e68 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\windows\system32\DRIVERS\tdx.sys
06:17:11.0395 0x0e68 tdx - ok
06:17:11.0426 0x0e68 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\windows\system32\drivers\termdd.sys
06:17:11.0426 0x0e68 TermDD - ok
06:17:11.0520 0x0e68 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\windows\System32\termsrv.dll
06:17:11.0582 0x0e68 TermService - ok
06:17:11.0613 0x0e68 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\windows\system32\themeservice.dll
06:17:11.0629 0x0e68 Themes - ok
06:17:11.0660 0x0e68 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\windows\system32\mmcss.dll
06:17:11.0676 0x0e68 THREADORDER - ok
06:17:11.0754 0x0e68 [ F120967184A27E927052E8DDBB727851, B54A1D2B4D52C0DF19AC81617A26CA164C5779C568DB86A6FD97D0A14D5FEEB4 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
06:17:11.0754 0x0e68 TMachInfo - ok
06:17:11.0801 0x0e68 [ ED32035BDFECED1AD66D459FD9CC1140, B82A15FAB4CBB5A633B9BF722441D5B20D946B63DD10BBE2A89D3A8BA3BE3339 ] TODDSrv C:\Windows\system32\TODDSrv.exe
06:17:11.0832 0x0e68 TODDSrv - ok
06:17:11.0941 0x0e68 [ 98C864481D62F86EC8AF65BE3419A95B, 61F0C7CBFAB151FBB62081A37C655D4E818A558E140F3F3BA5C26B024AE24EBB ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
06:17:11.0972 0x0e68 TosCoSrv - ok
06:17:12.0050 0x0e68 [ 2AB7A4697462EDB0C9DFAFC529746BA9, 4EAF4839CA35C8FCE9C086D43E7417E52F0714A2227AE983C0B5C88A66A1B554 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
06:17:12.0066 0x0e68 TOSHIBA eco Utility Service - ok
06:17:12.0159 0x0e68 [ 74C2FA8C3765EE71A9C22182EC108457, A7073FAB6CE6FB9824544A9CDCCA441D08FD87D68EB564DCB1186FC257776221 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
06:17:12.0159 0x0e68 TOSHIBA HDD SSD Alert Service - ok
06:17:12.0269 0x0e68 [ 97687D094AA597DA366E1194B218CC6C, 8A617E1901235518FDB7504FCDCE641D9F7C5D256A11D5FEFD35E7696972E2B8 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
06:17:12.0331 0x0e68 TPCHSrv - ok
06:17:12.0378 0x0e68 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\windows\System32\trkwks.dll
06:17:12.0393 0x0e68 TrkWks - ok
06:17:12.0471 0x0e68 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
06:17:12.0471 0x0e68 TrustedInstaller - ok
06:17:12.0534 0x0e68 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
06:17:12.0534 0x0e68 tssecsrv - ok
06:17:12.0596 0x0e68 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
06:17:12.0612 0x0e68 TsUsbFlt - ok
06:17:12.0674 0x0e68 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
06:17:12.0674 0x0e68 tunnel - ok
06:17:12.0721 0x0e68 [ 550B567F9364D8F7684C3FB3EA665A72, A214BBBBAB9F0DD525FA5A818CEB8E9294B4A96676317255D7ACF6049049C933 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
06:17:12.0737 0x0e68 TVALZ - ok
06:17:12.0783 0x0e68 [ 9C7191F4B2E49BFF47A6C1144B5923FA, DF4E663499946F4E68B7528CA399574D1EB69797FF81F681943B84F3E5E6A40E ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
06:17:12.0783 0x0e68 TVALZFL - ok
06:17:12.0815 0x0e68 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
06:17:12.0830 0x0e68 uagp35 - ok
06:17:12.0893 0x0e68 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\windows\system32\DRIVERS\udfs.sys
06:17:12.0908 0x0e68 udfs - ok
06:17:12.0955 0x0e68 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\windows\system32\UI0Detect.exe
06:17:12.0971 0x0e68 UI0Detect - ok
06:17:13.0017 0x0e68 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
06:17:13.0017 0x0e68 uliagpkx - ok
06:17:13.0064 0x0e68 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\windows\system32\drivers\umbus.sys
06:17:13.0064 0x0e68 umbus - ok
06:17:13.0111 0x0e68 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\windows\system32\DRIVERS\umpass.sys
06:17:13.0111 0x0e68 UmPass - ok
06:17:13.0173 0x0e68 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\windows\System32\upnphost.dll
06:17:13.0205 0x0e68 upnphost - ok
06:17:13.0267 0x0e68 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
06:17:13.0283 0x0e68 usbccgp - ok
06:17:13.0345 0x0e68 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\windows\system32\drivers\usbcir.sys
06:17:13.0345 0x0e68 usbcir - ok
06:17:13.0392 0x0e68 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
06:17:13.0407 0x0e68 usbehci - ok
06:17:13.0470 0x0e68 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
06:17:13.0501 0x0e68 usbhub - ok
06:17:13.0548 0x0e68 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
06:17:13.0563 0x0e68 usbohci - ok
06:17:13.0595 0x0e68 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
06:17:13.0595 0x0e68 usbprint - ok
06:17:13.0641 0x0e68 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\windows\system32\drivers\usbscan.sys
06:17:13.0641 0x0e68 usbscan - ok
06:17:13.0688 0x0e68 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
06:17:13.0704 0x0e68 USBSTOR - ok
06:17:13.0751 0x0e68 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
06:17:13.0751 0x0e68 usbuhci - ok
06:17:13.0829 0x0e68 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
06:17:13.0844 0x0e68 usbvideo - ok
06:17:13.0875 0x0e68 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\windows\System32\uxsms.dll
06:17:13.0891 0x0e68 UxSms - ok
06:17:13.0922 0x0e68 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\windows\system32\lsass.exe
06:17:13.0922 0x0e68 VaultSvc - ok
06:17:14.0047 0x0e68 [ 1352B215BDC5807A5641E7C143796DD7, B54F95307253BB81E4CEE4F2033782210652364DE6A1E833B27ECE7E04A2BD51 ] VBoxAswDrv C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
06:17:14.0063 0x0e68 VBoxAswDrv - ok
06:17:14.0109 0x0e68 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
06:17:14.0109 0x0e68 vdrvroot - ok
06:17:14.0203 0x0e68 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\windows\System32\vds.exe
06:17:14.0250 0x0e68 vds - ok
06:17:14.0312 0x0e68 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
06:17:14.0312 0x0e68 vga - ok
06:17:14.0328 0x0e68 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\windows\System32\drivers\vga.sys
06:17:14.0343 0x0e68 VgaSave - ok
06:17:14.0390 0x0e68 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\windows\system32\drivers\vhdmp.sys
06:17:14.0406 0x0e68 vhdmp - ok
06:17:14.0453 0x0e68 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\windows\system32\drivers\viaide.sys
06:17:14.0453 0x0e68 viaide - ok
06:17:14.0484 0x0e68 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\windows\system32\drivers\volmgr.sys
06:17:14.0499 0x0e68 volmgr - ok
06:17:14.0577 0x0e68 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\windows\system32\drivers\volmgrx.sys
06:17:14.0609 0x0e68 volmgrx - ok
06:17:14.0671 0x0e68 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\windows\system32\drivers\volsnap.sys
06:17:14.0687 0x0e68 volsnap - ok
06:17:14.0765 0x0e68 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
06:17:14.0780 0x0e68 vsmraid - ok
06:17:14.0936 0x0e68 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\windows\system32\vssvc.exe
06:17:15.0045 0x0e68 VSS - ok
06:17:15.0092 0x0e68 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
06:17:15.0092 0x0e68 vwifibus - ok
06:17:15.0123 0x0e68 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
06:17:15.0139 0x0e68 vwififlt - ok
06:17:15.0201 0x0e68 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\windows\system32\w32time.dll
06:17:15.0233 0x0e68 W32Time - ok
06:17:15.0295 0x0e68 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
06:17:15.0295 0x0e68 WacomPen - ok
06:17:15.0373 0x0e68 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
06:17:15.0389 0x0e68 WANARP - ok
06:17:15.0404 0x0e68 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
06:17:15.0404 0x0e68 Wanarpv6 - ok
06:17:15.0560 0x0e68 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
06:17:15.0638 0x0e68 WatAdminSvc - ok
06:17:15.0763 0x0e68 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\windows\system32\wbengine.exe
06:17:15.0825 0x0e68 wbengine - ok
06:17:15.0872 0x0e68 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\windows\System32\wbiosrvc.dll
06:17:15.0903 0x0e68 WbioSrvc - ok
06:17:15.0966 0x0e68 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\windows\System32\wcncsvc.dll
06:17:15.0997 0x0e68 wcncsvc - ok
06:17:16.0044 0x0e68 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
06:17:16.0059 0x0e68 WcsPlugInService - ok
06:17:16.0091 0x0e68 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\windows\system32\DRIVERS\wd.sys
06:17:16.0091 0x0e68 Wd - ok
06:17:16.0200 0x0e68 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
06:17:16.0262 0x0e68 Wdf01000 - ok
06:17:16.0293 0x0e68 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\windows\system32\wdi.dll
06:17:16.0309 0x0e68 WdiServiceHost - ok
06:17:16.0325 0x0e68 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\windows\system32\wdi.dll
06:17:16.0340 0x0e68 WdiSystemHost - ok
06:17:16.0403 0x0e68 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\windows\System32\webclnt.dll
06:17:16.0434 0x0e68 WebClient - ok
06:17:16.0465 0x0e68 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\windows\system32\wecsvc.dll
06:17:16.0496 0x0e68 Wecsvc - ok
06:17:16.0527 0x0e68 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\windows\System32\wercplsupport.dll
06:17:16.0543 0x0e68 wercplsupport - ok
06:17:16.0590 0x0e68 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\windows\System32\WerSvc.dll
06:17:16.0605 0x0e68 WerSvc - ok
06:17:16.0652 0x0e68 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
06:17:16.0652 0x0e68 WfpLwf - ok
06:17:16.0683 0x0e68 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\windows\system32\drivers\wimmount.sys
06:17:16.0683 0x0e68 WIMMount - ok
06:17:16.0777 0x0e68 [ A6EA7A3FC4B00F48535B506DB1E86EFD, B2A28C0438BA679D760FB8B68289D625CF6204DFF8000A285B5CA68417314F65 ] winachsf C:\windows\system32\DRIVERS\CAX_CNXT.sys
06:17:16.0839 0x0e68 winachsf - ok
06:17:16.0871 0x0e68 WinDefend - ok
06:17:16.0886 0x0e68 WinHttpAutoProxySvc - ok
06:17:16.0980 0x0e68 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
06:17:16.0995 0x0e68 Winmgmt - ok
06:17:17.0183 0x0e68 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\windows\system32\WsmSvc.dll
06:17:17.0323 0x0e68 WinRM - ok
06:17:17.0479 0x0e68 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\windows\System32\wlansvc.dll
06:17:17.0541 0x0e68 Wlansvc - ok
06:17:17.0588 0x0e68 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
06:17:17.0604 0x0e68 WmiAcpi - ok
06:17:17.0651 0x0e68 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
06:17:17.0666 0x0e68 wmiApSrv - ok
06:17:17.0697 0x0e68 WMPNetworkSvc - ok
06:17:17.0729 0x0e68 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\windows\System32\wpcsvc.dll
06:17:17.0744 0x0e68 WPCSvc - ok
06:17:17.0791 0x0e68 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
06:17:17.0822 0x0e68 WPDBusEnum - ok
06:17:17.0838 0x0e68 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
06:17:17.0853 0x0e68 ws2ifsl - ok
06:17:17.0885 0x0e68 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\windows\System32\wscsvc.dll
06:17:17.0900 0x0e68 wscsvc - ok
06:17:17.0900 0x0e68 WSearch - ok
06:17:18.0150 0x0e68 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\windows\system32\wuaueng.dll
06:17:18.0353 0x0e68 wuauserv - ok
06:17:18.0399 0x0e68 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
06:17:18.0415 0x0e68 WudfPf - ok
06:17:18.0462 0x0e68 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
06:17:18.0477 0x0e68 WUDFRd - ok
06:17:18.0524 0x0e68 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\windows\System32\WUDFSvc.dll
06:17:18.0540 0x0e68 wudfsvc - ok
06:17:18.0602 0x0e68 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\windows\System32\wwansvc.dll
06:17:18.0618 0x0e68 WwanSvc - ok
06:17:18.0665 0x0e68 [ E8F3FA126A06F8E7088F63757112A186, FC742ECA6DD823C5B17A514EC4473F65EE290FA6501370675B3628FD881A1C4B ] XAudio C:\windows\system32\DRIVERS\XAudio64.sys
06:17:18.0665 0x0e68 XAudio - ok
06:17:18.0696 0x0e68 ================ Scan global ===============================
06:17:18.0727 0x0e68 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
06:17:18.0789 0x0e68 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
06:17:18.0821 0x0e68 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
06:17:18.0883 0x0e68 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
06:17:18.0930 0x0e68 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe
06:17:18.0961 0x0e68 [ Global ] - ok
06:17:18.0961 0x0e68 ================ Scan MBR ==================================
06:17:18.0992 0x0e68 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
06:17:19.0320 0x0e68 \Device\Harddisk0\DR0 - ok
06:17:19.0320 0x0e68 ================ Scan VBR ==================================
06:17:19.0335 0x0e68 [ 471D4EDD4069A2F132F0A96A2D6337A2 ] \Device\Harddisk0\DR0\Partition1
06:17:19.0335 0x0e68 \Device\Harddisk0\DR0\Partition1 - ok
06:17:19.0335 0x0e68 ================ Scan generic autorun ======================
06:17:19.0398 0x0e68 [ 915F12B7FE7C3D072A375B47F1FC52BC, 9F36A940BB5F18F5E9F55CA9191A92A32B6A0335965ADC5CD1AB004B376F31D2 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
06:17:19.0413 0x0e68 StartCCC - ok
06:17:19.0476 0x0e68 [ DB04E6CBFCB38A8E224239CE2185D9E6, 7DBAF41EB3BE0A21DB9CFB72FA22879238089E32879D2E2D7FC651CC9778C30B ] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe
06:17:19.0491 0x0e68 SVPWUTIL - ok
06:17:19.0569 0x0e68 [ 8107E3A186C034DDEB14718D71332714, 641AD52C6F624A59648043D6E044B772B76DA1C82C4B3258A109A2FB67AACFA3 ] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe
06:17:19.0601 0x0e68 HWSetup - ok
06:17:19.0632 0x0e68 [ 15E7DB66D11CC100DC96C6EE8D97F520, DB0C03A7F7AE1465C5E780CA6D7BF4ED143842ABCD096A7F61B98E3E99E666F5 ] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
06:17:19.0632 0x0e68 KeNotify - ok
06:17:19.0757 0x0e68 [ 552B331DC253F28C6B3B0B2A2B9BA398, 7FB0DBF7551DB7DFB67BD5FFD601CE0FE6D12FDDA3B3A3DD9AA92ADD891D8854 ] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
06:17:19.0835 0x0e68 ToshibaServiceStation - ok
06:17:20.0069 0x0e68 [ F7E0783DA9043BC131BB37C77EDB04DF, CD24E9B89789BE57230C52B24E63F29C6E650876E5FB0CB1304390B7E698FF93 ] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
06:17:20.0225 0x0e68 TWebCamera - ok
06:17:20.0521 0x0e68 [ 7F9F8B7B21CAB6B9901ECA7C278E4DBC, B384378472CE814CC748B2C6CF8187534DDB04A3346B3DBC49CC5CF9B25D9B7A ] C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe
06:17:20.0724 0x0e68 NortonOnlineBackupReminder - ok
06:17:20.0802 0x0e68 [ 4322502C58C64D30E70BFF62F769F858, 47B89ABDCD0BAF97C543A797FD1DB193AF175DD5BE92CDE65A4CBD5B216AEF75 ] C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe
06:17:20.0833 0x0e68 ToshibaAppPlace - ok
06:17:21.0254 0x0e68 [ 312C7978F0A42DB0475CE31D884DCE88, 53DBEF2473F39754BB1BC352DB9A32607FD3A2E2DC5E7AA6AE821CABEC00CCD1 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
06:17:21.0691 0x0e68 AvastUI.exe - ok
06:17:21.0878 0x0e68 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
06:17:21.0956 0x0e68 Sidebar - ok
06:17:21.0987 0x0e68 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
06:17:22.0003 0x0e68 mctadmin - ok
06:17:22.0123 0x0e68 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
06:17:22.0193 0x0e68 Sidebar - ok
06:17:22.0209 0x0e68 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
06:17:22.0224 0x0e68 mctadmin - ok
06:17:22.0224 0x0e68 Waiting for KSN requests completion. In queue: 274
06:17:23.0226 0x0e68 Waiting for KSN requests completion. In queue: 274
06:17:24.0240 0x0e68 Waiting for KSN requests completion. In queue: 274
06:17:25.0254 0x0e68 Waiting for KSN requests completion. In queue: 274
06:17:26.0268 0x0e68 Waiting for KSN requests completion. In queue: 274
06:17:27.0282 0x0e68 Waiting for KSN requests completion. In queue: 274
06:17:28.0296 0x0e68 Waiting for KSN requests completion. In queue: 274
06:17:29.0310 0x0e68 Waiting for KSN requests completion. In queue: 274
06:17:30.0324 0x0e68 Waiting for KSN requests completion. In queue: 274
06:17:31.0338 0x0e68 Waiting for KSN requests completion. In queue: 274
06:17:32.0352 0x0e68 Waiting for KSN requests completion. In queue: 235
06:17:33.0428 0x0e68 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.0.2208.712 ), 0x41000 ( enabled : updated )
06:17:33.0491 0x0e68 Win FW state via NFP2: enabled
06:17:51.0009 0x0e68 ============================================================
06:17:51.0009 0x0e68 Scan finished
06:17:51.0009 0x0e68 ============================================================
06:17:51.0025 0x0dec Detected object count: 0
06:17:51.0025 0x0dec Actual detected object count: 0
rmrrar
Regular Member
 
Posts: 105
Joined: May 19th, 2013, 8:09 am

Re: I think I'm infected help please

Unread postby nunped » December 17th, 2014, 2:10 pm

Hi rmrrar,

Let's try a different online scanner:
Run Microsoft Safety Scanner

  • First please Disable any Antivirus you have active, as shown in This topic.
  • Note: Don't forget to re-enable it after the scan.
  • Next hold down Control then click on the following link to open a new window to Microsoft Safety Scanner
  • Click Download Now
  • When asked to Run or Save, choose Run. (Unless it's to be run on a different PC)
  • OK the User Account Permission or the query "Do you want to run this software".
  • If you get a message saying "running this type of program could harm your computer" or similar, just ignore it and tell it to Run anyway.
  • Click the box to Accept the license agreement. Click Next.
  • Click Next to run the Scan.
  • Click the Quick Scan button. (... also Full Scan option)
  • Click Next
  • (If it finds nothing, it will just Exit. It still does create a report file.)
  • If it has found anything, check the box titled "Help Remove potentially unwanted software"
  • Click Next.
  • (The Dialog label will become "Cleaning your computer"). It may take a while.
  • After this operation completes, click Finish.
  • When removals are complete, it will report through a link, "View detailed results of the scan"
  • Clicking the link will popup a report in Notepad.
  • Please post the contents of the file in a reply.
  • The report file is also saved here: C:\Windows\debug\msert.log
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: I think I'm infected help please

Unread postby Cypher » December 20th, 2014, 3:49 pm

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: M2Judy and 45 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware