. DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31 Run by Owner at 17:49:08 on 2012-07-29 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3933.2573 [GMT -5:00] . AV: Max Security 9.13 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17} SP: Max Security 9.13 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Max Security 9.13 *Disabled* {2D7AC0A6-6241-D774-E168-461178D9686C} . ============== Running Processes =============== . C:\windows\system32\wininit.exe C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k NetworkService C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\windows\system32\taskhost.exe C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\windows\system32\Dwm.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\windows\Explorer.EXE C:\Program Files (x86)\Frontier\Security\Anti-Virus\fsgk32st.exe C:\Program Files (x86)\Frontier\Security\Common\FSMA32.EXE C:\Program Files (x86)\Frontier\Security\Anti-Virus\FSGK32.EXE C:\Program Files (x86)\Secunia\PSI\sua.exe C:\windows\system32\svchost.exe -k imgsvc C:\Windows\system32\TODDSrv.exe C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe C:\windows\System32\svchost.exe -k secsvcs C:\windows\system32\SearchIndexer.exe C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Frontier\Security\Anti-Virus\fssm32.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\windows\system32\igfxsrvc.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\windows\system32\igfxext.exe C:\Program Files (x86)\Toshiba\Utilities\KeNotify.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManager.exe C:\windows\system32\taskeng.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\windows\system32\taskhost.exe C:\windows\system32\SearchProtocolHost.exe C:\windows\system32\SearchFilterHost.exe C:\Program Files (x86)\Frontier\Security\Common\FSLAUNCHER0.EXE C:\windows\system32\DllHost.exe C:\windows\system32\DllHost.exe C:\windows\SysWOW64\cmd.exe C:\windows\system32\conhost.exe C:\windows\SysWOW64\cscript.exe C:\windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.yahoo.com/ uDefault_Page_URL = mDefault_Page_URL = mStart Page = mLocal Page = BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Browsing Protection Class: {c6867eb7-8350-4856-877f-93cf8ae3dc9c} - C:\Program Files (x86)\Frontier\Security\NRS\iescript\baselitmus.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Browsing Protection Toolbar: {265eee8e-3228-44d3-aea5-f7fdf5860049} - C:\Program Files (x86)\Frontier\Security\NRS\iescript\baselitmus.dll TB: {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - No File TB: {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - No File mRun: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL mRun: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP mRun: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" mRun: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManager.lnk" mRun: [F-Secure Manager] "C:\Program Files (x86)\Frontier\Security\Common\FSM32.EXE" /splash mRun: [F-Secure TNB] "C:\Program Files (x86)\Frontier\Security\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL LSP: C:\Program Files (x86)\Frontier\Security\FSPS\program\FSLSP.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab TCP: DhcpNameServer = 192.168.254.254 192.168.254.254 TCP: Interfaces\{6E317409-3DFB-40C7-BC90-2A0077847BAB} : DhcpNameServer = 192.168.254.254 192.168.254.254 TCP: Interfaces\{6E317409-3DFB-40C7-BC90-2A0077847BAB}\D616C6C616274637 : DhcpNameServer = 192.168.254.254 192.168.254.254 BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Browsing Protection Class: {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\Frontier\Security\NRS\iescript\baselitmus.dll BHO-X64: LitmusBHO - No File BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: Browsing Protection Toolbar: {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\Frontier\Security\NRS\iescript\baselitmus.dll TB-X64: {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - No File TB-X64: {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - No File mRun-x64: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL mRun-x64: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP mRun-x64: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe mRun-x64: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" mRun-x64: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManager.lnk" mRun-x64: [F-Secure Manager] "C:\Program Files (x86)\Frontier\Security\Common\FSM32.EXE" /splash mRun-x64: [F-Secure TNB] "C:\Program Files (x86)\Frontier\Security\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\bx0rvagm.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/ FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll . ============= SERVICES / DRIVERS =============== . R0 fsbts;fsbts;C:\Windows\System32\drivers\fsbts.sys [2011-5-2 33408] R0 PxHlpa64;PxHlpa64;C:\windows\system32\Drivers\PxHlpa64.sys --> C:\windows\system32\Drivers\PxHlpa64.sys [?] R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\system32\DRIVERS\tos_sps64.sys --> C:\windows\system32\DRIVERS\tos_sps64.sys [?] R1 F-Secure HIPS;F-Secure HIPS Driver;C:\Program Files (x86)\Frontier\Security\HIPS\drivers\fshs.sys [2011-5-2 58000] R1 FSFW;F-Secure Firewall Driver;C:\windows\system32\drivers\fsdfw.sys --> C:\windows\system32\drivers\fsdfw.sys [?] R1 fsvista;F-Secure Vista Support Driver;C:\Program Files (x86)\Frontier\Security\Anti-Virus\minifilter\fsvista.sys [2011-5-2 14904] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928] R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe [2009-8-10 248688] R2 ConfigFree Gadget Service;ConfigFree Gadget Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFProcSRVC.exe [2009-7-14 42368] R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe [2009-3-10 46448] R2 F-Secure Gatekeeper Handler Starter;FSGKHS;C:\Program Files (x86)\Frontier\Security\Anti-Virus\fsgk32st.exe [2011-5-2 219824] R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2012-5-3 681016] R3 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files (x86)\Frontier\Security\Anti-Virus\minifilter\fsgk.sys [2011-5-2 199848] R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?] R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;C:\windows\system32\DRIVERS\RTL8187B.sys --> C:\windows\system32\DRIVERS\RTL8187B.sys [?] R3 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2010-2-21 54136] R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-9-17 137560] S1 FSES;F-Secure Email Scanning Driver;C:\windows\system32\drivers\fses.sys --> C:\windows\system32\drivers\fses.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 FSORSPClient;F-Secure ORSP Client;C:\Program Files (x86)\Frontier\Security\ORSP Client\fsorsp.exe [2011-5-2 61088] S3 PSI;PSI;C:\windows\system32\DRIVERS\psi_mf.sys --> C:\windows\system32\DRIVERS\psi_mf.sys [?] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUStor.sys --> C:\windows\system32\Drivers\RtsUStor.sys [?] S3 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2012-5-3 1302072] S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?] S4 F-Secure Filter;F-Secure File System Filter;C:\Program Files (x86)\Frontier\Security\Anti-Virus\win2k\fsfilter.sys [2012-6-24 39856] S4 F-Secure Recognizer;F-Secure File System Recognizer;C:\Program Files (x86)\Frontier\Security\Anti-Virus\win2k\fsrec.sys [2012-6-24 25264] . =============== Created Last 30 ================ . 2012-07-29 00:57:41 -------- d-----w- C:\Users\Owner\AppData\Local\PackageAware 2012-07-27 13:31:23 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{27B9C4EE-6F3D-415E-ACBB-8F93ACF0FBB1}\mpengine.dll 2012-07-25 16:23:03 -------- d-----w- C:\Users\Owner\AppData\Local\LogMeIn Rescue Applet 2012-07-24 20:24:55 -------- d-s---w- C:\ComboFix 2012-07-22 00:29:13 70344 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-22 00:29:13 426184 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe 2012-07-21 17:42:21 3148800 ----a-w- C:\windows\System32\win32k.sys 2012-07-21 17:32:54 2004480 ----a-w- C:\windows\System32\msxml6.dll 2012-07-21 17:32:54 1881600 ----a-w- C:\windows\System32\msxml3.dll 2012-07-21 17:32:53 2048 ----a-w- C:\windows\SysWow64\msxml3r.dll 2012-07-21 17:32:53 2048 ----a-w- C:\windows\System32\msxml3r.dll 2012-07-21 17:32:53 1390080 ----a-w- C:\windows\SysWow64\msxml6.dll 2012-07-21 17:32:53 1236992 ----a-w- C:\windows\SysWow64\msxml3.dll 2012-07-06 12:47:04 -------- d-----w- C:\_OTL . ==================== Find3M ==================== . 2012-06-24 16:54:06 94304 ----a-w- C:\windows\System32\drivers\fsdfw.sys 2012-06-24 16:53:40 50384 ----a-w- C:\windows\System32\drivers\fses.sys 2012-06-24 15:42:36 33408 ----a-w- C:\windows\SysWow64\drivers\fsbts.sys 2012-06-17 23:36:40 955840 ----a-w- C:\windows\System32\npDeployJava1.dll 2012-06-17 23:36:40 839096 ----a-w- C:\windows\System32\deployJava1.dll 2012-06-06 06:02:54 1133568 ----a-w- C:\windows\System32\cdosys.dll 2012-06-06 05:03:06 805376 ----a-w- C:\windows\SysWow64\cdosys.dll 2012-06-02 22:15:31 2622464 ----a-w- C:\windows\System32\wucltux.dll 2012-06-02 22:15:08 99840 ----a-w- C:\windows\System32\wudriver.dll 2012-06-02 20:19:42 186752 ----a-w- C:\windows\System32\wuwebv.dll 2012-06-02 20:15:12 36864 ----a-w- C:\windows\System32\wuapp.exe 2012-06-02 12:12:17 2311680 ----a-w- C:\windows\System32\jscript9.dll 2012-06-02 12:05:28 1392128 ----a-w- C:\windows\System32\wininet.dll 2012-06-02 12:04:50 1494528 ----a-w- C:\windows\System32\inetcpl.cpl 2012-06-02 12:01:40 173056 ----a-w- C:\windows\System32\ieUnatt.exe 2012-06-02 11:57:08 2382848 ----a-w- C:\windows\System32\mshtml.tlb 2012-06-02 08:33:25 1800192 ----a-w- C:\windows\SysWow64\jscript9.dll 2012-06-02 08:25:08 1129472 ----a-w- C:\windows\SysWow64\wininet.dll 2012-06-02 08:25:03 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl 2012-06-02 08:20:33 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe 2012-06-02 08:16:52 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb 2012-06-02 05:50:10 458704 ----a-w- C:\windows\System32\drivers\cng.sys 2012-06-02 05:48:16 95600 ----a-w- C:\windows\System32\drivers\ksecdd.sys 2012-06-02 05:48:16 151920 ----a-w- C:\windows\System32\drivers\ksecpkg.sys 2012-06-02 05:45:31 340992 ----a-w- C:\windows\System32\schannel.dll 2012-06-02 05:44:21 307200 ----a-w- C:\windows\System32\ncrypt.dll 2012-06-02 04:40:42 22016 ----a-w- C:\windows\SysWow64\secur32.dll 2012-06-02 04:40:39 225280 ----a-w- C:\windows\SysWow64\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- C:\windows\SysWow64\ncrypt.dll 2012-06-02 04:34:09 96768 ----a-w- C:\windows\SysWow64\sspicli.dll 2012-05-31 17:25:12 279656 ------w- C:\windows\System32\MpSigStub.exe 2012-05-09 17:27:01 55960 ----a-w- C:\windows\System32\drivers\fsbts.sys 2012-05-04 11:06:22 5559664 ----a-w- C:\windows\System32\ntoskrnl.exe 2012-05-04 10:03:53 3968368 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03:50 3913072 ----a-w- C:\windows\SysWow64\ntoskrnl.exe 2012-05-01 05:40:20 209920 ----a-w- C:\windows\System32\profsvc.dll . ============= FINISH: 17:49:40.11 ===============