Jump to content

cw888

Members
  • Posts

    18
  • Joined

  • Last visited

Everything posted by cw888

  1. Hi Maurice I've run the MS Safety scan all it come back clear. So computer seems to be malware free which is brilliant but could you tell me, is there anyway I can get my start menu folders back? If not I assume I'll just have to place a shortcut to those that I use, on the desktop. I just wanted to say a huge thank you though for all the help you have given me!
  2. Okay, first time I've had a chance to get on computer today. Managed to run Gmer - this time I unplug the internet, turned off norton completely and ran it and it worked fine. Here is the log; GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-03-24 23:13:42 Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-5 ST9250320AS rev.HP07 Running: lv439p47.exe; Driver: C:\Users\CATHER~1\AppData\Local\Temp\uflcyuoc.sys ---- System - GMER 1.0.15 ---- SSDT 979FD6A8 ZwAlertResumeThread SSDT 89EBDB28 ZwAlertThread SSDT 995493C8 ZwAllocateVirtualMemory SSDT 87B0E2C0 ZwAlpcConnectPort SSDT 89E92C88 ZwAssignProcessToJobObject SSDT 979FD3B8 ZwCreateMutant SSDT 89E929A8 ZwCreateSymbolicLinkObject SSDT 89EF5318 ZwCreateThread SSDT 89E92D68 ZwDebugActiveProcess SSDT 99549518 ZwDuplicateObject SSDT 99549208 ZwFreeVirtualMemory SSDT 979FD4A8 ZwImpersonateAnonymousToken SSDT 979FD588 ZwImpersonateThread SSDT 87B1F2E0 ZwLoadDriver SSDT 89FA54F8 ZwMapViewOfSection SSDT 979FD138 ZwOpenEvent SSDT 89EF5200 ZwOpenProcess SSDT 99549498 ZwOpenProcessToken SSDT 89E92F90 ZwOpenSection SSDT 89EF5130 ZwOpenThread SSDT 89E92B98 ZwProtectVirtualMemory SSDT 89EBDE68 ZwResumeThread SSDT 89FA5248 ZwSetContextThread SSDT 89FA5328 ZwSetInformationProcess SSDT 89E92E48 ZwSetSystemInformation SSDT 979FD058 ZwSuspendProcess SSDT 89EBDF48 ZwSuspendThread SSDT 89EF53F8 ZwTerminateProcess SSDT 89FA5168 ZwTerminateThread SSDT 89FA5418 ZwUnmapViewOfSection SSDT 995492F8 ZwWriteVirtualMemory SSDT 89E92A98 ZwCreateThreadEx ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!KeSetEvent + 11D 822B58A0 8 Bytes [A8, D6, 9F, 97, 28, DB, EB, ...] {TEST AL, 0xd6; LAHF ; XCHG EDI, EAX; SUB BL, BL; JMP 0xffffffffffffff91} .text ntkrnlpa.exe!KeSetEvent + 131 822B58B4 4 Bytes [C8, 93, 54, 99] {ENTER 0x5493, 0x99} .text ntkrnlpa.exe!KeSetEvent + 13D 822B58C0 4 Bytes [C0, E2, B0, 87] .text ntkrnlpa.exe!KeSetEvent + 191 822B5914 4 Bytes [88, 2C, E9, 89] .text ntkrnlpa.exe!KeSetEvent + 1F5 822B5978 4 Bytes [b8, D3, 9F, 97] .text ... ---- Files - GMER 1.0.15 ---- File C:\Windows\assembly\NativeImages_v4.0.30319_32\index53e.dat 0 bytes File C:\Windows\assembly\NativeImages_v4.0.30319_32\index53f.dat 0 bytes ---- EOF - GMER 1.0.15 ----
  3. Ok, did a scan which showed 2 things in the registry so I pressed delete - the log is pasted below. The other program which I downloaded and saved into new fold ARK - having problems. When I run the program it runs for a couple of minutes and then states: Iv439p47.exe has stopped working. A problems caused the program to stop working correctly. windows will close the program and notify you if a solution is available. Here's the first log though; RogueKiller V7.3.2 [03/20/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version Started in : Normal mode User: Catherine [Admin rights] Mode: Remove -- Date: 03/23/2012 22:53:15 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 2 ¤¤¤ [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0) [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [LOADED] ¤¤¤ SSDT[13] : NtAlertResumeThread @ 0x824D753D -> HOOKED (Unknown @ 0x89E87DB0) SSDT[14] : NtAlertThread @ 0x82450255 -> HOOKED (Unknown @ 0x89E87E90) SSDT[18] : NtAllocateVirtualMemory @ 0x8248C4FB -> HOOKED (Unknown @ 0x88817C88) SSDT[21] : NtAlpcConnectPort @ 0x8242E887 -> HOOKED (Unknown @ 0x87385108) SSDT[42] : NtAssignProcessToJobObject @ 0x82401B43 -> HOOKED (Unknown @ 0x89E62F90) SSDT[67] : NtCreateMutant @ 0x8246480C -> HOOKED (Unknown @ 0x8881A008) SSDT[77] : NtCreateSymbolicLinkObject @ 0x8240435A -> HOOKED (Unknown @ 0x89E62CB0) SSDT[78] : NtCreateThread @ 0x824D5BB4 -> HOOKED (Unknown @ 0x993B4E28) SSDT[116] : NtDebugActiveProcess @ 0x824A8D22 -> HOOKED (Unknown @ 0x8881A0B8) SSDT[129] : NtDuplicateObject @ 0x8243C551 -> HOOKED (Unknown @ 0x88817DE0) SSDT[147] : NtFreeVirtualMemory @ 0x822C8F5D -> HOOKED (Unknown @ 0x89E69EF0) SSDT[156] : NtImpersonateAnonymousToken @ 0x823FEF12 -> HOOKED (Unknown @ 0x89E87BF0) SSDT[158] : NtImpersonateThread @ 0x8241454F -> HOOKED (Unknown @ 0x89E87CD0) SSDT[165] : NtLoadDriver @ 0x823AFDEE -> HOOKED (Unknown @ 0x870FD2C8) SSDT[177] : NtMapViewOfSection @ 0x8245489A -> HOOKED (Unknown @ 0x89E69E10) SSDT[184] : NtOpenEvent @ 0x8243DDCF -> HOOKED (Unknown @ 0x8881A4A0) SSDT[194] : NtOpenProcess @ 0x82464FA8 -> HOOKED (Unknown @ 0x88817F80) SSDT[195] : NtOpenProcessToken @ 0x82445A2E -> HOOKED (Unknown @ 0x993B4D60) SSDT[197] : NtOpenSection @ 0x8245566D -> HOOKED (Unknown @ 0x8881A2E0) SSDT[201] : NtOpenThread @ 0x824604FA -> HOOKED (Unknown @ 0x88817EB0) SSDT[210] : NtProtectVirtualMemory @ 0x8245E2DD -> HOOKED (Unknown @ 0x89E62EA0) SSDT[282] : NtResumeThread @ 0x8245FB45 -> HOOKED (Unknown @ 0x89E87F70) SSDT[289] : NtSetContextThread @ 0x824D6883 -> HOOKED (Unknown @ 0x89E69B40) SSDT[305] : NtSetInformationProcess @ 0x824588C8 -> HOOKED (Unknown @ 0x89E69C60) SSDT[317] : NtSetSystemInformation @ 0x8242AEEB -> HOOKED (Unknown @ 0x8881A198) SSDT[330] : NtSuspendProcess @ 0x824D7477 -> HOOKED (Unknown @ 0x8881A3C0) SSDT[331] : NtSuspendThread @ 0x823DE92B -> HOOKED (Unknown @ 0x89EAF160) SSDT[334] : NtTerminateProcess @ 0x82435143 -> HOOKED (Unknown @ 0x993B4F08) SSDT[335] : NtTerminateThread @ 0x8246052F -> HOOKED (Unknown @ 0x89EAF240) SSDT[348] : NtUnmapViewOfSection @ 0x82454B5D -> HOOKED (Unknown @ 0x89E69D50) SSDT[358] : NtWriteVirtualMemory @ 0x8245192D -> HOOKED (Unknown @ 0x89E69FC0) SSDT[382] : NtCreateThreadEx @ 0x8245FFE4 -> HOOKED (Unknown @ 0x89E62DA0) S_SSDT[317] : Unknown -> HOOKED (Unknown @ 0x810498E0) S_SSDT[397] : Unknown -> HOOKED (Unknown @ 0x8104C728) S_SSDT[428] : Unknown -> HOOKED (Unknown @ 0x8102E820) S_SSDT[430] : Unknown -> HOOKED (Unknown @ 0x8116AF60) S_SSDT[442] : Unknown -> HOOKED (Unknown @ 0x8102E9F0) S_SSDT[479] : Unknown -> HOOKED (Unknown @ 0x8102E550) S_SSDT[497] : Unknown -> HOOKED (Unknown @ 0x8102E730) S_SSDT[498] : Unknown -> HOOKED (Unknown @ 0x8102E640) S_SSDT[573] : Unknown -> HOOKED (Unknown @ 0x8104E950) S_SSDT[576] : Unknown -> HOOKED (Unknown @ 0x8104EAC8) ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST9250320AS ATA Device +++++ --- User --- [MBR] 3ba5a594f5689e4c2d28b6926493b721 [bSP] b90e997a9db954e5ec97ff0327b5191f : Toshiba tatooed MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 227604 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 466135040 | Size: 10867 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[2].txt >> RKreport[1].txt ; RKreport[2].txt
  4. After prescan on Roguekiller do I need to do a scan before I click on registry and delete because otherwise after the prescan it says nothing in registry - just wanted to check, don't want to mess anything up after all your hard work
  5. RogueKiller V7.3.2 [03/20/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version Started in : Normal mode User: Catherine [Admin rights] Mode: Scan -- Date: 03/23/2012 20:59:32 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 2 ¤¤¤ [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [LOADED] ¤¤¤ SSDT[13] : NtAlertResumeThread @ 0x824DD53D -> HOOKED (Unknown @ 0x89E34C50) SSDT[14] : NtAlertThread @ 0x82456255 -> HOOKED (Unknown @ 0x89E34D30) SSDT[18] : NtAllocateVirtualMemory @ 0x824924FB -> HOOKED (Unknown @ 0x991B4F78) SSDT[21] : NtAlpcConnectPort @ 0x82434887 -> HOOKED (Unknown @ 0x87080108) SSDT[42] : NtAssignProcessToJobObject @ 0x82407B43 -> HOOKED (Unknown @ 0x885530F8) SSDT[67] : NtCreateMutant @ 0x8246A80C -> HOOKED (Unknown @ 0x89DED9B8) SSDT[77] : NtCreateSymbolicLinkObject @ 0x8240A35A -> HOOKED (Unknown @ 0x961FF398) SSDT[78] : NtCreateThread @ 0x824DBBB4 -> HOOKED (Unknown @ 0x967EBEF0) SSDT[116] : NtDebugActiveProcess @ 0x824AED22 -> HOOKED (Unknown @ 0x885531D8) SSDT[129] : NtDuplicateObject @ 0x82442551 -> HOOKED (Unknown @ 0x983D3E60) SSDT[147] : NtFreeVirtualMemory @ 0x822CEF5D -> HOOKED (Unknown @ 0x991B4DB8) SSDT[156] : NtImpersonateAnonymousToken @ 0x82404F12 -> HOOKED (Unknown @ 0x89DEDAA8) SSDT[158] : NtImpersonateThread @ 0x8241A54F -> HOOKED (Unknown @ 0x89DEDB88) SSDT[165] : NtLoadDriver @ 0x823B5DEE -> HOOKED (Unknown @ 0x878172F8) SSDT[177] : NtMapViewOfSection @ 0x8245A89A -> HOOKED (Unknown @ 0x89DEFF50) SSDT[184] : NtOpenEvent @ 0x82443DCF -> HOOKED (Unknown @ 0x89DED8D8) SSDT[194] : NtOpenProcess @ 0x8246AFA8 -> HOOKED (Unknown @ 0x983D3FC0) SSDT[195] : NtOpenProcessToken @ 0x8244BA2E -> HOOKED (Unknown @ 0x983D3DA0) SSDT[197] : NtOpenSection @ 0x8245B66D -> HOOKED (Unknown @ 0x88553400) SSDT[201] : NtOpenThread @ 0x824664FA -> HOOKED (Unknown @ 0x983D3F30) SSDT[210] : NtProtectVirtualMemory @ 0x824642DD -> HOOKED (Unknown @ 0x961FF588) SSDT[282] : NtResumeThread @ 0x82465B45 -> HOOKED (Unknown @ 0x89E34E10) SSDT[289] : NtSetContextThread @ 0x824DC883 -> HOOKED (Unknown @ 0x89DEFCA0) SSDT[305] : NtSetInformationProcess @ 0x8245E8C8 -> HOOKED (Unknown @ 0x89DEFD80) SSDT[317] : NtSetSystemInformation @ 0x82430EEB -> HOOKED (Unknown @ 0x885532B8) SSDT[330] : NtSuspendProcess @ 0x824DD477 -> HOOKED (Unknown @ 0x89DED7F8) SSDT[331] : NtSuspendThread @ 0x823E492B -> HOOKED (Unknown @ 0x89E34EF0) SSDT[334] : NtTerminateProcess @ 0x8243B143 -> HOOKED (Unknown @ 0x967EBFD0) SSDT[335] : NtTerminateThread @ 0x8246652F -> HOOKED (Unknown @ 0x89E34FD0) SSDT[348] : NtUnmapViewOfSection @ 0x8245AB5D -> HOOKED (Unknown @ 0x89DEFE70) SSDT[358] : NtWriteVirtualMemory @ 0x8245792D -> HOOKED (Unknown @ 0x991B4EA8) SSDT[382] : NtCreateThreadEx @ 0x82465FE4 -> HOOKED (Unknown @ 0x961FF488) S_SSDT[317] : Unknown -> HOOKED (Unknown @ 0x9C612BF8) S_SSDT[397] : Unknown -> HOOKED (Unknown @ 0x9D9B2560) S_SSDT[428] : Unknown -> HOOKED (Unknown @ 0x9D9B24A0) S_SSDT[430] : Unknown -> HOOKED (Unknown @ 0x9D9B2CD8) S_SSDT[442] : Unknown -> HOOKED (Unknown @ 0x9D9B26A8) S_SSDT[479] : Unknown -> HOOKED (Unknown @ 0x9C61EE60) S_SSDT[497] : Unknown -> HOOKED (Unknown @ 0x9C61EFC0) S_SSDT[498] : Unknown -> HOOKED (Unknown @ 0x9C61EF30) S_SSDT[573] : Unknown -> HOOKED (Unknown @ 0x9D9B2800) S_SSDT[576] : Unknown -> HOOKED (Unknown @ 0x9D9B88D8) ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST9250320AS ATA Device +++++ --- User --- [MBR] 3ba5a594f5689e4c2d28b6926493b721 [bSP] b90e997a9db954e5ec97ff0327b5191f : Toshiba tatooed MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 227604 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 466135040 | Size: 10867 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1].txt >> RKreport[1].txt Farbar Service Scanner Version: 01-03-2012 Ran by Catherine (administrator) on 23-03-2012 at 21:04:09 Running from "C:\Users\Catherine\Desktop" Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Yahoo IP is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=DWORD:0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=DWORD:0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=DWORD:0 System Restore: ============ System Restore Disabled Policy: ======================== Security Center: ============ Windows Update: ============ File Check: ======== C:\Windows\system32\nsisvc.dll => MD5 is legit C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit C:\Windows\system32\dhcpcsvc.dll => MD5 is legit C:\Windows\system32\Drivers\afd.sys => MD5 is legit C:\Windows\system32\Drivers\tdx.sys => MD5 is legit C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit C:\Windows\system32\dnsrslvr.dll => MD5 is legit C:\Windows\system32\mpssvc.dll => MD5 is legit C:\Windows\system32\bfe.dll => MD5 is legit C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit C:\Windows\system32\SDRSVC.dll => MD5 is legit C:\Windows\system32\vssvc.exe => MD5 is legit C:\Windows\system32\wscsvc.dll => MD5 is legit C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\system32\wuaueng.dll => MD5 is legit C:\Windows\system32\qmgr.dll => MD5 is legit C:\Windows\system32\es.dll => MD5 is legit C:\Windows\system32\cryptsvc.dll => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit **** End of log ****
  6. 20:50:48.0288 1920 TDSS rootkit removing tool 2.7.22.0 Mar 21 2012 17:40:00 20:50:50.0067 1920 ============================================================ 20:50:50.0067 1920 Current date / time: 2012/03/23 20:50:50.0067 20:50:50.0067 1920 SystemInfo: 20:50:50.0067 1920 20:50:50.0067 1920 OS Version: 6.0.6002 ServicePack: 2.0 20:50:50.0067 1920 Product type: Workstation 20:50:50.0068 1920 ComputerName: CATHERINE-PC 20:50:50.0068 1920 UserName: Catherine 20:50:50.0068 1920 Windows directory: C:\Windows 20:50:50.0068 1920 System windows directory: C:\Windows 20:50:50.0069 1920 Processor architecture: Intel x86 20:50:50.0069 1920 Number of processors: 2 20:50:50.0069 1920 Page size: 0x1000 20:50:50.0069 1920 Boot type: Normal boot 20:50:50.0069 1920 ============================================================ 20:50:52.0489 1920 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 20:50:52.0494 1920 \Device\Harddisk0\DR0: 20:50:52.0495 1920 MBR used 20:50:52.0495 1920 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1BC8A7C1 20:50:52.0495 1920 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1BC8A800, BlocksNum 0x1539800 20:50:52.0611 1920 Initialize success 20:50:52.0611 1920 ============================================================ 20:50:55.0409 5196 ============================================================ 20:50:55.0409 5196 Scan started 20:50:55.0409 5196 Mode: Manual; 20:50:55.0409 5196 ============================================================ 20:50:58.0901 5196 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 20:50:58.0910 5196 ACPI - ok 20:50:58.0968 5196 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys 20:50:58.0981 5196 adp94xx - ok 20:50:59.0017 5196 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys 20:50:59.0023 5196 adpahci - ok 20:50:59.0057 5196 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys 20:50:59.0059 5196 adpu160m - ok 20:50:59.0081 5196 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys 20:50:59.0085 5196 adpu320 - ok 20:50:59.0144 5196 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll 20:50:59.0147 5196 AeLookupSvc - ok 20:50:59.0235 5196 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys 20:50:59.0241 5196 AFD - ok 20:50:59.0294 5196 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys 20:50:59.0296 5196 agp440 - ok 20:50:59.0333 5196 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 20:50:59.0335 5196 aic78xx - ok 20:50:59.0555 5196 Akamai (31bd294dc6ddbc0f16356d958d0743a4) c:\program files\common files\akamai/netsession_win_7de0ed9.dll 20:50:59.0555 5196 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_7de0ed9.dll. md5: 31bd294dc6ddbc0f16356d958d0743a4 20:50:59.0572 5196 Akamai ( HiddenFile.Multi.Generic ) - warning 20:50:59.0572 5196 Akamai - detected HiddenFile.Multi.Generic (1) 20:50:59.0681 5196 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe 20:50:59.0686 5196 ALG - ok 20:50:59.0740 5196 aliide (3d76fda1a10acc3dc84728f55c29b6d4) C:\Windows\system32\drivers\aliide.sys 20:50:59.0742 5196 aliide - ok 20:50:59.0802 5196 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys 20:50:59.0804 5196 amdagp - ok 20:50:59.0829 5196 amdide (5b92e7839f5a1fbc1b39de67758ad6f8) C:\Windows\system32\drivers\amdide.sys 20:50:59.0831 5196 amdide - ok 20:50:59.0871 5196 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys 20:50:59.0873 5196 AmdK7 - ok 20:50:59.0903 5196 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys 20:50:59.0905 5196 AmdK8 - ok 20:51:00.0014 5196 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll 20:51:00.0015 5196 Appinfo - ok 20:51:00.0237 5196 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 20:51:00.0240 5196 Apple Mobile Device - ok 20:51:00.0724 5196 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys 20:51:00.0726 5196 arc - ok 20:51:00.0776 5196 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys 20:51:00.0779 5196 arcsas - ok 20:51:00.0925 5196 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 20:51:00.0927 5196 aspnet_state - ok 20:51:01.0022 5196 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 20:51:01.0023 5196 AsyncMac - ok 20:51:01.0062 5196 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 20:51:01.0064 5196 atapi - ok 20:51:01.0182 5196 athr (2846f5ee802889d500fcf5cc48b28381) C:\Windows\system32\DRIVERS\athr.sys 20:51:01.0228 5196 athr - ok 20:51:01.0306 5196 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll 20:51:01.0317 5196 AudioEndpointBuilder - ok 20:51:01.0334 5196 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll 20:51:01.0340 5196 Audiosrv - ok 20:51:01.0412 5196 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 20:51:01.0413 5196 Beep - ok 20:51:01.0522 5196 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll 20:51:01.0534 5196 BFE - ok 20:51:01.0730 5196 BHDrvx86 (eb7f1f1dfa95c25d762c22d3cf13d4e0) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120317.002\BHDrvx86.sys 20:51:01.0742 5196 BHDrvx86 - ok 20:51:01.0859 5196 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll 20:51:01.0892 5196 BITS - ok 20:51:01.0952 5196 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys 20:51:01.0954 5196 blbdrive - ok 20:51:02.0088 5196 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe 20:51:02.0095 5196 Bonjour Service - ok 20:51:02.0193 5196 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys 20:51:02.0195 5196 bowser - ok 20:51:02.0242 5196 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 20:51:02.0243 5196 BrFiltLo - ok 20:51:02.0265 5196 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 20:51:02.0266 5196 BrFiltUp - ok 20:51:02.0307 5196 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll 20:51:02.0312 5196 Browser - ok 20:51:02.0378 5196 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 20:51:02.0380 5196 Brserid - ok 20:51:02.0420 5196 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 20:51:02.0422 5196 BrSerWdm - ok 20:51:02.0467 5196 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 20:51:02.0468 5196 BrUsbMdm - ok 20:51:02.0492 5196 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 20:51:02.0493 5196 BrUsbSer - ok 20:51:02.0546 5196 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 20:51:02.0547 5196 BTHMODEM - ok 20:51:02.0688 5196 catchme - ok 20:51:02.0782 5196 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 20:51:02.0783 5196 cdfs - ok 20:51:02.0844 5196 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 20:51:02.0847 5196 cdrom - ok 20:51:02.0905 5196 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll 20:51:02.0908 5196 CertPropSvc - ok 20:51:02.0964 5196 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys 20:51:02.0966 5196 circlass - ok 20:51:03.0006 5196 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 20:51:03.0015 5196 CLFS - ok 20:51:03.0084 5196 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 20:51:03.0088 5196 clr_optimization_v2.0.50727_32 - ok 20:51:03.0200 5196 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 20:51:03.0203 5196 clr_optimization_v4.0.30319_32 - ok 20:51:03.0324 5196 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 20:51:03.0326 5196 CmBatt - ok 20:51:03.0353 5196 cmdide (d36372a6ea6805efbe8884d10772313f) C:\Windows\system32\drivers\cmdide.sys 20:51:03.0354 5196 cmdide - ok 20:51:03.0425 5196 CnxtHdAudService (dda0cb141150fef87419926790cd26c8) C:\Windows\system32\drivers\CHDRT32.sys 20:51:03.0432 5196 CnxtHdAudService - ok 20:51:03.0523 5196 Com4QLBEx (7795f8cebc284a426b53f541e538695f) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe 20:51:03.0527 5196 Com4QLBEx - ok 20:51:03.0676 5196 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 20:51:03.0679 5196 Compbatt - ok 20:51:03.0692 5196 COMSysApp - ok 20:51:03.0713 5196 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys 20:51:03.0715 5196 crcdisk - ok 20:51:03.0752 5196 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys 20:51:03.0753 5196 Crusoe - ok 20:51:03.0813 5196 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll 20:51:03.0818 5196 CryptSvc - ok 20:51:03.0897 5196 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll 20:51:03.0919 5196 DcomLaunch - ok 20:51:03.0986 5196 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys 20:51:03.0989 5196 DfsC - ok 20:51:04.0120 5196 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe 20:51:04.0150 5196 DFSR - ok 20:51:04.0223 5196 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll 20:51:04.0228 5196 Dhcp - ok 20:51:04.0279 5196 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 20:51:04.0280 5196 disk - ok 20:51:04.0322 5196 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll 20:51:04.0326 5196 Dnscache - ok 20:51:04.0375 5196 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll 20:51:04.0380 5196 dot3svc - ok 20:51:04.0441 5196 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll 20:51:04.0445 5196 DPS - ok 20:51:04.0504 5196 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 20:51:04.0505 5196 drmkaud - ok 20:51:04.0551 5196 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys 20:51:04.0561 5196 DXGKrnl - ok 20:51:04.0608 5196 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys 20:51:04.0610 5196 E1G60 - ok 20:51:04.0684 5196 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll 20:51:04.0688 5196 EapHost - ok 20:51:04.0768 5196 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 20:51:04.0773 5196 Ecache - ok 20:51:04.0916 5196 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 20:51:04.0923 5196 eeCtrl - ok 20:51:05.0016 5196 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe 20:51:05.0025 5196 ehRecvr - ok 20:51:05.0044 5196 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe 20:51:05.0050 5196 ehSched - ok 20:51:05.0064 5196 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll 20:51:05.0066 5196 ehstart - ok 20:51:05.0141 5196 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys 20:51:05.0152 5196 elxstor - ok 20:51:05.0216 5196 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll 20:51:05.0238 5196 EMDMgmt - ok 20:51:05.0373 5196 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 20:51:05.0375 5196 EraserUtilRebootDrv - ok 20:51:05.0501 5196 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys 20:51:05.0502 5196 ErrDev - ok 20:51:05.0579 5196 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll 20:51:05.0589 5196 EventSystem - ok 20:51:05.0773 5196 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 20:51:05.0842 5196 exfat - ok 20:51:06.0139 5196 ezSharedSvc (42f721c52eef2d6df9372a53813a83ef) C:\Windows\System32\ezsvc7.dll 20:51:06.0144 5196 ezSharedSvc - ok 20:51:06.0401 5196 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 20:51:06.0468 5196 fastfat - ok 20:51:06.0723 5196 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 20:51:06.0725 5196 fdc - ok 20:51:07.0008 5196 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll 20:51:07.0012 5196 fdPHost - ok 20:51:07.0188 5196 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll 20:51:07.0195 5196 FDResPub - ok 20:51:07.0461 5196 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 20:51:07.0463 5196 FileInfo - ok 20:51:07.0667 5196 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 20:51:07.0669 5196 Filetrace - ok 20:51:07.0879 5196 FlashUSB (e044b5c7cd5cea728d13d30d431b13e0) C:\Windows\system32\DRIVERS\FlashUSB.sys 20:51:07.0881 5196 FlashUSB - ok 20:51:08.0168 5196 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 20:51:08.0170 5196 flpydisk - ok 20:51:08.0452 5196 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 20:51:08.0457 5196 FltMgr - ok 20:51:08.0836 5196 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll 20:51:08.0991 5196 FontCache - ok 20:51:09.0256 5196 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 20:51:09.0302 5196 FontCache3.0.0.0 - ok 20:51:09.0581 5196 FsUsbExDisk (cbe5f69a5e5b918225f420ba748f3742) C:\Windows\system32\FsUsbExDisk.SYS 20:51:09.0585 5196 FsUsbExDisk - ok 20:51:09.0848 5196 FsUsbExService (96633419f4a1e37acb89b45ebccfe001) C:\Windows\system32\FsUsbExService.Exe 20:51:09.0854 5196 FsUsbExService - ok 20:51:10.0148 5196 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 20:51:10.0149 5196 Fs_Rec - ok 20:51:10.0408 5196 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys 20:51:10.0410 5196 gagp30kx - ok 20:51:10.0745 5196 GameConsoleService (551d463e4cceb5240234da6718c93a44) C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe 20:51:10.0829 5196 GameConsoleService - ok 20:51:11.0292 5196 GEARAspiWDM (5ae3a887ece5bbb72cfab273c2fd1cfa) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 20:51:11.0294 5196 GEARAspiWDM - ok 20:51:11.0734 5196 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll 20:51:11.0827 5196 gpsvc - ok 20:51:12.0173 5196 gupdate1ca1605de2dd513 (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe 20:51:12.0245 5196 gupdate1ca1605de2dd513 - ok 20:51:12.0352 5196 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe 20:51:12.0355 5196 gupdatem - ok 20:51:12.0846 5196 gusvc (408ddd80eede47175f6844817b90213e) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 20:51:12.0850 5196 gusvc - ok 20:51:13.0368 5196 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys 20:51:13.0436 5196 HdAudAddService - ok 20:51:13.0776 5196 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 20:51:13.0937 5196 HDAudBus - ok 20:51:14.0125 5196 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 20:51:14.0184 5196 HidBth - ok 20:51:14.0408 5196 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 20:51:14.0410 5196 HidIr - ok 20:51:14.0689 5196 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll 20:51:14.0725 5196 hidserv - ok 20:51:14.0960 5196 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 20:51:14.0962 5196 HidUsb - ok 20:51:15.0134 5196 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll 20:51:15.0139 5196 hkmsvc - ok 20:51:15.0394 5196 HP Health Check Service (a19b0bb5a7eb6df2dd4a0711d36955ee) c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe 20:51:15.0397 5196 HP Health Check Service - ok 20:51:15.0722 5196 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys 20:51:15.0724 5196 HpCISSs - ok 20:51:15.0759 5196 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys 20:51:15.0761 5196 HpqKbFiltr - ok 20:51:15.0896 5196 hpqwmiex (1665c7121a026df10c903db9bc5e9d43) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe 20:51:15.0900 5196 hpqwmiex - ok 20:51:16.0183 5196 HSF_DPV (cc267848cb3508e72762be65734e764d) C:\Windows\system32\DRIVERS\HSX_DPV.sys 20:51:16.0216 5196 HSF_DPV - ok 20:51:16.0248 5196 HSXHWAZL (a2882945cc4b6e3e4e9e825590438888) C:\Windows\system32\DRIVERS\HSXHWAZL.sys 20:51:16.0253 5196 HSXHWAZL - ok 20:51:16.0311 5196 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 20:51:16.0324 5196 HTTP - ok 20:51:16.0365 5196 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys 20:51:16.0367 5196 i2omp - ok 20:51:16.0797 5196 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 20:51:16.0799 5196 i8042prt - ok 20:51:16.0830 5196 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys 20:51:16.0837 5196 iaStorV - ok 20:51:16.0932 5196 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 20:51:16.0935 5196 IDriverT - ok 20:51:17.0050 5196 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 20:51:17.0082 5196 idsvc - ok 20:51:17.0276 5196 IDSVix86 (b6662611e8fa3a71473c4a9bd0d23755) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120322.002\IDSvix86.sys 20:51:17.0286 5196 IDSVix86 - ok 20:51:17.0358 5196 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 20:51:17.0359 5196 iirsp - ok 20:51:17.0406 5196 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll 20:51:17.0423 5196 IKEEXT - ok 20:51:17.0458 5196 intelide (dd512a049bd7b4bce8a83554c5eff2c1) C:\Windows\system32\drivers\intelide.sys 20:51:17.0459 5196 intelide - ok 20:51:17.0512 5196 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 20:51:17.0513 5196 intelppm - ok 20:51:17.0559 5196 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll 20:51:17.0563 5196 IPBusEnum - ok 20:51:17.0604 5196 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 20:51:17.0606 5196 IpFilterDriver - ok 20:51:17.0680 5196 iphlpsvc (7f83b06a929a981bc001b2ea304d2036) C:\Windows\System32\iphlpsvc.dll 20:51:17.0686 5196 iphlpsvc - ok 20:51:17.0712 5196 IpInIp - ok 20:51:17.0797 5196 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys 20:51:17.0799 5196 IPMIDRV - ok 20:51:17.0836 5196 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 20:51:17.0838 5196 IPNAT - ok 20:51:17.0943 5196 iPod Service (178fe38b7740f598391eb2f51ae4ccac) C:\Program Files\iPod\bin\iPodService.exe 20:51:17.0955 5196 iPod Service - ok 20:51:18.0083 5196 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 20:51:18.0085 5196 IRENUM - ok 20:51:18.0110 5196 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys 20:51:18.0113 5196 isapnp - ok 20:51:18.0176 5196 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 20:51:18.0182 5196 iScsiPrt - ok 20:51:18.0216 5196 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 20:51:18.0217 5196 iteatapi - ok 20:51:18.0233 5196 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 20:51:18.0235 5196 iteraid - ok 20:51:18.0264 5196 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 20:51:18.0267 5196 kbdclass - ok 20:51:18.0283 5196 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys 20:51:18.0285 5196 kbdhid - ok 20:51:18.0337 5196 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 20:51:18.0340 5196 KeyIso - ok 20:51:18.0402 5196 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys 20:51:18.0415 5196 KSecDD - ok 20:51:18.0478 5196 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll 20:51:18.0491 5196 KtmRm - ok 20:51:18.0535 5196 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll 20:51:18.0543 5196 LanmanServer - ok 20:51:18.0581 5196 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll 20:51:18.0592 5196 LanmanWorkstation - ok 20:51:18.0665 5196 LgBttPort (4dd47b5af0b24871ebb9efc012a7474e) C:\Windows\system32\DRIVERS\lgbtport.sys 20:51:18.0667 5196 LgBttPort - ok 20:51:18.0754 5196 lgbusenum (1d038ca6c529203087a990e5e97887b4) C:\Windows\system32\DRIVERS\lgbtbus.sys 20:51:18.0756 5196 lgbusenum - ok 20:51:18.0797 5196 LGVMODEM (26f1976a330195d62a6224c76968cf0d) C:\Windows\system32\DRIVERS\lgvmodem.sys 20:51:18.0799 5196 LGVMODEM - ok 20:51:18.0903 5196 LightScribeService (abf90fc5a127f481219b873c1b8dfc1c) C:\Program Files\Common Files\LightScribe\LSSrvc.exe 20:51:18.0905 5196 LightScribeService - ok 20:51:18.0994 5196 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 20:51:18.0996 5196 lltdio - ok 20:51:19.0039 5196 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll 20:51:19.0048 5196 lltdsvc - ok 20:51:19.0080 5196 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll 20:51:19.0084 5196 lmhosts - ok 20:51:19.0118 5196 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys 20:51:19.0121 5196 LSI_FC - ok 20:51:19.0146 5196 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys 20:51:19.0148 5196 LSI_SAS - ok 20:51:19.0174 5196 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys 20:51:19.0177 5196 LSI_SCSI - ok 20:51:19.0199 5196 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 20:51:19.0201 5196 luafv - ok 20:51:19.0280 5196 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll 20:51:19.0284 5196 Mcx2Svc - ok 20:51:19.0358 5196 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys 20:51:19.0359 5196 mdmxsdk - ok 20:51:19.0391 5196 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys 20:51:19.0392 5196 megasas - ok 20:51:19.0443 5196 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys 20:51:19.0450 5196 MegaSR - ok 20:51:19.0479 5196 mfehidk - ok 20:51:19.0499 5196 mferkdet - ok 20:51:19.0518 5196 mfevtp - ok 20:51:19.0551 5196 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll 20:51:19.0555 5196 MMCSS - ok 20:51:19.0579 5196 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 20:51:19.0580 5196 Modem - ok 20:51:19.0605 5196 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 20:51:19.0650 5196 monitor - ok 20:51:19.0689 5196 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 20:51:19.0691 5196 mouclass - ok 20:51:19.0717 5196 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 20:51:19.0719 5196 mouhid - ok 20:51:19.0773 5196 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 20:51:19.0777 5196 MountMgr - ok 20:51:19.0832 5196 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys 20:51:19.0838 5196 mpio - ok 20:51:19.0864 5196 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 20:51:19.0866 5196 mpsdrv - ok 20:51:19.0919 5196 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll 20:51:19.0942 5196 MpsSvc - ok 20:51:19.0964 5196 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 20:51:19.0966 5196 Mraid35x - ok 20:51:20.0005 5196 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 20:51:20.0008 5196 MRxDAV - ok 20:51:20.0069 5196 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys 20:51:20.0072 5196 mrxsmb - ok 20:51:20.0134 5196 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys 20:51:20.0141 5196 mrxsmb10 - ok 20:51:20.0165 5196 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 20:51:20.0168 5196 mrxsmb20 - ok 20:51:20.0213 5196 msahci (aa305cff241da187bd5077de4a2a043d) C:\Windows\system32\drivers\msahci.sys 20:51:20.0214 5196 msahci - ok 20:51:20.0239 5196 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys 20:51:20.0240 5196 msdsm - ok 20:51:20.0291 5196 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe 20:51:20.0296 5196 MSDTC - ok 20:51:20.0347 5196 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 20:51:20.0348 5196 Msfs - ok 20:51:20.0385 5196 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 20:51:20.0386 5196 msisadrv - ok 20:51:20.0426 5196 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll 20:51:20.0431 5196 MSiSCSI - ok 20:51:20.0441 5196 msiserver - ok 20:51:20.0514 5196 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 20:51:20.0516 5196 MSKSSRV - ok 20:51:20.0550 5196 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 20:51:20.0552 5196 MSPCLOCK - ok 20:51:20.0576 5196 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 20:51:20.0578 5196 MSPQM - ok 20:51:20.0747 5196 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 20:51:20.0753 5196 MsRPC - ok 20:51:20.0861 5196 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 20:51:20.0863 5196 mssmbios - ok 20:51:20.0888 5196 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 20:51:20.0889 5196 MSTEE - ok 20:51:20.0945 5196 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 20:51:20.0947 5196 Mup - ok 20:51:21.0031 5196 N360 (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files\Norton 360\Engine\5.2.0.13\ccSvcHst.exe 20:51:21.0034 5196 N360 - ok 20:51:21.0147 5196 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll 20:51:21.0163 5196 napagent - ok 20:51:21.0249 5196 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 20:51:21.0255 5196 NativeWifiP - ok 20:51:21.0454 5196 NAVENG (862f55824ac81295837b0ab63f91071f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120322.019\NAVENG.SYS 20:51:21.0458 5196 NAVENG - ok 20:51:21.0574 5196 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120322.019\NAVEX15.SYS 20:51:21.0637 5196 NAVEX15 - ok 20:51:21.0929 5196 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 20:51:21.0940 5196 NDIS - ok 20:51:21.0973 5196 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 20:51:21.0974 5196 NdisTapi - ok 20:51:22.0005 5196 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 20:51:22.0007 5196 Ndisuio - ok 20:51:22.0111 5196 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 20:51:22.0114 5196 NdisWan - ok 20:51:22.0145 5196 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 20:51:22.0147 5196 NDProxy - ok 20:51:22.0173 5196 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 20:51:22.0175 5196 NetBIOS - ok 20:51:22.0229 5196 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 20:51:22.0235 5196 netbt - ok 20:51:22.0290 5196 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 20:51:22.0292 5196 Netlogon - ok 20:51:22.0349 5196 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll 20:51:22.0361 5196 Netman - ok 20:51:22.0454 5196 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 20:51:22.0458 5196 NetMsmqActivator - ok 20:51:22.0467 5196 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 20:51:22.0469 5196 NetPipeActivator - ok 20:51:22.0532 5196 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll 20:51:22.0542 5196 netprofm - ok 20:51:22.0666 5196 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 20:51:22.0669 5196 NetTcpActivator - ok 20:51:22.0688 5196 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 20:51:22.0692 5196 NetTcpPortSharing - ok 20:51:22.0935 5196 NETw3v32 (35d5458d9a1b26b2005abffbf4c1c5e7) C:\Windows\system32\DRIVERS\NETw3v32.sys 20:51:23.0000 5196 NETw3v32 - ok 20:51:23.0029 5196 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 20:51:23.0031 5196 nfrd960 - ok 20:51:23.0071 5196 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll 20:51:23.0081 5196 NlaSvc - ok 20:51:23.0112 5196 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 20:51:23.0114 5196 Npfs - ok 20:51:23.0150 5196 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll 20:51:23.0157 5196 nsi - ok 20:51:23.0187 5196 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 20:51:23.0189 5196 nsiproxy - ok 20:51:23.0265 5196 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 20:51:23.0296 5196 Ntfs - ok 20:51:23.0331 5196 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 20:51:23.0332 5196 ntrigdigi - ok 20:51:23.0367 5196 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 20:51:23.0369 5196 Null - ok 20:51:23.0413 5196 NVENETFD (1efec38a852ab35883bfff3427b92b3f) C:\Windows\system32\DRIVERS\nvmfdx32.sys 20:51:23.0421 5196 NVENETFD - ok 20:51:23.0460 5196 NVHDA (92cfe8964b3a6da0692331fa66630db3) C:\Windows\system32\drivers\nvhda32v.sys 20:51:23.0463 5196 NVHDA - ok 20:51:23.0887 5196 nvlddmkm (73a70f1d89c942eedd99a3f10459b051) C:\Windows\system32\DRIVERS\nvlddmkm.sys 20:51:24.0131 5196 nvlddmkm - ok 20:51:24.0288 5196 NVNET (1efec38a852ab35883bfff3427b92b3f) C:\Windows\system32\DRIVERS\nvmfdx32.sys 20:51:24.0291 5196 NVNET - ok 20:51:24.0326 5196 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys 20:51:24.0329 5196 nvraid - ok 20:51:24.0392 5196 nvsmu (0fb6bf3ab170fc5bd403d25e134eafde) C:\Windows\system32\DRIVERS\nvsmu.sys 20:51:24.0393 5196 nvsmu - ok 20:51:24.0412 5196 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys 20:51:24.0414 5196 nvstor - ok 20:51:24.0459 5196 nvsvc (538a52e480c816d1990579a8faaffa20) C:\Windows\system32\nvvsvc.exe 20:51:24.0466 5196 nvsvc - ok 20:51:24.0511 5196 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys 20:51:24.0514 5196 nv_agp - ok 20:51:24.0529 5196 NwlnkFlt - ok 20:51:24.0544 5196 NwlnkFwd - ok 20:51:24.0736 5196 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 20:51:24.0744 5196 odserv - ok 20:51:25.0002 5196 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys 20:51:25.0004 5196 ohci1394 - ok 20:51:25.0071 5196 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 20:51:25.0075 5196 ose - ok 20:51:25.0189 5196 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 20:51:25.0222 5196 p2pimsvc - ok 20:51:25.0256 5196 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 20:51:25.0269 5196 p2psvc - ok 20:51:25.0314 5196 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 20:51:25.0316 5196 Parport - ok 20:51:25.0352 5196 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 20:51:25.0353 5196 partmgr - ok 20:51:25.0381 5196 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 20:51:25.0382 5196 Parvdm - ok 20:51:25.0420 5196 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll 20:51:25.0423 5196 PcaSvc - ok 20:51:25.0484 5196 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 20:51:25.0488 5196 pci - ok 20:51:25.0540 5196 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys 20:51:25.0541 5196 pciide - ok 20:51:25.0575 5196 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 20:51:25.0579 5196 pcmcia - ok 20:51:25.0649 5196 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 20:51:25.0694 5196 PEAUTH - ok 20:51:25.0865 5196 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll 20:51:25.0919 5196 pla - ok 20:51:25.0962 5196 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll 20:51:25.0975 5196 PlugPlay - ok 20:51:26.0044 5196 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 20:51:26.0057 5196 PNRPAutoReg - ok 20:51:26.0100 5196 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 20:51:26.0113 5196 PNRPsvc - ok 20:51:26.0170 5196 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll 20:51:26.0182 5196 PolicyAgent - ok 20:51:26.0242 5196 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 20:51:26.0244 5196 PptpMiniport - ok 20:51:26.0267 5196 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\DRIVERS\processr.sys 20:51:26.0271 5196 Processor - ok 20:51:26.0321 5196 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll 20:51:26.0329 5196 ProfSvc - ok 20:51:26.0377 5196 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 20:51:26.0381 5196 ProtectedStorage - ok 20:51:26.0464 5196 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 20:51:26.0467 5196 PSched - ok 20:51:26.0577 5196 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys 20:51:26.0610 5196 ql2300 - ok 20:51:26.0652 5196 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 20:51:26.0655 5196 ql40xx - ok 20:51:26.0701 5196 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll 20:51:26.0771 5196 QWAVE - ok 20:51:26.0857 5196 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 20:51:26.0859 5196 QWAVEdrv - ok 20:51:26.0882 5196 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 20:51:26.0884 5196 RasAcd - ok 20:51:26.0918 5196 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll 20:51:26.0954 5196 RasAuto - ok 20:51:27.0254 5196 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 20:51:27.0256 5196 Rasl2tp - ok 20:51:27.0305 5196 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll 20:51:27.0318 5196 RasMan - ok 20:51:27.0358 5196 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 20:51:27.0360 5196 RasPppoe - ok 20:51:27.0410 5196 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 20:51:27.0413 5196 RasSstp - ok 20:51:27.0469 5196 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 20:51:27.0477 5196 rdbss - ok 20:51:27.0511 5196 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 20:51:27.0513 5196 RDPCDD - ok 20:51:27.0558 5196 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys 20:51:27.0566 5196 rdpdr - ok 20:51:27.0584 5196 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 20:51:27.0586 5196 RDPENCDD - ok 20:51:27.0662 5196 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 20:51:27.0669 5196 RDPWD - ok 20:51:27.0806 5196 Recovery Service for Windows (0d362785bef9bdf5a6e1f4628d06716d) C:\Program Files\SMINST\BLService.exe 20:51:27.0812 5196 Recovery Service for Windows - ok 20:51:27.0921 5196 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll 20:51:27.0926 5196 RemoteAccess - ok 20:51:27.0971 5196 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll 20:51:27.0981 5196 RemoteRegistry - ok 20:51:28.0057 5196 RichVideo (805ae1f90c64758d19aaa001cf8cba12) C:\Program Files\CyberLink\Shared files\RichVideo.exe 20:51:28.0062 5196 RichVideo - ok 20:51:28.0149 5196 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe 20:51:28.0153 5196 RpcLocator - ok 20:51:28.0207 5196 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll 20:51:28.0220 5196 RpcSs - ok 20:51:28.0270 5196 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 20:51:28.0272 5196 rspndr - ok 20:51:28.0310 5196 RTSTOR (08c3394391ab0aff65d75ae65d4207e1) C:\Windows\system32\drivers\RTSTOR.SYS 20:51:28.0312 5196 RTSTOR - ok 20:51:28.0365 5196 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 20:51:28.0369 5196 SamSs - ok 20:51:28.0440 5196 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 20:51:28.0443 5196 sbp2port - ok 20:51:28.0503 5196 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll 20:51:28.0512 5196 SCardSvr - ok 20:51:28.0572 5196 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll 20:51:28.0604 5196 Schedule - ok 20:51:28.0658 5196 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll 20:51:28.0660 5196 SCPolicySvc - ok 20:51:28.0793 5196 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys 20:51:28.0796 5196 sdbus - ok 20:51:28.0882 5196 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll 20:51:28.0891 5196 SDRSVC - ok 20:51:28.0930 5196 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 20:51:28.0931 5196 secdrv - ok 20:51:28.0960 5196 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll 20:51:28.0967 5196 seclogon - ok 20:51:28.0999 5196 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll 20:51:29.0005 5196 SENS - ok 20:51:29.0037 5196 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 20:51:29.0039 5196 Serenum - ok 20:51:29.0096 5196 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 20:51:29.0099 5196 Serial - ok 20:51:29.0121 5196 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 20:51:29.0123 5196 sermouse - ok 20:51:29.0190 5196 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll 20:51:29.0198 5196 SessionEnv - ok 20:51:29.0224 5196 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys 20:51:29.0225 5196 sffdisk - ok 20:51:29.0252 5196 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys 20:51:29.0254 5196 sffp_mmc - ok 20:51:29.0283 5196 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys 20:51:29.0285 5196 sffp_sd - ok 20:51:29.0310 5196 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 20:51:29.0311 5196 sfloppy - ok 20:51:29.0354 5196 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll 20:51:29.0365 5196 SharedAccess - ok 20:51:29.0405 5196 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll 20:51:29.0413 5196 ShellHWDetection - ok 20:51:29.0456 5196 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys 20:51:29.0457 5196 sisagp - ok 20:51:29.0484 5196 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys 20:51:29.0485 5196 SiSRaid2 - ok 20:51:29.0510 5196 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys 20:51:29.0511 5196 SiSRaid4 - ok 20:51:29.0629 5196 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe 20:51:29.0656 5196 slsvc - ok 20:51:29.0755 5196 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll 20:51:29.0761 5196 SLUINotify - ok 20:51:29.0859 5196 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 20:51:29.0862 5196 Smb - ok 20:51:29.0911 5196 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe 20:51:29.0917 5196 SNMPTRAP - ok 20:51:30.0073 5196 SNP2UVC (5140166bbcafe1393d4669353a1f8c0a) C:\Windows\system32\DRIVERS\snp2uvc.sys 20:51:30.0170 5196 SNP2UVC - ok 20:51:30.0198 5196 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 20:51:30.0200 5196 spldr - ok 20:51:30.0249 5196 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe 20:51:30.0256 5196 Spooler - ok 20:51:30.0382 5196 SRTSP (83726cf02eced69138948083e06b6eac) C:\Windows\System32\Drivers\N360\0502000.00D\SRTSP.SYS 20:51:30.0399 5196 SRTSP - ok 20:51:30.0452 5196 SRTSPX (4e7eab2e5615d39cf1f1df9c71e5e225) C:\Windows\system32\drivers\N360\0502000.00D\SRTSPX.SYS 20:51:30.0455 5196 SRTSPX - ok 20:51:30.0515 5196 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys 20:51:30.0524 5196 srv - ok 20:51:30.0576 5196 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys 20:51:30.0582 5196 srv2 - ok 20:51:30.0698 5196 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys 20:51:30.0701 5196 srvnet - ok 20:51:30.0792 5196 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll 20:51:30.0801 5196 SSDPSRV - ok 20:51:30.0911 5196 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll 20:51:30.0921 5196 SstpSvc - ok 20:51:30.0998 5196 ss_bbus (3f0164fbc0bd1adbd02df9759181451a) C:\Windows\system32\DRIVERS\ss_bbus.sys 20:51:31.0000 5196 ss_bbus - ok 20:51:31.0047 5196 ss_bmdfl (b89d62206034e5fe573c80a24dd55675) C:\Windows\system32\DRIVERS\ss_bmdfl.sys 20:51:31.0049 5196 ss_bmdfl - ok 20:51:31.0109 5196 ss_bmdm (1ed0fcea586fe2a416ee15196e5631dd) C:\Windows\system32\DRIVERS\ss_bmdm.sys 20:51:31.0112 5196 ss_bmdm - ok 20:51:31.0190 5196 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll 20:51:31.0214 5196 stisvc - ok 20:51:31.0259 5196 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 20:51:31.0261 5196 swenum - ok 20:51:31.0308 5196 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll 20:51:31.0321 5196 swprv - ok 20:51:31.0349 5196 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 20:51:31.0352 5196 Symc8xx - ok 20:51:31.0475 5196 SymDS (9bbeb8c6258e72d62e7560e6667aad39) C:\Windows\system32\drivers\N360\0502000.00D\SYMDS.SYS 20:51:31.0480 5196 SymDS - ok 20:51:31.0560 5196 SymEFA (d5c02629c02a820a7e71bca3d44294a3) C:\Windows\system32\drivers\N360\0502000.00D\SYMEFA.SYS 20:51:31.0566 5196 SymEFA - ok 20:51:31.0733 5196 SymEvent (ab33c3b196197ca467cbdda717860dba) C:\Windows\system32\Drivers\SYMEVENT.SYS 20:51:31.0737 5196 SymEvent - ok 20:51:31.0868 5196 SYMFW - ok 20:51:32.0010 5196 SymIRON (a73399804d5d4a8b20ba60fcf70c9f1f) C:\Windows\system32\drivers\N360\0502000.00D\Ironx86.SYS 20:51:32.0012 5196 SymIRON - ok 20:51:32.0072 5196 SYMNDISV - ok 20:51:32.0180 5196 SYMTDIv (d42a7229e333af725f1445f785e4658d) C:\Windows\System32\Drivers\N360\0502000.00D\SYMTDIV.SYS 20:51:32.0184 5196 SYMTDIv - ok 20:51:32.0223 5196 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 20:51:32.0224 5196 Sym_hi - ok 20:51:32.0246 5196 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 20:51:32.0249 5196 Sym_u3 - ok 20:51:32.0308 5196 SynTP (00b19f27858f56181edb58b71a7c67a0) C:\Windows\system32\DRIVERS\SynTP.sys 20:51:32.0313 5196 SynTP - ok 20:51:32.0397 5196 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll 20:51:32.0427 5196 SysMain - ok 20:51:32.0457 5196 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll 20:51:32.0466 5196 TabletInputService - ok 20:51:32.0512 5196 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll 20:51:32.0525 5196 TapiSrv - ok 20:51:32.0549 5196 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll 20:51:32.0556 5196 TBS - ok 20:51:32.0715 5196 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys 20:51:32.0801 5196 Tcpip - ok 20:51:32.0935 5196 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys 20:51:32.0948 5196 Tcpip6 - ok 20:51:33.0039 5196 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 20:51:33.0041 5196 tcpipreg - ok 20:51:33.0118 5196 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 20:51:33.0120 5196 TDPIPE - ok 20:51:33.0159 5196 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 20:51:33.0161 5196 TDTCP - ok 20:51:33.0221 5196 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 20:51:33.0224 5196 tdx - ok 20:51:33.0268 5196 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 20:51:33.0270 5196 TermDD - ok 20:51:33.0315 5196 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll 20:51:33.0326 5196 TermService - ok 20:51:33.0370 5196 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll 20:51:33.0374 5196 Themes - ok 20:51:33.0422 5196 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll 20:51:33.0424 5196 THREADORDER - ok 20:51:33.0452 5196 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll 20:51:33.0455 5196 TrkWks - ok 20:51:33.0506 5196 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe 20:51:33.0508 5196 TrustedInstaller - ok 20:51:33.0575 5196 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 20:51:33.0576 5196 tssecsrv - ok 20:51:33.0625 5196 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 20:51:33.0627 5196 tunmp - ok 20:51:33.0647 5196 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys 20:51:33.0649 5196 tunnel - ok 20:51:33.0694 5196 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys 20:51:33.0696 5196 uagp35 - ok 20:51:33.0821 5196 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 20:51:33.0829 5196 udfs - ok 20:51:33.0914 5196 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe 20:51:33.0922 5196 UI0Detect - ok 20:51:33.0978 5196 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys 20:51:33.0981 5196 uliagpkx - ok 20:51:34.0018 5196 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys 20:51:34.0026 5196 uliahci - ok 20:51:34.0046 5196 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 20:51:34.0049 5196 UlSata - ok 20:51:34.0072 5196 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 20:51:34.0076 5196 ulsata2 - ok 20:51:34.0107 5196 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 20:51:34.0109 5196 umbus - ok 20:51:34.0163 5196 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll 20:51:34.0170 5196 upnphost - ok 20:51:34.0242 5196 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys 20:51:34.0244 5196 USBAAPL - ok 20:51:34.0358 5196 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys 20:51:34.0360 5196 usbaudio - ok 20:51:34.0500 5196 usbbus (8ef48ff1c23b1ce6f96d09a45959eb20) C:\Windows\system32\DRIVERS\lgusbbus.sys 20:51:34.0502 5196 usbbus - ok 20:51:34.0545 5196 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 20:51:34.0547 5196 usbccgp - ok 20:51:34.0601 5196 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 20:51:34.0604 5196 usbcir - ok 20:51:34.0680 5196 UsbDiag (a0e24c5c2d0cff04bbd3753a72fae80b) C:\Windows\system32\DRIVERS\lgusbdiag.sys 20:51:34.0682 5196 UsbDiag - ok 20:51:34.0840 5196 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 20:51:34.0842 5196 usbehci - ok 20:51:34.0892 5196 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 20:51:34.0899 5196 usbhub - ok 20:51:34.0943 5196 USBModem (cc09a1132b1f6a8362107cc134e90d0b) C:\Windows\system32\DRIVERS\lgusbmodem.sys 20:51:34.0945 5196 USBModem - ok 20:51:34.0976 5196 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys 20:51:34.0978 5196 usbohci - ok 20:51:35.0033 5196 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys 20:51:35.0035 5196 usbprint - ok 20:51:35.0107 5196 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 20:51:35.0109 5196 USBSTOR - ok 20:51:35.0145 5196 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 20:51:35.0147 5196 usbuhci - ok 20:51:35.0203 5196 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys 20:51:35.0208 5196 usbvideo - ok 20:51:35.0271 5196 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll 20:51:35.0277 5196 UxSms - ok 20:51:35.0341 5196 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe 20:51:35.0364 5196 vds - ok 20:51:35.0417 5196 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys 20:51:35.0419 5196 vga - ok 20:51:35.0446 5196 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 20:51:35.0448 5196 VgaSave - ok 20:51:35.0478 5196 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys 20:51:35.0480 5196 viaagp - ok 20:51:35.0520 5196 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys 20:51:35.0522 5196 ViaC7 - ok 20:51:35.0558 5196 viaide (ea1aa6e3abb3c194feba12a46de8cf2c) C:\Windows\system32\drivers\viaide.sys 20:51:35.0559 5196 viaide - ok 20:51:35.0588 5196 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 20:51:35.0591 5196 volmgr - ok 20:51:35.0666 5196 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 20:51:35.0675 5196 volmgrx - ok 20:51:35.0786 5196 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 20:51:35.0792 5196 volsnap - ok 20:51:35.0863 5196 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys 20:51:35.0865 5196 vsmraid - ok 20:51:35.0926 5196 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe 20:51:35.0960 5196 VSS - ok 20:51:35.0984 5196 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll 20:51:35.0996 5196 W32Time - ok 20:51:36.0054 5196 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 20:51:36.0056 5196 WacomPen - ok 20:51:36.0080 5196 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 20:51:36.0081 5196 Wanarp - ok 20:51:36.0090 5196 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 20:51:36.0092 5196 Wanarpv6 - ok 20:51:36.0149 5196 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll 20:51:36.0161 5196 wcncsvc - ok 20:51:36.0187 5196 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll 20:51:36.0195 5196 WcsPlugInService - ok 20:51:36.0247 5196 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys 20:51:36.0249 5196 Wd - ok 20:51:36.0296 5196 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 20:51:36.0311 5196 Wdf01000 - ok 20:51:36.0360 5196 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll 20:51:36.0370 5196 WdiServiceHost - ok 20:51:36.0379 5196 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll 20:51:36.0387 5196 WdiSystemHost - ok 20:51:36.0452 5196 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll 20:51:36.0463 5196 WebClient - ok 20:51:36.0506 5196 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll 20:51:36.0517 5196 Wecsvc - ok 20:51:36.0554 5196 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll 20:51:36.0561 5196 wercplsupport - ok 20:51:36.0603 5196 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll 20:51:36.0647 5196 WerSvc - ok 20:51:36.0863 5196 winachsf (0acd399f5db3df1b58903cf4949ab5a8) C:\Windows\system32\DRIVERS\HSX_CNXT.sys 20:51:36.0873 5196 winachsf - ok 20:51:36.0932 5196 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll 20:51:36.0943 5196 WinDefend - ok 20:51:36.0966 5196 WinHttpAutoProxySvc - ok 20:51:37.0073 5196 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll 20:51:37.0080 5196 Winmgmt - ok 20:51:37.0167 5196 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll 20:51:37.0211 5196 WinRM - ok 20:51:37.0308 5196 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll 20:51:37.0415 5196 Wlansvc - ok 20:51:37.0793 5196 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 20:51:37.0817 5196 wlidsvc - ok 20:51:37.0957 5196 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys 20:51:37.0961 5196 WmiAcpi - ok 20:51:38.0037 5196 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe 20:51:38.0043 5196 wmiApSrv - ok 20:51:38.0112 5196 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe 20:51:38.0127 5196 WMPNetworkSvc - ok 20:51:38.0213 5196 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll 20:51:38.0226 5196 WPCSvc - ok 20:51:38.0281 5196 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll 20:51:38.0289 5196 WPDBusEnum - ok 20:51:38.0338 5196 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys 20:51:38.0339 5196 WpdUsb - ok 20:51:38.0474 5196 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 20:51:38.0481 5196 WPFFontCache_v0400 - ok 20:51:38.0549 5196 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 20:51:38.0550 5196 ws2ifsl - ok 20:51:38.0602 5196 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll 20:51:38.0609 5196 wscsvc - ok 20:51:38.0627 5196 WSearch - ok 20:51:38.0757 5196 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll 20:51:38.0868 5196 wuauserv - ok 20:51:38.0916 5196 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 20:51:38.0919 5196 WUDFRd - ok 20:51:38.0953 5196 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll 20:51:38.0962 5196 wudfsvc - ok 20:51:38.0996 5196 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys 20:51:38.0998 5196 XAudio - ok 20:51:39.0040 5196 XAudioService (cd5f291a1161f15896d1a4d63daff5df) C:\Windows\system32\DRIVERS\xaudio.exe 20:51:39.0048 5196 XAudioService - ok 20:51:39.0170 5196 yukonwlh (7d1f3b131d503ef43ee594b5a2b9b427) C:\Windows\system32\DRIVERS\yk60x86.sys 20:51:39.0177 5196 yukonwlh - ok 20:51:39.0210 5196 MBR (0x1B8) (588ae8f0c685c02ba11f30d9cd7e61a0) \Device\Harddisk0\DR0 20:51:39.0261 5196 \Device\Harddisk0\DR0 - ok 20:51:39.0270 5196 Boot (0x1200) (a58e3923b536cc8ef7980b615a3d01eb) \Device\Harddisk0\DR0\Partition0 20:51:39.0272 5196 \Device\Harddisk0\DR0\Partition0 - ok 20:51:39.0373 5196 Boot (0x1200) (ab06ad29fdcf6311d100b56ae8551f6f) \Device\Harddisk0\DR0\Partition1 20:51:39.0376 5196 \Device\Harddisk0\DR0\Partition1 - ok 20:51:39.0383 5196 ============================================================ 20:51:39.0383 5196 Scan finished 20:51:39.0383 5196 ============================================================ 20:51:39.0411 1672 Detected object count: 1 20:51:39.0411 1672 Actual detected object count: 1 20:51:55.0514 1672 Akamai ( HiddenFile.Multi.Generic ) - skipped by user 20:51:55.0515 1672 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
  7. OK - here are the requested logs; McAfee® Labs Stinger Version 10.2.0.555 built on Mar 22 2012 Copyright © 2011 McAfee, Inc. All Rights Reserved. Virus data file v1000.0000 created on Mar 22 2012. Ready to scan for 4198 viruses, trojans and variants. Scan initiated on Fri Mar 23 20:24:37 2012 Rootkit scan result : Clean Master Boot Record(s):....1 Possibly Infected:.............0 Boot Sector(s):.................2 Possibly Infected: ............0 Number of clean files: 29163 aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-03-23 20:43:50 ----------------------------- 20:43:50.616 OS Version: Windows 6.0.6002 Service Pack 2 20:43:50.617 Number of processors: 2 586 0x301 20:43:50.619 ComputerName: CATHERINE-PC UserName: Catherine 20:43:54.573 Initialize success 20:45:04.472 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-4 20:45:04.477 Disk 0 Vendor: ST9250320AS HP07 Size: 238475MB BusType: 3 20:45:04.494 Disk 0 MBR read successfully 20:45:04.502 Disk 0 MBR scan 20:45:04.508 Disk 0 unknown MBR code 20:45:04.514 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 227604 MB offset 63 20:45:04.566 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10867 MB offset 466135040 20:45:04.576 Disk 0 scanning sectors +488390656 20:45:04.643 Disk 0 scanning C:\Windows\system32\drivers 20:45:16.748 Service scanning 20:45:35.762 Modules scanning 20:45:45.360 Scan finished successfully 20:46:11.853 Disk 0 MBR has been saved successfully to "C:\Users\Catherine\Desktop\MBR.dat" 20:46:11.856 The log file has been saved successfully to "C:\Users\Catherine\Desktop\aswMBR.txt"
  8. Hi, I will run all of the above instructions tonight but to answer your question I haven't run any sort of file cleaner recently or had help elsewhere. I simply got up in the morning and noticed that when I used the laptop the internet was opening separate windows for everything I clicked on and I also happened to notice that the link from the start menu to my calculator had disapeared. Later that day Norton notified me that it had found Trojan Gen 2 and it was then that I noticed all the missing things. I did try to register with the Norton community website to ask for help but never completed the registration because I found this website. Thanks for all you have helped with so far, I will post results as soon as done. Catherine
  9. ok me again! found the combofax.txt file. went through all notepad files and there is was. Here it is: ComboFix 12-03-22.01 - Catherine 23/03/2012 10:40:38.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.2814.1566 [GMT 0:00] Running from: c:\users\Catherine\Desktop\Combo-Fix.exe AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton 360 *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Catherine\AppData\Roaming\Local c:\users\Catherine\AppData\Roaming\Local\Temp\DDM\Settings\0.ddi c:\users\Catherine\AppData\Roaming\Local\Temp\DDM\Settings\9.2602692.avi&b=161.ddr c:\users\Catherine\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi c:\users\Catherine\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\9.2602692.avi&b=161 c:\users\Catherine\AppData\Roaming\log.txt c:\windows\Downloaded Program Files\f3initialsetup1.0.1.1.inf . . ((((((((((((((((((((((((( Files Created from 2012-02-23 to 2012-03-23 ))))))))))))))))))))))))))))))) . . 2012-03-23 10:58 . 2012-03-23 10:58 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-03-22 22:12 . 2012-03-22 22:24 -------- d-----w- c:\program files\trend micro 2012-03-22 22:12 . 2012-03-22 22:14 -------- d-----w- C:\rsit 2012-03-22 19:00 . 2012-03-22 19:01 -------- d-----w- c:\program files\ERUNT 2012-03-22 11:39 . 2012-03-22 11:39 -------- d-----w- c:\users\Catherine\AppData\Roaming\Malwarebytes 2012-03-22 11:38 . 2012-03-22 11:38 -------- d-----w- c:\programdata\Malwarebytes 2012-03-22 11:38 . 2011-12-10 15:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-03-22 11:38 . 2012-03-22 11:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-03-22 01:22 . 2012-03-22 01:22 -------- d-----w- c:\users\Catherine\AppData\Roaming\Tific 2012-03-21 13:03 . 2012-03-21 13:03 -------- d-----w- c:\users\Catherine\AppData\Roaming\casualArts 2012-03-21 13:03 . 2012-03-21 13:03 -------- d-----w- c:\programdata\casualArts 2012-03-21 13:01 . 2012-03-21 13:03 -------- d-----w- c:\program files\Easter Eggztravaganza 2012-03-19 19:24 . 2012-03-19 19:31 -------- d-----w- c:\program files\Nancy Drew - Secret of Shadow Ranch 2012-03-15 23:02 . 2012-03-15 23:03 -------- d-----w- c:\programdata\Codec-C 2012-03-09 16:21 . 2012-03-09 16:23 -------- d-----w- c:\users\Catherine\AppData\Roaming\DarkParablesBriarRoseSE_BFG 2012-03-07 11:34 . 2012-03-07 11:35 -------- d-----w- c:\program files\Mystery Trackers - Black Isle Collector's Edition 2012-02-26 23:22 . 2012-02-26 23:23 -------- d-----w- c:\program files\Depths of Betrayal Collector's Edition 2012-02-26 00:26 . 2012-02-26 00:26 -------- d-----w- c:\users\Catherine\AppData\Roaming\Artogon 2012-02-23 10:51 . 2012-02-23 10:52 -------- d-----w- c:\program files\The Surprising Adventures of Munchausen . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-01-12 19:52 . 2012-02-16 02:37 2044416 ----a-w- c:\windows\system32\win32k.sys 2009-07-14 00:16 . 2009-07-14 00:16 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll 2009-07-14 00:16 . 2009-07-14 00:16 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{26AB07E2-9562-409C-83F1-D68E0B79169E}] 2012-03-15 18:52 141312 ----a-w- c:\programdata\Codec-C\bhoclass.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "Akamai NetSession Interface"="c:\users\Catherine\AppData\Local\Akamai\netsession_win.exe" [2012-03-13 3331872] "AutoStartNPSAgent"="c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe" [2010-07-04 95576] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-17 1049896] "QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-09-24 468264] "UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216] "UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-10-07 210216] "UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-12-24 222504] "QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-08-01 202032] "UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216] "UpdatePDIRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216] "HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752] "snp2uvc"="c:\windows\vsnp2uvc.exe" [2008-08-01 675840] "B2C_AGENT"="c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe" [2010-09-11 391096] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-12-08 421736] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\startupfolder\C:^Users^Catherine^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk] path=c:\users\Catherine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-09-20 23:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2010-09-23 04:47 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2011-12-08 01:36 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-11-29 17:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2011-09-07 11:44 273528 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache Akamai REG_MULTI_SZ Akamai . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs ezSharedSvc . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2008-06-09 17:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Contents of the 'Scheduled Tasks' folder . 2012-03-22 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-05 21:02] . 2012-03-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-08-05 19:49] . 2012-03-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-08-05 19:49] . 2012-03-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2952540547-3902875564-2887180070-1000Core.job - c:\users\Catherine\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-15 17:41] . 2012-03-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2952540547-3902875564-2887180070-1000UA.job - c:\users\Catherine\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-15 17:41] . . ------- Supplementary Scan ------- . uStart Page = hxxp://virginmedia.com/ mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=91&bd=Presario&pf=cnnb uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local> IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.2.1 194.168.4.100 194.168.8.100 . - - - - ORPHANS REMOVED - - - - . WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKCU-Run-EA Core - c:\program files\Electronic Arts\EADM\Core.exe HKLM-Run-NPSStartup - (no file) MSConfigStartUp-DivX Download Manager - c:\program files\DivX\DivX Plus Web Player\DDmService.exe AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-03-23 11:01 Windows 6.0.6002 Service Pack 2 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\N360] "ImagePath"="\"c:\program files\Norton 360\Engine\5.2.0.13\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\5.2.0.13\diMaster.dll\" /prefetch:1" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Akamai] "ServiceDll"="c:\program files\common files\akamai/netsession_win_7de0ed9.dll" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Completion time: 2012-03-23 11:06:08 ComboFix-quarantined-files.txt 2012-03-23 11:05 . Pre-Run: 147,098,574,848 bytes free Post-Run: 147,245,703,168 bytes free . - - End Of File - - 031D1E4DB64037FA34AA98A53154D17B
  10. Sorry I meant to add that just before the combo fix notebook log appeared and was empty, I got a message on screen saying; Cannot find c:\users\cather~\appdata\local\temp\log.txt file. Do you want to create a new file with a yes and a no box. I clicked yes and the txt log opened but was completely blank.
  11. ok did exactly as you stated but have a problem. The Malwarebytes ran fine and I have attached the log. I then ran Combo-fix. At the end it popped up a notepad doc which was completely empty. I have been to c:\combo-fix file on computer but it only contains 2 files (pev.exe and snapshot.00.dat). Other than that Norton background scan just ran on my machine when I wasn't using it and said it found a virus which was combo-fix. It said it removed it. Computer is same as it was before still missing the files I said about. Here is the Malware log: Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Database version: v2012.03.22.05 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Catherine :: CATHERINE-PC [administrator] 23/03/2012 10:22:33 mbam-log-2012-03-23 (10-22-33).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 204898 Time elapsed: 9 minute(s), 31 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  12. Final log file from security check: Results of screen317's Security Check version 0.99.24 Windows Vista Service Pack 2 x86 (UAC is enabled) Internet Explorer 9 `````````````````````````````` Antivirus/Firewall Check: Windows Firewall Disabled! Norton 360 WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Spybot - Search & Destroy Eusing Free Registry Cleaner Java 6 Update 29 Java 6 Update 7 Out of date Java installed! Adobe Flash Player ( 10.0.32.18) Flash Player Out of Date! ```````````````````````````````` Process Check: objlist.exe by Laurent Norton ccSvcHst.exe ``````````End of Log````````````
  13. Second file from RSIT: info.txt logfile of random's system information tool 1.09 2012-03-22 22:14:05 ======Uninstall list====== Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438} -->"C:\Program Files\HP Games\Candy Land - Dora the Explorer Edition\Uninstall.exe" -->"C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe" -->"C:\Program Files\HP Games\My HP Game Console\Uninstall.exe" -->"C:\Program Files\HP Games\Polar Bowler\Uninstall.exe" -->"C:\Program Files\HP Games\Polar Golfer Pineapple Cup\Uninstall.exe" -->"C:\Program Files\HP Games\Polar Golfer\Uninstall.exe" -->"C:\Program Files\HP Games\Polar Pool\Uninstall.exe" -->"C:\Program Files\HP Games\Polar Tubing\Uninstall.exe" -->"C:\Program Files\HP Games\Scrabble Plus\Uninstall.exe" -->"C:\Program Files\HP Games\SpongeBob SquarePants 3D Obstacle Odyssey\Uninstall.exe" -->"C:\Program Files\HP Games\Super Granny\Uninstall.exe" -->C:\Program Files\Conexant\SmartAudio\SETUP.EXE -U -ISmartAudio -SM=SMAUDIO.EXE,1801 -->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC -->MsiExec /X{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF} Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07} Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE ActiveCheck component for HP Active Support Library-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E} Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{B194272D-1F92-46DF-99EB-8D5CE91CB4EC} Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe Adobe Flash Player 11 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe -maintain activex Adobe Reader 9.4.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A94000000001} Adobe Shockwave Player-->MsiExec.exe /X{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11} Akamai NetSession Interface Service-->C:\Program Files\Common Files\Akamai\uninstall.exe Amazon MP3 Downloader 1.0.9-->C:\Program Files\Amazon\MP3 Downloader\Uninstall.exe Angry Birds Rio-->MsiExec.exe /I{E0B3F290-186B-46C8-BA95-F3D6542C2407} Angry Birds Seasons-->MsiExec.exe /I{9240D97C-D575-465E-A681-21C0979EE5DF} Angry Birds-->MsiExec.exe /I{73AD5A08-FCFE-44EA-9436-3F7BEAF60049} Apple Application Support-->MsiExec.exe /I{343666E2-A059-48AC-AD67-230BF74E2DB2} Apple Mobile Device Support-->MsiExec.exe /I{8153ED9A-C94A-426E-9880-5E6775C08B62} Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} Atheros Driver Installation Program-->C:\Program Files\InstallShield Installation Information\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}\setup.exe -runfromtemp -l0x0009 Big Fish Games: Game Manager-->C:\Program Files\bfgclient\Uninstall.exe Bonjour-->MsiExec.exe /X{79155F2B-9895-49D7-8612-D92580E0DE5B} Burger Shop-->"C:\Program Files\HP Games\Burger Shop\uninstall\uninstaller.exe" Cisco EAP-FAST Module-->MsiExec.exe /I{415B2719-AD3A-4944-B404-C472DB6085B3} Cisco LEAP Module-->MsiExec.exe /I{83770D14-21B9-44B3-8689-F7B523F94560} Cisco PEAP Module-->MsiExec.exe /I{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E} Codec-C-->C:\ProgramData\Codec-C\uninstall.exe -path=C:\ProgramData\Codec-C Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE} Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU32a.exe -U -IWAHerza.INF CyberLink DVD Suite-->"C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall CyberLink DVD Suite-->"C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF} Depths of Betrayal Collector's Edition-->"C:\Program Files\Depths of Betrayal Collector's Edition\Uninstall.exe" DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN Easter Eggztravaganza-->"C:\Program Files\Easter Eggztravaganza\Uninstall.exe" ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe" ESU for Microsoft Vista-->MsiExec.exe /I{3877C901-7B90-4727-A639-B6ED2DD59D43} Eusing Free Registry Cleaner-->C:\PROGRA~1\EUSING~1\UNWISE.EXE C:\PROGRA~1\EUSING~1\INSTALL.LOG Family Tree Maker 2011-->"C:\Program Files\InstallShield Installation Information\{3B3D2CFD-3C21-4AA0-94DE-45577B5BAB16}\setup.exe" -runfromtemp -l0x0409 -removeonly Family Tree Maker 2011-->MsiExec.exe /X{3B3D2CFD-3C21-4AA0-94DE-45577B5BAB16} Google Earth-->MsiExec.exe /X{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Google Updater-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_HERMOSA_HSF\UIU32m.exe -U -IHPQHERzm.inf Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" HP Active Support Library-->"C:\Program Files\InstallShield Installation Information\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}\setup.exe" -runfromtemp -l0x0409 -removeonly HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57A5AEC1-97FC-474D-92C4-908FCC2253D4}\setup.exe" -l0x9 -removeonly HP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F} HP DVD Play 3.7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall HP Games-->"C:\Program Files\HP Games\Uninstall.exe" HP Help and Support-->MsiExec.exe /I{0054A0F6-00C9-4498-B821-B5C9578F433E} HP Quick Launch Buttons 6.40 H2-->C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x0009 uninst HP Total Care Advisor-->MsiExec.exe /X{154A4184-1A3D-4BF9-A5AE-4FA1660445F3} HP Update-->MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F} HP User Guides 0118-->MsiExec.exe /I{B6D0B141-B2BE-4DD0-B08F-B9186F3E36B3} HP Wireless Assistant-->MsiExec.exe /I{9ADABDDE-9644-461B-9E73-83FA3EFCAB50} HPAsset component for HP Active Support Library-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367} HPNetworkAssistant-->MsiExec.exe /I{228C6B46-64E2-404E-898A-EF0830603EF4} HPTCSSetup-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{846DDADA-0239-4B67-A6B1-33658863793B}\setup.exe" -l0x9 -removeonly Hunting Unlimited 2008-->"C:\Program Files\HP Games\Hunting Unlimited 2008\uninstall\uninstaller.exe" Hunting Unlimited 2011-->"C:\Program Files\HP Games\Hunting Unlimited 2011\uninstall\uninstaller.exe" Infineon USB driver 1.0.0.6-->"C:\Program Files\infineon\FlashUtility\drivers\Infineon USB driver\V1.0.0.6\unins000.exe" IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe iTunes-->MsiExec.exe /I{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F} Java 6 Update 29-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} LabelPrint-->"C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall LabelPrint-->"C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall LG Bluetooth Drivers-->MsiExec.exe /X{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019} LG USB Modem Driver-->"C:\Program Files\InstallShield Installation Information\{C3ABE126-2BB2-4246-BFE1-6797679B3579}\setup.exe" -runfromtemp -l0x0409 LG -removeonly LightScribe System Software 1.14.17.1-->MsiExec.exe /X{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB} Malwarebytes Anti-Malware version 1.60.1.1000-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6} Microsoft .NET Framework 4 Extended-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /parameterfolder Extended Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{0A0CADCF-78DA-33C4-A350-CD51849B9702} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93} Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE} Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE} Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE} Microsoft Office PowerPoint Viewer 2007 (English)-->MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {71F055E8-E2C6-4214-BB3D-BFE03561B89E} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {2314F9A1-126F-45CC-8A5E-DFAF866F3FBC} Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE} Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE} Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE} Microsoft Primary Interoperability Assemblies 2005-->MsiExec.exe /X{D24DB8B9-BB6C-4334-9619-BA1C650E13D3} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F} Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E} Microsoft Works-->MsiExec.exe /I{15BC8CD0-A65B-47D0-A2DD-90A824590FA8} Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13} MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} muvee Reveal-->MsiExec.exe /X{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC} Mystery Trackers: Black Isle Collector's Edition-->"C:\Program Files\Mystery Trackers - Black Isle Collector's Edition\Uninstall.exe" Nancy Drew: Secret of Shadow Ranch-->"C:\Program Files\Nancy Drew - Secret of Shadow Ranch\Uninstall.exe" NetWaiting-->C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0009 -removeonly Norton 360-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\2454B0AB\5.2.0.13\InstStub.exe /X /ARP NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI NVIDIA Graphics Driver 266.58-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.1\NVI2.DLL",UninstallPackage Display.Driver NVIDIA HD Audio Driver 1.1.13.1-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage HDAudio.Driver NVIDIA PhysX System Software 9.10.0514-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.1\NVI2.DLL",UninstallPackage Display.PhysX NVIDIA PhysX-->MsiExec.exe /X{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF} OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18} OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U OpenOffice.org 3.1-->MsiExec.exe /I{E6B87DC4-2B3D-4483-ADFF-E483BF718991} Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall Premiumplay Codec-C-->C:\Program Files\Premiumplay Codec-C\Uninstall.exe PSD Viewer-->"C:\Program Files\PSDViewer\unins000.exe" QuickTime-->MsiExec.exe /I{57752979-A1C9-4C02-856B-FBB27AC4E02C} RealNetworks - Microsoft Visual C++ 2008 Runtime-->MsiExec.exe /X{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA} RealPlayer-->C:\Program Files\Real\RealPlayer\Update\r1puninst.exe RealNetworks|RealPlayer|12.0 Realtek USB 2.0 Card Reader-->C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\setup.exe -runfromtemp -l0x0009 -removeonly RealUpgrade 1.1-->MsiExec.exe /I{28C2DED6-325B-4CC7-983A-1777C8F7FBAB} Royal Envoy 2-->"C:\Program Files\Royal Envoy 2\Uninstall.exe" Samsung New PC Studio-->"C:\Program Files\InstallShield Installation Information\{F193FC0E-9E18-40FC-A974-509A1BDD240A}\setup.exe" -runfromtemp -l0x0809 -removeonly Samsung New PC Studio-->MsiExec.exe /X{F193FC0E-9E18-40FC-A974-509A1BDD240A} SAMSUNG USB Driver for Mobile Phones-->C:\Program Files\Samsung\USB Drivers\Uninstall.exe Sandlot Connect Version 1.2.6-->"C:\Program Files\Common Files\Sandlot Shared\unins000.exe" SeaMonkey (2.4.1)-->C:\Program Files\SeaMonkey\uninstall\helper.exe Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {F6F5AC31-9833-3E77-AC8E-8E910CAB39AE} /qb+ REBOOTPROMPT="" Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DB31DEDD-BF95-31E7-A9B7-5480561CEFF3} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8DDEFC7E-0C61-3D11-AFC6-5414F2DAFD01} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Extended (KB2416472)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7A2C18A1-D2A2-3177-82F1-5FE9CC08ECB0} /parameterfolder Extended Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {42A3562E-8B4E-39A4-B82D-CC12F82889E3} /parameterfolder Extended Security Update for Microsoft .NET Framework 4 Extended (KB2656351)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Extended Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09} Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F} Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525} Security Update for Windows Media Encoder (KB2447961)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={6139D160-F916-4708-953E-68B213BE6B7A} /qb Segoe UI-->MsiExec.exe /I{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA} Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" Super Granny 6 (remove only)-->C:\Program Files\Sandlot Games\Super Granny 6\Uninstall.exe Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe The Golden Years: Way Out West-->"C:\Program Files\The Golden Years - Way Out West\Uninstall.exe" The Scruffs: Return of the Duke-->"C:\Program Files\The Scruffs - Return of the Duke\Uninstall.exe" The Sims Medieval-->"C:\Program Files\InstallShield Installation Information\{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}\setup.exe" -runfromtemp -l0x0009 -removeonly The Surprising Adventures of Munchausen-->"C:\Program Files\The Surprising Adventures of Munchausen\Uninstall.exe" Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2473228)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD988F49-E1C8-3C84-9683-0448B6BB8E20} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Client Update for Microsoft .NET Framework 4 Extended (KB2468871)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Extended Update for Microsoft .NET Framework 4 Extended (KB2533523)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Extended Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42} Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B7873DF5-9E1C-45EE-8895-D29C6AE01202} Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C20964A7-5181-45E5-9E82-72F5D400DEBF} Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {567103D1-96CD-4B76-93B9-2681A187DEFF} Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9} Update for Microsoft Office OneNote 2007 Help (KB963670)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245} Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876} Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C} Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726} USB Flash Port Driver-->MsiExec.exe /I{065D5505-3821-4C2E-BB6C-FE66A7E7CB4F} VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B} VoiceOver Kit-->MsiExec.exe /I{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA} WildTangent Games-->"C:\Program Files\WildGames\Uninstall.exe" WildTangent ORB Game Console-->"C:\Program Files\WildGames\Game Console - WildGames\Uninstall.exe" Windows Driver Package - Infineon Technologies (FlashUSB) USB (04/16/2009 1.0.0.6)-->C:\PROGRA~1\DIFX\270581355A767BF1\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\flashusb.inf_c8396fa4\flashusb.inf Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066} Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33} Windows Live ID Sign-in Assistant-->MsiExec.exe /I{61AD15B2-50DB-4686-A739-14FE180D4429} Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917} Windows Live Movie Maker-->MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08} Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38} Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3} Windows Live Photo Common-->MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002} Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1} Windows Live Photo Gallery-->MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7} Windows Live PIMT Platform-->MsiExec.exe /I{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A} Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F} Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4} Windows Live UX Platform Language Pack-->MsiExec.exe /I{6A05FEDF-662E-46BF-8A25-010E3F1C9C69} Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2} Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} WinRAR 4.01 (32-bit)-->C:\Program Files\WinRAR\uninstall.exe Xvid 1.2.1 final uninstall-->"C:\Program Files\Xvid\unins000.exe" Youda Camper-->"C:\Program Files\Youda Camper\Uninstall.exe" ======Security center information====== AS: Windows Defender ======System event log====== Computer Name: Catherine-PC Event Code: 4374 Message: Windows Servicing identified that package KB2564958(Security Update) is not applicable for this system Record Number: 247814 Source Name: Microsoft-Windows-Servicing Time Written: 20111012194100.000000-000 Event Type: Warning User: NT AUTHORITY\SYSTEM Computer Name: Catherine-PC Event Code: 4374 Message: Windows Servicing identified that package KB2564958(Security Update) is not applicable for this system Record Number: 247813 Source Name: Microsoft-Windows-Servicing Time Written: 20111012194100.000000-000 Event Type: Warning User: NT AUTHORITY\SYSTEM Computer Name: Catherine-PC Event Code: 7011 Message: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the N360 service. Record Number: 247708 Source Name: Service Control Manager Time Written: 20111012101329.000000-000 Event Type: Error User: Computer Name: Catherine-PC Event Code: 7 Message: The speed of processor 0 is being limited by system firmware. The processor has been in this reduced performance state for 2 seconds since the last report. Record Number: 247693 Source Name: Microsoft-Windows-Kernel-Processor-Power Time Written: 20111012082817.484000-000 Event Type: Warning User: NT AUTHORITY\SYSTEM Computer Name: Catherine-PC Event Code: 7 Message: The speed of processor 1 is being limited by system firmware. The processor has been in this reduced performance state for 2 seconds since the last report. Record Number: 247692 Source Name: Microsoft-Windows-Kernel-Processor-Power Time Written: 20111012082817.484000-000 Event Type: Warning User: NT AUTHORITY\SYSTEM =====Application event log===== Computer Name: Catherine-PC Event Code: 100 Message: Task Scheduling Error: m->NextScheduledSPRetry 3704150 Record Number: 115164 Source Name: Bonjour Service Time Written: 20111024173613.000000-000 Event Type: Error User: Computer Name: Catherine-PC Event Code: 100 Message: Task Scheduling Error: m->NextScheduledEvent 3704150 Record Number: 115163 Source Name: Bonjour Service Time Written: 20111024173613.000000-000 Event Type: Error User: Computer Name: Catherine-PC Event Code: 100 Message: Task Scheduling Error: Continuously busy for more than a second Record Number: 115162 Source Name: Bonjour Service Time Written: 20111024173613.000000-000 Event Type: Error User: Computer Name: Catherine-PC Event Code: 100 Message: Task Scheduling Error: m->NextScheduledSPRetry 3703120 Record Number: 115161 Source Name: Bonjour Service Time Written: 20111024173612.000000-000 Event Type: Error User: Computer Name: Catherine-PC Event Code: 100 Message: Task Scheduling Error: m->NextScheduledEvent 3703120 Record Number: 115160 Source Name: Bonjour Service Time Written: 20111024173612.000000-000 Event Type: Error User:
  14. ok...here are the logs, First from RSIT: Logfile of random's system information tool 1.09 (written by random/random) Run by Catherine at 2012-03-22 22:24:22 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 141 GB (62%) free of 228 GB Total RAM: 2814 MB (44% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:24:25, on 22/03/2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files\Norton 360\Engine\5.2.0.13\ccSvcHst.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Windows\vsnp2uvc.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\explorer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Catherine\Desktop\RSIT.exe C:\Program Files\trend micro\Catherine.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=91&bd=Presario&pf=cnnb R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://virginmedia.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=91&bd=Presario&pf=cnnb R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=91&bd=Presario&pf=cnnb R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: CrossriderApp0000435 - {11111111-1111-1111-1111-110011041135} - C:\Program Files\Premiumplay Codec-C\Premiumplay Codec-C.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Codec-C - {26AB07E2-9562-409C-83F1-D68E0B79169E} - C:\ProgramData\Codec-C\bhoclass.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\5.2.0.13\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\5.2.0.13\IPS\IPSBHO.DLL O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\5.2.0.13\coIEPlg.dll O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0" O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [updatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0" O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe O4 - HKLM\..\Run: [b2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Catherine\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\Catherine\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe -update activex O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: Google Update Service (gupdate1ca1605de2dd513) (gupdate1ca1605de2dd513) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\5.2.0.13\ccSvcHst.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 10460 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Google Software Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2952540547-3902875564-2887180070-1000Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2952540547-3902875564-2887180070-1000UA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011041135}] Premiumplay Codec-C - C:\Program Files\Premiumplay Codec-C\Premiumplay Codec-C.dll [2011-12-14 463872] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26AB07E2-9562-409C-83F1-D68E0B79169E}] Codec-C Class - C:\ProgramData\Codec-C\bhoclass.dll [2012-03-15 141312] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-09-07 414416] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] Symantec NCO BHO - C:\Program Files\Norton 360\Engine\5.2.0.13\coIEPlg.dll [2011-12-09 436152] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] Symantec Intrusion Prevention - C:\Program Files\Norton 360\Engine\5.2.0.13\IPS\IPSBHO.DLL [2011-03-31 210872] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2010-01-25 761840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton 360\Engine\5.2.0.13\coIEPlg.dll [2011-12-09 436152] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-04-17 1049896] "QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2008-09-24 468264] "UpdateLBPShortCut"=C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2008-06-14 210216] "UpdatePSTShortCut"=C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [2008-10-07 210216] "UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-12-24 222504] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184] "QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-08-01 202032] "UpdateP2GoShortCut"=C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-14 210216] "UpdatePDIRShortCut"=C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [2008-06-14 210216] "HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09 75008] "HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840] "hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752] "snp2uvc"=C:\Windows\vsnp2uvc.exe [2008-08-01 675840] "B2C_AGENT"=C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe [2010-09-11 391096] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696] "APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-11-01 59240] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2011-12-08 421736] "NPSStartup"= [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-06-09 2363392] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952] "EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent [] "Akamai NetSession Interface"=C:\Users\Catherine\AppData\Local\Akamai\netsession_win.exe [2012-03-13 3331872] "Google Update"=C:\Users\Catherine\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-26 136176] "AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-07-04 95576] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "FlashPlayerUpdate"=C:\Windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe [2011-11-15 247968] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe start [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe [2011-12-08 421736] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] C:\Program Files\Real\RealPlayer\Update\realsched.exe [2011-09-07 273528] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Catherine^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk] C:\PROGRA~1\MICROS~3\Office12\ONENOTEM.EXE [2009-02-26 97680] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "msacm.l3codecp"=l3codecp.acm "MSVideo8"=VfWWDM32.dll "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux1"=wdmaud.drv "vidc.XVID"=xvidvfw.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "vidc.VP60"=C:\Windows\system32\vp6vfw.dll "vidc.VP61"=C:\Windows\system32\vp6vfw.dll "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux2"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "aux3"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2012-03-22 22:12:55 ----D---- C:\Program Files\trend micro 2012-03-22 22:12:32 ----D---- C:\rsit 2012-03-22 19:01:51 ----D---- C:\Windows\ERDNT 2012-03-22 19:00:59 ----D---- C:\Program Files\ERUNT 2012-03-22 11:39:08 ----D---- C:\Users\Catherine\AppData\Roaming\Malwarebytes 2012-03-22 11:38:51 ----D---- C:\ProgramData\Malwarebytes 2012-03-22 11:38:50 ----A---- C:\Windows\system32\drivers\mbam.sys 2012-03-22 11:38:49 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2012-03-22 01:22:28 ----D---- C:\Users\Catherine\AppData\Roaming\Tific 2012-03-21 13:03:36 ----D---- C:\Users\Catherine\AppData\Roaming\casualArts 2012-03-21 13:03:36 ----D---- C:\ProgramData\casualArts 2012-03-21 13:01:35 ----D---- C:\Program Files\Easter Eggztravaganza 2012-03-19 19:24:53 ----D---- C:\Program Files\Nancy Drew - Secret of Shadow Ranch 2012-03-15 23:02:24 ----D---- C:\ProgramData\Codec-C 2012-03-09 16:21:50 ----D---- C:\Users\Catherine\AppData\Roaming\DarkParablesBriarRoseSE_BFG 2012-03-07 11:34:38 ----D---- C:\Program Files\Mystery Trackers - Black Isle Collector's Edition 2012-03-03 14:28:42 ----A---- C:\Windows\system32\msls31.dll 2012-03-03 14:28:41 ----A---- C:\Windows\system32\wininet.dll 2012-03-03 14:28:40 ----A---- C:\Windows\system32\jsproxy.dll 2012-03-03 14:28:39 ----A---- C:\Windows\system32\iertutil.dll 2012-03-03 14:28:38 ----A---- C:\Windows\system32\urlmon.dll 2012-03-03 14:28:38 ----A---- C:\Windows\system32\msrating.dll 2012-03-03 14:28:37 ----A---- C:\Windows\system32\SetIEInstalledDate.exe 2012-03-03 14:28:37 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe 2012-03-03 14:28:37 ----A---- C:\Windows\system32\mshtmler.dll 2012-03-03 14:28:37 ----A---- C:\Windows\system32\iesysprep.dll 2012-03-03 14:28:36 ----A---- C:\Windows\system32\ieui.dll 2012-03-03 14:28:35 ----A---- C:\Windows\system32\ieframe.dll 2012-03-03 14:28:33 ----A---- C:\Windows\system32\dxtrans.dll 2012-03-03 14:28:33 ----A---- C:\Windows\system32\dxtmsft.dll 2012-03-03 14:28:32 ----A---- C:\Windows\system32\iernonce.dll 2012-03-03 14:28:32 ----A---- C:\Windows\system32\ieapfltr.dll 2012-03-03 14:28:32 ----A---- C:\Windows\system32\ieapfltr.dat 2012-03-03 14:28:32 ----A---- C:\Windows\system32\ie4uinit.exe 2012-03-03 14:28:32 ----A---- C:\Windows\system32\icardie.dll 2012-03-03 14:28:31 ----A---- C:\Windows\system32\url.dll 2012-03-03 14:28:31 ----A---- C:\Windows\system32\iesetup.dll 2012-03-03 14:28:31 ----A---- C:\Windows\system32\iedkcs32.dll 2012-03-03 14:28:30 ----A---- C:\Windows\system32\webcheck.dll 2012-03-03 14:28:30 ----A---- C:\Windows\system32\licmgr10.dll 2012-03-03 14:28:29 ----A---- C:\Windows\system32\wextract.exe 2012-03-03 14:28:29 ----A---- C:\Windows\system32\mshtmled.dll 2012-03-03 14:28:29 ----A---- C:\Windows\system32\msfeeds.dll 2012-03-03 14:28:29 ----A---- C:\Windows\system32\inseng.dll 2012-03-03 14:28:29 ----A---- C:\Windows\system32\iexpress.exe 2012-03-03 14:28:28 ----A---- C:\Windows\system32\vbscript.dll 2012-03-03 14:28:27 ----A---- C:\Windows\system32\mshtml.dll 2012-03-03 14:28:26 ----A---- C:\Windows\system32\pngfilt.dll 2012-03-03 14:28:26 ----A---- C:\Windows\system32\occache.dll 2012-03-03 14:28:26 ----A---- C:\Windows\system32\mshta.exe 2012-03-03 14:28:26 ----A---- C:\Windows\system32\ieUnatt.exe 2012-03-03 14:28:26 ----A---- C:\Windows\system32\admparse.dll 2012-03-03 14:28:25 ----A---- C:\Windows\system32\jscript9.dll 2012-03-03 14:28:25 ----A---- C:\Windows\system32\ieakui.dll 2012-03-03 14:28:25 ----A---- C:\Windows\system32\ieaksie.dll 2012-03-03 14:28:24 ----A---- C:\Windows\system32\jscript.dll 2012-03-03 14:28:24 ----A---- C:\Windows\system32\imgutil.dll 2012-03-03 14:28:24 ----A---- C:\Windows\system32\iepeers.dll 2012-03-03 14:28:24 ----A---- C:\Windows\system32\advpack.dll 2012-03-03 14:28:23 ----A---- C:\Windows\system32\msfeedssync.exe 2012-03-03 14:28:23 ----A---- C:\Windows\system32\msfeedsbs.dll 2012-03-03 14:28:23 ----A---- C:\Windows\system32\IEAdvpack.dll 2012-03-03 14:28:22 ----A---- C:\Windows\system32\ieakeng.dll 2012-02-26 23:22:32 ----D---- C:\Program Files\Depths of Betrayal Collector's Edition 2012-02-26 00:26:44 ----D---- C:\Users\Catherine\AppData\Roaming\Artogon 2012-02-23 10:51:54 ----D---- C:\Program Files\The Surprising Adventures of Munchausen ======List of files/folders modified in the last 1 month====== 2012-03-22 22:24:21 ----D---- C:\Windows\Temp 2012-03-22 22:12:55 ----RD---- C:\Program Files 2012-03-22 19:01:51 ----D---- C:\Windows 2012-03-22 12:35:44 ----D---- C:\Windows\system32\drivers 2012-03-22 12:20:41 ----A---- C:\ProgramData\hpqp.ini 2012-03-22 12:18:36 ----SHD---- C:\System Volume Information 2012-03-22 12:18:21 ----D---- C:\Program Files\Common Files\Akamai 2012-03-22 12:17:48 ----D---- C:\Windows\Help 2012-03-22 11:38:51 ----D---- C:\ProgramData 2012-03-21 13:07:34 ----AD---- C:\ProgramData\Temp 2012-03-21 12:57:07 ----D---- C:\BigFishGamesCache 2012-03-20 21:23:18 ----SHD---- C:\Windows\Installer 2012-03-19 19:31:57 ----D---- C:\Windows\system32\directx 2012-03-19 19:31:20 ----D---- C:\Windows\msdownld.tmp 2012-03-18 00:15:17 ----D---- C:\Windows\system32\Tasks 2012-03-18 00:14:57 ----D---- C:\ProgramData\InstallMate 2012-03-18 00:13:50 ----D---- C:\codec-info 2012-03-17 21:12:16 ----D---- C:\Windows\Tasks 2012-03-14 00:25:32 ----D---- C:\Windows\system32\catroot2 2012-03-13 23:45:52 ----D---- C:\Windows\system32\catroot 2012-03-13 23:45:48 ----D---- C:\Windows\winsxs 2012-03-07 11:45:10 ----D---- C:\Users\Catherine\AppData\Roaming\Elephant Games 2012-03-07 11:45:10 ----D---- C:\ProgramData\Elephant Games 2012-03-06 10:52:26 ----D---- C:\Users\Catherine\AppData\Roaming\Orneon 2012-03-03 17:11:15 ----D---- C:\Windows\rescache 2012-03-03 16:51:31 ----D---- C:\Program Files\Internet Explorer 2012-03-03 16:51:29 ----RD---- C:\Windows\Offline Web Pages 2012-03-03 16:51:28 ----D---- C:\Windows\system32\wbem 2012-03-03 16:51:28 ----D---- C:\Windows\system32\migration 2012-03-03 16:51:28 ----D---- C:\Windows\system32\en-US 2012-03-03 16:51:28 ----D---- C:\Windows\PolicyDefinitions 2012-03-03 16:51:25 ----D---- C:\Windows\System32 2012-03-03 16:51:19 ----SD---- C:\Windows\Downloaded Program Files 2012-03-03 14:15:48 ----D---- C:\ProgramData\Microsoft Help 2012-03-03 14:15:31 ----RSD---- C:\Windows\assembly 2012-03-03 14:09:35 ----D---- C:\Program Files\Common Files\microsoft shared 2012-02-23 10:56:12 ----D---- C:\Users\Catherine\AppData\Roaming\JoyBits ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\N360\0502000.00D\SYMDS.SYS [2011-01-27 340088] R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\N360\0502000.00D\SYMEFA.SYS [2011-03-15 744568] R1 BHDrvx86;BHDrvx86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120317.002\BHDrvx86.sys [2012-03-02 820856] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2012-02-04 374392] R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120321.001\IDSvix86.sys [2012-03-06 368248] R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\drivers\N360\0502000.00D\SRTSPX.SYS [2011-03-31 50168] R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\N360\0502000.00D\Ironx86.SYS [2011-01-27 136312] R1 SYMTDIv;Symantec Vista Network Dispatch Driver; C:\Windows\System32\Drivers\N360\0502000.00D\SYMTDIV.SYS [2011-04-21 331384] R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672] R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-17 8704] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-05 1183744] R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-10-03 222208] R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-02-04 106104] R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2010-06-14 36608] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2011-07-06 27888] R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-19 16768] R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-11-01 985600] R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-11-01 208896] R3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtport.sys [2009-09-29 12160] R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496] R3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928] R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120322.003\NAVENG.SYS [2012-03-02 86136] R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120322.003\NAVEX15.SYS [2012-03-02 1576312] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2010-11-11 122984] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2011-01-08 10467656] R3 NVNET;NVIDIA nForce Ethernet Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2010-08-12 292712] R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-04-24 14848] R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2009-04-23 64512] R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-09 3482240] R3 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\N360\0502000.00D\SRTSP.SYS [2011-03-31 516216] R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2011-05-22 126584] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-17 199344] R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-11-01 661504] S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S3 FlashUSB;FlashUSB; C:\Windows\system32\DRIVERS\FlashUSB.sys [2009-05-12 16896] S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544] S3 mbr;mbr; \??\C:\Users\CATHER~1\AppData\Local\Temp\mbr.sys [] S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 NETw3v32;Intel® PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664] S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2010-08-12 292712] S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576] S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432] S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848] S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648] S3 SYMFW;Symantec Network Filter Driver; C:\Windows\System32\Drivers\N360\0308000.029\SYMFW.SYS [] S3 SYMNDISV;Symantec Network Filter Driver; C:\Windows\System32\Drivers\N360\0308000.029\SYMNDISV.SYS [] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2011-08-02 42496] S3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216] S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2010-01-21 13056] S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2010-01-21 20864] S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2010-01-21 24960] S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328] S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2008-01-21 21504] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-24 55144] R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504] R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2010-07-04 238952] R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728] R2 N360;Norton 360; C:\Program Files\Norton 360\Engine\5.2.0.13\ccSvcHst.exe [2011-04-17 130008] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-01-07 608872] R2 Recovery Service for Windows;Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [2008-10-06 365952] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2008-09-15 241734] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464] R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-17 386560] R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840] R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-05-01 165192] R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-12-08 821608] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 gupdate1ca1605de2dd513;Google Update Service (gupdate1ca1605de2dd513); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-05 133104] S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-15 194104] S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160] S3 GameConsoleService;GameConsoleService; C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2010-09-30 246520] S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-05 133104] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] -----------------EOF-----------------
  15. Hi, internet seems to be behaving again at the moment. Downloaded file but think this is the same as the last one 64bit. I get the same error message when I try to run it. Thanks
  16. btw currently having real problems getting webpages to load - just keep getting the internet explorer cannot display website page - on nearly every webpage I try to load. Thanks again Catherine
  17. Hi, Thanks so much for your help. I have done everything upto step 5. When I tried to run RDIT.exe it said that it was not compatable with the version of windows I am running. It said I need to check whether I need a x86 (32-bit) or a x64 (64-bit) Can you help?
  18. Hi, I'm new to all this so I hope the following makes sense as I could really do with some help. Last night Norton 360 popped up saying it had found and deleted the following: Trojan.Gen.2 Under more info, Norton stated the following: infected file: c:\program files\mozilla firefox\extensions\{ada1d258-4fa3-db1a-3139-28e69e24c4f3}\componentszjarboia.dll NO FIX ATTEMPTED infected file: c:\program files\mozilla firefox\extensions\{ada1d258-4fa3-db1a-3139-28e69e24c4f3}\componentszjarboia.dll REMOVED I then noticed that when I clicked on my windows start button and I click on programe files - loads of them are missing. Things like my accessories menu is still there but only contains 4 things. Programe files like openoffice have disapeared off the list. I can still access all my files if I use the search facility or if I go to 'my computer, c drive, programe files etc. I followed the advise on here and ran Malwarebytes which came up as finding 'trojan.vundo' and I used Malwarebytes to delete this. Re-ran Malwarebytes and system comes up clean but still my files are missing. Is there a way to get them back? I have downloaded and run DDS and am copying and pasting the two logs below: . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 Run by Catherine at 12:54:53 on 2012-03-22 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.2814.1482 [GMT 0:00] . AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\WLANExt.exe C:\Windows\System32\svchost.exe -k Akamai C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\FsUsbExService.Exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Norton 360\Engine\5.2.0.13\ccSvcHst.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\SMINST\BLService.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\DllHost.exe C:\Program Files\Norton 360\Engine\5.2.0.13\ccSvcHst.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Windows\vsnp2uvc.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\ehome\ehtray.exe C:\Users\Catherine\AppData\Local\Akamai\netsession_win.exe C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Users\Catherine\AppData\Local\Akamai\netsession_win.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe C:\Windows\system32\wuauclt.exe C:\Windows\notepad.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://virginmedia.com/ uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=91&bd=Presario&pf=cnnb uSearch Page = uSearch Bar = mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=91&bd=Presario&pf=cnnb mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=91&bd=Presario&pf=cnnb uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local> BHO: Premiumplay Codec-C: {11111111-1111-1111-1111-110011041135} - c:\program files\premiumplay codec-c\Premiumplay Codec-C.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Codec-C Class: {26ab07e2-9562-409c-83f1-d68e0b79169e} - c:\programdata\codec-c\bhoclass.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360\engine\5.2.0.13\coIEPlg.dll BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360\engine\5.2.0.13\ips\IPSBHO.DLL BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360\engine\5.2.0.13\coIEPlg.dll TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe uRun: [EA Core] "c:\program files\electronic arts\eadm\Core.exe" -silent uRun: [Akamai NetSession Interface] "c:\users\catherine\appdata\local\akamai\netsession_win.exe" uRun: [Google Update] "c:\users\catherine\appdata\local\google\update\GoogleUpdate.exe" /c uRun: [AutoStartNPSAgent] c:\program files\samsung\samsung new pc studio\NPSAgent.exe uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe" mRun: [updateLBPShortCut] "c:\program files\cyberlink\labelprint\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\labelprint" updatewithcreateonce "software\cyberlink\labelprint\2.5" mRun: [updatePSTShortCut] "c:\program files\cyberlink\dvd suite\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\dvd suite" updatewithcreateonce "software\cyberlink\PowerStarter" mRun: [uCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" update "software\cyberlink\youcam\2.0" mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start mRun: [updateP2GoShortCut] "c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0" mRun: [updatePDIRShortCut] "c:\program files\cyberlink\powerdirector\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerdirector" updatewithcreateonce "software\cyberlink\powerdirector\7.0" mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe mRun: [snp2uvc] c:\windows\vsnp2uvc.exe mRun: [b2C_AGENT] c:\programdata\lgmobileax\b2c_client\B2CNotiAgent.exe mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [NPSStartup] mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 192.168.2.1 194.168.4.100 194.168.8.100 TCP: Interfaces\{31EF2FCA-9C2B-4D08-9B67-EC318C45DE63} : DhcpNameServer = 192.168.2.1 194.168.4.100 194.168.8.100 Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe" . ============= SERVICES / DRIVERS =============== . R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0502000.00d\symds.sys [2012-1-31 340088] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0502000.00d\symefa.sys [2012-1-31 744568] R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.1.0.29\definitions\bashdefs\20120317.002\BHDrvx86.sys [2012-3-20 820856] R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.1.0.29\definitions\ipsdefs\20120321.001\IDSvix86.sys [2012-3-22 368248] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0502000.00d\ironx86.sys [2012-1-31 136312] R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\n360\0502000.00d\symtdiv.sys [2012-1-31 331384] R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2008-1-21 21504] R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [2008-1-21 21504] R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504] R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2012-1-29 238952] R2 N360;Norton 360;c:\program files\norton 360\engine\5.2.0.13\ccsvchst.exe [2012-1-31 130008] R2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\sminst\BLService.exe [2008-10-26 365952] R3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2008-10-26 193840] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-2-4 106104] R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2012-1-29 36608] R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\drivers\lgbtport.sys [2009-9-29 12160] R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\drivers\lgbtbus.sys [2009-9-29 10496] R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\drivers\lgvmodem.sys [2009-9-29 12928] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2011-1-24 122984] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate1ca1605de2dd513;Google Update Service (gupdate1ca1605de2dd513);c:\program files\google\update\GoogleUpdate.exe [2009-8-5 133104] S3 FlashUSB;FlashUSB;c:\windows\system32\drivers\FlashUsb.sys [2010-9-11 16896] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-8-5 133104] S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [2012-1-29 98432] S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [2012-1-29 14848] S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [2012-1-29 123648] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2012-03-22 11:39:08 -------- d-----w- c:\users\catherine\appdata\roaming\Malwarebytes 2012-03-22 11:38:51 -------- d-----w- c:\programdata\Malwarebytes 2012-03-22 11:38:50 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-03-22 11:38:49 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-03-22 01:22:28 -------- d-----w- c:\users\catherine\appdata\roaming\Tific 2012-03-21 13:03:36 -------- d-----w- c:\users\catherine\appdata\roaming\casualArts 2012-03-21 13:03:36 -------- d-----w- c:\programdata\casualArts 2012-03-21 13:01:35 -------- d-----w- c:\program files\Easter Eggztravaganza 2012-03-19 19:24:53 -------- d-----w- c:\program files\Nancy Drew - Secret of Shadow Ranch 2012-03-15 23:02:24 -------- d-----w- c:\programdata\Codec-C 2012-03-09 16:21:50 -------- d-----w- c:\users\catherine\appdata\roaming\DarkParablesBriarRoseSE_BFG 2012-03-07 11:34:38 -------- d-----w- c:\program files\Mystery Trackers - Black Isle Collector's Edition 2012-02-26 23:22:32 -------- d-----w- c:\program files\Depths of Betrayal Collector's Edition 2012-02-26 00:26:44 -------- d-----w- c:\users\catherine\appdata\roaming\Artogon 2012-02-23 10:51:54 -------- d-----w- c:\program files\The Surprising Adventures of Munchausen . ==================== Find3M ==================== . 2012-01-12 19:52:56 2044416 ----a-w- c:\windows\system32\win32k.sys . ============= FINISH: 12:55:19.66 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 14/06/2009 19:30:25 System Uptime: 22/03/2012 12:17:40 (0 hours ago) . Motherboard: Wistron | | 303C Processor: AMD Athlon Dual-Core QL-65 | Socket A | 2100/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 222 GiB total, 137.496 GiB free. D: is FIXED (NTFS) - 11 GiB total, 1.764 GiB free. E: is CDROM (CDFS) . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . . ==== Installed Programs ====================== . . Update for Microsoft Office 2007 (KB2508958) Acrobat.com Activation Assistant for the 2007 Microsoft Office suites ActiveCheck component for HP Active Support Library Adobe AIR Adobe Flash Player 10 Plugin Adobe Flash Player 11 ActiveX Adobe Reader 9.4.1 Adobe Shockwave Player Akamai NetSession Interface Akamai NetSession Interface Service Amazon Kindle Amazon MP3 Downloader 1.0.9 Angry Birds Angry Birds Rio Angry Birds Seasons Apple Application Support Apple Mobile Device Support Apple Software Update Atheros Driver Installation Program Big Fish Games: Game Manager Bonjour Burger Shop Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module Codec-C Compatibility Pack for the 2007 Office system Conexant HD Audio CyberLink DVD Suite CyberLink YouCam D3DX10 Depths of Betrayal Collector's Edition DivX Version Checker DivX Web Player Easter Eggztravaganza ESU for Microsoft Vista Eusing Free Registry Cleaner Family Tree Maker 2011 Google Chrome Google Earth Google Update Helper Google Updater HDAUDIO Soft Data Fax Modem with SmartCP Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HP Active Support Library HP Customer Experience Enhancements HP Doc Viewer HP DVD Play 3.7 HP Games HP Help and Support HP Quick Launch Buttons 6.40 H2 HP Total Care Advisor HP Update HP User Guides 0118 HP Wireless Assistant HPAsset component for HP Active Support Library HPNetworkAssistant HPTCSSetup Hunting Unlimited 2008 Hunting Unlimited 2011 Infineon USB driver 1.0.0.6 IrfanView (remove only) iTunes Java Auto Updater Java 6 Update 29 Java 6 Update 7 LabelPrint LG Bluetooth Drivers LG USB Modem Driver LightScribe System Software 1.14.17.1 Malwarebytes Anti-Malware version 1.60.1.1000 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (English) 2007 Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Primary Interoperability Assemblies 2005 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Works Microsoft WSE 3.0 Runtime MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) muvee Reveal Mystery Trackers: Black Isle Collector's Edition Nancy Drew: Secret of Shadow Ranch NetWaiting Norton 360 NVIDIA Control Panel 266.58 NVIDIA Drivers NVIDIA Graphics Driver 266.58 NVIDIA HD Audio Driver 1.1.13.1 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX System Software 9.10.0514 OGA Notifier 2.0.0048.0 OpenAL OpenOffice.org 3.1 Power2Go PowerDirector Premiumplay Codec-C PSD Viewer QuickTime RealNetworks - Microsoft Visual C++ 2008 Runtime RealPlayer Realtek USB 2.0 Card Reader RealUpgrade 1.1 Royal Envoy 2 Samsung New PC Studio SAMSUNG USB Driver for Mobile Phones Sandlot Connect Version 1.2.6 SeaMonkey (2.4.1) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Windows Media Encoder (KB2447961) Segoe UI Spybot - Search & Destroy Super Granny 6 (remove only) Synaptics Pointing Device Driver System Requirements Lab The Golden Years: Way Out West The Scruffs: Return of the Duke The Sims Medieval The Surprising Adventures of Munchausen Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) USB Flash Port Driver VC80CRTRedist - 8.0.50727.762 VoiceOver Kit WildTangent Games WildTangent ORB Game Console Windows Driver Package - Infineon Technologies (FlashUSB) USB (04/16/2009 1.0.0.6) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Media Encoder 9 Series WinRAR 4.01 (32-bit) Xvid 1.2.1 final uninstall Youda Camper . ==== Event Viewer Messages From Past Week ======== . 22/03/2012 12:19:43, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 22/03/2012 10:22:21, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.2.5 for the Network Card with network address 00242C21227F has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message). 21/03/2012 21:03:36, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the N360 service. 21/03/2012 10:39:38, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.2.2 for the Network Card with network address 00242C21227F has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message). 21/03/2012 06:17:48, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the hpqwmiex service to connect. 21/03/2012 06:17:48, Error: Service Control Manager [7000] - The hpqwmiex service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 21/03/2012 06:17:38, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service hpqwmiex with arguments "" in order to run the server: {F5539356-2F02-40D4-999E-FA61F45FE12E} 21/03/2012 06:14:58, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.2.6 for the Network Card with network address 00242C21227F has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message). 19/03/2012 04:42:16, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.2.3 for the Network Card with network address 00242C21227F has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message). 18/03/2012 11:26:08, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. 17/03/2012 04:54:26, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect. 17/03/2012 04:54:26, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 17/03/2012 04:51:51, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.2.4 for the Network Card with network address 00242C21227F has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message). . ==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.