freshjj2

Thx again MrCharlie... i have really appreciate... much respect and love... :-)

It has update!!! thank you a lot MrCharlie!!!!! thank youuuuuuuuuuuuuu to have been so patient with me... i was desesperate! Just can't believe!!!! You the best! :-) :-)

hi. the new otl report: All processes killed ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. ========== COMMANDS ========== [EMPTYJAVA] User: All Users User: AppData User: Default User: Default User User: Owner ->Java cache emptied: 544175 bytes User: Public Total Java Files Cleaned = 1.00 mb [EMPTYTEMP] User: All Users User: AppData ->Temp folder emptied: 0 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Owner ->Temp folder emptied: 27658591 bytes ->Temporary Internet Files folder emptied: 1224697887 bytes ->Java cache emptied: 0 bytes ->Google Chrome cache emptied: 55888520 bytes ->Apple Safari cache emptied: 201728 bytes ->Flash cache emptied: 217280 bytes User: Public ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 75256 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67697 bytes RecycleBin emptied: 92274894 bytes Total Files Cleaned = 1,336.00 mb OTL by OldTimer - Version 3.2.43.0 log created on 05172012_142900 Files\Folders moved on Reboot... C:\Users\Owner\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. File\Folder C:\Users\Owner\AppData\Local\Temp\WER92C7.tmp.resp.erc.xml not found! File\Folder C:\Users\Owner\AppData\Local\Temp\WER92C8.tmp.resp not found! C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YO86N31H\0[1].js moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YO86N31H\a045f1f1e001a3c656db597f7279a291[1].htm moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YO86N31H\cdx10b[1].js moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YO86N31H\cdx10b[2].js moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YO86N31H\offerScript[1].txt moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WJGM0J0P\cdx10b[1].js moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WJGM0J0P\hub[1].htm moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TLI5YAD4\cdx10b[1].js moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TLI5YAD4\derefbkcookie[1].js moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TLI5YAD4\derefbkcookie[2].js moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OLTKGZAE\g[1].js moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OLTKGZAE\rdr12[1].js moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NWUKIKS4\0[1].htm moved successfully. File\Folder C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NWUKIKS4\3328[1].htm not found! File\Folder C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NWUKIKS4\search[3].htm not found! C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JUF5Y3DG\launch[1].htm moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JUF5Y3DG\rdr12[1].js moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JUF5Y3DG\rdr12[2].js moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IX97K6MB\cdx10b[1].js moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IX97K6MB\cdx10b[2].js moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IX97K6MB\isInternalUser[1].js moved successfully. File\Folder C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IX97K6MB\like[1].htm not found! File\Folder C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IX97K6MB\like[2].htm not found! File\Folder C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IX97K6MB\like[3].htm not found! C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IX97K6MB\yql[2].js moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HB4HEFTQ\0[1].js moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HB4HEFTQ\rdr12[1].js moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HB4HEFTQ\rdr12[2].js moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H4XXZHS3\ads[1].htm moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H4XXZHS3\csc-render[1].htm moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H4XXZHS3\hub[1].htm moved successfully. File\Folder C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H4XXZHS3\ManyCamSetup[1].exe not found! C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GGOSVWBD\8u6MwFSvaR2[1].js moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GGOSVWBD\cdx10b[1].js moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GGOSVWBD\jsonp[1].js moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GGOSVWBD\offerScript[1].txt moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GGOSVWBD\xd_arbiter[1].htm moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8YPNNFDY\cdx10b[1].js moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8YPNNFDY\ext-render-secure[1].htm moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8YPNNFDY\fc[1].htm moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8YPNNFDY\st[1] moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8YPNNFDY\st[2] moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\73A273VQ\0[1].htm moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\73A273VQ\0[2].htm moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\73A273VQ\0[3].htm moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\73A273VQ\981[1].js moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\73A273VQ\addyn_3[1].js moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\73A273VQ\cdx10b[1].js moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\73A273VQ\offerScript[1].txt moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\73A273VQ\rdr12[1].js moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\73A273VQ\xframe-proxy_20110929[1].htm moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6CT241VQ\0[1].js moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6CT241VQ\xd_arbiter[1].htm moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\28HG72PU\derefbkcookie[1].js moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\28HG72PU\pdr_light[1].css moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1T1M7OV7\1714[1].js moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1T1M7OV7\492[1].js moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1T1M7OV7\follow_button.1336551279[1].htm moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0ISHW7S2\pd_light[1].css moved successfully. C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0ISHW7S2\xframe-proxy_20110929[1].htm moved successfully. Registry entries deleted on Reboot...

hi. The new otl report: OTL logfile created on: 5/17/2012 11:19:42 AM - Run 3 OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Owner\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.87 Gb Total Physical Memory | 1.72 Gb Available Physical Memory | 59.93% Memory free 5.74 Gb Paging File | 4.47 Gb Available in Paging File | 77.83% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 287.55 Gb Total Space | 17.42 Gb Free Space | 6.06% Space Free | Partition Type: NTFS Drive E: | 12.23 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/05/16 09:26:17 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.com PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012/02/10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE PRC - [2012/01/26 14:51:34 | 000,092,320 | ---- | M] (Speedbit Ltd.) -- C:\Program Files (x86)\Common Files\SpeedBit\SBUpdate\SBUpdate.exe PRC - [2011/11/18 10:24:26 | 000,270,672 | ---- | M] () -- C:\Program Files (x86)\NATCOM 3G\AssistantServices.exe PRC - [2011/11/18 10:24:26 | 000,153,424 | ---- | M] () -- C:\Program Files (x86)\NATCOM 3G\UIExec.exe PRC - [2011/06/16 06:55:12 | 000,079,160 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\Messenger\Messenger\Ymsgr_tray.exe PRC - [2010/11/16 08:37:30 | 000,230,912 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe PRC - [2009/07/28 22:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe PRC - [2009/07/14 21:10:30 | 000,042,368 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\CFProcSRVC.exe PRC - [2009/07/13 17:24:00 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe PRC - [2009/03/10 20:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe PRC - [2007/04/30 18:43:54 | 003,450,608 | ---- | M] (Stardock) -- C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe ========== Modules (No Company Name) ========== MOD - [2011/11/18 10:24:26 | 000,153,424 | ---- | M] () -- C:\Program Files (x86)\NATCOM 3G\UIExec.exe MOD - [2011/10/19 22:05:36 | 000,084,480 | ---- | M] () -- C:\Windows\SysWOW64\EasyHook32.dll MOD - [2011/06/16 06:55:10 | 000,925,696 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\Messenger\yui.dll MOD - [2010/01/21 01:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll MOD - [2010/01/09 20:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF MOD - [2007/04/30 18:18:50 | 000,112,400 | ---- | M] () -- C:\Program Files (x86)\Stardock\ObjectDock\DockShellHook.dll MOD - [2007/04/21 12:47:52 | 000,059,592 | ---- | M] () -- C:\Program Files (x86)\Stardock\ObjectDock\zlib.dll MOD - [2007/04/19 13:23:48 | 000,095,944 | ---- | M] () -- C:\Program Files (x86)\Stardock\ObjectDock\CrashRpt.dll MOD - [2002/11/19 13:11:40 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\Common Files\Stardock\ODimg.dll MOD - [2002/03/13 18:46:32 | 000,118,784 | ---- | M] () -- C:\Program Files (x86)\Stardock\ObjectDock\ODimg.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV:64bit: - [2012/03/26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2009/08/11 18:10:48 | 000,252,272 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service) SRV:64bit: - [2009/08/05 16:20:12 | 000,488,800 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv) SRV:64bit: - [2009/08/04 13:15:06 | 000,826,224 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv) SRV:64bit: - [2009/08/03 21:17:56 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service) SRV:64bit: - [2009/07/28 18:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv) SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate) SRV - [2012/02/10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc) SRV - [2011/11/18 10:24:26 | 000,270,672 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\NATCOM 3G\AssistantServices.exe -- (UI Assistant Service) SRV - [2010/11/29 14:58:30 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo) SRV - [2010/11/16 08:38:16 | 000,339,456 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/08/10 21:55:58 | 000,248,688 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService) SRV - [2009/07/14 21:10:30 | 000,042,368 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Toshiba\ConfigFree\CFProcSRVC.exe -- (ConfigFree Gadget Service) SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/03/10 20:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe -- (ConfigFree Service) SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011/03/28 10:16:52 | 000,123,648 | ---- | M] (HSPADataCard Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HSPADataCardusbvoice.sys -- (HSPADataCardusbvoice) DRV:64bit: - [2011/03/28 10:16:52 | 000,123,648 | ---- | M] (HSPADataCard Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HSPADataCardusbser.sys -- (HSPADataCardusbser) DRV:64bit: - [2011/03/28 10:16:52 | 000,123,648 | ---- | M] (HSPADataCard Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HSPADataCardusbnmea.sys -- (HSPADataCardusbnmea) DRV:64bit: - [2011/03/28 10:16:52 | 000,123,648 | ---- | M] (HSPADataCard Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HSPADataCardusbmdm.sys -- (HSPADataCardusbmdm) DRV:64bit: - [2011/03/26 10:37:12 | 000,011,776 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter) DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/09/28 15:44:52 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2010/09/27 06:58:47 | 000,121,600 | ---- | M] (MBB Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (mbbdatacard) DRV:64bit: - [2010/09/27 06:58:47 | 000,121,600 | ---- | M] (MBB Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV:64bit: - [2010/09/27 06:34:00 | 000,256,000 | ---- | M] (MBB Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet) DRV:64bit: - [2010/09/26 22:53:34 | 000,115,584 | ---- | M] (MBB Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_mbbusbdev.sys -- (ew_mbbusbdev) DRV:64bit: - [2010/04/27 18:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid) DRV:64bit: - [2010/04/27 18:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum) DRV:64bit: - [2010/04/27 16:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore) DRV:64bit: - [2010/04/27 16:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter) DRV:64bit: - [2010/03/04 12:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010/01/29 01:46:46 | 001,089,056 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se) DRV:64bit: - [2010/01/05 03:23:20 | 001,847,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur) DRV:64bit: - [2009/09/29 07:15:02 | 000,016,384 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lgbtpt64.sys -- (LgBttPort) DRV:64bit: - [2009/09/29 07:15:00 | 000,017,408 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lgvmdm64.sys -- (LGVMODEM) DRV:64bit: - [2009/09/29 07:15:00 | 000,014,848 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lgbtbs64.sys -- (lgbusenum) DRV:64bit: - [2009/08/27 10:07:06 | 007,369,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009/08/12 06:14:16 | 000,173,456 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PTDUMdm.sys -- (PTDUMdm) DRV:64bit: - [2009/08/12 06:14:16 | 000,141,840 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PTDUWWAN.sys -- (PTDUWWAN) DRV:64bit: - [2009/08/12 06:14:16 | 000,070,672 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PTDUBus.sys -- (PTDUBus) DRV:64bit: - [2009/08/12 06:14:16 | 000,012,688 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PTDUWFLT.sys -- (PTDUWFLT) DRV:64bit: - [2009/08/12 06:14:12 | 000,173,456 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PTDUVsp.sys -- (PTDUVsp) DRV:64bit: - [2009/08/07 07:24:14 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009/08/05 21:04:06 | 000,222,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst) DRV:64bit: - [2009/07/24 17:57:08 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64) DRV:64bit: - [2009/07/20 19:48:32 | 000,274,480 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009/07/14 17:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ) DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/13 19:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc) DRV:64bit: - [2009/07/13 19:00:13 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Dot4Scan.sys -- (Dot4Scan) DRV:64bit: - [2009/07/09 05:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2009/07/07 10:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk) DRV:64bit: - [2009/06/22 19:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect) DRV:64bit: - [2009/06/19 21:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL) DRV:64bit: - [2009/06/10 16:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem) DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/05/18 17:17:08 | 000,034,152 | R--- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2009/04/08 14:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:64bit: - [2008/11/19 17:09:14 | 000,033,792 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem) DRV:64bit: - [2008/11/19 17:09:12 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag) DRV:64bit: - [2008/11/19 17:09:12 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus) DRV:64bit: - [2008/04/16 14:49:34 | 000,028,416 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb) DRV:64bit: - [2008/03/13 02:46:00 | 000,027,136 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ManyCam_x64.sys -- (ManyCam) DRV - [2011/01/04 20:47:51 | 000,035,363 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\windrvNT.sys -- (windrvNT) DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009/05/25 14:43:58 | 000,043,032 | ---- | M] (Smith Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Verizon Wireless\VZAccess Manager\SMSIVZAM5X64.sys -- (SMSIVZAM5X64) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {91666140-44D5-410A-A0B8-D7D017877451} IE:64bit: - HKLM\..\SearchScopes\{91666140-44D5-410A-A0B8-D7D017877451}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr IE - HKLM\..\URLSearchHook: {09e55ba0-f9c6-4b81-82df-46853f6f7b3f} - C:\Program Files (x86)\Soft-Search\tbSof1.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {33727f97-486d-4d19-97c3-23f432ef93fc} - C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKLM\..\SearchScopes\{4667CC2A-B714-45CD-83DA-B6768B7FF82C}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage IE - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchPage = IE - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\..\SearchScopes,DefaultScope = {4667CC2A-B714-45CD-83DA-B6768B7FF82C} IE - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\..\SearchScopes\{4667CC2A-B714-45CD-83DA-B6768B7FF82C}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA_enUS373 IE - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\..\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}: "URL" = http://home.speedbit.com/search.aspx?site=shdefault&pid=%s&aid=%s&shr=%d&q={searchTerms} IE - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\..\SearchScopes\{9ABEDED2-4DF0-4538-993F-72EA48AEF693}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA IE - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?q={SEARCHTERMS}&o=15527&l=dis IE - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://fr.search.yahoo.com/search?p={searchTerms} IE - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\..\SearchScopes\{EF8201DF-449D-49C4-B705-D2AAEACF5DAF}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=867034&p={searchTerms} IE - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.selectedEngine: "Yahoo" FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=867034&p=" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034&ilc=12" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Owner\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\crazyloader@spointer.com: C:\Program Files (x86)\CrazyLoader\spointer\extensions\crazyloader@spointer.com FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\searchpredict@speedbit.com: C:\Program Files (x86)\SearchPredict\PRFireFox [2011/10/19 22:06:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}: C:\Program Files (x86)\SpeedBit Video Downloader\SPFireFox [2011/10/19 22:06:11 | 000,000,000 | ---D | M] [2012/05/03 19:45:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions [2012/01/28 21:15:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\fuqpj7lv.default\extensions [2011/10/03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll ========== Chrome ========== CHR - default_search_provider: SpeedBit Search (Enabled) CHR - default_search_provider: search_url = http://home.speedbit.com/search.aspx?aff=115&q={searchTerms} CHR - default_search_provider: suggest_url = http://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\16.0.912.75\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\16.0.912.75\pdf.dll CHR - plugin: Chrome DAP extension (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\2.0.3_0\lib/npdapchrome.dll CHR - plugin: Interest Recognizer for Crazyloader (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fikmanfpkongnopggnndbikhhicdpfka\3.4.1545.153_0\crazyloader_air_chrome.dll CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.8013_0\npSkypeChromePlugin.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Updater (Enabled) = C:\Program Files (x86)\Google\Google Updater\2.4.1739.5352\npCIDetect13.dll CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: Entanglement = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.5.7_0\ CHR - Extension: SpeedBit Video Downloader = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcpfkccckpeeghiklnhienllljccglb\2.0.5_0\ CHR - Extension: Download Accelerator Plus (DAP) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\2.0.10_0\ CHR - Extension: Interest Recognizer for Crazyloader = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fikmanfpkongnopggnndbikhhicdpfka\3.4.1545.153_0\ CHR - Extension: SpeedBit Search Predict = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ledcpigomgblcmofccnacobhmcdkpiea\2.0.2_0\ CHR - Extension: Poppit = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\ O1 HOSTS File: ([2012/05/15 01:14:42 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) O2 - BHO: (Soft-Search Toolbar) - {09e55ba0-f9c6-4b81-82df-46853f6f7b3f} - C:\Program Files (x86)\Soft-Search\tbSof1.dll (Conduit Ltd.) O2 - BHO: (mywebsites.pro-FR Toolbar) - {33727f97-486d-4d19-97c3-23f432ef93fc} - C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll (Conduit Ltd.) O2 - BHO: (SearchPredictObj Class) - {389943B0-C3A2-4E69-82CB-8596A84CB3DC} - C:\Program Files (x86)\SearchPredict\SearchPredict.dll (Speedbit Ltd.) O2 - BHO: (SBCONVERT Class) - {92A9ACF4-9333-43AE-9698-DB283326F87F} - C:\Program Files (x86)\SpeedBit Video Downloader\TBU89\tbcore3.dll () O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc) O2 - BHO: (GrabberObj Class) - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files (x86)\SpeedBit Video Downloader\TBU89\Grabber.dll (SpeedBit) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files (x86)\SpeedBit Video Downloader\TBU89\tbcore3.dll () O3 - HKLM\..\Toolbar: (Soft-Search Toolbar) - {09e55ba0-f9c6-4b81-82df-46853f6f7b3f} - C:\Program Files (x86)\Soft-Search\tbSof1.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (mywebsites.pro-FR Toolbar) - {33727f97-486d-4d19-97c3-23f432ef93fc} - C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\..\Toolbar\WebBrowser: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files (x86)\SpeedBit Video Downloader\TBU89\tbcore3.dll () O3 - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\..\Toolbar\WebBrowser: (Soft-Search Toolbar) - {09E55BA0-F9C6-4B81-82DF-46853F6F7B3F} - C:\Program Files (x86)\Soft-Search\tbSof1.dll (Conduit Ltd.) O3:64bit: - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\..\Toolbar\WebBrowser: (mywebsites.pro-FR Toolbar) - {33727F97-486D-4D19-97C3-23F432EF93FC} - C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll (Conduit Ltd.) O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [smartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [smoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [uIExec] C:\Program Files (x86)\NATCOM 3G\UIExec.exe () O4 - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001..\Run: [Facebook Update] C:\Users\Owner\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\Messenger\YahooMessenger.exe (Yahoo! Inc.) O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy Software Installer.lnk = File not found O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy Software Installer.lnk = File not found O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe (Stardock) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O7 - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 File not found O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\SysWow64\GPhotos.scr (Google Inc.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} http://activex.camfrogweb.com/advanced/2.0.2.3/cfweb_activex.camfrogweb.com-advanced-2.0.2.3_instmodule.exe (CamfrogWEB Advanced Unicode Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/m3/photouploadcontrol/VistaMSNPUpldpt-br.cab (Windows Live Hotmail Photo Upload Tool) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5F12E325-8DBA-4F70-B584-B80EBB8731FF}: NameServer = 186.1.192.1 8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{670CA8A4-122A-4CC3-A5F2-B51A2FC2880C}: DhcpNameServer = 10.35.1.254 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012/05/16 09:26:11 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.com [2012/05/16 02:46:59 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\How to Access a Violation at the Address Module Ntdll Dll eHow_com_files [2012/05/15 17:34:05 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012/05/15 01:24:53 | 000,000,000 | ---D | C] -- C:\windows\temp [2012/05/15 00:36:17 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe [2012/05/15 00:36:17 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe [2012/05/15 00:36:17 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe [2012/05/15 00:36:06 | 000,000,000 | ---D | C] -- C:\windows\ERDNT [2012/05/15 00:36:01 | 000,000,000 | ---D | C] -- C:\Qoobox [2012/05/14 15:07:18 | 004,492,858 | R--- | C] (Swearware) -- C:\Users\Owner\Desktop\ComboFix.exe [2012/05/14 14:58:34 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\How to use the Windows 7 System Recovery Environment Command Prompt_files [2012/05/14 14:57:53 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Un guide et un tutoriel sur l'utilisation de ComboFix_files [2012/05/14 13:57:53 | 000,000,000 | ---D | C] -- C:\Config.Msi [2012/05/14 12:37:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{3CB64636-84BB-43EB-9944-2303D41FC449} [2012/05/14 09:28:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\FRINGE SAISON 01 FRENCH [2012/05/14 09:23:31 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B0B93C11-08CF-4555-8CBD-8B9E5F80A4B8} [2012/05/14 03:06:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2012/05/14 03:04:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2012/05/14 03:04:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2012/05/13 19:46:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\[www.Cpasbien.com] Red.Tails.2012.FRENCH.BRRIP.XVID.ArRoWs [2012/05/13 19:43:00 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\PeerNetworking [2012/05/13 14:17:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/05/13 14:17:01 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys [2012/05/13 14:17:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012/05/13 13:55:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{EFDB32B4-A363-48F9-9BED-9F79B351F0DB} [2012/05/13 13:19:20 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{42BA1423-83D9-480E-AE8C-69F9087C66C6} [2012/05/13 13:13:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\connectify [2012/05/13 12:57:54 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{78B1FA86-49AD-492D-8D9D-658E2D7D8140} [2012/05/13 12:15:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{2C1C076C-CE1E-4A89-8226-8952DC6E641B} [2012/05/13 09:49:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{955356CB-B8BB-4212-AE58-488C0B204FCD} [2012/05/12 22:24:24 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Problème ntdll_dll - Forums Zebulon_fr_files [2012/05/12 21:52:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Malwarebytes [2012/05/12 21:51:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/05/12 21:36:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F30CFFDF-F135-4EF8-965C-A65879F8ED78} [2012/05/12 21:30:07 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{DD438431-7884-4A1A-ADA0-EF8F0EE2FF31} [2012/05/12 20:19:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{47C484F2-4E69-479E-B975-EBC2BCE9AF51} [2012/05/11 23:30:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{DC07C48B-82FE-433A-8B93-3000BEA10D1F} [2012/05/10 21:49:44 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B74451CD-7B91-4987-925B-22FBD6F525DE} [2012/05/10 19:33:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{411EB123-1310-4B98-90DC-304B7DA97A87} [2012/05/09 17:29:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\RK_Quarantine [2012/05/09 13:00:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\[www.Cpasbien.com] The.Avengers.2012.TRUEFRENCH.TS.MD.XviD-BLOODYMARY [2012/05/07 23:28:19 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine [2012/05/07 23:16:00 | 000,116,016 | ---- | C] (Kaspersky Lab, GERT) -- C:\windows\SysNative\drivers\87617208.sys [2012/05/07 20:51:11 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Owner\Desktop\dds.scr [2012/05/07 17:42:34 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\original ntdll.dll [2012/05/07 16:24:50 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Désactiver l'UAC sous Windows 7 Désactiver l'UAC sous Windows 7 - DepanneTonPC_files [2012/05/07 07:41:56 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Toussaint_Louverture [2012/05/03 19:45:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\1ClickDownload [2012/05/03 16:03:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client [2012/04/23 22:34:09 | 000,000,000 | ---D | C] -- C:\found.000 [2012/04/21 15:42:03 | 000,000,000 | ---D | C] -- C:\windows\en [2012/04/21 15:31:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP [1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/05/17 11:24:34 | 000,018,736 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/05/17 11:24:34 | 000,018,736 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/05/17 11:21:13 | 000,000,898 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2012/05/17 11:17:02 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2012/05/17 11:16:59 | 000,065,536 | ---- | M] () -- C:\windows\SysNative\Ikeext.etl [2012/05/17 11:16:45 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2012/05/17 11:16:04 | 2312,097,792 | -HS- | M] () -- C:\hiberfil.sys [2012/05/17 10:54:44 | 000,920,096 | ---- | M] () -- C:\Users\Owner\Desktop\Norton_Removal_Tool.exe [2012/05/16 21:51:05 | 000,000,928 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-4118694408-3330837379-2833417039-1001UA.job [2012/05/16 21:51:00 | 000,000,906 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-4118694408-3330837379-2833417039-1001Core.job [2012/05/16 18:35:20 | 000,743,354 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI [2012/05/16 18:35:20 | 000,635,308 | ---- | M] () -- C:\windows\SysNative\perfh009.dat [2012/05/16 18:35:20 | 000,111,810 | ---- | M] () -- C:\windows\SysNative\perfc009.dat [2012/05/16 09:26:17 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.com [2012/05/16 02:47:00 | 000,052,051 | ---- | M] () -- C:\Users\Owner\Desktop\How to Access a Violation at the Address Module Ntdll Dll eHow_com.htm [2012/05/15 01:14:42 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts [2012/05/14 15:17:09 | 004,492,858 | R--- | M] (Swearware) -- C:\Users\Owner\Desktop\ComboFix.exe [2012/05/14 14:58:35 | 000,055,825 | ---- | M] () -- C:\Users\Owner\Desktop\How to use the Windows 7 System Recovery Environment Command Prompt.htm [2012/05/14 14:58:02 | 000,063,797 | ---- | M] () -- C:\Users\Owner\Desktop\Un guide et un tutoriel sur l'utilisation de ComboFix.htm [2012/05/14 13:59:20 | 000,001,985 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2012/05/14 12:57:00 | 000,000,832 | ---- | M] () -- C:\windows\tasks\Google Software Updater.job [2012/05/13 19:43:01 | 000,008,428 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\UserTile.png [2012/05/13 14:17:02 | 000,001,084 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/05/13 09:46:13 | 000,473,024 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT [2012/05/12 22:24:31 | 000,155,656 | ---- | M] () -- C:\Users\Owner\Desktop\Problème ntdll_dll - Forums Zebulon_fr.html [2012/05/09 14:06:46 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_Kernel_xusb21_01007.Wdf [2012/05/07 23:16:00 | 000,116,016 | ---- | M] (Kaspersky Lab, GERT) -- C:\windows\SysNative\drivers\87617208.sys [2012/05/07 20:51:20 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Owner\Desktop\dds.scr [2012/05/07 17:41:36 | 000,585,039 | ---- | M] () -- C:\Users\Owner\Desktop\ntdll.zip [2012/05/07 16:24:53 | 000,022,283 | ---- | M] () -- C:\Users\Owner\Desktop\Désactiver l'UAC sous Windows 7 Désactiver l'UAC sous Windows 7 - DepanneTonPC.html [2012/05/03 16:03:46 | 000,001,945 | ---- | M] () -- C:\windows\epplauncher.mif [2012/05/03 16:03:20 | 000,757,504 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI [2012/04/26 09:57:21 | 000,566,699 | ---- | M] () -- C:\Users\Owner\Desktop\adwcleaner.exe [2012/04/24 12:06:43 | 000,910,522 | ---- | M] () -- C:\Users\Owner\Desktop\PC lent - Forums Zebulon_fr_html&pid=1610161#entry1610161.mht [2012/04/24 11:24:57 | 000,051,425 | ---- | M] () -- C:\Users\Owner\Desktop\coaco appendice.pdf [2012/04/24 11:21:09 | 002,106,189 | ---- | M] () -- C:\Users\Owner\Desktop\peritonite appendiculaire.pdf [2012/04/24 11:03:05 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2012/04/21 15:31:53 | 000,000,973 | ---- | M] () -- C:\Users\Public\Desktop\MBRCheck.lnk [2012/04/21 15:31:53 | 000,000,961 | ---- | M] () -- C:\Users\Public\Desktop\ZHPFix.lnk [2012/04/21 15:31:52 | 000,000,966 | ---- | M] () -- C:\Users\Public\Desktop\ZHPDiag.lnk [2012/04/20 19:30:46 | 000,002,052 | ---- | M] () -- C:\Users\Public\Desktop\Larousse Médical.lnk [1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/05/17 10:53:06 | 000,920,096 | ---- | C] () -- C:\Users\Owner\Desktop\Norton_Removal_Tool.exe [2012/05/16 02:46:59 | 000,052,051 | ---- | C] () -- C:\Users\Owner\Desktop\How to Access a Violation at the Address Module Ntdll Dll eHow_com.htm [2012/05/15 00:36:17 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe [2012/05/15 00:36:17 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe [2012/05/15 00:36:17 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe [2012/05/15 00:36:17 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe [2012/05/15 00:36:17 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe [2012/05/14 14:58:21 | 000,055,825 | ---- | C] () -- C:\Users\Owner\Desktop\How to use the Windows 7 System Recovery Environment Command Prompt.htm [2012/05/14 14:57:49 | 000,063,797 | ---- | C] () -- C:\Users\Owner\Desktop\Un guide et un tutoriel sur l'utilisation de ComboFix.htm [2012/05/14 13:58:35 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk [2012/05/14 13:58:35 | 000,001,985 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2012/05/13 19:45:19 | 730,234,250 | ---- | C] () -- C:\Users\Owner\Desktop\[www.CpasBien.com] The.Darkest.Hour.2011.FRENCH.BDRiP.MD.XViD-SERUM.avi [2012/05/13 19:43:00 | 000,008,428 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\UserTile.png [2012/05/13 14:17:02 | 000,001,084 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/05/12 22:24:18 | 000,155,656 | ---- | C] () -- C:\Users\Owner\Desktop\Problème ntdll_dll - Forums Zebulon_fr.html [2012/05/09 14:06:46 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_Kernel_xusb21_01007.Wdf [2012/05/07 17:41:32 | 000,585,039 | ---- | C] () -- C:\Users\Owner\Desktop\ntdll.zip [2012/05/07 16:24:47 | 000,022,283 | ---- | C] () -- C:\Users\Owner\Desktop\Désactiver l'UAC sous Windows 7 Désactiver l'UAC sous Windows 7 - DepanneTonPC.html [2012/05/03 16:03:32 | 000,001,926 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk [2012/04/26 09:56:42 | 000,566,699 | ---- | C] () -- C:\Users\Owner\Desktop\adwcleaner.exe [2012/04/24 12:06:36 | 000,910,522 | ---- | C] () -- C:\Users\Owner\Desktop\PC lent - Forums Zebulon_fr_html&pid=1610161#entry1610161.mht [2012/04/24 11:24:57 | 000,051,425 | ---- | C] () -- C:\Users\Owner\Desktop\coaco appendice.pdf [2012/04/24 11:21:08 | 002,106,189 | ---- | C] () -- C:\Users\Owner\Desktop\peritonite appendiculaire.pdf [2012/04/24 11:03:05 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2012/04/21 15:31:53 | 000,000,973 | ---- | C] () -- C:\Users\Public\Desktop\MBRCheck.lnk [2012/04/21 15:31:53 | 000,000,961 | ---- | C] () -- C:\Users\Public\Desktop\ZHPFix.lnk [2012/04/21 15:31:52 | 000,000,966 | ---- | C] () -- C:\Users\Public\Desktop\ZHPDiag.lnk [2012/04/20 19:30:46 | 000,002,052 | ---- | C] () -- C:\Users\Public\Desktop\Larousse Médical.lnk [2012/01/26 14:25:44 | 000,002,560 | ---- | C] () -- C:\windows\_MSRSTRT.EXE [2011/10/26 00:11:59 | 000,175,616 | ---- | C] () -- C:\windows\SysWow64\unrar.dll [2011/10/19 22:06:23 | 000,102,912 | ---- | C] () -- C:\windows\SysWow64\EasyHook64.dll [2011/10/19 22:06:23 | 000,084,480 | ---- | C] () -- C:\windows\SysWow64\EasyHook32.dll [2011/07/31 11:40:28 | 000,053,248 | ---- | C] () -- C:\windows\SysWow64\CommonDL.dll [2011/07/31 11:40:28 | 000,002,413 | ---- | C] () -- C:\windows\SysWow64\lgAxconfig.ini [2011/05/20 16:52:29 | 000,001,940 | ---- | C] () -- C:\Users\Owner\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini [2011/05/15 19:07:26 | 000,000,000 | ---- | C] () -- C:\Users\Owner\AppData\Local\{5F094ED4-FC9B-4D45-B386-5D4D5BDC3DD6} [2011/01/04 20:47:41 | 000,110,592 | ---- | C] () -- C:\windows\SysWow64\suppdll.dll [2011/01/04 20:47:41 | 000,035,363 | ---- | C] () -- C:\windows\SysWow64\windrvNT.sys [2010/10/28 14:15:37 | 000,000,196 | ---- | C] () -- C:\windows\ulead32.ini [2010/10/19 20:54:19 | 000,757,504 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI [2010/09/07 11:57:53 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010/05/18 15:13:55 | 000,003,584 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== LOP Check ========== [2010/04/26 18:04:47 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\aHisoft [2010/04/04 23:47:34 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Ashampoo [2012/03/30 19:51:57 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Audacity [2012/05/16 01:35:59 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Dropbox [2011/11/28 01:28:42 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Free MP3 WMA Cutter [2010/05/07 16:49:56 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\FreeAudioPack [2010/05/11 10:29:08 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\FreeCDRipper [2010/11/28 08:26:35 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\gtk-2.0 [2011/10/14 19:11:37 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Leadertech [2011/12/07 01:17:34 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Leawo [2011/04/23 14:54:17 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\LG Electronics [2011/10/11 12:56:01 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ManyCam [2011/07/09 11:04:45 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\mjusbsp [2012/01/08 20:08:27 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ooVoo Details [2010/07/04 11:21:32 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\OpenOffice.org [2012/05/13 19:43:00 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PeerNetworking [2011/04/16 10:02:10 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Smith Micro [2012/03/07 02:40:19 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TeraCopy [2011/11/06 15:12:14 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TestApp [2010/07/16 16:13:56 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Tific [2011/12/07 01:18:38 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\tiger-k [2011/07/17 16:48:09 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Toshiba [2012/01/21 21:25:48 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TuneUp Software [2010/06/12 16:47:35 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Uniblue [2010/04/04 22:53:18 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WinBatch [2011/12/12 13:08:10 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Youtube Downloader HD [2011/04/23 14:54:17 | 000,000,000 | -H-D | M] -- C:\Users\Owner\AppData\Roaming\{D94BA408-F110-488B-A65E-3AE7945F79E6} [2012/05/16 21:51:00 | 000,000,906 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4118694408-3330837379-2833417039-1001Core.job [2012/05/16 21:51:05 | 000,000,928 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4118694408-3330837379-2833417039-1001UA.job [2012/03/29 08:24:15 | 000,032,598 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:553CA6CA @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:862BDB1A @Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:2B11E0DF @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:DFC5A2B2 < End of report >

1) The message: An error has occured. Please report this issue to our support team (include the content of all error message(s) and code(s) in your submission). Program_error_updating (0,0,I/0 error) 2)I m not using a router, no.... 3)the link: http://forum.zebulon.fr/probleme-ntdlldll-t193127.html&st=10&gopid=1616394#entry1616394 4)with firewall disable, no change, same message 5)it s green... i have deleted norton because it was crashed before... i have done the scan two times ans there was only one report, otl.txt : OTL logfile created on: 5/16/2012 10:33:59 AM - Run 2 OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Owner\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.87 Gb Total Physical Memory | 1.34 Gb Available Physical Memory | 46.56% Memory free 5.74 Gb Paging File | 3.90 Gb Available in Paging File | 67.96% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 287.55 Gb Total Space | 15.62 Gb Free Space | 5.43% Space Free | Partition Type: NTFS Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/05/16 09:26:17 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.com PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012/02/23 00:19:07 | 000,307,824 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe PRC - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE PRC - [2012/01/26 14:51:34 | 000,092,320 | ---- | M] (Speedbit Ltd.) -- C:\Program Files (x86)\Common Files\SpeedBit\SBUpdate\SBUpdate.exe PRC - [2011/11/18 10:24:26 | 000,270,672 | ---- | M] () -- C:\Program Files (x86)\NATCOM 3G\AssistantServices.exe PRC - [2011/11/18 10:24:26 | 000,153,424 | ---- | M] () -- C:\Program Files (x86)\NATCOM 3G\UIExec.exe PRC - [2011/06/16 06:55:12 | 000,079,160 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\Messenger\Messenger\Ymsgr_tray.exe PRC - [2010/11/16 08:37:30 | 000,230,912 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe PRC - [2009/07/28 22:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe PRC - [2009/07/14 21:10:30 | 000,042,368 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\CFProcSRVC.exe PRC - [2009/07/13 17:24:00 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe PRC - [2009/03/10 20:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe PRC - [2007/04/30 18:43:54 | 003,450,608 | ---- | M] (Stardock) -- C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe ========== Modules (No Company Name) ========== MOD - [2011/11/18 10:24:26 | 000,153,424 | ---- | M] () -- C:\Program Files (x86)\NATCOM 3G\UIExec.exe MOD - [2011/10/19 22:05:36 | 000,084,480 | ---- | M] () -- C:\Windows\SysWOW64\EasyHook32.dll MOD - [2011/06/16 06:55:10 | 000,925,696 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\Messenger\yui.dll MOD - [2010/01/21 01:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll MOD - [2010/01/09 20:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF MOD - [2007/04/30 18:18:50 | 000,112,400 | ---- | M] () -- C:\Program Files (x86)\Stardock\ObjectDock\DockShellHook.dll MOD - [2007/04/21 12:47:52 | 000,059,592 | ---- | M] () -- C:\Program Files (x86)\Stardock\ObjectDock\zlib.dll MOD - [2007/04/19 13:23:48 | 000,095,944 | ---- | M] () -- C:\Program Files (x86)\Stardock\ObjectDock\CrashRpt.dll MOD - [2002/11/19 13:11:40 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\Common Files\Stardock\ODimg.dll MOD - [2002/03/13 18:46:32 | 000,118,784 | ---- | M] () -- C:\Program Files (x86)\Stardock\ObjectDock\ODimg.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV:64bit: - [2012/03/26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2009/08/11 18:10:48 | 000,252,272 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service) SRV:64bit: - [2009/08/05 16:20:12 | 000,488,800 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv) SRV:64bit: - [2009/08/04 13:15:06 | 000,826,224 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv) SRV:64bit: - [2009/08/03 21:17:56 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service) SRV:64bit: - [2009/07/28 18:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv) SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate) SRV - [2012/02/10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc) SRV - [2011/11/18 10:24:26 | 000,270,672 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\NATCOM 3G\AssistantServices.exe -- (UI Assistant Service) SRV - [2010/11/29 14:58:30 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo) SRV - [2010/11/16 08:38:16 | 000,339,456 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe -- (N360) SRV - [2009/08/10 21:55:58 | 000,248,688 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService) SRV - [2009/07/14 21:10:30 | 000,042,368 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Toshiba\ConfigFree\CFProcSRVC.exe -- (ConfigFree Gadget Service) SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/03/10 20:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe -- (ConfigFree Service) SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011/03/28 10:16:52 | 000,123,648 | ---- | M] (HSPADataCard Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HSPADataCardusbvoice.sys -- (HSPADataCardusbvoice) DRV:64bit: - [2011/03/28 10:16:52 | 000,123,648 | ---- | M] (HSPADataCard Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HSPADataCardusbser.sys -- (HSPADataCardusbser) DRV:64bit: - [2011/03/28 10:16:52 | 000,123,648 | ---- | M] (HSPADataCard Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HSPADataCardusbnmea.sys -- (HSPADataCardusbnmea) DRV:64bit: - [2011/03/28 10:16:52 | 000,123,648 | ---- | M] (HSPADataCard Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HSPADataCardusbmdm.sys -- (HSPADataCardusbmdm) DRV:64bit: - [2011/03/26 10:37:12 | 000,011,776 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter) DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/09/28 15:44:52 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2010/09/27 06:58:47 | 000,121,600 | ---- | M] (MBB Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (mbbdatacard) DRV:64bit: - [2010/09/27 06:58:47 | 000,121,600 | ---- | M] (MBB Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV:64bit: - [2010/09/27 06:34:00 | 000,256,000 | ---- | M] (MBB Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet) DRV:64bit: - [2010/09/26 22:53:34 | 000,115,584 | ---- | M] (MBB Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_mbbusbdev.sys -- (ew_mbbusbdev) DRV:64bit: - [2010/05/05 23:01:59 | 000,451,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symtdiv.sys -- (SYMTDIv) DRV:64bit: - [2010/04/29 00:03:51 | 000,150,064 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\ironx64.sys -- (SymIRON) DRV:64bit: - [2010/04/27 18:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid) DRV:64bit: - [2010/04/27 18:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum) DRV:64bit: - [2010/04/27 16:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore) DRV:64bit: - [2010/04/27 16:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter) DRV:64bit: - [2010/04/21 22:02:20 | 000,221,232 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symefa64.sys -- (SymEFA) DRV:64bit: - [2010/04/21 21:29:51 | 000,505,392 | ---- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\srtsp64.sys -- (SRTSP) DRV:64bit: - [2010/04/21 21:29:51 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL) DRV:64bit: - [2010/04/05 16:46:11 | 000,173,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent) DRV:64bit: - [2010/03/04 12:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010/02/25 19:22:52 | 000,615,040 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\cchpx64.sys -- (ccHP) DRV:64bit: - [2010/01/29 01:46:46 | 001,089,056 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se) DRV:64bit: - [2010/01/05 03:23:20 | 001,847,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur) DRV:64bit: - [2009/10/14 22:50:05 | 000,433,200 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symds64.sys -- (SymDS) DRV:64bit: - [2009/09/29 07:15:02 | 000,016,384 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lgbtpt64.sys -- (LgBttPort) DRV:64bit: - [2009/09/29 07:15:00 | 000,017,408 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lgvmdm64.sys -- (LGVMODEM) DRV:64bit: - [2009/09/29 07:15:00 | 000,014,848 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lgbtbs64.sys -- (lgbusenum) DRV:64bit: - [2009/08/27 10:07:06 | 007,369,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009/08/12 06:14:16 | 000,173,456 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PTDUMdm.sys -- (PTDUMdm) DRV:64bit: - [2009/08/12 06:14:16 | 000,141,840 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PTDUWWAN.sys -- (PTDUWWAN) DRV:64bit: - [2009/08/12 06:14:16 | 000,070,672 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PTDUBus.sys -- (PTDUBus) DRV:64bit: - [2009/08/12 06:14:16 | 000,012,688 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PTDUWFLT.sys -- (PTDUWFLT) DRV:64bit: - [2009/08/12 06:14:12 | 000,173,456 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PTDUVsp.sys -- (PTDUVsp) DRV:64bit: - [2009/08/07 07:24:14 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009/08/05 21:04:06 | 000,222,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst) DRV:64bit: - [2009/07/24 17:57:08 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64) DRV:64bit: - [2009/07/20 19:48:32 | 000,274,480 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009/07/14 17:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ) DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/13 19:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc) DRV:64bit: - [2009/07/13 19:00:13 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Dot4Scan.sys -- (Dot4Scan) DRV:64bit: - [2009/07/09 05:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2009/07/07 10:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk) DRV:64bit: - [2009/06/22 19:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect) DRV:64bit: - [2009/06/19 21:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL) DRV:64bit: - [2009/06/10 16:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem) DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/05/18 17:17:08 | 000,034,152 | R--- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2009/04/08 14:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:64bit: - [2008/11/19 17:09:14 | 000,033,792 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem) DRV:64bit: - [2008/11/19 17:09:12 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag) DRV:64bit: - [2008/11/19 17:09:12 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus) DRV:64bit: - [2008/04/16 14:49:34 | 000,028,416 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb) DRV:64bit: - [2008/03/13 02:46:00 | 000,027,136 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ManyCam_x64.sys -- (ManyCam) DRV - [2011/10/14 18:10:08 | 001,155,704 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20111014.001\BHDrvx64.sys -- (BHDrvx64) DRV - [2011/08/23 00:17:32 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20111026.030\IDSviA64.sys -- (IDSVia64) DRV - [2011/07/31 11:36:41 | 000,481,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) DRV - [2011/01/04 20:47:51 | 000,035,363 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\windrvNT.sys -- (windrvNT) DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009/05/25 14:43:58 | 000,043,032 | ---- | M] (Smith Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Verizon Wireless\VZAccess Manager\SMSIVZAM5X64.sys -- (SMSIVZAM5X64) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {91666140-44D5-410A-A0B8-D7D017877451} IE:64bit: - HKLM\..\SearchScopes\{91666140-44D5-410A-A0B8-D7D017877451}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr IE - HKLM\..\URLSearchHook: {09e55ba0-f9c6-4b81-82df-46853f6f7b3f} - C:\Program Files (x86)\Soft-Search\tbSof1.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {33727f97-486d-4d19-97c3-23f432ef93fc} - C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKLM\..\SearchScopes\{4667CC2A-B714-45CD-83DA-B6768B7FF82C}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage IE - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchPage = IE - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\..\SearchScopes,DefaultScope = {4667CC2A-B714-45CD-83DA-B6768B7FF82C} IE - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\..\SearchScopes\{4667CC2A-B714-45CD-83DA-B6768B7FF82C}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA_enUS373 IE - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\..\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}: "URL" = http://home.speedbit.com/search.aspx?site=shdefault&pid=%s&aid=%s&shr=%d&q={searchTerms} IE - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\..\SearchScopes\{9ABEDED2-4DF0-4538-993F-72EA48AEF693}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA IE - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?q={SEARCHTERMS}&o=15527&l=dis IE - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://fr.search.yahoo.com/search?p={searchTerms} IE - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\..\SearchScopes\{EF8201DF-449D-49C4-B705-D2AAEACF5DAF}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=867034&p={searchTerms} IE - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.selectedEngine: "Yahoo" FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=867034&p=" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034&ilc=12" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Owner\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2011/07/31 11:00:48 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn_2010_9_0_6 [2011/11/05 23:36:55 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\crazyloader@spointer.com: C:\Program Files (x86)\CrazyLoader\spointer\extensions\crazyloader@spointer.com FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\searchpredict@speedbit.com: C:\Program Files (x86)\SearchPredict\PRFireFox [2011/10/19 22:06:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}: C:\Program Files (x86)\SpeedBit Video Downloader\SPFireFox [2011/10/19 22:06:11 | 000,000,000 | ---D | M] [2012/05/03 19:45:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions [2012/01/28 21:15:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\fuqpj7lv.default\extensions [2011/10/03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll ========== Chrome ========== CHR - default_search_provider: SpeedBit Search (Enabled) CHR - default_search_provider: search_url = http://home.speedbit.com/search.aspx?aff=115&q={searchTerms} CHR - default_search_provider: suggest_url = http://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\16.0.912.75\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\16.0.912.75\pdf.dll CHR - plugin: Chrome DAP extension (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\2.0.3_0\lib/npdapchrome.dll CHR - plugin: Interest Recognizer for Crazyloader (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fikmanfpkongnopggnndbikhhicdpfka\3.4.1545.153_0\crazyloader_air_chrome.dll CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.8013_0\npSkypeChromePlugin.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Updater (Enabled) = C:\Program Files (x86)\Google\Google Updater\2.4.1739.5352\npCIDetect13.dll CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: Entanglement = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.5.7_0\ CHR - Extension: SpeedBit Video Downloader = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcpfkccckpeeghiklnhienllljccglb\2.0.5_0\ CHR - Extension: Download Accelerator Plus (DAP) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\2.0.10_0\ CHR - Extension: Interest Recognizer for Crazyloader = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fikmanfpkongnopggnndbikhhicdpfka\3.4.1545.153_0\ CHR - Extension: SpeedBit Search Predict = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ledcpigomgblcmofccnacobhmcdkpiea\2.0.2_0\ CHR - Extension: Poppit = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\ O1 HOSTS File: ([2012/05/15 01:14:42 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) O2 - BHO: (Soft-Search Toolbar) - {09e55ba0-f9c6-4b81-82df-46853f6f7b3f} - C:\Program Files (x86)\Soft-Search\tbSof1.dll (Conduit Ltd.) O2 - BHO: (mywebsites.pro-FR Toolbar) - {33727f97-486d-4d19-97c3-23f432ef93fc} - C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll (Conduit Ltd.) O2 - BHO: (SearchPredictObj Class) - {389943B0-C3A2-4E69-82CB-8596A84CB3DC} - C:\Program Files (x86)\SearchPredict\SearchPredict.dll (Speedbit Ltd.) O2 - BHO: (SBCONVERT Class) - {92A9ACF4-9333-43AE-9698-DB283326F87F} - C:\Program Files (x86)\SpeedBit Video Downloader\TBU89\tbcore3.dll () O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc) O2 - BHO: (GrabberObj Class) - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files (x86)\SpeedBit Video Downloader\TBU89\Grabber.dll (SpeedBit) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files (x86)\SpeedBit Video Downloader\TBU89\tbcore3.dll () O3 - HKLM\..\Toolbar: (Soft-Search Toolbar) - {09e55ba0-f9c6-4b81-82df-46853f6f7b3f} - C:\Program Files (x86)\Soft-Search\tbSof1.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (mywebsites.pro-FR Toolbar) - {33727f97-486d-4d19-97c3-23f432ef93fc} - C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\..\Toolbar\WebBrowser: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files (x86)\SpeedBit Video Downloader\TBU89\tbcore3.dll () O3 - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\..\Toolbar\WebBrowser: (Soft-Search Toolbar) - {09E55BA0-F9C6-4B81-82DF-46853F6F7B3F} - C:\Program Files (x86)\Soft-Search\tbSof1.dll (Conduit Ltd.) O3:64bit: - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\..\Toolbar\WebBrowser: (mywebsites.pro-FR Toolbar) - {33727F97-486D-4D19-97C3-23F432EF93FC} - C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll (Conduit Ltd.) O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [smartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [smoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [uIExec] C:\Program Files (x86)\NATCOM 3G\UIExec.exe () O4 - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001..\Run: [Facebook Update] C:\Users\Owner\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\Messenger\YahooMessenger.exe (Yahoo! Inc.) O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy Software Installer.lnk = File not found O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy Software Installer.lnk = File not found O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe (Stardock) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O7 - HKU\S-1-5-21-4118694408-3330837379-2833417039-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 File not found O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\SysWow64\GPhotos.scr (Google Inc.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} http://activex.camfrogweb.com/advanced/2.0.2.3/cfweb_activex.camfrogweb.com-advanced-2.0.2.3_instmodule.exe (CamfrogWEB Advanced Unicode Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/m3/photouploadcontrol/VistaMSNPUpldpt-br.cab (Windows Live Hotmail Photo Upload Tool) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.35.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{670CA8A4-122A-4CC3-A5F2-B51A2FC2880C}: DhcpNameServer = 10.35.1.254 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012/05/16 09:26:11 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.com [2012/05/16 02:46:59 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\How to Access a Violation at the Address Module Ntdll Dll eHow_com_files [2012/05/15 17:34:05 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012/05/15 01:24:53 | 000,000,000 | ---D | C] -- C:\windows\temp [2012/05/15 00:36:17 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe [2012/05/15 00:36:17 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe [2012/05/15 00:36:17 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe [2012/05/15 00:36:06 | 000,000,000 | ---D | C] -- C:\windows\ERDNT [2012/05/15 00:36:01 | 000,000,000 | ---D | C] -- C:\Qoobox [2012/05/14 15:07:18 | 004,492,858 | R--- | C] (Swearware) -- C:\Users\Owner\Desktop\ComboFix.exe [2012/05/14 14:58:34 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\How to use the Windows 7 System Recovery Environment Command Prompt_files [2012/05/14 14:57:53 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Un guide et un tutoriel sur l'utilisation de ComboFix_files [2012/05/14 13:57:53 | 000,000,000 | ---D | C] -- C:\Config.Msi [2012/05/14 12:37:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{3CB64636-84BB-43EB-9944-2303D41FC449} [2012/05/14 09:28:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\FRINGE SAISON 01 FRENCH [2012/05/14 09:23:31 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B0B93C11-08CF-4555-8CBD-8B9E5F80A4B8} [2012/05/14 03:06:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2012/05/14 03:04:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2012/05/14 03:04:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2012/05/13 19:46:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\[www.Cpasbien.com] Red.Tails.2012.FRENCH.BRRIP.XVID.ArRoWs [2012/05/13 19:43:00 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\PeerNetworking [2012/05/13 14:17:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/05/13 14:17:01 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys [2012/05/13 14:17:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012/05/13 13:55:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{EFDB32B4-A363-48F9-9BED-9F79B351F0DB} [2012/05/13 13:19:20 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{42BA1423-83D9-480E-AE8C-69F9087C66C6} [2012/05/13 13:13:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\connectify [2012/05/13 12:57:54 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{78B1FA86-49AD-492D-8D9D-658E2D7D8140} [2012/05/13 12:15:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{2C1C076C-CE1E-4A89-8226-8952DC6E641B} [2012/05/13 09:49:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{955356CB-B8BB-4212-AE58-488C0B204FCD} [2012/05/12 22:24:24 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Problème ntdll_dll - Forums Zebulon_fr_files [2012/05/12 21:52:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Malwarebytes [2012/05/12 21:51:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/05/12 21:36:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F30CFFDF-F135-4EF8-965C-A65879F8ED78} [2012/05/12 21:30:07 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{DD438431-7884-4A1A-ADA0-EF8F0EE2FF31} [2012/05/12 20:19:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{47C484F2-4E69-479E-B975-EBC2BCE9AF51} [2012/05/11 23:30:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{DC07C48B-82FE-433A-8B93-3000BEA10D1F} [2012/05/10 21:49:44 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B74451CD-7B91-4987-925B-22FBD6F525DE} [2012/05/10 19:33:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{411EB123-1310-4B98-90DC-304B7DA97A87} [2012/05/09 17:29:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\RK_Quarantine [2012/05/09 13:00:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\[www.Cpasbien.com] The.Avengers.2012.TRUEFRENCH.TS.MD.XviD-BLOODYMARY [2012/05/07 23:28:19 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine [2012/05/07 23:16:00 | 000,116,016 | ---- | C] (Kaspersky Lab, GERT) -- C:\windows\SysNative\drivers\87617208.sys [2012/05/07 20:51:11 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Owner\Desktop\dds.scr [2012/05/07 17:42:34 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\original ntdll.dll [2012/05/07 16:24:50 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Désactiver l'UAC sous Windows 7 Désactiver l'UAC sous Windows 7 - DepanneTonPC_files [2012/05/07 07:41:56 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Toussaint_Louverture [2012/05/03 19:45:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\1ClickDownload [2012/05/03 16:03:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client [2012/04/23 22:34:09 | 000,000,000 | ---D | C] -- C:\found.000 [2012/04/21 15:42:03 | 000,000,000 | ---D | C] -- C:\windows\en [2012/04/21 15:31:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP [2012/04/17 09:13:24 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Virus - Méthode préliminaire de désinfection_files [2012/04/16 19:35:13 | 000,000,000 | ---D | C] -- C:\ZHP [2012/04/16 19:32:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag [2012/04/16 19:28:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Saamu - Procédure de Décontamination du Saamu_files [2012/04/16 19:06:30 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Skype [2012/04/16 17:27:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group [2012/04/16 17:27:17 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller [1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/05/16 10:28:44 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2012/05/16 10:21:00 | 000,000,898 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2012/05/16 09:54:37 | 000,000,928 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-4118694408-3330837379-2833417039-1001UA.job [2012/05/16 09:26:17 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.com [2012/05/16 08:19:30 | 000,018,736 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/05/16 08:19:30 | 000,018,736 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/05/16 08:11:53 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2012/05/16 08:11:46 | 000,065,536 | ---- | M] () -- C:\windows\SysNative\Ikeext.etl [2012/05/16 08:11:24 | 2312,097,792 | -HS- | M] () -- C:\hiberfil.sys [2012/05/16 02:47:00 | 000,052,051 | ---- | M] () -- C:\Users\Owner\Desktop\How to Access a Violation at the Address Module Ntdll Dll eHow_com.htm [2012/05/15 21:51:00 | 000,000,906 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-4118694408-3330837379-2833417039-1001Core.job [2012/05/15 19:53:29 | 000,743,354 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI [2012/05/15 19:53:29 | 000,635,308 | ---- | M] () -- C:\windows\SysNative\perfh009.dat [2012/05/15 19:53:29 | 000,111,810 | ---- | M] () -- C:\windows\SysNative\perfc009.dat [2012/05/15 01:14:42 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts [2012/05/14 15:17:09 | 004,492,858 | R--- | M] (Swearware) -- C:\Users\Owner\Desktop\ComboFix.exe [2012/05/14 14:58:35 | 000,055,825 | ---- | M] () -- C:\Users\Owner\Desktop\How to use the Windows 7 System Recovery Environment Command Prompt.htm [2012/05/14 14:58:02 | 000,063,797 | ---- | M] () -- C:\Users\Owner\Desktop\Un guide et un tutoriel sur l'utilisation de ComboFix.htm [2012/05/14 13:59:20 | 000,001,985 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2012/05/14 12:57:00 | 000,000,832 | ---- | M] () -- C:\windows\tasks\Google Software Updater.job [2012/05/13 19:43:01 | 000,008,428 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\UserTile.png [2012/05/13 14:17:02 | 000,001,084 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/05/13 09:46:13 | 000,473,024 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT [2012/05/12 22:24:31 | 000,155,656 | ---- | M] () -- C:\Users\Owner\Desktop\Problème ntdll_dll - Forums Zebulon_fr.html [2012/05/09 14:06:46 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_Kernel_xusb21_01007.Wdf [2012/05/07 23:16:00 | 000,116,016 | ---- | M] (Kaspersky Lab, GERT) -- C:\windows\SysNative\drivers\87617208.sys [2012/05/07 20:51:20 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Owner\Desktop\dds.scr [2012/05/07 17:41:36 | 000,585,039 | ---- | M] () -- C:\Users\Owner\Desktop\ntdll.zip [2012/05/07 16:24:53 | 000,022,283 | ---- | M] () -- C:\Users\Owner\Desktop\Désactiver l'UAC sous Windows 7 Désactiver l'UAC sous Windows 7 - DepanneTonPC.html [2012/05/03 16:03:46 | 000,001,945 | ---- | M] () -- C:\windows\epplauncher.mif [2012/05/03 16:03:20 | 000,757,504 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI [2012/04/26 09:57:21 | 000,566,699 | ---- | M] () -- C:\Users\Owner\Desktop\adwcleaner.exe [2012/04/24 12:06:43 | 000,910,522 | ---- | M] () -- C:\Users\Owner\Desktop\PC lent - Forums Zebulon_fr_html&pid=1610161#entry1610161.mht [2012/04/24 11:24:57 | 000,051,425 | ---- | M] () -- C:\Users\Owner\Desktop\coaco appendice.pdf [2012/04/24 11:21:09 | 002,106,189 | ---- | M] () -- C:\Users\Owner\Desktop\peritonite appendiculaire.pdf [2012/04/24 11:03:05 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2012/04/21 15:31:53 | 000,000,973 | ---- | M] () -- C:\Users\Public\Desktop\MBRCheck.lnk [2012/04/21 15:31:53 | 000,000,961 | ---- | M] () -- C:\Users\Public\Desktop\ZHPFix.lnk [2012/04/21 15:31:52 | 000,000,966 | ---- | M] () -- C:\Users\Public\Desktop\ZHPDiag.lnk [2012/04/20 19:30:46 | 000,002,052 | ---- | M] () -- C:\Users\Public\Desktop\Larousse Médical.lnk [2012/04/17 09:13:35 | 000,036,543 | ---- | M] () -- C:\Users\Owner\Desktop\Virus - Méthode préliminaire de désinfection.htm [2012/04/16 19:28:25 | 000,044,040 | ---- | M] () -- C:\Users\Owner\Desktop\Saamu - Procédure de Décontamination du Saamu.html [2012/04/16 18:19:38 | 001,266,224 | ---- | M] () -- C:\Users\Owner\Desktop\Skype ne peut pas se connecter - Skype Support Network.mht [2012/04/16 17:27:17 | 000,001,239 | ---- | M] () -- C:\Users\Owner\Desktop\Revo Uninstaller.lnk [2012/04/16 14:05:31 | 000,193,174 | ---- | M] () -- C:\Users\Owner\Desktop\Modele Lettre sponsors.zip [1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/05/16 02:46:59 | 000,052,051 | ---- | C] () -- C:\Users\Owner\Desktop\How to Access a Violation at the Address Module Ntdll Dll eHow_com.htm [2012/05/15 00:36:17 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe [2012/05/15 00:36:17 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe [2012/05/15 00:36:17 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe [2012/05/15 00:36:17 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe [2012/05/15 00:36:17 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe [2012/05/14 14:58:21 | 000,055,825 | ---- | C] () -- C:\Users\Owner\Desktop\How to use the Windows 7 System Recovery Environment Command Prompt.htm [2012/05/14 14:57:49 | 000,063,797 | ---- | C] () -- C:\Users\Owner\Desktop\Un guide et un tutoriel sur l'utilisation de ComboFix.htm [2012/05/14 13:58:35 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk [2012/05/14 13:58:35 | 000,001,985 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2012/05/13 19:45:19 | 730,234,250 | ---- | C] () -- C:\Users\Owner\Desktop\[www.CpasBien.com] The.Darkest.Hour.2011.FRENCH.BDRiP.MD.XViD-SERUM.avi [2012/05/13 19:43:00 | 000,008,428 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\UserTile.png [2012/05/13 14:17:02 | 000,001,084 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/05/12 22:24:18 | 000,155,656 | ---- | C] () -- C:\Users\Owner\Desktop\Problème ntdll_dll - Forums Zebulon_fr.html [2012/05/09 14:06:46 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_Kernel_xusb21_01007.Wdf [2012/05/07 17:41:32 | 000,585,039 | ---- | C] () -- C:\Users\Owner\Desktop\ntdll.zip [2012/05/07 16:24:47 | 000,022,283 | ---- | C] () -- C:\Users\Owner\Desktop\Désactiver l'UAC sous Windows 7 Désactiver l'UAC sous Windows 7 - DepanneTonPC.html [2012/05/03 16:03:32 | 000,001,926 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk [2012/04/26 09:56:42 | 000,566,699 | ---- | C] () -- C:\Users\Owner\Desktop\adwcleaner.exe [2012/04/24 12:06:36 | 000,910,522 | ---- | C] () -- C:\Users\Owner\Desktop\PC lent - Forums Zebulon_fr_html&pid=1610161#entry1610161.mht [2012/04/24 11:24:57 | 000,051,425 | ---- | C] () -- C:\Users\Owner\Desktop\coaco appendice.pdf [2012/04/24 11:21:08 | 002,106,189 | ---- | C] () -- C:\Users\Owner\Desktop\peritonite appendiculaire.pdf [2012/04/24 11:03:05 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2012/04/21 15:31:53 | 000,000,973 | ---- | C] () -- C:\Users\Public\Desktop\MBRCheck.lnk [2012/04/21 15:31:53 | 000,000,961 | ---- | C] () -- C:\Users\Public\Desktop\ZHPFix.lnk [2012/04/21 15:31:52 | 000,000,966 | ---- | C] () -- C:\Users\Public\Desktop\ZHPDiag.lnk [2012/04/20 19:30:46 | 000,002,052 | ---- | C] () -- C:\Users\Public\Desktop\Larousse Médical.lnk [2012/04/17 09:13:22 | 000,036,543 | ---- | C] () -- C:\Users\Owner\Desktop\Virus - Méthode préliminaire de désinfection.htm [2012/04/16 19:28:14 | 000,044,040 | ---- | C] () -- C:\Users\Owner\Desktop\Saamu - Procédure de Décontamination du Saamu.html [2012/04/16 18:19:38 | 001,266,224 | ---- | C] () -- C:\Users\Owner\Desktop\Skype ne peut pas se connecter - Skype Support Network.mht [2012/04/16 17:27:17 | 000,001,239 | ---- | C] () -- C:\Users\Owner\Desktop\Revo Uninstaller.lnk [2012/04/16 14:05:30 | 000,193,174 | ---- | C] () -- C:\Users\Owner\Desktop\Modele Lettre sponsors.zip [2012/01/26 14:25:44 | 000,002,560 | ---- | C] () -- C:\windows\_MSRSTRT.EXE [2011/10/26 00:11:59 | 000,175,616 | ---- | C] () -- C:\windows\SysWow64\unrar.dll [2011/10/19 22:06:23 | 000,102,912 | ---- | C] () -- C:\windows\SysWow64\EasyHook64.dll [2011/10/19 22:06:23 | 000,084,480 | ---- | C] () -- C:\windows\SysWow64\EasyHook32.dll [2011/07/31 11:40:28 | 000,053,248 | ---- | C] () -- C:\windows\SysWow64\CommonDL.dll [2011/07/31 11:40:28 | 000,002,413 | ---- | C] () -- C:\windows\SysWow64\lgAxconfig.ini [2011/05/20 16:52:29 | 000,001,940 | ---- | C] () -- C:\Users\Owner\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini [2011/05/15 19:07:26 | 000,000,000 | ---- | C] () -- C:\Users\Owner\AppData\Local\{5F094ED4-FC9B-4D45-B386-5D4D5BDC3DD6} [2011/01/04 20:47:41 | 000,110,592 | ---- | C] () -- C:\windows\SysWow64\suppdll.dll [2011/01/04 20:47:41 | 000,035,363 | ---- | C] () -- C:\windows\SysWow64\windrvNT.sys [2010/10/28 14:15:37 | 000,000,196 | ---- | C] () -- C:\windows\ulead32.ini [2010/10/19 20:54:19 | 000,757,504 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI [2010/09/07 11:57:53 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010/05/18 15:13:55 | 000,003,584 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== LOP Check ========== [2010/04/26 18:04:47 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\aHisoft [2010/04/04 23:47:34 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Ashampoo [2012/03/30 19:51:57 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Audacity [2012/05/16 01:35:59 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Dropbox [2011/11/28 01:28:42 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Free MP3 WMA Cutter [2010/05/07 16:49:56 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\FreeAudioPack [2010/05/11 10:29:08 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\FreeCDRipper [2010/11/28 08:26:35 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\gtk-2.0 [2011/10/14 19:11:37 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Leadertech [2011/12/07 01:17:34 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Leawo [2011/04/23 14:54:17 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\LG Electronics [2011/10/11 12:56:01 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ManyCam [2011/07/09 11:04:45 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\mjusbsp [2012/01/08 20:08:27 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ooVoo Details [2010/07/04 11:21:32 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\OpenOffice.org [2012/05/13 19:43:00 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PeerNetworking [2011/04/16 10:02:10 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Smith Micro [2012/03/07 02:40:19 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TeraCopy [2011/11/06 15:12:14 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TestApp [2010/07/16 16:13:56 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Tific [2011/12/07 01:18:38 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\tiger-k [2011/07/17 16:48:09 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Toshiba [2012/01/21 21:25:48 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TuneUp Software [2010/06/12 16:47:35 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Uniblue [2010/04/04 22:53:18 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WinBatch [2011/12/12 13:08:10 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Youtube Downloader HD [2011/04/23 14:54:17 | 000,000,000 | -H-D | M] -- C:\Users\Owner\AppData\Roaming\{D94BA408-F110-488B-A65E-3AE7945F79E6} [2012/05/15 21:51:00 | 000,000,906 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4118694408-3330837379-2833417039-1001Core.job [2012/05/16 09:54:37 | 000,000,928 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4118694408-3330837379-2833417039-1001UA.job [2012/03/29 08:24:15 | 000,032,598 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:553CA6CA @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:862BDB1A @Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:2B11E0DF @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:DFC5A2B2 < End of report >

:-( :-( :-( malwarebytes still can't update.... same message.... program error updating etc...:-( And i was on another forum at zebulon.fr for another problem "ntdll.ddl" when trying using zhpdiag to resolve a problem connecting with skype, so the expert has recommended me to scan with combofix too, it's hasnt been resolved either.... I guess ther's no more solution and that i should throw it out :-(.... nooooooooooo... thx to have try to help me... wish ther's another solution...

After the combofix scan, i got this report: ComboFix 12-05-14.03 - Owner 05/15/2012 0:40.1.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2940.1662 [GMT -5:00] Running from: c:\users\Owner\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} AV: Norton Security Suite *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855} FW: Norton Security Suite *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: Norton Security Suite *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\install.exe c:\users\Owner\Documents\~WRL2476.tmp c:\windows\SysWow64\SET9B26.tmp c:\windows\SysWow64\SETA7B4.tmp c:\windows\UA000011.DLL . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_npf . . ((((((((((((((((((((((((( Files Created from 2012-04-15 to 2012-05-15 ))))))))))))))))))))))))))))))) . . 2012-05-15 05:59 . 2012-05-15 05:59 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-05-14 08:04 . 2012-05-14 08:04 -------- d-----w- c:\program files\Microsoft Silverlight 2012-05-14 08:04 . 2012-05-14 08:04 -------- d-----w- c:\program files (x86)\Microsoft Silverlight 2012-05-14 00:43 . 2012-05-14 00:43 -------- d-----w- c:\users\Owner\AppData\Roaming\PeerNetworking 2012-05-13 19:17 . 2012-05-13 19:17 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-05-13 19:17 . 2012-04-04 20:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-05-13 03:43 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll 2012-05-13 03:43 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll 2012-05-13 03:43 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-13 03:43 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys 2012-05-13 03:43 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-05-13 03:42 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-05-13 03:25 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-05-13 02:52 . 2012-05-13 02:52 -------- d-----w- c:\users\Owner\AppData\Roaming\Malwarebytes 2012-05-13 02:51 . 2012-05-13 02:51 -------- d-----w- c:\programdata\Malwarebytes 2012-05-13 02:33 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-05-13 02:33 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL 2012-05-13 02:33 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2012-05-13 02:33 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll 2012-05-13 02:33 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll 2012-05-13 02:33 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll 2012-05-08 04:28 . 2012-05-08 04:28 -------- d-----w- C:\TDSSKiller_Quarantine 2012-05-08 04:16 . 2012-05-08 04:16 116016 ----a-w- c:\windows\system32\drivers\87617208.sys 2012-05-04 00:45 . 2012-05-08 05:11 -------- d-----w- c:\program files (x86)\1ClickDownload 2012-05-03 21:03 . 2012-05-03 21:03 -------- d-----w- c:\program files (x86)\Microsoft Security Client 2012-04-24 16:03 . 2012-04-24 16:03 512 ----a-w- C:\PhysicalMBR.bin 2012-04-24 03:34 . 2012-04-24 03:34 -------- d-----w- C:\found.000 2012-04-21 20:42 . 2012-04-21 20:42 -------- d-----w- c:\windows\en 2012-04-21 20:37 . 2012-03-08 23:40 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys 2012-04-21 20:30 . 2012-04-21 20:30 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\922e4ef81cd1ffd02\MeshBetaRemover.exe 2012-04-21 20:30 . 2012-04-21 20:30 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\91d63c0e1cd1ffd01\DXSETUP.exe 2012-04-21 20:30 . 2012-04-21 20:30 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\91d63c0e1cd1ffd01\DSETUP.dll 2012-04-21 20:30 . 2012-04-21 20:30 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\91d63c0e1cd1ffd01\dsetup32.dll 2012-04-17 00:35 . 2012-04-30 22:01 -------- d-----w- C:\ZHP 2012-04-17 00:32 . 2012-04-30 22:01 -------- d-----w- c:\program files (x86)\ZHPDiag 2012-04-17 00:06 . 2012-04-24 07:24 -------- d-----w- c:\users\Owner\AppData\Roaming\Skype 2012-04-16 22:27 . 2012-04-16 22:27 -------- d-----w- c:\program files (x86)\VS Revo Group . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-03 21:04 . 2012-05-03 21:05 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7A01FFE5-F898-4A0F-B6B6-3B84BFEEB9E1}\gapaengine.dll 2012-04-13 08:46 . 2012-05-15 02:49 8917360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D80D9C4C-AA47-4B6B-8656-E70ED5428AF8}\mpengine.dll 2012-04-13 08:46 . 2012-05-13 22:05 8917360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-03-21 01:44 . 2012-03-21 01:44 98688 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2012-03-21 01:44 . 2012-03-21 01:44 203888 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2012-03-08 23:50 . 2012-03-08 23:50 49016 ----a-w- c:\windows\SysWow64\sirenacm.dll 2012-03-08 23:37 . 2012-03-08 23:37 302448 ----a-w- c:\windows\WLXPGSS.SCR 2012-03-01 06:46 . 2012-04-12 23:41 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-03-01 06:38 . 2012-04-12 23:41 220672 ----a-w- c:\windows\system32\wintrust.dll 2012-03-01 06:33 . 2012-04-12 23:41 81408 ----a-w- c:\windows\system32\imagehlp.dll 2012-03-01 06:28 . 2012-04-12 23:41 5120 ----a-w- c:\windows\system32\wmi.dll 2012-03-01 05:37 . 2012-04-12 23:41 172544 ----a-w- c:\windows\SysWow64\wintrust.dll 2012-03-01 05:33 . 2012-04-12 23:41 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll 2012-03-01 05:29 . 2012-04-12 23:41 5120 ----a-w- c:\windows\SysWow64\wmi.dll 2012-02-28 06:56 . 2012-04-12 23:46 2311168 ----a-w- c:\windows\system32\jscript9.dll 2012-02-28 06:49 . 2012-04-12 23:46 1390080 ----a-w- c:\windows\system32\wininet.dll 2012-02-28 06:48 . 2012-04-12 23:46 1493504 ----a-w- c:\windows\system32\inetcpl.cpl 2012-02-28 06:42 . 2012-04-12 23:46 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-02-28 01:18 . 2012-04-12 23:46 1799168 ----a-w- c:\windows\SysWow64\jscript9.dll 2012-02-28 01:11 . 2012-04-12 23:46 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2012-02-28 01:11 . 2012-04-12 23:46 1127424 ----a-w- c:\windows\SysWow64\wininet.dll 2012-02-28 01:03 . 2012-04-12 23:46 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb 2012-02-17 06:38 . 2012-03-19 22:44 1031680 ----a-w- c:\windows\system32\rdpcore.dll 2012-02-17 05:34 . 2012-03-19 22:44 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll 2012-02-17 04:58 . 2012-03-19 22:44 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-02-17 04:57 . 2012-03-19 22:44 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{09e55ba0-f9c6-4b81-82df-46853f6f7b3f}] 2010-06-11 03:41 2515552 ----a-w- c:\program files (x86)\Soft-Search\tbSof1.dll . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{33727f97-486d-4d19-97c3-23f432ef93fc}] 2010-09-27 17:11 2735200 ----a-w- c:\program files (x86)\mywebsites.pro-FR\tbmyw0.dll . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{389943B0-C3A2-4E69-82CB-8596A84CB3DC}] . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{92A9ACF4-9333-43AE-9698-DB283326F87F}] 2011-10-20 03:05 2660016 ----a-w- c:\program files (x86)\SpeedBit Video Downloader\TBU89\tbcore3.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{33727f97-486d-4d19-97c3-23f432ef93fc}"= "c:\program files (x86)\mywebsites.pro-FR\tbmyw0.dll" [2010-09-27 2735200] "{09e55ba0-f9c6-4b81-82df-46853f6f7b3f}"= "c:\program files (x86)\Soft-Search\tbSof1.dll" [2010-06-11 2515552] . [HKEY_CLASSES_ROOT\clsid\{33727f97-486d-4d19-97c3-23f432ef93fc}] . [HKEY_CLASSES_ROOT\clsid\{09e55ba0-f9c6-4b81-82df-46853f6f7b3f}] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-11-13 39408] "Messenger (Yahoo!)"="c:\progra~2\Yahoo!\MESSEN~1\MESSEN~1\YahooMessenger.exe" [2011-06-16 6276408] "ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2008-10-24 79136] "Facebook Update"="c:\users\Owner\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2011-11-07 137536] "ISUSPM Startup"="c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2010-11-29 1294712] "UIExec"="c:\program files (x86)\NATCOM 3G\UIExec.exe" [2011-11-18 153424] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712] . c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Stardock ObjectDock.lnk - c:\program files (x86)\Stardock\ObjectDock\ObjectDock.exe [2010-4-4 3450608] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Best Buy Software Installer.lnk - c:\program files\Best Buy Software Installer\Best Buy Software Installer.exe [2009-10-5 1132472] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" . R1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20111014.001\BHDrvx64.sys [2011-10-14 1155704] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-05 135664] R3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys [x] R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408] R3 ew_mbbusbdev;MBB USB PNP Device;c:\windows\system32\DRIVERS\ew_mbbusbdev.sys [x] R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-05 135664] R3 HSPADataCardusbmdm;HSPADataCard Proprietary USB Driver;c:\windows\system32\DRIVERS\HSPADataCardusbmdm.sys [x] R3 HSPADataCardusbnmea;HSPADataCard NMEA Port;c:\windows\system32\DRIVERS\HSPADataCardusbnmea.sys [x] R3 HSPADataCardusbser;HSPADataCard Diagnostic Port;c:\windows\system32\DRIVERS\HSPADataCardusbser.sys [x] R3 HSPADataCardusbvoice;HSPADataCard VoUSB Port;c:\windows\system32\DRIVERS\HSPADataCardusbvoice.sys [x] R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x] R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x] R3 mbbdatacard;MBB DataCard USB Modem and USB Serial;c:\windows\system32\DRIVERS\ewusbmdm.sys [x] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] R3 PTDUBus;PANTECH UM175 Composite Device Driver ;c:\windows\system32\DRIVERS\PTDUBus.sys [x] R3 PTDUMdm;PANTECH UM175 Drivers;c:\windows\system32\DRIVERS\PTDUMdm.sys [x] R3 PTDUVsp;PANTECH UM175 Diagnostic Port;c:\windows\system32\DRIVERS\PTDUVsp.sys [x] R3 PTDUWFLT;PTDUWWAN Filter Driver;c:\windows\system32\DRIVERS\PTDUWFLT.sys [x] R3 PTDUWWAN;PANTECH UM175 WWAN Driver;c:\windows\system32\DRIVERS\PTDUWWAN.sys [x] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x] R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x] R3 SMSIVZAM5X64;SMSIVZAM5X64 NDIS Protocol Driver;c:\progra~2\VERIZO~1\VZACCE~1\SMSIVZAM5X64.SYS [2009-05-25 43032] R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-11-29 54136] R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-04 137560] R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-04 826224] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\0403000.005\SYMDS64.SYS [x] S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\0403000.005\SYMEFA64.SYS [x] S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [x] S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360x64\0403000.005\ccHPx64.sys [x] S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20111026.030\IDSvia64.sys [2011-08-23 488568] S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\0403000.005\Ironx64.SYS [x] S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\N360x64\0403000.005\SYMTDIV.SYS [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816] S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-11 248688] S2 ConfigFree Gadget Service;ConfigFree Gadget Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-15 42368] S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-11 46448] S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [2010-11-16 339456] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408] S2 N360;Norton Security Suite;c:\program files (x86)\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe [2010-02-26 126392] S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2009-08-11 252272] S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [x] S2 UI Assistant Service;UI Assistant Service;c:\program files (x86)\NATCOM 3G\AssistantServices.exe [2011-11-18 270672] S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [x] S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys [x] S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys [x] S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys [x] S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam_x64.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . Contents of the 'Scheduled Tasks' folder . 2012-05-15 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4118694408-3330837379-2833417039-1001Core.job - c:\users\Owner\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-07 02:45] . 2012-05-15 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4118694408-3330837379-2833417039-1001UA.job - c:\users\Owner\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-07 02:45] . 2012-05-14 c:\windows\Tasks\Google Software Updater.job - c:\program files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-11-13 01:20] . 2012-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-05 05:06] . 2012-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-05 05:06] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 165912] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 387608] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 365592] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-29 7982112] "TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2009-08-04 709976] "Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 190536] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168] "combofix"="c:\combofix\CF5378.3XE" [2010-11-20 345088] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com/ mStart Page = hxxp://www.google.fr mLocal Page = c:\windows\SysWOW64\blank.htm IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105 . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) Wow6432Node-HKCU-Run-ares - c:\program files (x86)\Ares\Ares.exe SafeBoot-42060062.sys Toolbar-Locked - (no file) WebBrowser-{33727F97-486D-4D19-97C3-23F432EF93FC} - (no file) WebBrowser-{09E55BA0-F9C6-4B81-82DF-46853F6F7B3F} - (no file) ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file) HKLM-Run-(Default) - (no file) HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe AddRemove-Macromedia Shockwave Player - c:\windows\System32\Macromed\SHOCKW~1\UNWISE.EXE . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\N360] "ImagePath"="\"c:\program files (x86)\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton Security Suite\Engine\4.3.0.5\diMaster.dll\" /prefetch:1" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Bonjour\mDNSResponder.exe c:\program files (x86)\Common Files\Speedbit\SbUpdate\SBUpdate.exe c:\program files (x86)\Common Files\Speedbit\SbUpdate\SBUpdate.exe c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe . ************************************************************************** . Completion time: 2012-05-15 01:24:49 - machine was rebooted ComboFix-quarantined-files.txt 2012-05-15 06:24 . Pre-Run: 16,463,269,888 bytes free Post-Run: 16,629,927,936 bytes free . - - End Of File - - 77B1C32B51F0D8E440A7E9CD254B3929

Hi... After dowloading the latest updates for malwarebytes, the report is: Malwarebytes Anti-Malware (Essai) 1.61.0.1400 www.malwarebytes.org Version de la base de données: v2012.05.07.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Owner :: OWNER-PC [administrateur] Protection: Désactivé 5/13/2012 2:25:07 PM mbam-log-2012-05-13 (14-25-07).txt Type d'examen: Examen complet Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM Options d'examen désactivées: P2P Elément(s) analysé(s): 479415 Temps écoulé: 1 heure(s), 50 minute(s), 25 seconde(s) Processus mémoire détecté(s): 0 (Aucun élément nuisible détecté) Module(s) mémoire détecté(s): 0 (Aucun élément nuisible détecté) Clé(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Valeur(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Elément(s) de données du Registre détecté(s): 0 (Aucun élément nuisible détecté) Dossier(s) détecté(s): 0 (Aucun élément nuisible détecté) Fichier(s) détecté(s): 0 (Aucun élément nuisible détecté) (fin) The report for tdss killer is (no malicious objects found): 16:48:31.0976 6188 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18 16:48:32.0191 6188 ============================================================ 16:48:32.0191 6188 Current date / time: 2012/05/13 16:48:32.0191 16:48:32.0191 6188 SystemInfo: 16:48:32.0191 6188 16:48:32.0191 6188 OS Version: 6.1.7601 ServicePack: 1.0 16:48:32.0191 6188 Product type: Workstation 16:48:32.0191 6188 ComputerName: OWNER-PC 16:48:32.0191 6188 UserName: Owner 16:48:32.0191 6188 Windows directory: C:\windows 16:48:32.0191 6188 System windows directory: C:\windows 16:48:32.0191 6188 Running under WOW64 16:48:32.0191 6188 Processor architecture: Intel x64 16:48:32.0191 6188 Number of processors: 2 16:48:32.0191 6188 Page size: 0x1000 16:48:32.0191 6188 Boot type: Normal boot 16:48:32.0191 6188 ============================================================ 16:48:34.0048 6188 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 16:48:34.0065 6188 ============================================================ 16:48:34.0065 6188 \Device\Harddisk0\DR0: 16:48:34.0065 6188 MBR partitions: 16:48:34.0065 6188 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x23F1B000 16:48:34.0065 6188 ============================================================ 16:48:34.0170 6188 C: <-> \Device\Harddisk0\DR0\Partition0 16:48:36.0342 6188 ============================================================ 16:48:36.0342 6188 Initialize success 16:48:36.0342 6188 ============================================================ 16:49:27.0837 4212 ============================================================ 16:49:27.0837 4212 Scan started 16:49:27.0837 4212 Mode: Manual; 16:49:27.0837 4212 ============================================================ 16:49:29.0023 4212 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys 16:49:29.0026 4212 1394ohci - ok 16:49:29.0177 4212 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys 16:49:29.0181 4212 ACPI - ok 16:49:29.0272 4212 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys 16:49:29.0274 4212 AcpiPmi - ok 16:49:29.0307 4212 Scan interrupted by user! 16:49:29.0307 4212 Scan interrupted by user! 16:49:29.0307 4212 Scan interrupted by user! 16:49:29.0307 4212 ============================================================ 16:49:29.0307 4212 Scan finished 16:49:29.0307 4212 ============================================================ 16:49:29.0325 0920 Detected object count: 0 16:49:29.0325 0920 Actual detected object count: 0 16:49:41.0300 1664 ============================================================ 16:49:41.0300 1664 Scan started 16:49:41.0300 1664 Mode: Manual; SigCheck; TDLFS; 16:49:41.0300 1664 ============================================================ 16:49:41.0715 1664 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys 16:49:42.0047 1664 1394ohci - ok 16:49:42.0056 1664 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys 16:49:42.0166 1664 ACPI - ok 16:49:42.0180 1664 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys 16:49:42.0373 1664 AcpiPmi - ok 16:49:42.0455 1664 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys 16:49:42.0496 1664 adp94xx - ok 16:49:42.0605 1664 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys 16:49:42.0628 1664 adpahci - ok 16:49:42.0717 1664 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys 16:49:42.0737 1664 adpu320 - ok 16:49:42.0782 1664 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll 16:49:42.0996 1664 AeLookupSvc - ok 16:49:43.0111 1664 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys 16:49:43.0215 1664 AFD - ok 16:49:43.0387 1664 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\windows\system32\DRIVERS\agrsm64.sys 16:49:43.0529 1664 AgereSoftModem - ok 16:49:43.0643 1664 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys 16:49:43.0669 1664 agp440 - ok 16:49:43.0756 1664 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe 16:49:43.0824 1664 ALG - ok 16:49:43.0905 1664 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys 16:49:43.0922 1664 aliide - ok 16:49:44.0011 1664 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys 16:49:44.0027 1664 amdide - ok 16:49:44.0119 1664 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys 16:49:44.0205 1664 AmdK8 - ok 16:49:44.0249 1664 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys 16:49:44.0413 1664 AmdPPM - ok 16:49:44.0496 1664 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys 16:49:44.0522 1664 amdsata - ok 16:49:44.0576 1664 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys 16:49:44.0602 1664 amdsbs - ok 16:49:44.0622 1664 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys 16:49:44.0643 1664 amdxata - ok 16:49:44.0728 1664 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys 16:49:44.0905 1664 AppID - ok 16:49:44.0932 1664 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll 16:49:45.0041 1664 AppIDSvc - ok 16:49:45.0133 1664 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll 16:49:45.0216 1664 Appinfo - ok 16:49:45.0437 1664 Apple Mobile Device (018857ead9a077a56aedfc0e5ef7a24a) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 16:49:45.0463 1664 Apple Mobile Device - ok 16:49:45.0548 1664 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys 16:49:45.0587 1664 arc - ok 16:49:45.0614 1664 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys 16:49:45.0648 1664 arcsas - ok 16:49:45.0977 1664 aspnet_state - ok 16:49:46.0055 1664 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys 16:49:46.0235 1664 AsyncMac - ok 16:49:46.0417 1664 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys 16:49:46.0455 1664 atapi - ok 16:49:46.0766 1664 athur (36322190763845975e0d001e90687bf2) C:\windows\system32\DRIVERS\athurx.sys 16:49:46.0911 1664 athur - ok 16:49:47.0321 1664 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll 16:49:47.0469 1664 AudioEndpointBuilder - ok 16:49:47.0479 1664 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll 16:49:47.0536 1664 AudioSrv - ok 16:49:47.0619 1664 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll 16:49:47.0770 1664 AxInstSV - ok 16:49:47.0904 1664 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys 16:49:47.0994 1664 b06bdrv - ok 16:49:48.0096 1664 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys 16:49:48.0160 1664 b57nd60a - ok 16:49:48.0389 1664 BBSvc (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe 16:49:48.0412 1664 BBSvc - ok 16:49:48.0492 1664 BBUpdate (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe 16:49:48.0521 1664 BBUpdate - ok 16:49:48.0541 1664 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll 16:49:48.0630 1664 BDESVC - ok 16:49:48.0700 1664 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys 16:49:48.0782 1664 Beep - ok 16:49:48.0925 1664 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll 16:49:49.0021 1664 BFE - ok 16:49:49.0481 1664 BHDrvx64 (cd0ecb395666fc9ae23d7381e9e3370d) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20111014.001\BHDrvx64.sys 16:49:49.0658 1664 BHDrvx64 - ok 16:49:49.0955 1664 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll 16:49:50.0145 1664 BITS - ok 16:49:50.0280 1664 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys 16:49:50.0346 1664 blbdrive - ok 16:49:50.0557 1664 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files (x86)\Bonjour\mDNSResponder.exe 16:49:50.0577 1664 Bonjour Service - ok 16:49:50.0642 1664 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys 16:49:50.0685 1664 bowser - ok 16:49:50.0763 1664 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys 16:49:50.0859 1664 BrFiltLo - ok 16:49:50.0872 1664 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys 16:49:50.0895 1664 BrFiltUp - ok 16:49:50.0956 1664 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll 16:49:51.0053 1664 Browser - ok 16:49:51.0113 1664 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys 16:49:51.0179 1664 Brserid - ok 16:49:51.0208 1664 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys 16:49:51.0261 1664 BrSerWdm - ok 16:49:51.0338 1664 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys 16:49:51.0384 1664 BrUsbMdm - ok 16:49:51.0415 1664 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys 16:49:51.0464 1664 BrUsbSer - ok 16:49:51.0502 1664 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys 16:49:51.0567 1664 BTHMODEM - ok 16:49:51.0644 1664 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll 16:49:51.0722 1664 bthserv - ok 16:49:51.0885 1664 ccHP (da66e851e76766d2c84502fe682ab175) C:\windows\system32\drivers\N360x64\0403000.005\ccHPx64.sys 16:49:51.0915 1664 ccHP - ok 16:49:51.0993 1664 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys 16:49:52.0071 1664 cdfs - ok 16:49:52.0143 1664 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys 16:49:52.0200 1664 cdrom - ok 16:49:52.0270 1664 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll 16:49:52.0364 1664 CertPropSvc - ok 16:49:52.0476 1664 cfWiMAXService (837ff2d497880198c918e6954dbd170c) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe 16:49:52.0491 1664 cfWiMAXService - ok 16:49:52.0579 1664 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys 16:49:52.0637 1664 circlass - ok 16:49:52.0697 1664 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys 16:49:52.0727 1664 CLFS - ok 16:49:52.0786 1664 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 16:49:52.0811 1664 clr_optimization_v2.0.50727_32 - ok 16:49:52.0858 1664 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 16:49:52.0874 1664 clr_optimization_v2.0.50727_64 - ok 16:49:53.0020 1664 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 16:49:53.0037 1664 clr_optimization_v4.0.30319_32 - ok 16:49:53.0063 1664 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 16:49:53.0079 1664 clr_optimization_v4.0.30319_64 - ok 16:49:53.0148 1664 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys 16:49:53.0205 1664 CmBatt - ok 16:49:53.0249 1664 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys 16:49:53.0264 1664 cmdide - ok 16:49:53.0355 1664 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys 16:49:53.0428 1664 CNG - ok 16:49:53.0543 1664 cnnctfy2 (040ff3b09f26926a3792e047db0f47dd) C:\windows\system32\DRIVERS\cnnctfy2.sys 16:49:53.0564 1664 cnnctfy2 - ok 16:49:53.0644 1664 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys 16:49:53.0670 1664 Compbatt - ok 16:49:53.0745 1664 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys 16:49:53.0787 1664 CompositeBus - ok 16:49:53.0815 1664 COMSysApp - ok 16:49:53.0900 1664 ConfigFree Gadget Service (d252c53bcdfc199bba55eeb10cdb266e) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe 16:49:53.0910 1664 ConfigFree Gadget Service - ok 16:49:53.0924 1664 ConfigFree Service (cab0eeaf5295fc96ddd3e19dce27e131) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe 16:49:53.0940 1664 ConfigFree Service - ok 16:49:54.0177 1664 Connectify (452d0996f0bbf20dd6c142662b748e37) C:\Program Files (x86)\Connectify\ConnectifyService.exe 16:49:54.0207 1664 Connectify ( UnsignedFile.Multi.Generic ) - warning 16:49:54.0207 1664 Connectify - detected UnsignedFile.Multi.Generic (1) 16:49:54.0246 1664 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys 16:49:54.0265 1664 crcdisk - ok 16:49:54.0383 1664 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\windows\system32\cryptsvc.dll 16:49:54.0466 1664 CryptSvc - ok 16:49:54.0569 1664 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll 16:49:54.0671 1664 DcomLaunch - ok 16:49:54.0751 1664 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll 16:49:54.0840 1664 defragsvc - ok 16:49:54.0924 1664 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys 16:49:54.0997 1664 DfsC - ok 16:49:55.0091 1664 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll 16:49:55.0178 1664 Dhcp - ok 16:49:55.0231 1664 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys 16:49:55.0309 1664 discache - ok 16:49:55.0402 1664 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys 16:49:55.0420 1664 Disk - ok 16:49:55.0486 1664 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll 16:49:55.0571 1664 Dnscache - ok 16:49:55.0662 1664 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll 16:49:55.0741 1664 dot3svc - ok 16:49:55.0821 1664 dot4 (b42ed0320c6e41102fde0005154849bb) C:\windows\system32\DRIVERS\Dot4.sys 16:49:55.0868 1664 dot4 - ok 16:49:55.0950 1664 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\windows\system32\drivers\Dot4Prt.sys 16:49:56.0008 1664 Dot4Print - ok 16:49:56.0072 1664 Dot4Scan (488669cd1cd3bdcfdd9a5fda72209069) C:\windows\system32\DRIVERS\Dot4Scan.sys 16:49:56.0123 1664 Dot4Scan - ok 16:49:56.0199 1664 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\windows\system32\DRIVERS\dot4usb.sys 16:49:56.0247 1664 dot4usb - ok 16:49:56.0295 1664 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll 16:49:56.0381 1664 DPS - ok 16:49:56.0452 1664 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys 16:49:56.0503 1664 drmkaud - ok 16:49:56.0616 1664 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys 16:49:56.0666 1664 DXGKrnl - ok 16:49:56.0758 1664 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll 16:49:56.0837 1664 EapHost - ok 16:49:57.0048 1664 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys 16:49:57.0166 1664 ebdrv - ok 16:49:57.0293 1664 eeCtrl (5e3a50930447f464c66032e05a4632f5) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 16:49:57.0323 1664 eeCtrl - ok 16:49:57.0511 1664 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe 16:49:57.0584 1664 EFS - ok 16:49:57.0764 1664 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe 16:49:57.0864 1664 ehRecvr - ok 16:49:57.0889 1664 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe 16:49:57.0924 1664 ehSched - ok 16:49:58.0065 1664 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys 16:49:58.0098 1664 elxstor - ok 16:49:58.0153 1664 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys 16:49:58.0204 1664 ErrDev - ok 16:49:58.0293 1664 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll 16:49:58.0377 1664 EventSystem - ok 16:49:58.0458 1664 ewusbnet (50fcbbedad133d6bf402a7ce08ea95a3) C:\windows\system32\DRIVERS\ewusbnet.sys 16:49:58.0543 1664 ewusbnet - ok 16:49:58.0642 1664 ew_mbbusbdev (296dfceece424cd630cf8fdaf0cb0c09) C:\windows\system32\DRIVERS\ew_mbbusbdev.sys 16:49:58.0723 1664 ew_mbbusbdev - ok 16:49:58.0770 1664 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys 16:49:58.0859 1664 exfat - ok 16:49:58.0892 1664 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys 16:49:58.0984 1664 fastfat - ok 16:49:59.0085 1664 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe 16:49:59.0162 1664 Fax - ok 16:49:59.0223 1664 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys 16:49:59.0287 1664 fdc - ok 16:49:59.0342 1664 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll 16:49:59.0421 1664 fdPHost - ok 16:49:59.0460 1664 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll 16:49:59.0530 1664 FDResPub - ok 16:49:59.0577 1664 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys 16:49:59.0593 1664 FileInfo - ok 16:49:59.0613 1664 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys 16:49:59.0666 1664 Filetrace - ok 16:49:59.0724 1664 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys 16:49:59.0741 1664 flpydisk - ok 16:49:59.0830 1664 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys 16:49:59.0860 1664 FltMgr - ok 16:49:59.0982 1664 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll 16:50:00.0025 1664 FontCache - ok 16:50:00.0126 1664 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 16:50:00.0137 1664 FontCache3.0.0.0 - ok 16:50:00.0186 1664 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys 16:50:00.0203 1664 FsDepends - ok 16:50:00.0277 1664 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\windows\system32\DRIVERS\fssfltr.sys 16:50:00.0298 1664 fssfltr - ok 16:50:00.0516 1664 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 16:50:00.0570 1664 fsssvc - ok 16:50:00.0713 1664 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys 16:50:00.0731 1664 Fs_Rec - ok 16:50:00.0820 1664 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys 16:50:00.0843 1664 fvevol - ok 16:50:00.0929 1664 FwLnk (60acb128e64c35c2b4e4aab1b0a5c293) C:\windows\system32\DRIVERS\FwLnk.sys 16:50:01.0001 1664 FwLnk - ok 16:50:01.0072 1664 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys 16:50:01.0089 1664 gagp30kx - ok 16:50:01.0130 1664 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys 16:50:01.0141 1664 GEARAspiWDM - ok 16:50:01.0237 1664 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll 16:50:01.0325 1664 gpsvc - ok 16:50:01.0500 1664 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 16:50:01.0513 1664 gupdate - ok 16:50:01.0600 1664 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 16:50:01.0613 1664 gupdatem - ok 16:50:01.0692 1664 gusvc (408ddd80eede47175f6844817b90213e) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 16:50:01.0708 1664 gusvc - ok 16:50:01.0736 1664 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys 16:50:01.0815 1664 hcw85cir - ok 16:50:01.0911 1664 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys 16:50:01.0975 1664 HdAudAddService - ok 16:50:02.0060 1664 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys 16:50:02.0114 1664 HDAudBus - ok 16:50:02.0147 1664 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys 16:50:02.0190 1664 HidBatt - ok 16:50:02.0238 1664 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys 16:50:02.0294 1664 HidBth - ok 16:50:02.0324 1664 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys 16:50:02.0380 1664 HidIr - ok 16:50:02.0422 1664 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll 16:50:02.0498 1664 hidserv - ok 16:50:02.0567 1664 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys 16:50:02.0588 1664 HidUsb - ok 16:50:02.0646 1664 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll 16:50:02.0735 1664 hkmsvc - ok 16:50:02.0781 1664 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll 16:50:02.0865 1664 HomeGroupListener - ok 16:50:02.0934 1664 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll 16:50:02.0985 1664 HomeGroupProvider - ok 16:50:03.0052 1664 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys 16:50:03.0073 1664 HpSAMD - ok 16:50:03.0156 1664 HSPADataCardusbmdm (65120337e224a686f87ddd635f17c81b) C:\windows\system32\DRIVERS\HSPADataCardusbmdm.sys 16:50:03.0230 1664 HSPADataCardusbmdm - ok 16:50:03.0322 1664 HSPADataCardusbnmea (65120337e224a686f87ddd635f17c81b) C:\windows\system32\DRIVERS\HSPADataCardusbnmea.sys 16:50:03.0336 1664 HSPADataCardusbnmea - ok 16:50:03.0360 1664 HSPADataCardusbser (65120337e224a686f87ddd635f17c81b) C:\windows\system32\DRIVERS\HSPADataCardusbser.sys 16:50:03.0375 1664 HSPADataCardusbser - ok 16:50:03.0448 1664 HSPADataCardusbvoice (65120337e224a686f87ddd635f17c81b) C:\windows\system32\DRIVERS\HSPADataCardusbvoice.sys 16:50:03.0482 1664 HSPADataCardusbvoice - ok 16:50:03.0578 1664 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys 16:50:03.0636 1664 HTTP - ok 16:50:03.0677 1664 huawei_enumerator - ok 16:50:03.0744 1664 hwdatacard (aa379e6e47d1594f489b0e9215230a6a) C:\windows\system32\DRIVERS\ewusbmdm.sys 16:50:03.0814 1664 hwdatacard - ok 16:50:03.0906 1664 HWDeviceService64.exe - ok 16:50:03.0974 1664 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys 16:50:03.0994 1664 hwpolicy - ok 16:50:04.0071 1664 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys 16:50:04.0089 1664 i8042prt - ok 16:50:04.0181 1664 iaStor (bbb3b6df1abb0fe35802ede85cc1c011) C:\windows\system32\DRIVERS\iaStor.sys 16:50:04.0204 1664 iaStor - ok 16:50:04.0306 1664 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys 16:50:04.0336 1664 iaStorV - ok 16:50:04.0526 1664 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 16:50:04.0573 1664 idsvc - ok 16:50:04.0869 1664 IDSVia64 (0b97f1a640ad3d159a7b5d2164c42e50) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20111026.030\IDSvia64.sys 16:50:04.0900 1664 IDSVia64 - ok 16:50:05.0841 1664 igfx (3c3f27002abc69c5afe29cbe6cf7addf) C:\windows\system32\DRIVERS\igdkmd64.sys 16:50:06.0325 1664 igfx - ok 16:50:06.0489 1664 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys 16:50:06.0512 1664 iirsp - ok 16:50:06.0660 1664 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll 16:50:06.0761 1664 IKEEXT - ok 16:50:06.0951 1664 IntcAzAudAddService (0c3cf4b3bae28e121a1689e3538f8712) C:\windows\system32\drivers\RTKVHD64.sys 16:50:07.0017 1664 IntcAzAudAddService - ok 16:50:07.0178 1664 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys 16:50:07.0196 1664 intelide - ok 16:50:07.0274 1664 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys 16:50:07.0330 1664 intelppm - ok 16:50:07.0362 1664 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll 16:50:07.0417 1664 IPBusEnum - ok 16:50:07.0494 1664 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys 16:50:07.0627 1664 IpFilterDriver - ok 16:50:07.0710 1664 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll 16:50:07.0815 1664 iphlpsvc - ok 16:50:07.0865 1664 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys 16:50:07.0897 1664 IPMIDRV - ok 16:50:07.0928 1664 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys 16:50:08.0022 1664 IPNAT - ok 16:50:08.0152 1664 iPod Service (e94503089df8976f5c4c9d5168e9765f) C:\Program Files\iPod\bin\iPodService.exe 16:50:08.0195 1664 iPod Service - ok 16:50:08.0258 1664 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys 16:50:08.0358 1664 IRENUM - ok 16:50:08.0412 1664 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys 16:50:08.0427 1664 isapnp - ok 16:50:08.0493 1664 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys 16:50:08.0524 1664 iScsiPrt - ok 16:50:08.0583 1664 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys 16:50:08.0599 1664 kbdclass - ok 16:50:08.0662 1664 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\DRIVERS\kbdhid.sys 16:50:08.0682 1664 kbdhid - ok 16:50:08.0744 1664 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe 16:50:08.0762 1664 KeyIso - ok 16:50:08.0784 1664 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys 16:50:08.0802 1664 KSecDD - ok 16:50:08.0872 1664 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys 16:50:08.0901 1664 KSecPkg - ok 16:50:08.0923 1664 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys 16:50:09.0007 1664 ksthunk - ok 16:50:09.0073 1664 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll 16:50:09.0148 1664 KtmRm - ok 16:50:09.0244 1664 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll 16:50:09.0324 1664 LanmanServer - ok 16:50:09.0374 1664 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll 16:50:09.0453 1664 LanmanWorkstation - ok 16:50:09.0534 1664 LgBttPort (174803f2eea3b22165dfe0e5a1f20685) C:\windows\system32\DRIVERS\lgbtpt64.sys 16:50:09.0617 1664 LgBttPort - ok 16:50:09.0739 1664 lgbusenum (565f93bb7c0361e61b3daea670c354d6) C:\windows\system32\DRIVERS\lgbtbs64.sys 16:50:09.0752 1664 lgbusenum - ok 16:50:09.0813 1664 LGVMODEM (abf477857b7ced873362ec92c6ce10a7) C:\windows\system32\DRIVERS\lgvmdm64.sys 16:50:09.0828 1664 LGVMODEM - ok 16:50:09.0913 1664 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys 16:50:09.0968 1664 lltdio - ok 16:50:10.0008 1664 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll 16:50:10.0084 1664 lltdsvc - ok 16:50:10.0121 1664 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll 16:50:10.0179 1664 lmhosts - ok 16:50:10.0268 1664 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys 16:50:10.0292 1664 LSI_FC - ok 16:50:10.0317 1664 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys 16:50:10.0337 1664 LSI_SAS - ok 16:50:10.0357 1664 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys 16:50:10.0379 1664 LSI_SAS2 - ok 16:50:10.0400 1664 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys 16:50:10.0425 1664 LSI_SCSI - ok 16:50:10.0450 1664 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys 16:50:10.0527 1664 luafv - ok 16:50:10.0643 1664 ManyCam (d33e2b74cf8b3a652bf0a9fbd068e87a) C:\windows\system32\DRIVERS\ManyCam_x64.sys 16:50:10.0683 1664 ManyCam - ok 16:50:10.0781 1664 massfilter (035c83cd72e06c47000793d32b1a642d) C:\windows\system32\drivers\massfilter.sys 16:50:10.0863 1664 massfilter - ok 16:50:10.0934 1664 mbbdatacard (aa379e6e47d1594f489b0e9215230a6a) C:\windows\system32\DRIVERS\ewusbmdm.sys 16:50:10.0970 1664 mbbdatacard - ok 16:50:11.0031 1664 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll 16:50:11.0082 1664 Mcx2Svc - ok 16:50:11.0108 1664 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys 16:50:11.0125 1664 megasas - ok 16:50:11.0171 1664 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys 16:50:11.0192 1664 MegaSR - ok 16:50:11.0332 1664 Microsoft SharePoint Workspace Audit Service - ok 16:50:11.0411 1664 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll 16:50:11.0495 1664 MMCSS - ok 16:50:11.0529 1664 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys 16:50:11.0610 1664 Modem - ok 16:50:11.0654 1664 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys 16:50:11.0720 1664 monitor - ok 16:50:11.0800 1664 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys 16:50:11.0817 1664 mouclass - ok 16:50:11.0882 1664 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys 16:50:11.0926 1664 mouhid - ok 16:50:11.0979 1664 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys 16:50:11.0994 1664 mountmgr - ok 16:50:12.0108 1664 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\windows\system32\DRIVERS\MpFilter.sys 16:50:12.0136 1664 MpFilter - ok 16:50:12.0198 1664 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys 16:50:12.0218 1664 mpio - ok 16:50:12.0255 1664 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys 16:50:12.0312 1664 mpsdrv - ok 16:50:12.0425 1664 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll 16:50:12.0528 1664 MpsSvc - ok 16:50:12.0581 1664 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys 16:50:12.0629 1664 MRxDAV - ok 16:50:12.0678 1664 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys 16:50:12.0751 1664 mrxsmb - ok 16:50:12.0817 1664 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys 16:50:12.0879 1664 mrxsmb10 - ok 16:50:12.0937 1664 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys 16:50:12.0961 1664 mrxsmb20 - ok 16:50:13.0021 1664 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys 16:50:13.0047 1664 msahci - ok 16:50:13.0106 1664 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys 16:50:13.0132 1664 msdsm - ok 16:50:13.0164 1664 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe 16:50:13.0219 1664 MSDTC - ok 16:50:13.0282 1664 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys 16:50:13.0352 1664 Msfs - ok 16:50:13.0421 1664 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys 16:50:13.0496 1664 mshidkmdf - ok 16:50:13.0533 1664 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys 16:50:13.0549 1664 msisadrv - ok 16:50:13.0591 1664 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll 16:50:13.0674 1664 MSiSCSI - ok 16:50:13.0683 1664 msiserver - ok 16:50:13.0763 1664 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys 16:50:13.0843 1664 MSKSSRV - ok 16:50:14.0077 1664 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe 16:50:14.0105 1664 MsMpSvc - ok 16:50:14.0181 1664 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys 16:50:14.0269 1664 MSPCLOCK - ok 16:50:14.0303 1664 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys 16:50:14.0376 1664 MSPQM - ok 16:50:14.0457 1664 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys 16:50:14.0494 1664 MsRPC - ok 16:50:14.0564 1664 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys 16:50:14.0581 1664 mssmbios - ok 16:50:14.0604 1664 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys 16:50:14.0681 1664 MSTEE - ok 16:50:14.0716 1664 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys 16:50:14.0742 1664 MTConfig - ok 16:50:14.0774 1664 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys 16:50:14.0794 1664 Mup - ok 16:50:15.0022 1664 N360 (8e643fd5f38fa9a2eda27268a1e9499f) C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe 16:50:15.0043 1664 N360 - ok 16:50:15.0128 1664 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll 16:50:15.0220 1664 napagent - ok 16:50:15.0308 1664 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys 16:50:15.0379 1664 NativeWifiP - ok 16:50:15.0482 1664 NAVENG - ok 16:50:15.0516 1664 NAVEX15 - ok 16:50:15.0625 1664 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys 16:50:15.0668 1664 NDIS - ok 16:50:15.0756 1664 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys 16:50:15.0835 1664 NdisCap - ok 16:50:15.0889 1664 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys 16:50:15.0953 1664 NdisTapi - ok 16:50:16.0024 1664 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys 16:50:16.0109 1664 Ndisuio - ok 16:50:16.0170 1664 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys 16:50:16.0263 1664 NdisWan - ok 16:50:16.0314 1664 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys 16:50:16.0369 1664 NDProxy - ok 16:50:16.0439 1664 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys 16:50:16.0535 1664 NetBIOS - ok 16:50:16.0588 1664 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys 16:50:16.0672 1664 NetBT - ok 16:50:16.0712 1664 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe 16:50:16.0731 1664 Netlogon - ok 16:50:16.0820 1664 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll 16:50:16.0908 1664 Netman - ok 16:50:16.0966 1664 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll 16:50:17.0065 1664 netprofm - ok 16:50:17.0148 1664 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 16:50:17.0167 1664 NetTcpPortSharing - ok 16:50:17.0245 1664 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys 16:50:17.0265 1664 nfrd960 - ok 16:50:17.0367 1664 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\windows\system32\DRIVERS\NisDrvWFP.sys 16:50:17.0387 1664 NisDrv - ok 16:50:17.0616 1664 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe 16:50:17.0639 1664 NisSrv - ok 16:50:17.0736 1664 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll 16:50:17.0792 1664 NlaSvc - ok 16:50:17.0844 1664 npf - ok 16:50:17.0888 1664 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys 16:50:17.0947 1664 Npfs - ok 16:50:17.0968 1664 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll 16:50:18.0057 1664 nsi - ok 16:50:18.0087 1664 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys 16:50:18.0181 1664 nsiproxy - ok 16:50:18.0328 1664 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys 16:50:18.0386 1664 Ntfs - ok 16:50:18.0491 1664 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys 16:50:18.0573 1664 Null - ok 16:50:18.0655 1664 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys 16:50:18.0675 1664 nvraid - ok 16:50:18.0763 1664 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys 16:50:18.0784 1664 nvstor - ok 16:50:18.0854 1664 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys 16:50:18.0875 1664 nv_agp - ok 16:50:18.0942 1664 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys 16:50:18.0969 1664 ohci1394 - ok 16:50:19.0108 1664 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 16:50:19.0128 1664 ose - ok 16:50:19.0532 1664 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 16:50:19.0821 1664 osppsvc - ok 16:50:20.0057 1664 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll 16:50:20.0157 1664 p2pimsvc - ok 16:50:20.0214 1664 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll 16:50:20.0253 1664 p2psvc - ok 16:50:20.0316 1664 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys 16:50:20.0344 1664 Parport - ok 16:50:20.0416 1664 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys 16:50:20.0445 1664 partmgr - ok 16:50:20.0487 1664 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll 16:50:20.0554 1664 PcaSvc - ok 16:50:20.0600 1664 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys 16:50:20.0624 1664 pci - ok 16:50:20.0691 1664 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys 16:50:20.0710 1664 pciide - ok 16:50:20.0763 1664 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys 16:50:20.0784 1664 pcmcia - ok 16:50:20.0810 1664 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys 16:50:20.0833 1664 pcw - ok 16:50:20.0883 1664 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys 16:50:20.0955 1664 PEAUTH - ok 16:50:21.0016 1664 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe 16:50:21.0069 1664 PerfHost - ok 16:50:21.0201 1664 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys 16:50:21.0217 1664 PGEffect - ok 16:50:21.0463 1664 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll 16:50:21.0591 1664 pla - ok 16:50:21.0694 1664 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll 16:50:21.0794 1664 PlugPlay - ok 16:50:21.0816 1664 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll 16:50:21.0845 1664 PNRPAutoReg - ok 16:50:21.0865 1664 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll 16:50:21.0895 1664 PNRPsvc - ok 16:50:21.0971 1664 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll 16:50:22.0052 1664 PolicyAgent - ok 16:50:22.0109 1664 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll 16:50:22.0200 1664 Power - ok 16:50:22.0329 1664 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys 16:50:22.0403 1664 PptpMiniport - ok 16:50:22.0442 1664 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys 16:50:22.0483 1664 Processor - ok 16:50:22.0546 1664 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\windows\system32\profsvc.dll 16:50:22.0619 1664 ProfSvc - ok 16:50:22.0667 1664 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe 16:50:22.0697 1664 ProtectedStorage - ok 16:50:22.0783 1664 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys 16:50:22.0839 1664 Psched - ok 16:50:22.0934 1664 PTDUBus (bccea08c45bea866ffd2af32d23611b5) C:\windows\system32\DRIVERS\PTDUBus.sys 16:50:22.0952 1664 PTDUBus - ok 16:50:23.0034 1664 PTDUMdm (f94a0753921e97cebb9002682097149a) C:\windows\system32\DRIVERS\PTDUMdm.sys 16:50:23.0057 1664 PTDUMdm - ok 16:50:23.0138 1664 PTDUVsp (ac70cdae9e26d26ef6f41c3c23087aae) C:\windows\system32\DRIVERS\PTDUVsp.sys 16:50:23.0160 1664 PTDUVsp - ok 16:50:23.0243 1664 PTDUWFLT (1d2bd34a8e5c9efd75085af598a7d9b4) C:\windows\system32\DRIVERS\PTDUWFLT.sys 16:50:23.0261 1664 PTDUWFLT - ok 16:50:23.0327 1664 PTDUWWAN (3d47d2ae93fdf671c3c997b2fac4e13f) C:\windows\system32\DRIVERS\PTDUWWAN.sys 16:50:23.0346 1664 PTDUWWAN - ok 16:50:23.0432 1664 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\windows\system32\Drivers\PxHlpa64.sys 16:50:23.0453 1664 PxHlpa64 - ok 16:50:23.0601 1664 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys 16:50:23.0669 1664 ql2300 - ok 16:50:23.0775 1664 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys 16:50:23.0793 1664 ql40xx - ok 16:50:23.0835 1664 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll 16:50:23.0875 1664 QWAVE - ok 16:50:23.0895 1664 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys 16:50:23.0956 1664 QWAVEdrv - ok 16:50:23.0996 1664 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys 16:50:24.0078 1664 RasAcd - ok 16:50:24.0144 1664 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys 16:50:24.0196 1664 RasAgileVpn - ok 16:50:24.0212 1664 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll 16:50:24.0294 1664 RasAuto - ok 16:50:24.0345 1664 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys 16:50:24.0424 1664 Rasl2tp - ok 16:50:24.0512 1664 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll 16:50:24.0576 1664 RasMan - ok 16:50:24.0664 1664 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys 16:50:24.0743 1664 RasPppoe - ok 16:50:24.0774 1664 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys 16:50:24.0861 1664 RasSstp - ok 16:50:24.0941 1664 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys 16:50:25.0032 1664 rdbss - ok 16:50:25.0066 1664 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys 16:50:25.0119 1664 rdpbus - ok 16:50:25.0151 1664 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys 16:50:25.0212 1664 RDPCDD - ok 16:50:25.0288 1664 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys 16:50:25.0367 1664 RDPENCDD - ok 16:50:25.0402 1664 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys 16:50:25.0451 1664 RDPREFMP - ok 16:50:25.0513 1664 RDPWD (6d76e6433574b058adcb0c50df834492) C:\windows\system32\drivers\RDPWD.sys 16:50:25.0586 1664 RDPWD - ok 16:50:25.0655 1664 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys 16:50:25.0679 1664 rdyboost - ok 16:50:25.0725 1664 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll 16:50:25.0802 1664 RemoteAccess - ok 16:50:25.0850 1664 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll 16:50:25.0937 1664 RemoteRegistry - ok 16:50:26.0020 1664 RimUsb (5790bca445cc40df8b38c2c48608aac2) C:\windows\system32\Drivers\RimUsb_AMD64.sys 16:50:26.0101 1664 RimUsb - ok 16:50:26.0167 1664 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll 16:50:26.0269 1664 RpcEptMapper - ok 16:50:26.0314 1664 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe 16:50:26.0357 1664 RpcLocator - ok 16:50:26.0427 1664 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll 16:50:26.0503 1664 RpcSs - ok 16:50:26.0532 1664 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys 16:50:26.0580 1664 rspndr - ok 16:50:26.0669 1664 RSUSBSTOR (8c22f21c924413d4e109995f748e18bb) C:\windows\system32\Drivers\RtsUStor.sys 16:50:26.0740 1664 RSUSBSTOR - ok 16:50:26.0884 1664 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\windows\system32\DRIVERS\Rt64win7.sys 16:50:26.0910 1664 RTL8167 - ok 16:50:27.0115 1664 rtl8192se (9d2a069a116289a5c0776488007f62be) C:\windows\system32\DRIVERS\rtl8192se.sys 16:50:27.0209 1664 rtl8192se - ok 16:50:27.0214 1664 RtsUIR - ok 16:50:27.0282 1664 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe 16:50:27.0299 1664 SamSs - ok 16:50:27.0370 1664 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys 16:50:27.0388 1664 sbp2port - ok 16:50:27.0419 1664 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll 16:50:27.0505 1664 SCardSvr - ok 16:50:27.0558 1664 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys 16:50:27.0658 1664 scfilter - ok 16:50:27.0822 1664 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll 16:50:27.0929 1664 Schedule - ok 16:50:27.0989 1664 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll 16:50:28.0047 1664 SCPolicySvc - ok 16:50:28.0071 1664 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll 16:50:28.0190 1664 SDRSVC - ok 16:50:28.0299 1664 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys 16:50:28.0364 1664 secdrv - ok 16:50:28.0421 1664 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll 16:50:28.0509 1664 seclogon - ok 16:50:28.0553 1664 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll 16:50:28.0628 1664 SENS - ok 16:50:28.0711 1664 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll 16:50:28.0743 1664 SensrSvc - ok 16:50:28.0833 1664 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys 16:50:28.0879 1664 Serenum - ok 16:50:28.0934 1664 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys 16:50:28.0953 1664 Serial - ok 16:50:29.0042 1664 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys 16:50:29.0068 1664 sermouse - ok 16:50:29.0144 1664 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll 16:50:29.0225 1664 SessionEnv - ok 16:50:29.0269 1664 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys 16:50:29.0331 1664 sffdisk - ok 16:50:29.0359 1664 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys 16:50:29.0437 1664 sffp_mmc - ok 16:50:29.0473 1664 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys 16:50:29.0539 1664 sffp_sd - ok 16:50:29.0591 1664 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys 16:50:29.0611 1664 sfloppy - ok 16:50:29.0695 1664 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll 16:50:29.0789 1664 SharedAccess - ok 16:50:29.0865 1664 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll 16:50:29.0972 1664 ShellHWDetection - ok 16:50:30.0021 1664 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys 16:50:30.0041 1664 SiSRaid2 - ok 16:50:30.0084 1664 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys 16:50:30.0099 1664 SiSRaid4 - ok 16:50:30.0163 1664 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys 16:50:30.0228 1664 Smb - ok 16:50:30.0358 1664 SMSIVZAM5X64 (b5d3c24e4ea8e6d4850e83dad8c510d4) C:\PROGRA~2\VERIZO~1\VZACCE~1\SMSIVZAM5X64.SYS 16:50:30.0379 1664 SMSIVZAM5X64 - ok 16:50:30.0460 1664 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe 16:50:30.0511 1664 SNMPTRAP - ok 16:50:30.0552 1664 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys 16:50:30.0567 1664 spldr - ok 16:50:30.0657 1664 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe 16:50:30.0715 1664 Spooler - ok 16:50:31.0018 1664 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe 16:50:31.0225 1664 sppsvc - ok 16:50:31.0344 1664 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll 16:50:31.0397 1664 sppuinotify - ok 16:50:31.0641 1664 SRTSP (96babc4906ecdb1c69d1176f8647ad8e) C:\windows\System32\Drivers\N360x64\0403000.005\SRTSP64.SYS 16:50:31.0678 1664 SRTSP - ok 16:50:31.0705 1664 SRTSPX (c7f491a290e0e4222f5cdcd50eeb8167) C:\windows\system32\drivers\N360x64\0403000.005\SRTSPX64.SYS 16:50:31.0722 1664 SRTSPX - ok 16:50:31.0801 1664 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys 16:50:31.0882 1664 srv - ok 16:50:31.0919 1664 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys 16:50:31.0974 1664 srv2 - ok 16:50:32.0028 1664 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys 16:50:32.0053 1664 srvnet - ok 16:50:32.0135 1664 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll 16:50:32.0228 1664 SSDPSRV - ok 16:50:32.0266 1664 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll 16:50:32.0337 1664 SstpSvc - ok 16:50:32.0371 1664 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys 16:50:32.0386 1664 stexstor - ok 16:50:32.0497 1664 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll 16:50:32.0567 1664 stisvc - ok 16:50:32.0664 1664 stllssvr (ff5eb78af7dfb68c2fb363537aaf753e) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe 16:50:32.0683 1664 stllssvr - ok 16:50:32.0738 1664 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys 16:50:32.0754 1664 swenum - ok 16:50:32.0800 1664 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll 16:50:32.0892 1664 swprv - ok 16:50:32.0998 1664 SymDS (659b227a72b76115975a6a9491b2fe1f) C:\windows\system32\drivers\N360x64\0403000.005\SYMDS64.SYS 16:50:33.0026 1664 SymDS - ok 16:50:33.0106 1664 SymEFA (42c952d131eff724a9959bb6d78c1b63) C:\windows\system32\drivers\N360x64\0403000.005\SYMEFA64.SYS 16:50:33.0148 1664 SymEFA - ok 16:50:33.0232 1664 SymEvent (3f9d5fe52585e2653e59fdbfdf09a94c) C:\windows\system32\Drivers\SYMEVENT64x86.SYS 16:50:33.0254 1664 SymEvent - ok 16:50:33.0357 1664 SymIRON (f57588546e738db1583981d8f44e9bc2) C:\windows\system32\drivers\N360x64\0403000.005\Ironx64.SYS 16:50:33.0388 1664 SymIRON - ok 16:50:33.0424 1664 SYMTDIv (8abb6e5b7d75cd3f0a988695d0d9186a) C:\windows\System32\Drivers\N360x64\0403000.005\SYMTDIV.SYS 16:50:33.0453 1664 SYMTDIv - ok 16:50:33.0549 1664 SynTP (be7311da9d6833fa69ed04b744a1c8f8) C:\windows\system32\DRIVERS\SynTP.sys 16:50:33.0575 1664 SynTP - ok 16:50:33.0839 1664 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll 16:50:33.0953 1664 SysMain - ok 16:50:34.0125 1664 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll 16:50:34.0181 1664 TabletInputService - ok 16:50:34.0232 1664 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll 16:50:34.0330 1664 TapiSrv - ok 16:50:34.0392 1664 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll 16:50:34.0449 1664 TBS - ok 16:50:34.0688 1664 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys 16:50:34.0763 1664 Tcpip - ok 16:50:35.0165 1664 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys 16:50:35.0247 1664 TCPIP6 - ok 16:50:35.0580 1664 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys 16:50:35.0656 1664 tcpipreg - ok 16:50:35.0759 1664 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys 16:50:35.0795 1664 tdcmdpst - ok 16:50:35.0844 1664 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys 16:50:35.0930 1664 TDPIPE - ok 16:50:35.0989 1664 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys 16:50:36.0043 1664 TDTCP - ok 16:50:36.0117 1664 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys 16:50:36.0175 1664 tdx - ok 16:50:36.0243 1664 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys 16:50:36.0260 1664 TermDD - ok 16:50:36.0346 1664 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll 16:50:36.0455 1664 TermService - ok 16:50:36.0498 1664 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll 16:50:36.0559 1664 Themes - ok 16:50:36.0616 1664 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll 16:50:36.0668 1664 THREADORDER - ok 16:50:36.0895 1664 TMachInfo (83e91963c4452be6899503cf9ebfd3ed) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe 16:50:36.0909 1664 TMachInfo - ok 16:50:36.0939 1664 TODDSrv (ed32035bdfeced1ad66d459fd9cc1140) C:\Windows\system32\TODDSrv.exe 16:50:36.0955 1664 TODDSrv - ok 16:50:37.0049 1664 TosCoSrv (4db8c79bcea76063b83b13410366a1f7) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe 16:50:37.0073 1664 TosCoSrv - ok 16:50:37.0129 1664 TOSHIBA eco Utility Service (32ff64d06a91daa0331c624aff442679) C:\Program Files\TOSHIBA\TECO\TecoService.exe 16:50:37.0155 1664 TOSHIBA eco Utility Service - ok 16:50:37.0248 1664 TOSHIBA HDD SSD Alert Service (dd58e1250f604cbbadda04575e5e2376) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe 16:50:37.0273 1664 TOSHIBA HDD SSD Alert Service - ok 16:50:37.0396 1664 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\windows\system32\DRIVERS\tos_sps64.sys 16:50:37.0436 1664 tos_sps64 - ok 16:50:37.0516 1664 TPCHSrv (de64c52bd0671165cf2eebf2a728a3e2) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe 16:50:37.0550 1664 TPCHSrv - ok 16:50:37.0740 1664 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll 16:50:37.0834 1664 TrkWks - ok 16:50:37.0929 1664 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe 16:50:38.0021 1664 TrustedInstaller - ok 16:50:38.0124 1664 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys 16:50:38.0199 1664 tssecsrv - ok 16:50:38.0276 1664 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys 16:50:38.0321 1664 TsUsbFlt - ok 16:50:38.0417 1664 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys 16:50:38.0504 1664 tunnel - ok 16:50:38.0566 1664 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS 16:50:38.0587 1664 TVALZ - ok 16:50:38.0672 1664 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys 16:50:38.0691 1664 TVALZFL - ok 16:50:38.0726 1664 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys 16:50:38.0747 1664 uagp35 - ok 16:50:38.0822 1664 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys 16:50:38.0906 1664 udfs - ok 16:50:39.0100 1664 UI Assistant Service (75d143f71e9c92405af82e3ab1129d8c) C:\Program Files (x86)\NATCOM 3G\AssistantServices.exe 16:50:39.0128 1664 UI Assistant Service - ok 16:50:39.0158 1664 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe 16:50:39.0182 1664 UI0Detect - ok 16:50:39.0266 1664 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys 16:50:39.0292 1664 uliagpkx - ok 16:50:39.0356 1664 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys 16:50:39.0426 1664 umbus - ok 16:50:39.0470 1664 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys 16:50:39.0525 1664 UmPass - ok 16:50:39.0614 1664 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll 16:50:39.0734 1664 upnphost - ok 16:50:39.0830 1664 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\windows\system32\Drivers\usbaapl64.sys 16:50:39.0852 1664 USBAAPL64 - ok 16:50:39.0950 1664 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\windows\system32\drivers\usbaudio.sys 16:50:39.0982 1664 usbaudio - ok 16:50:40.0068 1664 usbbus (5fcc71487888589a9244af54cfefab29) C:\windows\system32\DRIVERS\lgx64bus.sys 16:50:40.0141 1664 usbbus - ok 16:50:40.0204 1664 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys 16:50:40.0242 1664 usbccgp - ok 16:50:40.0248 1664 USBCCID - ok 16:50:40.0352 1664 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys 16:50:40.0375 1664 usbcir - ok 16:50:40.0440 1664 UsbDiag (3fb6e423f7567c92c32ea786f5fd0c69) C:\windows\system32\DRIVERS\lgx64diag.sys 16:50:40.0476 1664 UsbDiag - ok 16:50:40.0531 1664 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys 16:50:40.0582 1664 usbehci - ok 16:50:40.0657 1664 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys 16:50:40.0707 1664 usbhub - ok 16:50:40.0791 1664 USBModem (78d551f5b93488b4666f5fc8dd4815f3) C:\windows\system32\DRIVERS\lgx64modem.sys 16:50:40.0806 1664 USBModem - ok 16:50:40.0820 1664 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys 16:50:40.0864 1664 usbohci - ok 16:50:40.0933 1664 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys 16:50:40.0980 1664 usbprint - ok 16:50:41.0036 1664 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys 16:50:41.0092 1664 usbscan - ok 16:50:41.0128 1664 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS 16:50:41.0216 1664 USBSTOR - ok 16:50:41.0278 1664 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\DRIVERS\usbuhci.sys 16:50:41.0325 1664 usbuhci - ok 16:50:41.0454 1664 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\system32\Drivers\usbvideo.sys 16:50:41.0481 1664 usbvideo - ok 16:50:41.0500 1664 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll 16:50:41.0643 1664 UxSms - ok 16:50:41.0692 1664 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe 16:50:41.0745 1664 VaultSvc - ok 16:50:41.0815 1664 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys 16:50:41.0838 1664 vdrvroot - ok 16:50:41.0926 1664 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe 16:50:41.0998 1664 vds - ok 16:50:42.0022 1664 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys 16:50:42.0049 1664 vga - ok 16:50:42.0071 1664 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys 16:50:42.0152 1664 VgaSave - ok 16:50:42.0205 1664 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys 16:50:42.0227 1664 vhdmp - ok 16:50:42.0316 1664 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys 16:50:42.0346 1664 viaide - ok 16:50:42.0406 1664 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys 16:50:42.0433 1664 volmgr - ok 16:50:42.0512 1664 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys 16:50:42.0539 1664 volmgrx - ok 16:50:42.0613 1664 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys 16:50:42.0643 1664 volsnap - ok 16:50:42.0734 1664 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys 16:50:42.0760 1664 vsmraid - ok 16:50:42.0918 1664 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe 16:50:43.0079 1664 VSS - ok 16:50:43.0204 1664 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys 16:50:43.0256 1664 vwifibus - ok 16:50:43.0317 1664 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys 16:50:43.0374 1664 vwififlt - ok 16:50:43.0408 1664 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys 16:50:43.0437 1664 vwifimp - ok 16:50:43.0480 1664 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll 16:50:43.0541 1664 W32Time - ok 16:50:43.0573 1664 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys 16:50:43.0591 1664 WacomPen - ok 16:50:43.0672 1664 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys 16:50:43.0748 1664 WANARP - ok 16:50:43.0757 1664 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys 16:50:43.0806 1664 Wanarpv6 - ok 16:50:43.0947 1664 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe 16:50:44.0006 1664 WatAdminSvc - ok 16:50:44.0129 1664 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe 16:50:44.0267 1664 wbengine - ok 16:50:44.0397 1664 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll 16:50:44.0436 1664 WbioSrvc - ok 16:50:44.0517 1664 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll 16:50:44.0597 1664 wcncsvc - ok 16:50:44.0629 1664 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll 16:50:44.0655 1664 WcsPlugInService - ok 16:50:44.0704 1664 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys 16:50:44.0725 1664 Wd - ok 16:50:44.0820 1664 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys 16:50:44.0870 1664 Wdf01000 - ok 16:50:44.0893 1664 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll 16:50:45.0015 1664 WdiServiceHost - ok 16:50:45.0018 1664 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll 16:50:45.0052 1664 WdiSystemHost - ok 16:50:45.0121 1664 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll 16:50:45.0155 1664 WebClient - ok 16:50:45.0198 1664 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll 16:50:45.0286 1664 Wecsvc - ok 16:50:45.0335 1664 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll 16:50:45.0434 1664 wercplsupport - ok 16:50:45.0505 1664 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll 16:50:45.0572 1664 WerSvc - ok 16:50:45.0616 1664 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys 16:50:45.0671 1664 WfpLwf - ok 16:50:45.0690 1664 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys 16:50:45.0710 1664 WIMMount - ok 16:50:45.0734 1664 WinDefend - ok 16:50:45.0786 1664 windrvNT - ok 16:50:45.0790 1664 WinHttpAutoProxySvc - ok 16:50:45.0875 1664 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll 16:50:45.0968 1664 Winmgmt - ok 16:50:46.0114 1664 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll 16:50:46.0292 1664 WinRM - ok 16:50:46.0631 1664 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys 16:50:46.0677 1664 WinUsb - ok 16:50:46.0759 1664 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll 16:50:46.0805 1664 Wlansvc - ok 16:50:46.0948 1664 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 16:50:46.0976 1664 wlcrasvc - ok 16:50:47.0266 1664 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 16:50:47.0339 1664 wlidsvc - ok 16:50:47.0547 1664 WmBEnum (680a7846370000d20d7e74917d5b7936) C:\windows\system32\drivers\WmBEnum.sys 16:50:47.0567 1664 WmBEnum - ok 16:50:47.0676 1664 WmFilter (14c35ba8189c6f65d839163aa285e954) C:\windows\system32\drivers\WmFilter.sys 16:50:47.0694 1664 WmFilter - ok 16:50:47.0751 1664 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys 16:50:47.0791 1664 WmiAcpi - ok 16:50:47.0862 1664 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe 16:50:47.0914 1664 wmiApSrv - ok 16:50:47.0996 1664 WMPNetworkSvc - ok 16:50:48.0078 1664 WmVirHid (8488dd91a3ee54a8e29f02ad7bb8201e) C:\windows\system32\drivers\WmVirHid.sys 16:50:48.0097 1664 WmVirHid - ok 16:50:48.0180 1664 WmXlCore (14802b3a30aa849c97cb968ccc813bf3) C:\windows\system32\drivers\WmXlCore.sys 16:50:48.0198 1664 WmXlCore - ok 16:50:48.0220 1664 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll 16:50:48.0249 1664 WPCSvc - ok 16:50:48.0314 1664 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll 16:50:48.0337 1664 WPDBusEnum - ok 16:50:48.0368 1664 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys 16:50:48.0429 1664 ws2ifsl - ok 16:50:48.0446 1664 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll 16:50:48.0501 1664 wscsvc - ok 16:50:48.0505 1664 WSearch - ok 16:50:48.0659 1664 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\windows\system32\wuaueng.dll 16:50:48.0789 1664 wuauserv - ok 16:50:48.0958 1664 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys 16:50:49.0006 1664 WudfPf - ok 16:50:49.0082 1664 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys 16:50:49.0161 1664 WUDFRd - ok 16:50:49.0205 1664 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll 16:50:49.0259 1664 wudfsvc - ok 16:50:49.0296 1664 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll 16:50:49.0350 1664 WwanSvc - ok 16:50:49.0458 1664 xnacc (4a5ce13408945e525503b5f73d29b9c5) C:\windows\system32\DRIVERS\xnacc.sys 16:50:49.0534 1664 xnacc - ok 16:50:49.0625 1664 xusb21 (38f55d07b1d3391065c40ec065f984e2) C:\windows\system32\DRIVERS\xusb21.sys 16:50:49.0672 1664 xusb21 - ok 16:50:49.0883 1664 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe 16:50:49.0911 1664 YahooAUService - ok 16:50:50.0006 1664 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0 16:50:50.0240 1664 \Device\Harddisk0\DR0 - ok 16:50:50.0281 1664 Boot (0x1200) (d98d89a71f01fbc9c0e0a2ec4f8abbca) \Device\Harddisk0\DR0\Partition0 16:50:50.0282 1664 \Device\Harddisk0\DR0\Partition0 - ok 16:50:50.0283 1664 ============================================================ 16:50:50.0283 1664 Scan finished 16:50:50.0283 1664 ============================================================ 16:50:50.0295 6904 Detected object count: 1 16:50:50.0295 6904 Actual detected object count: 1 16:51:55.0777 6904 Connectify ( UnsignedFile.Multi.Generic ) - skipped by user 16:51:55.0777 6904 Connectify ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:04:50.0174 6376 Deinitialize success thx

hi... did all... Same message... :-( error updating etc.....

hi thx. here for the report: RogueKiller V7.4.4 [05/08/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User: Owner [Admin rights] Mode: Remove -- Date: 05/09/2012 17:30:26 ¤¤¤ Bad processes: 1 ¤¤¤ [sUSP PATH] DCSHelper.exe -- C:\ProgramData\DatacardService\DCSHelper.exe -> KILLED [TermProc] ¤¤¤ Registry Entries: 2 ¤¤¤ [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0) [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ ¤¤¤ MBR Check: ¤¤¤

Hello... please help me.... i want to update malwarebytes... i think i m infected.... i have made the dss thing and here are the result: . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29 Run by Owner at 21:10:44 on 2012-05-07 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2940.1797 [GMT -5:00] . AV: Norton Security Suite *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855} AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: Norton Security Suite *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8} FW: Norton Security Suite *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E} . ============== Running Processes =============== . C:\windows\system32\wininit.exe C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k NetworkService C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\windows\System32\spoolsv.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\windows\system32\taskhost.exe C:\windows\system32\Dwm.exe C:\windows\system32\taskeng.exe C:\windows\Explorer.EXE C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\ProgramData\DatacardService\HWDeviceService64.exe C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe C:\ProgramData\DatacardService\DCSHelper.exe C:\windows\system32\svchost.exe -k imgsvc C:\Windows\system32\TODDSrv.exe C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe C:\Program Files\TOSHIBA\TECO\TecoService.exe C:\Program Files (x86)\NATCOM 3G\AssistantServices.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\System32\igfxtray.exe C:\windows\system32\igfxsrvc.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe C:\Program Files\TOSHIBA\TECO\Teco.exe C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe C:\Program Files\Logitech\Gaming Software\LWEMon.exe C:\windows\system32\igfxext.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe C:\Program Files (x86)\NATCOM 3G\UIExec.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Stardock\ObjectDock\Dock64.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\NATCOM 3G\UIMain.exe C:\Program Files (x86)\NATCOM 3G\CMUpdater.exe C:\Windows\system32\WUDFHost.exe C:\windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Common Files\Speedbit\SbUpdate\SBUpdate.exe C:\PROGRA~2\Yahoo!\MESSEN~1\MESSEN~1\ymsgr_tray.exe c:\Program Files\Microsoft Security Client\MpCmdRun.exe C:\windows\system32\SearchProtocolHost.exe C:\windows\system32\SearchFilterHost.exe C:\windows\SysWOW64\cmd.exe C:\windows\system32\conhost.exe C:\windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uSearch Page = uStart Page = hxxp://www.google.com/ uWindow Title = Internet Explorer, optimized for Bing and MSN uSearch Bar = mDefault_Search_URL = hxxp://mywwwsites.com mDefault_Page_URL = hxxp://mywwwsites.com mStart Page = hxxp://www.google.fr mSearch Page = hxxp://mywwwsites.com mURLSearchHooks: mywebsites.pro-FR Toolbar: {33727f97-486d-4d19-97c3-23f432ef93fc} - C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll mURLSearchHooks: Soft-Search Toolbar: {09e55ba0-f9c6-4b81-82df-46853f6f7b3f} - C:\Program Files (x86)\Soft-Search\tbSof1.dll mWinlogon: Userinit=C:\windows\SysWOW64\userinit.exe, BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll BHO: Soft-Search Toolbar: {09e55ba0-f9c6-4b81-82df-46853f6f7b3f} - C:\Program Files (x86)\Soft-Search\tbSof1.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: mywebsites.pro-FR Toolbar: {33727f97-486d-4d19-97c3-23f432ef93fc} - C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll BHO: SearchPredictObj Class: {389943b0-c3a2-4e69-82cb-8596a84cb3dc} - C:\PROGRA~2\SEARCH~2\SEARCH~1.DLL BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\coIEPlg.dll BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\IPSBHO.DLL BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: SBCONVERT Class: {92a9acf4-9333-43ae-9698-db283326f87f} - C:\Program Files (x86)\SpeedBit Video Downloader\TBU89\tbcore3.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll BHO: GrabberObj Class: {ff7c3cf0-4b15-11d1-abed-709549c10000} - C:\Program Files (x86)\SpeedBit Video Downloader\TBU89\grabber.dll TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\coIEPlg.dll TB: mywebsites.pro-FR Toolbar: {33727f97-486d-4d19-97c3-23f432ef93fc} - C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll TB: Soft-Search Toolbar: {09e55ba0-f9c6-4b81-82df-46853f6f7b3f} - C:\Program Files (x86)\Soft-Search\tbSof1.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll TB: SpeedBit Video Downloader: {0329e7d6-6f54-462d-93f6-f5c3118badf2} - C:\Program Files (x86)\SpeedBit Video Downloader\TBU89\tbcore3.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll" uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\MESSEN~1\MESSEN~1\YahooMessenger.exe" -quiet uRun: [iSUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start uRun: [Facebook Update] "C:\Users\Owner\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver uRun: [iSUSPM Startup] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 mRun: [uIExec] "C:\Program Files (x86)\NATCOM 3G\UIExec.exe" mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray dRunOnce: [<NO NAME>] StartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\STARDO~1.LNK - C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe uPolicies-explorer: HideClock = 0 (0x0) mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Add to Google Photos Screensa&ver - C:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105 IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - hxxp://activex.camfrogweb.com/advanced/2.0.2.3/cfweb_activex.camfrogweb.com-advanced-2.0.2.3_instmodule.exe DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx1.hotmail.com/mail/w4/m3/photouploadcontrol/VistaMSNPUpldpt-br.cab TCP: Interfaces\{670CA8A4-122A-4CC3-A5F2-B51A2FC2880C} : DhcpNameServer = 10.35.1.254 TCP: Interfaces\{670CA8A4-122A-4CC3-A5F2-B51A2FC2880C}\0556163686541676C656D27657563747 : DhcpNameServer = 192.168.33.1 200.4.175.2 200.4.174.12 TCP: Interfaces\{670CA8A4-122A-4CC3-A5F2-B51A2FC2880C}\4497E65687 : DhcpNameServer = 192.168.2.1 68.87.64.150 68.87.75.198 TCP: Interfaces\{670CA8A4-122A-4CC3-A5F2-B51A2FC2880C}\C696E6B6379737 : DhcpNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll BHO-X64: 0x1 - No File BHO-X64: Soft-Search Toolbar: {09e55ba0-f9c6-4b81-82df-46853f6f7b3f} - C:\Program Files (x86)\Soft-Search\tbSof1.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: mywebsites.pro-FR Toolbar: {33727f97-486d-4d19-97c3-23f432ef93fc} - C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll BHO-X64: SearchPredictObj Class: {389943B0-C3A2-4E69-82CB-8596A84CB3DC} - C:\PROGRA~2\SEARCH~2\SEARCH~1.DLL BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\coIEPlg.dll BHO-X64: Symantec NCO BHO - No File BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\IPSBHO.DLL BHO-X64: Symantec Intrusion Prevention - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: SBCONVERT Class: {92A9ACF4-9333-43AE-9698-DB283326F87F} - C:\Program Files (x86)\SpeedBit Video Downloader\TBU89\tbcore3.dll BHO-X64: SBCONVERT - No File BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll BHO-X64: GrabberObj Class: {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files (x86)\SpeedBit Video Downloader\TBU89\grabber.dll BHO-X64: GrabberObj Class - No File TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\coIEPlg.dll TB-X64: mywebsites.pro-FR Toolbar: {33727f97-486d-4d19-97c3-23f432ef93fc} - C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll TB-X64: Soft-Search Toolbar: {09e55ba0-f9c6-4b81-82df-46853f6f7b3f} - C:\Program Files (x86)\Soft-Search\tbSof1.dll TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll TB-X64: SpeedBit Video Downloader: {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files (x86)\SpeedBit Video Downloader\TBU89\tbcore3.dll TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll" mRun-x64: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 mRun-x64: [uIExec] "C:\Program Files (x86)\NATCOM 3G\UIExec.exe" mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\system32\DRIVERS\MpFilter.sys --> C:\windows\system32\DRIVERS\MpFilter.sys [?] R0 PxHlpa64;PxHlpa64;C:\windows\system32\Drivers\PxHlpa64.sys --> C:\windows\system32\Drivers\PxHlpa64.sys [?] R0 SymDS;Symantec Data Store;C:\windows\system32\drivers\N360x64\0403000.005\SYMDS64.SYS --> C:\windows\system32\drivers\N360x64\0403000.005\SYMDS64.SYS [?] R0 SymEFA;Symantec Extended File Attributes;C:\windows\system32\drivers\N360x64\0403000.005\SYMEFA64.SYS --> C:\windows\system32\drivers\N360x64\0403000.005\SYMEFA64.SYS [?] R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\system32\DRIVERS\tos_sps64.sys --> C:\windows\system32\DRIVERS\tos_sps64.sys [?] R1 ccHP;Symantec Hash Provider;C:\windows\system32\drivers\N360x64\0403000.005\ccHPx64.sys --> C:\windows\system32\drivers\N360x64\0403000.005\ccHPx64.sys [?] R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20111026.030\IDSviA64.sys [2011-10-26 488568] R1 SymIRON;Symantec Iron Driver;C:\windows\system32\drivers\N360x64\0403000.005\Ironx64.SYS --> C:\windows\system32\drivers\N360x64\0403000.005\Ironx64.SYS [?] R1 SYMTDIv;Symantec Vista Network Dispatch Driver;C:\windows\system32\Drivers\N360x64\0403000.005\SYMTDIV.SYS --> C:\windows\system32\Drivers\N360x64\0403000.005\SYMTDIV.SYS [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?] R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe [2009-8-10 248688] R2 ConfigFree Gadget Service;ConfigFree Gadget Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFProcSRVC.exe [2009-7-14 42368] R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe [2009-3-10 46448] R2 HWDeviceService64.exe;HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe -/service --> C:\ProgramData\DatacardService\HWDeviceService64.exe -/service [?] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-4-30 654408] R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\ccsvchst.exe [2010-10-30 126392] R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-8-11 252272] R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\system32\DRIVERS\TVALZFL.sys --> C:\windows\system32\DRIVERS\TVALZFL.sys [?] R2 UI Assistant Service;UI Assistant Service;C:\Program Files (x86)\NATCOM 3G\AssistantServices.exe [2012-1-21 270672] R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE [2012-2-10 240408] R3 FwLnk;FwLnk Driver;C:\windows\system32\DRIVERS\FwLnk.sys --> C:\windows\system32\DRIVERS\FwLnk.sys [?] R3 HSPADataCardusbmdm;HSPADataCard Proprietary USB Driver;C:\windows\system32\DRIVERS\HSPADataCardusbmdm.sys --> C:\windows\system32\DRIVERS\HSPADataCardusbmdm.sys [?] R3 HSPADataCardusbnmea;HSPADataCard NMEA Port;C:\windows\system32\DRIVERS\HSPADataCardusbnmea.sys --> C:\windows\system32\DRIVERS\HSPADataCardusbnmea.sys [?] R3 HSPADataCardusbser;HSPADataCard Diagnostic Port;C:\windows\system32\DRIVERS\HSPADataCardusbser.sys --> C:\windows\system32\DRIVERS\HSPADataCardusbser.sys [?] R3 HSPADataCardusbvoice;HSPADataCard VoUSB Port;C:\windows\system32\DRIVERS\HSPADataCardusbvoice.sys --> C:\windows\system32\DRIVERS\HSPADataCardusbvoice.sys [?] R3 LgBttPort;LGE Bluetooth TransPort;C:\windows\system32\DRIVERS\lgbtpt64.sys --> C:\windows\system32\DRIVERS\lgbtpt64.sys [?] R3 lgbusenum;LG Bluetooth Bus Enumerator;C:\windows\system32\DRIVERS\lgbtbs64.sys --> C:\windows\system32\DRIVERS\lgbtbs64.sys [?] R3 LGVMODEM;LGE Virtual Modem;C:\windows\system32\DRIVERS\lgvmdm64.sys --> C:\windows\system32\DRIVERS\lgvmdm64.sys [?] R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;C:\windows\system32\DRIVERS\ManyCam_x64.sys --> C:\windows\system32\DRIVERS\ManyCam_x64.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\windows\system32\drivers\mbam.sys --> C:\windows\system32\drivers\mbam.sys [?] R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys --> C:\windows\system32\DRIVERS\pgeffect.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?] R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\windows\system32\DRIVERS\rtl8192se.sys --> C:\windows\system32\DRIVERS\rtl8192se.sys [?] R3 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2010-3-16 54136] R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-8-3 137560] R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-8-4 826224] S1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20111014.001\BHDrvx64.sys [2011-10-14 1155704] S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE [2012-2-10 193816] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-4-5 135664] S3 athur;Atheros AR9271 Wireless Network Adapter Service;C:\windows\system32\DRIVERS\athurx.sys --> C:\windows\system32\DRIVERS\athurx.sys [?] S3 br3gmdm;BandLuxe 3.5G HSDPA Adapter - USB;C:\windows\system32\DRIVERS\br3gmdm.sys --> C:\windows\system32\DRIVERS\br3gmdm.sys [?] S3 ew_mbbusbdev;MBB USB PNP Device;C:\windows\system32\DRIVERS\ew_mbbusbdev.sys --> C:\windows\system32\DRIVERS\ew_mbbusbdev.sys [?] S3 ewusbnet;HUAWEI USB-NDIS miniport;C:\windows\system32\DRIVERS\ewusbnet.sys --> C:\windows\system32\DRIVERS\ewusbnet.sys [?] S3 fssfltr;fssfltr;C:\windows\system32\DRIVERS\fssfltr.sys --> C:\windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-4-5 135664] S3 massfilter;Mass Storage Filter Driver;C:\windows\system32\drivers\massfilter.sys --> C:\windows\system32\drivers\massfilter.sys [?] S3 mbbdatacard;MBB DataCard USB Modem and USB Serial;C:\windows\system32\DRIVERS\ewusbmdm.sys --> C:\windows\system32\DRIVERS\ewusbmdm.sys [?] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-1-21 30963576] S3 NisDrv;Microsoft Network Inspection System;C:\windows\system32\DRIVERS\NisDrvWFP.sys --> C:\windows\system32\DRIVERS\NisDrvWFP.sys [?] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 PTDUBus;PANTECH UM175 Composite Device Driver ;C:\windows\system32\DRIVERS\PTDUBus.sys --> C:\windows\system32\DRIVERS\PTDUBus.sys [?] S3 PTDUMdm;PANTECH UM175 Drivers;C:\windows\system32\DRIVERS\PTDUMdm.sys --> C:\windows\system32\DRIVERS\PTDUMdm.sys [?] S3 PTDUVsp;PANTECH UM175 Diagnostic Port;C:\windows\system32\DRIVERS\PTDUVsp.sys --> C:\windows\system32\DRIVERS\PTDUVsp.sys [?] S3 PTDUWFLT;PTDUWWAN Filter Driver;C:\windows\system32\DRIVERS\PTDUWFLT.sys --> C:\windows\system32\DRIVERS\PTDUWFLT.sys [?] S3 PTDUWWAN;PANTECH UM175 WWAN Driver;C:\windows\system32\DRIVERS\PTDUWWAN.sys --> C:\windows\system32\DRIVERS\PTDUWWAN.sys [?] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUStor.sys --> C:\windows\system32\Drivers\RtsUStor.sys [?] S3 SMSIVZAM5X64;SMSIVZAM5X64 NDIS Protocol Driver;C:\PROGRA~2\VERIZO~1\VZACCE~1\SMSIVZAM5X64.SYS [2009-5-25 43032] S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\system32\Drivers\usbaapl64.sys --> C:\windows\system32\Drivers\usbaapl64.sys [?] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\system32\DRIVERS\vwifimp.sys --> C:\windows\system32\DRIVERS\vwifimp.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-05-08 01:13:54 -------- d-----w- C:\Program Files (x86)\Ares 2012-05-07 23:38:32 -------- d-----w- C:\Users\Owner\AppData\Local\{6474F9FB-8562-4B73-B5A1-915604865234} 2012-05-07 23:38:23 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BBF69FBB-26E3-4077-9501-99B9866CDB2D}\offreg.dll 2012-05-07 22:27:55 -------- d-----w- C:\Users\Owner\AppData\Local\{AE38245A-F547-4CE9-8C37-6B464BE5EE13} 2012-05-07 19:51:22 -------- d-----w- C:\Users\Owner\AppData\Local\{E56EE51B-88C2-46AA-9BA2-3F0F4492C438} 2012-05-07 17:52:22 -------- d-----w- C:\Users\Owner\AppData\Local\{50F829F2-269E-4BC5-97CA-234E43D2F8A6} 2012-05-07 17:11:32 8917360 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BBF69FBB-26E3-4077-9501-99B9866CDB2D}\mpengine.dll 2012-05-06 17:30:59 -------- d-----w- C:\Users\Owner\AppData\Local\{B788AE40-892D-43BE-B5CC-3D4328E53527} 2012-05-04 00:45:30 -------- d-----w- C:\Program Files (x86)\1ClickDownload 2012-05-03 21:55:51 -------- d-----w- C:\Users\Owner\AppData\Local\{18003BC1-568F-41C9-B622-5CCFE607021C} 2012-05-03 21:05:03 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7A01FFE5-F898-4A0F-B6B6-3B84BFEEB9E1}\gapaengine.dll 2012-05-03 21:04:40 8917360 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-05-03 21:03:18 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client 2012-05-03 20:52:50 -------- d-----w- C:\Users\Owner\AppData\Local\{8580011D-1D14-40F5-B493-C43725C187F5} 2012-05-02 18:07:18 -------- d-----w- C:\Users\Owner\AppData\Local\{DA38E2A4-DE9B-42EB-88B5-A3C104C7FCEC} 2012-05-01 09:41:31 -------- d-----w- C:\Users\Owner\AppData\Local\{7E26C572-A38A-4850-817D-691FA764389F} 2012-05-01 09:09:03 -------- d-----w- C:\Users\Owner\AppData\Local\{D9CB827F-7951-4021-8FB7-C470F8E2381B} 2012-04-30 23:53:10 -------- d-----w- C:\Users\Owner\AppData\Local\{F57DD59F-52EA-4C1F-B758-BAA6A6096157} 2012-04-30 23:29:04 -------- d-----w- C:\Users\Owner\AppData\Roaming\Malwarebytes 2012-04-30 23:28:59 -------- d-----w- C:\ProgramData\Malwarebytes 2012-04-30 23:28:58 24904 ----a-w- C:\windows\System32\drivers\mbam.sys 2012-04-30 23:28:58 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-04-30 22:59:46 -------- d-----w- C:\Users\Owner\AppData\Local\{F7FAE55A-D523-4265-9306-F83AB721683C} 2012-04-30 22:54:25 -------- d-----w- C:\Users\Owner\AppData\Local\{36A13C98-D58A-41D0-A17A-29366968423B} 2012-04-30 22:04:45 -------- d-----w- C:\Users\Owner\AppData\Local\{BE420872-AEB8-4FFA-ABE9-8069959194F7} 2012-04-30 21:51:18 -------- d-----w- C:\Users\Owner\AppData\Local\{9AD0601A-4D45-414C-8EFF-0B93568FBD6E} 2012-04-30 20:11:25 -------- d-----w- C:\Users\Owner\AppData\Local\{8963C8D1-F0ED-4D8D-A69E-97451AE91A14} 2012-04-30 07:42:39 -------- d-----w- C:\Users\Owner\AppData\Local\{3F718C40-6061-483F-AAD9-A7C0AA50432B} 2012-04-30 04:05:51 -------- d-----w- C:\Users\Owner\AppData\Local\{A212CAE9-0DDC-47D7-B2E1-9A287B4BA646} 2012-04-30 02:28:34 -------- d-----w- C:\Users\Owner\AppData\Local\{6D83336F-5F4A-4600-A9EA-EF5B7C4BDEEC} 2012-04-29 14:42:45 -------- d-----w- C:\Users\Owner\AppData\Local\{7DB36190-9F99-40B0-8562-BA24ED8C03F8} 2012-04-29 02:53:56 -------- d-----w- C:\Users\Owner\AppData\Local\{87A0B7CE-1EE3-418B-A95D-6F4AA5509496} 2012-04-28 12:16:58 -------- d-----w- C:\Users\Owner\AppData\Local\{C888A2B0-2706-44E5-80BC-31F621930E49} 2012-04-28 05:47:28 -------- d-----w- C:\Users\Owner\AppData\Local\{E30D829E-E299-4362-87C7-B48B0389F47D} 2012-04-27 23:04:06 -------- d-----w- C:\Users\Owner\AppData\Local\{7180A2A8-4351-438B-8FCA-EF07FA3C96EA} 2012-04-27 04:43:48 -------- d-----w- C:\Users\Owner\AppData\Local\{79A670EB-D327-48B9-BA24-A27AC1642EFB} 2012-04-27 03:46:29 -------- d-----w- C:\Users\Owner\AppData\Local\{020D4D20-B6ED-4DB4-9157-51029F00FAAE} 2012-04-26 18:46:05 -------- d-----w- C:\Users\Owner\AppData\Local\{A07CCA34-0F9E-42C8-9BDB-482D67F4587C} 2012-04-26 18:34:39 -------- d-----w- C:\Users\Owner\AppData\Local\{C029163C-8AF3-40D2-9ECC-638DEB9957FF} 2012-04-26 15:04:02 -------- d-----w- C:\Users\Owner\AppData\Local\{822ACAB3-5087-4331-9FA0-F52CA34D2715} 2012-04-26 13:49:52 -------- d-----w- C:\Users\Owner\AppData\Local\{2C78BAC3-3734-4F13-925A-EFDE6F03D787} 2012-04-25 14:59:21 -------- d-----w- C:\Users\Owner\AppData\Local\{EE39779C-DE3D-4B71-9140-03B61D867111} 2012-04-24 16:03:05 512 ----a-w- C:\PhysicalMBR.bin 2012-04-24 14:12:00 -------- d-----w- C:\Users\Owner\AppData\Local\{23C1D592-30C4-4D2F-AA64-886B5414A3B7} 2012-04-24 07:21:32 -------- d-----w- C:\Users\Owner\AppData\Local\{5806EEB1-791E-498F-93FA-3CA8C4D71C32} 2012-04-24 03:36:38 -------- d-----w- C:\Users\Owner\AppData\Local\{D443E067-72C0-47BC-A7C2-79E56D9AD8A2} 2012-04-24 03:34:09 -------- d-sh--w- C:\found.000 2012-04-23 14:43:14 -------- d-----w- C:\Users\Owner\AppData\Local\{5C78C654-F08A-4D4A-A722-EFA3EC01F56C} 2012-04-23 01:26:57 -------- d-----w- C:\Users\Owner\AppData\Local\{4A5F4A5F-4BC4-449F-8C2D-DA64BB69F7F7} 2012-04-22 12:34:05 -------- d-----w- C:\Users\Owner\AppData\Local\{4C9789E5-9413-4BC9-9F0D-72EB7C2E0BE4} 2012-04-21 23:11:06 -------- d-----w- C:\Users\Owner\AppData\Local\{DCD677BB-9A87-4699-AD55-E36E8848346C} 2012-04-21 20:46:39 -------- d-----w- C:\Users\Owner\AppData\Local\{5D10F88D-9243-416E-AC0B-E2B49D6367A5} 2012-04-21 20:42:03 -------- d-----w- C:\windows\en 2012-04-21 20:37:24 48488 ----a-w- C:\windows\System32\drivers\fssfltr.sys 2012-04-21 20:30:20 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\922e4ef81cd1ffd02\MeshBetaRemover.exe 2012-04-21 20:30:19 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\91d63c0e1cd1ffd01\DSETUP.dll 2012-04-21 20:30:19 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\91d63c0e1cd1ffd01\DXSETUP.exe 2012-04-21 20:30:19 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\91d63c0e1cd1ffd01\dsetup32.dll 2012-04-21 19:56:51 -------- d-----w- C:\Users\Owner\AppData\Local\{CE9CAA05-3689-4484-851E-17ACC8094586} 2012-04-21 17:43:54 -------- d-----w- C:\Users\Owner\AppData\Local\{4530F39C-6DDE-4A39-B839-8705B187E29C} 2012-04-21 17:43:40 -------- d-----w- C:\Users\Owner\AppData\Local\{7C98AF00-D11E-4DF3-80C9-2CE6639E4192} 2012-04-21 00:38:22 -------- d-----w- C:\Users\Owner\AppData\Local\{E8C4241C-3AC0-4DBD-9A65-A2114FF18E20} 2012-04-20 23:45:16 -------- d-----w- C:\Users\Owner\AppData\Local\{1466326D-C639-449B-8E97-310D8B9D7176} 2012-04-20 21:06:41 -------- d-----w- C:\Users\Owner\AppData\Local\{5A8D1EDA-EEB5-4C10-95A0-5EB10E216DCA} 2012-04-20 05:10:03 -------- d-----w- C:\Users\Owner\AppData\Local\{4C924245-1911-47EC-8D0C-4BE13A916171} 2012-04-19 23:59:30 -------- d-----w- C:\Users\Owner\AppData\Local\{595479AE-17FE-4A40-8965-D717702BAB56} 2012-04-19 22:12:55 -------- d-----w- C:\Users\Owner\AppData\Local\{9E276BF7-D23E-4419-A91D-633307630F12} 2012-04-19 04:14:32 -------- d-----w- C:\Users\Owner\AppData\Local\{9E0549D9-08C8-4671-B55E-9B731EAAC7BC} 2012-04-17 00:35:13 -------- d-----w- C:\ZHP 2012-04-17 00:32:14 -------- d-----w- C:\Program Files (x86)\ZHPDiag 2012-04-16 22:27:17 -------- d-----w- C:\Program Files (x86)\VS Revo Group 2012-04-13 07:38:31 -------- d-----w- C:\Users\Owner\AppData\Local\{DF5B74EE-E53E-4EAB-9F6E-83DE740D802D} 2012-04-13 07:19:53 -------- d-----w- C:\Users\Owner\AppData\Local\{A0F9B318-0FD9-416F-86AE-7EA0C9CE644D} 2012-04-13 07:18:33 -------- d-----w- C:\Users\Owner\AppData\Local\{9D363018-5442-413A-BD00-EB31BD6A9CFA} 2012-04-13 04:46:25 -------- d-----w- C:\Users\Owner\AppData\Local\{490D3667-1337-4F6D-B7C5-C68CB4FADDBA} 2012-04-13 01:48:55 -------- d-----w- C:\Users\Owner\AppData\Local\{78133044-B6D0-48A6-813C-8A66547354CE} 2012-04-12 23:41:21 23408 ----a-w- C:\windows\System32\drivers\fs_rec.sys 2012-04-12 23:41:20 81408 ----a-w- C:\windows\System32\imagehlp.dll 2012-04-12 23:41:20 159232 ----a-w- C:\windows\SysWow64\imagehlp.dll 2012-04-12 23:41:19 5120 ----a-w- C:\windows\SysWow64\wmi.dll 2012-04-12 23:41:19 5120 ----a-w- C:\windows\System32\wmi.dll 2012-04-12 23:41:19 220672 ----a-w- C:\windows\System32\wintrust.dll 2012-04-12 23:41:19 172544 ----a-w- C:\windows\SysWow64\wintrust.dll 2012-04-12 14:09:25 -------- d-----w- C:\Users\Owner\AppData\Local\{B1F702B5-D72B-4315-8CB4-36C97DEDC6E2} 2012-04-11 23:13:59 -------- d-----w- C:\Users\Owner\AppData\Local\{57603CD1-3F93-47C0-862A-B83E9FCCD219} 2012-04-11 15:48:59 -------- d-----w- C:\Users\Owner\AppData\Local\{7A18FD82-26D4-4161-923C-822D7123266F} 2012-04-11 15:05:01 -------- d-----w- C:\Users\Owner\AppData\Local\{3CBC11A7-2D37-4E42-8067-D2848FD12F62} 2012-04-10 19:23:37 -------- d-----w- C:\Users\Owner\AppData\Local\{476A415E-110B-49B3-96BE-1FEF980A2B6C} 2012-04-10 03:37:00 -------- d-----w- C:\Users\Owner\AppData\Local\{A7E2F03F-DCB2-48A4-ADC9-A169B3F4E722} 2012-04-09 20:17:30 -------- d-----w- C:\Users\Owner\AppData\Local\{1D892337-AC66-4015-8B3D-9B8156D1B192} 2012-04-08 19:08:55 -------- d-----w- C:\Users\Owner\AppData\Local\{EC5207CA-8DBA-4C84-A7F1-01CCA5253D3A} 2012-04-08 07:29:17 -------- d-----w- C:\Users\Owner\AppData\Local\{93068D32-4BD8-4D12-BA4C-48CD54CD25B6} 2012-04-08 02:57:58 -------- d-----w- C:\Users\Owner\AppData\Local\{FAF61067-9FD8-48A3-8960-01EF1C799A60} . ==================== Find3M ==================== . 2012-03-21 01:44:12 98688 ----a-w- C:\windows\System32\drivers\NisDrvWFP.sys 2012-03-21 01:44:12 203888 ----a-w- C:\windows\System32\drivers\MpFilter.sys 2012-03-08 23:50:28 49016 ----a-w- C:\windows\SysWow64\sirenacm.dll 2012-03-08 23:37:20 302448 ----a-w- C:\windows\WLXPGSS.SCR 2012-03-06 06:53:37 5559152 ----a-w- C:\windows\System32\ntoskrnl.exe 2012-03-06 05:59:47 3968368 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe 2012-03-06 05:59:41 3913072 ----a-w- C:\windows\SysWow64\ntoskrnl.exe 2012-02-28 06:56:48 2311168 ----a-w- C:\windows\System32\jscript9.dll 2012-02-28 06:49:56 1390080 ----a-w- C:\windows\System32\wininet.dll 2012-02-28 06:48:57 1493504 ----a-w- C:\windows\System32\inetcpl.cpl 2012-02-28 06:42:55 2382848 ----a-w- C:\windows\System32\mshtml.tlb 2012-02-28 01:18:55 1799168 ----a-w- C:\windows\SysWow64\jscript9.dll 2012-02-28 01:11:21 1427456 ----a-w- C:\windows\SysWow64\inetcpl.cpl 2012-02-28 01:11:07 1127424 ----a-w- C:\windows\SysWow64\wininet.dll 2012-02-28 01:03:16 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb 2012-02-17 06:38:26 1031680 ----a-w- C:\windows\System32\rdpcore.dll 2012-02-17 05:34:22 826880 ----a-w- C:\windows\SysWow64\rdpcore.dll 2012-02-17 04:58:24 210944 ----a-w- C:\windows\System32\drivers\rdpwd.sys 2012-02-17 04:57:32 23552 ----a-w- C:\windows\System32\drivers\tdtcp.sys 2012-02-10 06:36:07 1544192 ----a-w- C:\windows\System32\DWrite.dll 2012-02-10 05:38:43 1077248 ----a-w- C:\windows\SysWow64\DWrite.dll . ============= FINISH: 21:12:34.44 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 4/4/2010 10:52:23 PM System Uptime: 5/7/2012 6:36:38 PM (3 hours ago) . Motherboard: TOSHIBA | | Portable PC Processor: Pentium® Dual-Core CPU T4400 @ 2.20GHz | CPU | 2200/800mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 288 GiB total, 2.773 GiB free. D: is CDROM () E: is CDROM (CDFS) F: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: BHDrvx64 Device ID: ROOT\LEGACY_BHDRVX64\0000 Manufacturer: Name: BHDrvx64 PNP Device ID: ROOT\LEGACY_BHDRVX64\0000 Service: BHDrvx64 . ==== System Restore Points =================== . RP289: 4/30/2012 1:22:15 AM - Windows Update RP290: 4/30/2012 6:46:02 PM - Removed Voila 2.0 HSDPA Utility R1. RP291: 5/1/2012 3:00:20 AM - Windows Update RP292: 5/7/2012 12:10:29 PM - Windows Update RP293: 5/7/2012 5:47:48 PM - DLL-Files.com Fixer Mon, May 07, 12 17:47 . ==== Installed Programs ====================== . 1ClickDownloader Adobe Flash Player 10 Plugin Adobe Flash Player 11 ActiveX Adobe Reader 9.4.6 Apple Application Support Apple Software Update Ares 3.1.7.3042 Ashampoo Burning Studio 6 FREE AviSynth 2.5 Best Buy Software Installer Bing Bar CamfrogWEB Advanced ActiveX Plugin (remove only) Compatibility Pack for the 2007 Office system D3DX10 Dealio Toolbar v4.9 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Désinst. LG PC Suite III Epi Info 7 Facebook Video Calling 1.2.0.159 Feedback Tool FIFA 12 © EA version 1 Folder Lock Free Mp3 Wma Converter V 1.9 Free MP3 WMA Cutter 3.7.2.5 GIMP 2.6.8 Google Earth Google Toolbar for Internet Explorer Google Update Helper Google Updater Java Auto Updater Java 6 Update 29 Junk Mail filter update Kabisa_V_81b 13/04/2010 Larousse Médical LG Bluetooth Drivers LG Internet Kit LG MC USB U330 driver LG United Mobile Driver LG USB Modem Drivers Macromedia Shockwave Player Malwarebytes Anti-Malware version 1.61.0.1400 ManyCam 2.6.65 (remove only) Mesh Runtime Messenger Companion Microsoft .NET Framework 1.1 Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable - KB2467175 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) mywebsites.pro-FR Toolbar NATCOM 3G Norton Security Suite ObjectDock ooVoo OpenOffice.org 3.2 Picasa 3 QuickTime Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Realtek WLAN Driver Revo Uninstaller 1.93 Roxio Burn Roxio Express Labeler 3 Roxio Roxio Burn Roxio Update Manager Safari Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Soft-Search Toolbar SpeedBit Video Downloader Spelling Dictionaries Support For Adobe Reader 9 TOSHIBA Application Installer TOSHIBA Assist TOSHIBA Bulletin Board TOSHIBA ConfigFree TOSHIBA DVD PLAYER TOSHIBA eco Utility TOSHIBA Extended Tiles for Windows Mobility Center TOSHIBA Face Recognition TOSHIBA Hardware Setup TOSHIBA HDD/SSD Alert TOSHIBA Media Controller TOSHIBA Quality Application TOSHIBA ReelTime TOSHIBA Service Station TOSHIBA Speech System Applications TOSHIBA Speech System SR Engine(U.S.) Version1.0 TOSHIBA Speech System TTS Engine(U.S.) Version1.0 TOSHIBA Supervisor Password TOSHIBA Value Added Package TOSHIBA Web Camera Application ToshibaRegistration Uniblue RegistryBooster Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553092) Update Manager USB INTERNET VLC media player 1.1.11 Votre santé au quotidien VZAccess Manager Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Yahoo! Messenger Yahoo! Software Update Yahoo! Toolbar ZHPDiag 1.30 . ==== Event Viewer Messages From Past Week ======== . 5/7/2012 8:48:47 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.125.1090.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8304.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 5/7/2012 8:21:46 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.125.1090.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8304.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 5/7/2012 6:37:47 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 SRTSP 5/7/2012 6:37:24 PM, Error: Service Control Manager [7000] - The windrvNT service failed to start due to the following error: The system cannot find the file specified. 5/7/2012 6:37:21 PM, Error: Service Control Manager [7000] - The npf service failed to start due to the following error: The system cannot find the file specified. 5/7/2012 6:36:49 PM, Error: SRTSP [5] - Error loading Symantec real time Anti-Virus driver. 5/7/2012 6:36:49 PM, Error: SRTSP [4] - Error loading virus definitions. 5/7/2012 6:01:38 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 5/7/2012 6:01:38 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 5/7/2012 6:01:35 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 5/7/2012 6:01:34 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 5/7/2012 6:01:34 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 5/7/2012 6:01:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 5/7/2012 6:01:22 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 5/7/2012 6:01:06 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx64 ccHP DfsC discache eeCtrl IDSVia64 MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr SRTSP SRTSPX SymIRON SYMTDIv tdx vwififlt Wanarpv6 WfpLwf 5/7/2012 6:01:05 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 5/7/2012 6:01:05 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 5/7/2012 6:01:05 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 5/7/2012 6:01:05 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 5/7/2012 6:01:05 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 5/7/2012 6:01:05 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 5/7/2012 6:01:05 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 5/7/2012 6:01:05 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 5/7/2012 6:01:05 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 5/7/2012 6:01:05 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 5/6/2012 9:39:44 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.125.1090.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8304.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 5/6/2012 8:52:25 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.125.1090.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8304.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 5/6/2012 12:39:33 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.125.1090.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8304.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 5/5/2012 8:29:35 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.125.1090.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8304.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 5/1/2012 3:06:51 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft Security Essentials Client Update Package - KB2691905. 4/30/2012 5:59:51 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection. 4/30/2012 5:53:53 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection. 4/30/2012 5:04:13 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection. 4/30/2012 4:51:12 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection. 4/30/2012 3:18:43 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection. 4/30/2012 3:10:48 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection. . ==== End Of File =========================== Thx for helping me...

i made the dss thing and that's the result: . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29 Run by Owner at 21:10:44 on 2012-05-07 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2940.1797 [GMT -5:00] . AV: Norton Security Suite *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855} AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: Norton Security Suite *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8} FW: Norton Security Suite *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E} . ============== Running Processes =============== . C:\windows\system32\wininit.exe C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k NetworkService C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\windows\System32\spoolsv.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\windows\system32\taskhost.exe C:\windows\system32\Dwm.exe C:\windows\system32\taskeng.exe C:\windows\Explorer.EXE C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\ProgramData\DatacardService\HWDeviceService64.exe C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe C:\ProgramData\DatacardService\DCSHelper.exe C:\windows\system32\svchost.exe -k imgsvc C:\Windows\system32\TODDSrv.exe C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe C:\Program Files\TOSHIBA\TECO\TecoService.exe C:\Program Files (x86)\NATCOM 3G\AssistantServices.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\System32\igfxtray.exe C:\windows\system32\igfxsrvc.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe C:\Program Files\TOSHIBA\TECO\Teco.exe C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe C:\Program Files\Logitech\Gaming Software\LWEMon.exe C:\windows\system32\igfxext.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe C:\Program Files (x86)\NATCOM 3G\UIExec.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Stardock\ObjectDock\Dock64.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\NATCOM 3G\UIMain.exe C:\Program Files (x86)\NATCOM 3G\CMUpdater.exe C:\Windows\system32\WUDFHost.exe C:\windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Common Files\Speedbit\SbUpdate\SBUpdate.exe C:\PROGRA~2\Yahoo!\MESSEN~1\MESSEN~1\ymsgr_tray.exe c:\Program Files\Microsoft Security Client\MpCmdRun.exe C:\windows\system32\SearchProtocolHost.exe C:\windows\system32\SearchFilterHost.exe C:\windows\SysWOW64\cmd.exe C:\windows\system32\conhost.exe C:\windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uSearch Page = uStart Page = hxxp://www.google.com/ uWindow Title = Internet Explorer, optimized for Bing and MSN uSearch Bar = mDefault_Search_URL = hxxp://mywwwsites.com mDefault_Page_URL = hxxp://mywwwsites.com mStart Page = hxxp://www.google.fr mSearch Page = hxxp://mywwwsites.com mURLSearchHooks: mywebsites.pro-FR Toolbar: {33727f97-486d-4d19-97c3-23f432ef93fc} - C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll mURLSearchHooks: Soft-Search Toolbar: {09e55ba0-f9c6-4b81-82df-46853f6f7b3f} - C:\Program Files (x86)\Soft-Search\tbSof1.dll mWinlogon: Userinit=C:\windows\SysWOW64\userinit.exe, BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll BHO: Soft-Search Toolbar: {09e55ba0-f9c6-4b81-82df-46853f6f7b3f} - C:\Program Files (x86)\Soft-Search\tbSof1.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: mywebsites.pro-FR Toolbar: {33727f97-486d-4d19-97c3-23f432ef93fc} - C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll BHO: SearchPredictObj Class: {389943b0-c3a2-4e69-82cb-8596a84cb3dc} - C:\PROGRA~2\SEARCH~2\SEARCH~1.DLL BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\coIEPlg.dll BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\IPSBHO.DLL BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: SBCONVERT Class: {92a9acf4-9333-43ae-9698-db283326f87f} - C:\Program Files (x86)\SpeedBit Video Downloader\TBU89\tbcore3.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll BHO: GrabberObj Class: {ff7c3cf0-4b15-11d1-abed-709549c10000} - C:\Program Files (x86)\SpeedBit Video Downloader\TBU89\grabber.dll TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\coIEPlg.dll TB: mywebsites.pro-FR Toolbar: {33727f97-486d-4d19-97c3-23f432ef93fc} - C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll TB: Soft-Search Toolbar: {09e55ba0-f9c6-4b81-82df-46853f6f7b3f} - C:\Program Files (x86)\Soft-Search\tbSof1.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll TB: SpeedBit Video Downloader: {0329e7d6-6f54-462d-93f6-f5c3118badf2} - C:\Program Files (x86)\SpeedBit Video Downloader\TBU89\tbcore3.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll" uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\MESSEN~1\MESSEN~1\YahooMessenger.exe" -quiet uRun: [iSUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start uRun: [Facebook Update] "C:\Users\Owner\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver uRun: [iSUSPM Startup] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 mRun: [uIExec] "C:\Program Files (x86)\NATCOM 3G\UIExec.exe" mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray dRunOnce: [<NO NAME>] StartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\STARDO~1.LNK - C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe uPolicies-explorer: HideClock = 0 (0x0) mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Add to Google Photos Screensa&ver - C:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105 IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - hxxp://activex.camfrogweb.com/advanced/2.0.2.3/cfweb_activex.camfrogweb.com-advanced-2.0.2.3_instmodule.exe DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx1.hotmail.com/mail/w4/m3/photouploadcontrol/VistaMSNPUpldpt-br.cab TCP: Interfaces\{670CA8A4-122A-4CC3-A5F2-B51A2FC2880C} : DhcpNameServer = 10.35.1.254 TCP: Interfaces\{670CA8A4-122A-4CC3-A5F2-B51A2FC2880C}\0556163686541676C656D27657563747 : DhcpNameServer = 192.168.33.1 200.4.175.2 200.4.174.12 TCP: Interfaces\{670CA8A4-122A-4CC3-A5F2-B51A2FC2880C}\4497E65687 : DhcpNameServer = 192.168.2.1 68.87.64.150 68.87.75.198 TCP: Interfaces\{670CA8A4-122A-4CC3-A5F2-B51A2FC2880C}\C696E6B6379737 : DhcpNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll BHO-X64: 0x1 - No File BHO-X64: Soft-Search Toolbar: {09e55ba0-f9c6-4b81-82df-46853f6f7b3f} - C:\Program Files (x86)\Soft-Search\tbSof1.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: mywebsites.pro-FR Toolbar: {33727f97-486d-4d19-97c3-23f432ef93fc} - C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll BHO-X64: SearchPredictObj Class: {389943B0-C3A2-4E69-82CB-8596A84CB3DC} - C:\PROGRA~2\SEARCH~2\SEARCH~1.DLL BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\coIEPlg.dll BHO-X64: Symantec NCO BHO - No File BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\IPSBHO.DLL BHO-X64: Symantec Intrusion Prevention - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: SBCONVERT Class: {92A9ACF4-9333-43AE-9698-DB283326F87F} - C:\Program Files (x86)\SpeedBit Video Downloader\TBU89\tbcore3.dll BHO-X64: SBCONVERT - No File BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll BHO-X64: GrabberObj Class: {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files (x86)\SpeedBit Video Downloader\TBU89\grabber.dll BHO-X64: GrabberObj Class - No File TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\coIEPlg.dll TB-X64: mywebsites.pro-FR Toolbar: {33727f97-486d-4d19-97c3-23f432ef93fc} - C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll TB-X64: Soft-Search Toolbar: {09e55ba0-f9c6-4b81-82df-46853f6f7b3f} - C:\Program Files (x86)\Soft-Search\tbSof1.dll TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll TB-X64: SpeedBit Video Downloader: {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files (x86)\SpeedBit Video Downloader\TBU89\tbcore3.dll TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll" mRun-x64: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 mRun-x64: [uIExec] "C:\Program Files (x86)\NATCOM 3G\UIExec.exe" mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\system32\DRIVERS\MpFilter.sys --> C:\windows\system32\DRIVERS\MpFilter.sys [?] R0 PxHlpa64;PxHlpa64;C:\windows\system32\Drivers\PxHlpa64.sys --> C:\windows\system32\Drivers\PxHlpa64.sys [?] R0 SymDS;Symantec Data Store;C:\windows\system32\drivers\N360x64\0403000.005\SYMDS64.SYS --> C:\windows\system32\drivers\N360x64\0403000.005\SYMDS64.SYS [?] R0 SymEFA;Symantec Extended File Attributes;C:\windows\system32\drivers\N360x64\0403000.005\SYMEFA64.SYS --> C:\windows\system32\drivers\N360x64\0403000.005\SYMEFA64.SYS [?] R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\system32\DRIVERS\tos_sps64.sys --> C:\windows\system32\DRIVERS\tos_sps64.sys [?] R1 ccHP;Symantec Hash Provider;C:\windows\system32\drivers\N360x64\0403000.005\ccHPx64.sys --> C:\windows\system32\drivers\N360x64\0403000.005\ccHPx64.sys [?] R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20111026.030\IDSviA64.sys [2011-10-26 488568] R1 SymIRON;Symantec Iron Driver;C:\windows\system32\drivers\N360x64\0403000.005\Ironx64.SYS --> C:\windows\system32\drivers\N360x64\0403000.005\Ironx64.SYS [?] R1 SYMTDIv;Symantec Vista Network Dispatch Driver;C:\windows\system32\Drivers\N360x64\0403000.005\SYMTDIV.SYS --> C:\windows\system32\Drivers\N360x64\0403000.005\SYMTDIV.SYS [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?] R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe [2009-8-10 248688] R2 ConfigFree Gadget Service;ConfigFree Gadget Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFProcSRVC.exe [2009-7-14 42368] R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe [2009-3-10 46448] R2 HWDeviceService64.exe;HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe -/service --> C:\ProgramData\DatacardService\HWDeviceService64.exe -/service [?] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-4-30 654408] R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\ccsvchst.exe [2010-10-30 126392] R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-8-11 252272] R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\system32\DRIVERS\TVALZFL.sys --> C:\windows\system32\DRIVERS\TVALZFL.sys [?] R2 UI Assistant Service;UI Assistant Service;C:\Program Files (x86)\NATCOM 3G\AssistantServices.exe [2012-1-21 270672] R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE [2012-2-10 240408] R3 FwLnk;FwLnk Driver;C:\windows\system32\DRIVERS\FwLnk.sys --> C:\windows\system32\DRIVERS\FwLnk.sys [?] R3 HSPADataCardusbmdm;HSPADataCard Proprietary USB Driver;C:\windows\system32\DRIVERS\HSPADataCardusbmdm.sys --> C:\windows\system32\DRIVERS\HSPADataCardusbmdm.sys [?] R3 HSPADataCardusbnmea;HSPADataCard NMEA Port;C:\windows\system32\DRIVERS\HSPADataCardusbnmea.sys --> C:\windows\system32\DRIVERS\HSPADataCardusbnmea.sys [?] R3 HSPADataCardusbser;HSPADataCard Diagnostic Port;C:\windows\system32\DRIVERS\HSPADataCardusbser.sys --> C:\windows\system32\DRIVERS\HSPADataCardusbser.sys [?] R3 HSPADataCardusbvoice;HSPADataCard VoUSB Port;C:\windows\system32\DRIVERS\HSPADataCardusbvoice.sys --> C:\windows\system32\DRIVERS\HSPADataCardusbvoice.sys [?] R3 LgBttPort;LGE Bluetooth TransPort;C:\windows\system32\DRIVERS\lgbtpt64.sys --> C:\windows\system32\DRIVERS\lgbtpt64.sys [?] R3 lgbusenum;LG Bluetooth Bus Enumerator;C:\windows\system32\DRIVERS\lgbtbs64.sys --> C:\windows\system32\DRIVERS\lgbtbs64.sys [?] R3 LGVMODEM;LGE Virtual Modem;C:\windows\system32\DRIVERS\lgvmdm64.sys --> C:\windows\system32\DRIVERS\lgvmdm64.sys [?] R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;C:\windows\system32\DRIVERS\ManyCam_x64.sys --> C:\windows\system32\DRIVERS\ManyCam_x64.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\windows\system32\drivers\mbam.sys --> C:\windows\system32\drivers\mbam.sys [?] R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys --> C:\windows\system32\DRIVERS\pgeffect.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?] R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\windows\system32\DRIVERS\rtl8192se.sys --> C:\windows\system32\DRIVERS\rtl8192se.sys [?] R3 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2010-3-16 54136] R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-8-3 137560] R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-8-4 826224] S1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20111014.001\BHDrvx64.sys [2011-10-14 1155704] S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE [2012-2-10 193816] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-4-5 135664] S3 athur;Atheros AR9271 Wireless Network Adapter Service;C:\windows\system32\DRIVERS\athurx.sys --> C:\windows\system32\DRIVERS\athurx.sys [?] S3 br3gmdm;BandLuxe 3.5G HSDPA Adapter - USB;C:\windows\system32\DRIVERS\br3gmdm.sys --> C:\windows\system32\DRIVERS\br3gmdm.sys [?] S3 ew_mbbusbdev;MBB USB PNP Device;C:\windows\system32\DRIVERS\ew_mbbusbdev.sys --> C:\windows\system32\DRIVERS\ew_mbbusbdev.sys [?] S3 ewusbnet;HUAWEI USB-NDIS miniport;C:\windows\system32\DRIVERS\ewusbnet.sys --> C:\windows\system32\DRIVERS\ewusbnet.sys [?] S3 fssfltr;fssfltr;C:\windows\system32\DRIVERS\fssfltr.sys --> C:\windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-4-5 135664] S3 massfilter;Mass Storage Filter Driver;C:\windows\system32\drivers\massfilter.sys --> C:\windows\system32\drivers\massfilter.sys [?] S3 mbbdatacard;MBB DataCard USB Modem and USB Serial;C:\windows\system32\DRIVERS\ewusbmdm.sys --> C:\windows\system32\DRIVERS\ewusbmdm.sys [?] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-1-21 30963576] S3 NisDrv;Microsoft Network Inspection System;C:\windows\system32\DRIVERS\NisDrvWFP.sys --> C:\windows\system32\DRIVERS\NisDrvWFP.sys [?] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 PTDUBus;PANTECH UM175 Composite Device Driver ;C:\windows\system32\DRIVERS\PTDUBus.sys --> C:\windows\system32\DRIVERS\PTDUBus.sys [?] S3 PTDUMdm;PANTECH UM175 Drivers;C:\windows\system32\DRIVERS\PTDUMdm.sys --> C:\windows\system32\DRIVERS\PTDUMdm.sys [?] S3 PTDUVsp;PANTECH UM175 Diagnostic Port;C:\windows\system32\DRIVERS\PTDUVsp.sys --> C:\windows\system32\DRIVERS\PTDUVsp.sys [?] S3 PTDUWFLT;PTDUWWAN Filter Driver;C:\windows\system32\DRIVERS\PTDUWFLT.sys --> C:\windows\system32\DRIVERS\PTDUWFLT.sys [?] S3 PTDUWWAN;PANTECH UM175 WWAN Driver;C:\windows\system32\DRIVERS\PTDUWWAN.sys --> C:\windows\system32\DRIVERS\PTDUWWAN.sys [?] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUStor.sys --> C:\windows\system32\Drivers\RtsUStor.sys [?] S3 SMSIVZAM5X64;SMSIVZAM5X64 NDIS Protocol Driver;C:\PROGRA~2\VERIZO~1\VZACCE~1\SMSIVZAM5X64.SYS [2009-5-25 43032] S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\system32\Drivers\usbaapl64.sys --> C:\windows\system32\Drivers\usbaapl64.sys [?] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\system32\DRIVERS\vwifimp.sys --> C:\windows\system32\DRIVERS\vwifimp.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-05-08 01:13:54 -------- d-----w- C:\Program Files (x86)\Ares 2012-05-07 23:38:32 -------- d-----w- C:\Users\Owner\AppData\Local\{6474F9FB-8562-4B73-B5A1-915604865234} 2012-05-07 23:38:23 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BBF69FBB-26E3-4077-9501-99B9866CDB2D}\offreg.dll 2012-05-07 22:27:55 -------- d-----w- C:\Users\Owner\AppData\Local\{AE38245A-F547-4CE9-8C37-6B464BE5EE13} 2012-05-07 19:51:22 -------- d-----w- C:\Users\Owner\AppData\Local\{E56EE51B-88C2-46AA-9BA2-3F0F4492C438} 2012-05-07 17:52:22 -------- d-----w- C:\Users\Owner\AppData\Local\{50F829F2-269E-4BC5-97CA-234E43D2F8A6} 2012-05-07 17:11:32 8917360 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BBF69FBB-26E3-4077-9501-99B9866CDB2D}\mpengine.dll 2012-05-06 17:30:59 -------- d-----w- C:\Users\Owner\AppData\Local\{B788AE40-892D-43BE-B5CC-3D4328E53527} 2012-05-04 00:45:30 -------- d-----w- C:\Program Files (x86)\1ClickDownload 2012-05-03 21:55:51 -------- d-----w- C:\Users\Owner\AppData\Local\{18003BC1-568F-41C9-B622-5CCFE607021C} 2012-05-03 21:05:03 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7A01FFE5-F898-4A0F-B6B6-3B84BFEEB9E1}\gapaengine.dll 2012-05-03 21:04:40 8917360 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-05-03 21:03:18 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client 2012-05-03 20:52:50 -------- d-----w- C:\Users\Owner\AppData\Local\{8580011D-1D14-40F5-B493-C43725C187F5} 2012-05-02 18:07:18 -------- d-----w- C:\Users\Owner\AppData\Local\{DA38E2A4-DE9B-42EB-88B5-A3C104C7FCEC} 2012-05-01 09:41:31 -------- d-----w- C:\Users\Owner\AppData\Local\{7E26C572-A38A-4850-817D-691FA764389F} 2012-05-01 09:09:03 -------- d-----w- C:\Users\Owner\AppData\Local\{D9CB827F-7951-4021-8FB7-C470F8E2381B} 2012-04-30 23:53:10 -------- d-----w- C:\Users\Owner\AppData\Local\{F57DD59F-52EA-4C1F-B758-BAA6A6096157} 2012-04-30 23:29:04 -------- d-----w- C:\Users\Owner\AppData\Roaming\Malwarebytes 2012-04-30 23:28:59 -------- d-----w- C:\ProgramData\Malwarebytes 2012-04-30 23:28:58 24904 ----a-w- C:\windows\System32\drivers\mbam.sys 2012-04-30 23:28:58 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-04-30 22:59:46 -------- d-----w- C:\Users\Owner\AppData\Local\{F7FAE55A-D523-4265-9306-F83AB721683C} 2012-04-30 22:54:25 -------- d-----w- C:\Users\Owner\AppData\Local\{36A13C98-D58A-41D0-A17A-29366968423B} 2012-04-30 22:04:45 -------- d-----w- C:\Users\Owner\AppData\Local\{BE420872-AEB8-4FFA-ABE9-8069959194F7} 2012-04-30 21:51:18 -------- d-----w- C:\Users\Owner\AppData\Local\{9AD0601A-4D45-414C-8EFF-0B93568FBD6E} 2012-04-30 20:11:25 -------- d-----w- C:\Users\Owner\AppData\Local\{8963C8D1-F0ED-4D8D-A69E-97451AE91A14} 2012-04-30 07:42:39 -------- d-----w- C:\Users\Owner\AppData\Local\{3F718C40-6061-483F-AAD9-A7C0AA50432B} 2012-04-30 04:05:51 -------- d-----w- C:\Users\Owner\AppData\Local\{A212CAE9-0DDC-47D7-B2E1-9A287B4BA646} 2012-04-30 02:28:34 -------- d-----w- C:\Users\Owner\AppData\Local\{6D83336F-5F4A-4600-A9EA-EF5B7C4BDEEC} 2012-04-29 14:42:45 -------- d-----w- C:\Users\Owner\AppData\Local\{7DB36190-9F99-40B0-8562-BA24ED8C03F8} 2012-04-29 02:53:56 -------- d-----w- C:\Users\Owner\AppData\Local\{87A0B7CE-1EE3-418B-A95D-6F4AA5509496} 2012-04-28 12:16:58 -------- d-----w- C:\Users\Owner\AppData\Local\{C888A2B0-2706-44E5-80BC-31F621930E49} 2012-04-28 05:47:28 -------- d-----w- C:\Users\Owner\AppData\Local\{E30D829E-E299-4362-87C7-B48B0389F47D} 2012-04-27 23:04:06 -------- d-----w- C:\Users\Owner\AppData\Local\{7180A2A8-4351-438B-8FCA-EF07FA3C96EA} 2012-04-27 04:43:48 -------- d-----w- C:\Users\Owner\AppData\Local\{79A670EB-D327-48B9-BA24-A27AC1642EFB} 2012-04-27 03:46:29 -------- d-----w- C:\Users\Owner\AppData\Local\{020D4D20-B6ED-4DB4-9157-51029F00FAAE} 2012-04-26 18:46:05 -------- d-----w- C:\Users\Owner\AppData\Local\{A07CCA34-0F9E-42C8-9BDB-482D67F4587C} 2012-04-26 18:34:39 -------- d-----w- C:\Users\Owner\AppData\Local\{C029163C-8AF3-40D2-9ECC-638DEB9957FF} 2012-04-26 15:04:02 -------- d-----w- C:\Users\Owner\AppData\Local\{822ACAB3-5087-4331-9FA0-F52CA34D2715} 2012-04-26 13:49:52 -------- d-----w- C:\Users\Owner\AppData\Local\{2C78BAC3-3734-4F13-925A-EFDE6F03D787} 2012-04-25 14:59:21 -------- d-----w- C:\Users\Owner\AppData\Local\{EE39779C-DE3D-4B71-9140-03B61D867111} 2012-04-24 16:03:05 512 ----a-w- C:\PhysicalMBR.bin 2012-04-24 14:12:00 -------- d-----w- C:\Users\Owner\AppData\Local\{23C1D592-30C4-4D2F-AA64-886B5414A3B7} 2012-04-24 07:21:32 -------- d-----w- C:\Users\Owner\AppData\Local\{5806EEB1-791E-498F-93FA-3CA8C4D71C32} 2012-04-24 03:36:38 -------- d-----w- C:\Users\Owner\AppData\Local\{D443E067-72C0-47BC-A7C2-79E56D9AD8A2} 2012-04-24 03:34:09 -------- d-sh--w- C:\found.000 2012-04-23 14:43:14 -------- d-----w- C:\Users\Owner\AppData\Local\{5C78C654-F08A-4D4A-A722-EFA3EC01F56C} 2012-04-23 01:26:57 -------- d-----w- C:\Users\Owner\AppData\Local\{4A5F4A5F-4BC4-449F-8C2D-DA64BB69F7F7} 2012-04-22 12:34:05 -------- d-----w- C:\Users\Owner\AppData\Local\{4C9789E5-9413-4BC9-9F0D-72EB7C2E0BE4} 2012-04-21 23:11:06 -------- d-----w- C:\Users\Owner\AppData\Local\{DCD677BB-9A87-4699-AD55-E36E8848346C} 2012-04-21 20:46:39 -------- d-----w- C:\Users\Owner\AppData\Local\{5D10F88D-9243-416E-AC0B-E2B49D6367A5} 2012-04-21 20:42:03 -------- d-----w- C:\windows\en 2012-04-21 20:37:24 48488 ----a-w- C:\windows\System32\drivers\fssfltr.sys 2012-04-21 20:30:20 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\922e4ef81cd1ffd02\MeshBetaRemover.exe 2012-04-21 20:30:19 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\91d63c0e1cd1ffd01\DSETUP.dll 2012-04-21 20:30:19 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\91d63c0e1cd1ffd01\DXSETUP.exe 2012-04-21 20:30:19 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\91d63c0e1cd1ffd01\dsetup32.dll 2012-04-21 19:56:51 -------- d-----w- C:\Users\Owner\AppData\Local\{CE9CAA05-3689-4484-851E-17ACC8094586} 2012-04-21 17:43:54 -------- d-----w- C:\Users\Owner\AppData\Local\{4530F39C-6DDE-4A39-B839-8705B187E29C} 2012-04-21 17:43:40 -------- d-----w- C:\Users\Owner\AppData\Local\{7C98AF00-D11E-4DF3-80C9-2CE6639E4192} 2012-04-21 00:38:22 -------- d-----w- C:\Users\Owner\AppData\Local\{E8C4241C-3AC0-4DBD-9A65-A2114FF18E20} 2012-04-20 23:45:16 -------- d-----w- C:\Users\Owner\AppData\Local\{1466326D-C639-449B-8E97-310D8B9D7176} 2012-04-20 21:06:41 -------- d-----w- C:\Users\Owner\AppData\Local\{5A8D1EDA-EEB5-4C10-95A0-5EB10E216DCA} 2012-04-20 05:10:03 -------- d-----w- C:\Users\Owner\AppData\Local\{4C924245-1911-47EC-8D0C-4BE13A916171} 2012-04-19 23:59:30 -------- d-----w- C:\Users\Owner\AppData\Local\{595479AE-17FE-4A40-8965-D717702BAB56} 2012-04-19 22:12:55 -------- d-----w- C:\Users\Owner\AppData\Local\{9E276BF7-D23E-4419-A91D-633307630F12} 2012-04-19 04:14:32 -------- d-----w- C:\Users\Owner\AppData\Local\{9E0549D9-08C8-4671-B55E-9B731EAAC7BC} 2012-04-17 00:35:13 -------- d-----w- C:\ZHP 2012-04-17 00:32:14 -------- d-----w- C:\Program Files (x86)\ZHPDiag 2012-04-16 22:27:17 -------- d-----w- C:\Program Files (x86)\VS Revo Group 2012-04-13 07:38:31 -------- d-----w- C:\Users\Owner\AppData\Local\{DF5B74EE-E53E-4EAB-9F6E-83DE740D802D} 2012-04-13 07:19:53 -------- d-----w- C:\Users\Owner\AppData\Local\{A0F9B318-0FD9-416F-86AE-7EA0C9CE644D} 2012-04-13 07:18:33 -------- d-----w- C:\Users\Owner\AppData\Local\{9D363018-5442-413A-BD00-EB31BD6A9CFA} 2012-04-13 04:46:25 -------- d-----w- C:\Users\Owner\AppData\Local\{490D3667-1337-4F6D-B7C5-C68CB4FADDBA} 2012-04-13 01:48:55 -------- d-----w- C:\Users\Owner\AppData\Local\{78133044-B6D0-48A6-813C-8A66547354CE} 2012-04-12 23:41:21 23408 ----a-w- C:\windows\System32\drivers\fs_rec.sys 2012-04-12 23:41:20 81408 ----a-w- C:\windows\System32\imagehlp.dll 2012-04-12 23:41:20 159232 ----a-w- C:\windows\SysWow64\imagehlp.dll 2012-04-12 23:41:19 5120 ----a-w- C:\windows\SysWow64\wmi.dll 2012-04-12 23:41:19 5120 ----a-w- C:\windows\System32\wmi.dll 2012-04-12 23:41:19 220672 ----a-w- C:\windows\System32\wintrust.dll 2012-04-12 23:41:19 172544 ----a-w- C:\windows\SysWow64\wintrust.dll 2012-04-12 14:09:25 -------- d-----w- C:\Users\Owner\AppData\Local\{B1F702B5-D72B-4315-8CB4-36C97DEDC6E2} 2012-04-11 23:13:59 -------- d-----w- C:\Users\Owner\AppData\Local\{57603CD1-3F93-47C0-862A-B83E9FCCD219} 2012-04-11 15:48:59 -------- d-----w- C:\Users\Owner\AppData\Local\{7A18FD82-26D4-4161-923C-822D7123266F} 2012-04-11 15:05:01 -------- d-----w- C:\Users\Owner\AppData\Local\{3CBC11A7-2D37-4E42-8067-D2848FD12F62} 2012-04-10 19:23:37 -------- d-----w- C:\Users\Owner\AppData\Local\{476A415E-110B-49B3-96BE-1FEF980A2B6C} 2012-04-10 03:37:00 -------- d-----w- C:\Users\Owner\AppData\Local\{A7E2F03F-DCB2-48A4-ADC9-A169B3F4E722} 2012-04-09 20:17:30 -------- d-----w- C:\Users\Owner\AppData\Local\{1D892337-AC66-4015-8B3D-9B8156D1B192} 2012-04-08 19:08:55 -------- d-----w- C:\Users\Owner\AppData\Local\{EC5207CA-8DBA-4C84-A7F1-01CCA5253D3A} 2012-04-08 07:29:17 -------- d-----w- C:\Users\Owner\AppData\Local\{93068D32-4BD8-4D12-BA4C-48CD54CD25B6} 2012-04-08 02:57:58 -------- d-----w- C:\Users\Owner\AppData\Local\{FAF61067-9FD8-48A3-8960-01EF1C799A60} . ==================== Find3M ==================== . 2012-03-21 01:44:12 98688 ----a-w- C:\windows\System32\drivers\NisDrvWFP.sys 2012-03-21 01:44:12 203888 ----a-w- C:\windows\System32\drivers\MpFilter.sys 2012-03-08 23:50:28 49016 ----a-w- C:\windows\SysWow64\sirenacm.dll 2012-03-08 23:37:20 302448 ----a-w- C:\windows\WLXPGSS.SCR 2012-03-06 06:53:37 5559152 ----a-w- C:\windows\System32\ntoskrnl.exe 2012-03-06 05:59:47 3968368 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe 2012-03-06 05:59:41 3913072 ----a-w- C:\windows\SysWow64\ntoskrnl.exe 2012-02-28 06:56:48 2311168 ----a-w- C:\windows\System32\jscript9.dll 2012-02-28 06:49:56 1390080 ----a-w- C:\windows\System32\wininet.dll 2012-02-28 06:48:57 1493504 ----a-w- C:\windows\System32\inetcpl.cpl 2012-02-28 06:42:55 2382848 ----a-w- C:\windows\System32\mshtml.tlb 2012-02-28 01:18:55 1799168 ----a-w- C:\windows\SysWow64\jscript9.dll 2012-02-28 01:11:21 1427456 ----a-w- C:\windows\SysWow64\inetcpl.cpl 2012-02-28 01:11:07 1127424 ----a-w- C:\windows\SysWow64\wininet.dll 2012-02-28 01:03:16 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb 2012-02-17 06:38:26 1031680 ----a-w- C:\windows\System32\rdpcore.dll 2012-02-17 05:34:22 826880 ----a-w- C:\windows\SysWow64\rdpcore.dll 2012-02-17 04:58:24 210944 ----a-w- C:\windows\System32\drivers\rdpwd.sys 2012-02-17 04:57:32 23552 ----a-w- C:\windows\System32\drivers\tdtcp.sys 2012-02-10 06:36:07 1544192 ----a-w- C:\windows\System32\DWrite.dll 2012-02-10 05:38:43 1077248 ----a-w- C:\windows\SysWow64\DWrite.dll . ============= FINISH: 21:12:34.44 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 4/4/2010 10:52:23 PM System Uptime: 5/7/2012 6:36:38 PM (3 hours ago) . Motherboard: TOSHIBA | | Portable PC Processor: Pentium® Dual-Core CPU T4400 @ 2.20GHz | CPU | 2200/800mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 288 GiB total, 2.773 GiB free. D: is CDROM () E: is CDROM (CDFS) F: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: BHDrvx64 Device ID: ROOT\LEGACY_BHDRVX64\0000 Manufacturer: Name: BHDrvx64 PNP Device ID: ROOT\LEGACY_BHDRVX64\0000 Service: BHDrvx64 . ==== System Restore Points =================== . RP289: 4/30/2012 1:22:15 AM - Windows Update RP290: 4/30/2012 6:46:02 PM - Removed Voila 2.0 HSDPA Utility R1. RP291: 5/1/2012 3:00:20 AM - Windows Update RP292: 5/7/2012 12:10:29 PM - Windows Update RP293: 5/7/2012 5:47:48 PM - DLL-Files.com Fixer Mon, May 07, 12 17:47 . ==== Installed Programs ====================== . 1ClickDownloader Adobe Flash Player 10 Plugin Adobe Flash Player 11 ActiveX Adobe Reader 9.4.6 Apple Application Support Apple Software Update Ares 3.1.7.3042 Ashampoo Burning Studio 6 FREE AviSynth 2.5 Best Buy Software Installer Bing Bar CamfrogWEB Advanced ActiveX Plugin (remove only) Compatibility Pack for the 2007 Office system D3DX10 Dealio Toolbar v4.9 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Désinst. LG PC Suite III Epi Info 7 Facebook Video Calling 1.2.0.159 Feedback Tool FIFA 12 © EA version 1 Folder Lock Free Mp3 Wma Converter V 1.9 Free MP3 WMA Cutter 3.7.2.5 GIMP 2.6.8 Google Earth Google Toolbar for Internet Explorer Google Update Helper Google Updater Java Auto Updater Java 6 Update 29 Junk Mail filter update Kabisa_V_81b 13/04/2010 Larousse Médical LG Bluetooth Drivers LG Internet Kit LG MC USB U330 driver LG United Mobile Driver LG USB Modem Drivers Macromedia Shockwave Player Malwarebytes Anti-Malware version 1.61.0.1400 ManyCam 2.6.65 (remove only) Mesh Runtime Messenger Companion Microsoft .NET Framework 1.1 Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable - KB2467175 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) mywebsites.pro-FR Toolbar NATCOM 3G Norton Security Suite ObjectDock ooVoo OpenOffice.org 3.2 Picasa 3 QuickTime Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Realtek WLAN Driver Revo Uninstaller 1.93 Roxio Burn Roxio Express Labeler 3 Roxio Roxio Burn Roxio Update Manager Safari Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Soft-Search Toolbar SpeedBit Video Downloader Spelling Dictionaries Support For Adobe Reader 9 TOSHIBA Application Installer TOSHIBA Assist TOSHIBA Bulletin Board TOSHIBA ConfigFree TOSHIBA DVD PLAYER TOSHIBA eco Utility TOSHIBA Extended Tiles for Windows Mobility Center TOSHIBA Face Recognition TOSHIBA Hardware Setup TOSHIBA HDD/SSD Alert TOSHIBA Media Controller TOSHIBA Quality Application TOSHIBA ReelTime TOSHIBA Service Station TOSHIBA Speech System Applications TOSHIBA Speech System SR Engine(U.S.) Version1.0 TOSHIBA Speech System TTS Engine(U.S.) Version1.0 TOSHIBA Supervisor Password TOSHIBA Value Added Package TOSHIBA Web Camera Application ToshibaRegistration Uniblue RegistryBooster Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553092) Update Manager USB INTERNET VLC media player 1.1.11 Votre santé au quotidien VZAccess Manager Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Yahoo! Messenger Yahoo! Software Update Yahoo! Toolbar ZHPDiag 1.30 . ==== Event Viewer Messages From Past Week ======== . 5/7/2012 8:48:47 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.125.1090.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8304.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 5/7/2012 8:21:46 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.125.1090.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8304.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 5/7/2012 6:37:47 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 SRTSP 5/7/2012 6:37:24 PM, Error: Service Control Manager [7000] - The windrvNT service failed to start due to the following error: The system cannot find the file specified. 5/7/2012 6:37:21 PM, Error: Service Control Manager [7000] - The npf service failed to start due to the following error: The system cannot find the file specified. 5/7/2012 6:36:49 PM, Error: SRTSP [5] - Error loading Symantec real time Anti-Virus driver. 5/7/2012 6:36:49 PM, Error: SRTSP [4] - Error loading virus definitions. 5/7/2012 6:01:38 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 5/7/2012 6:01:38 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 5/7/2012 6:01:35 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 5/7/2012 6:01:34 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 5/7/2012 6:01:34 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 5/7/2012 6:01:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 5/7/2012 6:01:22 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 5/7/2012 6:01:06 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx64 ccHP DfsC discache eeCtrl IDSVia64 MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr SRTSP SRTSPX SymIRON SYMTDIv tdx vwififlt Wanarpv6 WfpLwf 5/7/2012 6:01:05 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 5/7/2012 6:01:05 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 5/7/2012 6:01:05 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 5/7/2012 6:01:05 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 5/7/2012 6:01:05 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 5/7/2012 6:01:05 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 5/7/2012 6:01:05 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 5/7/2012 6:01:05 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 5/7/2012 6:01:05 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 5/7/2012 6:01:05 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 5/6/2012 9:39:44 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.125.1090.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8304.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 5/6/2012 8:52:25 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.125.1090.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8304.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 5/6/2012 12:39:33 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.125.1090.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8304.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 5/5/2012 8:29:35 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.125.1090.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8304.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 5/1/2012 3:06:51 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft Security Essentials Client Update Package - KB2691905. 4/30/2012 5:59:51 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection. 4/30/2012 5:53:53 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection. 4/30/2012 5:04:13 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection. 4/30/2012 4:51:12 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection. 4/30/2012 3:18:43 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection. 4/30/2012 3:10:48 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection. . ==== End Of File ===========================

Hi.... Please i need help... I have the same problem...: PROGRAM_ERROR_UPDATING(0,0,I/O error). for my 1st use of this program... What should i do please?