Jump to content

InMyMind

Members
 View Profile  See their activity

  • Posts

    9

  • Joined

  • Last visited

Reputation

0 Neutral
  1. InMyMind
    I dont know what this is due to, but it happened out of nowhere. My net download spees have slowed from 20 to 2 or around there , cnat ever retrieve and upload speed form speedtest
  2. InMyMind
    tried running it, Norton had a pop up saying less than 5 users had the file... I went to run it anyways and Norton detected and deleted TFC, Ive had this on my computer before but it had never been picked up by Norton like this
  3. InMyMind
    https://www.virustotal.com/file/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855/analysis/ https://www.virustotal.com/file/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855/analysis/
  4. InMyMind
    Finally figured out how to disable every part of norton (I read the log and for some reason it said it was still active), system rebooted and it wouldnt let me get the combofix log, I wasnt alarmed until I tried to open a browser to come post and it said that my combofix log and browsers, notepad, and almost anything I tried to open was a registry key set for deletion. So I bootedin safe mode and almost restored my computer to an earlier date but decided to see if my computer would boot up and work in a regular boot, and it has (I backed up the combofix log if it wouldnt have started and I had to restore) ComboFix 12-06-16.02 - Elyse 06/18/2012 21:04:11.1.1 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1916.839 [GMT -5:00] Running from: c:\users\Elyse\Desktop\combofix.exe Command switches used :: /nombr AV: Norton Security Suite *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton Security Suite *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\Install.exe c:\windows\system32\Thumbs.db . . ((((((((((((((((((((((((( Files Created from 2012-05-19 to 2012-06-19 ))))))))))))))))))))))))))))))) . . 2012-06-19 02:12 . 2012-06-19 02:12 -------- d-----w- c:\users\Guest\AppData\Local\temp 2012-06-19 02:12 . 2012-06-19 02:12 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-06-19 01:36 . 2012-06-19 01:36 0 ----a-w- c:\windows\SysWow64\sho51C.tmp 2012-06-17 17:57 . 2012-06-17 17:57 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll 2012-06-17 17:57 . 2012-06-17 17:57 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll 2012-06-15 11:17 . 2012-06-15 11:17 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F1C2E78D-7F07-4BEC-957A-B5C9FB183580}\offreg.dll 2012-06-15 11:17 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F1C2E78D-7F07-4BEC-957A-B5C9FB183580}\mpengine.dll 2012-06-14 09:43 . 2012-06-14 10:06 -------- d-----w- c:\users\Elyse\AppData\Local\NPE 2012-06-13 00:38 . 2012-05-18 01:56 304640 ----a-w- c:\program files\Internet Explorer\IEShims.dll 2012-06-13 00:20 . 2012-06-13 00:20 159744 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll 2012-06-13 00:05 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll 2012-06-13 00:05 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-06-13 00:05 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-06-13 00:05 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll 2012-06-13 00:05 . 2012-05-04 11:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-06-13 00:05 . 2012-05-04 10:03 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-06-13 00:04 . 2012-05-04 10:03 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-06-13 00:04 . 2012-05-15 01:32 3146752 ----a-w- c:\windows\system32\win32k.sys 2012-06-13 00:04 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-06-13 00:04 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll 2012-06-13 00:04 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\SysWow64\msi.dll 2012-06-13 00:03 . 2012-04-24 05:37 1462272 ----a-w- c:\windows\system32\crypt32.dll 2012-06-13 00:03 . 2012-04-24 05:37 184320 ----a-w- c:\windows\system32\cryptsvc.dll 2012-06-13 00:03 . 2012-04-24 05:37 140288 ----a-w- c:\windows\system32\cryptnet.dll 2012-06-13 00:03 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll 2012-06-13 00:03 . 2012-04-24 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll 2012-06-13 00:03 . 2012-04-24 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll 2012-06-09 06:59 . 2012-06-09 06:59 -------- d-----w- c:\users\Elyse\AppData\Local\Macromedia 2012-05-30 23:12 . 2012-05-30 23:12 476960 ----a-w- c:\windows\SysWow64\npdeployJava1.dll 2012-05-27 19:42 . 2012-05-27 19:42 -------- d-----w- c:\program files (x86)\Microsoft Silverlight . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-09 06:59 . 2012-04-02 19:16 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-06-09 06:59 . 2011-09-08 18:45 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-05-30 23:12 . 2011-08-02 07:52 472864 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-05-12 07:12 . 2012-05-12 07:12 0 ----a-w- c:\windows\SysWow64\sho940E.tmp 2012-05-10 08:19 . 2012-05-10 08:19 0 ----a-w- c:\windows\SysWow64\sho7254.tmp 2012-05-04 19:28 . 2012-04-02 19:28 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe 2012-04-19 01:56 . 2012-04-19 01:56 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx 2012-04-19 01:56 . 2012-04-19 01:56 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts 2012-04-04 20:56 . 2011-10-11 19:24 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-03-30 11:35 . 2012-05-09 19:16 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Akamai NetSession Interface"="c:\users\Elyse\AppData\Local\Akamai\netsession_win.exe" [2012-05-08 3331872] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2011-02-11 1295736] "NortonOnlineBackupReminder"="c:\program files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" [2010-08-17 3218792] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "GIDDesktop"="c:\program files (x86)\SFT\GuardedID\gidd.exe" [2011-07-05 395528] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "AvgUninstallURL"="start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=SUFaUDItUko3UFItN0dOTVUtQUJMRTYtVFBRQ0ktNg&inst=NzYtOTQxMjkxMDgwLVNUMTJGT0krMS1ERFQrMC1TVDEyQVBQKzEtRVVMQSsx∏=94&ver=2012.0.1831&mid=86ef1b55244c47d1826d147051f085d3-6e22f5d63c56d589da72ca653a04c7ccfd2dbc31" [?] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Constant Guard.lnk - c:\program files (x86)\Constant Guard Protection Suite\IDVault.exe [2012-6-13 6534768] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-09 257224] R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-17 113120] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x] R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [x] R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-02-11 54136] R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-06 137560] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\0502010.003\SYMDS64.SYS [x] S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\0502010.003\SYMEFA64.SYS [x] S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120531.001\BHDrvx64.sys [2012-04-02 1160824] S1 GIDv2;GIDv2; [x] S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120613.007\IDSvia64.sys [2012-06-14 488568] S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\0502010.003\Ironx64.SYS [x] S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\0502010.003\SYMNETS.SYS [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] S2 IDVaultSvc;CGPS Service;c:\program files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe [2012-06-13 66160] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408] S2 N360;Norton Security Suite;c:\program files (x86)\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe [2011-04-17 130008] S2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;c:\program files (x86)\Norton PC Checkup\Engine\2.0.5.60\SymcPCCULaunchSvc.exe [2011-12-07 135608] S2 PCCUJobMgr;Common Client Job Manager Service;c:\program files (x86)\Norton PC Checkup\Engine\2.0.5.60\ccSvcHst.exe [2009-08-24 126392] S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2011-03-15 428384] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-05-31 138912] S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [x] S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [x] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{9191979D-821C-4EA8-B021-2DA1D859A7C5}-3Reg] 2011-07-05 15:26 435976 ----a-w- c:\program files (x86)\SFT\GuardedID\GIDI.exe . Contents of the 'Scheduled Tasks' folder . 2012-06-19 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 06:59] . 2012-06-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3130455298-971642170-3200459864-1000Core.job - c:\users\Elyse\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-21 19:09] . 2012-06-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3130455298-971642170-3200459864-1000UA.job - c:\users\Elyse\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-21 19:09] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-03-18 166424] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-03-18 391192] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-03-18 410648] "cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-03-22 521272] "TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376] "TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-06 709976] "SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2010-04-28 307768] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://start.toshiba.com/g/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = <local>;*.local;127.0.0.1:9421; IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html TCP: DhcpNameServer = 75.75.76.76 75.75.75.75 FF - ProfilePath - c:\users\Elyse\AppData\Roaming\Mozilla\Firefox\Profiles\4h79tzjr.default\ FF - prefs.js: browser.search.selectedEngine - Search & Win . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) Toolbar-Locked - (no file) HKLM-Run-(Default) - (no file) HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360] "ImagePath"="\"c:\program files (x86)\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton Security Suite\Engine\5.2.1.3\diMaster.dll\" /prefetch:1" -- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCCUJobMgr] "ImagePath"="\"c:\program files (x86)\Norton PC Checkup\Engine\2.0.5.60\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files (x86)\Norton PC Checkup\Engine\2.0.5.60\diMaster.dll\" /prefetch:1" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-06-18 21:25:19 - machine was rebooted ComboFix-quarantined-files.txt 2012-06-19 02:25 . Pre-Run: 168,806,428,672 bytes free Post-Run: 168,665,460,736 bytes free . - - End Of File - - 7A55A68EE99914F00A520E1FC4309D19
  5. InMyMind
    I did everything the instructions told me when it came to disabling my AV and Malware programs but ComboFix kept telling me that my anti spyware: Norton was still running. Also I dont know if I did something wrong but it would do the extracting (black screen green text) but took a long time to pop up so Id run it again =\ but they all still said disable Norton. Also one time I spaced and pressed ok for it to run, but I closed the blue screen immediately.
  6. InMyMind
    01:21:31.0112 7544 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31 01:21:32.0217 7544 ============================================================ 01:21:32.0217 7544 Current date / time: 2012/06/16 01:21:32.0217 01:21:32.0217 7544 SystemInfo: 01:21:32.0217 7544 01:21:32.0218 7544 OS Version: 6.1.7601 ServicePack: 1.0 01:21:32.0218 7544 Product type: Workstation 01:21:32.0218 7544 ComputerName: ELYSE-VRUS 01:21:32.0218 7544 UserName: Elyse 01:21:32.0218 7544 Windows directory: C:\windows 01:21:32.0218 7544 System windows directory: C:\windows 01:21:32.0218 7544 Running under WOW64 01:21:32.0218 7544 Processor architecture: Intel x64 01:21:32.0218 7544 Number of processors: 1 01:21:32.0218 7544 Page size: 0x1000 01:21:32.0218 7544 Boot type: Normal boot 01:21:32.0218 7544 ============================================================ 01:21:33.0907 7544 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 01:21:33.0930 7544 ============================================================ 01:21:33.0930 7544 \Device\Harddisk0\DR0: 01:21:33.0930 7544 MBR partitions: 01:21:33.0930 7544 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1BA79000 01:21:33.0930 7544 ============================================================ 01:21:33.0956 7544 C: <-> \Device\Harddisk0\DR0\Partition0 01:21:33.0976 7544 ============================================================ 01:21:33.0976 7544 Initialize success 01:21:33.0976 7544 ============================================================ 01:21:55.0199 1452 ============================================================ 01:21:55.0199 1452 Scan started 01:21:55.0199 1452 Mode: Manual; SigCheck; TDLFS; 01:21:55.0199 1452 ============================================================ 01:21:56.0181 1452 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys 01:21:56.0491 1452 1394ohci - ok 01:21:56.0561 1452 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys 01:21:56.0602 1452 ACPI - ok 01:21:56.0647 1452 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys 01:21:56.0752 1452 AcpiPmi - ok 01:21:56.0882 1452 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 01:21:56.0899 1452 AdobeARMservice - ok 01:21:57.0143 1452 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 01:21:57.0186 1452 AdobeFlashPlayerUpdateSvc - ok 01:21:57.0339 1452 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys 01:21:57.0365 1452 adp94xx - ok 01:21:57.0407 1452 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys 01:21:57.0428 1452 adpahci - ok 01:21:57.0480 1452 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys 01:21:57.0519 1452 adpu320 - ok 01:21:57.0564 1452 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll 01:21:57.0713 1452 AeLookupSvc - ok 01:21:57.0771 1452 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys 01:21:57.0867 1452 AFD - ok 01:21:57.0910 1452 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys 01:21:57.0927 1452 agp440 - ok 01:21:57.0978 1452 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe 01:21:58.0045 1452 ALG - ok 01:21:58.0084 1452 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys 01:21:58.0099 1452 aliide - ok 01:21:58.0131 1452 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys 01:21:58.0167 1452 amdide - ok 01:21:58.0221 1452 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys 01:21:58.0295 1452 AmdK8 - ok 01:21:58.0320 1452 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys 01:21:58.0363 1452 AmdPPM - ok 01:21:58.0414 1452 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys 01:21:58.0447 1452 amdsata - ok 01:21:58.0495 1452 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys 01:21:58.0518 1452 amdsbs - ok 01:21:58.0541 1452 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys 01:21:58.0558 1452 amdxata - ok 01:21:58.0619 1452 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys 01:21:58.0839 1452 AppID - ok 01:21:58.0875 1452 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll 01:21:58.0959 1452 AppIDSvc - ok 01:21:59.0021 1452 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll 01:21:59.0081 1452 Appinfo - ok 01:21:59.0199 1452 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 01:21:59.0232 1452 Apple Mobile Device - ok 01:21:59.0284 1452 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys 01:21:59.0301 1452 arc - ok 01:21:59.0326 1452 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys 01:21:59.0343 1452 arcsas - ok 01:21:59.0390 1452 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys 01:21:59.0456 1452 AsyncMac - ok 01:21:59.0485 1452 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys 01:21:59.0524 1452 atapi - ok 01:21:59.0611 1452 athr (d6cad7e5b05055bb8226bdcb1644da27) C:\windows\system32\DRIVERS\athrx.sys 01:21:59.0730 1452 athr - ok 01:21:59.0840 1452 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll 01:21:59.0906 1452 AudioEndpointBuilder - ok 01:21:59.0919 1452 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll 01:21:59.0967 1452 AudioSrv - ok 01:22:00.0028 1452 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll 01:22:00.0144 1452 AxInstSV - ok 01:22:00.0215 1452 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys 01:22:00.0290 1452 b06bdrv - ok 01:22:00.0340 1452 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys 01:22:00.0374 1452 b57nd60a - ok 01:22:00.0434 1452 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll 01:22:00.0509 1452 BDESVC - ok 01:22:00.0551 1452 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys 01:22:00.0627 1452 Beep - ok 01:22:00.0695 1452 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll 01:22:00.0754 1452 BFE - ok 01:22:00.0937 1452 BHDrvx64 (5b1fe9d351c284701c8051da2aa81df6) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120531.001\BHDrvx64.sys 01:22:01.0117 1452 BHDrvx64 - ok 01:22:01.0264 1452 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll 01:22:01.0345 1452 BITS - ok 01:22:01.0400 1452 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys 01:22:01.0429 1452 blbdrive - ok 01:22:01.0521 1452 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe 01:22:01.0541 1452 Bonjour Service - ok 01:22:01.0570 1452 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys 01:22:01.0624 1452 bowser - ok 01:22:01.0664 1452 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys 01:22:01.0753 1452 BrFiltLo - ok 01:22:01.0811 1452 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys 01:22:01.0831 1452 BrFiltUp - ok 01:22:01.0871 1452 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll 01:22:01.0936 1452 Browser - ok 01:22:01.0975 1452 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys 01:22:02.0038 1452 Brserid - ok 01:22:02.0072 1452 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys 01:22:02.0105 1452 BrSerWdm - ok 01:22:02.0128 1452 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys 01:22:02.0156 1452 BrUsbMdm - ok 01:22:02.0197 1452 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys 01:22:02.0223 1452 BrUsbSer - ok 01:22:02.0245 1452 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys 01:22:02.0273 1452 BTHMODEM - ok 01:22:02.0326 1452 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll 01:22:02.0397 1452 bthserv - ok 01:22:02.0429 1452 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys 01:22:02.0490 1452 cdfs - ok 01:22:02.0519 1452 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\drivers\cdrom.sys 01:22:02.0580 1452 cdrom - ok 01:22:02.0630 1452 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll 01:22:02.0686 1452 CertPropSvc - ok 01:22:02.0722 1452 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys 01:22:02.0742 1452 circlass - ok 01:22:02.0784 1452 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys 01:22:02.0826 1452 CLFS - ok 01:22:02.0896 1452 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 01:22:02.0928 1452 clr_optimization_v2.0.50727_32 - ok 01:22:02.0995 1452 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 01:22:03.0022 1452 clr_optimization_v2.0.50727_64 - ok 01:22:03.0093 1452 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 01:22:03.0125 1452 clr_optimization_v4.0.30319_32 - ok 01:22:03.0182 1452 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 01:22:03.0208 1452 clr_optimization_v4.0.30319_64 - ok 01:22:03.0269 1452 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys 01:22:03.0300 1452 CmBatt - ok 01:22:03.0335 1452 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys 01:22:03.0351 1452 cmdide - ok 01:22:03.0401 1452 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys 01:22:03.0452 1452 CNG - ok 01:22:03.0527 1452 CnxtHdAudService (66d12b53e117ef951d5e1ced03b4cc1b) C:\windows\system32\drivers\CHDRT64.sys 01:22:03.0575 1452 CnxtHdAudService - ok 01:22:03.0630 1452 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys 01:22:03.0645 1452 Compbatt - ok 01:22:03.0699 1452 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys 01:22:03.0737 1452 CompositeBus - ok 01:22:03.0755 1452 COMSysApp - ok 01:22:03.0800 1452 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys 01:22:03.0816 1452 crcdisk - ok 01:22:03.0887 1452 CryptSvc (4f5414602e2544a4554d95517948b705) C:\windows\system32\cryptsvc.dll 01:22:03.0978 1452 CryptSvc - ok 01:22:04.0186 1452 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 01:22:04.0223 1452 cvhsvc - ok 01:22:04.0336 1452 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll 01:22:04.0404 1452 DcomLaunch - ok 01:22:04.0466 1452 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll 01:22:04.0538 1452 defragsvc - ok 01:22:04.0612 1452 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys 01:22:04.0669 1452 DfsC - ok 01:22:04.0776 1452 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll 01:22:04.0835 1452 Dhcp - ok 01:22:04.0874 1452 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys 01:22:04.0939 1452 discache - ok 01:22:04.0985 1452 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys 01:22:05.0002 1452 Disk - ok 01:22:05.0035 1452 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll 01:22:05.0114 1452 Dnscache - ok 01:22:05.0150 1452 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll 01:22:05.0206 1452 dot3svc - ok 01:22:05.0229 1452 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll 01:22:05.0281 1452 DPS - ok 01:22:05.0323 1452 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys 01:22:05.0355 1452 drmkaud - ok 01:22:05.0420 1452 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys 01:22:05.0495 1452 DXGKrnl - ok 01:22:05.0530 1452 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll 01:22:05.0584 1452 EapHost - ok 01:22:05.0718 1452 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys 01:22:05.0852 1452 ebdrv - ok 01:22:05.0996 1452 eeCtrl (ba6420c1f7070ed8f1ba372844f3e1ec) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 01:22:06.0035 1452 eeCtrl - ok 01:22:06.0102 1452 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe 01:22:06.0174 1452 EFS - ok 01:22:06.0249 1452 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe 01:22:06.0329 1452 ehRecvr - ok 01:22:06.0361 1452 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe 01:22:06.0451 1452 ehSched - ok 01:22:06.0517 1452 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys 01:22:06.0542 1452 elxstor - ok 01:22:06.0676 1452 EraserUtilRebootDrv (1343df3451bc0c442dc69837c6fba21b) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 01:22:06.0707 1452 EraserUtilRebootDrv - ok 01:22:06.0750 1452 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys 01:22:06.0782 1452 ErrDev - ok 01:22:06.0851 1452 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll 01:22:06.0920 1452 EventSystem - ok 01:22:06.0954 1452 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys 01:22:07.0013 1452 exfat - ok 01:22:07.0041 1452 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys 01:22:07.0108 1452 fastfat - ok 01:22:07.0172 1452 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe 01:22:07.0241 1452 Fax - ok 01:22:07.0281 1452 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys 01:22:07.0311 1452 fdc - ok 01:22:07.0351 1452 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll 01:22:07.0405 1452 fdPHost - ok 01:22:07.0429 1452 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll 01:22:07.0482 1452 FDResPub - ok 01:22:07.0503 1452 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys 01:22:07.0520 1452 FileInfo - ok 01:22:07.0537 1452 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys 01:22:07.0601 1452 Filetrace - ok 01:22:07.0635 1452 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys 01:22:07.0657 1452 flpydisk - ok 01:22:07.0701 1452 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys 01:22:07.0722 1452 FltMgr - ok 01:22:07.0782 1452 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll 01:22:07.0854 1452 FontCache - ok 01:22:07.0918 1452 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 01:22:07.0931 1452 FontCache3.0.0.0 - ok 01:22:07.0976 1452 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys 01:22:07.0992 1452 FsDepends - ok 01:22:08.0023 1452 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys 01:22:08.0055 1452 Fs_Rec - ok 01:22:08.0102 1452 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys 01:22:08.0142 1452 fvevol - ok 01:22:08.0183 1452 FwLnk (60acb128e64c35c2b4e4aab1b0a5c293) C:\windows\system32\DRIVERS\FwLnk.sys 01:22:08.0247 1452 FwLnk - ok 01:22:08.0294 1452 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys 01:22:08.0310 1452 gagp30kx - ok 01:22:08.0390 1452 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe 01:22:08.0422 1452 GamesAppService - ok 01:22:08.0465 1452 GEARAspiWDM (af4dee5531395dee72b35b36c9671fd0) C:\windows\system32\DRIVERS\GEARAspiWDM.sys 01:22:08.0491 1452 GEARAspiWDM - ok 01:22:08.0546 1452 GIDv2 (9ba22aee7f531ef9ce085cc2e1112bc4) C:\windows\system32\drivers\GIDv2.sys 01:22:08.0560 1452 GIDv2 - ok 01:22:08.0617 1452 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll 01:22:08.0688 1452 gpsvc - ok 01:22:08.0716 1452 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys 01:22:08.0784 1452 hcw85cir - ok 01:22:08.0836 1452 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys 01:22:08.0873 1452 HdAudAddService - ok 01:22:08.0911 1452 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys 01:22:08.0943 1452 HDAudBus - ok 01:22:08.0971 1452 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys 01:22:09.0000 1452 HidBatt - ok 01:22:09.0022 1452 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys 01:22:09.0060 1452 HidBth - ok 01:22:09.0095 1452 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys 01:22:09.0127 1452 HidIr - ok 01:22:09.0168 1452 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll 01:22:09.0243 1452 hidserv - ok 01:22:09.0289 1452 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys 01:22:09.0307 1452 HidUsb - ok 01:22:09.0337 1452 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll 01:22:09.0417 1452 hkmsvc - ok 01:22:09.0457 1452 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll 01:22:09.0543 1452 HomeGroupListener - ok 01:22:09.0575 1452 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll 01:22:09.0607 1452 HomeGroupProvider - ok 01:22:09.0653 1452 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys 01:22:09.0669 1452 HpSAMD - ok 01:22:09.0728 1452 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys 01:22:09.0810 1452 HTTP - ok 01:22:09.0847 1452 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys 01:22:09.0878 1452 hwpolicy - ok 01:22:09.0922 1452 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys 01:22:09.0944 1452 i8042prt - ok 01:22:09.0998 1452 iaStor (bbb3b6df1abb0fe35802ede85cc1c011) C:\windows\system32\DRIVERS\iaStor.sys 01:22:10.0015 1452 iaStor - ok 01:22:10.0072 1452 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys 01:22:10.0095 1452 iaStorV - ok 01:22:10.0181 1452 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 01:22:10.0224 1452 idsvc - ok 01:22:10.0438 1452 IDSVia64 (4e9e0e5a3b0efeb27491c26be1d97fda) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120613.007\IDSvia64.sys 01:22:10.0464 1452 IDSVia64 - ok 01:22:10.0544 1452 IDVaultSvc (ebed410c201b7050c0f7cbbb0306656a) C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe 01:22:10.0557 1452 IDVaultSvc - ok 01:22:10.0981 1452 igfx (898ab5bfed7040d7ab07af01885eb944) C:\windows\system32\DRIVERS\igdkmd64.sys 01:22:11.0305 1452 igfx - ok 01:22:11.0481 1452 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys 01:22:11.0496 1452 iirsp - ok 01:22:11.0589 1452 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll 01:22:11.0651 1452 IKEEXT - ok 01:22:11.0691 1452 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys 01:22:11.0706 1452 intelide - ok 01:22:11.0765 1452 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys 01:22:11.0824 1452 intelppm - ok 01:22:11.0863 1452 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll 01:22:11.0946 1452 IPBusEnum - ok 01:22:11.0984 1452 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys 01:22:12.0044 1452 IpFilterDriver - ok 01:22:12.0105 1452 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll 01:22:12.0169 1452 iphlpsvc - ok 01:22:12.0216 1452 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys 01:22:12.0256 1452 IPMIDRV - ok 01:22:12.0314 1452 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys 01:22:12.0361 1452 IPNAT - ok 01:22:12.0415 1452 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys 01:22:12.0485 1452 IRENUM - ok 01:22:12.0540 1452 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys 01:22:12.0556 1452 isapnp - ok 01:22:12.0587 1452 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys 01:22:12.0607 1452 iScsiPrt - ok 01:22:12.0662 1452 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys 01:22:12.0677 1452 kbdclass - ok 01:22:12.0718 1452 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\DRIVERS\kbdhid.sys 01:22:12.0765 1452 kbdhid - ok 01:22:12.0791 1452 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe 01:22:12.0809 1452 KeyIso - ok 01:22:12.0843 1452 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys 01:22:12.0879 1452 KSecDD - ok 01:22:12.0916 1452 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys 01:22:12.0950 1452 KSecPkg - ok 01:22:12.0999 1452 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys 01:22:13.0060 1452 ksthunk - ok 01:22:13.0102 1452 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll 01:22:13.0177 1452 KtmRm - ok 01:22:13.0219 1452 L1C (655a5d8e80869781cce23760ada7e695) C:\windows\system32\DRIVERS\L1C62x64.sys 01:22:13.0253 1452 L1C - ok 01:22:13.0330 1452 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll 01:22:13.0389 1452 LanmanServer - ok 01:22:13.0442 1452 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll 01:22:13.0496 1452 LanmanWorkstation - ok 01:22:13.0547 1452 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys 01:22:13.0596 1452 lltdio - ok 01:22:13.0653 1452 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll 01:22:13.0727 1452 lltdsvc - ok 01:22:13.0743 1452 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll 01:22:13.0784 1452 lmhosts - ok 01:22:13.0827 1452 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys 01:22:13.0844 1452 LSI_FC - ok 01:22:13.0876 1452 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys 01:22:13.0893 1452 LSI_SAS - ok 01:22:13.0932 1452 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys 01:22:13.0949 1452 LSI_SAS2 - ok 01:22:13.0989 1452 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys 01:22:14.0025 1452 LSI_SCSI - ok 01:22:14.0055 1452 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys 01:22:14.0112 1452 luafv - ok 01:22:14.0196 1452 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\windows\system32\drivers\mbam.sys 01:22:14.0229 1452 MBAMProtector - ok 01:22:14.0353 1452 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 01:22:14.0377 1452 MBAMService - ok 01:22:14.0458 1452 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll 01:22:14.0514 1452 Mcx2Svc - ok 01:22:14.0589 1452 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys 01:22:14.0604 1452 megasas - ok 01:22:14.0640 1452 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys 01:22:14.0660 1452 MegaSR - ok 01:22:14.0704 1452 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll 01:22:14.0754 1452 MMCSS - ok 01:22:14.0780 1452 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys 01:22:14.0909 1452 Modem - ok 01:22:14.0938 1452 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys 01:22:14.0968 1452 monitor - ok 01:22:15.0024 1452 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys 01:22:15.0040 1452 mouclass - ok 01:22:15.0089 1452 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys 01:22:15.0123 1452 mouhid - ok 01:22:15.0157 1452 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys 01:22:15.0174 1452 mountmgr - ok 01:22:15.0257 1452 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 01:22:15.0290 1452 MozillaMaintenance - ok 01:22:15.0331 1452 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys 01:22:15.0349 1452 mpio - ok 01:22:15.0371 1452 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys 01:22:15.0413 1452 mpsdrv - ok 01:22:15.0463 1452 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll 01:22:15.0520 1452 MpsSvc - ok 01:22:15.0562 1452 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys 01:22:15.0599 1452 MRxDAV - ok 01:22:15.0636 1452 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys 01:22:15.0741 1452 mrxsmb - ok 01:22:15.0771 1452 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys 01:22:15.0821 1452 mrxsmb10 - ok 01:22:15.0849 1452 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys 01:22:15.0867 1452 mrxsmb20 - ok 01:22:15.0908 1452 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys 01:22:15.0926 1452 msahci - ok 01:22:15.0966 1452 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys 01:22:15.0983 1452 msdsm - ok 01:22:16.0034 1452 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe 01:22:16.0069 1452 MSDTC - ok 01:22:16.0104 1452 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys 01:22:16.0159 1452 Msfs - ok 01:22:16.0188 1452 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys 01:22:16.0242 1452 mshidkmdf - ok 01:22:16.0273 1452 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys 01:22:16.0314 1452 msisadrv - ok 01:22:16.0371 1452 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll 01:22:16.0444 1452 MSiSCSI - ok 01:22:16.0454 1452 msiserver - ok 01:22:16.0526 1452 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys 01:22:16.0577 1452 MSKSSRV - ok 01:22:16.0598 1452 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys 01:22:16.0657 1452 MSPCLOCK - ok 01:22:16.0693 1452 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys 01:22:16.0748 1452 MSPQM - ok 01:22:16.0784 1452 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys 01:22:16.0820 1452 MsRPC - ok 01:22:16.0900 1452 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys 01:22:16.0915 1452 mssmbios - ok 01:22:16.0953 1452 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys 01:22:17.0009 1452 MSTEE - ok 01:22:17.0027 1452 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys 01:22:17.0045 1452 MTConfig - ok 01:22:17.0069 1452 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys 01:22:17.0097 1452 Mup - ok 01:22:17.0210 1452 N360 (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe 01:22:17.0224 1452 N360 - ok 01:22:17.0290 1452 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll 01:22:17.0376 1452 napagent - ok 01:22:17.0442 1452 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys 01:22:17.0500 1452 NativeWifiP - ok 01:22:17.0690 1452 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120614.032\ENG64.SYS 01:22:17.0705 1452 NAVENG - ok 01:22:17.0983 1452 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120614.032\EX64.SYS 01:22:18.0085 1452 NAVEX15 - ok 01:22:18.0275 1452 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys 01:22:18.0327 1452 NDIS - ok 01:22:18.0389 1452 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys 01:22:18.0436 1452 NdisCap - ok 01:22:18.0466 1452 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys 01:22:18.0505 1452 NdisTapi - ok 01:22:18.0558 1452 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys 01:22:18.0623 1452 Ndisuio - ok 01:22:18.0664 1452 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys 01:22:18.0737 1452 NdisWan - ok 01:22:18.0778 1452 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys 01:22:18.0832 1452 NDProxy - ok 01:22:18.0883 1452 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys 01:22:18.0937 1452 NetBIOS - ok 01:22:19.0018 1452 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys 01:22:19.0059 1452 NetBT - ok 01:22:19.0091 1452 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe 01:22:19.0108 1452 Netlogon - ok 01:22:19.0168 1452 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll 01:22:19.0227 1452 Netman - ok 01:22:19.0287 1452 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll 01:22:19.0344 1452 netprofm - ok 01:22:19.0429 1452 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 01:22:19.0469 1452 NetTcpPortSharing - ok 01:22:19.0525 1452 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys 01:22:19.0541 1452 nfrd960 - ok 01:22:19.0604 1452 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll 01:22:19.0654 1452 NlaSvc - ok 01:22:19.0720 1452 Norton PC Checkup Application Launcher - ok 01:22:19.0739 1452 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys 01:22:19.0779 1452 Npfs - ok 01:22:19.0815 1452 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll 01:22:19.0862 1452 nsi - ok 01:22:19.0894 1452 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys 01:22:19.0948 1452 nsiproxy - ok 01:22:20.0106 1452 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys 01:22:20.0195 1452 Ntfs - ok 01:22:20.0339 1452 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys 01:22:20.0379 1452 Null - ok 01:22:20.0418 1452 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys 01:22:20.0435 1452 nvraid - ok 01:22:20.0478 1452 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys 01:22:20.0511 1452 nvstor - ok 01:22:20.0587 1452 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys 01:22:20.0604 1452 nv_agp - ok 01:22:20.0639 1452 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys 01:22:20.0707 1452 ohci1394 - ok 01:22:20.0854 1452 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 01:22:20.0889 1452 ose - ok 01:22:21.0510 1452 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 01:22:21.0834 1452 osppsvc - ok 01:22:21.0956 1452 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll 01:22:22.0038 1452 p2pimsvc - ok 01:22:22.0084 1452 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll 01:22:22.0108 1452 p2psvc - ok 01:22:22.0213 1452 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys 01:22:22.0232 1452 Parport - ok 01:22:22.0281 1452 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys 01:22:22.0310 1452 partmgr - ok 01:22:22.0393 1452 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll 01:22:22.0569 1452 PcaSvc - ok 01:22:22.0687 1452 PCCUJobMgr (2f86be1818c2d7ac90478e3323ee7fcb) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\ccSvcHst.exe 01:22:22.0731 1452 PCCUJobMgr - ok 01:22:22.0765 1452 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys 01:22:22.0785 1452 pci - ok 01:22:22.0810 1452 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys 01:22:22.0826 1452 pciide - ok 01:22:22.0869 1452 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys 01:22:22.0912 1452 pcmcia - ok 01:22:22.0984 1452 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys 01:22:23.0085 1452 pcw - ok 01:22:23.0147 1452 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys 01:22:23.0211 1452 PEAUTH - ok 01:22:23.0307 1452 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe 01:22:23.0342 1452 PerfHost - ok 01:22:23.0411 1452 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys 01:22:23.0424 1452 PGEffect - ok 01:22:23.0650 1452 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll 01:22:23.0778 1452 pla - ok 01:22:23.0834 1452 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll 01:22:23.0998 1452 PlugPlay - ok 01:22:24.0130 1452 PMBDeviceInfoProvider (e9605a180001a6b5551112d91de92ca1) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe 01:22:24.0201 1452 PMBDeviceInfoProvider - ok 01:22:24.0249 1452 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll 01:22:24.0314 1452 PNRPAutoReg - ok 01:22:24.0369 1452 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll 01:22:24.0419 1452 PNRPsvc - ok 01:22:24.0502 1452 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll 01:22:24.0573 1452 PolicyAgent - ok 01:22:24.0627 1452 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll 01:22:24.0689 1452 Power - ok 01:22:24.0766 1452 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys 01:22:24.0937 1452 PptpMiniport - ok 01:22:25.0005 1452 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys 01:22:25.0035 1452 Processor - ok 01:22:25.0094 1452 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\windows\system32\profsvc.dll 01:22:25.0167 1452 ProfSvc - ok 01:22:25.0204 1452 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe 01:22:25.0231 1452 ProtectedStorage - ok 01:22:25.0276 1452 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys 01:22:25.0330 1452 Psched - ok 01:22:25.0703 1452 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys 01:22:25.0772 1452 ql2300 - ok 01:22:25.0878 1452 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys 01:22:25.0895 1452 ql40xx - ok 01:22:25.0934 1452 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll 01:22:25.0978 1452 QWAVE - ok 01:22:26.0008 1452 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys 01:22:26.0074 1452 QWAVEdrv - ok 01:22:26.0105 1452 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys 01:22:26.0158 1452 RasAcd - ok 01:22:26.0200 1452 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys 01:22:26.0241 1452 RasAgileVpn - ok 01:22:26.0277 1452 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll 01:22:26.0333 1452 RasAuto - ok 01:22:26.0391 1452 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys 01:22:26.0447 1452 Rasl2tp - ok 01:22:26.0525 1452 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll 01:22:26.0661 1452 RasMan - ok 01:22:26.0735 1452 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys 01:22:26.0804 1452 RasPppoe - ok 01:22:26.0854 1452 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys 01:22:26.0914 1452 RasSstp - ok 01:22:26.0972 1452 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys 01:22:27.0124 1452 rdbss - ok 01:22:27.0157 1452 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys 01:22:27.0187 1452 rdpbus - ok 01:22:27.0210 1452 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys 01:22:27.0388 1452 RDPCDD - ok 01:22:27.0426 1452 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys 01:22:27.0483 1452 RDPENCDD - ok 01:22:27.0501 1452 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys 01:22:27.0541 1452 RDPREFMP - ok 01:22:27.0605 1452 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys 01:22:27.0711 1452 RDPWD - ok 01:22:27.0768 1452 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys 01:22:27.0788 1452 rdyboost - ok 01:22:27.0819 1452 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll 01:22:27.0898 1452 RemoteAccess - ok 01:22:27.0941 1452 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll 01:22:28.0010 1452 RemoteRegistry - ok 01:22:28.0063 1452 RimUsb (ad42432d22940b4215177be113e4919c) C:\windows\system32\Drivers\RimUsb_AMD64.sys 01:22:28.0161 1452 RimUsb - ok 01:22:28.0226 1452 RimVSerPort (4aafffa67ac4dfa3d9985d78573887e2) C:\windows\system32\DRIVERS\RimSerial_AMD64.sys 01:22:28.0288 1452 RimVSerPort - ok 01:22:28.0360 1452 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\windows\system32\Drivers\RootMdm.sys 01:22:28.0414 1452 ROOTMODEM - ok 01:22:28.0450 1452 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll 01:22:28.0492 1452 RpcEptMapper - ok 01:22:28.0522 1452 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe 01:22:28.0555 1452 RpcLocator - ok 01:22:28.0611 1452 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll 01:22:28.0660 1452 RpcSs - ok 01:22:28.0697 1452 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys 01:22:28.0739 1452 rspndr - ok 01:22:28.0826 1452 RSUSBSTOR (907c4464381b5ebdfdc60f6c7d0dedfc) C:\windows\system32\Drivers\RtsUStor.sys 01:22:28.0876 1452 RSUSBSTOR - ok 01:22:28.0915 1452 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe 01:22:28.0941 1452 SamSs - ok 01:22:29.0013 1452 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys 01:22:29.0030 1452 sbp2port - ok 01:22:29.0065 1452 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll 01:22:29.0127 1452 SCardSvr - ok 01:22:29.0161 1452 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys 01:22:29.0216 1452 scfilter - ok 01:22:29.0289 1452 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll 01:22:29.0357 1452 Schedule - ok 01:22:29.0400 1452 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll 01:22:29.0439 1452 SCPolicySvc - ok 01:22:29.0501 1452 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll 01:22:29.0563 1452 SDRSVC - ok 01:22:29.0621 1452 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys 01:22:29.0674 1452 secdrv - ok 01:22:29.0718 1452 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll 01:22:29.0834 1452 seclogon - ok 01:22:29.0895 1452 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll 01:22:29.0938 1452 SENS - ok 01:22:29.0972 1452 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll 01:22:30.0046 1452 SensrSvc - ok 01:22:30.0084 1452 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys 01:22:30.0110 1452 Serenum - ok 01:22:30.0146 1452 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys 01:22:30.0164 1452 Serial - ok 01:22:30.0203 1452 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys 01:22:30.0227 1452 sermouse - ok 01:22:30.0287 1452 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll 01:22:30.0366 1452 SessionEnv - ok 01:22:30.0405 1452 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys 01:22:30.0477 1452 sffdisk - ok 01:22:30.0510 1452 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys 01:22:30.0544 1452 sffp_mmc - ok 01:22:30.0557 1452 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys 01:22:30.0584 1452 sffp_sd - ok 01:22:30.0615 1452 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys 01:22:30.0634 1452 sfloppy - ok 01:22:30.0789 1452 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\windows\system32\DRIVERS\Sftfslh.sys 01:22:30.0837 1452 Sftfs - ok 01:22:30.0950 1452 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 01:22:30.0972 1452 sftlist - ok 01:22:31.0070 1452 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\windows\system32\DRIVERS\Sftplaylh.sys 01:22:31.0160 1452 Sftplay - ok 01:22:31.0195 1452 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\windows\system32\DRIVERS\Sftredirlh.sys 01:22:31.0208 1452 Sftredir - ok 01:22:31.0229 1452 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\windows\system32\DRIVERS\Sftvollh.sys 01:22:31.0262 1452 Sftvol - ok 01:22:31.0294 1452 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 01:22:31.0310 1452 sftvsa - ok 01:22:31.0362 1452 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll 01:22:31.0438 1452 SharedAccess - ok 01:22:31.0630 1452 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll 01:22:31.0694 1452 ShellHWDetection - ok 01:22:31.0748 1452 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys 01:22:31.0765 1452 SiSRaid2 - ok 01:22:31.0789 1452 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys 01:22:31.0810 1452 SiSRaid4 - ok 01:22:31.0852 1452 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys 01:22:31.0894 1452 Smb - ok 01:22:31.0953 1452 SMR300 (10bc9f077fc149e4e0a40bae1d42a259) C:\windows\system32\drivers\SMR300.SYS 01:22:31.0984 1452 SMR300 - ok 01:22:32.0047 1452 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe 01:22:32.0068 1452 SNMPTRAP - ok 01:22:32.0106 1452 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys 01:22:32.0124 1452 spldr - ok 01:22:32.0203 1452 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe 01:22:32.0295 1452 Spooler - ok 01:22:32.0639 1452 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe 01:22:32.0803 1452 sppsvc - ok 01:22:32.0924 1452 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll 01:22:32.0977 1452 sppuinotify - ok 01:22:33.0159 1452 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\windows\System32\Drivers\N360x64\0502010.003\SRTSP64.SYS 01:22:33.0200 1452 SRTSP - ok 01:22:33.0244 1452 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\windows\system32\drivers\N360x64\0502010.003\SRTSPX64.SYS 01:22:33.0272 1452 SRTSPX - ok 01:22:33.0328 1452 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys 01:22:33.0420 1452 srv - ok 01:22:33.0461 1452 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys 01:22:33.0496 1452 srv2 - ok 01:22:33.0539 1452 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys 01:22:33.0567 1452 srvnet - ok 01:22:33.0616 1452 ssadbus (8f8324ed1de63ffc7b1a02cd2d963c72) C:\windows\system32\DRIVERS\ssadbus.sys 01:22:33.0701 1452 ssadbus - ok 01:22:33.0750 1452 ssadmdfl (58221efcb74167b73667f0024c661ce0) C:\windows\system32\DRIVERS\ssadmdfl.sys 01:22:33.0836 1452 ssadmdfl - ok 01:22:33.0871 1452 ssadmdm (4da7c71bfac5ad71255b7e4cab980163) C:\windows\system32\DRIVERS\ssadmdm.sys 01:22:33.0930 1452 ssadmdm - ok 01:22:33.0990 1452 ssadserd (d33d1bd3ec0e766211a234f56a12726d) C:\windows\system32\DRIVERS\ssadserd.sys 01:22:34.0019 1452 ssadserd - ok 01:22:34.0093 1452 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll 01:22:34.0184 1452 SSDPSRV - ok 01:22:34.0244 1452 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll 01:22:34.0319 1452 SstpSvc - ok 01:22:34.0362 1452 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys 01:22:34.0379 1452 stexstor - ok 01:22:34.0446 1452 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll 01:22:34.0489 1452 stisvc - ok 01:22:34.0525 1452 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys 01:22:34.0540 1452 swenum - ok 01:22:34.0576 1452 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll 01:22:34.0635 1452 swprv - ok 01:22:34.0743 1452 SymDS (6160145c7a87fc7672e8e3b886888176) C:\windows\system32\drivers\N360x64\0502010.003\SYMDS64.SYS 01:22:34.0806 1452 SymDS - ok 01:22:34.0900 1452 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\windows\system32\drivers\N360x64\0502010.003\SYMEFA64.SYS 01:22:34.0950 1452 SymEFA - ok 01:22:35.0022 1452 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\windows\system32\Drivers\SYMEVENT64x86.SYS 01:22:35.0079 1452 SymEvent - ok 01:22:35.0167 1452 SymIM (3aa3b2df451da88c38ab00b19fa3562e) C:\windows\system32\DRIVERS\SymIMv.sys 01:22:35.0180 1452 SymIM - ok 01:22:35.0250 1452 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\windows\system32\drivers\N360x64\0502010.003\Ironx64.SYS 01:22:35.0266 1452 SymIRON - ok 01:22:35.0303 1452 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\windows\System32\Drivers\N360x64\0502010.003\SYMNETS.SYS 01:22:35.0322 1452 SymNetS - ok 01:22:35.0378 1452 SynTP (470c47daba9ca3966f0ab3f835d7d135) C:\windows\system32\DRIVERS\SynTP.sys 01:22:35.0397 1452 SynTP - ok 01:22:35.0484 1452 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll 01:22:35.0556 1452 SysMain - ok 01:22:35.0689 1452 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll 01:22:35.0746 1452 TabletInputService - ok 01:22:35.0784 1452 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll 01:22:35.0874 1452 TapiSrv - ok 01:22:35.0927 1452 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll 01:22:35.0990 1452 TBS - ok 01:22:36.0248 1452 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys 01:22:36.0347 1452 Tcpip - ok 01:22:36.0701 1452 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys 01:22:36.0750 1452 TCPIP6 - ok 01:22:36.0922 1452 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys 01:22:37.0006 1452 tcpipreg - ok 01:22:37.0055 1452 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys 01:22:37.0070 1452 tdcmdpst - ok 01:22:37.0100 1452 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys 01:22:37.0159 1452 TDPIPE - ok 01:22:37.0189 1452 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys 01:22:37.0222 1452 TDTCP - ok 01:22:37.0263 1452 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys 01:22:37.0375 1452 tdx - ok 01:22:37.0416 1452 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys 01:22:37.0433 1452 TermDD - ok 01:22:37.0477 1452 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll 01:22:37.0560 1452 TermService - ok 01:22:37.0609 1452 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll 01:22:37.0651 1452 Themes - ok 01:22:37.0696 1452 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll 01:22:37.0740 1452 THREADORDER - ok 01:22:37.0890 1452 TMachInfo (f120967184a27e927052e8ddbb727851) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe 01:22:37.0925 1452 TMachInfo - ok 01:22:37.0974 1452 TODDSrv (ed32035bdfeced1ad66d459fd9cc1140) C:\windows\system32\TODDSrv.exe 01:22:37.0989 1452 TODDSrv - ok 01:22:38.0145 1452 TosCoSrv (db9719688c08f42705feb3f6a0c98b91) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe 01:22:38.0182 1452 TosCoSrv - ok 01:22:38.0274 1452 TOSHIBA HDD SSD Alert Service (74c2fa8c3765ee71a9c22182ec108457) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe 01:22:38.0287 1452 TOSHIBA HDD SSD Alert Service - ok 01:22:38.0344 1452 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll 01:22:38.0399 1452 TrkWks - ok 01:22:38.0539 1452 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe 01:22:38.0587 1452 TrustedInstaller - ok 01:22:38.0688 1452 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys 01:22:38.0750 1452 tssecsrv - ok 01:22:38.0776 1452 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys 01:22:38.0845 1452 TsUsbFlt - ok 01:22:38.0904 1452 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys 01:22:38.0951 1452 tunnel - ok 01:22:38.0999 1452 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS 01:22:39.0021 1452 TVALZ - ok 01:22:39.0087 1452 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys 01:22:39.0103 1452 uagp35 - ok 01:22:39.0151 1452 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys 01:22:39.0204 1452 udfs - ok 01:22:39.0256 1452 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe 01:22:39.0313 1452 UI0Detect - ok 01:22:39.0359 1452 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys 01:22:39.0375 1452 uliagpkx - ok 01:22:39.0417 1452 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys 01:22:39.0434 1452 umbus - ok 01:22:39.0469 1452 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys 01:22:39.0504 1452 UmPass - ok 01:22:39.0552 1452 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll 01:22:39.0597 1452 upnphost - ok 01:22:39.0642 1452 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys 01:22:39.0754 1452 usbccgp - ok 01:22:39.0797 1452 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys 01:22:39.0817 1452 usbcir - ok 01:22:39.0839 1452 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys 01:22:39.0873 1452 usbehci - ok 01:22:39.0902 1452 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys 01:22:39.0937 1452 usbhub - ok 01:22:39.0966 1452 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys 01:22:39.0997 1452 usbohci - ok 01:22:40.0028 1452 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys 01:22:40.0068 1452 usbprint - ok 01:22:40.0090 1452 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS 01:22:40.0164 1452 USBSTOR - ok 01:22:40.0222 1452 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\DRIVERS\usbuhci.sys 01:22:40.0251 1452 usbuhci - ok 01:22:40.0318 1452 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\system32\Drivers\usbvideo.sys 01:22:40.0339 1452 usbvideo - ok 01:22:40.0381 1452 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll 01:22:40.0429 1452 UxSms - ok 01:22:40.0461 1452 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe 01:22:40.0477 1452 VaultSvc - ok 01:22:40.0524 1452 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys 01:22:40.0539 1452 vdrvroot - ok 01:22:40.0625 1452 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe 01:22:40.0747 1452 vds - ok 01:22:40.0813 1452 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys 01:22:40.0834 1452 vga - ok 01:22:40.0861 1452 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys 01:22:40.0915 1452 VgaSave - ok 01:22:40.0968 1452 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys 01:22:40.0988 1452 vhdmp - ok 01:22:41.0007 1452 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys 01:22:41.0023 1452 viaide - ok 01:22:41.0065 1452 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys 01:22:41.0083 1452 volmgr - ok 01:22:41.0164 1452 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys 01:22:41.0199 1452 volmgrx - ok 01:22:41.0294 1452 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys 01:22:41.0315 1452 volsnap - ok 01:22:41.0365 1452 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys 01:22:41.0384 1452 vsmraid - ok 01:22:41.0531 1452 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe 01:22:41.0613 1452 VSS - ok 01:22:41.0732 1452 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys 01:22:41.0767 1452 vwifibus - ok 01:22:41.0800 1452 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys 01:22:41.0838 1452 vwififlt - ok 01:22:41.0881 1452 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys 01:22:41.0916 1452 vwifimp - ok 01:22:41.0959 1452 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll 01:22:42.0006 1452 W32Time - ok 01:22:42.0039 1452 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys 01:22:42.0068 1452 WacomPen - ok 01:22:42.0125 1452 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys 01:22:42.0184 1452 WANARP - ok 01:22:42.0201 1452 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys 01:22:42.0275 1452 Wanarpv6 - ok 01:22:42.0380 1452 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe 01:22:42.0443 1452 WatAdminSvc - ok 01:22:42.0521 1452 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe 01:22:42.0626 1452 wbengine - ok 01:22:42.0728 1452 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll 01:22:42.0811 1452 WbioSrvc - ok 01:22:42.0864 1452 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll 01:22:42.0943 1452 wcncsvc - ok 01:22:42.0984 1452 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll 01:22:43.0108 1452 WcsPlugInService - ok 01:22:43.0165 1452 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys 01:22:43.0180 1452 Wd - ok 01:22:43.0222 1452 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys 01:22:43.0259 1452 Wdf01000 - ok 01:22:43.0283 1452 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll 01:22:43.0375 1452 WdiServiceHost - ok 01:22:43.0386 1452 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll 01:22:43.0410 1452 WdiSystemHost - ok 01:22:43.0519 1452 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll 01:22:43.0556 1452 WebClient - ok 01:22:43.0594 1452 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll 01:22:43.0654 1452 Wecsvc - ok 01:22:43.0734 1452 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll 01:22:43.0856 1452 wercplsupport - ok 01:22:43.0904 1452 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll 01:22:43.0983 1452 WerSvc - ok 01:22:44.0051 1452 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys 01:22:44.0092 1452 WfpLwf - ok 01:22:44.0131 1452 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys 01:22:44.0151 1452 WIMMount - ok 01:22:44.0200 1452 WinDefend - ok 01:22:44.0216 1452 WinHttpAutoProxySvc - ok 01:22:44.0292 1452 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll 01:22:44.0344 1452 Winmgmt - ok 01:22:44.0573 1452 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll 01:22:44.0710 1452 WinRM - ok 01:22:44.0858 1452 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys 01:22:44.0905 1452 WinUsb - ok 01:22:45.0038 1452 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll 01:22:45.0108 1452 Wlansvc - ok 01:22:45.0209 1452 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 01:22:45.0244 1452 wlcrasvc - ok 01:22:45.0456 1452 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 01:22:45.0541 1452 wlidsvc - ok 01:22:45.0719 1452 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys 01:22:45.0758 1452 WmiAcpi - ok 01:22:45.0829 1452 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe 01:22:45.0857 1452 wmiApSrv - ok 01:22:45.0929 1452 WMPNetworkSvc - ok 01:22:45.0970 1452 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll 01:22:46.0046 1452 WPCSvc - ok 01:22:46.0088 1452 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll 01:22:46.0174 1452 WPDBusEnum - ok 01:22:46.0216 1452 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys 01:22:46.0262 1452 ws2ifsl - ok 01:22:46.0327 1452 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll 01:22:46.0371 1452 wscsvc - ok 01:22:46.0383 1452 WSearch - ok 01:22:46.0531 1452 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\windows\system32\wuaueng.dll 01:22:46.0665 1452 wuauserv - ok 01:22:46.0797 1452 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys 01:22:46.0853 1452 WudfPf - ok 01:22:46.0917 1452 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys 01:22:46.0971 1452 WUDFRd - ok 01:22:47.0011 1452 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll 01:22:47.0053 1452 wudfsvc - ok 01:22:47.0087 1452 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll 01:22:47.0141 1452 WwanSvc - ok 01:22:47.0204 1452 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0 01:22:47.0745 1452 \Device\Harddisk0\DR0 - ok 01:22:47.0778 1452 Boot (0x1200) (f0dd1e264c067963ab34e1dd5ea255a7) \Device\Harddisk0\DR0\Partition0 01:22:47.0779 1452 \Device\Harddisk0\DR0\Partition0 - ok 01:22:47.0783 1452 ============================================================ 01:22:47.0783 1452 Scan finished 01:22:47.0783 1452 ============================================================ 01:22:47.0803 6548 Detected object count: 0 01:22:47.0803 6548 Actual detected object count: 0 01:23:09.0069 4344 Deinitialize success
  7. InMyMind
    Sometimes I get flash crashes, and few times now today my browser has frozen up and asked if I wanted to wait for it to respond (chrome did this today sometimes firefox does too and usually Im not running much) . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 7/29/2011 3:18:57 PM System Uptime: 6/14/2012 10:35:41 PM (4 hours ago) . Motherboard: TOSHIBA | | Portable PC Processor: Intel® Celeron® CPU 925 @ 2.30GHz | CPU | 2294/800mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 221 GiB total, 155.535 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP204: 6/3/2012 10:04:45 PM - Windows Backup RP205: 6/4/2012 9:17:35 PM - Windows Update RP206: 6/8/2012 6:13:05 AM - Windows Update RP207: 6/10/2012 11:58:29 PM - Windows Backup RP208: 6/12/2012 1:09:13 AM - Windows Update RP209: 6/12/2012 7:36:25 PM - Windows Update . ==== Installed Programs ====================== . Adobe AIR Adobe Community Help Adobe Content Viewer Adobe Download Assistant Adobe Flash Player 11 Plugin Adobe Reader X (10.1.3) Akamai NetSession Interface Amazon Links Apple Application Support Apple Software Update Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver Atheros Driver Installation Program Audacity 1.2.6 Bicycle Canasta BlackBerry Desktop Software 6.1 Constant Guard Protection Suite Cooking Academy 2 - World Cuisine D3DX10 Google Chrome GuardedID Hot Dish 2 Intel® Graphics Media Accelerator Driver Java Auto Updater Java 6 Update 32 Junk Mail filter update Label@Once 1.0 LAME v3.98.3 for Audacity Malwarebytes Anti-Malware version 1.61.0.1400 Mesh Runtime Microsoft Office 2010 Microsoft Office Click-to-Run 2010 Microsoft Office Starter 2010 - English Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft_VC80_ATL_x86 Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_ATL_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFCLOC_x86 Mozilla Firefox 12.0 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB973685) Nertz Solitaire Norton Security Suite Octoshape add-in for Adobe Flash Player ooVoo PhotoScape PlayReady PC Runtime x86 PMB Polar Bowler QuickTime Realtek USB 2.0 Card Reader Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Shrek 2: Ogre Bowler Skip-Bo - Castaway Caper Stand O'Food Stand O'Food 3 Tic-A-Tac Royale Toshiba App Place TOSHIBA Application Installer TOSHIBA Assist Toshiba Book Place TOSHIBA Bulletin Board TOSHIBA Face Recognition TOSHIBA Hardware Setup TOSHIBA HDD/SSD Alert Toshiba Laptop Checkup TOSHIBA Media Controller TOSHIBA Media Controller Plug-in Toshiba Online Backup TOSHIBA Quality Application TOSHIBA ReelTime TOSHIBA Service Station TOSHIBA Supervisor Password TOSHIBA Value Added Package TOSHIBA Web Camera Application ToshibaRegistration Tradewinds 2 Tradewinds Legends Tradewinds Odyssey Unity Web Player Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update Installer for WildTangent Games App Wedding Dash ® 4-Ever WildTangent Games WildTangent Games App WildTangent Games App (Toshiba Games) Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Zombie Bowl-o-Rama . ==== Event Viewer Messages From Past Week ======== . 6/13/2012 2:05:31 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running. 6/13/2012 2:05:01 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 6/13/2012 2:05:01 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535. 6/13/2012 10:09:15 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the N360 service. 6/12/2012 12:57:18 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PCCUJobMgr service. 6/12/2012 12:57:18 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IDVaultSvc service. 6/10/2012 11:56:31 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service. 6/10/2012 11:55:29 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Appinfo service. . ==== End Of File =========================== nothin to remove Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Database version: v2012.06.15.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Elyse :: ELYSE-VRUS [administrator] Protection: Enabled 6/15/2012 2:05:14 PM mbam-log-2012-06-15 (14-05-14).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 225048 Time elapsed: 6 minute(s), 42 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  8. InMyMind
    Sorrry neededcorrect this... its ar.voicefive or something like that
  9. InMyMind
    I have a feeling that the culprit is the program Oovoo, but I dont click any of their ads. lot of the cookies are from rubicon project (pixel, tap, and others). The ar.voicesurveys comes up in firefox (even when Im not using firefox but using chrome) I tried scanning with windows defender, norton and malwarebytes along with other tools I have had on my computer from trying to fix it before. I scanned with Norton Power Tool remover it found 3 items in windows folder but it said status was unknown and i was unsure if I should remove it or not. I suspect this is adware but may be more to it, knowing these cookies like to show up mostly when using oovoo which Im on everyday I do quick scans more often to remove them, but please help if you can. Also today which is what made me run here for help, I got a pop up from tap.rubiconproject.js and javascriptw as trying to attack my computer this time on chrome. . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_32 Run by Elyse at 2:39:32 on 2012-06-15 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1916.976 [GMT -5:00] . AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\windows\system32\wininit.exe C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k NetworkService C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\ccSvcHst.exe C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\windows\system32\svchost.exe -k imgsvc C:\windows\system32\TODDSrv.exe C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\windows\system32\taskhost.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\ccSvcHst.exe C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\windows\system32\SearchIndexer.exe C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe C:\Users\Elyse\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe C:\Program Files (x86)\SFT\GuardedID\GIDD.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Users\Elyse\AppData\Local\Akamai\netsession_win.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\SFT\GuardedID\x64\GIDD.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Windows Media Player\wmpnetwk.exe C:\windows\system32\DllHost.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\SymcPCCULaunchSvc.exe C:\windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe C:\windows\system32\svchost.exe -k SDRSVC C:\Users\Elyse\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Elyse\AppData\Local\Google\Chrome\Application\chrome.exe C:\windows\SysWOW64\rundll32.exe C:\Users\Elyse\AppData\Local\Google\Chrome\Application\chrome.exe C:\windows\SysWOW64\cmd.exe C:\windows\system32\conhost.exe C:\windows\SysWOW64\cscript.exe C:\windows\system32\wbem\wmiprvse.exe C:\windows\System32\svchost.exe -k WerSvcGroup . ============== Pseudo HJT Report =============== . uStart Page = hxxp://start.toshiba.com/g/ uDefault_Page_URL = hxxp://start.toshiba.com/g/ uInternet Settings,ProxyOverride = <local>;*.local;127.0.0.1:9421; mWinlogon: Userinit=userinit.exe BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\coIEPlg.dll BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\IPS\IPSBHO.DLL BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Constant Guard Protection Suite (COM): {b84cdbe7-1b46-494b-a188-01d4c52deb61} - C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.1.613.0\NativeBHO.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: TOSHIBA Media Controller Plug-in: {f3c88694-effa-4d78-b409-54b7b2535b14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\coIEPlg.dll TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File uRun: [Google Update] "C:\Users\Elyse\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [Akamai NetSession Interface] "C:\Users\Elyse\AppData\Local\Akamai\netsession_win.exe" mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [GIDDesktop] C:\Program Files (x86)\SFT\GuardedID\gidd.exe /s mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=SUFaUDItUko3UFItN0dOTVUtQUJMRTYtVFBRQ0ktNg"&"inst=NzYtOTQxMjkxMDgwLVNUMTJGT0krMS1ERFQrMC1TVDEyQVBQKzEtRVVMQSsx"&"prod=94"&"ver=2012.0.1831"&"mid=86ef1b55244c47d1826d147051f085d3-6e22f5d63c56d589da72ca653a04c7ccfd2dbc31 StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CONSTA~1.LNK - C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab TCP: DhcpNameServer = 75.75.76.76 75.75.75.75 TCP: Interfaces\{469557A4-DAB8-4F4B-9507-9A53D62A86E2} : DhcpNameServer = 75.75.76.76 75.75.75.75 TCP: Interfaces\{B0CF229C-158A-4044-BCC7-4433A16FF421} : DhcpNameServer = 75.75.76.76 75.75.75.75 TCP: Interfaces\{B0CF229C-158A-4044-BCC7-4433A16FF421}\2456C6B696E6F5E4F575962756C6563737F5331383733324 : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{B0CF229C-158A-4044-BCC7-4433A16FF421}\45D2D4F62696C656022427F616462616E6466383 : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{B0CF229C-158A-4044-BCC7-4433A16FF421}\642756562612274637 : DhcpNameServer = 64.105.97.90 64.105.113.138 4.2.2.1 TCP: Interfaces\{B0CF229C-158A-4044-BCC7-4433A16FF421}\863636 : DhcpNameServer = 10.3.2.4 198.64.7.3 TCP: Interfaces\{B0CF229C-158A-4044-BCC7-4433A16FF421}\D414340264F6270275F6D656E6 : DhcpNameServer = 192.168.1.1 Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll mASetup: {9191979D-821C-4EA8-B021-2DA1D859A7C5}-3Reg - C:\Program Files (x86)\SFT\GuardedID\gidi.exe /v BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\coIEPlg.dll BHO-X64: Symantec NCO BHO - No File BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\IPS\IPSBHO.DLL BHO-X64: Symantec Intrusion Prevention - No File BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Constant Guard Protection Suite (COM): {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.1.613.0\NativeBHO.dll BHO-X64: Constant Guard Protection Suite (COM) - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\coIEPlg.dll TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File mRun-x64: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [GIDDesktop] C:\Program Files (x86)\SFT\GuardedID\gidd.exe /s mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRunOnce-x64: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=SUFaUDItUko3UFItN0dOTVUtQUJMRTYtVFBRQ0ktNg"&"inst=NzYtOTQxMjkxMDgwLVNUMTJGT0krMS1ERFQrMC1TVDEyQVBQKzEtRVVMQSsx"&"prod=94"&"ver=2012.0.1831"&"mid=86ef1b55244c47d1826d147051f085d3-6e22f5d63c56d589da72ca653a04c7ccfd2dbc31 . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Elyse\AppData\Roaming\Mozilla\Firefox\Profiles\4h79tzjr.default\ FF - prefs.js: browser.search.selectedEngine - Search & Win FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll FF - plugin: C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Elyse\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll FF - plugin: C:\windows\SysWOW64\npdeployJava1.dll FF - plugin: C:\windows\SysWOW64\npmproxy.dll . ============= SERVICES / DRIVERS =============== . . =============== Created Last 30 ================ . 2012-06-14 09:45:52 96376 ----a-w- C:\windows\System32\drivers\SMR300.SYS 2012-06-14 09:43:53 -------- d-----w- C:\Users\Elyse\AppData\Local\NPE 2012-06-13 00:38:59 304640 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll 2012-06-13 00:20:42 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll 2012-06-13 00:05:50 9216 ----a-w- C:\windows\System32\rdrmemptylst.exe 2012-06-13 00:05:50 77312 ----a-w- C:\windows\System32\rdpwsx.dll 2012-06-13 00:05:50 149504 ----a-w- C:\windows\System32\rdpcorekmts.dll 2012-06-13 00:05:29 209920 ----a-w- C:\windows\System32\profsvc.dll 2012-06-13 00:05:24 5559664 ----a-w- C:\windows\System32\ntoskrnl.exe 2012-06-13 00:05:14 3913072 ----a-w- C:\windows\SysWow64\ntoskrnl.exe 2012-06-13 00:04:58 3968368 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe 2012-06-13 00:04:40 3146752 ----a-w- C:\windows\System32\win32k.sys 2012-06-13 00:04:33 210944 ----a-w- C:\windows\System32\drivers\rdpwd.sys 2012-06-13 00:04:12 3216384 ----a-w- C:\windows\System32\msi.dll 2012-06-13 00:04:09 2342400 ----a-w- C:\windows\SysWow64\msi.dll 2012-06-13 00:03:34 1462272 ----a-w- C:\windows\System32\crypt32.dll 2012-06-13 00:03:33 184320 ----a-w- C:\windows\System32\cryptsvc.dll 2012-06-13 00:03:33 140288 ----a-w- C:\windows\System32\cryptnet.dll 2012-06-13 00:03:33 1158656 ----a-w- C:\windows\SysWow64\crypt32.dll 2012-06-13 00:03:32 140288 ----a-w- C:\windows\SysWow64\cryptsvc.dll 2012-06-13 00:03:32 103936 ----a-w- C:\windows\SysWow64\cryptnet.dll 2012-06-12 06:10:32 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2082224D-5F5F-42A4-9386-A55402B5E25F}\mpengine.dll 2012-06-09 06:59:59 -------- d-----w- C:\Users\Elyse\AppData\Local\Macromedia 2012-05-30 23:12:47 476960 ----a-w- C:\windows\SysWow64\npdeployJava1.dll 2012-05-24 05:16:57 -------- d-----w- C:\Users\Elyse\AppData\Local\{FD9194A0-0417-4F19-B4E6-7F5CF98BB046} . ==================== Find3M ==================== . 2012-06-09 06:59:21 70344 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-06-09 06:59:21 426184 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe 2012-05-30 23:12:25 472864 ----a-w- C:\windows\SysWow64\deployJava1.dll 2012-05-18 02:06:48 2311680 ----a-w- C:\windows\System32\jscript9.dll 2012-05-18 01:59:14 1392128 ----a-w- C:\windows\System32\wininet.dll 2012-05-18 01:58:39 1494528 ----a-w- C:\windows\System32\inetcpl.cpl 2012-05-18 01:55:22 173056 ----a-w- C:\windows\System32\ieUnatt.exe 2012-05-18 01:51:30 2382848 ----a-w- C:\windows\System32\mshtml.tlb 2012-05-17 22:45:37 1800192 ----a-w- C:\windows\SysWow64\jscript9.dll 2012-05-17 22:35:47 1129472 ----a-w- C:\windows\SysWow64\wininet.dll 2012-05-17 22:35:39 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl 2012-05-17 22:29:45 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe 2012-05-17 22:24:45 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb 2012-05-12 07:12:36 0 ----a-w- C:\windows\SysWow64\sho940E.tmp 2012-05-10 08:19:02 0 ----a-w- C:\windows\SysWow64\sho7254.tmp 2012-05-04 19:28:05 8744608 ----a-w- C:\windows\SysWow64\FlashPlayerInstaller.exe 2012-04-19 01:56:30 94208 ----a-w- C:\windows\SysWow64\QuickTimeVR.qtx 2012-04-19 01:56:30 69632 ----a-w- C:\windows\SysWow64\QuickTime.qts 2012-04-04 20:56:40 24904 ----a-w- C:\windows\System32\drivers\mbam.sys 2012-03-30 11:35:47 1918320 ----a-w- C:\windows\System32\drivers\tcpip.sys 2012-03-17 07:58:57 75120 ----a-w- C:\windows\System32\drivers\partmgr.sys . ============= FINISH: 2:42:03.75 ===============
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.