InMyMind
-
Posts
9 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by InMyMind
-
-
tried running it, Norton had a pop up saying less than 5 users had the file... I went to run it anyways and Norton detected and deleted TFC, Ive had this on my computer before but it had never been picked up by Norton like this
-
-
Finally figured out how to disable every part of norton (I read the log and for some reason it said it was still active), system rebooted and it wouldnt let me get the combofix log, I wasnt alarmed until I tried to open a browser to come post and it said that my combofix log and browsers, notepad, and almost anything I tried to open was a registry key set for deletion. So I bootedin safe mode and almost restored my computer to an earlier date but decided to see if my computer would boot up and work in a regular boot, and it has (I backed up the combofix log if it wouldnt have started and I had to restore)
ComboFix 12-06-16.02 - Elyse 06/18/2012 21:04:11.1.1 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1916.839 [GMT -5:00]
Running from: c:\users\Elyse\Desktop\combofix.exe
Command switches used :: /nombr
AV: Norton Security Suite *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Security Suite *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\windows\system32\Thumbs.db
.
.
((((((((((((((((((((((((( Files Created from 2012-05-19 to 2012-06-19 )))))))))))))))))))))))))))))))
.
.
2012-06-19 02:12 . 2012-06-19 02:12 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-06-19 02:12 . 2012-06-19 02:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-19 01:36 . 2012-06-19 01:36 0 ----a-w- c:\windows\SysWow64\sho51C.tmp
2012-06-17 17:57 . 2012-06-17 17:57 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-17 17:57 . 2012-06-17 17:57 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-15 11:17 . 2012-06-15 11:17 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F1C2E78D-7F07-4BEC-957A-B5C9FB183580}\offreg.dll
2012-06-15 11:17 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F1C2E78D-7F07-4BEC-957A-B5C9FB183580}\mpengine.dll
2012-06-14 09:43 . 2012-06-14 10:06 -------- d-----w- c:\users\Elyse\AppData\Local\NPE
2012-06-13 00:38 . 2012-05-18 01:56 304640 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2012-06-13 00:20 . 2012-06-13 00:20 159744 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
2012-06-13 00:05 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-13 00:05 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-13 00:05 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-13 00:05 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-06-13 00:05 . 2012-05-04 11:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-06-13 00:05 . 2012-05-04 10:03 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-06-13 00:04 . 2012-05-04 10:03 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-06-13 00:04 . 2012-05-15 01:32 3146752 ----a-w- c:\windows\system32\win32k.sys
2012-06-13 00:04 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-13 00:04 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll
2012-06-13 00:04 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\SysWow64\msi.dll
2012-06-13 00:03 . 2012-04-24 05:37 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-06-13 00:03 . 2012-04-24 05:37 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-13 00:03 . 2012-04-24 05:37 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-13 00:03 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-06-13 00:03 . 2012-04-24 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-06-13 00:03 . 2012-04-24 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-06-09 06:59 . 2012-06-09 06:59 -------- d-----w- c:\users\Elyse\AppData\Local\Macromedia
2012-05-30 23:12 . 2012-05-30 23:12 476960 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-05-27 19:42 . 2012-05-27 19:42 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-09 06:59 . 2012-04-02 19:16 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-09 06:59 . 2011-09-08 18:45 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-30 23:12 . 2011-08-02 07:52 472864 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-05-12 07:12 . 2012-05-12 07:12 0 ----a-w- c:\windows\SysWow64\sho940E.tmp
2012-05-10 08:19 . 2012-05-10 08:19 0 ----a-w- c:\windows\SysWow64\sho7254.tmp
2012-05-04 19:28 . 2012-04-02 19:28 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-19 01:56 . 2012-04-19 01:56 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-04-19 01:56 . 2012-04-19 01:56 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2012-04-04 20:56 . 2011-10-11 19:24 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-30 11:35 . 2012-05-09 19:16 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\Elyse\AppData\Local\Akamai\netsession_win.exe" [2012-05-08 3331872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2011-02-11 1295736]
"NortonOnlineBackupReminder"="c:\program files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" [2010-08-17 3218792]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"GIDDesktop"="c:\program files (x86)\SFT\GuardedID\gidd.exe" [2011-07-05 395528]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Constant Guard.lnk - c:\program files (x86)\Constant Guard Protection Suite\IDVault.exe [2012-6-13 6534768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-09 257224]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-17 113120]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [x]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-02-11 54136]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-06 137560]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\0502010.003\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\0502010.003\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120531.001\BHDrvx64.sys [2012-04-02 1160824]
S1 GIDv2;GIDv2; [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120613.007\IDSvia64.sys [2012-06-14 488568]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\0502010.003\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\0502010.003\SYMNETS.SYS [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 IDVaultSvc;CGPS Service;c:\program files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe [2012-06-13 66160]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 N360;Norton Security Suite;c:\program files (x86)\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe [2011-04-17 130008]
S2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;c:\program files (x86)\Norton PC Checkup\Engine\2.0.5.60\SymcPCCULaunchSvc.exe [2011-12-07 135608]
S2 PCCUJobMgr;Common Client Job Manager Service;c:\program files (x86)\Norton PC Checkup\Engine\2.0.5.60\ccSvcHst.exe [2009-08-24 126392]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2011-03-15 428384]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-05-31 138912]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{9191979D-821C-4EA8-B021-2DA1D859A7C5}-3Reg]
2011-07-05 15:26 435976 ----a-w- c:\program files (x86)\SFT\GuardedID\GIDI.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 06:59]
.
2012-06-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3130455298-971642170-3200459864-1000Core.job
- c:\users\Elyse\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-21 19:09]
.
2012-06-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3130455298-971642170-3200459864-1000UA.job
- c:\users\Elyse\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-21 19:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-03-18 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-03-18 391192]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-03-18 410648]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-03-22 521272]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-06 709976]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2010-04-28 307768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://start.toshiba.com/g/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>;*.local;127.0.0.1:9421;
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
TCP: DhcpNameServer = 75.75.76.76 75.75.75.75
FF - ProfilePath - c:\users\Elyse\AppData\Roaming\Mozilla\Firefox\Profiles\4h79tzjr.default\
FF - prefs.js: browser.search.selectedEngine - Search & Win
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-(Default) - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton Security Suite\Engine\5.2.1.3\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCCUJobMgr]
"ImagePath"="\"c:\program files (x86)\Norton PC Checkup\Engine\2.0.5.60\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files (x86)\Norton PC Checkup\Engine\2.0.5.60\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-06-18 21:25:19 - machine was rebooted
ComboFix-quarantined-files.txt 2012-06-19 02:25
.
Pre-Run: 168,806,428,672 bytes free
Post-Run: 168,665,460,736 bytes free
.
- - End Of File - - 7A55A68EE99914F00A520E1FC4309D19
-
I did everything the instructions told me when it came to disabling my AV and Malware programs but ComboFix kept telling me that my anti spyware: Norton was still running. Also I dont know if I did something wrong but it would do the extracting (black screen green text) but took a long time to pop up so Id run it again =\ but they all still said disable Norton. Also one time I spaced and pressed ok for it to run, but I closed the blue screen immediately.
-
01:21:31.0112 7544 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
01:21:32.0217 7544 ============================================================
01:21:32.0217 7544 Current date / time: 2012/06/16 01:21:32.0217
01:21:32.0217 7544 SystemInfo:
01:21:32.0217 7544
01:21:32.0218 7544 OS Version: 6.1.7601 ServicePack: 1.0
01:21:32.0218 7544 Product type: Workstation
01:21:32.0218 7544 ComputerName: ELYSE-VRUS
01:21:32.0218 7544 UserName: Elyse
01:21:32.0218 7544 Windows directory: C:\windows
01:21:32.0218 7544 System windows directory: C:\windows
01:21:32.0218 7544 Running under WOW64
01:21:32.0218 7544 Processor architecture: Intel x64
01:21:32.0218 7544 Number of processors: 1
01:21:32.0218 7544 Page size: 0x1000
01:21:32.0218 7544 Boot type: Normal boot
01:21:32.0218 7544 ============================================================
01:21:33.0907 7544 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:21:33.0930 7544 ============================================================
01:21:33.0930 7544 \Device\Harddisk0\DR0:
01:21:33.0930 7544 MBR partitions:
01:21:33.0930 7544 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1BA79000
01:21:33.0930 7544 ============================================================
01:21:33.0956 7544 C: <-> \Device\Harddisk0\DR0\Partition0
01:21:33.0976 7544 ============================================================
01:21:33.0976 7544 Initialize success
01:21:33.0976 7544 ============================================================
01:21:55.0199 1452 ============================================================
01:21:55.0199 1452 Scan started
01:21:55.0199 1452 Mode: Manual; SigCheck; TDLFS;
01:21:55.0199 1452 ============================================================
01:21:56.0181 1452 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
01:21:56.0491 1452 1394ohci - ok
01:21:56.0561 1452 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
01:21:56.0602 1452 ACPI - ok
01:21:56.0647 1452 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
01:21:56.0752 1452 AcpiPmi - ok
01:21:56.0882 1452 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
01:21:56.0899 1452 AdobeARMservice - ok
01:21:57.0143 1452 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
01:21:57.0186 1452 AdobeFlashPlayerUpdateSvc - ok
01:21:57.0339 1452 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
01:21:57.0365 1452 adp94xx - ok
01:21:57.0407 1452 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
01:21:57.0428 1452 adpahci - ok
01:21:57.0480 1452 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
01:21:57.0519 1452 adpu320 - ok
01:21:57.0564 1452 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
01:21:57.0713 1452 AeLookupSvc - ok
01:21:57.0771 1452 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
01:21:57.0867 1452 AFD - ok
01:21:57.0910 1452 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
01:21:57.0927 1452 agp440 - ok
01:21:57.0978 1452 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
01:21:58.0045 1452 ALG - ok
01:21:58.0084 1452 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
01:21:58.0099 1452 aliide - ok
01:21:58.0131 1452 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
01:21:58.0167 1452 amdide - ok
01:21:58.0221 1452 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
01:21:58.0295 1452 AmdK8 - ok
01:21:58.0320 1452 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
01:21:58.0363 1452 AmdPPM - ok
01:21:58.0414 1452 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
01:21:58.0447 1452 amdsata - ok
01:21:58.0495 1452 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
01:21:58.0518 1452 amdsbs - ok
01:21:58.0541 1452 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
01:21:58.0558 1452 amdxata - ok
01:21:58.0619 1452 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
01:21:58.0839 1452 AppID - ok
01:21:58.0875 1452 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
01:21:58.0959 1452 AppIDSvc - ok
01:21:59.0021 1452 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
01:21:59.0081 1452 Appinfo - ok
01:21:59.0199 1452 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
01:21:59.0232 1452 Apple Mobile Device - ok
01:21:59.0284 1452 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
01:21:59.0301 1452 arc - ok
01:21:59.0326 1452 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
01:21:59.0343 1452 arcsas - ok
01:21:59.0390 1452 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
01:21:59.0456 1452 AsyncMac - ok
01:21:59.0485 1452 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
01:21:59.0524 1452 atapi - ok
01:21:59.0611 1452 athr (d6cad7e5b05055bb8226bdcb1644da27) C:\windows\system32\DRIVERS\athrx.sys
01:21:59.0730 1452 athr - ok
01:21:59.0840 1452 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
01:21:59.0906 1452 AudioEndpointBuilder - ok
01:21:59.0919 1452 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
01:21:59.0967 1452 AudioSrv - ok
01:22:00.0028 1452 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
01:22:00.0144 1452 AxInstSV - ok
01:22:00.0215 1452 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
01:22:00.0290 1452 b06bdrv - ok
01:22:00.0340 1452 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
01:22:00.0374 1452 b57nd60a - ok
01:22:00.0434 1452 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
01:22:00.0509 1452 BDESVC - ok
01:22:00.0551 1452 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
01:22:00.0627 1452 Beep - ok
01:22:00.0695 1452 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
01:22:00.0754 1452 BFE - ok
01:22:00.0937 1452 BHDrvx64 (5b1fe9d351c284701c8051da2aa81df6) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120531.001\BHDrvx64.sys
01:22:01.0117 1452 BHDrvx64 - ok
01:22:01.0264 1452 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
01:22:01.0345 1452 BITS - ok
01:22:01.0400 1452 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
01:22:01.0429 1452 blbdrive - ok
01:22:01.0521 1452 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
01:22:01.0541 1452 Bonjour Service - ok
01:22:01.0570 1452 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
01:22:01.0624 1452 bowser - ok
01:22:01.0664 1452 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
01:22:01.0753 1452 BrFiltLo - ok
01:22:01.0811 1452 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
01:22:01.0831 1452 BrFiltUp - ok
01:22:01.0871 1452 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
01:22:01.0936 1452 Browser - ok
01:22:01.0975 1452 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
01:22:02.0038 1452 Brserid - ok
01:22:02.0072 1452 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
01:22:02.0105 1452 BrSerWdm - ok
01:22:02.0128 1452 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
01:22:02.0156 1452 BrUsbMdm - ok
01:22:02.0197 1452 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
01:22:02.0223 1452 BrUsbSer - ok
01:22:02.0245 1452 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
01:22:02.0273 1452 BTHMODEM - ok
01:22:02.0326 1452 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
01:22:02.0397 1452 bthserv - ok
01:22:02.0429 1452 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
01:22:02.0490 1452 cdfs - ok
01:22:02.0519 1452 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\drivers\cdrom.sys
01:22:02.0580 1452 cdrom - ok
01:22:02.0630 1452 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
01:22:02.0686 1452 CertPropSvc - ok
01:22:02.0722 1452 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
01:22:02.0742 1452 circlass - ok
01:22:02.0784 1452 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
01:22:02.0826 1452 CLFS - ok
01:22:02.0896 1452 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:22:02.0928 1452 clr_optimization_v2.0.50727_32 - ok
01:22:02.0995 1452 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
01:22:03.0022 1452 clr_optimization_v2.0.50727_64 - ok
01:22:03.0093 1452 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:22:03.0125 1452 clr_optimization_v4.0.30319_32 - ok
01:22:03.0182 1452 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
01:22:03.0208 1452 clr_optimization_v4.0.30319_64 - ok
01:22:03.0269 1452 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
01:22:03.0300 1452 CmBatt - ok
01:22:03.0335 1452 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
01:22:03.0351 1452 cmdide - ok
01:22:03.0401 1452 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
01:22:03.0452 1452 CNG - ok
01:22:03.0527 1452 CnxtHdAudService (66d12b53e117ef951d5e1ced03b4cc1b) C:\windows\system32\drivers\CHDRT64.sys
01:22:03.0575 1452 CnxtHdAudService - ok
01:22:03.0630 1452 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
01:22:03.0645 1452 Compbatt - ok
01:22:03.0699 1452 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
01:22:03.0737 1452 CompositeBus - ok
01:22:03.0755 1452 COMSysApp - ok
01:22:03.0800 1452 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
01:22:03.0816 1452 crcdisk - ok
01:22:03.0887 1452 CryptSvc (4f5414602e2544a4554d95517948b705) C:\windows\system32\cryptsvc.dll
01:22:03.0978 1452 CryptSvc - ok
01:22:04.0186 1452 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
01:22:04.0223 1452 cvhsvc - ok
01:22:04.0336 1452 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
01:22:04.0404 1452 DcomLaunch - ok
01:22:04.0466 1452 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
01:22:04.0538 1452 defragsvc - ok
01:22:04.0612 1452 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
01:22:04.0669 1452 DfsC - ok
01:22:04.0776 1452 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
01:22:04.0835 1452 Dhcp - ok
01:22:04.0874 1452 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
01:22:04.0939 1452 discache - ok
01:22:04.0985 1452 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
01:22:05.0002 1452 Disk - ok
01:22:05.0035 1452 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
01:22:05.0114 1452 Dnscache - ok
01:22:05.0150 1452 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
01:22:05.0206 1452 dot3svc - ok
01:22:05.0229 1452 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
01:22:05.0281 1452 DPS - ok
01:22:05.0323 1452 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
01:22:05.0355 1452 drmkaud - ok
01:22:05.0420 1452 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
01:22:05.0495 1452 DXGKrnl - ok
01:22:05.0530 1452 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
01:22:05.0584 1452 EapHost - ok
01:22:05.0718 1452 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
01:22:05.0852 1452 ebdrv - ok
01:22:05.0996 1452 eeCtrl (ba6420c1f7070ed8f1ba372844f3e1ec) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
01:22:06.0035 1452 eeCtrl - ok
01:22:06.0102 1452 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
01:22:06.0174 1452 EFS - ok
01:22:06.0249 1452 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
01:22:06.0329 1452 ehRecvr - ok
01:22:06.0361 1452 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
01:22:06.0451 1452 ehSched - ok
01:22:06.0517 1452 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
01:22:06.0542 1452 elxstor - ok
01:22:06.0676 1452 EraserUtilRebootDrv (1343df3451bc0c442dc69837c6fba21b) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
01:22:06.0707 1452 EraserUtilRebootDrv - ok
01:22:06.0750 1452 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
01:22:06.0782 1452 ErrDev - ok
01:22:06.0851 1452 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
01:22:06.0920 1452 EventSystem - ok
01:22:06.0954 1452 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
01:22:07.0013 1452 exfat - ok
01:22:07.0041 1452 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
01:22:07.0108 1452 fastfat - ok
01:22:07.0172 1452 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
01:22:07.0241 1452 Fax - ok
01:22:07.0281 1452 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
01:22:07.0311 1452 fdc - ok
01:22:07.0351 1452 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
01:22:07.0405 1452 fdPHost - ok
01:22:07.0429 1452 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
01:22:07.0482 1452 FDResPub - ok
01:22:07.0503 1452 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
01:22:07.0520 1452 FileInfo - ok
01:22:07.0537 1452 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
01:22:07.0601 1452 Filetrace - ok
01:22:07.0635 1452 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
01:22:07.0657 1452 flpydisk - ok
01:22:07.0701 1452 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
01:22:07.0722 1452 FltMgr - ok
01:22:07.0782 1452 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
01:22:07.0854 1452 FontCache - ok
01:22:07.0918 1452 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:22:07.0931 1452 FontCache3.0.0.0 - ok
01:22:07.0976 1452 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
01:22:07.0992 1452 FsDepends - ok
01:22:08.0023 1452 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
01:22:08.0055 1452 Fs_Rec - ok
01:22:08.0102 1452 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
01:22:08.0142 1452 fvevol - ok
01:22:08.0183 1452 FwLnk (60acb128e64c35c2b4e4aab1b0a5c293) C:\windows\system32\DRIVERS\FwLnk.sys
01:22:08.0247 1452 FwLnk - ok
01:22:08.0294 1452 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
01:22:08.0310 1452 gagp30kx - ok
01:22:08.0390 1452 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
01:22:08.0422 1452 GamesAppService - ok
01:22:08.0465 1452 GEARAspiWDM (af4dee5531395dee72b35b36c9671fd0) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
01:22:08.0491 1452 GEARAspiWDM - ok
01:22:08.0546 1452 GIDv2 (9ba22aee7f531ef9ce085cc2e1112bc4) C:\windows\system32\drivers\GIDv2.sys
01:22:08.0560 1452 GIDv2 - ok
01:22:08.0617 1452 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
01:22:08.0688 1452 gpsvc - ok
01:22:08.0716 1452 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
01:22:08.0784 1452 hcw85cir - ok
01:22:08.0836 1452 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
01:22:08.0873 1452 HdAudAddService - ok
01:22:08.0911 1452 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
01:22:08.0943 1452 HDAudBus - ok
01:22:08.0971 1452 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
01:22:09.0000 1452 HidBatt - ok
01:22:09.0022 1452 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
01:22:09.0060 1452 HidBth - ok
01:22:09.0095 1452 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
01:22:09.0127 1452 HidIr - ok
01:22:09.0168 1452 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
01:22:09.0243 1452 hidserv - ok
01:22:09.0289 1452 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
01:22:09.0307 1452 HidUsb - ok
01:22:09.0337 1452 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
01:22:09.0417 1452 hkmsvc - ok
01:22:09.0457 1452 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
01:22:09.0543 1452 HomeGroupListener - ok
01:22:09.0575 1452 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
01:22:09.0607 1452 HomeGroupProvider - ok
01:22:09.0653 1452 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
01:22:09.0669 1452 HpSAMD - ok
01:22:09.0728 1452 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
01:22:09.0810 1452 HTTP - ok
01:22:09.0847 1452 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
01:22:09.0878 1452 hwpolicy - ok
01:22:09.0922 1452 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
01:22:09.0944 1452 i8042prt - ok
01:22:09.0998 1452 iaStor (bbb3b6df1abb0fe35802ede85cc1c011) C:\windows\system32\DRIVERS\iaStor.sys
01:22:10.0015 1452 iaStor - ok
01:22:10.0072 1452 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
01:22:10.0095 1452 iaStorV - ok
01:22:10.0181 1452 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
01:22:10.0224 1452 idsvc - ok
01:22:10.0438 1452 IDSVia64 (4e9e0e5a3b0efeb27491c26be1d97fda) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120613.007\IDSvia64.sys
01:22:10.0464 1452 IDSVia64 - ok
01:22:10.0544 1452 IDVaultSvc (ebed410c201b7050c0f7cbbb0306656a) C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe
01:22:10.0557 1452 IDVaultSvc - ok
01:22:10.0981 1452 igfx (898ab5bfed7040d7ab07af01885eb944) C:\windows\system32\DRIVERS\igdkmd64.sys
01:22:11.0305 1452 igfx - ok
01:22:11.0481 1452 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
01:22:11.0496 1452 iirsp - ok
01:22:11.0589 1452 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
01:22:11.0651 1452 IKEEXT - ok
01:22:11.0691 1452 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
01:22:11.0706 1452 intelide - ok
01:22:11.0765 1452 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
01:22:11.0824 1452 intelppm - ok
01:22:11.0863 1452 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
01:22:11.0946 1452 IPBusEnum - ok
01:22:11.0984 1452 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
01:22:12.0044 1452 IpFilterDriver - ok
01:22:12.0105 1452 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
01:22:12.0169 1452 iphlpsvc - ok
01:22:12.0216 1452 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
01:22:12.0256 1452 IPMIDRV - ok
01:22:12.0314 1452 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
01:22:12.0361 1452 IPNAT - ok
01:22:12.0415 1452 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
01:22:12.0485 1452 IRENUM - ok
01:22:12.0540 1452 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
01:22:12.0556 1452 isapnp - ok
01:22:12.0587 1452 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
01:22:12.0607 1452 iScsiPrt - ok
01:22:12.0662 1452 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
01:22:12.0677 1452 kbdclass - ok
01:22:12.0718 1452 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\DRIVERS\kbdhid.sys
01:22:12.0765 1452 kbdhid - ok
01:22:12.0791 1452 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
01:22:12.0809 1452 KeyIso - ok
01:22:12.0843 1452 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
01:22:12.0879 1452 KSecDD - ok
01:22:12.0916 1452 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
01:22:12.0950 1452 KSecPkg - ok
01:22:12.0999 1452 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
01:22:13.0060 1452 ksthunk - ok
01:22:13.0102 1452 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
01:22:13.0177 1452 KtmRm - ok
01:22:13.0219 1452 L1C (655a5d8e80869781cce23760ada7e695) C:\windows\system32\DRIVERS\L1C62x64.sys
01:22:13.0253 1452 L1C - ok
01:22:13.0330 1452 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
01:22:13.0389 1452 LanmanServer - ok
01:22:13.0442 1452 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
01:22:13.0496 1452 LanmanWorkstation - ok
01:22:13.0547 1452 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
01:22:13.0596 1452 lltdio - ok
01:22:13.0653 1452 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
01:22:13.0727 1452 lltdsvc - ok
01:22:13.0743 1452 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
01:22:13.0784 1452 lmhosts - ok
01:22:13.0827 1452 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
01:22:13.0844 1452 LSI_FC - ok
01:22:13.0876 1452 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
01:22:13.0893 1452 LSI_SAS - ok
01:22:13.0932 1452 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
01:22:13.0949 1452 LSI_SAS2 - ok
01:22:13.0989 1452 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
01:22:14.0025 1452 LSI_SCSI - ok
01:22:14.0055 1452 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
01:22:14.0112 1452 luafv - ok
01:22:14.0196 1452 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\windows\system32\drivers\mbam.sys
01:22:14.0229 1452 MBAMProtector - ok
01:22:14.0353 1452 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
01:22:14.0377 1452 MBAMService - ok
01:22:14.0458 1452 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
01:22:14.0514 1452 Mcx2Svc - ok
01:22:14.0589 1452 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
01:22:14.0604 1452 megasas - ok
01:22:14.0640 1452 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
01:22:14.0660 1452 MegaSR - ok
01:22:14.0704 1452 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
01:22:14.0754 1452 MMCSS - ok
01:22:14.0780 1452 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
01:22:14.0909 1452 Modem - ok
01:22:14.0938 1452 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
01:22:14.0968 1452 monitor - ok
01:22:15.0024 1452 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
01:22:15.0040 1452 mouclass - ok
01:22:15.0089 1452 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
01:22:15.0123 1452 mouhid - ok
01:22:15.0157 1452 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
01:22:15.0174 1452 mountmgr - ok
01:22:15.0257 1452 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
01:22:15.0290 1452 MozillaMaintenance - ok
01:22:15.0331 1452 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
01:22:15.0349 1452 mpio - ok
01:22:15.0371 1452 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
01:22:15.0413 1452 mpsdrv - ok
01:22:15.0463 1452 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
01:22:15.0520 1452 MpsSvc - ok
01:22:15.0562 1452 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
01:22:15.0599 1452 MRxDAV - ok
01:22:15.0636 1452 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
01:22:15.0741 1452 mrxsmb - ok
01:22:15.0771 1452 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
01:22:15.0821 1452 mrxsmb10 - ok
01:22:15.0849 1452 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
01:22:15.0867 1452 mrxsmb20 - ok
01:22:15.0908 1452 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
01:22:15.0926 1452 msahci - ok
01:22:15.0966 1452 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
01:22:15.0983 1452 msdsm - ok
01:22:16.0034 1452 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
01:22:16.0069 1452 MSDTC - ok
01:22:16.0104 1452 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
01:22:16.0159 1452 Msfs - ok
01:22:16.0188 1452 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
01:22:16.0242 1452 mshidkmdf - ok
01:22:16.0273 1452 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
01:22:16.0314 1452 msisadrv - ok
01:22:16.0371 1452 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
01:22:16.0444 1452 MSiSCSI - ok
01:22:16.0454 1452 msiserver - ok
01:22:16.0526 1452 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
01:22:16.0577 1452 MSKSSRV - ok
01:22:16.0598 1452 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
01:22:16.0657 1452 MSPCLOCK - ok
01:22:16.0693 1452 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
01:22:16.0748 1452 MSPQM - ok
01:22:16.0784 1452 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
01:22:16.0820 1452 MsRPC - ok
01:22:16.0900 1452 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
01:22:16.0915 1452 mssmbios - ok
01:22:16.0953 1452 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
01:22:17.0009 1452 MSTEE - ok
01:22:17.0027 1452 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
01:22:17.0045 1452 MTConfig - ok
01:22:17.0069 1452 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
01:22:17.0097 1452 Mup - ok
01:22:17.0210 1452 N360 (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe
01:22:17.0224 1452 N360 - ok
01:22:17.0290 1452 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
01:22:17.0376 1452 napagent - ok
01:22:17.0442 1452 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
01:22:17.0500 1452 NativeWifiP - ok
01:22:17.0690 1452 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120614.032\ENG64.SYS
01:22:17.0705 1452 NAVENG - ok
01:22:17.0983 1452 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120614.032\EX64.SYS
01:22:18.0085 1452 NAVEX15 - ok
01:22:18.0275 1452 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
01:22:18.0327 1452 NDIS - ok
01:22:18.0389 1452 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
01:22:18.0436 1452 NdisCap - ok
01:22:18.0466 1452 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
01:22:18.0505 1452 NdisTapi - ok
01:22:18.0558 1452 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
01:22:18.0623 1452 Ndisuio - ok
01:22:18.0664 1452 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
01:22:18.0737 1452 NdisWan - ok
01:22:18.0778 1452 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
01:22:18.0832 1452 NDProxy - ok
01:22:18.0883 1452 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
01:22:18.0937 1452 NetBIOS - ok
01:22:19.0018 1452 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
01:22:19.0059 1452 NetBT - ok
01:22:19.0091 1452 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
01:22:19.0108 1452 Netlogon - ok
01:22:19.0168 1452 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
01:22:19.0227 1452 Netman - ok
01:22:19.0287 1452 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
01:22:19.0344 1452 netprofm - ok
01:22:19.0429 1452 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
01:22:19.0469 1452 NetTcpPortSharing - ok
01:22:19.0525 1452 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
01:22:19.0541 1452 nfrd960 - ok
01:22:19.0604 1452 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
01:22:19.0654 1452 NlaSvc - ok
01:22:19.0720 1452 Norton PC Checkup Application Launcher - ok
01:22:19.0739 1452 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
01:22:19.0779 1452 Npfs - ok
01:22:19.0815 1452 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
01:22:19.0862 1452 nsi - ok
01:22:19.0894 1452 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
01:22:19.0948 1452 nsiproxy - ok
01:22:20.0106 1452 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
01:22:20.0195 1452 Ntfs - ok
01:22:20.0339 1452 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
01:22:20.0379 1452 Null - ok
01:22:20.0418 1452 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
01:22:20.0435 1452 nvraid - ok
01:22:20.0478 1452 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
01:22:20.0511 1452 nvstor - ok
01:22:20.0587 1452 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
01:22:20.0604 1452 nv_agp - ok
01:22:20.0639 1452 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
01:22:20.0707 1452 ohci1394 - ok
01:22:20.0854 1452 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:22:20.0889 1452 ose - ok
01:22:21.0510 1452 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
01:22:21.0834 1452 osppsvc - ok
01:22:21.0956 1452 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
01:22:22.0038 1452 p2pimsvc - ok
01:22:22.0084 1452 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
01:22:22.0108 1452 p2psvc - ok
01:22:22.0213 1452 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
01:22:22.0232 1452 Parport - ok
01:22:22.0281 1452 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
01:22:22.0310 1452 partmgr - ok
01:22:22.0393 1452 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
01:22:22.0569 1452 PcaSvc - ok
01:22:22.0687 1452 PCCUJobMgr (2f86be1818c2d7ac90478e3323ee7fcb) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\ccSvcHst.exe
01:22:22.0731 1452 PCCUJobMgr - ok
01:22:22.0765 1452 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
01:22:22.0785 1452 pci - ok
01:22:22.0810 1452 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
01:22:22.0826 1452 pciide - ok
01:22:22.0869 1452 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
01:22:22.0912 1452 pcmcia - ok
01:22:22.0984 1452 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
01:22:23.0085 1452 pcw - ok
01:22:23.0147 1452 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
01:22:23.0211 1452 PEAUTH - ok
01:22:23.0307 1452 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
01:22:23.0342 1452 PerfHost - ok
01:22:23.0411 1452 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys
01:22:23.0424 1452 PGEffect - ok
01:22:23.0650 1452 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
01:22:23.0778 1452 pla - ok
01:22:23.0834 1452 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
01:22:23.0998 1452 PlugPlay - ok
01:22:24.0130 1452 PMBDeviceInfoProvider (e9605a180001a6b5551112d91de92ca1) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
01:22:24.0201 1452 PMBDeviceInfoProvider - ok
01:22:24.0249 1452 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
01:22:24.0314 1452 PNRPAutoReg - ok
01:22:24.0369 1452 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
01:22:24.0419 1452 PNRPsvc - ok
01:22:24.0502 1452 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
01:22:24.0573 1452 PolicyAgent - ok
01:22:24.0627 1452 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
01:22:24.0689 1452 Power - ok
01:22:24.0766 1452 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
01:22:24.0937 1452 PptpMiniport - ok
01:22:25.0005 1452 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
01:22:25.0035 1452 Processor - ok
01:22:25.0094 1452 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\windows\system32\profsvc.dll
01:22:25.0167 1452 ProfSvc - ok
01:22:25.0204 1452 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
01:22:25.0231 1452 ProtectedStorage - ok
01:22:25.0276 1452 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
01:22:25.0330 1452 Psched - ok
01:22:25.0703 1452 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
01:22:25.0772 1452 ql2300 - ok
01:22:25.0878 1452 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
01:22:25.0895 1452 ql40xx - ok
01:22:25.0934 1452 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
01:22:25.0978 1452 QWAVE - ok
01:22:26.0008 1452 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
01:22:26.0074 1452 QWAVEdrv - ok
01:22:26.0105 1452 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
01:22:26.0158 1452 RasAcd - ok
01:22:26.0200 1452 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
01:22:26.0241 1452 RasAgileVpn - ok
01:22:26.0277 1452 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
01:22:26.0333 1452 RasAuto - ok
01:22:26.0391 1452 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
01:22:26.0447 1452 Rasl2tp - ok
01:22:26.0525 1452 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
01:22:26.0661 1452 RasMan - ok
01:22:26.0735 1452 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
01:22:26.0804 1452 RasPppoe - ok
01:22:26.0854 1452 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
01:22:26.0914 1452 RasSstp - ok
01:22:26.0972 1452 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
01:22:27.0124 1452 rdbss - ok
01:22:27.0157 1452 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
01:22:27.0187 1452 rdpbus - ok
01:22:27.0210 1452 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
01:22:27.0388 1452 RDPCDD - ok
01:22:27.0426 1452 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
01:22:27.0483 1452 RDPENCDD - ok
01:22:27.0501 1452 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
01:22:27.0541 1452 RDPREFMP - ok
01:22:27.0605 1452 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys
01:22:27.0711 1452 RDPWD - ok
01:22:27.0768 1452 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
01:22:27.0788 1452 rdyboost - ok
01:22:27.0819 1452 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
01:22:27.0898 1452 RemoteAccess - ok
01:22:27.0941 1452 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
01:22:28.0010 1452 RemoteRegistry - ok
01:22:28.0063 1452 RimUsb (ad42432d22940b4215177be113e4919c) C:\windows\system32\Drivers\RimUsb_AMD64.sys
01:22:28.0161 1452 RimUsb - ok
01:22:28.0226 1452 RimVSerPort (4aafffa67ac4dfa3d9985d78573887e2) C:\windows\system32\DRIVERS\RimSerial_AMD64.sys
01:22:28.0288 1452 RimVSerPort - ok
01:22:28.0360 1452 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\windows\system32\Drivers\RootMdm.sys
01:22:28.0414 1452 ROOTMODEM - ok
01:22:28.0450 1452 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
01:22:28.0492 1452 RpcEptMapper - ok
01:22:28.0522 1452 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
01:22:28.0555 1452 RpcLocator - ok
01:22:28.0611 1452 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
01:22:28.0660 1452 RpcSs - ok
01:22:28.0697 1452 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
01:22:28.0739 1452 rspndr - ok
01:22:28.0826 1452 RSUSBSTOR (907c4464381b5ebdfdc60f6c7d0dedfc) C:\windows\system32\Drivers\RtsUStor.sys
01:22:28.0876 1452 RSUSBSTOR - ok
01:22:28.0915 1452 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
01:22:28.0941 1452 SamSs - ok
01:22:29.0013 1452 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
01:22:29.0030 1452 sbp2port - ok
01:22:29.0065 1452 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
01:22:29.0127 1452 SCardSvr - ok
01:22:29.0161 1452 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
01:22:29.0216 1452 scfilter - ok
01:22:29.0289 1452 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
01:22:29.0357 1452 Schedule - ok
01:22:29.0400 1452 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
01:22:29.0439 1452 SCPolicySvc - ok
01:22:29.0501 1452 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
01:22:29.0563 1452 SDRSVC - ok
01:22:29.0621 1452 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
01:22:29.0674 1452 secdrv - ok
01:22:29.0718 1452 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
01:22:29.0834 1452 seclogon - ok
01:22:29.0895 1452 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
01:22:29.0938 1452 SENS - ok
01:22:29.0972 1452 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
01:22:30.0046 1452 SensrSvc - ok
01:22:30.0084 1452 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
01:22:30.0110 1452 Serenum - ok
01:22:30.0146 1452 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
01:22:30.0164 1452 Serial - ok
01:22:30.0203 1452 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
01:22:30.0227 1452 sermouse - ok
01:22:30.0287 1452 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
01:22:30.0366 1452 SessionEnv - ok
01:22:30.0405 1452 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
01:22:30.0477 1452 sffdisk - ok
01:22:30.0510 1452 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
01:22:30.0544 1452 sffp_mmc - ok
01:22:30.0557 1452 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
01:22:30.0584 1452 sffp_sd - ok
01:22:30.0615 1452 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
01:22:30.0634 1452 sfloppy - ok
01:22:30.0789 1452 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\windows\system32\DRIVERS\Sftfslh.sys
01:22:30.0837 1452 Sftfs - ok
01:22:30.0950 1452 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
01:22:30.0972 1452 sftlist - ok
01:22:31.0070 1452 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\windows\system32\DRIVERS\Sftplaylh.sys
01:22:31.0160 1452 Sftplay - ok
01:22:31.0195 1452 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\windows\system32\DRIVERS\Sftredirlh.sys
01:22:31.0208 1452 Sftredir - ok
01:22:31.0229 1452 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\windows\system32\DRIVERS\Sftvollh.sys
01:22:31.0262 1452 Sftvol - ok
01:22:31.0294 1452 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
01:22:31.0310 1452 sftvsa - ok
01:22:31.0362 1452 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
01:22:31.0438 1452 SharedAccess - ok
01:22:31.0630 1452 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
01:22:31.0694 1452 ShellHWDetection - ok
01:22:31.0748 1452 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
01:22:31.0765 1452 SiSRaid2 - ok
01:22:31.0789 1452 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
01:22:31.0810 1452 SiSRaid4 - ok
01:22:31.0852 1452 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
01:22:31.0894 1452 Smb - ok
01:22:31.0953 1452 SMR300 (10bc9f077fc149e4e0a40bae1d42a259) C:\windows\system32\drivers\SMR300.SYS
01:22:31.0984 1452 SMR300 - ok
01:22:32.0047 1452 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
01:22:32.0068 1452 SNMPTRAP - ok
01:22:32.0106 1452 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
01:22:32.0124 1452 spldr - ok
01:22:32.0203 1452 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
01:22:32.0295 1452 Spooler - ok
01:22:32.0639 1452 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
01:22:32.0803 1452 sppsvc - ok
01:22:32.0924 1452 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
01:22:32.0977 1452 sppuinotify - ok
01:22:33.0159 1452 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\windows\System32\Drivers\N360x64\0502010.003\SRTSP64.SYS
01:22:33.0200 1452 SRTSP - ok
01:22:33.0244 1452 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\windows\system32\drivers\N360x64\0502010.003\SRTSPX64.SYS
01:22:33.0272 1452 SRTSPX - ok
01:22:33.0328 1452 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
01:22:33.0420 1452 srv - ok
01:22:33.0461 1452 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
01:22:33.0496 1452 srv2 - ok
01:22:33.0539 1452 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
01:22:33.0567 1452 srvnet - ok
01:22:33.0616 1452 ssadbus (8f8324ed1de63ffc7b1a02cd2d963c72) C:\windows\system32\DRIVERS\ssadbus.sys
01:22:33.0701 1452 ssadbus - ok
01:22:33.0750 1452 ssadmdfl (58221efcb74167b73667f0024c661ce0) C:\windows\system32\DRIVERS\ssadmdfl.sys
01:22:33.0836 1452 ssadmdfl - ok
01:22:33.0871 1452 ssadmdm (4da7c71bfac5ad71255b7e4cab980163) C:\windows\system32\DRIVERS\ssadmdm.sys
01:22:33.0930 1452 ssadmdm - ok
01:22:33.0990 1452 ssadserd (d33d1bd3ec0e766211a234f56a12726d) C:\windows\system32\DRIVERS\ssadserd.sys
01:22:34.0019 1452 ssadserd - ok
01:22:34.0093 1452 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
01:22:34.0184 1452 SSDPSRV - ok
01:22:34.0244 1452 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
01:22:34.0319 1452 SstpSvc - ok
01:22:34.0362 1452 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
01:22:34.0379 1452 stexstor - ok
01:22:34.0446 1452 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
01:22:34.0489 1452 stisvc - ok
01:22:34.0525 1452 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
01:22:34.0540 1452 swenum - ok
01:22:34.0576 1452 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
01:22:34.0635 1452 swprv - ok
01:22:34.0743 1452 SymDS (6160145c7a87fc7672e8e3b886888176) C:\windows\system32\drivers\N360x64\0502010.003\SYMDS64.SYS
01:22:34.0806 1452 SymDS - ok
01:22:34.0900 1452 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\windows\system32\drivers\N360x64\0502010.003\SYMEFA64.SYS
01:22:34.0950 1452 SymEFA - ok
01:22:35.0022 1452 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\windows\system32\Drivers\SYMEVENT64x86.SYS
01:22:35.0079 1452 SymEvent - ok
01:22:35.0167 1452 SymIM (3aa3b2df451da88c38ab00b19fa3562e) C:\windows\system32\DRIVERS\SymIMv.sys
01:22:35.0180 1452 SymIM - ok
01:22:35.0250 1452 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\windows\system32\drivers\N360x64\0502010.003\Ironx64.SYS
01:22:35.0266 1452 SymIRON - ok
01:22:35.0303 1452 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\windows\System32\Drivers\N360x64\0502010.003\SYMNETS.SYS
01:22:35.0322 1452 SymNetS - ok
01:22:35.0378 1452 SynTP (470c47daba9ca3966f0ab3f835d7d135) C:\windows\system32\DRIVERS\SynTP.sys
01:22:35.0397 1452 SynTP - ok
01:22:35.0484 1452 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
01:22:35.0556 1452 SysMain - ok
01:22:35.0689 1452 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
01:22:35.0746 1452 TabletInputService - ok
01:22:35.0784 1452 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
01:22:35.0874 1452 TapiSrv - ok
01:22:35.0927 1452 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
01:22:35.0990 1452 TBS - ok
01:22:36.0248 1452 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
01:22:36.0347 1452 Tcpip - ok
01:22:36.0701 1452 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
01:22:36.0750 1452 TCPIP6 - ok
01:22:36.0922 1452 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
01:22:37.0006 1452 tcpipreg - ok
01:22:37.0055 1452 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
01:22:37.0070 1452 tdcmdpst - ok
01:22:37.0100 1452 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
01:22:37.0159 1452 TDPIPE - ok
01:22:37.0189 1452 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
01:22:37.0222 1452 TDTCP - ok
01:22:37.0263 1452 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
01:22:37.0375 1452 tdx - ok
01:22:37.0416 1452 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
01:22:37.0433 1452 TermDD - ok
01:22:37.0477 1452 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
01:22:37.0560 1452 TermService - ok
01:22:37.0609 1452 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
01:22:37.0651 1452 Themes - ok
01:22:37.0696 1452 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
01:22:37.0740 1452 THREADORDER - ok
01:22:37.0890 1452 TMachInfo (f120967184a27e927052e8ddbb727851) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
01:22:37.0925 1452 TMachInfo - ok
01:22:37.0974 1452 TODDSrv (ed32035bdfeced1ad66d459fd9cc1140) C:\windows\system32\TODDSrv.exe
01:22:37.0989 1452 TODDSrv - ok
01:22:38.0145 1452 TosCoSrv (db9719688c08f42705feb3f6a0c98b91) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
01:22:38.0182 1452 TosCoSrv - ok
01:22:38.0274 1452 TOSHIBA HDD SSD Alert Service (74c2fa8c3765ee71a9c22182ec108457) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
01:22:38.0287 1452 TOSHIBA HDD SSD Alert Service - ok
01:22:38.0344 1452 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
01:22:38.0399 1452 TrkWks - ok
01:22:38.0539 1452 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
01:22:38.0587 1452 TrustedInstaller - ok
01:22:38.0688 1452 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
01:22:38.0750 1452 tssecsrv - ok
01:22:38.0776 1452 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
01:22:38.0845 1452 TsUsbFlt - ok
01:22:38.0904 1452 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
01:22:38.0951 1452 tunnel - ok
01:22:38.0999 1452 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
01:22:39.0021 1452 TVALZ - ok
01:22:39.0087 1452 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
01:22:39.0103 1452 uagp35 - ok
01:22:39.0151 1452 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
01:22:39.0204 1452 udfs - ok
01:22:39.0256 1452 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
01:22:39.0313 1452 UI0Detect - ok
01:22:39.0359 1452 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
01:22:39.0375 1452 uliagpkx - ok
01:22:39.0417 1452 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys
01:22:39.0434 1452 umbus - ok
01:22:39.0469 1452 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
01:22:39.0504 1452 UmPass - ok
01:22:39.0552 1452 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
01:22:39.0597 1452 upnphost - ok
01:22:39.0642 1452 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
01:22:39.0754 1452 usbccgp - ok
01:22:39.0797 1452 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
01:22:39.0817 1452 usbcir - ok
01:22:39.0839 1452 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
01:22:39.0873 1452 usbehci - ok
01:22:39.0902 1452 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
01:22:39.0937 1452 usbhub - ok
01:22:39.0966 1452 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
01:22:39.0997 1452 usbohci - ok
01:22:40.0028 1452 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
01:22:40.0068 1452 usbprint - ok
01:22:40.0090 1452 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
01:22:40.0164 1452 USBSTOR - ok
01:22:40.0222 1452 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\DRIVERS\usbuhci.sys
01:22:40.0251 1452 usbuhci - ok
01:22:40.0318 1452 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\system32\Drivers\usbvideo.sys
01:22:40.0339 1452 usbvideo - ok
01:22:40.0381 1452 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
01:22:40.0429 1452 UxSms - ok
01:22:40.0461 1452 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
01:22:40.0477 1452 VaultSvc - ok
01:22:40.0524 1452 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
01:22:40.0539 1452 vdrvroot - ok
01:22:40.0625 1452 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
01:22:40.0747 1452 vds - ok
01:22:40.0813 1452 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
01:22:40.0834 1452 vga - ok
01:22:40.0861 1452 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
01:22:40.0915 1452 VgaSave - ok
01:22:40.0968 1452 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
01:22:40.0988 1452 vhdmp - ok
01:22:41.0007 1452 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
01:22:41.0023 1452 viaide - ok
01:22:41.0065 1452 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
01:22:41.0083 1452 volmgr - ok
01:22:41.0164 1452 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
01:22:41.0199 1452 volmgrx - ok
01:22:41.0294 1452 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
01:22:41.0315 1452 volsnap - ok
01:22:41.0365 1452 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
01:22:41.0384 1452 vsmraid - ok
01:22:41.0531 1452 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
01:22:41.0613 1452 VSS - ok
01:22:41.0732 1452 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
01:22:41.0767 1452 vwifibus - ok
01:22:41.0800 1452 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
01:22:41.0838 1452 vwififlt - ok
01:22:41.0881 1452 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
01:22:41.0916 1452 vwifimp - ok
01:22:41.0959 1452 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
01:22:42.0006 1452 W32Time - ok
01:22:42.0039 1452 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
01:22:42.0068 1452 WacomPen - ok
01:22:42.0125 1452 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
01:22:42.0184 1452 WANARP - ok
01:22:42.0201 1452 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
01:22:42.0275 1452 Wanarpv6 - ok
01:22:42.0380 1452 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
01:22:42.0443 1452 WatAdminSvc - ok
01:22:42.0521 1452 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
01:22:42.0626 1452 wbengine - ok
01:22:42.0728 1452 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
01:22:42.0811 1452 WbioSrvc - ok
01:22:42.0864 1452 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
01:22:42.0943 1452 wcncsvc - ok
01:22:42.0984 1452 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
01:22:43.0108 1452 WcsPlugInService - ok
01:22:43.0165 1452 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
01:22:43.0180 1452 Wd - ok
01:22:43.0222 1452 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
01:22:43.0259 1452 Wdf01000 - ok
01:22:43.0283 1452 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
01:22:43.0375 1452 WdiServiceHost - ok
01:22:43.0386 1452 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
01:22:43.0410 1452 WdiSystemHost - ok
01:22:43.0519 1452 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
01:22:43.0556 1452 WebClient - ok
01:22:43.0594 1452 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
01:22:43.0654 1452 Wecsvc - ok
01:22:43.0734 1452 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
01:22:43.0856 1452 wercplsupport - ok
01:22:43.0904 1452 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
01:22:43.0983 1452 WerSvc - ok
01:22:44.0051 1452 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
01:22:44.0092 1452 WfpLwf - ok
01:22:44.0131 1452 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
01:22:44.0151 1452 WIMMount - ok
01:22:44.0200 1452 WinDefend - ok
01:22:44.0216 1452 WinHttpAutoProxySvc - ok
01:22:44.0292 1452 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
01:22:44.0344 1452 Winmgmt - ok
01:22:44.0573 1452 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
01:22:44.0710 1452 WinRM - ok
01:22:44.0858 1452 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
01:22:44.0905 1452 WinUsb - ok
01:22:45.0038 1452 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
01:22:45.0108 1452 Wlansvc - ok
01:22:45.0209 1452 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
01:22:45.0244 1452 wlcrasvc - ok
01:22:45.0456 1452 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
01:22:45.0541 1452 wlidsvc - ok
01:22:45.0719 1452 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
01:22:45.0758 1452 WmiAcpi - ok
01:22:45.0829 1452 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
01:22:45.0857 1452 wmiApSrv - ok
01:22:45.0929 1452 WMPNetworkSvc - ok
01:22:45.0970 1452 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
01:22:46.0046 1452 WPCSvc - ok
01:22:46.0088 1452 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
01:22:46.0174 1452 WPDBusEnum - ok
01:22:46.0216 1452 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
01:22:46.0262 1452 ws2ifsl - ok
01:22:46.0327 1452 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll
01:22:46.0371 1452 wscsvc - ok
01:22:46.0383 1452 WSearch - ok
01:22:46.0531 1452 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\windows\system32\wuaueng.dll
01:22:46.0665 1452 wuauserv - ok
01:22:46.0797 1452 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
01:22:46.0853 1452 WudfPf - ok
01:22:46.0917 1452 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
01:22:46.0971 1452 WUDFRd - ok
01:22:47.0011 1452 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
01:22:47.0053 1452 wudfsvc - ok
01:22:47.0087 1452 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
01:22:47.0141 1452 WwanSvc - ok
01:22:47.0204 1452 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
01:22:47.0745 1452 \Device\Harddisk0\DR0 - ok
01:22:47.0778 1452 Boot (0x1200) (f0dd1e264c067963ab34e1dd5ea255a7) \Device\Harddisk0\DR0\Partition0
01:22:47.0779 1452 \Device\Harddisk0\DR0\Partition0 - ok
01:22:47.0783 1452 ============================================================
01:22:47.0783 1452 Scan finished
01:22:47.0783 1452 ============================================================
01:22:47.0803 6548 Detected object count: 0
01:22:47.0803 6548 Actual detected object count: 0
01:23:09.0069 4344 Deinitialize success
-
Sometimes I get flash crashes, and few times now today my browser has frozen up and asked if I wanted to wait for it to respond (chrome did this today sometimes firefox does too and usually Im not running much)
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 7/29/2011 3:18:57 PM
System Uptime: 6/14/2012 10:35:41 PM (4 hours ago)
.
Motherboard: TOSHIBA | | Portable PC
Processor: Intel® Celeron® CPU 925 @ 2.30GHz | CPU | 2294/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 221 GiB total, 155.535 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP204: 6/3/2012 10:04:45 PM - Windows Backup
RP205: 6/4/2012 9:17:35 PM - Windows Update
RP206: 6/8/2012 6:13:05 AM - Windows Update
RP207: 6/10/2012 11:58:29 PM - Windows Backup
RP208: 6/12/2012 1:09:13 AM - Windows Update
RP209: 6/12/2012 7:36:25 PM - Windows Update
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Community Help
Adobe Content Viewer
Adobe Download Assistant
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3)
Akamai NetSession Interface
Amazon Links
Apple Application Support
Apple Software Update
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
Atheros Driver Installation Program
Audacity 1.2.6
Bicycle Canasta
BlackBerry Desktop Software 6.1
Constant Guard Protection Suite
Cooking Academy 2 - World Cuisine
D3DX10
Google Chrome
GuardedID
Hot Dish 2
Intel® Graphics Media Accelerator Driver
Java Auto Updater
Java 6 Update 32
Junk Mail filter update
Label@Once 1.0
LAME v3.98.3 for Audacity
Malwarebytes Anti-Malware version 1.61.0.1400
Mesh Runtime
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
Mozilla Firefox 12.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB973685)
Nertz Solitaire
Norton Security Suite
Octoshape add-in for Adobe Flash Player
ooVoo
PhotoScape
PlayReady PC Runtime x86
PMB
Polar Bowler
QuickTime
Realtek USB 2.0 Card Reader
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Shrek 2: Ogre Bowler
Skip-Bo - Castaway Caper
Stand O'Food
Stand O'Food 3
Tic-A-Tac Royale
Toshiba App Place
TOSHIBA Application Installer
TOSHIBA Assist
Toshiba Book Place
TOSHIBA Bulletin Board
TOSHIBA Face Recognition
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
Toshiba Laptop Checkup
TOSHIBA Media Controller
TOSHIBA Media Controller Plug-in
Toshiba Online Backup
TOSHIBA Quality Application
TOSHIBA ReelTime
TOSHIBA Service Station
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
ToshibaRegistration
Tradewinds 2
Tradewinds Legends
Tradewinds Odyssey
Unity Web Player
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update Installer for WildTangent Games App
Wedding Dash ® 4-Ever
WildTangent Games
WildTangent Games App
WildTangent Games App (Toshiba Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Zombie Bowl-o-Rama
.
==== Event Viewer Messages From Past Week ========
.
6/13/2012 2:05:31 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running.
6/13/2012 2:05:01 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
6/13/2012 2:05:01 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
6/13/2012 10:09:15 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the N360 service.
6/12/2012 12:57:18 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PCCUJobMgr service.
6/12/2012 12:57:18 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IDVaultSvc service.
6/10/2012 11:56:31 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service.
6/10/2012 11:55:29 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Appinfo service.
.
==== End Of File ===========================
nothin to remove
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org
Database version: v2012.06.15.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Elyse :: ELYSE-VRUS [administrator]
Protection: Enabled
6/15/2012 2:05:14 PM
mbam-log-2012-06-15 (14-05-14).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 225048
Time elapsed: 6 minute(s), 42 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
-
Sorrry neededcorrect this... its ar.voicefive or something like that
-
I have a feeling that the culprit is the program Oovoo, but I dont click any of their ads.
lot of the cookies are from rubicon project (pixel, tap, and others). The ar.voicesurveys comes up in firefox (even when Im not using firefox but using chrome) I tried scanning with windows defender, norton and malwarebytes along with other tools I have had on my computer from trying to fix it before. I scanned with Norton Power Tool remover it found 3 items in windows folder but it said status was unknown and i was unsure if I should remove it or not. I suspect this is adware but may be more to it, knowing these cookies like to show up mostly when using oovoo which Im on everyday I do quick scans more often to remove them, but please help if you can. Also today which is what made me run here for help, I got a pop up from tap.rubiconproject.js and javascriptw as trying to attack my computer this time on chrome.
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_32
Run by Elyse at 2:39:32 on 2012-06-15
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1916.976 [GMT -5:00]
.
AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\ccSvcHst.exe
C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\ccSvcHst.exe
C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
C:\Users\Elyse\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files (x86)\SFT\GuardedID\GIDD.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Elyse\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\SFT\GuardedID\x64\GIDD.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\DllHost.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\SymcPCCULaunchSvc.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe
C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
C:\windows\system32\svchost.exe -k SDRSVC
C:\Users\Elyse\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Elyse\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\SysWOW64\rundll32.exe
C:\Users\Elyse\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\SysWOW64\cscript.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\svchost.exe -k WerSvcGroup
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://start.toshiba.com/g/
uDefault_Page_URL = hxxp://start.toshiba.com/g/
uInternet Settings,ProxyOverride = <local>;*.local;127.0.0.1:9421;
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\IPS\IPSBHO.DLL
BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Constant Guard Protection Suite (COM): {b84cdbe7-1b46-494b-a188-01d4c52deb61} - C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.1.613.0\NativeBHO.dll
BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: TOSHIBA Media Controller Plug-in: {f3c88694-effa-4d78-b409-54b7b2535b14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\coIEPlg.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [Google Update] "C:\Users\Elyse\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Akamai NetSession Interface] "C:\Users\Elyse\AppData\Local\Akamai\netsession_win.exe"
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [GIDDesktop] C:\Program Files (x86)\SFT\GuardedID\gidd.exe /s
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=SUFaUDItUko3UFItN0dOTVUtQUJMRTYtVFBRQ0ktNg"&"inst=NzYtOTQxMjkxMDgwLVNUMTJGT0krMS1ERFQrMC1TVDEyQVBQKzEtRVVMQSsx"&"prod=94"&"ver=2012.0.1831"&"mid=86ef1b55244c47d1826d147051f085d3-6e22f5d63c56d589da72ca653a04c7ccfd2dbc31
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CONSTA~1.LNK - C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
TCP: DhcpNameServer = 75.75.76.76 75.75.75.75
TCP: Interfaces\{469557A4-DAB8-4F4B-9507-9A53D62A86E2} : DhcpNameServer = 75.75.76.76 75.75.75.75
TCP: Interfaces\{B0CF229C-158A-4044-BCC7-4433A16FF421} : DhcpNameServer = 75.75.76.76 75.75.75.75
TCP: Interfaces\{B0CF229C-158A-4044-BCC7-4433A16FF421}\2456C6B696E6F5E4F575962756C6563737F5331383733324 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{B0CF229C-158A-4044-BCC7-4433A16FF421}\45D2D4F62696C656022427F616462616E6466383 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{B0CF229C-158A-4044-BCC7-4433A16FF421}\642756562612274637 : DhcpNameServer = 64.105.97.90 64.105.113.138 4.2.2.1
TCP: Interfaces\{B0CF229C-158A-4044-BCC7-4433A16FF421}\863636 : DhcpNameServer = 10.3.2.4 198.64.7.3
TCP: Interfaces\{B0CF229C-158A-4044-BCC7-4433A16FF421}\D414340264F6270275F6D656E6 : DhcpNameServer = 192.168.1.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {9191979D-821C-4EA8-B021-2DA1D859A7C5}-3Reg - C:\Program Files (x86)\SFT\GuardedID\gidi.exe /v
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\coIEPlg.dll
BHO-X64: Symantec NCO BHO - No File
BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\IPS\IPSBHO.DLL
BHO-X64: Symantec Intrusion Prevention - No File
BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Constant Guard Protection Suite (COM): {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.1.613.0\NativeBHO.dll
BHO-X64: Constant Guard Protection Suite (COM) - No File
BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\coIEPlg.dll
TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
mRun-x64: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [GIDDesktop] C:\Program Files (x86)\SFT\GuardedID\gidd.exe /s
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRunOnce-x64: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=SUFaUDItUko3UFItN0dOTVUtQUJMRTYtVFBRQ0ktNg"&"inst=NzYtOTQxMjkxMDgwLVNUMTJGT0krMS1ERFQrMC1TVDEyQVBQKzEtRVVMQSsx"&"prod=94"&"ver=2012.0.1831"&"mid=86ef1b55244c47d1826d147051f085d3-6e22f5d63c56d589da72ca653a04c7ccfd2dbc31
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Elyse\AppData\Roaming\Mozilla\Firefox\Profiles\4h79tzjr.default\
FF - prefs.js: browser.search.selectedEngine - Search & Win
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Elyse\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll
FF - plugin: C:\windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
2012-06-14 09:45:52 96376 ----a-w- C:\windows\System32\drivers\SMR300.SYS
2012-06-14 09:43:53 -------- d-----w- C:\Users\Elyse\AppData\Local\NPE
2012-06-13 00:38:59 304640 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll
2012-06-13 00:20:42 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
2012-06-13 00:05:50 9216 ----a-w- C:\windows\System32\rdrmemptylst.exe
2012-06-13 00:05:50 77312 ----a-w- C:\windows\System32\rdpwsx.dll
2012-06-13 00:05:50 149504 ----a-w- C:\windows\System32\rdpcorekmts.dll
2012-06-13 00:05:29 209920 ----a-w- C:\windows\System32\profsvc.dll
2012-06-13 00:05:24 5559664 ----a-w- C:\windows\System32\ntoskrnl.exe
2012-06-13 00:05:14 3913072 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2012-06-13 00:04:58 3968368 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2012-06-13 00:04:40 3146752 ----a-w- C:\windows\System32\win32k.sys
2012-06-13 00:04:33 210944 ----a-w- C:\windows\System32\drivers\rdpwd.sys
2012-06-13 00:04:12 3216384 ----a-w- C:\windows\System32\msi.dll
2012-06-13 00:04:09 2342400 ----a-w- C:\windows\SysWow64\msi.dll
2012-06-13 00:03:34 1462272 ----a-w- C:\windows\System32\crypt32.dll
2012-06-13 00:03:33 184320 ----a-w- C:\windows\System32\cryptsvc.dll
2012-06-13 00:03:33 140288 ----a-w- C:\windows\System32\cryptnet.dll
2012-06-13 00:03:33 1158656 ----a-w- C:\windows\SysWow64\crypt32.dll
2012-06-13 00:03:32 140288 ----a-w- C:\windows\SysWow64\cryptsvc.dll
2012-06-13 00:03:32 103936 ----a-w- C:\windows\SysWow64\cryptnet.dll
2012-06-12 06:10:32 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2082224D-5F5F-42A4-9386-A55402B5E25F}\mpengine.dll
2012-06-09 06:59:59 -------- d-----w- C:\Users\Elyse\AppData\Local\Macromedia
2012-05-30 23:12:47 476960 ----a-w- C:\windows\SysWow64\npdeployJava1.dll
2012-05-24 05:16:57 -------- d-----w- C:\Users\Elyse\AppData\Local\{FD9194A0-0417-4F19-B4E6-7F5CF98BB046}
.
==================== Find3M ====================
.
2012-06-09 06:59:21 70344 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-09 06:59:21 426184 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2012-05-30 23:12:25 472864 ----a-w- C:\windows\SysWow64\deployJava1.dll
2012-05-18 02:06:48 2311680 ----a-w- C:\windows\System32\jscript9.dll
2012-05-18 01:59:14 1392128 ----a-w- C:\windows\System32\wininet.dll
2012-05-18 01:58:39 1494528 ----a-w- C:\windows\System32\inetcpl.cpl
2012-05-18 01:55:22 173056 ----a-w- C:\windows\System32\ieUnatt.exe
2012-05-18 01:51:30 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2012-05-17 22:45:37 1800192 ----a-w- C:\windows\SysWow64\jscript9.dll
2012-05-17 22:35:47 1129472 ----a-w- C:\windows\SysWow64\wininet.dll
2012-05-17 22:35:39 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2012-05-17 22:29:45 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2012-05-17 22:24:45 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2012-05-12 07:12:36 0 ----a-w- C:\windows\SysWow64\sho940E.tmp
2012-05-10 08:19:02 0 ----a-w- C:\windows\SysWow64\sho7254.tmp
2012-05-04 19:28:05 8744608 ----a-w- C:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-19 01:56:30 94208 ----a-w- C:\windows\SysWow64\QuickTimeVR.qtx
2012-04-19 01:56:30 69632 ----a-w- C:\windows\SysWow64\QuickTime.qts
2012-04-04 20:56:40 24904 ----a-w- C:\windows\System32\drivers\mbam.sys
2012-03-30 11:35:47 1918320 ----a-w- C:\windows\System32\drivers\tcpip.sys
2012-03-17 07:58:57 75120 ----a-w- C:\windows\System32\drivers\partmgr.sys
.
============= FINISH: 2:42:03.75 ===============
Run speedtest but always error when getting to upload portion, also slower net speed
in General Windows PC Help
Posted
I dont know what this is due to, but it happened out of nowhere. My net download spees have slowed from 20 to 2 or around there , cnat ever retrieve and upload speed form speedtest