MattL
-
Posts
6 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by MattL
-
Updates and quick scan run, log below. Computer is back to normal now, no issues this this morning. Thanks a bunch for your help, it's very much appreciated. Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Database version: v2012.06.24.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 Matt :: C660 [administrator] Protection: Enabled 24/06/2012 10:05:57 PM mbam-log-2012-06-24 (22-05-57).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 215853 Time elapsed: 2 minute(s), 59 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
-
I had Windows decide to do some updates after running ComboFix, hope that doesn't cause issues. ComboFix 12-06-23.05 - Matt 24/06/2012 9:41.2.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.1913.829 [GMT 10:00] Running from: c:\users\Matt\Desktop\ComboFix.exe AV: Norton Internet Security *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855} FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E} SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Previous Run ------- . c:\programdata\xp\EBLib.dll c:\programdata\xp\TPwSav.sys c:\users\Matt\AppData\Local\{aa493706-aa14-ab91-4e26-3b5b7ea12921}\@ c:\users\Matt\AppData\Local\{aa493706-aa14-ab91-4e26-3b5b7ea12921}\L\00000004.@ c:\users\Matt\AppData\Local\{aa493706-aa14-ab91-4e26-3b5b7ea12921}\L\1afb2d56 c:\users\Matt\AppData\Local\{aa493706-aa14-ab91-4e26-3b5b7ea12921}\L\55490ac4 c:\users\Matt\AppData\Local\{aa493706-aa14-ab91-4e26-3b5b7ea12921}\L\80000032.@ c:\users\Matt\AppData\Local\{aa493706-aa14-ab91-4e26-3b5b7ea12921}\n c:\users\Matt\AppData\Local\{aa493706-aa14-ab91-4e26-3b5b7ea12921}\U\00000004.@ c:\users\Matt\AppData\Local\{aa493706-aa14-ab91-4e26-3b5b7ea12921}\U\00000008.@ c:\users\Matt\AppData\Local\{aa493706-aa14-ab91-4e26-3b5b7ea12921}\U\000000cb.@ c:\users\Matt\AppData\Local\{aa493706-aa14-ab91-4e26-3b5b7ea12921}\U\80000000.@ c:\users\Matt\AppData\Local\{aa493706-aa14-ab91-4e26-3b5b7ea12921}\U\80000032.@ c:\users\Matt\AppData\Local\{aa493706-aa14-ab91-4e26-3b5b7ea12921}\U\80000064.@ c:\windows\SysWow64\Packet.dll c:\windows\SysWow64\pthreadVC.dll c:\windows\SysWow64\wpcap.dll . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_NPF . . ((((((((((((((((((((((((( Files Created from 2012-05-24 to 2012-06-24 ))))))))))))))))))))))))))))))) . . 2012-06-23 23:50 . 2012-06-23 23:50 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-06-23 10:39 . 2012-06-17 17:12 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{45C968F6-E2A7-4FE2-ACDE-6AC089310418}\mpengine.dll 2012-06-23 10:36 . 2012-05-15 04:01 1188864 ----a-w- c:\windows\system32\wininet.dll 2012-06-23 10:34 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-23 10:34 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-23 10:34 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-23 10:34 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-23 10:34 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-23 10:34 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-23 10:34 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-23 10:34 . 2012-06-02 05:19 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-23 10:34 . 2012-06-02 05:15 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-23 05:02 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-06-23 05:02 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll 2012-06-23 05:02 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-06-23 05:01 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll 2012-06-23 05:01 . 2012-05-15 01:32 3146752 ----a-w- c:\windows\system32\win32k.sys 2012-06-23 05:01 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-06-23 04:59 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll 2012-06-23 04:59 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\SysWow64\msi.dll 2012-06-23 04:59 . 2012-04-24 05:37 184320 ----a-w- c:\windows\system32\cryptsvc.dll 2012-06-23 04:59 . 2012-04-24 05:37 140288 ----a-w- c:\windows\system32\cryptnet.dll 2012-06-23 04:59 . 2012-04-24 05:37 1462272 ----a-w- c:\windows\system32\crypt32.dll 2012-06-23 04:59 . 2012-04-24 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll 2012-06-23 04:59 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll 2012-06-23 04:59 . 2012-04-24 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll 2012-06-15 09:53 . 2012-06-23 03:52 -------- d-----w- c:\windows\system32\Macromed . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-04-04 05:56 . 2011-09-27 08:10 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-03-31 06:05 . 2012-05-10 07:19 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-03-31 04:39 . 2012-05-10 07:19 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-03-31 04:39 . 2012-05-10 07:19 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-03-30 11:35 . 2012-05-10 07:19 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2010-03-04 423936] "SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2010-02-23 352256] "KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2010-08-16 34160] "TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-05-01 2454840] "ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-10-06 1294136] "NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe" [2010-02-18 3272040] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] "WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-07-11 74752] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536] Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE [2001-2-14 83360] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 WSWNA3100;WSWNA3100;c:\program files (x86)\NETGEAR\WNA3100\WifiSvc.exe [2010-08-26 285152] R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [2009-12-18 17864] R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [x] R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-20 129976] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x] R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [x] R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512] R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-06 137560] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\DRIVERS\scmndisp.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200] S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-11 46448] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2010-08-28 1811456] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408] S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe [2009-12-09 126392] S2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files (x86)\Norton PC Checkup\Engine\2.0.3.202\SymcPCCULaunchSvc.exe [2010-02-02 103792] S2 PCCUJobMgr;Common Client Job Manager Service;c:\program files (x86)\Norton PC Checkup\Engine\2.0.3.202\ccSvcHst.exe [2009-08-24 126392] S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-09-30 508776] S3 CeKbFilter;CeKbFilter;c:\windows\system32\DRIVERS\CeKbFilter.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [x] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-09-30 219496] . . Contents of the 'Scheduled Tasks' folder . 2012-06-23 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1331570480-336128708-1802499603-1000Core.job - c:\users\Matt\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-12-16 14:32] . 2012-06-23 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1331570480-336128708-1802499603-1000UA.job - c:\users\Matt\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-12-16 14:32] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-07 166424] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-07 391192] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-07 410648] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-29 11101800] "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-07-29 2120808] "TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-06 709976] "TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://toshiba.msn.com mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office10\EXCEL.EXE/3000 TCP: DhcpNameServer = 10.0.0.138 FF - ProfilePath - c:\users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\vwa2a0jb.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.inthemix.com.au/forum/forumdisplay.php?forumid=4 FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) Toolbar-Locked - (no file) HKLM-Run-(Default) - (no file) HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe HKLM-Run-combofix - c:\combofix\CF1018.3XE . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS] "ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\17.5.0.127\diMaster.dll\" /prefetch:1" -- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCCUJobMgr] "ImagePath"="\"c:\program files (x86)\Norton PC Checkup\Engine\2.0.3.202\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files (x86)\Norton PC Checkup\Engine\2.0.3.202\diMaster.dll\" /prefetch:1" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\17.5.0.127\InstStub.exe c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe c:\program files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe . ************************************************************************** . Completion time: 2012-06-24 10:12:01 - machine was rebooted ComboFix-quarantined-files.txt 2012-06-24 00:12 . Pre-Run: 414,483,623,936 bytes free Post-Run: 414,154,534,912 bytes free . - - End Of File - - 660BDC02110F0C1570F32CE221619BF4
-
thanks for the help so far, have downloaded ComboFix and am about to run it. As it just hit midnight here I'm also about to sleep so be back online in 8ish hours
-
Ran rogue Killer, it showed 1 KILLED[TermProc], Status: C:\windows\SysWOW64\svchost.exe Created restore point TDSSKiller log: 23:35:39.0173 5044 TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32 23:35:40.0156 5044 ============================================================ 23:35:40.0156 5044 Current date / time: 2012/06/23 23:35:40.0156 23:35:40.0156 5044 SystemInfo: 23:35:40.0156 5044 23:35:40.0156 5044 OS Version: 6.1.7601 ServicePack: 1.0 23:35:40.0156 5044 Product type: Workstation 23:35:40.0156 5044 ComputerName: C660 23:35:40.0156 5044 UserName: Matt 23:35:40.0156 5044 Windows directory: C:\windows 23:35:40.0156 5044 System windows directory: C:\windows 23:35:40.0156 5044 Running under WOW64 23:35:40.0156 5044 Processor architecture: Intel x64 23:35:40.0156 5044 Number of processors: 2 23:35:40.0156 5044 Page size: 0x1000 23:35:40.0156 5044 Boot type: Normal boot 23:35:40.0156 5044 ============================================================ 23:35:40.0764 5044 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 23:35:40.0780 5044 ============================================================ 23:35:40.0780 5044 \Device\Harddisk0\DR0: 23:35:40.0780 5044 MBR partitions: 23:35:40.0780 5044 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38E30800 23:35:40.0780 5044 ============================================================ 23:35:40.0796 5044 C: <-> \Device\Harddisk0\DR0\Partition0 23:35:40.0796 5044 ============================================================ 23:35:40.0796 5044 Initialize success 23:35:40.0796 5044 ============================================================ 23:36:00.0343 2828 ============================================================ 23:36:00.0343 2828 Scan started 23:36:00.0343 2828 Mode: Manual; SigCheck; TDLFS; 23:36:00.0343 2828 ============================================================ 23:36:00.0733 2828 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys 23:36:00.0904 2828 1394ohci - ok 23:36:01.0013 2828 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys 23:36:01.0045 2828 ACPI - ok 23:36:01.0091 2828 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys 23:36:01.0169 2828 AcpiPmi - ok 23:36:01.0216 2828 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys 23:36:01.0232 2828 adp94xx - ok 23:36:01.0279 2828 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys 23:36:01.0294 2828 adpahci - ok 23:36:01.0325 2828 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys 23:36:01.0341 2828 adpu320 - ok 23:36:01.0372 2828 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll 23:36:01.0513 2828 AeLookupSvc - ok 23:36:01.0559 2828 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys 23:36:01.0622 2828 AFD - ok 23:36:01.0669 2828 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys 23:36:01.0669 2828 agp440 - ok 23:36:01.0700 2828 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe 23:36:01.0731 2828 ALG - ok 23:36:01.0793 2828 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys 23:36:01.0809 2828 aliide - ok 23:36:01.0825 2828 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys 23:36:01.0840 2828 amdide - ok 23:36:01.0871 2828 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys 23:36:01.0918 2828 AmdK8 - ok 23:36:01.0949 2828 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys 23:36:01.0996 2828 AmdPPM - ok 23:36:02.0043 2828 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys 23:36:02.0059 2828 amdsata - ok 23:36:02.0090 2828 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys 23:36:02.0105 2828 amdsbs - ok 23:36:02.0137 2828 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys 23:36:02.0152 2828 amdxata - ok 23:36:02.0215 2828 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys 23:36:02.0464 2828 AppID - ok 23:36:02.0511 2828 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll 23:36:02.0573 2828 AppIDSvc - ok 23:36:02.0651 2828 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll 23:36:02.0714 2828 Appinfo - ok 23:36:02.0761 2828 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys 23:36:02.0776 2828 arc - ok 23:36:02.0776 2828 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys 23:36:02.0792 2828 arcsas - ok 23:36:02.0823 2828 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys 23:36:02.0870 2828 AsyncMac - ok 23:36:02.0932 2828 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys 23:36:02.0948 2828 atapi - ok 23:36:03.0010 2828 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll 23:36:03.0088 2828 AudioEndpointBuilder - ok 23:36:03.0088 2828 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll 23:36:03.0135 2828 AudioSrv - ok 23:36:03.0197 2828 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll 23:36:03.0291 2828 AxInstSV - ok 23:36:03.0338 2828 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys 23:36:03.0416 2828 b06bdrv - ok 23:36:03.0463 2828 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys 23:36:03.0494 2828 b57nd60a - ok 23:36:03.0541 2828 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll 23:36:03.0587 2828 BDESVC - ok 23:36:03.0619 2828 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys 23:36:03.0697 2828 Beep - ok 23:36:03.0790 2828 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll 23:36:03.0837 2828 BFE - ok 23:36:03.0915 2828 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll 23:36:03.0993 2828 BITS - ok 23:36:04.0040 2828 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys 23:36:04.0071 2828 blbdrive - ok 23:36:04.0118 2828 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys 23:36:04.0149 2828 bowser - ok 23:36:04.0180 2828 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys 23:36:04.0258 2828 BrFiltLo - ok 23:36:04.0274 2828 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys 23:36:04.0321 2828 BrFiltUp - ok 23:36:04.0352 2828 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll 23:36:04.0414 2828 Browser - ok 23:36:04.0461 2828 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys 23:36:04.0508 2828 Brserid - ok 23:36:04.0508 2828 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys 23:36:04.0555 2828 BrSerWdm - ok 23:36:04.0570 2828 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys 23:36:04.0617 2828 BrUsbMdm - ok 23:36:04.0633 2828 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys 23:36:04.0648 2828 BrUsbSer - ok 23:36:04.0679 2828 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys 23:36:04.0711 2828 BTHMODEM - ok 23:36:04.0757 2828 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll 23:36:04.0820 2828 bthserv - ok 23:36:04.0882 2828 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys 23:36:04.0945 2828 cdfs - ok 23:36:05.0007 2828 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\drivers\cdrom.sys 23:36:05.0054 2828 cdrom - ok 23:36:05.0101 2828 CeKbFilter (7e83e47bd1ff93e11cd69f1ad65a9581) C:\windows\system32\DRIVERS\CeKbFilter.sys 23:36:05.0147 2828 CeKbFilter - ok 23:36:05.0210 2828 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll 23:36:05.0272 2828 CertPropSvc - ok 23:36:05.0381 2828 cfWiMAXService (41e7c4fa6491747402cfca77cc1c7aab) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe 23:36:05.0397 2828 cfWiMAXService - ok 23:36:05.0428 2828 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys 23:36:05.0459 2828 circlass - ok 23:36:05.0522 2828 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys 23:36:05.0553 2828 CLFS - ok 23:36:05.0615 2828 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 23:36:05.0631 2828 clr_optimization_v2.0.50727_32 - ok 23:36:05.0693 2828 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 23:36:05.0709 2828 clr_optimization_v2.0.50727_64 - ok 23:36:05.0787 2828 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 23:36:05.0818 2828 clr_optimization_v4.0.30319_32 - ok 23:36:05.0849 2828 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 23:36:05.0865 2828 clr_optimization_v4.0.30319_64 - ok 23:36:05.0896 2828 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys 23:36:05.0927 2828 CmBatt - ok 23:36:05.0959 2828 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys 23:36:05.0990 2828 cmdide - ok 23:36:06.0037 2828 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys 23:36:06.0068 2828 CNG - ok 23:36:06.0115 2828 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys 23:36:06.0130 2828 Compbatt - ok 23:36:06.0177 2828 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys 23:36:06.0224 2828 CompositeBus - ok 23:36:06.0255 2828 COMSysApp - ok 23:36:06.0333 2828 ConfigFree Service (cab0eeaf5295fc96ddd3e19dce27e131) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe 23:36:06.0349 2828 ConfigFree Service - ok 23:36:06.0395 2828 cpudrv64 (3ca734ce373e5675fbc15ca2c45228e5) C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys 23:36:06.0427 2828 cpudrv64 - ok 23:36:06.0458 2828 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys 23:36:06.0458 2828 crcdisk - ok 23:36:06.0520 2828 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\windows\system32\cryptsvc.dll 23:36:06.0583 2828 CryptSvc - ok 23:36:06.0723 2828 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 23:36:06.0770 2828 cvhsvc - ok 23:36:06.0832 2828 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll 23:36:06.0895 2828 DcomLaunch - ok 23:36:06.0926 2828 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll 23:36:06.0988 2828 defragsvc - ok 23:36:07.0051 2828 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys 23:36:07.0129 2828 DfsC - ok 23:36:07.0175 2828 dg_ssudbus (388039f99ce8769024ee0438352aca99) C:\windows\system32\DRIVERS\ssudbus.sys 23:36:07.0207 2828 dg_ssudbus - ok 23:36:07.0269 2828 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll 23:36:07.0331 2828 Dhcp - ok 23:36:07.0363 2828 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys 23:36:07.0409 2828 discache - ok 23:36:07.0456 2828 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys 23:36:07.0487 2828 Disk - ok 23:36:07.0519 2828 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll 23:36:07.0581 2828 Dnscache - ok 23:36:07.0612 2828 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll 23:36:07.0675 2828 dot3svc - ok 23:36:07.0706 2828 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll 23:36:07.0768 2828 DPS - ok 23:36:07.0799 2828 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys 23:36:07.0831 2828 drmkaud - ok 23:36:07.0893 2828 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys 23:36:07.0924 2828 DXGKrnl - ok 23:36:07.0955 2828 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll 23:36:08.0018 2828 EapHost - ok 23:36:08.0143 2828 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys 23:36:08.0221 2828 ebdrv - ok 23:36:08.0330 2828 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe 23:36:08.0377 2828 EFS - ok 23:36:08.0486 2828 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe 23:36:08.0564 2828 ehRecvr - ok 23:36:08.0595 2828 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe 23:36:08.0626 2828 ehSched - ok 23:36:08.0689 2828 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys 23:36:08.0704 2828 elxstor - ok 23:36:08.0735 2828 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys 23:36:08.0782 2828 ErrDev - ok 23:36:08.0829 2828 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll 23:36:08.0907 2828 EventSystem - ok 23:36:08.0954 2828 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys 23:36:09.0001 2828 exfat - ok 23:36:09.0032 2828 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys 23:36:09.0094 2828 fastfat - ok 23:36:09.0157 2828 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe 23:36:09.0219 2828 Fax - ok 23:36:09.0266 2828 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys 23:36:09.0297 2828 fdc - ok 23:36:09.0344 2828 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll 23:36:09.0375 2828 fdPHost - ok 23:36:09.0391 2828 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll 23:36:09.0437 2828 FDResPub - ok 23:36:09.0469 2828 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys 23:36:09.0484 2828 FileInfo - ok 23:36:09.0500 2828 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys 23:36:09.0547 2828 Filetrace - ok 23:36:09.0578 2828 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys 23:36:09.0593 2828 flpydisk - ok 23:36:09.0625 2828 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys 23:36:09.0656 2828 FltMgr - ok 23:36:09.0703 2828 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll 23:36:09.0781 2828 FontCache - ok 23:36:09.0859 2828 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 23:36:09.0874 2828 FontCache3.0.0.0 - ok 23:36:09.0905 2828 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys 23:36:09.0921 2828 FsDepends - ok 23:36:09.0937 2828 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys 23:36:09.0952 2828 Fs_Rec - ok 23:36:10.0015 2828 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys 23:36:10.0030 2828 fvevol - ok 23:36:10.0061 2828 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys 23:36:10.0077 2828 gagp30kx - ok 23:36:10.0171 2828 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe 23:36:10.0186 2828 GamesAppService - ok 23:36:10.0249 2828 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll 23:36:10.0311 2828 gpsvc - ok 23:36:10.0342 2828 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys 23:36:10.0405 2828 hcw85cir - ok 23:36:10.0451 2828 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys 23:36:10.0514 2828 HdAudAddService - ok 23:36:10.0545 2828 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys 23:36:10.0576 2828 HDAudBus - ok 23:36:10.0607 2828 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys 23:36:10.0654 2828 HidBatt - ok 23:36:10.0685 2828 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys 23:36:10.0717 2828 HidBth - ok 23:36:10.0748 2828 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys 23:36:10.0779 2828 HidIr - ok 23:36:10.0810 2828 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll 23:36:10.0873 2828 hidserv - ok 23:36:10.0935 2828 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys 23:36:10.0951 2828 HidUsb - ok 23:36:10.0982 2828 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll 23:36:11.0044 2828 hkmsvc - ok 23:36:11.0091 2828 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll 23:36:11.0169 2828 HomeGroupListener - ok 23:36:11.0200 2828 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll 23:36:11.0247 2828 HomeGroupProvider - ok 23:36:11.0294 2828 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys 23:36:11.0309 2828 HpSAMD - ok 23:36:11.0356 2828 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys 23:36:11.0434 2828 HTTP - ok 23:36:11.0465 2828 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys 23:36:11.0481 2828 hwpolicy - ok 23:36:11.0528 2828 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys 23:36:11.0543 2828 i8042prt - ok 23:36:11.0590 2828 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\windows\system32\DRIVERS\iaStor.sys 23:36:11.0606 2828 iaStor - ok 23:36:11.0668 2828 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys 23:36:11.0699 2828 iaStorV - ok 23:36:11.0840 2828 IconMan_R (4de2ee2a5186d74babc4e7f60d2ae989) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe 23:36:11.0902 2828 IconMan_R ( UnsignedFile.Multi.Generic ) - warning 23:36:11.0902 2828 IconMan_R - detected UnsignedFile.Multi.Generic (1) 23:36:12.0027 2828 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 23:36:12.0058 2828 idsvc - ok 23:36:12.0511 2828 igfx (898ab5bfed7040d7ab07af01885eb944) C:\windows\system32\DRIVERS\igdkmd64.sys 23:36:12.0854 2828 igfx - ok 23:36:12.0963 2828 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys 23:36:12.0994 2828 iirsp - ok 23:36:13.0041 2828 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll 23:36:13.0119 2828 IKEEXT - ok 23:36:13.0259 2828 IntcAzAudAddService (e8017f1662d9142f45ceab694d013c00) C:\windows\system32\drivers\RTKVHD64.sys 23:36:13.0322 2828 IntcAzAudAddService - ok 23:36:13.0431 2828 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys 23:36:13.0462 2828 intelide - ok 23:36:13.0493 2828 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys 23:36:13.0540 2828 intelppm - ok 23:36:13.0571 2828 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll 23:36:13.0618 2828 IPBusEnum - ok 23:36:13.0665 2828 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys 23:36:13.0727 2828 IpFilterDriver - ok 23:36:13.0774 2828 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll 23:36:13.0852 2828 iphlpsvc - ok 23:36:13.0883 2828 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys 23:36:13.0915 2828 IPMIDRV - ok 23:36:13.0961 2828 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys 23:36:14.0008 2828 IPNAT - ok 23:36:14.0055 2828 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys 23:36:14.0117 2828 IRENUM - ok 23:36:14.0149 2828 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys 23:36:14.0149 2828 isapnp - ok 23:36:14.0164 2828 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys 23:36:14.0195 2828 iScsiPrt - ok 23:36:14.0211 2828 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys 23:36:14.0227 2828 kbdclass - ok 23:36:14.0258 2828 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys 23:36:14.0305 2828 kbdhid - ok 23:36:14.0351 2828 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe 23:36:14.0367 2828 KeyIso - ok 23:36:14.0398 2828 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys 23:36:14.0398 2828 KSecDD - ok 23:36:14.0445 2828 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys 23:36:14.0461 2828 KSecPkg - ok 23:36:14.0492 2828 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys 23:36:14.0539 2828 ksthunk - ok 23:36:14.0570 2828 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll 23:36:14.0632 2828 KtmRm - ok 23:36:14.0695 2828 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll 23:36:14.0773 2828 LanmanServer - ok 23:36:14.0835 2828 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll 23:36:14.0882 2828 LanmanWorkstation - ok 23:36:14.0897 2828 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys 23:36:14.0960 2828 lltdio - ok 23:36:15.0007 2828 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll 23:36:15.0069 2828 lltdsvc - ok 23:36:15.0085 2828 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll 23:36:15.0116 2828 lmhosts - ok 23:36:15.0163 2828 LPCFilter (2825a71e7501cb33b3b9f856610c729d) C:\windows\system32\DRIVERS\LPCFilter.sys 23:36:15.0178 2828 LPCFilter - ok 23:36:15.0209 2828 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys 23:36:15.0225 2828 LSI_FC - ok 23:36:15.0256 2828 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys 23:36:15.0272 2828 LSI_SAS - ok 23:36:15.0272 2828 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys 23:36:15.0287 2828 LSI_SAS2 - ok 23:36:15.0319 2828 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys 23:36:15.0334 2828 LSI_SCSI - ok 23:36:15.0365 2828 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys 23:36:15.0412 2828 luafv - ok 23:36:15.0443 2828 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\windows\system32\drivers\mbam.sys 23:36:15.0459 2828 MBAMProtector - ok 23:36:15.0568 2828 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 23:36:15.0584 2828 MBAMService - ok 23:36:15.0677 2828 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe 23:36:15.0693 2828 McComponentHostService - ok 23:36:15.0724 2828 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll 23:36:15.0740 2828 Mcx2Svc - ok 23:36:15.0771 2828 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys 23:36:15.0787 2828 megasas - ok 23:36:15.0818 2828 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys 23:36:15.0833 2828 MegaSR - ok 23:36:15.0865 2828 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll 23:36:15.0927 2828 MMCSS - ok 23:36:15.0943 2828 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys 23:36:16.0021 2828 Modem - ok 23:36:16.0052 2828 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys 23:36:16.0083 2828 monitor - ok 23:36:16.0145 2828 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys 23:36:16.0161 2828 mouclass - ok 23:36:16.0208 2828 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys 23:36:16.0255 2828 mouhid - ok 23:36:16.0301 2828 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys 23:36:16.0333 2828 mountmgr - ok 23:36:16.0379 2828 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 23:36:16.0411 2828 MozillaMaintenance - ok 23:36:16.0442 2828 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys 23:36:16.0457 2828 mpio - ok 23:36:16.0473 2828 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys 23:36:16.0520 2828 mpsdrv - ok 23:36:16.0567 2828 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll 23:36:16.0645 2828 MpsSvc - ok 23:36:16.0676 2828 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys 23:36:16.0738 2828 MRxDAV - ok 23:36:16.0769 2828 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys 23:36:16.0832 2828 mrxsmb - ok 23:36:16.0863 2828 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys 23:36:16.0894 2828 mrxsmb10 - ok 23:36:16.0941 2828 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys 23:36:16.0972 2828 mrxsmb20 - ok 23:36:17.0019 2828 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys 23:36:17.0050 2828 msahci - ok 23:36:17.0081 2828 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys 23:36:17.0081 2828 msdsm - ok 23:36:17.0113 2828 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe 23:36:17.0144 2828 MSDTC - ok 23:36:17.0175 2828 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys 23:36:17.0206 2828 Msfs - ok 23:36:17.0222 2828 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys 23:36:17.0284 2828 mshidkmdf - ok 23:36:17.0315 2828 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys 23:36:17.0315 2828 msisadrv - ok 23:36:17.0362 2828 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll 23:36:17.0409 2828 MSiSCSI - ok 23:36:17.0409 2828 msiserver - ok 23:36:17.0440 2828 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys 23:36:17.0503 2828 MSKSSRV - ok 23:36:17.0534 2828 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys 23:36:17.0596 2828 MSPCLOCK - ok 23:36:17.0627 2828 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys 23:36:17.0674 2828 MSPQM - ok 23:36:17.0737 2828 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys 23:36:17.0752 2828 MsRPC - ok 23:36:17.0783 2828 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys 23:36:17.0799 2828 mssmbios - ok 23:36:17.0830 2828 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys 23:36:17.0893 2828 MSTEE - ok 23:36:17.0924 2828 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys 23:36:17.0939 2828 MTConfig - ok 23:36:17.0955 2828 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys 23:36:17.0971 2828 Mup - ok 23:36:18.0017 2828 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll 23:36:18.0080 2828 napagent - ok 23:36:18.0127 2828 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys 23:36:18.0189 2828 NativeWifiP - ok 23:36:18.0251 2828 NAVENG - ok 23:36:18.0267 2828 NAVEX15 - ok 23:36:18.0345 2828 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys 23:36:18.0392 2828 NDIS - ok 23:36:18.0423 2828 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys 23:36:18.0470 2828 NdisCap - ok 23:36:18.0517 2828 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys 23:36:18.0563 2828 NdisTapi - ok 23:36:18.0595 2828 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys 23:36:18.0626 2828 Ndisuio - ok 23:36:18.0673 2828 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys 23:36:18.0751 2828 NdisWan - ok 23:36:18.0766 2828 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys 23:36:18.0797 2828 NDProxy - ok 23:36:18.0844 2828 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys 23:36:18.0891 2828 NetBIOS - ok 23:36:18.0938 2828 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys 23:36:18.0969 2828 NetBT - ok 23:36:19.0016 2828 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe 23:36:19.0031 2828 Netlogon - ok 23:36:19.0094 2828 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll 23:36:19.0172 2828 Netman - ok 23:36:19.0203 2828 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll 23:36:19.0281 2828 netprofm - ok 23:36:19.0343 2828 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 23:36:19.0375 2828 NetTcpPortSharing - ok 23:36:19.0406 2828 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys 23:36:19.0437 2828 nfrd960 - ok 23:36:19.0531 2828 NIS (43cf5d42fe4475e8e1e74be484b7e33a) C:\Program Files (x86)\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe 23:36:19.0546 2828 NIS - ok 23:36:19.0609 2828 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll 23:36:19.0671 2828 NlaSvc - ok 23:36:19.0718 2828 Norton PC Checkup Application Launcher - ok 23:36:19.0780 2828 NPF (c31fa031335eff434b2d94278e74bcce) C:\windows\system32\DRIVERS\npf.sys 23:36:19.0796 2828 NPF - ok 23:36:19.0811 2828 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys 23:36:19.0843 2828 Npfs - ok 23:36:19.0874 2828 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll 23:36:19.0936 2828 nsi - ok 23:36:19.0983 2828 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys 23:36:20.0014 2828 nsiproxy - ok 23:36:20.0092 2828 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys 23:36:20.0139 2828 Ntfs - ok 23:36:20.0233 2828 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys 23:36:20.0279 2828 Null - ok 23:36:20.0326 2828 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys 23:36:20.0357 2828 nvraid - ok 23:36:20.0373 2828 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys 23:36:20.0389 2828 nvstor - ok 23:36:20.0435 2828 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys 23:36:20.0451 2828 nv_agp - ok 23:36:20.0482 2828 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys 23:36:20.0513 2828 ohci1394 - ok 23:36:20.0591 2828 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 23:36:20.0607 2828 ose - ok 23:36:20.0888 2828 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 23:36:21.0075 2828 osppsvc - ok 23:36:21.0169 2828 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll 23:36:21.0215 2828 p2pimsvc - ok 23:36:21.0247 2828 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll 23:36:21.0262 2828 p2psvc - ok 23:36:21.0293 2828 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys 23:36:21.0309 2828 Parport - ok 23:36:21.0356 2828 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys 23:36:21.0356 2828 partmgr - ok 23:36:21.0387 2828 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll 23:36:21.0418 2828 PcaSvc - ok 23:36:21.0496 2828 PCCUJobMgr (2f86be1818c2d7ac90478e3323ee7fcb) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.202\ccSvcHst.exe 23:36:21.0512 2828 PCCUJobMgr - ok 23:36:21.0559 2828 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys 23:36:21.0574 2828 pci - ok 23:36:21.0590 2828 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys 23:36:21.0605 2828 pciide - ok 23:36:21.0637 2828 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys 23:36:21.0652 2828 pcmcia - ok 23:36:21.0668 2828 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys 23:36:21.0668 2828 pcw - ok 23:36:21.0715 2828 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys 23:36:21.0777 2828 PEAUTH - ok 23:36:21.0839 2828 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe 23:36:21.0871 2828 PerfHost - ok 23:36:21.0917 2828 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys 23:36:21.0917 2828 PGEffect - ok 23:36:21.0995 2828 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll 23:36:22.0073 2828 pla - ok 23:36:22.0120 2828 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll 23:36:22.0198 2828 PlugPlay - ok 23:36:22.0214 2828 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll 23:36:22.0245 2828 PNRPAutoReg - ok 23:36:22.0276 2828 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll 23:36:22.0292 2828 PNRPsvc - ok 23:36:22.0339 2828 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll 23:36:22.0401 2828 PolicyAgent - ok 23:36:22.0432 2828 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll 23:36:22.0495 2828 Power - ok 23:36:22.0557 2828 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys 23:36:22.0604 2828 PptpMiniport - ok 23:36:22.0651 2828 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys 23:36:22.0682 2828 Processor - ok 23:36:22.0713 2828 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\windows\system32\profsvc.dll 23:36:22.0744 2828 ProfSvc - ok 23:36:22.0775 2828 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe 23:36:22.0791 2828 ProtectedStorage - ok 23:36:22.0838 2828 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys 23:36:22.0885 2828 Psched - ok 23:36:22.0978 2828 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys 23:36:23.0025 2828 ql2300 - ok 23:36:23.0119 2828 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys 23:36:23.0150 2828 ql40xx - ok 23:36:23.0181 2828 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll 23:36:23.0228 2828 QWAVE - ok 23:36:23.0259 2828 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys 23:36:23.0306 2828 QWAVEdrv - ok 23:36:23.0321 2828 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys 23:36:23.0353 2828 RasAcd - ok 23:36:23.0384 2828 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys 23:36:23.0415 2828 RasAgileVpn - ok 23:36:23.0446 2828 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll 23:36:23.0493 2828 RasAuto - ok 23:36:23.0540 2828 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys 23:36:23.0587 2828 Rasl2tp - ok 23:36:23.0618 2828 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll 23:36:23.0665 2828 RasMan - ok 23:36:23.0696 2828 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys 23:36:23.0758 2828 RasPppoe - ok 23:36:23.0774 2828 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys 23:36:23.0852 2828 RasSstp - ok 23:36:23.0883 2828 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys 23:36:23.0961 2828 rdbss - ok 23:36:23.0992 2828 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys 23:36:24.0023 2828 rdpbus - ok 23:36:24.0055 2828 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys 23:36:24.0117 2828 RDPCDD - ok 23:36:24.0148 2828 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys 23:36:24.0211 2828 RDPENCDD - ok 23:36:24.0242 2828 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys 23:36:24.0273 2828 RDPREFMP - ok 23:36:24.0320 2828 RDPWD (6d76e6433574b058adcb0c50df834492) C:\windows\system32\drivers\RDPWD.sys 23:36:24.0382 2828 RDPWD - ok 23:36:24.0429 2828 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys 23:36:24.0460 2828 rdyboost - ok 23:36:24.0491 2828 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll 23:36:24.0538 2828 RemoteAccess - ok 23:36:24.0569 2828 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll 23:36:24.0632 2828 RemoteRegistry - ok 23:36:24.0647 2828 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll 23:36:24.0710 2828 RpcEptMapper - ok 23:36:24.0757 2828 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe 23:36:24.0788 2828 RpcLocator - ok 23:36:24.0835 2828 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll 23:36:24.0866 2828 RpcSs - ok 23:36:24.0913 2828 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys 23:36:24.0944 2828 rspndr - ok 23:36:24.0991 2828 RSUSBSTOR (907c4464381b5ebdfdc60f6c7d0dedfc) C:\windows\system32\Drivers\RtsUStor.sys 23:36:24.0991 2828 RSUSBSTOR - ok 23:36:25.0037 2828 RTL8167 (3e70f9ca3eeb22affaac1a4861a303dc) C:\windows\system32\DRIVERS\Rt64win7.sys 23:36:25.0053 2828 RTL8167 - ok 23:36:25.0115 2828 RTL8192Ce (ffc748d848740d1bc8f330a8879c2674) C:\windows\system32\DRIVERS\rtl8192Ce.sys 23:36:25.0131 2828 RTL8192Ce - ok 23:36:25.0162 2828 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe 23:36:25.0178 2828 SamSs - ok 23:36:25.0225 2828 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys 23:36:25.0240 2828 sbp2port - ok 23:36:25.0396 2828 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe 23:36:25.0427 2828 SBSDWSCService - ok 23:36:25.0459 2828 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll 23:36:25.0505 2828 SCardSvr - ok 23:36:25.0552 2828 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys 23:36:25.0615 2828 scfilter - ok 23:36:25.0693 2828 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll 23:36:25.0755 2828 Schedule - ok 23:36:25.0802 2828 SCMNdisP (6011cdf54bb6f4c69f38faccdad73d7e) C:\windows\system32\DRIVERS\scmndisp.sys 23:36:25.0802 2828 SCMNdisP - ok 23:36:25.0849 2828 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll 23:36:25.0895 2828 SCPolicySvc - ok 23:36:25.0911 2828 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll 23:36:25.0989 2828 SDRSVC - ok 23:36:26.0020 2828 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys 23:36:26.0067 2828 secdrv - ok 23:36:26.0098 2828 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll 23:36:26.0161 2828 seclogon - ok 23:36:26.0192 2828 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll 23:36:26.0223 2828 SENS - ok 23:36:26.0254 2828 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll 23:36:26.0270 2828 SensrSvc - ok 23:36:26.0317 2828 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys 23:36:26.0332 2828 Serenum - ok 23:36:26.0379 2828 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys 23:36:26.0395 2828 Serial - ok 23:36:26.0426 2828 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys 23:36:26.0441 2828 sermouse - ok 23:36:26.0504 2828 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll 23:36:26.0566 2828 SessionEnv - ok 23:36:26.0597 2828 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys 23:36:26.0675 2828 sffdisk - ok 23:36:26.0707 2828 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys 23:36:26.0753 2828 sffp_mmc - ok 23:36:26.0769 2828 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys 23:36:26.0816 2828 sffp_sd - ok 23:36:26.0847 2828 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys 23:36:26.0863 2828 sfloppy - ok 23:36:26.0909 2828 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\windows\system32\DRIVERS\Sftfslh.sys 23:36:26.0941 2828 Sftfs - ok 23:36:27.0050 2828 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 23:36:27.0081 2828 sftlist - ok 23:36:27.0097 2828 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\windows\system32\DRIVERS\Sftplaylh.sys 23:36:27.0112 2828 Sftplay - ok 23:36:27.0143 2828 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\windows\system32\DRIVERS\Sftredirlh.sys 23:36:27.0159 2828 Sftredir - ok 23:36:27.0159 2828 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\windows\system32\DRIVERS\Sftvollh.sys 23:36:27.0175 2828 Sftvol - ok 23:36:27.0206 2828 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 23:36:27.0206 2828 sftvsa - ok 23:36:27.0253 2828 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll 23:36:27.0315 2828 SharedAccess - ok 23:36:27.0362 2828 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll 23:36:27.0424 2828 ShellHWDetection - ok 23:36:27.0471 2828 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys 23:36:27.0487 2828 SiSRaid2 - ok 23:36:27.0502 2828 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys 23:36:27.0518 2828 SiSRaid4 - ok 23:36:27.0533 2828 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys 23:36:27.0565 2828 Smb - ok 23:36:27.0596 2828 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe 23:36:27.0627 2828 SNMPTRAP - ok 23:36:27.0658 2828 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys 23:36:27.0674 2828 spldr - ok 23:36:27.0721 2828 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe 23:36:27.0767 2828 Spooler - ok 23:36:27.0892 2828 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe 23:36:28.0048 2828 sppsvc - ok 23:36:28.0142 2828 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll 23:36:28.0204 2828 sppuinotify - ok 23:36:28.0298 2828 SRTSP (6820b710c7225d489223d4a6e1ac3e16) C:\windows\system32\drivers\NISx64\1105000.07F\SRTSP64.SYS 23:36:28.0329 2828 SRTSP - ok 23:36:28.0345 2828 SRTSPX (7159e3dea683fd88c10da6cf9997162f) C:\windows\system32\drivers\NISx64\1105000.07F\SRTSPX64.SYS 23:36:28.0360 2828 SRTSPX - ok 23:36:28.0407 2828 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys 23:36:28.0485 2828 srv - ok 23:36:28.0516 2828 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys 23:36:28.0563 2828 srv2 - ok 23:36:28.0594 2828 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys 23:36:28.0610 2828 srvnet - ok 23:36:28.0657 2828 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll 23:36:28.0719 2828 SSDPSRV - ok 23:36:28.0750 2828 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll 23:36:28.0781 2828 SstpSvc - ok 23:36:28.0813 2828 ssudmdm (ad42ca614e086bcadbd53fffc404ac24) C:\windows\system32\DRIVERS\ssudmdm.sys 23:36:28.0828 2828 ssudmdm - ok 23:36:28.0859 2828 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys 23:36:28.0875 2828 stexstor - ok 23:36:28.0922 2828 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll 23:36:28.0969 2828 stisvc - ok 23:36:29.0015 2828 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys 23:36:29.0031 2828 swenum - ok 23:36:29.0062 2828 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll 23:36:29.0125 2828 swprv - ok 23:36:29.0203 2828 SynTP (470c47daba9ca3966f0ab3f835d7d135) C:\windows\system32\DRIVERS\SynTP.sys 23:36:29.0218 2828 SynTP - ok 23:36:29.0312 2828 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll 23:36:29.0374 2828 SysMain - ok 23:36:29.0468 2828 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll 23:36:29.0530 2828 TabletInputService - ok 23:36:29.0577 2828 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll 23:36:29.0655 2828 TapiSrv - ok 23:36:29.0702 2828 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll 23:36:29.0749 2828 TBS - ok 23:36:29.0858 2828 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys 23:36:29.0905 2828 Tcpip - ok 23:36:30.0092 2828 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys 23:36:30.0139 2828 TCPIP6 - ok 23:36:30.0248 2828 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys 23:36:30.0326 2828 tcpipreg - ok 23:36:30.0373 2828 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys 23:36:30.0388 2828 tdcmdpst - ok 23:36:30.0419 2828 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys 23:36:30.0451 2828 TDPIPE - ok 23:36:30.0482 2828 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys 23:36:30.0513 2828 TDTCP - ok 23:36:30.0575 2828 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys 23:36:30.0607 2828 tdx - ok 23:36:30.0638 2828 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys 23:36:30.0653 2828 TermDD - ok 23:36:30.0700 2828 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll 23:36:30.0778 2828 TermService - ok 23:36:30.0809 2828 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll 23:36:30.0841 2828 Themes - ok 23:36:30.0887 2828 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll 23:36:30.0919 2828 THREADORDER - ok 23:36:30.0997 2828 TMachInfo (28644b0523d64eff2fc7312a2ee74b0a) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe 23:36:31.0028 2828 TMachInfo - ok 23:36:31.0059 2828 TODDSrv (ed32035bdfeced1ad66d459fd9cc1140) C:\windows\system32\TODDSrv.exe 23:36:31.0075 2828 TODDSrv - ok 23:36:31.0199 2828 TosCoSrv (bdbe7a21e1de76d92f566aa80546aa4c) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe 23:36:31.0215 2828 TosCoSrv - ok 23:36:31.0262 2828 TOSHIBA HDD SSD Alert Service (74c2fa8c3765ee71a9c22182ec108457) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe 23:36:31.0262 2828 TOSHIBA HDD SSD Alert Service - ok 23:36:31.0309 2828 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll 23:36:31.0371 2828 TrkWks - ok 23:36:31.0433 2828 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe 23:36:31.0496 2828 TrustedInstaller - ok 23:36:31.0558 2828 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys 23:36:31.0636 2828 tssecsrv - ok 23:36:31.0683 2828 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys 23:36:31.0730 2828 TsUsbFlt - ok 23:36:31.0792 2828 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys 23:36:31.0870 2828 tunnel - ok 23:36:31.0917 2828 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS 23:36:31.0917 2828 TVALZ - ok 23:36:31.0948 2828 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys 23:36:31.0964 2828 uagp35 - ok 23:36:31.0995 2828 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys 23:36:32.0042 2828 udfs - ok 23:36:32.0073 2828 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe 23:36:32.0073 2828 UI0Detect - ok 23:36:32.0120 2828 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys 23:36:32.0135 2828 uliagpkx - ok 23:36:32.0167 2828 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys 23:36:32.0213 2828 umbus - ok 23:36:32.0245 2828 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys 23:36:32.0260 2828 UmPass - ok 23:36:32.0307 2828 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll 23:36:32.0401 2828 upnphost - ok 23:36:32.0447 2828 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys 23:36:32.0479 2828 usbccgp - ok 23:36:32.0510 2828 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys 23:36:32.0525 2828 usbcir - ok 23:36:32.0557 2828 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys 23:36:32.0588 2828 usbehci - ok 23:36:32.0635 2828 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys 23:36:32.0666 2828 usbhub - ok 23:36:32.0697 2828 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys 23:36:32.0728 2828 usbohci - ok 23:36:32.0759 2828 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys 23:36:32.0791 2828 usbprint - ok 23:36:32.0822 2828 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS 23:36:32.0869 2828 USBSTOR - ok 23:36:32.0931 2828 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\DRIVERS\usbuhci.sys 23:36:32.0962 2828 usbuhci - ok 23:36:33.0040 2828 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys 23:36:33.0071 2828 usbvideo - ok 23:36:33.0087 2828 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll 23:36:33.0134 2828 UxSms - ok 23:36:33.0165 2828 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe 23:36:33.0181 2828 VaultSvc - ok 23:36:33.0227 2828 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys 23:36:33.0243 2828 vdrvroot - ok 23:36:33.0290 2828 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe 23:36:33.0337 2828 vds - ok 23:36:33.0368 2828 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys 23:36:33.0383 2828 vga - ok 23:36:33.0415 2828 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys 23:36:33.0461 2828 VgaSave - ok 23:36:33.0508 2828 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys 23:36:33.0524 2828 vhdmp - ok 23:36:33.0571 2828 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys 23:36:33.0586 2828 viaide - ok 23:36:33.0617 2828 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys 23:36:33.0633 2828 volmgr - ok 23:36:33.0695 2828 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys 23:36:33.0711 2828 volmgrx - ok 23:36:33.0758 2828 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys 23:36:33.0773 2828 volsnap - ok 23:36:33.0805 2828 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys 23:36:33.0820 2828 vsmraid - ok 23:36:33.0898 2828 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe 23:36:33.0976 2828 VSS - ok 23:36:34.0085 2828 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys 23:36:34.0117 2828 vwifibus - ok 23:36:34.0132 2828 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys 23:36:34.0179 2828 vwififlt - ok 23:36:34.0241 2828 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll 23:36:34.0273 2828 W32Time - ok 23:36:34.0304 2828 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys 23:36:34.0335 2828 WacomPen - ok 23:36:34.0397 2828 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys 23:36:34.0491 2828 WANARP - ok 23:36:34.0491 2828 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys 23:36:34.0522 2828 Wanarpv6 - ok 23:36:34.0631 2828 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe 23:36:34.0678 2828 WatAdminSvc - ok 23:36:34.0756 2828 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe 23:36:34.0850 2828 wbengine - ok 23:36:34.0943 2828 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll 23:36:34.0975 2828 WbioSrvc - ok 23:36:35.0021 2828 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll 23:36:35.0053 2828 wcncsvc - ok 23:36:35.0084 2828 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll 23:36:35.0115 2828 WcsPlugInService - ok 23:36:35.0162 2828 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys 23:36:35.0162 2828 Wd - ok 23:36:35.0193 2828 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys 23:36:35.0224 2828 Wdf01000 - ok 23:36:35.0255 2828 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll 23:36:35.0333 2828 WdiServiceHost - ok 23:36:35.0349 2828 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll 23:36:35.0365 2828 WdiSystemHost - ok 23:36:35.0411 2828 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll 23:36:35.0443 2828 WebClient - ok 23:36:35.0489 2828 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll 23:36:35.0552 2828 Wecsvc - ok 23:36:35.0567 2828 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll 23:36:35.0630 2828 wercplsupport - ok 23:36:35.0677 2828 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll 23:36:35.0723 2828 WerSvc - ok 23:36:35.0786 2828 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys 23:36:35.0833 2828 WfpLwf - ok 23:36:35.0848 2828 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys 23:36:35.0864 2828 WIMMount - ok 23:36:35.0895 2828 WinDefend - ok 23:36:35.0911 2828 WinHttpAutoProxySvc - ok 23:36:35.0973 2828 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll 23:36:36.0035 2828 Winmgmt - ok 23:36:36.0113 2828 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll 23:36:36.0191 2828 WinRM - ok 23:36:36.0316 2828 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys 23:36:36.0347 2828 WinUsb - ok 23:36:36.0394 2828 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll 23:36:36.0441 2828 Wlansvc - ok 23:36:36.0613 2828 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 23:36:36.0659 2828 wlidsvc - ok 23:36:36.0769 2828 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys 23:36:36.0800 2828 WmiAcpi - ok 23:36:36.0862 2828 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe 23:36:36.0909 2828 wmiApSrv - ok 23:36:36.0956 2828 WMPNetworkSvc - ok 23:36:36.0987 2828 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll 23:36:37.0003 2828 WPCSvc - ok 23:36:37.0034 2828 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll 23:36:37.0081 2828 WPDBusEnum - ok 23:36:37.0096 2828 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys 23:36:37.0174 2828 ws2ifsl - ok 23:36:37.0205 2828 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll 23:36:37.0252 2828 wscsvc - ok 23:36:37.0252 2828 WSearch - ok 23:36:37.0330 2828 WSWNA3100 (d0697918519a4cf059c2c7e3b9e93a53) C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe 23:36:37.0346 2828 WSWNA3100 - ok 23:36:37.0486 2828 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\windows\system32\wuaueng.dll 23:36:37.0533 2828 wuauserv - ok 23:36:37.0627 2828 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys 23:36:37.0705 2828 WudfPf - ok 23:36:37.0751 2828 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys 23:36:37.0783 2828 WUDFRd - ok 23:36:37.0814 2828 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll 23:36:37.0861 2828 wudfsvc - ok 23:36:37.0892 2828 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll 23:36:37.0954 2828 WwanSvc - ok 23:36:37.0985 2828 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0 23:36:38.0251 2828 \Device\Harddisk0\DR0 - ok 23:36:38.0282 2828 Boot (0x1200) (d5504a391aa340d3a569ffc5d61d1100) \Device\Harddisk0\DR0\Partition0 23:36:38.0297 2828 \Device\Harddisk0\DR0\Partition0 - ok 23:36:38.0297 2828 ============================================================ 23:36:38.0297 2828 Scan finished 23:36:38.0297 2828 ============================================================ 23:36:38.0313 4240 Detected object count: 1 23:36:38.0313 4240 Actual detected object count: 1 23:37:56.0719 4240 IconMan_R ( UnsignedFile.Multi.Generic ) - skipped by user 23:37:56.0719 4240 IconMan_R ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:38:08.0060 0480 Deinitialize success
-
Hi MrC, thanks for getting back to me, here's the report RogueKiller V7.5.4 [06/07/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User: Matt [Admin rights] Mode: Scan -- Date: 06/23/2012 22:59:22 ¤¤¤ Bad processes: 1 ¤¤¤ [sVCHOST] svchost.exe -- C:\windows\SysWOW64\svchost.exe -> KILLED [TermProc] ¤¤¤ Registry Entries: 2 ¤¤¤ [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: TOSHIBA MK5065GSXN +++++ --- User --- [MBR] 2c9e9dafd99063491270344f0d2bad73 [bSP] 777d2c06fad2dfdc09827059c52ec5f4 : Windows Vista MBR Code Partition table: 0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 466017 Mo 2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 957476864 | Size: 9422 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1].txt >> RKreport[1].txt
-
Hi, have discovered I've got Trojan.Dropper.BCMiner on my machine. Here's the requested logs . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_30 Run by Matt at 15:04:29 on 2012-06-23 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.1913.627 [GMT 10:00] . AV: Norton Internet Security *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8} FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E} . ============== Running Processes =============== . C:\windows\system32\wininit.exe C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k NetworkService C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe C:\Program Files (x86)\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.202\SymcPCCULaunchSvc.exe C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.202\ccSvcHst.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\windows\system32\svchost.exe -k imgsvc C:\windows\system32\TODDSrv.exe C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\windows\system32\SearchIndexer.exe C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\windows\System32\svchost.exe -k secsvcs C:\Program Files\Windows Media Player\wmpnetwk.exe C:\windows\servicing\TrustedInstaller.exe C:\windows\system32\taskhost.exe C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\17.5.0.127\InstStub.exe C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.202\ccSvcHst.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe C:\windows\system32\igfxsrvc.exe C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Winamp\winampa.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\windows\system32\wuauclt.exe C:\windows\system32\igfxext.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\windows\System32\svchost.exe -k LocalServicePeerNet C:\windows\system32\taskeng.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe C:\windows\system32\DllHost.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe C:\windows\system32\DllHost.exe C:\windows\system32\DllHost.exe C:\windows\SysWOW64\cmd.exe C:\windows\system32\conhost.exe C:\windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://toshiba.msn.com uDefault_Page_URL = hxxp://toshiba.msn.com mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.5.0.127\coIEPlg.dll BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\17.5.0.127\IPSBHO.DLL BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: TOSHIBA Media Controller Plug-in: {f3c88694-effa-4d78-b409-54b7b2535b14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\17.5.0.127\coIEPlg.dll uRun: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background mRun: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP mRun: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL mRun: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe" UNATTENDED mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office10\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab TCP: DhcpNameServer = 10.0.0.138 TCP: Interfaces\{B9041FC5-07D3-4F86-AD86-C73BC146F422} : DhcpNameServer = 10.0.0.138 TCP: Interfaces\{B9041FC5-07D3-4F86-AD86-C73BC146F422}\46C696E6B6 : DhcpNameServer = 211.29.152.116 198.142.0.51 211.29.132.12 TCP: Interfaces\{B9041FC5-07D3-4F86-AD86-C73BC146F422}\F40545553514533413539303 : DhcpNameServer = 10.1.1.1 Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\microsoft shared\Web Folders\PKMCDO.DLL Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.5.0.127\coIEPlg.dll BHO-X64: Symantec NCO BHO - No File BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.5.0.127\IPSBHO.DLL BHO-X64: Symantec Intrusion Prevention - No File BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.5.0.127\coIEPlg.dll mRun-x64: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP mRun-x64: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL mRun-x64: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM mRun-x64: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun mRun-x64: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe" UNATTENDED mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun-x64: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\vwa2a0jb.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.inthemix.com.au/forum/forumdisplay.php?forumid=4 FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Matt\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll . ============= SERVICES / DRIVERS =============== . R0 SCMNdisP;General NDIS Protocol Driver;C:\windows\system32\DRIVERS\scmndisp.sys --> C:\windows\system32\DRIVERS\scmndisp.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?] R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-1-29 249200] R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-3-11 46448] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2011-6-30 1811456] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-5-29 654408] R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe [2011-6-30 126392] R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.202\SymcPCCULaunchSvc.exe [2011-6-30 103792] R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.202\ccSvcHst.exe [2011-6-30 126392] R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-9-27 1153368] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R2 WSWNA3100;WSWNA3100;C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [2011-11-21 285152] R3 CeKbFilter;CeKbFilter;C:\windows\system32\DRIVERS\CeKbFilter.sys --> C:\windows\system32\DRIVERS\CeKbFilter.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\windows\system32\drivers\mbam.sys --> C:\windows\system32\drivers\mbam.sys [?] R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys --> C:\windows\system32\DRIVERS\pgeffect.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?] R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\system32\DRIVERS\rtl8192Ce.sys --> C:\windows\system32\DRIVERS\rtl8192Ce.sys [?] R3 Sftfs;Sftfs;C:\windows\system32\DRIVERS\Sftfslh.sys --> C:\windows\system32\DRIVERS\Sftfslh.sys [?] R3 Sftplay;Sftplay;C:\windows\system32\DRIVERS\Sftplaylh.sys --> C:\windows\system32\DRIVERS\Sftplaylh.sys [?] R3 Sftredir;Sftredir;C:\windows\system32\DRIVERS\Sftredirlh.sys --> C:\windows\system32\DRIVERS\Sftredirlh.sys [?] R3 Sftvol;Sftvol;C:\windows\system32\DRIVERS\Sftvollh.sys --> C:\windows\system32\DRIVERS\Sftvollh.sys [?] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-6-30 51512] R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-6 137560] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 cpudrv64;cpudrv64;C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2009-12-18 17864] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\windows\system32\DRIVERS\ssudbus.sys --> C:\windows\system32\DRIVERS\ssudbus.sys [?] S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-13 206072] S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-20 129976] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUStor.sys --> C:\windows\system32\Drivers\RtsUStor.sys [?] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\windows\system32\DRIVERS\ssudmdm.sys --> C:\windows\system32\DRIVERS\ssudmdm.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2012-06-23 03:56:50 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D7639AB0-1CAF-4334-B7D2-E2F3F064F2AE}\mpengine.dll . ==================== Find3M ==================== . 2012-04-04 05:56:40 24904 ----a-w- C:\windows\System32\drivers\mbam.sys 2012-03-31 06:05:57 5559664 ----a-w- C:\windows\System32\ntoskrnl.exe 2012-03-31 04:39:37 3968368 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe 2012-03-31 04:39:37 3913072 ----a-w- C:\windows\SysWow64\ntoskrnl.exe 2012-03-31 03:10:03 3146240 ----a-w- C:\windows\System32\win32k.sys 2012-03-30 11:35:47 1918320 ----a-w- C:\windows\System32\drivers\tcpip.sys . ============= FINISH: 15:05:38.36 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 29/06/2011 7:23:50 PM System Uptime: 23/06/2012 2:50:29 PM (1 hours ago) . Motherboard: TOSHIBA | | PWWAM Processor: Pentium® Dual-Core CPU T4500 @ 2.30GHz | U2E1 | 2300/mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 455 GiB total, 383.277 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: NAVEX15 Device ID: ROOT\LEGACY_NAVEX15\0000 Manufacturer: Name: NAVEX15 PNP Device ID: ROOT\LEGACY_NAVEX15\0000 Service: NAVEX15 . ==== System Restore Points =================== . RP84: 5/06/2012 8:05:35 AM - Windows Update RP85: 8/06/2012 6:08:06 PM - Windows Update RP87: 9/06/2012 12:11:17 PM - Windows Defender Checkpoint RP89: 11/06/2012 7:04:36 PM - Windows Defender Checkpoint RP90: 12/06/2012 5:01:40 PM - Windows Update RP91: 15/06/2012 6:56:11 PM - Windows Update RP92: 15/06/2012 7:54:40 PM - Windows Update RP93: 17/06/2012 10:11:08 AM - Windows Update RP94: 19/06/2012 6:56:18 PM - Windows Update RP95: 22/06/2012 5:00:46 PM - Windows Update RP96: 23/06/2012 1:41:53 PM - Restore Operation . ==== Installed Programs ====================== . Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.5.1 Amazon Kindle For PC v1.1 Bejeweled 2 Deluxe Bejeweled 3 BigPond Broadband ADSL Build-a-lot 2 Canon MOV Decoder Canon Utilities Digital Photo Professional 3.8 Canon Utilities EOS Utility Canon Utilities PhotoStitch Canon Utilities ZoomBrowser EX Canon ZoomBrowser EX Memory Card Utility Chuzzle Deluxe Facebook Video Calling 1.2.0.159 FATE Intel® Graphics Media Accelerator Driver Java Auto Updater Java 6 Update 30 Jewel Match 3 Jewel Quest - Heritage Junk Mail filter update Malwarebytes Anti-Malware version 1.61.0.1400 McAfee Security Scan Plus Microsoft Choice Guard Microsoft Office 2010 Microsoft Office Click-to-Run 2010 Microsoft Office Starter 2010 - English Microsoft Office XP Professional with FrontPage Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Mozilla Firefox 12.0 (x86 en-GB) Mozilla Maintenance Service MSVCRT NETGEAR WNA3100 wireless USB 2.0 adapter Norton Internet Security Norton Online Backup Norton PC Checkup PhotoScape Plants vs. Zombies Polar Bowler Rainbow Web 2 Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Realtek WLAN Driver Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Skype Toolbars Skype™ 4.2 Spybot - Search & Destroy SpywareBlaster 4.4 System Requirements Lab for Intel TOSHIBA Assist TOSHIBA Bulletin Board TOSHIBA ConfigFree TOSHIBA Face Recognition TOSHIBA Flash Cards Support Utility TOSHIBA Hardware Setup TOSHIBA HDD/SSD Alert TOSHIBA Media Controller TOSHIBA Media Controller Plug-in TOSHIBA ReelTime TOSHIBA Service Station TOSHIBA Speech System Applications TOSHIBA Speech System SR Engine(U.S.) Version1.0 TOSHIBA Speech System TTS Engine(U.S.) Version1.0 TOSHIBA Supervisor Password TOSHIBA Value Added Package TOSHIBA Web Camera Application Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update Installer for WildTangent Games App Utility Common Driver Virtual Villagers 4 - The Tree of Life Wheel of Fortune 2 WildTangent Games WildTangent Games App (Toshiba Games) Winamp Winamp Detector Plug-in Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Gallery Windows Live Sync Windows Live Upload Tool Windows Live Writer Zuma's Revenge . ==== Event Viewer Messages From Past Week ======== . 23/06/2012 2:51:09 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SRTSP 23/06/2012 2:50:37 PM, Error: SRTSP [5] - Error loading Symantec real time Anti-Virus driver. 23/06/2012 2:50:37 PM, Error: SRTSP [4] - Error loading virus definitions. 22/06/2012 7:30:11 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. 19/06/2012 6:45:51 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. 19/06/2012 11:10:42 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIS service. 18/06/2012 7:13:02 PM, Error: Tcpip [4199] - The system detected an address conflict for IP address 10.0.0.2 with the system having network hardware address 38-60-77-A0-A6-D6. Network operations on this system may be disrupted as a result. . ==== End Of File =========================== Any help appreciated
