Jump to content

tysonboh

Members
 View Profile  See their activity

  • Posts

    20

  • Joined

  • Last visited

Reputation

0 Neutral
  1. tysonboh

    To anyone who's lucky enough to get this kind strangers help, your in luck! Effienctly fixed my computer of a problem i wouldnt have a chance in hell of fixing myself!

  2. tysonboh
    okay, will do, thank you so much for all the help you really helped me out when i thought my computer was screwed. thanks so much!
  3. tysonboh
    so your saying that the virus is now gone? no more backdoor trojan? no more hackers been able to use my computer as if they were sitting in front of it? can i go back to using it as i used to? (except for being alot safer online) is online purchasing/logging into frequently used sites now okay?
  4. tysonboh
    Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Database version: v2012.07.06.14 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 8.0.6001.19272 USER :: USER-PC [administrator] 7/07/2012 11:29:45 AM mbam-log-2012-07-07 (11-29-45).txt Scan type: Full scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 345696 Time elapsed: 1 hour(s), 10 minute(s), 13 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) and the pop-up is no longer occuring.
  5. tysonboh
    22:59:53.0520 5684 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08 22:59:54.0893 5684 ============================================================ 22:59:54.0893 5684 Current date / time: 2012/07/06 22:59:54.0893 22:59:54.0893 5684 SystemInfo: 22:59:54.0893 5684 22:59:54.0893 5684 OS Version: 6.0.6002 ServicePack: 2.0 22:59:54.0893 5684 Product type: Workstation 22:59:54.0893 5684 ComputerName: USER-PC 22:59:54.0893 5684 UserName: USER 22:59:54.0893 5684 Windows directory: C:\Windows 22:59:54.0893 5684 System windows directory: C:\Windows 22:59:54.0893 5684 Processor architecture: Intel x86 22:59:54.0893 5684 Number of processors: 2 22:59:54.0893 5684 Page size: 0x1000 22:59:54.0893 5684 Boot type: Normal boot 22:59:54.0893 5684 ============================================================ 22:59:55.0829 5684 Drive \Device\Harddisk0\DR0 - Size: 0x2E93E36000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 22:59:55.0829 5684 ============================================================ 22:59:55.0829 5684 \Device\Harddisk0\DR0: 22:59:55.0829 5684 MBR partitions: 22:59:55.0829 5684 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x16565800 22:59:55.0829 5684 ============================================================ 22:59:55.0844 5684 C: <-> \Device\Harddisk0\DR0\Partition0 22:59:55.0844 5684 ============================================================ 22:59:55.0844 5684 Initialize success 22:59:55.0844 5684 ============================================================ 23:00:41.0078 2212 ============================================================ 23:00:41.0078 2212 Scan started 23:00:41.0078 2212 Mode: Manual; SigCheck; TDLFS; 23:00:41.0078 2212 ============================================================ 23:00:42.0184 2212 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 23:00:42.0287 2212 ACPI - ok 23:00:42.0529 2212 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys 23:00:42.0570 2212 adp94xx - ok 23:00:42.0595 2212 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys 23:00:42.0615 2212 adpahci - ok 23:00:42.0718 2212 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys 23:00:42.0734 2212 adpu160m - ok 23:00:42.0776 2212 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys 23:00:42.0793 2212 adpu320 - ok 23:00:42.0837 2212 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll 23:00:42.0986 2212 AeLookupSvc - ok 23:00:43.0057 2212 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys 23:00:43.0132 2212 AFD - ok 23:00:43.0282 2212 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys 23:00:43.0296 2212 agp440 - ok 23:00:43.0447 2212 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 23:00:43.0463 2212 aic78xx - ok 23:00:43.0511 2212 AlfaFF (a3c95c02b2d26824d82718806bec915e) C:\Windows\system32\Drivers\AlfaFF.sys 23:00:43.0532 2212 AlfaFF - ok 23:00:43.0553 2212 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe 23:00:43.0604 2212 ALG - ok 23:00:43.0661 2212 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys 23:00:43.0674 2212 aliide - ok 23:00:43.0759 2212 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys 23:00:43.0773 2212 amdagp - ok 23:00:43.0821 2212 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys 23:00:43.0835 2212 amdide - ok 23:00:43.0869 2212 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys 23:00:43.0936 2212 AmdK7 - ok 23:00:44.0045 2212 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys 23:00:44.0102 2212 AmdK8 - ok 23:00:44.0220 2212 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll 23:00:44.0273 2212 Appinfo - ok 23:00:44.0475 2212 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 23:00:44.0487 2212 Apple Mobile Device - ok 23:00:44.0521 2212 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys 23:00:44.0539 2212 arc - ok 23:00:44.0706 2212 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys 23:00:44.0721 2212 arcsas - ok 23:00:44.0986 2212 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 23:00:45.0000 2212 aspnet_state - ok 23:00:45.0102 2212 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 23:00:45.0148 2212 AsyncMac - ok 23:00:45.0252 2212 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 23:00:45.0266 2212 atapi - ok 23:00:45.0346 2212 Ati External Event Utility (26757a5a06c37ef44be544eb7e98d9d3) C:\Windows\system32\Ati2evxx.exe 23:00:45.0431 2212 Ati External Event Utility - ok 23:00:45.0891 2212 atikmdag (d5ab32f003780f21325f1c1df613f867) C:\Windows\system32\DRIVERS\atikmdag.sys 23:00:46.0168 2212 atikmdag - ok 23:00:46.0453 2212 ATSWPDRV (7ceaaa478bd100ecbb1a2fc38f8f03de) C:\Windows\system32\DRIVERS\ATSwpDrv.sys 23:00:46.0467 2212 ATSWPDRV - ok 23:00:46.0537 2212 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll 23:00:46.0601 2212 AudioEndpointBuilder - ok 23:00:46.0609 2212 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll 23:00:46.0635 2212 Audiosrv - ok 23:00:46.0680 2212 Authentec memory manager (530fe40a1420e7e3992ddb58af12b8b9) C:\Windows\system32\TAMSvr.exe 23:00:46.0727 2212 Authentec memory manager ( UnsignedFile.Multi.Generic ) - warning 23:00:46.0727 2212 Authentec memory manager - detected UnsignedFile.Multi.Generic (1) 23:00:46.0920 2212 Automatic LiveUpdate Scheduler (b5d974c1fd078a68c7536c561b031d39) C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe 23:00:46.0996 2212 Automatic LiveUpdate Scheduler - ok 23:00:47.0049 2212 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 23:00:47.0116 2212 Beep - ok 23:00:47.0286 2212 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll 23:00:47.0400 2212 BFE - ok 23:00:47.0499 2212 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll 23:00:47.0613 2212 BITS - ok 23:00:47.0672 2212 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys 23:00:47.0700 2212 blbdrive - ok 23:00:47.0816 2212 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe 23:00:47.0851 2212 Bonjour Service - ok 23:00:47.0942 2212 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys 23:00:47.0982 2212 bowser - ok 23:00:48.0037 2212 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 23:00:48.0106 2212 BrFiltLo - ok 23:00:48.0132 2212 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 23:00:48.0186 2212 BrFiltUp - ok 23:00:48.0237 2212 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll 23:00:48.0311 2212 Browser - ok 23:00:48.0345 2212 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 23:00:48.0523 2212 Brserid - ok 23:00:48.0544 2212 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 23:00:48.0612 2212 BrSerWdm - ok 23:00:48.0675 2212 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 23:00:48.0749 2212 BrUsbMdm - ok 23:00:48.0797 2212 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 23:00:48.0880 2212 BrUsbSer - ok 23:00:48.0919 2212 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 23:00:48.0990 2212 BTHMODEM - ok 23:00:49.0034 2212 catchme - ok 23:00:49.0056 2212 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 23:00:49.0100 2212 cdfs - ok 23:00:49.0153 2212 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 23:00:49.0196 2212 cdrom - ok 23:00:49.0247 2212 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll 23:00:49.0280 2212 CertPropSvc - ok 23:00:49.0396 2212 CFcatchme - ok 23:00:49.0440 2212 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys 23:00:49.0504 2212 circlass - ok 23:00:49.0580 2212 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 23:00:49.0600 2212 CLFS - ok 23:00:49.0673 2212 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 23:00:49.0687 2212 clr_optimization_v2.0.50727_32 - ok 23:00:49.0815 2212 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 23:00:49.0832 2212 clr_optimization_v4.0.30319_32 - ok 23:00:49.0894 2212 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 23:00:49.0951 2212 CmBatt - ok 23:00:50.0012 2212 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys 23:00:50.0029 2212 cmdide - ok 23:00:50.0044 2212 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 23:00:50.0060 2212 Compbatt - ok 23:00:50.0069 2212 COMSysApp - ok 23:00:50.0191 2212 ConfigFree Service (596e452b5152ec9afe8153d296459d2b) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe 23:00:50.0218 2212 ConfigFree Service ( UnsignedFile.Multi.Generic ) - warning 23:00:50.0218 2212 ConfigFree Service - detected UnsignedFile.Multi.Generic (1) 23:00:50.0240 2212 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys 23:00:50.0253 2212 crcdisk - ok 23:00:50.0396 2212 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys 23:00:50.0441 2212 Crusoe - ok 23:00:50.0488 2212 CryptSvc (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll 23:00:50.0590 2212 CryptSvc - ok 23:00:50.0730 2212 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll 23:00:50.0898 2212 DcomLaunch - ok 23:00:51.0018 2212 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys 23:00:51.0046 2212 DfsC - ok 23:00:51.0489 2212 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe 23:00:51.0700 2212 DFSR - ok 23:00:52.0076 2212 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll 23:00:52.0135 2212 Dhcp - ok 23:00:52.0229 2212 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 23:00:52.0243 2212 disk - ok 23:00:52.0292 2212 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll 23:00:52.0420 2212 Dnscache - ok 23:00:52.0482 2212 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll 23:00:52.0508 2212 dot3svc - ok 23:00:52.0557 2212 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll 23:00:52.0625 2212 DPS - ok 23:00:52.0665 2212 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 23:00:52.0706 2212 drmkaud - ok 23:00:52.0915 2212 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys 23:00:52.0944 2212 DXGKrnl - ok 23:00:53.0039 2212 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys 23:00:53.0138 2212 E1G60 - ok 23:00:53.0208 2212 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll 23:00:53.0250 2212 EapHost - ok 23:00:53.0381 2212 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 23:00:53.0398 2212 Ecache - ok 23:00:53.0521 2212 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe 23:00:53.0562 2212 ehRecvr - ok 23:00:53.0588 2212 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe 23:00:53.0648 2212 ehSched - ok 23:00:53.0661 2212 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll 23:00:53.0684 2212 ehstart - ok 23:00:53.0782 2212 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys 23:00:53.0808 2212 elxstor - ok 23:00:53.0936 2212 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll 23:00:54.0029 2212 EMDMgmt - ok 23:00:54.0064 2212 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys 23:00:54.0107 2212 ErrDev - ok 23:00:54.0195 2212 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll 23:00:54.0236 2212 EventSystem - ok 23:00:54.0305 2212 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 23:00:54.0411 2212 exfat - ok 23:00:54.0480 2212 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 23:00:54.0514 2212 fastfat - ok 23:00:54.0585 2212 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 23:00:54.0634 2212 fdc - ok 23:00:54.0662 2212 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll 23:00:54.0690 2212 fdPHost - ok 23:00:54.0699 2212 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll 23:00:54.0746 2212 FDResPub - ok 23:00:54.0768 2212 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 23:00:54.0782 2212 FileInfo - ok 23:00:54.0867 2212 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 23:00:54.0895 2212 Filetrace - ok 23:00:54.0909 2212 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 23:00:54.0950 2212 flpydisk - ok 23:00:55.0249 2212 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 23:00:55.0267 2212 FltMgr - ok 23:00:55.0520 2212 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll 23:00:55.0637 2212 FontCache - ok 23:00:55.0789 2212 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 23:00:55.0801 2212 FontCache3.0.0.0 - ok 23:00:55.0863 2212 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys 23:00:55.0914 2212 Fs_Rec - ok 23:00:55.0975 2212 FwLnk (cbc22823628544735625b280665e434e) C:\Windows\system32\DRIVERS\FwLnk.sys 23:00:56.0020 2212 FwLnk - ok 23:00:56.0049 2212 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys 23:00:56.0063 2212 gagp30kx - ok 23:00:56.0129 2212 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 23:00:56.0139 2212 GEARAspiWDM - ok 23:00:56.0244 2212 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll 23:00:56.0341 2212 gpsvc - ok 23:00:56.0508 2212 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys 23:00:56.0558 2212 HdAudAddService - ok 23:00:56.0745 2212 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 23:00:56.0828 2212 HDAudBus - ok 23:00:56.0845 2212 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 23:00:56.0892 2212 HidBth - ok 23:00:56.0973 2212 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 23:00:57.0037 2212 HidIr - ok 23:00:57.0150 2212 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll 23:00:57.0202 2212 hidserv - ok 23:00:57.0245 2212 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 23:00:57.0298 2212 HidUsb - ok 23:00:57.0331 2212 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll 23:00:57.0361 2212 hkmsvc - ok 23:00:57.0480 2212 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys 23:00:57.0494 2212 HpCISSs - ok 23:00:57.0600 2212 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 23:00:57.0660 2212 HTTP - ok 23:00:57.0781 2212 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys 23:00:57.0794 2212 i2omp - ok 23:00:57.0841 2212 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 23:00:57.0877 2212 i8042prt - ok 23:00:57.0974 2212 iaStor (e5a0034847537eaee3c00349d5c34c5f) C:\Windows\system32\DRIVERS\iaStor.sys 23:00:57.0990 2212 iaStor - ok 23:00:58.0242 2212 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys 23:00:58.0299 2212 iaStorV - ok 23:00:58.0623 2212 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 23:00:58.0703 2212 idsvc - ok 23:00:58.0816 2212 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 23:00:58.0829 2212 iirsp - ok 23:00:58.0935 2212 IJPLMSVC (a06efd4965f8a3f97a8c9a291d032678) C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE 23:00:58.0964 2212 IJPLMSVC - ok 23:00:59.0022 2212 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll 23:00:59.0066 2212 IKEEXT - ok 23:00:59.0398 2212 IntcAzAudAddService (8a4341616976e47712b60f18c7049dcc) C:\Windows\system32\drivers\RTKVHDA.sys 23:00:59.0580 2212 IntcAzAudAddService - ok 23:01:00.0088 2212 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 23:01:00.0102 2212 intelide - ok 23:01:00.0112 2212 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 23:01:00.0156 2212 intelppm - ok 23:01:00.0212 2212 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll 23:01:00.0271 2212 IPBusEnum - ok 23:01:00.0293 2212 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 23:01:00.0334 2212 IpFilterDriver - ok 23:01:00.0405 2212 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll 23:01:00.0454 2212 iphlpsvc - ok 23:01:00.0460 2212 IpInIp - ok 23:01:00.0567 2212 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys 23:01:00.0595 2212 IPMIDRV - ok 23:01:00.0669 2212 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 23:01:00.0698 2212 IPNAT - ok 23:01:00.0868 2212 iPod Service (178fe38b7740f598391eb2f51ae4ccac) C:\Program Files\iPod\bin\iPodService.exe 23:01:00.0921 2212 iPod Service - ok 23:01:01.0031 2212 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 23:01:01.0058 2212 IRENUM - ok 23:01:01.0117 2212 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys 23:01:01.0145 2212 isapnp - ok 23:01:01.0243 2212 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 23:01:01.0261 2212 iScsiPrt - ok 23:01:01.0340 2212 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 23:01:01.0352 2212 iteatapi - ok 23:01:01.0387 2212 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 23:01:01.0400 2212 iteraid - ok 23:01:01.0429 2212 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 23:01:01.0442 2212 kbdclass - ok 23:01:01.0457 2212 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys 23:01:01.0503 2212 kbdhid - ok 23:01:01.0584 2212 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 23:01:01.0667 2212 KeyIso - ok 23:01:01.0735 2212 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys 23:01:01.0773 2212 KSecDD - ok 23:01:01.0886 2212 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll 23:01:02.0023 2212 KtmRm - ok 23:01:02.0101 2212 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll 23:01:02.0175 2212 LanmanServer - ok 23:01:02.0286 2212 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll 23:01:02.0367 2212 LanmanWorkstation - ok 23:01:03.0000 2212 LiveUpdate (a97eeb81f05bce3d7aa6c81f04ef39a4) C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE 23:01:03.0230 2212 LiveUpdate - ok 23:01:03.0451 2212 LiveUpdate Notice Ex - ok 23:01:03.0610 2212 LiveUpdate Notice Service (2d1389e05a807d956829f44bd4b60389) C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe 23:01:03.0738 2212 LiveUpdate Notice Service - ok 23:01:04.0043 2212 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 23:01:04.0089 2212 lltdio - ok 23:01:04.0157 2212 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll 23:01:04.0225 2212 lltdsvc - ok 23:01:04.0300 2212 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll 23:01:04.0346 2212 lmhosts - ok 23:01:04.0415 2212 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys 23:01:04.0431 2212 LSI_FC - ok 23:01:04.0500 2212 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys 23:01:04.0515 2212 LSI_SAS - ok 23:01:04.0552 2212 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys 23:01:04.0567 2212 LSI_SCSI - ok 23:01:04.0686 2212 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 23:01:04.0757 2212 luafv - ok 23:01:04.0788 2212 massfilter - ok 23:01:04.0869 2212 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll 23:01:04.0901 2212 Mcx2Svc - ok 23:01:04.0955 2212 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys 23:01:04.0969 2212 megasas - ok 23:01:05.0099 2212 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys 23:01:05.0167 2212 MegaSR - ok 23:01:05.0257 2212 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll 23:01:05.0286 2212 MMCSS - ok 23:01:05.0339 2212 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 23:01:05.0381 2212 Modem - ok 23:01:05.0444 2212 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 23:01:05.0509 2212 monitor - ok 23:01:05.0534 2212 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 23:01:05.0547 2212 mouclass - ok 23:01:05.0557 2212 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 23:01:05.0597 2212 mouhid - ok 23:01:05.0639 2212 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 23:01:05.0653 2212 MountMgr - ok 23:01:05.0850 2212 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 23:01:05.0865 2212 MozillaMaintenance - ok 23:01:06.0021 2212 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys 23:01:06.0040 2212 MpFilter - ok 23:01:06.0160 2212 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys 23:01:06.0176 2212 mpio - ok 23:01:06.0386 2212 MpKslda6ce9f1 (a69630d039c38018689190234f866d77) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6E33B7EA-EB9D-4A20-A783-7B54BA9DBF22}\MpKslda6ce9f1.sys 23:01:06.0397 2212 MpKslda6ce9f1 - ok 23:01:06.0417 2212 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 23:01:06.0440 2212 mpsdrv - ok 23:01:06.0550 2212 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll 23:01:06.0629 2212 MpsSvc - ok 23:01:06.0671 2212 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 23:01:06.0683 2212 Mraid35x - ok 23:01:06.0795 2212 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 23:01:06.0828 2212 MRxDAV - ok 23:01:06.0872 2212 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys 23:01:06.0902 2212 mrxsmb - ok 23:01:06.0984 2212 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys 23:01:07.0004 2212 mrxsmb10 - ok 23:01:07.0033 2212 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 23:01:07.0078 2212 mrxsmb20 - ok 23:01:07.0125 2212 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys 23:01:07.0138 2212 msahci - ok 23:01:07.0243 2212 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys 23:01:07.0258 2212 msdsm - ok 23:01:07.0339 2212 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe 23:01:07.0426 2212 MSDTC - ok 23:01:07.0533 2212 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 23:01:07.0578 2212 Msfs - ok 23:01:07.0664 2212 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 23:01:07.0680 2212 msisadrv - ok 23:01:07.0742 2212 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll 23:01:07.0793 2212 MSiSCSI - ok 23:01:07.0798 2212 msiserver - ok 23:01:07.0847 2212 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 23:01:07.0893 2212 MSKSSRV - ok 23:01:08.0009 2212 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe 23:01:08.0022 2212 MsMpSvc - ok 23:01:08.0072 2212 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 23:01:08.0099 2212 MSPCLOCK - ok 23:01:08.0129 2212 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 23:01:08.0170 2212 MSPQM - ok 23:01:08.0328 2212 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 23:01:08.0350 2212 MsRPC - ok 23:01:08.0479 2212 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 23:01:08.0495 2212 mssmbios - ok 23:01:08.0541 2212 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 23:01:08.0617 2212 MSTEE - ok 23:01:08.0710 2212 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 23:01:08.0725 2212 Mup - ok 23:01:08.0819 2212 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll 23:01:08.0864 2212 napagent - ok 23:01:08.0991 2212 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 23:01:09.0050 2212 NativeWifiP - ok 23:01:09.0300 2212 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 23:01:09.0342 2212 NDIS - ok 23:01:09.0420 2212 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 23:01:09.0502 2212 NdisTapi - ok 23:01:09.0517 2212 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 23:01:09.0559 2212 Ndisuio - ok 23:01:09.0680 2212 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 23:01:09.0755 2212 NdisWan - ok 23:01:09.0773 2212 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 23:01:09.0796 2212 NDProxy - ok 23:01:09.0855 2212 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 23:01:09.0884 2212 NetBIOS - ok 23:01:09.0998 2212 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 23:01:10.0046 2212 netbt - ok 23:01:10.0147 2212 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 23:01:10.0164 2212 Netlogon - ok 23:01:10.0201 2212 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll 23:01:10.0272 2212 Netman - ok 23:01:10.0436 2212 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 23:01:10.0452 2212 NetMsmqActivator - ok 23:01:10.0457 2212 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 23:01:10.0470 2212 NetPipeActivator - ok 23:01:10.0575 2212 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll 23:01:10.0621 2212 netprofm - ok 23:01:10.0626 2212 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 23:01:10.0639 2212 NetTcpActivator - ok 23:01:10.0644 2212 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 23:01:10.0658 2212 NetTcpPortSharing - ok 23:01:11.0237 2212 NETw3v32 (35d5458d9a1b26b2005abffbf4c1c5e7) C:\Windows\system32\DRIVERS\NETw3v32.sys 23:01:11.0636 2212 NETw3v32 - ok 23:01:12.0478 2212 NETw4v32 (6522dd40a5f67ced020bd81b856613fb) C:\Windows\system32\DRIVERS\NETw4v32.sys 23:01:12.0704 2212 NETw4v32 - ok 23:01:13.0575 2212 NETw5v32 (8de67bd902095a13329fd82c85a1fa09) C:\Windows\system32\DRIVERS\NETw5v32.sys 23:01:13.0823 2212 NETw5v32 - ok 23:01:14.0234 2212 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 23:01:14.0247 2212 nfrd960 - ok 23:01:14.0308 2212 NisDrv (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 23:01:14.0321 2212 NisDrv - ok 23:01:14.0516 2212 NisSrv (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe 23:01:14.0535 2212 NisSrv - ok 23:01:14.0621 2212 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll 23:01:14.0652 2212 NlaSvc - ok 23:01:14.0865 2212 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 23:01:14.0887 2212 Npfs - ok 23:01:14.0908 2212 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll 23:01:14.0952 2212 nsi - ok 23:01:15.0000 2212 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 23:01:15.0062 2212 nsiproxy - ok 23:01:15.0275 2212 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 23:01:15.0395 2212 Ntfs - ok 23:01:15.0450 2212 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 23:01:15.0495 2212 ntrigdigi - ok 23:01:15.0518 2212 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 23:01:15.0569 2212 Null - ok 23:01:15.0647 2212 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys 23:01:15.0663 2212 nvraid - ok 23:01:15.0692 2212 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys 23:01:15.0708 2212 nvstor - ok 23:01:15.0764 2212 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys 23:01:15.0780 2212 nv_agp - ok 23:01:15.0785 2212 NwlnkFlt - ok 23:01:15.0792 2212 NwlnkFwd - ok 23:01:15.0877 2212 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys 23:01:15.0912 2212 ohci1394 - ok 23:01:16.0017 2212 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 23:01:16.0031 2212 ose - ok 23:01:16.0151 2212 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 23:01:16.0266 2212 p2pimsvc - ok 23:01:16.0275 2212 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 23:01:16.0352 2212 p2psvc - ok 23:01:16.0443 2212 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 23:01:16.0497 2212 Parport - ok 23:01:16.0582 2212 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys 23:01:16.0597 2212 partmgr - ok 23:01:16.0625 2212 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 23:01:16.0686 2212 Parvdm - ok 23:01:16.0736 2212 PCASp50 (1961590aa191b6b7dcf18a6a693af7b8) C:\Windows\system32\Drivers\PCASp50.sys 23:01:16.0748 2212 PCASp50 - ok 23:01:16.0798 2212 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll 23:01:16.0899 2212 PcaSvc - ok 23:01:16.0970 2212 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 23:01:16.0987 2212 pci - ok 23:01:17.0040 2212 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys 23:01:17.0071 2212 pciide - ok 23:01:17.0096 2212 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 23:01:17.0113 2212 pcmcia - ok 23:01:17.0267 2212 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 23:01:17.0366 2212 PEAUTH - ok 23:01:17.0611 2212 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll 23:01:17.0840 2212 pla - ok 23:01:18.0082 2212 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll 23:01:18.0111 2212 PlugPlay - ok 23:01:18.0209 2212 PnkBstrA (3a2bdd76e7d2a5f40a7174793d1ba794) C:\Windows\system32\PnkBstrA.exe 23:01:18.0222 2212 PnkBstrA - ok 23:01:18.0365 2212 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 23:01:18.0426 2212 PNRPAutoReg - ok 23:01:18.0438 2212 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 23:01:18.0489 2212 PNRPsvc - ok 23:01:18.0566 2212 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll 23:01:18.0629 2212 PolicyAgent - ok 23:01:18.0739 2212 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 23:01:18.0785 2212 PptpMiniport - ok 23:01:18.0843 2212 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys 23:01:18.0871 2212 Processor - ok 23:01:18.0968 2212 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll 23:01:18.0996 2212 ProfSvc - ok 23:01:19.0095 2212 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 23:01:19.0111 2212 ProtectedStorage - ok 23:01:19.0153 2212 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 23:01:19.0188 2212 PSched - ok 23:01:19.0394 2212 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys 23:01:19.0518 2212 ql2300 - ok 23:01:19.0611 2212 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 23:01:19.0632 2212 ql40xx - ok 23:01:19.0856 2212 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll 23:01:19.0934 2212 QWAVE - ok 23:01:19.0965 2212 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 23:01:19.0981 2212 QWAVEdrv - ok 23:01:20.0007 2212 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 23:01:20.0057 2212 RasAcd - ok 23:01:20.0096 2212 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll 23:01:20.0150 2212 RasAuto - ok 23:01:20.0194 2212 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 23:01:20.0225 2212 Rasl2tp - ok 23:01:20.0300 2212 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll 23:01:20.0351 2212 RasMan - ok 23:01:20.0468 2212 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 23:01:20.0503 2212 RasPppoe - ok 23:01:20.0602 2212 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 23:01:20.0619 2212 RasSstp - ok 23:01:20.0724 2212 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 23:01:20.0763 2212 rdbss - ok 23:01:20.0798 2212 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 23:01:20.0872 2212 RDPCDD - ok 23:01:20.0912 2212 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys 23:01:20.0945 2212 rdpdr - ok 23:01:21.0014 2212 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 23:01:21.0066 2212 RDPENCDD - ok 23:01:21.0104 2212 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys 23:01:21.0214 2212 RDPWD - ok 23:01:21.0256 2212 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll 23:01:21.0286 2212 RemoteAccess - ok 23:01:21.0347 2212 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll 23:01:21.0373 2212 RemoteRegistry - ok 23:01:21.0471 2212 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys 23:01:21.0514 2212 rimmptsk - ok 23:01:21.0534 2212 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys 23:01:21.0553 2212 rimsptsk - ok 23:01:21.0570 2212 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys 23:01:21.0591 2212 rismxdp - ok 23:01:21.0665 2212 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe 23:01:21.0735 2212 RpcLocator - ok 23:01:21.0855 2212 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll 23:01:21.0902 2212 RpcSs - ok 23:01:22.0009 2212 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 23:01:22.0047 2212 rspndr - ok 23:01:22.0221 2212 RTL8169 (2d19a7469ea19993d0c12e627f4530bc) C:\Windows\system32\DRIVERS\Rtlh86.sys 23:01:22.0286 2212 RTL8169 - ok 23:01:22.0310 2212 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 23:01:22.0327 2212 SamSs - ok 23:01:22.0394 2212 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 23:01:22.0409 2212 sbp2port - ok 23:01:22.0647 2212 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe 23:01:22.0739 2212 SBSDWSCService - ok 23:01:22.0852 2212 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll 23:01:22.0879 2212 SCardSvr - ok 23:01:22.0949 2212 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll 23:01:23.0018 2212 Schedule - ok 23:01:23.0039 2212 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll 23:01:23.0060 2212 SCPolicySvc - ok 23:01:23.0195 2212 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys 23:01:23.0219 2212 sdbus - ok 23:01:23.0298 2212 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll 23:01:23.0344 2212 SDRSVC - ok 23:01:23.0423 2212 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 23:01:23.0483 2212 secdrv - ok 23:01:23.0571 2212 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll 23:01:23.0619 2212 seclogon - ok 23:01:23.0657 2212 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll 23:01:23.0695 2212 SENS - ok 23:01:23.0870 2212 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 23:01:23.0916 2212 Serenum - ok 23:01:23.0979 2212 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 23:01:24.0045 2212 Serial - ok 23:01:24.0145 2212 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 23:01:24.0172 2212 sermouse - ok 23:01:24.0252 2212 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll 23:01:24.0284 2212 SessionEnv - ok 23:01:24.0324 2212 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys 23:01:24.0365 2212 sffdisk - ok 23:01:24.0387 2212 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys 23:01:24.0456 2212 sffp_mmc - ok 23:01:24.0521 2212 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys 23:01:24.0543 2212 sffp_sd - ok 23:01:24.0571 2212 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 23:01:24.0632 2212 sfloppy - ok 23:01:24.0781 2212 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll 23:01:24.0855 2212 SharedAccess - ok 23:01:24.0942 2212 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll 23:01:25.0020 2212 ShellHWDetection - ok 23:01:25.0049 2212 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys 23:01:25.0063 2212 sisagp - ok 23:01:25.0144 2212 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys 23:01:25.0158 2212 SiSRaid2 - ok 23:01:25.0181 2212 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys 23:01:25.0197 2212 SiSRaid4 - ok 23:01:25.0743 2212 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe 23:01:25.0973 2212 slsvc - ok 23:01:26.0376 2212 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll 23:01:26.0481 2212 SLUINotify - ok 23:01:26.0575 2212 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 23:01:26.0635 2212 Smb - ok 23:01:26.0701 2212 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe 23:01:26.0720 2212 SNMPTRAP - ok 23:01:26.0744 2212 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 23:01:26.0758 2212 spldr - ok 23:01:26.0819 2212 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe 23:01:26.0888 2212 Spooler - ok 23:01:27.0022 2212 SQLWriter (9263c8898732e2b890f7e954e7729ab7) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 23:01:27.0035 2212 SQLWriter - ok 23:01:27.0198 2212 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys 23:01:27.0360 2212 srv - ok 23:01:27.0469 2212 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys 23:01:27.0542 2212 srv2 - ok 23:01:27.0596 2212 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys 23:01:27.0627 2212 srvnet - ok 23:01:27.0684 2212 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll 23:01:27.0736 2212 SSDPSRV - ok 23:01:27.0777 2212 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll 23:01:27.0835 2212 SstpSvc - ok 23:01:27.0935 2212 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll 23:01:27.0986 2212 stisvc - ok 23:01:28.0083 2212 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 23:01:28.0097 2212 swenum - ok 23:01:28.0278 2212 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll 23:01:28.0309 2212 swprv - ok 23:01:28.0327 2212 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 23:01:28.0349 2212 Symc8xx - ok 23:01:28.0369 2212 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 23:01:28.0383 2212 Sym_hi - ok 23:01:28.0418 2212 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 23:01:28.0445 2212 Sym_u3 - ok 23:01:28.0562 2212 SynTP (70534d1e4f9ac990536d5fb5b550b3de) C:\Windows\system32\DRIVERS\SynTP.sys 23:01:28.0578 2212 SynTP - ok 23:01:28.0741 2212 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll 23:01:28.0849 2212 SysMain - ok 23:01:28.0942 2212 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll 23:01:28.0979 2212 TabletInputService - ok 23:01:29.0147 2212 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll 23:01:29.0203 2212 TapiSrv - ok 23:01:29.0315 2212 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll 23:01:29.0359 2212 TBS - ok 23:01:29.0833 2212 Tcpip (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\drivers\tcpip.sys 23:01:29.0905 2212 Tcpip - ok 23:01:29.0920 2212 Tcpip6 (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\DRIVERS\tcpip.sys 23:01:29.0974 2212 Tcpip6 - ok 23:01:30.0060 2212 tcpipreg (2c2d4cff5e09c73908f9b5af49a51365) C:\Windows\system32\drivers\tcpipreg.sys 23:01:30.0101 2212 tcpipreg - ok 23:01:30.0154 2212 tdcmdpst (1825bceb47bf41c5a9f0e44de82fc27a) C:\Windows\system32\DRIVERS\tdcmdpst.sys 23:01:30.0195 2212 tdcmdpst - ok 23:01:30.0225 2212 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 23:01:30.0255 2212 TDPIPE - ok 23:01:30.0315 2212 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 23:01:30.0343 2212 TDTCP - ok 23:01:30.0394 2212 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 23:01:30.0430 2212 tdx - ok 23:01:30.0574 2212 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 23:01:30.0589 2212 TermDD - ok 23:01:30.0698 2212 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll 23:01:30.0839 2212 TermService - ok 23:01:30.0945 2212 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll 23:01:30.0965 2212 Themes - ok 23:01:31.0049 2212 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll 23:01:31.0077 2212 THREADORDER - ok 23:01:31.0267 2212 TNaviSrv (e47f35a87ff0da38def37a0eb0c2d2df) C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe 23:01:31.0280 2212 TNaviSrv - ok 23:01:31.0421 2212 TODDSrv (c5ac715b65b01788abc22d10749dddd8) C:\Windows\system32\TODDSrv.exe 23:01:31.0475 2212 TODDSrv - ok 23:01:31.0593 2212 TosCoSrv (da6903958cbdc091ffcbbca70ccff34c) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe 23:01:31.0626 2212 TosCoSrv - ok 23:01:31.0738 2212 TOSHIBA Bluetooth Service (2e7315b147e524e055026e6634b14ea6) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe 23:01:31.0750 2212 TOSHIBA Bluetooth Service - ok 23:01:31.0802 2212 TOSHIBA SMART Log Service (22690dffc7f2a18279a7a0489aa02bac) C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe 23:01:31.0832 2212 TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - warning 23:01:31.0833 2212 TOSHIBA SMART Log Service - detected UnsignedFile.Multi.Generic (1) 23:01:31.0958 2212 tosrfbd (ae43138b0dea239b3621b0faf1bb1fe7) C:\Windows\system32\DRIVERS\tosrfbd.sys 23:01:32.0022 2212 tosrfbd - ok 23:01:32.0026 2212 Tosrfcom - ok 23:01:32.0069 2212 tosrfec (c063b8e2db85420438ebce3fc8d2752e) C:\Windows\system32\DRIVERS\tosrfec.sys 23:01:32.0108 2212 tosrfec - ok 23:01:32.0141 2212 Tosrfhid (87700714f25131ed21901d617b8b321f) C:\Windows\system32\DRIVERS\Tosrfhid.sys 23:01:32.0185 2212 Tosrfhid - ok 23:01:32.0213 2212 Tosrfusb (98c04a6432ce9c2ad328f57b9384d348) C:\Windows\system32\DRIVERS\tosrfusb.sys 23:01:32.0250 2212 Tosrfusb - ok 23:01:32.0458 2212 tos_sps32 (1ea5f27c29405bf49799feca77186da9) C:\Windows\system32\DRIVERS\tos_sps32.sys 23:01:32.0512 2212 tos_sps32 - ok 23:01:32.0712 2212 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll 23:01:32.0767 2212 TrkWks - ok 23:01:32.0798 2212 TrojanKillerDriver (113384367c3999e084fe156b18c7625e) C:\Windows\system32\DRIVERS\gtkdrv.sys 23:01:32.0842 2212 TrojanKillerDriver - ok 23:01:32.0934 2212 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe 23:01:32.0955 2212 TrustedInstaller - ok 23:01:33.0043 2212 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 23:01:33.0071 2212 tssecsrv - ok 23:01:33.0152 2212 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 23:01:33.0180 2212 tunmp - ok 23:01:33.0208 2212 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 23:01:33.0245 2212 tunnel - ok 23:01:33.0273 2212 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS 23:01:33.0284 2212 TVALZ - ok 23:01:33.0302 2212 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys 23:01:33.0317 2212 uagp35 - ok 23:01:33.0354 2212 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 23:01:33.0403 2212 udfs - ok 23:01:33.0487 2212 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe 23:01:33.0528 2212 UI0Detect - ok 23:01:33.0680 2212 UleadBurningHelper (332d341d92b933600d41953b08360dfb) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe 23:01:33.0687 2212 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - warning 23:01:33.0687 2212 UleadBurningHelper - detected UnsignedFile.Multi.Generic (1) 23:01:33.0802 2212 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys 23:01:33.0817 2212 uliagpkx - ok 23:01:33.0849 2212 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys 23:01:33.0911 2212 uliahci - ok 23:01:33.0997 2212 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 23:01:34.0012 2212 UlSata - ok 23:01:34.0032 2212 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 23:01:34.0060 2212 ulsata2 - ok 23:01:34.0120 2212 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 23:01:34.0207 2212 umbus - ok 23:01:34.0223 2212 UMPass (88bd96a1baeed33ee8bdf9499c07a841) C:\Windows\system32\DRIVERS\umpass.sys 23:01:34.0252 2212 UMPass - ok 23:01:34.0312 2212 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll 23:01:34.0377 2212 upnphost - ok 23:01:34.0436 2212 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys 23:01:34.0470 2212 USBAAPL - ok 23:01:34.0496 2212 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 23:01:34.0563 2212 usbccgp - ok 23:01:34.0741 2212 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 23:01:34.0811 2212 usbcir - ok 23:01:34.0930 2212 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 23:01:34.0984 2212 usbehci - ok 23:01:35.0099 2212 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 23:01:35.0151 2212 usbhub - ok 23:01:35.0217 2212 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 23:01:35.0278 2212 usbohci - ok 23:01:35.0316 2212 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys 23:01:35.0344 2212 usbprint - ok 23:01:35.0382 2212 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys 23:01:35.0415 2212 usbscan - ok 23:01:35.0585 2212 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 23:01:35.0620 2212 USBSTOR - ok 23:01:35.0643 2212 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 23:01:35.0693 2212 usbuhci - ok 23:01:35.0725 2212 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys 23:01:35.0790 2212 usbvideo - ok 23:01:35.0855 2212 UVCFTR (8c5094a8ab24de7496c7c19942f2df04) C:\Windows\system32\Drivers\UVCFTR_S.SYS 23:01:35.0892 2212 UVCFTR - ok 23:01:35.0930 2212 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll 23:01:35.0966 2212 UxSms - ok 23:01:36.0080 2212 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe 23:01:36.0158 2212 vds - ok 23:01:36.0215 2212 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys 23:01:36.0291 2212 vga - ok 23:01:36.0411 2212 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 23:01:36.0439 2212 VgaSave - ok 23:01:36.0533 2212 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys 23:01:36.0547 2212 viaagp - ok 23:01:36.0575 2212 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys 23:01:36.0620 2212 ViaC7 - ok 23:01:36.0679 2212 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys 23:01:36.0708 2212 viaide - ok 23:01:36.0730 2212 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 23:01:36.0745 2212 volmgr - ok 23:01:36.0790 2212 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 23:01:36.0812 2212 volmgrx - ok 23:01:36.0889 2212 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 23:01:36.0909 2212 volsnap - ok 23:01:37.0020 2212 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys 23:01:37.0037 2212 vsmraid - ok 23:01:37.0365 2212 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe 23:01:37.0468 2212 VSS - ok 23:01:37.0618 2212 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll 23:01:37.0702 2212 W32Time - ok 23:01:37.0822 2212 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 23:01:37.0884 2212 WacomPen - ok 23:01:38.0005 2212 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 23:01:38.0028 2212 Wanarp - ok 23:01:38.0032 2212 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 23:01:38.0056 2212 Wanarpv6 - ok 23:01:38.0149 2212 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll 23:01:38.0280 2212 wcncsvc - ok 23:01:38.0423 2212 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll 23:01:38.0466 2212 WcsPlugInService - ok 23:01:38.0512 2212 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys 23:01:38.0536 2212 Wd - ok 23:01:38.0622 2212 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 23:01:38.0677 2212 Wdf01000 - ok 23:01:38.0803 2212 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll 23:01:38.0849 2212 WdiServiceHost - ok 23:01:38.0856 2212 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll 23:01:38.0887 2212 WdiSystemHost - ok 23:01:38.0960 2212 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll 23:01:39.0021 2212 WebClient - ok 23:01:39.0127 2212 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll 23:01:39.0168 2212 Wecsvc - ok 23:01:39.0238 2212 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll 23:01:39.0265 2212 wercplsupport - ok 23:01:39.0365 2212 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll 23:01:39.0393 2212 WerSvc - ok 23:01:39.0525 2212 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll 23:01:39.0545 2212 WinDefend - ok 23:01:39.0555 2212 WinHttpAutoProxySvc - ok 23:01:39.0679 2212 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll 23:01:39.0704 2212 Winmgmt - ok 23:01:39.0916 2212 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll 23:01:40.0092 2212 WinRM - ok 23:01:40.0232 2212 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll 23:01:40.0296 2212 Wlansvc - ok 23:01:40.0387 2212 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys 23:01:40.0410 2212 WmiAcpi - ok 23:01:40.0654 2212 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe 23:01:40.0697 2212 wmiApSrv - ok 23:01:41.0014 2212 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe 23:01:41.0103 2212 WMPNetworkSvc - ok 23:01:41.0196 2212 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll 23:01:41.0265 2212 WPCSvc - ok 23:01:41.0326 2212 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll 23:01:41.0365 2212 WPDBusEnum - ok 23:01:41.0490 2212 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys 23:01:41.0507 2212 WpdUsb - ok 23:01:41.0792 2212 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 23:01:41.0843 2212 WPFFontCache_v0400 - ok 23:01:41.0940 2212 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 23:01:42.0028 2212 ws2ifsl - ok 23:01:42.0106 2212 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll 23:01:42.0144 2212 wscsvc - ok 23:01:42.0149 2212 WSearch - ok 23:01:42.0533 2212 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll 23:01:42.0713 2212 wuauserv - ok 23:01:43.0061 2212 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 23:01:43.0090 2212 WUDFRd - ok 23:01:43.0199 2212 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll 23:01:43.0252 2212 wudfsvc - ok 23:01:43.0275 2212 ZTEusbmdm6k - ok 23:01:43.0283 2212 ZTEusbnet - ok 23:01:43.0329 2212 ZTEusbnmea - ok 23:01:43.0337 2212 ZTEusbser6k - ok 23:01:43.0373 2212 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0 23:01:44.0210 2212 \Device\Harddisk0\DR0 - ok 23:01:44.0239 2212 Boot (0x1200) (f716aef41ef85260e1d1ed22fc0951d9) \Device\Harddisk0\DR0\Partition0 23:01:44.0258 2212 \Device\Harddisk0\DR0\Partition0 - ok 23:01:44.0259 2212 ============================================================ 23:01:44.0259 2212 Scan finished 23:01:44.0259 2212 ============================================================ 23:01:44.0274 5700 Detected object count: 4 23:01:44.0274 5700 Actual detected object count: 4 23:02:20.0885 5700 C:\Windows\system32\TAMSvr.exe - copied to quarantine 23:02:20.0928 5700 HKLM\SYSTEM\ControlSet001\services\Authentec memory manager - will be deleted on reboot 23:02:20.0956 5700 HKLM\SYSTEM\ControlSet002\services\Authentec memory manager - will be deleted on reboot 23:02:20.0972 5700 C:\Windows\system32\TAMSvr.exe - will be deleted on reboot 23:02:20.0972 5700 Authentec memory manager ( UnsignedFile.Multi.Generic ) - User select action: Delete 23:02:21.0158 5700 C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe - copied to quarantine 23:02:21.0202 5700 HKLM\SYSTEM\ControlSet001\services\ConfigFree Service - will be deleted on reboot 23:02:21.0204 5700 HKLM\SYSTEM\ControlSet002\services\ConfigFree Service - will be deleted on reboot 23:02:21.0209 5700 C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe - will be deleted on reboot 23:02:21.0209 5700 ConfigFree Service ( UnsignedFile.Multi.Generic ) - User select action: Delete 23:02:21.0272 5700 C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe - copied to quarantine 23:02:21.0475 5700 HKLM\SYSTEM\ControlSet001\services\TOSHIBA SMART Log Service - will be deleted on reboot 23:02:21.0500 5700 HKLM\SYSTEM\ControlSet002\services\TOSHIBA SMART Log Service - will be deleted on reboot 23:02:21.0506 5700 C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe - will be deleted on reboot 23:02:21.0506 5700 TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - User select action: Delete 23:02:21.0600 5700 C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe - copied to quarantine 23:02:22.0099 5700 HKLM\SYSTEM\ControlSet001\services\UleadBurningHelper - will be deleted on reboot 23:02:22.0113 5700 HKLM\SYSTEM\ControlSet002\services\UleadBurningHelper - will be deleted on reboot 23:02:22.0118 5700 C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe - will be deleted on reboot 23:02:22.0118 5700 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - User select action: Delete
  6. tysonboh
    okay i just finished all that,so it is now safe to browse? what about online purchasing, logging into sites i use frequently etc?
  7. tysonboh
    okay, ive uninstalled norton, put microsoft security essentials on and completely updated it, and now its doing a full scan, so far its taken about 3 hours and still going. so am i now able to use my computer for browsing still? or would it still be unsafe to log into websites i want to use etc.
  8. tysonboh
    okay so i went ahead a restarted the system in normal mode, no pop up so far. and really the pop up was the only thing showing me that i had the virus, there were no other problems occuring on my computer, so basically its running the exact same way, minus the pop-up.
  9. tysonboh
    okay so i did the combofix thing, and after it was done it must have restarted the computer, but it restarted in normal mode, in normal mode these blue combofix boxes kept flashing up all over the screen, after waiting a while i realised this wasnt right, turned it off and opened it again in safe mode with networking. combofix was up again but working properly and it finished its thing. heres the log ComboFix 12-07-05.04 - USER 06/07/2012 12:58:40.1.2 - x86 NETWORK Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.61.1033.18.2045.1348 [GMT 10:00] Running from: c:\users\USER\Desktop\ComboFix.exe Command switches used :: c:\users\USER\Desktop\CFScript.txt SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . file zipped: c:\users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hbxtfbyd.exe . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\USER\AppData\Local\cujhubpm c:\users\USER\AppData\Local\cujhubpm\hbxtfbyd.exZ c:\users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hbxtfbyd.exe . . ((((((((((((((((((((((((( Files Created from 2012-06-06 to 2012-07-06 ))))))))))))))))))))))))))))))) . . 2012-07-06 03:02 . 2012-07-06 03:09 -------- d-----w- c:\users\USER\AppData\Local\temp 2012-07-06 03:02 . 2012-07-06 03:02 -------- d-----w- c:\users\Mcx1\AppData\Local\temp 2012-07-06 03:02 . 2012-07-06 03:02 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-05 15:18 . 2012-07-05 15:19 -------- d-----w- c:\program files\ERUNT 2012-07-04 12:45 . 2008-07-30 07:42 23888 ----a-w- c:\windows\system32\drivers\COH_Mon.sys 2012-07-04 05:22 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F7BDEAAA-F8E4-4513-A34E-69A86815D46A}\mpengine.dll 2012-06-30 10:46 . 2012-06-30 11:07 -------- d-----w- c:\program files\GridinSoft Trojan Killer 2012-06-22 01:25 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-22 01:25 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-22 01:25 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-22 01:25 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-06-22 01:24 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-22 01:24 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-22 01:24 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-06-22 01:24 . 2012-06-02 05:19 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-22 01:24 . 2012-06-02 05:12 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-06-20 08:09 . 2012-06-20 08:09 -------- d-----w- c:\program files\Microsoft XNA 2012-06-20 08:09 . 2009-03-16 04:18 69448 ----a-w- c:\windows\system32\XAPOFX1_3.dll 2012-06-20 08:09 . 2009-03-16 04:18 517448 ----a-w- c:\windows\system32\XAudio2_4.dll 2012-06-20 08:09 . 2009-03-16 04:18 235352 ----a-w- c:\windows\system32\xactengine3_4.dll 2012-06-20 08:09 . 2009-03-16 04:18 22360 ----a-w- c:\windows\system32\X3DAudio1_6.dll 2012-06-20 08:09 . 2007-04-04 08:53 81768 ----a-w- c:\windows\system32\xinput1_3.dll 2012-06-20 08:09 . 2007-03-12 06:42 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll 2012-06-20 08:09 . 2006-09-28 06:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll 2012-06-20 08:07 . 2012-06-20 08:07 -------- d-----w- c:\program files\Superfighters Deluxe 2012-06-19 10:09 . 2012-06-19 10:09 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll 2012-06-19 10:09 . 2012-06-19 10:09 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll 2012-06-14 07:58 . 2012-04-23 16:00 984064 ----a-w- c:\windows\system32\crypt32.dll 2012-06-14 07:58 . 2012-04-23 16:00 98304 ----a-w- c:\windows\system32\cryptnet.dll 2012-06-14 07:58 . 2012-04-23 16:00 133120 ----a-w- c:\windows\system32\cryptsvc.dll 2012-06-14 07:24 . 2012-05-01 14:03 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-06-14 07:24 . 2012-05-15 19:51 2045440 ----a-w- c:\windows\system32\win32k.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-19 10:09 . 2011-11-11 08:13 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\prxtbuTor.dll" [2011-05-09 176936] "{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\prxtbFre0.dll" [2011-05-09 176936] . [HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] . [HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}] . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}] 2011-05-09 08:49 176936 ----a-w- c:\program files\Freecorder\prxtbFre0.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] 2011-05-09 09:49 176936 ----a-w- c:\program files\uTorrentBar\prxtbuTor.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2011-08-23 10:20 1515688 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\prxtbuTor.dll" [2011-05-09 176936] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-08-23 1515688] "{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\prxtbFre0.dll" [2011-05-09 176936] . [HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}] . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}"= "c:\program files\uTorrentBar\prxtbuTor.dll" [2011-05-09 176936] "{1392B8D2-5C05-419F-A8F6-B9F15A596612}"= "c:\program files\Freecorder\prxtbFre0.dll" [2011-05-09 176936] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-08-23 1515688] . [HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] . [HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IconOvrly1] @="{A4EEBF66-92EB-4F2A-9F1E-2F6D14B30DA6}" [HKEY_CLASSES_ROOT\CLSID\{A4EEBF66-92EB-4F2A-9F1E-2F6D14B30DA6}] 2007-04-20 01:40 118784 ----a-w- c:\program files\TrueSuite Access Manager\IconOvrly.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Facebook Update"="c:\users\USER\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-02-06 137536] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-29 75136] "NDSTray.exe"="NDSTray.exe" [bU] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-14 1348904] "RtHDVCpl"="RtHDVCpl.exe" [2008-01-29 4911104] "Skytel"="Skytel.exe" [2007-11-20 1826816] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112] "TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456] "HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-10-31 54608] "SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2007-06-15 448080] "00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-01-22 712704] "FingerPrintNotifer"="c:\program files\TrueSuite Access Manager\FpNotifier.exe" [2008-01-24 671744] "UsbMonitor"="c:\program files\TrueSuite Access Manager\usbnotify.exe" [2007-06-05 94208] "PwdBank"="c:\program files\TrueSuite Access Manager\PwdBank.exe" [2008-02-01 3150848] "Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2007-10-25 413696] "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2007-01-09 115816] "Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240] "ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2011-08-23 887976] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-27 1983816] "CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-18 767312] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-12-07 421736] "Freecorder FLV Service"="c:\program files\Freecorder\FLVSrvc.exe" [2011-03-24 167936] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) "DisableCAD"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . --- Other Services/Drivers In Memory --- . *NewlyCreated* - COMHOST *NewlyCreated* - ECACHE . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Contents of the 'Scheduled Tasks' folder . 2012-07-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-862659715-177543783-37968287-1003Core.job - c:\users\USER\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-02-06 05:59] . 2012-07-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-862659715-177543783-37968287-1003UA.job - c:\users\USER\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-02-06 05:59] . 2012-06-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-862659715-177543783-37968287-1003Core.job - c:\users\USER\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-24 10:47] . 2012-07-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-862659715-177543783-37968287-1003UA.job - c:\users\USER\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-24 10:47] . 2012-06-25 c:\windows\Tasks\Norton Internet Security - Run Full System Scan - USER.job - c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2007-01-14 02:09] . 2012-07-05 c:\windows\Tasks\User_Feed_Synchronization-{F3431E30-F412-43CE-91E3-3CD359877F65}.job - c:\windows\system32\msfeedssync.exe [2012-06-14 03:24] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.facebook.com/ uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.88.1 FF - ProfilePath - c:\users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\1qolu3le.default\ . . ************************************************************************** scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: . ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'Explorer.exe'(320) c:\program files\TrueSuite Access Manager\IconOvrly.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Windows Media Player\wmpnscfg.exe . ************************************************************************** . Completion time: 2012-07-06 13:14:52 - machine was rebooted ComboFix-quarantined-files.txt 2012-07-06 03:14 ComboFix2.txt 2012-07-06 02:21 . Pre-Run: 13,502,423,040 bytes free Post-Run: 13,271,773,184 bytes free . - - End Of File - - B4458361A748C3563EB63FA1AB6D1886 Upload was successful here is the mbam scan. Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Database version: v2012.07.06.01 Windows Vista Service Pack 2 x86 NTFS (Safe Mode/Networking) Internet Explorer 8.0.6001.19272 USER :: USER-PC [administrator] 6/07/2012 1:19:58 PM mbam-log-2012-07-06 (13-19-58).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 216364 Time elapsed: 3 minute(s), 33 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) as for how is my system now, would you like me to reboot in normal mode and see if the pop-up still occurs or something ?
  10. tysonboh
    okay so here is the mbam log Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Database version: v2012.07.05.05 Windows Vista Service Pack 2 x86 NTFS (Safe Mode/Networking) Internet Explorer 8.0.6001.19272 USER :: USER-PC [administrator] 6/07/2012 12:00:22 PM mbam-log-2012-07-06 (12-00-22).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 213789 Time elapsed: 4 minute(s), 27 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) the roguekiller log RogueKiller V7.6.2 [07/02/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version Started in : Safe mode with network support User: USER [Admin rights] Mode: Scan -- Date: 07/06/2012 12:06:04 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 4 ¤¤¤ [sUSP PATH] HKCU\[...]\Run : HbxTfbyd (C:\Users\USER\AppData\Local\cujhubpm\hbxtfbyd.exe) -> FOUND [sUSP PATH] HKUS\S-1-5-21-862659715-177543783-37968287-1003[...]\Run : HbxTfbyd (C:\Users\USER\AppData\Local\cujhubpm\hbxtfbyd.exe) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ 127.0.0.1 localhost ::1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: FUJITSU MHY2200BH +++++ --- User --- [MBR] 7df079e97d313bc9037b9c8b17b36d9c [bSP] 59cdd0f62e430d3ee99792baf5e868e5 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 182987 Mo 2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 377831424 | Size: 6286 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[3].txt >> RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt and the combofix log ComboFix 12-07-05.04 - USER 06/07/2012 12:12:49.1.2 - x86 NETWORK Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.61.1033.18.2045.1529 [GMT 10:00] Running from: c:\users\USER\Desktop\ComboFix.exe SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\Complitly c:\program files\Complitly\chrome\ComplitlyChrome.crx c:\program files\Complitly\FireFoxExtension.exe c:\program files\Complitly\InstTracker.exe c:\program files\Complitly\support@Complitly.com\chrome.manifest c:\program files\Complitly\support@Complitly.com\chrome\content\appIcon.png c:\program files\Complitly\support@Complitly.com\chrome\content\browserOverlay.xul c:\program files\Complitly\support@Complitly.com\chrome\content\options.js c:\program files\Complitly\support@Complitly.com\chrome\content\options.xul c:\program files\Complitly\support@Complitly.com\chrome\content\utils.js c:\program files\Complitly\support@Complitly.com\defaults\preferences\predictad.js c:\program files\Complitly\support@Complitly.com\install.rdf c:\program files\Complitly\unins000.dat c:\program files\Complitly\unins000.exe c:\users\USER\AppData\Local\bclcobqq.log c:\users\USER\AppData\Local\hqynaqbm.log c:\users\USER\AppData\Local\ihgbsnfm.log c:\users\USER\AppData\Local\nsxrwhop.log c:\users\USER\AppData\Local\qlvjivut.log c:\users\USER\AppData\Local\uqqnymdj.log c:\users\USER\AppData\Local\vcqldfng.log c:\users\USER\AppData\Roaming\Love c:\users\USER\AppData\Roaming\Love\mari0\options.txt c:\users\USER\AppData\Roaming\Love\not_tetris_2\highscoresA.txt c:\users\USER\AppData\Roaming\Love\not_tetris_2\highscoresB.txt c:\users\USER\AppData\Roaming\Love\not_tetris_2\options.txt c:\windows\iun6002.exe . . ((((((((((((((((((((((((( Files Created from 2012-06-06 to 2012-07-06 ))))))))))))))))))))))))))))))) . . 2012-07-05 15:18 . 2012-07-05 15:19 -------- d-----w- c:\program files\ERUNT 2012-07-05 13:21 . 2012-07-05 15:02 -------- d-----w- c:\users\USER\AppData\Local\cujhubpm 2012-07-04 12:45 . 2008-07-30 07:42 23888 ----a-w- c:\windows\system32\drivers\COH_Mon.sys 2012-07-04 05:22 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F7BDEAAA-F8E4-4513-A34E-69A86815D46A}\mpengine.dll 2012-06-30 10:46 . 2012-06-30 11:07 -------- d-----w- c:\program files\GridinSoft Trojan Killer 2012-06-30 05:00 . 2012-06-30 05:00 93708 --s---w- c:\users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hbxtfbyd.exe 2012-06-22 01:25 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-22 01:25 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-22 01:25 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-22 01:25 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-06-22 01:24 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-22 01:24 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-22 01:24 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-06-22 01:24 . 2012-06-02 05:19 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-22 01:24 . 2012-06-02 05:12 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-06-20 08:09 . 2012-06-20 08:09 -------- d-----w- c:\program files\Microsoft XNA 2012-06-20 08:09 . 2009-03-16 04:18 69448 ----a-w- c:\windows\system32\XAPOFX1_3.dll 2012-06-20 08:09 . 2009-03-16 04:18 517448 ----a-w- c:\windows\system32\XAudio2_4.dll 2012-06-20 08:09 . 2009-03-16 04:18 235352 ----a-w- c:\windows\system32\xactengine3_4.dll 2012-06-20 08:09 . 2009-03-16 04:18 22360 ----a-w- c:\windows\system32\X3DAudio1_6.dll 2012-06-20 08:09 . 2007-04-04 08:53 81768 ----a-w- c:\windows\system32\xinput1_3.dll 2012-06-20 08:09 . 2007-03-12 06:42 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll 2012-06-20 08:09 . 2006-09-28 06:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll 2012-06-20 08:07 . 2012-06-20 08:07 -------- d-----w- c:\program files\Superfighters Deluxe 2012-06-19 10:09 . 2012-06-19 10:09 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll 2012-06-19 10:09 . 2012-06-19 10:09 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll 2012-06-14 07:58 . 2012-04-23 16:00 984064 ----a-w- c:\windows\system32\crypt32.dll 2012-06-14 07:58 . 2012-04-23 16:00 98304 ----a-w- c:\windows\system32\cryptnet.dll 2012-06-14 07:58 . 2012-04-23 16:00 133120 ----a-w- c:\windows\system32\cryptsvc.dll 2012-06-14 07:24 . 2012-05-01 14:03 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-06-14 07:24 . 2012-05-15 19:51 2045440 ----a-w- c:\windows\system32\win32k.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-19 10:09 . 2011-11-11 08:13 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\prxtbuTor.dll" [2011-05-09 176936] "{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\prxtbFre0.dll" [2011-05-09 176936] . [HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] . [HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}] . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}] 2011-05-09 08:49 176936 ----a-w- c:\program files\Freecorder\prxtbFre0.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] 2011-05-09 09:49 176936 ----a-w- c:\program files\uTorrentBar\prxtbuTor.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2011-08-23 10:20 1515688 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\prxtbuTor.dll" [2011-05-09 176936] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-08-23 1515688] "{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\prxtbFre0.dll" [2011-05-09 176936] . [HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}] . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}"= "c:\program files\uTorrentBar\prxtbuTor.dll" [2011-05-09 176936] "{1392B8D2-5C05-419F-A8F6-B9F15A596612}"= "c:\program files\Freecorder\prxtbFre0.dll" [2011-05-09 176936] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-08-23 1515688] . [HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] . [HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IconOvrly1] @="{A4EEBF66-92EB-4F2A-9F1E-2F6D14B30DA6}" [HKEY_CLASSES_ROOT\CLSID\{A4EEBF66-92EB-4F2A-9F1E-2F6D14B30DA6}] 2007-04-20 01:40 118784 ----a-w- c:\program files\TrueSuite Access Manager\IconOvrly.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Facebook Update"="c:\users\USER\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-02-06 137536] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-29 75136] "NDSTray.exe"="NDSTray.exe" [bU] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-14 1348904] "RtHDVCpl"="RtHDVCpl.exe" [2008-01-29 4911104] "Skytel"="Skytel.exe" [2007-11-20 1826816] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112] "TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456] "HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-10-31 54608] "SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2007-06-15 448080] "00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-01-22 712704] "FingerPrintNotifer"="c:\program files\TrueSuite Access Manager\FpNotifier.exe" [2008-01-24 671744] "UsbMonitor"="c:\program files\TrueSuite Access Manager\usbnotify.exe" [2007-06-05 94208] "PwdBank"="c:\program files\TrueSuite Access Manager\PwdBank.exe" [2008-02-01 3150848] "Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2007-10-25 413696] "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2007-01-09 115816] "Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240] "ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2011-08-23 887976] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-27 1983816] "CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-18 767312] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-12-07 421736] "Freecorder FLV Service"="c:\program files\Freecorder\FLVSrvc.exe" [2011-03-24 167936] . c:\users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ hbxtfbyd.exe [2012-6-30 93708] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) "DisableCAD"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . --- Other Services/Drivers In Memory --- . *NewlyCreated* - COMHOST . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Contents of the 'Scheduled Tasks' folder . 2012-07-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-862659715-177543783-37968287-1003Core.job - c:\users\USER\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-02-06 05:59] . 2012-07-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-862659715-177543783-37968287-1003UA.job - c:\users\USER\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-02-06 05:59] . 2012-06-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-862659715-177543783-37968287-1003Core.job - c:\users\USER\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-24 10:47] . 2012-07-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-862659715-177543783-37968287-1003UA.job - c:\users\USER\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-24 10:47] . 2012-06-25 c:\windows\Tasks\Norton Internet Security - Run Full System Scan - USER.job - c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2007-01-14 02:09] . 2012-07-05 c:\windows\Tasks\User_Feed_Synchronization-{F3431E30-F412-43CE-91E3-3CD359877F65}.job - c:\windows\system32\msfeedssync.exe [2012-06-14 03:24] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.facebook.com/ uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.88.1 FF - ProfilePath - c:\users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\1qolu3le.default\ . - - - - ORPHANS REMOVED - - - - . HKCU-Run-TOSCDSPD - TOSCDSPD.EXE HKCU-Run-uTorrent - c:\program files\uTorrent\uTorrent.exe HKCU-Run-HbxTfbyd - c:\users\USER\AppData\Local\cujhubpm\hbxtfbyd.exe AddRemove-Freecorder_1.0 - c:\windows\iun6002.exe AddRemove-{4FFBB818-B13C-11E0-931D-B2664824019B}_is1 - c:\program files\Complitly\unins000.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-07-06 12:18 Windows 6.0.6002 Service Pack 2 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'Explorer.exe'(1928) c:\program files\TrueSuite Access Manager\IconOvrly.dll . Completion time: 2012-07-06 12:21:36 ComboFix-quarantined-files.txt 2012-07-06 02:21 . Pre-Run: 13,369,495,552 bytes free Post-Run: 13,484,347,392 bytes free . - - End Of File - - E54F07FAB8D43002BAE4302CF457585B
  11. tysonboh
    here is the scan from mbam, there were no infections found though. Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Database version: v2012.07.05.05 Windows Vista Service Pack 2 x86 NTFS (Safe Mode/Networking) Internet Explorer 8.0.6001.19272 USER :: USER-PC [administrator] 6/07/2012 1:30:59 AM mbam-log-2012-07-06 (01-30-59).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 213855 Time elapsed: 3 minute(s), 53 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) heres the roguekiller scan RogueKiller V7.6.2 [07/02/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version Started in : Safe mode with network support User: USER [Admin rights] Mode: Scan -- Date: 07/06/2012 01:38:10 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 4 ¤¤¤ [sUSP PATH] HKCU\[...]\Run : HbxTfbyd (C:\Users\USER\AppData\Local\cujhubpm\hbxtfbyd.exe) -> FOUND [sUSP PATH] HKUS\S-1-5-21-862659715-177543783-37968287-1003[...]\Run : HbxTfbyd (C:\Users\USER\AppData\Local\cujhubpm\hbxtfbyd.exe) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ 127.0.0.1 localhost ::1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: FUJITSU MHY2200BH +++++ --- User --- [MBR] 7df079e97d313bc9037b9c8b17b36d9c [bSP] 59cdd0f62e430d3ee99792baf5e868e5 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 182987 Mo 2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 377831424 | Size: 6286 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[2].txt >> RKreport[1].txt ; RKreport[2].txt now as for step 5, as it may take a while, and its 1.45 in the morning here, im just going to turn off my computer right now and go to sleep and continue this in the morning, thanks for the help so far, but ill have to get back to this tomorrow.
  12. tysonboh
    nevermind i fixed step 2
  13. tysonboh
    i am unable to do step 2, there are no menus/above toolbar
  14. tysonboh
    everything went well, heres the DDS . DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK Internet Explorer: 8.0.6001.19272 BrowserJavaVersion: 1.6.0_29 Run by USER at 1:03:40 on 2012-07-06 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.61.1033.18.2045.1432 [GMT 10:00] . SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\Explorer.EXE C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uSearch Page = hxxp://www.google.com uStart Page = hxxp://www.facebook.com/ uSearch Bar = hxxp://www.google.com/ie uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTor.dll uURLSearchHooks: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:\program files\freecorder\prxtbFre0.dll mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTor.dll mURLSearchHooks: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:\program files\freecorder\prxtbFre0.dll BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: Complitly: {0fb6a909-6086-458f-bd92-1f8ee10042a0} - c:\users\user\appdata\roaming\complitly\Complitly.dll BHO: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:\program files\freecorder\prxtbFre0.dll BHO: {1e8a6170-7264-4d0f-beae-d42a53123c75} - c:\program files\common files\symantec shared\coshared\browser\1.5\NppBho.dll BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTor.dll BHO: Complitly: {d27fc31c-6e3d-4305-8d53-acdaefa5f862} - c:\users\user\appdata\roaming\complitly\Complitly.dll BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: Show Norton Toolbar: {90222687-f593-4738-b738-fbee9c7b26df} - c:\program files\common files\symantec shared\coshared\browser\1.5\UIBHO.dll TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTor.dll TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll TB: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:\program files\freecorder\prxtbFre0.dll EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll uRun: [TOSCDSPD] TOSCDSPD.EXE uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED uRun: [Facebook Update] "c:\users\user\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe uRun: [Google Update] "c:\users\user\appdata\local\google\update\GoogleUpdate.exe" /c uRun: [HbxTfbyd] c:\users\user\appdata\local\cujhubpm\hbxtfbyd.exe mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [iTSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START mRun: [NDSTray.exe] NDSTray.exe mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [RtHDVCpl] RtHDVCpl.exe mRun: [skytel] Skytel.exe mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE mRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe mRun: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe mRun: [FingerPrintNotifer] "c:\program files\truesuite access manager\FpNotifier.exe" mRun: [usbMonitor] "c:\program files\truesuite access manager\usbnotify.exe" mRun: [PwdBank] "c:\program files\truesuite access manager\PwdBank.exe" mRun: [Camera Assistant Software] "c:\program files\camera assistant software for toshiba\traybar.exe" /start mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe" mRun: [symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [<NO NAME>] mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe" mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [Freecorder FLV Service] "c:\program files\freecorder\FLVSrvc.exe" /run StartupFolder: c:\users\user\appdata\roaming\microsoft\windows\start menu\programs\startup\hbxtfbyd.exe mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: DisableCAD = 1 (0x1) IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 192.168.88.1 TCP: Interfaces\{67546975-2D87-494D-AB3C-65D4D5547D83} : DhcpNameServer = 192.168.88.1 TCP: Interfaces\{9B623AC4-5DD2-4064-99A8-EBC993945FAC} : DhcpNameServer = 192.168.88.1 . ================= FIREFOX =================== . FF - ProfilePath - c:\users\user\appdata\roaming\mozilla\firefox\profiles\1qolu3le.default\ FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll FF - plugin: c:\users\user\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll FF - plugin: c:\users\user\appdata\local\google\update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: c:\users\user\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll FF - plugin: c:\users\user\appdata\roaming\mozilla\firefox\profiles\1qolu3le.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\plugins\np-mswmp.dll FF - plugin: c:\users\user\appdata\roaming\mozilla\firefox\profiles\1qolu3le.default\extensions\battlefieldheroespatcher@ea.com\plugins\npBFHUpdater.dll . ============= SERVICES / DRIVERS =============== . R0 AlfaFF;AlfaFF mini-filter driver;c:\windows\system32\drivers\AlfaFF.sys [2011-9-8 43440] R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2008-2-12 7168] R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-11-17 3668480] S1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\symantec\defini~1\symcdata\idsdefs\20111208.001\IDSvix86.sys [2011-12-9 287792] S2 Authentec memory manager;Authentec memory manager service;c:\windows\system32\TAMSvr.exe [2011-9-8 49152] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2007-12-26 40960] S2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504] S2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2011-9-9 1153368] S2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\toshiba\smartlogservice\TosIPCSrv.exe [2007-12-3 126976] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2011-11-10 106104] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-26 113120] S3 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2011-9-13 1251720] S3 SYMNDISV;SYMNDISV;c:\windows\system32\drivers\symndisv.sys [2009-8-3 38448] S3 TrojanKillerDriver;GridinSoft Trojan Killer Driver;c:\windows\system32\drivers\gtkdrv.sys [2012-1-5 16128] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2012-07-05 13:21:11 -------- d-----w- c:\users\user\appdata\local\cujhubpm 2012-07-04 12:45:59 23888 ----a-w- c:\windows\system32\drivers\COH_Mon.sys 2012-07-04 05:22:09 6762896 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{f7bdeaaa-f8e4-4513-a34e-69a86815d46a}\mpengine.dll 2012-06-30 10:46:38 -------- d-----w- c:\program files\GridinSoft Trojan Killer 2012-06-30 05:00:24 93708 --s---w- c:\users\user\appdata\roaming\microsoft\windows\start menu\programs\startup\hbxtfbyd.exe 2012-06-22 01:25:24 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-06-22 01:24:37 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-06-22 01:24:25 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-06-22 01:24:25 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-20 08:09:42 -------- d-----w- c:\program files\Microsoft XNA 2012-06-20 08:09:25 69448 ----a-w- c:\windows\system32\XAPOFX1_3.dll 2012-06-20 08:09:25 517448 ----a-w- c:\windows\system32\XAudio2_4.dll 2012-06-20 08:09:24 235352 ----a-w- c:\windows\system32\xactengine3_4.dll 2012-06-20 08:09:24 22360 ----a-w- c:\windows\system32\X3DAudio1_6.dll 2012-06-20 08:09:22 81768 ----a-w- c:\windows\system32\xinput1_3.dll 2012-06-20 08:09:22 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll 2012-06-20 08:09:20 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll 2012-06-20 08:07:57 -------- d-----w- c:\program files\Superfighters Deluxe 2012-06-19 10:09:04 770384 ----a-w- c:\program files\mozilla firefox\msvcr100.dll 2012-06-19 10:09:04 421200 ----a-w- c:\program files\mozilla firefox\msvcp100.dll 2012-06-14 07:58:07 984064 ----a-w- c:\windows\system32\crypt32.dll 2012-06-14 07:58:06 98304 ----a-w- c:\windows\system32\cryptnet.dll 2012-06-14 07:58:06 133120 ----a-w- c:\windows\system32\cryptsvc.dll 2012-06-14 07:24:12 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-06-14 07:24:10 2045440 ----a-w- c:\windows\system32\win32k.sys . ==================== Find3M ==================== . 2012-05-15 06:37:49 916992 ----a-w- c:\windows\system32\wininet.dll 2012-05-15 06:32:25 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-05-15 06:32:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2012-05-15 06:31:44 109056 ----a-w- c:\windows\system32\iesysprep.dll 2012-05-15 06:31:43 71680 ----a-w- c:\windows\system32\iesetup.dll 2012-05-15 05:01:56 385024 ----a-w- c:\windows\system32\html.iec 2012-05-15 03:26:05 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2012-05-15 03:23:41 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2012-04-24 11:50:49 737280 ----a-w- c:\windows\iun6002.exe . ============= FINISH: 1:04:49.55 ===============
  15. tysonboh
    okay, well i guess i would first like to try and clean up this virus if possible, this isnt really a computer used for any online bankings etc, the only thing close to that is the occasional ebay purchase which i havent done in a while (long before getting the virus). its mainly a recreational use kind of computer for surfing the internet etc. so what options do i really have? it would be good to just be able to try and clean the virus up and i might get some of the main things off the computer that i want, then maybe reset it from there. but also i have not accepted that pop up once, does that make any difference to the case? the pop-up is the only thing that occurs which i cancel everytime, nothing else happens.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.