Jump to content

stuart2val

Members
  • Posts

    5
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Thanks again, it's working fine The only thing is when I tried to uninstall combofix it says it can't find it. I typed it exactly how it said to. Is that a problem?
  2. Here is the log from combofix, it seems to have fixed the problem. Thank you so much ComboFix 12-08-18.03 - Val 08/19/2012 10:29:18.1.2 - x64 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.6132.4293 [GMT -4:00] Running from: c:\users\Val\Desktop\ComboFix.exe AV: Norton 360 Premier Edition *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton 360 Premier Edition *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton 360 Premier Edition *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\Search Toolbar c:\program files (x86)\Search Toolbar\icon.ico c:\program files (x86)\Search Toolbar\SearchToolbarUninstall.exe c:\program files (x86)\Search Toolbar\SearchToolbarUpdater.exe c:\program files (x86)\Shop to Win c:\program files (x86)\Shop to Win\Test.htm c:\program files (x86)\TelevisionFanaticEI c:\program files (x86)\WildTangent\Apps\CDA\cdaEngine0400.dll c:\programdata\wxDfast c:\programdata\wxDfast\background.html c:\programdata\wxDfast\bhoclass.dll c:\programdata\wxDfast\content.js c:\programdata\wxDfast\data\content.js c:\programdata\wxDfast\data\jsondb.js c:\programdata\wxDfast\llocbkiajfmfcbaekodikdeplffiaaio.crx c:\programdata\wxDfast\settings.ini c:\users\Val\AppData\Local\Downloaded Installations\Apple Computer\curobkdlz.dll c:\users\Val\AppData\Roaming\Adobe\plugs c:\users\Val\AppData\Roaming\Adobe\plugs\KB716985758.exe c:\users\Val\AppData\Roaming\Adobe\plugs\KB716985774.exe c:\users\Val\AppData\Roaming\Adobe\plugs\KB716985945.exe c:\users\Val\AppData\Roaming\Adobe\plugs\KB716986694.exe c:\users\Val\AppData\Roaming\Adobe\plugs\KB716986710.exe c:\users\Val\AppData\Roaming\Adobe\plugs\KB716986741.exe c:\users\Val\AppData\Roaming\Adobe\shed c:\users\Val\Documents\ShopToWin c:\windows\SysWow64\DIFxAPI.dll c:\windows\SysWow64\DIFxAPI.dll\DIFxAPI.dll . . ((((((((((((((((((((((((( Files Created from 2012-07-19 to 2012-08-19 ))))))))))))))))))))))))))))))) . . 2012-08-19 14:38 . 2012-08-19 14:38 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-08-17 12:44 . 2012-08-17 12:44 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{616C4693-5874-4A98-A2A3-C745BE94947D}\offreg.dll 2012-08-17 12:39 . 2012-07-16 06:40 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{616C4693-5874-4A98-A2A3-C745BE94947D}\mpengine.dll 2012-08-17 00:56 . 2012-08-17 02:45 -------- d-----w- c:\programdata\SecTaskMan 2012-08-16 23:23 . 2012-08-17 02:46 -------- d-----w- c:\program files (x86)\Emsisoft Anti-Malware 2012-08-16 23:14 . 2012-08-17 00:40 16200 ----a-w- c:\windows\stinger.sys 2012-08-16 23:14 . 2012-08-17 02:47 -------- d-----w- c:\program files (x86)\stinger 2012-08-15 23:41 . 2012-07-04 14:33 2769408 ----a-w- c:\windows\system32\win32k.sys 2012-08-15 13:01 . 2012-05-11 16:34 788480 ----a-w- c:\windows\system32\localspl.dll 2012-08-15 13:01 . 2012-05-11 15:57 623616 ----a-w- c:\windows\SysWow64\localspl.dll 2012-08-15 13:01 . 2012-06-29 16:20 648192 ----a-w- c:\windows\system32\netapi32.dll 2012-08-15 01:04 . 2012-08-15 23:46 -------- d-----w- c:\windows\system32\drivers\N360x64\0603000.00E 2012-08-10 04:07 . 2012-08-10 04:07 -------- d-----w- C:\N360_BACKUP 2012-08-08 20:20 . 2012-08-08 20:20 -------- d-----w- c:\users\Val\AppData\Local\CrashDumps . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-15 23:38 . 2006-11-02 12:35 62134624 ----a-w- c:\windows\system32\mrt.exe 2012-08-14 17:49 . 2012-06-06 20:33 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-08-14 17:49 . 2011-08-12 15:26 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-03 20:20 . 2009-08-06 14:22 175736 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS 2012-06-08 17:59 . 2012-07-11 13:41 12899840 ----a-w- c:\windows\system32\shell32.dll 2012-06-05 16:47 . 2012-07-11 13:41 1401856 ----a-w- c:\windows\SysWow64\msxml6.dll 2012-06-05 16:47 . 2012-07-11 13:41 1248768 ----a-w- c:\windows\SysWow64\msxml3.dll 2012-06-05 16:22 . 2012-07-11 13:41 1797120 ----a-w- c:\windows\system32\msxml6.dll 2012-06-05 16:22 . 2012-07-11 13:41 1869824 ----a-w- c:\windows\system32\msxml3.dll 2012-06-04 15:29 . 2012-07-11 13:41 516480 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-06-02 22:19 . 2012-06-19 11:40 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-19 11:40 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:19 . 2012-06-19 11:40 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-19 11:40 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-19 11:40 35864 ----a-w- c:\windows\SysWow64\wups.dll 2012-06-02 22:19 . 2012-06-19 11:40 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:19 . 2012-06-19 11:40 577048 ----a-w- c:\windows\SysWow64\wuapi.dll 2012-06-02 22:15 . 2012-06-19 11:40 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:15 . 2012-06-19 11:40 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 22:12 . 2012-06-19 11:40 88576 ----a-w- c:\windows\SysWow64\wudriver.dll 2012-06-02 19:19 . 2012-06-19 11:39 171904 ----a-w- c:\windows\SysWow64\wuwebv.dll 2012-06-02 19:19 . 2012-06-19 11:39 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 19:15 . 2012-06-19 11:39 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-02 19:12 . 2012-06-19 11:39 33792 ----a-w- c:\windows\SysWow64\wuapp.exe 2012-06-02 00:22 . 2012-07-11 13:41 347136 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 00:22 . 2012-07-11 13:41 254464 ----a-w- c:\windows\system32\ncrypt.dll 2012-06-02 00:05 . 2012-07-11 13:41 77312 ----a-w- c:\windows\SysWow64\secur32.dll 2012-06-02 00:04 . 2012-07-11 13:41 278528 ----a-w- c:\windows\SysWow64\schannel.dll 2012-06-02 00:03 . 2012-07-11 13:41 204288 ----a-w- c:\windows\SysWow64\ncrypt.dll 2012-05-31 16:25 . 2009-10-09 13:00 279656 ------w- c:\windows\system32\MpSigStub.exe . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{0bc6e3fa-78ef-4886-842c-5a1258c4455a}] 2009-11-08 14:55 297808 ----a-w- c:\windows\System32\mscoree.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Facebook Update"="c:\users\Val\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-11 138096] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-05-23 128296] "ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-28 207424] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2009-05-26 413696] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-03-12 49152] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712] . c:\users\Val\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-2-6 1312096] RollerCoaster Tycoon 3 Registration.lnk - c:\users\Val\AppData\Local\Temp\{AEAC8A68-0596-4313-9809-20252879AA63}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe [N/A] Webshots.lnk - c:\program files (x86)\Webshots\3.1.5.7613\Launcher.exe [2009-7-7 157000] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Digital Line Detect.lnk - c:\program files (x86)\Digital Line Detect\DLG.exe [2009-6-1 50688] HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520] Kodak EasyShare software.lnk - c:\program files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2008-10-30 282624] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-2-6 1312096] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-14 250056] S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-01-13 88576] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - 34043929 *Deregistered* - 34043929 *Deregistered* - A2DDA . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs Themes . Contents of the 'Scheduled Tasks' folder . 2012-08-19 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-06 17:49] . 2012-08-15 c:\windows\Tasks\EasyShare Registration Task.job - c:\windows\system32\rundll32.exe [2006-11-02 09:45] . 2012-08-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3696039469-2759666096-1833586947-1000Core.job - c:\users\Val\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-25 20:53] . 2012-08-19 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3696039469-2759666096-1833586947-1000UA.job - c:\users\Val\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-25 20:53] . 2012-08-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-07-08 16:43] . 2012-08-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-07-08 16:43] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-01-13 6848544] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-01-13 151064] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-01-13 208920] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-01-13 176152] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://my.yahoo.com/?fr=yfp-t-403 mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: Customize Menu - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html IE: Fill Forms - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html IE: RoboForm Toolbar - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html IE: Save Forms - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll . - - - - ORPHANS REMOVED - - - - . Wow6432Node-HKCU-Run-WMPNSCFG - c:\program files (x86)\Windows Media Player\WMPNSCFG.exe Wow6432Node-HKCU-Run-Apple Computer - c:\users\Val\AppData\Local\Downloaded Installations\Apple Computer\curobkdlz.dll Wow6432Node-HKLM-Run-WildTangent CDA - c:\program files (x86)\WildTangent\Apps\CDA\cdaEngine0400.dll WebBrowser-{38542454-DFB6-44F5-B052-D4E071A3D073} - (no file) HKLM-Run-Windows Defender - c:\program files (x86)\Windows Defender\MSASCui.exe HKLM-Run-Skytel - c:\program files\Realtek\Audio\HDA\Skytel.exe AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\N360] "ImagePath"="\"c:\program files (x86)\Norton 360\Engine\6.3.0.14\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\6.3.0.14\diMaster.dll\" /prefetch:1" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}] @Denied: (A 2) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0] @="Shockwave Flash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] @Denied: (A 2) (Everyone) @="" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0] @="FlashBroker" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes] "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Completion time: 2012-08-19 10:42:33 ComboFix-quarantined-files.txt 2012-08-19 14:42 . Pre-Run: 507,352,080,384 bytes free Post-Run: 507,359,551,488 bytes free . - - End Of File - - 9116A8E9A4A3B6BDE3E89DB28B1E643C
  3. I did the 3 things you asked me to do GooredFix by jpshortstuff (03.07.10.1) Log created at 10:07 on 18/08/2012 (Val) Firefox version [unable to determine] ========== GooredScan ========== Removing Orphan: "{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\" -> Success! ========== GooredLog ========== C:\Program Files (x86)\Mozilla Firefox\extensions\ (none) [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\" [22:30 07/07/2009] "{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\IPSFFPlgn\" [20:33 03/08/2012] "{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\coFFPlgn\" [01:32 17/08/2012] -=E.O.F=- 10:10:05.0662 5732 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05 10:10:07.0184 5732 ============================================================ 10:10:07.0184 5732 Current date / time: 2012/08/18 10:10:07.0184 10:10:07.0184 5732 SystemInfo: 10:10:07.0184 5732 10:10:07.0184 5732 OS Version: 6.0.6002 ServicePack: 2.0 10:10:07.0184 5732 Product type: Workstation 10:10:07.0185 5732 ComputerName: VALD-PC 10:10:07.0185 5732 UserName: Val 10:10:07.0185 5732 Windows directory: C:\Windows 10:10:07.0185 5732 System windows directory: C:\Windows 10:10:07.0185 5732 Running under WOW64 10:10:07.0185 5732 Processor architecture: Intel x64 10:10:07.0185 5732 Number of processors: 2 10:10:07.0185 5732 Page size: 0x1000 10:10:07.0185 5732 Boot type: Normal boot 10:10:07.0185 5732 ============================================================ 10:10:11.0022 5732 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 10:10:11.0164 5732 ============================================================ 10:10:11.0164 5732 \Device\Harddisk0\DR0: 10:10:11.0165 5732 MBR partitions: 10:10:11.0165 5732 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B800, BlocksNum 0x1E00000 10:10:11.0165 5732 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E1B800, BlocksNum 0x5572A000 10:10:11.0165 5732 ============================================================ 10:10:11.0309 5732 C: <-> \Device\Harddisk0\DR0\Partition2 10:10:11.0528 5732 D: <-> \Device\Harddisk0\DR0\Partition1 10:10:11.0528 5732 ============================================================ 10:10:11.0528 5732 Initialize success 10:10:11.0528 5732 ============================================================ 10:10:23.0464 4608 ============================================================ 10:10:23.0464 4608 Scan started 10:10:23.0464 4608 Mode: Manual; SigCheck; TDLFS; 10:10:23.0464 4608 ============================================================ 10:10:26.0129 4608 ================ Scan services ============================= 10:10:26.0232 4608 [ adc420616c501b45d26c0fd3ef1e54e4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe 10:10:26.0450 4608 ACDaemon - ok 10:10:26.0716 4608 [ 1965aaffab07e3fb03c77f81beba3547 ] ACPI C:\Windows\system32\drivers\acpi.sys 10:10:26.0747 4608 ACPI - ok 10:10:26.0978 4608 [ a9d3b95e8466bd58eeb8a1154654e162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 10:10:26.0999 4608 AdobeFlashPlayerUpdateSvc - ok 10:10:27.0061 4608 [ f14215e37cf124104575073f782111d2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 10:10:27.0097 4608 adp94xx - ok 10:10:27.0322 4608 [ 7d05a75e3066861a6610f7ee04ff085c ] adpahci C:\Windows\system32\drivers\adpahci.sys 10:10:27.0528 4608 adpahci - ok 10:10:27.0579 4608 [ 820a201fe08a0c345b3bedbc30e1a77c ] adpu160m C:\Windows\system32\drivers\adpu160m.sys 10:10:27.0618 4608 adpu160m - ok 10:10:27.0655 4608 [ 9b4ab6854559dc168fbb4c24fc52e794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 10:10:27.0677 4608 adpu320 - ok 10:10:27.0717 4608 [ 0f421175574bfe0bf2f4d8e910a253bb ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 10:10:27.0932 4608 AeLookupSvc - ok 10:10:27.0978 4608 [ 7394641611ef3ab2d041f104f1e8c1b9 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe 10:10:28.0020 4608 AERTFilters - ok 10:10:28.0146 4608 [ c4f6ce6087760ad70960c9eb130e7943 ] AFD C:\Windows\system32\drivers\afd.sys 10:10:28.0247 4608 AFD - ok 10:10:28.0304 4608 [ 562a3536f4ac7e25fe2ea3856dc483c0 ] AGCoreService C:\Program Files (x86)\AGI\core\3.1\AGCoreService.exe 10:10:28.0359 4608 AGCoreService ( UnsignedFile.Multi.Generic ) - warning 10:10:28.0359 4608 AGCoreService - detected UnsignedFile.Multi.Generic (1) 10:10:28.0393 4608 [ f6f6793b7f17b550ecfdbd3b229173f7 ] agp440 C:\Windows\system32\drivers\agp440.sys 10:10:28.0415 4608 agp440 - ok 10:10:28.0477 4608 [ 222cb641b4b8a1d1126f8033f9fd6a00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys 10:10:28.0538 4608 aic78xx - ok 10:10:28.0579 4608 [ 5922f4f59b7868f3d74bbbbeb7b825a3 ] ALG C:\Windows\System32\alg.exe 10:10:28.0827 4608 ALG - ok 10:10:28.0858 4608 [ 9544c2c55541c0c6bfd7b489d0e7d430 ] aliide C:\Windows\system32\drivers\aliide.sys 10:10:28.0881 4608 aliide - ok 10:10:28.0940 4608 [ 970fa5059e61e30d25307b99903e991e ] amdide C:\Windows\system32\drivers\amdide.sys 10:10:28.0974 4608 amdide - ok 10:10:28.0993 4608 [ cdc3632a3a5ea4dbb83e46076a3165a1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 10:10:29.0075 4608 AmdK8 - ok 10:10:29.0137 4608 [ 4de0d5d747a73797c95a97dcce5018b5 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys 10:10:29.0242 4608 androidusb - ok 10:10:29.0283 4608 [ 9c37b3fd5615477cb9a0cd116cf43f5c ] Appinfo C:\Windows\System32\appinfo.dll 10:10:29.0346 4608 Appinfo - ok 10:10:29.0392 4608 [ 7e94e567c1aa5abe6174032b3dab6c23 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 10:10:29.0415 4608 Apple Mobile Device - ok 10:10:29.0426 4608 [ ba8417d4765f3988ff921f30f630e303 ] arc C:\Windows\system32\drivers\arc.sys 10:10:29.0447 4608 arc - ok 10:10:29.0475 4608 [ 9d41c435619733b34cc16a511e644b11 ] arcsas C:\Windows\system32\drivers\arcsas.sys 10:10:29.0504 4608 arcsas - ok 10:10:29.0618 4608 [ 22d13ff3dafec2a80634752b1eaa2de6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 10:10:29.0785 4608 AsyncMac - ok 10:10:29.0802 4608 [ e68d9b3a3905619732f7fe039466a623 ] atapi C:\Windows\system32\drivers\atapi.sys 10:10:29.0821 4608 atapi - ok 10:10:30.0022 4608 [ 79318c744693ec983d20e9337a2f8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 10:10:30.0067 4608 AudioEndpointBuilder - ok 10:10:30.0080 4608 [ 79318c744693ec983d20e9337a2f8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll 10:10:30.0121 4608 AudioSrv - ok 10:10:30.0291 4608 [ ffb96c2589ffa60473ead78b39fbde29 ] BFE C:\Windows\System32\bfe.dll 10:10:30.0391 4608 BFE - ok 10:10:30.0974 4608 [ e99f59342171101ee2446d0cd1a60a8d ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120811.003\BHDrvx64.sys 10:10:31.0145 4608 BHDrvx64 - ok 10:10:31.0276 4608 [ 6d316f4859634071cc25c4fd4589ad2c ] BITS C:\Windows\System32\qmgr.dll 10:10:31.0378 4608 BITS - ok 10:10:31.0449 4608 [ 79feeb40056683f8f61398d81dda65d2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 10:10:31.0509 4608 blbdrive - ok 10:10:31.0579 4608 [ 3f56903e124e820aeece6d471583c6c1 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe 10:10:31.0598 4608 Bonjour Service - ok 10:10:31.0672 4608 [ 2348447a80920b2493a9b582a23e81e1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 10:10:31.0717 4608 bowser - ok 10:10:31.0779 4608 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys 10:10:31.0837 4608 BrFiltLo - ok 10:10:31.0872 4608 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys 10:10:31.0924 4608 BrFiltUp - ok 10:10:31.0963 4608 [ a1b39de453433b115b4ea69ee0343816 ] Browser C:\Windows\System32\browser.dll 10:10:32.0021 4608 Browser - ok 10:10:32.0052 4608 [ f0f0ba4d815be446aa6a4583ca3bca9b ] Brserid C:\Windows\system32\drivers\brserid.sys 10:10:32.0200 4608 Brserid - ok 10:10:32.0239 4608 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys 10:10:32.0312 4608 BrSerWdm - ok 10:10:32.0355 4608 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys 10:10:32.0434 4608 BrUsbMdm - ok 10:10:32.0451 4608 [ a87528880231c54e75ea7a44943b38bf ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys 10:10:32.0508 4608 BrUsbSer - ok 10:10:32.0535 4608 [ e0777b34e05f8a82a21856efc900c29f ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 10:10:32.0599 4608 BTHMODEM - ok 10:10:32.0712 4608 [ 6c2dd66a3db32450d661ba89b18b1941 ] CAXHWBS2 C:\Windows\system32\DRIVERS\CAXHWBS2.sys 10:10:32.0810 4608 CAXHWBS2 - ok 10:10:33.0010 4608 [ 2c6ffcca37b002aab3c7c31a6d780a76 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\0603000.00E\ccSetx64.sys 10:10:33.0030 4608 ccSet_N360 - ok 10:10:33.0154 4608 [ b4d787db8d30793a4d4df9feed18f136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 10:10:33.0205 4608 cdfs - ok 10:10:33.0313 4608 [ c025aa69be3d0d25c7a2e746ef6f94fc ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 10:10:33.0480 4608 cdrom - ok 10:10:33.0679 4608 [ 5a268127633c7ee2a7fb87f39d748d56 ] CertPropSvc C:\Windows\System32\certprop.dll 10:10:33.0714 4608 CertPropSvc - ok 10:10:33.0865 4608 [ 02ea568d498bbdd4ba55bf3fce34d456 ] circlass C:\Windows\system32\drivers\circlass.sys 10:10:34.0077 4608 circlass - ok 10:10:34.0147 4608 [ 3dca9a18b204939cfb24bea53e31eb48 ] CLFS C:\Windows\system32\CLFS.sys 10:10:34.0205 4608 CLFS - ok 10:10:34.0310 4608 [ 8ee772032e2fe80a924f3b8dd5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 10:10:34.0320 4608 clr_optimization_v2.0.50727_32 - ok 10:10:34.0342 4608 [ ce07a466201096f021cd09d631b21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 10:10:34.0352 4608 clr_optimization_v2.0.50727_64 - ok 10:10:34.0420 4608 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 10:10:34.0431 4608 clr_optimization_v4.0.30319_32 - ok 10:10:34.0455 4608 [ c6f9af94dcd58122a4d7e89db6bed29d ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 10:10:34.0469 4608 clr_optimization_v4.0.30319_64 - ok 10:10:34.0494 4608 [ e5d5499a1c50a54b5161296b6afe6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys 10:10:34.0516 4608 cmdide - ok 10:10:34.0532 4608 [ 34a6aa82aa36c87fc8816f2097efa345 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 10:10:34.0548 4608 Compbatt - ok 10:10:34.0553 4608 COMSysApp - ok 10:10:34.0597 4608 [ a8585b6412253803ce8efcbd6d6dc15c ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 10:10:34.0616 4608 crcdisk - ok 10:10:34.0721 4608 [ 62740b9d2a137e8ced41a9e4239a7a31 ] CryptSvc C:\Windows\system32\cryptsvc.dll 10:10:34.0768 4608 CryptSvc - ok 10:10:34.0812 4608 [ cf8b9a3a5e7dc57724a89d0c3e8cf9ef ] DcomLaunch C:\Windows\system32\rpcss.dll 10:10:34.0895 4608 DcomLaunch - ok 10:10:34.0984 4608 [ 8b722ba35205c71e7951cdc4cdbade19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 10:10:35.0036 4608 DfsC - ok 10:10:35.0145 4608 [ c647f468f7de343df8c143655c5557d4 ] DFSR C:\Windows\system32\DFSR.exe 10:10:35.0453 4608 DFSR - ok 10:10:35.0500 4608 [ 3ed0321127ce70acdaabbf77e157c2a7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll 10:10:35.0547 4608 Dhcp - ok 10:10:35.0638 4608 [ b0107e40ecdb5fa692ebf832f295d905 ] disk C:\Windows\system32\drivers\disk.sys 10:10:35.0663 4608 disk - ok 10:10:35.0717 4608 [ 06230f1b721494a6df8d47fd395bb1b0 ] Dnscache C:\Windows\System32\dnsrslvr.dll 10:10:35.0782 4608 Dnscache - ok 10:10:35.0918 4608 [ 0840abbbdf438691ee65a20040635cbe ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe 10:10:36.0007 4608 DockLoginService ( UnsignedFile.Multi.Generic ) - warning 10:10:36.0007 4608 DockLoginService - detected UnsignedFile.Multi.Generic (1) 10:10:36.0062 4608 [ 1a7156dd1e850e9914e5e991e3225b94 ] dot3svc C:\Windows\System32\dot3svc.dll 10:10:36.0143 4608 dot3svc - ok 10:10:36.0200 4608 [ 74c02b1717740c3b8039539e23e4b53f ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys 10:10:36.0277 4608 Dot4 - ok 10:10:36.0295 4608 [ 08321d1860235bf42cf2854234337aea ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys 10:10:36.0361 4608 Dot4Print - ok 10:10:36.0401 4608 [ 4adccf0124f2b6911d3786a5d0e779e5 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys 10:10:36.0471 4608 dot4usb - ok 10:10:36.0536 4608 [ 1583b39790db3eaec7edb0cb0140c708 ] DPS C:\Windows\system32\dps.dll 10:10:36.0565 4608 DPS - ok 10:10:36.0589 4608 [ f1a78a98cfc2ee02144c6bec945447e6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 10:10:36.0631 4608 drmkaud - ok 10:10:36.0712 4608 [ b8e554e502d5123bc111f99d6a2181b4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 10:10:36.0745 4608 DXGKrnl - ok 10:10:36.0837 4608 [ 17d40652ef3e55eeae187a89df40965a ] e1express C:\Windows\system32\DRIVERS\e1e6032e.sys 10:10:36.0906 4608 e1express - ok 10:10:36.0950 4608 [ 264cee7b031a9d6c827f3d0cb031f2fe ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys 10:10:36.0992 4608 E1G60 - ok 10:10:37.0046 4608 [ c2303883fd9be49dc36a6400643002ea ] EapHost C:\Windows\System32\eapsvc.dll 10:10:37.0098 4608 EapHost - ok 10:10:37.0255 4608 [ 5f94962be5a62db6e447ff6470c4f48a ] Ecache C:\Windows\system32\drivers\ecache.sys 10:10:37.0272 4608 Ecache - ok 10:10:37.0373 4608 [ 4353ff94d47a0a9d52b89eccf0cdb013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 10:10:37.0427 4608 eeCtrl - ok 10:10:37.0622 4608 [ 14ce384d2e27b64c256bda4dc39c312d ] ehRecvr C:\Windows\ehome\ehRecvr.exe 10:10:37.0711 4608 ehRecvr - ok 10:10:37.0724 4608 [ b93159c1313d66fdfbbe876f5189cd52 ] ehSched C:\Windows\ehome\ehsched.exe 10:10:37.0745 4608 ehSched - ok 10:10:37.0764 4608 [ f5ee2527d74449868e3c3227a59bcd28 ] ehstart C:\Windows\ehome\ehstart.dll 10:10:37.0847 4608 ehstart - ok 10:10:37.0869 4608 [ c4636d6e10469404ab5308d9fd45ed07 ] elxstor C:\Windows\system32\drivers\elxstor.sys 10:10:37.0943 4608 elxstor - ok 10:10:38.0009 4608 [ a9b18b63a4fd6baab83326706d857fab ] EMDMgmt C:\Windows\system32\emdmgmt.dll 10:10:38.0051 4608 EMDMgmt - ok 10:10:38.0091 4608 [ c5bccb378d0a896304a3e71be7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 10:10:38.0113 4608 EraserUtilRebootDrv - ok 10:10:38.0151 4608 [ 991fab6aa066e1214efb5b496fb7959a ] ErrDev C:\Windows\system32\drivers\errdev.sys 10:10:38.0226 4608 ErrDev - ok 10:10:38.0282 4608 [ e12f22b73f153dece721cd45ec05b4af ] EventSystem C:\Windows\system32\es.dll 10:10:38.0366 4608 EventSystem - ok 10:10:38.0487 4608 [ 486844f47b6636044a42454614ed4523 ] exfat C:\Windows\system32\drivers\exfat.sys 10:10:38.0554 4608 exfat - ok 10:10:38.0650 4608 [ 1a4bee34277784619ddaf0422c0c6e23 ] fastfat C:\Windows\system32\drivers\fastfat.sys 10:10:38.0717 4608 fastfat - ok 10:10:38.0764 4608 [ 81b79b6df71fa1d2c6d688d830616e39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys 10:10:38.0833 4608 fdc - ok 10:10:38.0886 4608 [ bb9267acacd8b7533dd936c34a0cba5e ] fdPHost C:\Windows\system32\fdPHost.dll 10:10:38.0946 4608 fdPHost - ok 10:10:38.0999 4608 [ 300c80931eabbe1db7591c516efe8d0f ] FDResPub C:\Windows\system32\fdrespub.dll 10:10:39.0093 4608 FDResPub - ok 10:10:39.0154 4608 [ 457b7d1d533e4bd62a99aed9c7bb4c59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 10:10:39.0178 4608 FileInfo - ok 10:10:39.0231 4608 [ d421327fd6efccaf884a54c58e1b0d7f ] Filetrace C:\Windows\system32\drivers\filetrace.sys 10:10:39.0306 4608 Filetrace - ok 10:10:39.0416 4608 [ 230923ea2b80f79b0f88d90f87b87ebd ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 10:10:39.0658 4608 flpydisk - ok 10:10:39.0702 4608 [ e3041bc26d6930d61f42aedb79c91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 10:10:39.0730 4608 FltMgr - ok 10:10:39.0792 4608 [ be1c5bd1ca7ed015bc6fa1ae67e592c8 ] FontCache C:\Windows\system32\FntCache.dll 10:10:39.0906 4608 FontCache - ok 10:10:39.0972 4608 [ bc5b0be5af3510b0fd8c140ee42c6d3e ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 10:10:39.0997 4608 FontCache3.0.0.0 - ok 10:10:40.0047 4608 [ 5779b86cd8b32519fbecb136394d946a ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 10:10:40.0124 4608 Fs_Rec - ok 10:10:40.0188 4608 [ c8e416668d3dc2be3d4fe4c79224997f ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 10:10:40.0210 4608 gagp30kx - ok 10:10:40.0384 4608 [ bc4d691a2f3339fe89726d4959c79996 ] GameConsoleService C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe 10:10:40.0406 4608 GameConsoleService - ok 10:10:40.0463 4608 [ e403aacf8c7bb11375122d2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 10:10:40.0478 4608 GEARAspiWDM - ok 10:10:40.0533 4608 [ a0e1b575ba8f504968cd40c0faeb2384 ] gpsvc C:\Windows\System32\gpsvc.dll 10:10:40.0587 4608 gpsvc - ok 10:10:40.0697 4608 [ 626a24ed1228580b9518c01930936df9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 10:10:40.0714 4608 gupdate - ok 10:10:40.0744 4608 [ 626a24ed1228580b9518c01930936df9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 10:10:40.0760 4608 gupdatem - ok 10:10:40.0853 4608 [ f942c5820205f2fb453243edfec82a3d ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 10:10:40.0944 4608 HDAudBus - ok 10:10:41.0030 4608 [ b4881c84a180e75b8c25dc1d726c375f ] HidBth C:\Windows\system32\drivers\hidbth.sys 10:10:41.0119 4608 HidBth - ok 10:10:41.0134 4608 [ 4e77a77e2c986e8f88f996bb3e1ad829 ] HidIr C:\Windows\system32\drivers\hidir.sys 10:10:41.0201 4608 HidIr - ok 10:10:41.0295 4608 [ 59361d38a297755d46a540e450202b2a ] hidserv C:\Windows\system32\hidserv.dll 10:10:41.0325 4608 hidserv - ok 10:10:41.0342 4608 [ 443bdd2d30bb4f00795c797e2cf99edf ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 10:10:41.0372 4608 HidUsb - ok 10:10:41.0448 4608 [ b12f367ea39c0795fd57e31242ce1a5a ] hkmsvc C:\Windows\system32\kmsvc.dll 10:10:41.0515 4608 hkmsvc - ok 10:10:41.0562 4608 [ d7109a1e6bd2dfdbcba72a6bc626a13b ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys 10:10:41.0578 4608 HpCISSs - ok 10:10:41.0659 4608 [ 58d4765ab87347db835d5693adf652c1 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll 10:10:41.0689 4608 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning 10:10:41.0689 4608 hpqcxs08 - detected UnsignedFile.Multi.Generic (1) 10:10:41.0734 4608 [ 99ed733f614660eb32199bf889dfb7e2 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll 10:10:41.0748 4608 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning 10:10:41.0748 4608 hpqddsvc - detected UnsignedFile.Multi.Generic (1) 10:10:41.0799 4608 [ 60f1d0ede7ae2b92b3a8886e825b7147 ] HSF_DPV C:\Windows\system32\DRIVERS\CAX_DPV.sys 10:10:41.0971 4608 HSF_DPV - ok 10:10:42.0156 4608 [ 098f1e4e5c9cb5b0063a959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys 10:10:42.0268 4608 HTTP - ok 10:10:42.0339 4608 [ da94c854cea5fac549d4e1f6e88349e8 ] i2omp C:\Windows\system32\drivers\i2omp.sys 10:10:42.0380 4608 i2omp - ok 10:10:42.0452 4608 [ cbb597659a2713ce0c9cc20c88c7591f ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 10:10:42.0491 4608 i8042prt - ok 10:10:42.0544 4608 [ 756879fa65978df948437ce3fd1eaccd ] iaStor C:\Windows\system32\drivers\iastor.sys 10:10:42.0564 4608 iaStor - ok 10:10:42.0601 4608 [ 3e3bf3627d886736d0b4e90054f929f6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys 10:10:42.0619 4608 iaStorV - ok 10:10:42.0699 4608 [ 749f5f8cedca70f2a512945325fc489d ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 10:10:42.0791 4608 idsvc - ok 10:10:42.0967 4608 [ ce0bf35c79e03bb89da6b14fac838605 ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20120817.001\IDSvia64.sys 10:10:42.0990 4608 IDSVia64 - ok 10:10:43.0220 4608 [ 2161876969e428a494f8d7c38fa6f513 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 10:10:43.0578 4608 igfx - ok 10:10:43.0595 4608 [ 8c3951ad2fe886ef76c7b5027c3125d3 ] iirsp C:\Windows\system32\drivers\iirsp.sys 10:10:43.0615 4608 iirsp - ok 10:10:43.0681 4608 [ 0c9ea6e654e7b0471741e343a6c671af ] IKEEXT C:\Windows\System32\ikeext.dll 10:10:44.0259 4608 IKEEXT - ok 10:10:44.0314 4608 [ 49a1c3833af724b2555c0689347dcd05 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 10:10:44.0398 4608 IntcAzAudAddService - ok 10:10:44.0483 4608 [ df797a12176f11b2d301c5b234bb200e ] intelide C:\Windows\system32\DRIVERS\intelide.sys 10:10:44.0497 4608 intelide - ok 10:10:44.0547 4608 [ bfd84af32fa1bad6231c4585cb469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 10:10:44.0622 4608 intelppm - ok 10:10:44.0662 4608 [ 5624bc1bc5eeb49c0ab76a8114f05ea3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 10:10:44.0700 4608 IPBusEnum - ok 10:10:44.0740 4608 [ d8aabc341311e4780d6fce8c73c0ad81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 10:10:44.0795 4608 IpFilterDriver - ok 10:10:44.0886 4608 [ bf0dbfa9792c5c14fa00f61c75116c1b ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 10:10:44.0910 4608 iphlpsvc - ok 10:10:44.0915 4608 IpInIp - ok 10:10:44.0933 4608 [ 9c2ee2e6e5a7203bfae15c299475ec67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys 10:10:45.0014 4608 IPMIDRV - ok 10:10:45.0051 4608 [ b7e6212f581ea5f6ab0c3a6ceeeb89be ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys 10:10:45.0138 4608 IPNAT - ok 10:10:45.0180 4608 [ 05cf6a56fbf436c347bb87fd1957adc1 ] iPod Service C:\Program Files (x86)\iPod\bin\iPodService.exe 10:10:45.0231 4608 iPod Service - ok 10:10:45.0257 4608 [ 8c42ca155343a2f11d29feca67faa88d ] IRENUM C:\Windows\system32\drivers\irenum.sys 10:10:45.0328 4608 IRENUM - ok 10:10:45.0375 4608 [ 0672bfcedc6fc468a2b0500d81437f4f ] isapnp C:\Windows\system32\drivers\isapnp.sys 10:10:45.0396 4608 isapnp - ok 10:10:45.0450 4608 [ e4fdf99599f27ec25d2cf6d754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys 10:10:45.0476 4608 iScsiPrt - ok 10:10:45.0488 4608 [ 63c766cdc609ff8206cb447a65abba4a ] iteatapi C:\Windows\system32\drivers\iteatapi.sys 10:10:45.0509 4608 iteatapi - ok 10:10:45.0611 4608 [ 1281fe73b17664631d12f643cbea3f59 ] iteraid C:\Windows\system32\drivers\iteraid.sys 10:10:45.0702 4608 iteraid - ok 10:10:45.0713 4608 [ 423696f3ba6472dd17699209b933bc26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 10:10:45.0734 4608 kbdclass - ok 10:10:45.0759 4608 [ dbdf75d51464fbc47d0104ec3d572c05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 10:10:45.0804 4608 kbdhid - ok 10:10:45.0820 4608 [ 260bf9c43ee12c6898a9f5aab0fb0e5d ] KeyIso C:\Windows\system32\lsass.exe 10:10:45.0851 4608 KeyIso - ok 10:10:45.0933 4608 [ 88956ad9fa510848ad176777a6c6c1f5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 10:10:45.0971 4608 KSecDD - ok 10:10:46.0024 4608 [ 1d419cf43db29396ecd7113d129d94eb ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 10:10:46.0101 4608 ksthunk - ok 10:10:46.0159 4608 [ 1faf6926f3416d3da05c5b265491bdae ] KtmRm C:\Windows\system32\msdtckrm.dll 10:10:46.0297 4608 KtmRm - ok 10:10:46.0342 4608 [ 50c7a3cb427e9bb5ed0708a669956ab5 ] LanmanServer C:\Windows\system32\srvsvc.dll 10:10:46.0396 4608 LanmanServer - ok 10:10:46.0450 4608 [ caf86fc1388be1e470f1a7b43e348adb ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 10:10:46.0539 4608 LanmanWorkstation - ok 10:10:46.0601 4608 [ 96ece2659b6654c10a0c310ae3a6d02c ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 10:10:46.0649 4608 lltdio - ok 10:10:46.0696 4608 [ 961ccbd0b1ccb5675d64976fae37d092 ] lltdsvc C:\Windows\System32\lltdsvc.dll 10:10:46.0730 4608 lltdsvc - ok 10:10:46.0780 4608 [ a47f8080cacc23c91fe823ad19aa5612 ] lmhosts C:\Windows\System32\lmhsvc.dll 10:10:46.0812 4608 lmhosts - ok 10:10:46.0841 4608 [ acbe1af32d3123e330a07bfbc5ec4a9b ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 10:10:46.0856 4608 LSI_FC - ok 10:10:46.0885 4608 [ 799ffb2fc4729fa46d2157c0065b3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 10:10:46.0899 4608 LSI_SAS - ok 10:10:46.0936 4608 [ f445ff1daad8a226366bfaf42551226b ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 10:10:46.0953 4608 LSI_SCSI - ok 10:10:46.0993 4608 [ 52f87b9cc8932c2a7375c3b2a9be5e3e ] luafv C:\Windows\system32\drivers\luafv.sys 10:10:47.0032 4608 luafv - ok 10:10:47.0070 4608 [ 76a58df02bd4ea29f189b82d0bef17f8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 10:10:47.0117 4608 Mcx2Svc - ok 10:10:47.0151 4608 [ e4f44ec214b3e381e1fc844a02926666 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys 10:10:47.0202 4608 mdmxsdk - ok 10:10:47.0255 4608 [ 5c5cd6aaced32fb26c3fb34b3dcf972f ] megasas C:\Windows\system32\drivers\megasas.sys 10:10:47.0272 4608 megasas - ok 10:10:47.0322 4608 [ 859bc2436b076c77c159ed694acfe8f8 ] MegaSR C:\Windows\system32\drivers\megasr.sys 10:10:47.0352 4608 MegaSR - ok 10:10:47.0370 4608 [ 3cbe4995e80e13ccfbc42e5dcf3ac81a ] MMCSS C:\Windows\system32\mmcss.dll 10:10:47.0426 4608 MMCSS - ok 10:10:47.0474 4608 [ 59848d5cc74606f0ee7557983bb73c2e ] Modem C:\Windows\system32\drivers\modem.sys 10:10:47.0528 4608 Modem - ok 10:10:47.0565 4608 [ c247cc2a57e0a0c8c6dccf7807b3e9e5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 10:10:47.0614 4608 monitor - ok 10:10:47.0703 4608 [ 940f4da752e28e6c4b1090d21aeb7b80 ] motmodem C:\Windows\system32\DRIVERS\motmodem.sys 10:10:47.0756 4608 motmodem - ok 10:10:47.0771 4608 [ 9367304e5e412b120cf5f4ea14e4e4f1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 10:10:47.0792 4608 mouclass - ok 10:10:47.0848 4608 [ c2c2bd5c5ce5aaf786ddd74b75d2ac69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 10:10:47.0917 4608 mouhid - ok 10:10:47.0956 4608 [ 11bc9b1e8801b01f7f6adb9ead30019b ] MountMgr C:\Windows\system32\drivers\mountmgr.sys 10:10:47.0979 4608 MountMgr - ok 10:10:48.0001 4608 [ f8276eb8698142884498a528dfea8478 ] mpio C:\Windows\system32\drivers\mpio.sys 10:10:48.0024 4608 mpio - ok 10:10:48.0072 4608 [ c92b9abdb65a5991e00c28f13491dba2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 10:10:48.0138 4608 mpsdrv - ok 10:10:48.0180 4608 [ 897e3baf68ba406a61682ae39c83900c ] MpsSvc C:\Windows\system32\mpssvc.dll 10:10:48.0230 4608 MpsSvc - ok 10:10:48.0265 4608 [ 3c200630a89ef2c0864d515b7a75802e ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys 10:10:48.0285 4608 Mraid35x - ok 10:10:48.0326 4608 [ 7c1de4aa96dc0c071611f9e7de02a68d ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 10:10:48.0351 4608 MRxDAV - ok 10:10:48.0385 4608 [ 1485811b320ff8c7edad1caebb1c6c2b ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 10:10:48.0412 4608 mrxsmb - ok 10:10:48.0444 4608 [ 3b929a60c833fc615fd97fba82bc7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 10:10:48.0482 4608 mrxsmb10 - ok 10:10:48.0500 4608 [ c64ab3e1f53b4f5b5bb6d796b2d7bec3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 10:10:48.0566 4608 mrxsmb20 - ok 10:10:48.0609 4608 [ 730b784962d22d2c6481eae2370e7c8c ] msahci C:\Windows\system32\drivers\msahci.sys 10:10:48.0636 4608 msahci - ok 10:10:48.0650 4608 [ 264bbb4aaf312a485f0e44b65a6b7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys 10:10:48.0673 4608 msdsm - ok 10:10:48.0686 4608 [ 7ec02ce772f068ed0beafa3da341a9bc ] MSDTC C:\Windows\System32\msdtc.exe 10:10:48.0747 4608 MSDTC - ok 10:10:48.0790 4608 [ 704f59bfc4512d2bb0146aec31b10a7c ] Msfs C:\Windows\system32\drivers\Msfs.sys 10:10:48.0830 4608 Msfs - ok 10:10:48.0865 4608 [ 00ebc952961664780d43dca157e79b27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 10:10:48.0879 4608 msisadrv - ok 10:10:48.0900 4608 [ 366b0c1f4478b519c181e37d43dcda32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 10:10:48.0956 4608 MSiSCSI - ok 10:10:48.0960 4608 msiserver - ok 10:10:48.0994 4608 [ 0ea73e498f53b96d83dbfca074ad4cf8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 10:10:49.0024 4608 MSKSSRV - ok 10:10:49.0060 4608 [ 52e59b7e992a58e740aa63f57edbae8b ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 10:10:49.0117 4608 MSPCLOCK - ok 10:10:49.0141 4608 [ 49084a75bae043ae02d5b44d02991bb2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 10:10:49.0190 4608 MSPQM - ok 10:10:49.0233 4608 [ dc6ccf440cdede4293db41c37a5060a5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 10:10:49.0256 4608 MsRPC - ok 10:10:49.0343 4608 [ 855796e59df77ea93af46f20155bf55b ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 10:10:49.0367 4608 mssmbios - ok 10:10:49.0428 4608 [ 86d632d75d05d5b7c7c043fa3564ae86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 10:10:49.0475 4608 MSTEE - ok 10:10:49.0551 4608 [ 0cc49f78d8aca0877d885f149084e543 ] Mup C:\Windows\system32\Drivers\mup.sys 10:10:49.0578 4608 Mup - ok 10:10:49.0816 4608 [ f2840dbfe9322f35557219ae82cc4597 ] N360 C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\ccSvcHst.exe 10:10:49.0841 4608 N360 - ok 10:10:49.0924 4608 [ a5b10c845e7538c60c0f5d87a57cb3f5 ] napagent C:\Windows\system32\qagentRT.dll 10:10:49.0966 4608 napagent - ok 10:10:50.0048 4608 [ 2007b826c4acd94ae32232b41f0842b9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 10:10:50.0085 4608 NativeWifiP - ok 10:10:50.0183 4608 [ 8043d41f881d6ace40b854ad6e32217f ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120817.034\ENG64.SYS 10:10:50.0216 4608 NAVENG - ok 10:10:50.0281 4608 [ 9a9ab2fc45d701daed465d14980f1305 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120817.034\EX64.SYS 10:10:50.0397 4608 NAVEX15 - ok 10:10:50.0473 4608 [ 65950e07329fcee8e6516b17c8d0abb6 ] NDIS C:\Windows\system32\drivers\ndis.sys 10:10:50.0559 4608 NDIS - ok 10:10:50.0617 4608 [ 64df698a425478e321981431ac171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 10:10:50.0675 4608 NdisTapi - ok 10:10:50.0721 4608 [ 8baa43196d7b5bb972c9a6b2bbf61a19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 10:10:50.0821 4608 Ndisuio - ok 10:10:50.0843 4608 [ f8158771905260982ce724076419ef19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 10:10:50.0900 4608 NdisWan - ok 10:10:50.0932 4608 [ 9cb77ed7cb72850253e973a2d6afdf49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 10:10:50.0993 4608 NDProxy - ok 10:10:51.0027 4608 [ 59267d2f0328599aa3b5408c2e06126f ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll 10:10:51.0036 4608 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 10:10:51.0036 4608 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 10:10:51.0050 4608 [ a499294f5029a7862adc115bda7371ce ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 10:10:51.0120 4608 NetBIOS - ok 10:10:51.0164 4608 [ fc2c792ebddc8e28df939d6a92c83d61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys 10:10:51.0232 4608 netbt - ok 10:10:51.0266 4608 [ 260bf9c43ee12c6898a9f5aab0fb0e5d ] Netlogon C:\Windows\system32\lsass.exe 10:10:51.0287 4608 Netlogon - ok 10:10:51.0320 4608 [ 9b63b29defc0f3115a559d2597bf5d75 ] Netman C:\Windows\System32\netman.dll 10:10:51.0404 4608 Netman - ok 10:10:51.0428 4608 [ 7846d0136cc2b264926a73047ba7688a ] netprofm C:\Windows\System32\netprofm.dll 10:10:51.0504 4608 netprofm - ok 10:10:51.0532 4608 [ 74751dda198165947fd7454d83f49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 10:10:51.0553 4608 NetTcpPortSharing - ok 10:10:51.0579 4608 [ 4ac08bd6af2df42e0c3196d826c8aea7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 10:10:51.0600 4608 nfrd960 - ok 10:10:51.0682 4608 [ f145bf4c4668e7e312069f81ef847cfc ] NlaSvc C:\Windows\System32\nlasvc.dll 10:10:51.0773 4608 NlaSvc - ok 10:10:51.0801 4608 [ b298874f8e0ea93f06ec40aa8d146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys 10:10:51.0842 4608 Npfs - ok 10:10:51.0853 4608 [ acb62baa1c319b17752553df3026eeeb ] nsi C:\Windows\system32\nsisvc.dll 10:10:51.0925 4608 nsi - ok 10:10:51.0966 4608 [ 1523af19ee8b030ba682f7a53537eaeb ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 10:10:52.0035 4608 nsiproxy - ok 10:10:52.0139 4608 [ bac869dfb98e499ba4d9bb1fb43270e1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 10:10:52.0241 4608 Ntfs - ok 10:10:52.0274 4608 [ dd5d684975352b85b52e3fd5347c20cb ] Null C:\Windows\system32\drivers\Null.sys 10:10:52.0331 4608 Null - ok 10:10:52.0363 4608 [ 2c040b7ada5b06f6facadac8514aa034 ] nvraid C:\Windows\system32\drivers\nvraid.sys 10:10:52.0385 4608 nvraid - ok 10:10:52.0400 4608 [ f7ea0fe82842d05eda3efdd376dbfdba ] nvstor C:\Windows\system32\drivers\nvstor.sys 10:10:52.0425 4608 nvstor - ok 10:10:52.0447 4608 [ 19067ca93075ef4823e3938a686f532f ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 10:10:52.0470 4608 nv_agp - ok 10:10:52.0475 4608 NwlnkFlt - ok 10:10:52.0481 4608 NwlnkFwd - ok 10:10:52.0536 4608 [ 7b58953e2f263421fdbb09a192712a85 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 10:10:52.0630 4608 ohci1394 - ok 10:10:52.0695 4608 [ 7a56cf3e3f12e8af599963b16f50fb6a ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 10:10:52.0713 4608 ose - ok 10:10:52.0751 4608 [ 9ae31d2e1d15c10d91318e0ec149ceac ] p2pimsvc C:\Windows\system32\p2psvc.dll 10:10:52.0813 4608 p2pimsvc - ok 10:10:52.0830 4608 [ 9ae31d2e1d15c10d91318e0ec149ceac ] p2psvc C:\Windows\system32\p2psvc.dll 10:10:52.0873 4608 p2psvc - ok 10:10:52.0916 4608 [ aecd57f94c887f58919f307c35498ea0 ] Parport C:\Windows\system32\drivers\parport.sys 10:10:53.0107 4608 Parport - ok 10:10:53.0189 4608 [ b43751085e2abe389da466bc62a4b987 ] partmgr C:\Windows\system32\drivers\partmgr.sys 10:10:53.0284 4608 partmgr - ok 10:10:53.0314 4608 [ 9ab157b374192ff276c1628fbdba2b0e ] PcaSvc C:\Windows\System32\pcasvc.dll 10:10:53.0377 4608 PcaSvc - ok 10:10:53.0414 4608 [ 47ab1e0fc9d0e12bb53ba246e3a0906d ] pci C:\Windows\system32\drivers\pci.sys 10:10:53.0495 4608 pci - ok 10:10:53.0602 4608 [ 2657f6c0b78c36d95034be109336e382 ] pciide C:\Windows\system32\drivers\pciide.sys 10:10:53.0646 4608 pciide - ok 10:10:53.0710 4608 [ 037661f3d7c507c9993b7010ceee6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 10:10:53.0734 4608 pcmcia - ok 10:10:53.0770 4608 [ 58865916f53592a61549b04941bfd80d ] PEAUTH C:\Windows\system32\drivers\peauth.sys 10:10:53.0873 4608 PEAUTH - ok 10:10:53.0965 4608 [ 0ed8727ea0172860f47258456c06caea ] PerfHost C:\Windows\SysWow64\perfhost.exe 10:10:54.0048 4608 PerfHost - ok 10:10:54.0117 4608 [ e9e68c1a0f25cf4a7ac966eea74ee89e ] pla C:\Windows\system32\pla.dll 10:10:54.0233 4608 pla - ok 10:10:54.0306 4608 [ fe6b0f59215c9fd9f9d26539c58c8b82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 10:10:54.0348 4608 PlugPlay - ok 10:10:54.0404 4608 [ 5261a2fd55183ac6993145ab6662cddf ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll 10:10:54.0436 4608 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 10:10:54.0436 4608 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 10:10:54.0461 4608 PnkBstrA - ok 10:10:54.0487 4608 [ 9ae31d2e1d15c10d91318e0ec149ceac ] PNRPAutoReg C:\Windows\system32\p2psvc.dll 10:10:54.0566 4608 PNRPAutoReg - ok 10:10:54.0596 4608 [ 9ae31d2e1d15c10d91318e0ec149ceac ] PNRPsvc C:\Windows\system32\p2psvc.dll 10:10:54.0635 4608 PNRPsvc - ok 10:10:54.0696 4608 [ 89a5560671c2d8b4a4b51f3e1aa069d8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 10:10:54.0790 4608 PolicyAgent - ok 10:10:54.0906 4608 [ 23386e9952025f5f21c368971e2e7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 10:10:55.0065 4608 PptpMiniport - ok 10:10:55.0101 4608 [ 5080e59ecee0bc923f14018803aa7a01 ] Processor C:\Windows\system32\drivers\processr.sys 10:10:55.0227 4608 Processor - ok 10:10:55.0329 4608 [ e058ce4fc2449d8bfa14739c83b7ff2a ] ProfSvc C:\Windows\system32\profsvc.dll 10:10:55.0471 4608 ProfSvc - ok 10:10:55.0489 4608 [ 260bf9c43ee12c6898a9f5aab0fb0e5d ] ProtectedStorage C:\Windows\system32\lsass.exe 10:10:55.0512 4608 ProtectedStorage - ok 10:10:55.0573 4608 [ c5ab7f0809392d0da027f4a2a81bfa31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys 10:10:55.0614 4608 PSched - ok 10:10:55.0708 4608 [ 46851bc18322da70f3f2299a1007c479 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys 10:10:55.0726 4608 PxHlpa64 - ok 10:10:55.0770 4608 [ 0b83f4e681062f3839be2ec1d98fd94a ] ql2300 C:\Windows\system32\drivers\ql2300.sys 10:10:55.0837 4608 ql2300 - ok 10:10:55.0874 4608 [ e1c80f8d4d1e39ef9595809c1369bf2a ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 10:10:55.0897 4608 ql40xx - ok 10:10:56.0000 4608 [ 90574842c3da781e279061a3eff91f07 ] QWAVE C:\Windows\system32\qwave.dll 10:10:56.0053 4608 QWAVE - ok 10:10:56.0083 4608 [ e8d76edab77ec9c634c27b8eac33adc5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 10:10:56.0147 4608 QWAVEdrv - ok 10:10:56.0258 4608 [ 2a09a6b271d1f50adf5e33b37d460de6 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys 10:10:56.0466 4608 R300 - ok 10:10:56.0484 4608 [ 1013b3b663a56d3ddd784f581c1bd005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 10:10:56.0534 4608 RasAcd - ok 10:10:56.0589 4608 [ b2ae18f847d07f0044404ddf7cb04497 ] RasAuto C:\Windows\System32\rasauto.dll 10:10:56.0662 4608 RasAuto - ok 10:10:56.0760 4608 [ ac7bc4d42a7e558718dfdec599bbfc2c ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 10:10:56.0822 4608 Rasl2tp - ok 10:10:56.0952 4608 [ 3ad83e4046c43be510de681588acb8af ] RasMan C:\Windows\System32\rasmans.dll 10:10:56.0997 4608 RasMan - ok 10:10:57.0060 4608 [ 4517fbf8b42524afe4ede1de102aae3e ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 10:10:57.0122 4608 RasPppoe - ok 10:10:57.0231 4608 [ c6a593b51f34c33e5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 10:10:57.0263 4608 RasSstp - ok 10:10:57.0352 4608 [ 322db5c6b55e8d8ee8d6f358b2aaabb1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 10:10:57.0420 4608 rdbss - ok 10:10:57.0447 4608 [ 603900cc05f6be65ccbf373800af3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 10:10:57.0492 4608 RDPCDD - ok 10:10:57.0587 4608 [ c045d1fb111c28df0d1be8d4bda22c06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys 10:10:57.0700 4608 rdpdr - ok 10:10:57.0706 4608 [ cab9421daf3d97b33d0d055858e2c3ab ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 10:10:57.0765 4608 RDPENCDD - ok 10:10:57.0837 4608 [ ae4bd9e1c33d351d8e607fc81f15160c ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 10:10:57.0932 4608 RDPWD - ok 10:10:57.0966 4608 [ c612b9557da73f70d41f8a6fbc8e5344 ] RemoteAccess C:\Windows\System32\mprdim.dll 10:10:58.0037 4608 RemoteAccess - ok 10:10:58.0104 4608 [ 44b9d8ec2f3ef3a0efb00857af70d861 ] RemoteRegistry C:\Windows\system32\regsvc.dll 10:10:58.0160 4608 RemoteRegistry - ok 10:10:58.0203 4608 [ f46c457840d4b7a4daafee739ce04102 ] RpcLocator C:\Windows\system32\locator.exe 10:10:58.0237 4608 RpcLocator - ok 10:10:58.0268 4608 [ cf8b9a3a5e7dc57724a89d0c3e8cf9ef ] RpcSs C:\Windows\system32\rpcss.dll 10:10:58.0321 4608 RpcSs - ok 10:10:58.0359 4608 [ 22a9cb08b1a6707c1550c6bf099aae73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 10:10:58.0398 4608 rspndr - ok 10:10:58.0483 4608 [ 335352091acc9884b9c527edcdd643bb ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys 10:10:58.0588 4608 RTL8169 - ok 10:10:58.0604 4608 [ 260bf9c43ee12c6898a9f5aab0fb0e5d ] SamSs C:\Windows\system32\lsass.exe 10:10:58.0617 4608 SamSs - ok 10:10:58.0641 4608 [ cd9c693589c60ad59bbbcfb0e524e01b ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 10:10:58.0654 4608 sbp2port - ok 10:10:58.0721 4608 [ fd1cdcf108d5ef3366f00d18b70fb89b ] SCardSvr C:\Windows\System32\SCardSvr.dll 10:10:58.0758 4608 SCardSvr - ok 10:10:59.0012 4608 [ 0f838c811ad295d2a4489b9993096c63 ] Schedule C:\Windows\system32\schedsvc.dll 10:10:59.0128 4608 Schedule - ok 10:10:59.0232 4608 [ 5a268127633c7ee2a7fb87f39d748d56 ] SCPolicySvc C:\Windows\System32\certprop.dll 10:10:59.0268 4608 SCPolicySvc - ok 10:10:59.0323 4608 [ 4ff71b076a7760fe75ea5ae2d0ee0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll 10:10:59.0365 4608 SDRSVC - ok 10:10:59.0386 4608 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 10:10:59.0497 4608 secdrv - ok 10:10:59.0544 4608 [ 5acdcbc67fcf894a1815b9f96d704490 ] seclogon C:\Windows\system32\seclogon.dll 10:10:59.0602 4608 seclogon - ok 10:10:59.0642 4608 [ 90973a64b96cd647ff81c79443618eed ] SENS C:\Windows\System32\sens.dll 10:10:59.0694 4608 SENS - ok 10:10:59.0729 4608 [ f71bfe7ac6c52273b7c82cbf1bb2a222 ] Serenum C:\Windows\system32\drivers\serenum.sys 10:10:59.0783 4608 Serenum - ok 10:10:59.0796 4608 [ e62fac91ee288db29a9696a9d279929c ] Serial C:\Windows\system32\drivers\serial.sys 10:10:59.0901 4608 Serial - ok 10:10:59.0940 4608 [ a842f04833684bceea7336211be478df ] sermouse C:\Windows\system32\drivers\sermouse.sys 10:11:00.0000 4608 sermouse - ok 10:11:00.0043 4608 [ a8e4a4407a09f35dccc3771af590b0c4 ] SessionEnv C:\Windows\system32\sessenv.dll 10:11:00.0099 4608 SessionEnv - ok 10:11:00.0125 4608 [ 14d4b4465193a87c127933978e8c4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 10:11:00.0201 4608 sffdisk - ok 10:11:00.0222 4608 [ 7073aee3f82f3d598e3825962aa98ab2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 10:11:00.0282 4608 sffp_mmc - ok 10:11:00.0322 4608 [ 35e59ebe4a01a0532ed67975161c7b82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 10:11:00.0356 4608 sffp_sd - ok 10:11:00.0395 4608 [ 6b7838c94135768bd455cbdc23e39e5f ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 10:11:00.0438 4608 sfloppy - ok 10:11:00.0461 4608 [ 4c5aee179da7e1ee9a9ccb9da289af34 ] SharedAccess C:\Windows\System32\ipnathlp.dll 10:11:00.0625 4608 SharedAccess - ok 10:11:00.0778 4608 [ 56793271ecdedd350c5add305603e963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 10:11:00.0911 4608 ShellHWDetection - ok 10:11:00.0925 4608 [ 7a5de502aeb719d4594c6471060a78b3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys 10:11:00.0944 4608 SiSRaid2 - ok 10:11:00.0955 4608 [ 3a2f769fab9582bc720e11ea1dfb184d ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 10:11:00.0976 4608 SiSRaid4 - ok 10:11:01.0044 4608 [ a9a27a8e257b45a604fdad4f26fe7241 ] slsvc C:\Windows\system32\SLsvc.exe 10:11:01.0207 4608 slsvc - ok 10:11:01.0288 4608 [ fd74b4b7c2088e390a30c85a896fc3af ] SLUINotify C:\Windows\system32\SLUINotify.dll 10:11:01.0379 4608 SLUINotify - ok 10:11:01.0456 4608 [ 290b6f6a0ec4fcdfc90f5cb6d7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys 10:11:01.0512 4608 Smb - ok 10:11:01.0610 4608 [ f8f47f38909823b1af28d60b96340cff ] SNMPTRAP C:\Windows\System32\snmptrap.exe 10:11:01.0643 4608 SNMPTRAP - ok 10:11:01.0658 4608 [ 386c3c63f00a7040c7ec5e384217e89d ] spldr C:\Windows\system32\drivers\spldr.sys 10:11:01.0678 4608 spldr - ok 10:11:01.0855 4608 [ f66ff751e7efc816d266977939ef5dc3 ] Spooler C:\Windows\System32\spoolsv.exe 10:11:01.0910 4608 Spooler - ok 10:11:01.0984 4608 [ d630b6f2e8379b6f10dc16e82a426552 ] sprtsvc_DellComms C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe 10:11:02.0002 4608 sprtsvc_DellComms - ok 10:11:02.0050 4608 [ 891793e00432fa055cf040605c260e49 ] SRTSP C:\Windows\System32\Drivers\N360x64\0603000.00E\SRTSP64.SYS 10:11:02.0086 4608 SRTSP - ok 10:11:02.0125 4608 [ 1cb7bb3b0561fb5ecfe37f7731e8bf3e ] SRTSPX C:\Windows\system32\drivers\N360x64\0603000.00E\SRTSPX64.SYS 10:11:02.0171 4608 SRTSPX - ok 10:11:02.0337 4608 [ 880a57fccb571ebd063d4dd50e93e46d ] srv C:\Windows\system32\DRIVERS\srv.sys 10:11:02.0434 4608 srv - ok 10:11:02.0552 4608 [ a1ad14a6d7a37891fffeca35ebbb0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 10:11:02.0576 4608 srv2 - ok 10:11:02.0689 4608 [ 4bed62f4fa4d8300973f1151f4c4d8a7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 10:11:02.0727 4608 srvnet - ok 10:11:02.0801 4608 [ c1212ba5ab6783191899d194672a5b5c ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys 10:11:02.0905 4608 ssadbus - ok 10:11:02.0931 4608 [ eb270596d4117c4306442f36ef2c290e ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys 10:11:02.0977 4608 ssadmdfl - ok 10:11:02.0993 4608 [ e29027dfaec246299d1cf88627c5cbe6 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys 10:11:03.0044 4608 ssadmdm - ok 10:11:03.0115 4608 [ 192c74646ec5725aef3f80d19ff75f6a ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 10:11:03.0167 4608 SSDPSRV - ok 10:11:03.0221 4608 [ 2ee3fa0308e6185ba64a9a7f2e74332b ] SstpSvc C:\Windows\system32\sstpsvc.dll 10:11:03.0267 4608 SstpSvc - ok 10:11:03.0455 4608 [ 15825c1fbfb8779992cb65087f316af5 ] stisvc C:\Windows\System32\wiaservc.dll 10:11:03.0511 4608 stisvc - ok 10:11:03.0565 4608 [ 1d0063597c3666404fcf97698abeb019 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe 10:11:03.0617 4608 stllssvr - ok 10:11:03.0694 4608 [ 8a851ca908b8b974f89c50d2e18d4f0c ] swenum C:\Windows\system32\DRIVERS\swenum.sys 10:11:03.0737 4608 swenum - ok 10:11:03.0884 4608 [ 6de37f4de19d4efd9c48c43addbc949a ] swprv C:\Windows\System32\swprv.dll 10:11:04.0009 4608 swprv - ok 10:11:04.0034 4608 [ 2f26a2c6fc96b29beff5d8ed74e6625b ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys 10:11:04.0052 4608 Symc8xx - ok 10:11:04.0226 4608 [ 8b2430762099598da40686f754632efd ] SymDS C:\Windows\system32\drivers\N360x64\0603000.00E\SYMDS64.SYS 10:11:04.0327 4608 SymDS - ok 10:11:04.0410 4608 [ 5cb7f2fd7e30a0f52f93574bfc3a8041 ] SymEFA C:\Windows\system32\drivers\N360x64\0603000.00E\SYMEFA64.SYS 10:11:04.0471 4608 SymEFA - ok 10:11:04.0575 4608 [ 898bb48c797483420df523b2bbc1ecdb ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 10:11:04.0604 4608 SymEvent - ok 10:11:04.0680 4608 SYMFW - ok 10:11:04.0776 4608 [ 5013a76caaa1d7cf1c55214b490b4e35 ] SymIRON C:\Windows\system32\drivers\N360x64\0603000.00E\Ironx64.SYS 10:11:04.0859 4608 SymIRON - ok 10:11:04.0870 4608 SYMNDISV - ok 10:11:04.0944 4608 [ a25fee245c78804601d83431386a0bee ] SYMTDIv C:\Windows\System32\Drivers\N360x64\0603000.00E\SYMTDIV.SYS 10:11:05.0022 4608 SYMTDIv - ok 10:11:05.0063 4608 [ a909667976d3bccd1df813fed517d837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys 10:11:05.0087 4608 Sym_hi - ok 10:11:05.0101 4608 [ 36887b56ec2d98b9c362f6ae4de5b7b0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys 10:11:05.0121 4608 Sym_u3 - ok 10:11:05.0157 4608 [ 92d7a8b0f87b036f17d25885937897a6 ] SysMain C:\Windows\system32\sysmain.dll 10:11:05.0309 4608 SysMain - ok 10:11:05.0375 4608 [ 005ce42567f9113a3bccb3b20073b029 ] TabletInputService C:\Windows\System32\TabSvc.dll 10:11:05.0441 4608 TabletInputService - ok 10:11:05.0519 4608 [ cc2562b4d55e0b6a4758c65407f63b79 ] TapiSrv C:\Windows\System32\tapisrv.dll 10:11:05.0552 4608 TapiSrv - ok 10:11:05.0602 4608 [ cdbe8d7c1e201b911cdc346d06617fb5 ] TBS C:\Windows\System32\tbssvc.dll 10:11:05.0664 4608 TBS - ok 10:11:05.0742 4608 [ 46d448e9117464e4d3bbf36d7e3fa48e ] Tcpip C:\Windows\system32\drivers\tcpip.sys 10:11:06.0456 4608 Tcpip - ok 10:11:06.0533 4608 [ 46d448e9117464e4d3bbf36d7e3fa48e ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys 10:11:06.0639 4608 Tcpip6 - ok 10:11:06.0706 4608 [ c7e72a4071ee0200e3c075dacfb2b334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 10:11:06.0815 4608 tcpipreg - ok 10:11:06.0889 4608 [ 1d8bf4aaa5fb7a2761475781dc1195bc ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 10:11:06.0930 4608 TDPIPE - ok 10:11:06.0957 4608 [ 7f7e00cdf609df657f4cda02dd1c9bb1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 10:11:07.0045 4608 TDTCP - ok 10:11:07.0091 4608 [ 458919c8c42e398dc4802178d5ffee27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 10:11:07.0156 4608 tdx - ok 10:11:07.0171 4608 [ 8c19678d22649ec002ef2282eae92f98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 10:11:07.0225 4608 TermDD - ok 10:11:07.0357 4608 [ 5cdd30bc217082dac71a9878d9bfd566 ] TermService C:\Windows\System32\termsrv.dll 10:11:07.0621 4608 TermService - ok 10:11:07.0716 4608 [ 56793271ecdedd350c5add305603e963 ] Themes C:\Windows\system32\shsvcs.dll 10:11:07.0731 4608 Themes - ok 10:11:07.0768 4608 [ 3cbe4995e80e13ccfbc42e5dcf3ac81a ] THREADORDER C:\Windows\system32\mmcss.dll 10:11:07.0797 4608 THREADORDER - ok 10:11:07.0824 4608 [ f4689f05af472a651a7b1b7b02d200e7 ] TrkWks C:\Windows\System32\trkwks.dll 10:11:07.0862 4608 TrkWks - ok 10:11:07.0950 4608 [ 66328b08ef5a9305d8ede36b93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 10:11:08.0023 4608 TrustedInstaller - ok 10:11:08.0096 4608 [ 9e5409cd17c8bef193aad498f3bc2cb8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 10:11:08.0162 4608 tssecsrv - ok 10:11:08.0198 4608 [ 89ec74a9e602d16a75a4170511029b3c ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys 10:11:08.0219 4608 tunmp - ok 10:11:08.0238 4608 [ 30a9b3f45ad081bffc3bcaa9c812b609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 10:11:08.0258 4608 tunnel - ok 10:11:08.0296 4608 [ fec266ef401966311744bd0f359f7f56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 10:11:08.0320 4608 uagp35 - ok 10:11:08.0404 4608 [ faf2640a2a76ed03d449e443194c4c34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 10:11:08.0474 4608 udfs - ok 10:11:08.0524 4608 [ 060507c4113391394478f6953a79eedc ] UI0Detect C:\Windows\system32\UI0Detect.exe 10:11:08.0627 4608 UI0Detect - ok 10:11:08.0640 4608 [ 4ec9447ac3ab462647f60e547208ca00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 10:11:08.0653 4608 uliagpkx - ok 10:11:08.0668 4608 [ 697f0446134cdc8f99e69306184fbbb4 ] uliahci C:\Windows\system32\drivers\uliahci.sys 10:11:08.0693 4608 uliahci - ok 10:11:08.0709 4608 [ 31707f09846056651ea2c37858f5ddb0 ] UlSata C:\Windows\system32\drivers\ulsata.sys 10:11:08.0724 4608 UlSata - ok 10:11:08.0740 4608 [ 85e5e43ed5b48c8376281bab519271b7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys 10:11:08.0755 4608 ulsata2 - ok 10:11:08.0766 4608 [ 46e9a994c4fed537dd951f60b86ad3f4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 10:11:08.0806 4608 umbus - ok 10:11:08.0923 4608 [ 7093799ff80e9deca0680d2e3535be60 ] upnphost C:\Windows\System32\upnphost.dll 10:11:09.0018 4608 upnphost - ok 10:11:09.0108 4608 [ a2d6c837f4bc7d0e084a67d7704c4ea8 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 10:11:09.0149 4608 USBAAPL64 - ok 10:11:09.0184 4608 [ 07e3498fc60834219d2356293da0fecc ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 10:11:09.0241 4608 usbccgp - ok 10:11:09.0297 4608 [ 9247f7e0b65852c1f6631480984d6ed2 ] usbcir C:\Windows\system32\drivers\usbcir.sys 10:11:09.0404 4608 usbcir - ok 10:11:09.0450 4608 [ 827e44de934a736ea31e91d353eb126f ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 10:11:09.0474 4608 usbehci - ok 10:11:09.0484 4608 [ bb35cd80a2ececfadc73569b3d70c7d1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 10:11:09.0556 4608 usbhub - ok 10:11:09.0572 4608 [ eba14ef0c07cec233f1529c698d0d154 ] usbohci C:\Windows\system32\drivers\usbohci.sys 10:11:09.0645 4608 usbohci - ok 10:11:09.0683 4608 [ 28b693b6d31e7b9332c1bdcefef228c1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 10:11:09.0713 4608 usbprint - ok 10:11:09.0771 4608 [ ea0bf666868964fbe8cb10e50c97b9f1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 10:11:09.0826 4608 usbscan - ok 10:11:09.0865 4608 [ b854c1558fca0c269a38663e8b59b581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 10:11:09.0930 4608 USBSTOR - ok 10:11:09.0973 4608 [ b2872cbf9f47316abd0e0c74a1aba507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 10:11:10.0016 4608 usbuhci - ok 10:11:10.0062 4608 [ d76e231e4850bb3f88a3d9a78df191e3 ] UxSms C:\Windows\System32\uxsms.dll 10:11:10.0105 4608 UxSms - ok 10:11:10.0271 4608 [ 294945381dfa7ce58cecf0a9896af327 ] vds C:\Windows\System32\vds.exe 10:11:10.0318 4608 vds - ok 10:11:10.0393 4608 [ 916b94bcf1e09873fff2d5fb11767bbc ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 10:11:10.0473 4608 vga - ok 10:11:10.0505 4608 [ b83ab16b51feda65dd81b8c59d114d63 ] VgaSave C:\Windows\System32\drivers\vga.sys 10:11:10.0573 4608 VgaSave - ok 10:11:10.0617 4608 [ 8294b6c3fdb6c33f24e150de647ecdaa ] viaide C:\Windows\system32\drivers\viaide.sys 10:11:10.0639 4608 viaide - ok 10:11:10.0699 4608 [ 2b7e885ed951519a12c450d24535dfca ] volmgr C:\Windows\system32\drivers\volmgr.sys 10:11:10.0739 4608 volmgr - ok 10:11:10.0808 4608 [ cec5ac15277d75d9e5dec2e1c6eaf877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 10:11:10.0839 4608 volmgrx - ok 10:11:10.0866 4608 [ 5280aada24ab36b01a84a6424c475c8d ] volsnap C:\Windows\system32\drivers\volsnap.sys 10:11:10.0893 4608 volsnap - ok 10:11:10.0941 4608 [ a68f455ed2673835209318dd61bfbb0e ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 10:11:10.0968 4608 vsmraid - ok 10:11:11.0102 4608 [ b75232dad33bfd95bf6f0a3e6bff51e1 ] VSS C:\Windows\system32\vssvc.exe 10:11:11.0211 4608 VSS - ok 10:11:11.0257 4608 [ f14a7de2ea41883e250892e1e5230a9a ] W32Time C:\Windows\system32\w32time.dll 10:11:11.0346 4608 W32Time - ok 10:11:11.0364 4608 [ fef8fe5923fead2cee4dfabfce3393a7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 10:11:11.0440 4608 WacomPen - ok 10:11:11.0530 4608 [ b8e7049622300d20ba6d8be0c47c0cfd ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys 10:11:11.0566 4608 Wanarp - ok 10:11:11.0647 4608 [ b8e7049622300d20ba6d8be0c47c0cfd ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 10:11:11.0669 4608 Wanarpv6 - ok 10:11:11.0828 4608 [ b4e4c37d0aa6100090a53213ee2bf1c1 ] wcncsvc C:\Windows\System32\wcncsvc.dll 10:11:12.0227 4608 wcncsvc - ok 10:11:12.0265 4608 [ ea4b369560e986f19d93f45a881484ac ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 10:11:12.0328 4608 WcsPlugInService - ok 10:11:12.0371 4608 [ 0c17a0816f65b89e362e682ad5e7266e ] Wd C:\Windows\system32\drivers\wd.sys 10:11:12.0392 4608 Wd - ok 10:11:12.0513 4608 [ d02e7e4567da1e7582fbf6a91144b0df ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 10:11:12.0560 4608 Wdf01000 - ok 10:11:12.0575 4608 [ c5efda73ebfca8b02a094898de0a9276 ] WdiServiceHost C:\Windows\system32\wdi.dll 10:11:12.0613 4608 WdiServiceHost - ok 10:11:12.0621 4608 [ c5efda73ebfca8b02a094898de0a9276 ] WdiSystemHost C:\Windows\system32\wdi.dll 10:11:12.0654 4608 WdiSystemHost - ok 10:11:12.0690 4608 [ 3e6d05381cf35f75ebb055544a8ed9ac ] WebClient C:\Windows\System32\webclnt.dll 10:11:12.0738 4608 WebClient - ok 10:11:12.0791 4608 [ 8d40bc587993f876658bf9fb0f7d3462 ] Wecsvc C:\Windows\system32\wecsvc.dll 10:11:12.0855 4608 Wecsvc - ok 10:11:12.0913 4608 [ 9c980351d7e96288ea0c23ae232bd065 ] wercplsupport C:\Windows\System32\wercplsupport.dll 10:11:12.0972 4608 wercplsupport - ok 10:11:13.0001 4608 [ 66b9ecebc46683f47edc06333c075fef ] WerSvc C:\Windows\System32\WerSvc.dll 10:11:13.0040 4608 WerSvc - ok 10:11:13.0097 4608 [ a53cde6beea165fe9b430476eede3c54 ] winachsf C:\Windows\system32\DRIVERS\CAX_CNXT.sys 10:11:13.0126 4608 winachsf - ok 10:11:13.0168 4608 WinDefend - ok 10:11:13.0173 4608 WinHttpAutoProxySvc - ok 10:11:13.0263 4608 [ d2e7296ed1bd26d8db2799770c077a02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 10:11:13.0303 4608 Winmgmt - ok 10:11:13.0380 4608 [ 6cbb0c68f13b9c2ec1b16f5fa5e7c869 ] WinRM C:\Windows\system32\WsmSvc.dll 10:11:13.0508 4608 WinRM - ok 10:11:13.0589 4608 [ ec339c8115e91baed835957e9a677f16 ] Wlansvc C:\Windows\System32\wlansvc.dll 10:11:13.0687 4608 Wlansvc - ok 10:11:13.0710 4608 [ 7999dfb1c555efc0db69576f70027867 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 10:11:13.0731 4608 WmiAcpi - ok 10:11:13.0782 4608 [ 21fa389e65a852698b6a1341f36ee02d ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 10:11:13.0824 4608 wmiApSrv - ok 10:11:13.0975 4608 WMPNetworkSvc - ok 10:11:14.0048 4608 [ cbc156c913f099e6680d1df9307db7a8 ] WPCSvc C:\Windows\System32\wpcsvc.dll 10:11:14.0124 4608 WPCSvc - ok 10:11:14.0170 4608 [ 490a18b4e4d53dc10879deaa8e8b70d9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 10:11:14.0207 4608 WPDBusEnum - ok 10:11:14.0244 4608 [ 5e2401b3fc1089c90e081291357371a9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys 10:11:14.0291 4608 WpdUsb - ok 10:11:14.0638 4608 [ 991e2c2cf3bc204c2bb2ee1476149e4e ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe 10:11:14.0707 4608 WPFFontCache_v0400 - ok 10:11:14.0757 4608 [ 8a900348370e359b6bff6a550e4649e1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 10:11:14.0862 4608 ws2ifsl - ok 10:11:14.0947 4608 [ 9ea3e6d0ef7a5c2b9181961052a4b01a ] wscsvc C:\Windows\System32\wscsvc.dll 10:11:14.0990 4608 wscsvc - ok 10:11:14.0995 4608 WSearch - ok 10:11:15.0084 4608 [ d9ef901dca379cfe914e9fa13b73b4c4 ] wuauserv C:\Windows\system32\wuaueng.dll 10:11:15.0204 4608 wuauserv - ok 10:11:15.0253 4608 [ 501a65252617b495c0f1832f908d54d8 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 10:11:15.0336 4608 WUDFRd - ok 10:11:15.0382 4608 [ 6cbd51ff913c851d56ed9dc7f2a27dde ] wudfsvc C:\Windows\System32\WUDFSvc.dll 10:11:15.0493 4608 wudfsvc - ok 10:11:15.0531 4608 [ f22e443518bc599d12888daf292a56d8 ] XAudio C:\Windows\system32\DRIVERS\xaudio64.sys 10:11:15.0594 4608 XAudio - ok 10:11:15.0643 4608 [ 963c27034bba4ac52a13f7a3c657c708 ] XAudioService C:\Windows\system32\DRIVERS\xaudio64.exe 10:11:15.0676 4608 XAudioService - ok 10:11:15.0723 4608 ================ Scan global =============================== 10:11:15.0746 4608 (060dc3a7a9a2626031eb23d90151428d) C:\Windows\system32\basesrv.dll 10:11:15.0777 4608 (aa137104cdfc81818a309cde32abb74a) C:\Windows\system32\winsrv.dll 10:11:15.0795 4608 (aa137104cdfc81818a309cde32abb74a) C:\Windows\system32\winsrv.dll 10:11:15.0822 4608 (934e0b7d77ff78c18d9f8891221b6de3) C:\Windows\system32\services.exe 10:11:15.0829 4608 [Global] - ok 10:11:15.0830 4608 ================ Scan MBR ================================== 10:11:15.0845 4608 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 10:11:16.0240 4608 \Device\Harddisk0\DR0 - ok 10:11:16.0241 4608 ================ Scan VBR ================================== 10:11:16.0271 4608 Boot (0x1200) (a88d7574adc5ff9bf8acaa6bee101666) \Device\Harddisk0\DR0\Partition1 10:11:16.0278 4608 \Device\Harddisk0\DR0\Partition1 - ok 10:11:16.0282 4608 Boot (0x1200) (e60ded1d34ea48d394744f384feb550e) \Device\Harddisk0\DR0\Partition2 10:11:16.0285 4608 \Device\Harddisk0\DR0\Partition2 - ok 10:11:16.0285 4608 ============================================================ 10:11:16.0285 4608 Scan finished 10:11:16.0285 4608 ============================================================ 10:11:16.0302 5804 Detected object count: 6 10:11:16.0302 5804 Actual detected object count: 6 10:13:14.0396 5804 AGCoreService ( UnsignedFile.Multi.Generic ) - skipped by user 10:13:14.0396 5804 AGCoreService ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:13:14.0397 5804 DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user 10:13:14.0397 5804 DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:13:14.0397 5804 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user 10:13:14.0397 5804 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:13:14.0397 5804 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user 10:13:14.0398 5804 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:13:14.0398 5804 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 10:13:14.0398 5804 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:13:14.0398 5804 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 10:13:14.0398 5804 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:13:19.0410 5684 Deinitialize success
  4. Hi, I've tried malwarebytes anti malware and it didn't find anything. I really could use some help. I get redirected everytime I try to search from Google. Here are the 2 files from dds.com. Thanks for any help you can give me . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by Val at 21:52:25 on 2012-08-16 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.6132.4052 [GMT -4:00] . AV: Norton 360 Premier Edition *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton 360 Premier Edition *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton 360 Premier Edition *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\Dell\DellDock\DockLogin.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe C:\Program Files (x86)\AGI\core\3.1\AGCoreService.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\ccSvcHst.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\ccSvcHst.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\rundll32.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\DRIVERS\xaudio64.exe C:\Windows\System32\mobsync.exe C:\Program Files (x86)\Digital Line Detect\DLG.exe C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files\Dell\DellDock\DellDock.exe C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Webshots\3.1.5.7613\webshots.scr C:\Windows\SysWOW64\rundll32.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Windows\SysWOW64\DllHost.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\svchost.exe -k swprv C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://my.yahoo.com/?fr=yfp-t-403 uInternet Settings,ProxyOverride = *.local uURLSearchHooks: H - No File mURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll BHO: agcore.AGUtils: {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\coIEPlg.dll BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\IPS\IPSBHO.DLL BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: AIM Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\coIEPlg.dll TB: AIM Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File TB: {38542454-DFB6-44F5-B052-D4E071A3D073} - No File uRun: [Facebook Update] "C:\Users\Val\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver uRun: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe uRun: [Apple Computer] rundll32.exe "C:\Users\Val\AppData\Local\Downloaded Installations\Apple Computer\curobkdlz.dll",CreateInstance mRun: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" mRun: [ArcSoft Connection Service] "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [bar] C:\Users\Val\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KTK0Z5AI\access[1].exe mRun: [WildTangent CDA] RUNDLL32.exe "C:\Program Files (x86)\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" StartupFolder: C:\Users\Val\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe StartupFolder: C:\Users\Val\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ROLLER~1.LNK - C:\Users\Val\AppData\Local\Temp\{AEAC8A68-0596-4313-9809-20252879AA63}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe StartupFolder: C:\Users\Val\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Webshots.lnk - C:\Program Files (x86)\Webshots\3.1.5.7613\Launcher.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\DIGITA~1.LNK - C:\Program Files (x86)\Digital Line Detect\DLG.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\KODAKE~1.LNK - C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Customize Menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html IE: Fill Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html IE: RoboForm Toolbar - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html IE: Save Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html IE: {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {33E54F7F-561C-49E6-929B-D7E76D3AFEB1} - hxxp://www.worldwinner.com/games/v50/pool/pool.cab DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxp://support.dell.com/systemprofiler/SysProExe.CAB DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} - hxxp://www.worldwinner.com/games/v51/bejeweled/bejeweled.cab DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} - hxxp://www.worldwinner.com/games/launcher/ie/v2.22.01.0/iewwload.cab DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} - hxxp://www.worldwinner.com/games/v57/wof/wof.cab DPF: {BA35B9B8-DE9E-47C9-AFA7-3C77E3DDFD39} - hxxp://www.worldwinner.com/games/v46/monopoly/monopoly.cab DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} - hxxp://www.worldwinner.com/games/v49/familyfeud/familyfeud.cab DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://aolsvc.aol.com/onlinegames/bejeweled2/popcaploader_v10.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 TCP: Interfaces\{F06DF99F-D510-4855-96AE-5E9E6A9B8DFE} : DhcpNameServer = 209.18.47.61 209.18.47.62 BHO-X64: agcore.AGUtils: {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Skype add-on (mastermind): {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll BHO-X64: Skype add-on (mastermind) - No File BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-X64: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\coIEPlg.dll BHO-X64: Norton Identity Protection - No File BHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\IPS\IPSBHO.DLL BHO-X64: Norton Vulnerability Protection - No File C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll BHO-X64: RoboForm - No File BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: AIM Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll BHO-X64: AIM Toolbar Loader - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\coIEPlg.dll TB-X64: AIM Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll TB-X64: Search Toolbar: {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File TB-X64: {38542454-DFB6-44F5-B052-D4E071A3D073} - No File mRun-x64: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" mRun-x64: [ArcSoft Connection Service] "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [bar] C:\Users\Val\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KTK0Z5AI\access[1].exe mRun-x64: [WildTangent CDA] RUNDLL32.exe "C:\Program Files (x86)\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" IE-X64: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html IE-X64: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html IE-X64: {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html . ============= SERVICES / DRIVERS =============== . R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0603000.00E\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0603000.00E\SYMDS64.SYS [?] R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0603000.00E\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0603000.00E\SYMEFA64.SYS [?] R1 A2DDA;A2 Direct Disk Access Support Driver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [2012-8-16 23208] R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120811.003\BHDrvx64.sys [2012-8-10 1385120] R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\system32\drivers\N360x64\0603000.00E\ccSetx64.sys --> C:\Windows\system32\drivers\N360x64\0603000.00E\ccSetx64.sys [?] R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20120815.002\IDSviA64.sys [2012-8-15 509088] R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0603000.00E\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0603000.00E\Ironx64.SYS [?] R1 SYMTDIv;Symantec Vista Network Dispatch Driver;C:\Windows\system32\Drivers\N360x64\0603000.00E\SYMTDIV.SYS --> C:\Windows\system32\Drivers\N360x64\0603000.00E\SYMTDIV.SYS [?] R2 a2AntiMalware;Emsisoft Anti-Malware 6.6 - Service;C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [2012-8-16 3075920] R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-6-2 88576] R2 AGCoreService;AG Core Services;C:\Program Files (x86)\AGI\core\3.1\AGCoreService.exe [2009-7-7 20480] R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2008-12-18 155648] R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504] R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\ccsvchst.exe [2012-8-14 138272] R2 sprtsvc_DellComms;SupportSoft Sprocket Service (DellComms);C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe [2009-3-25 206064] R3 CAXHWBS2;CAXHWBS2;C:\Windows\system32\DRIVERS\CAXHWBS2.sys --> C:\Windows\system32\DRIVERS\CAXHWBS2.sys [?] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-9 138912] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-7-8 133104] S3 a2acc;a2acc;C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys [2012-8-16 66320] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-6 250056] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\system32\Drivers\ssadadb.sys --> C:\Windows\system32\Drivers\ssadadb.sys [?] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-7-8 133104] S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys --> C:\Windows\system32\DRIVERS\ssadbus.sys [?] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys --> C:\Windows\system32\DRIVERS\ssadmdfl.sys [?] S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys --> C:\Windows\system32\DRIVERS\ssadmdm.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768] S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-12-3 89920] . =============== File Associations =============== . JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %* . =============== Created Last 30 ================ . 2012-08-17 00:56:20 -------- d-----w- C:\ProgramData\SecTaskMan 2012-08-17 00:55:39 -------- d-----w- C:\Program Files (x86)\Security Task Manager 2012-08-16 23:23:23 -------- d-----w- C:\Program Files (x86)\Emsisoft Anti-Malware 2012-08-16 23:14:39 16200 ----a-w- C:\Windows\stinger.sys 2012-08-16 23:14:29 -------- d-----w- C:\Program Files (x86)\stinger 2012-08-15 23:41:59 2769408 ----a-w- C:\Windows\System32\win32k.sys 2012-08-15 22:20:04 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7C22E5B6-865B-4A96-A2D8-CFACB0CEB406}\mpengine.dll 2012-08-15 13:01:41 788480 ----a-w- C:\Windows\System32\localspl.dll 2012-08-15 13:01:40 623616 ----a-w- C:\Windows\SysWow64\localspl.dll 2012-08-15 01:04:37 737952 ----a-w- C:\Windows\System32\drivers\N360x64\0603000.00E\srtsp64.sys 2012-08-15 01:04:37 451192 ----a-r- C:\Windows\System32\drivers\N360x64\0603000.00E\symds64.sys 2012-08-15 01:04:37 445560 ----a-r- C:\Windows\System32\drivers\N360x64\0603000.00E\symtdiv.sys 2012-08-15 01:04:37 405624 ----a-r- C:\Windows\System32\drivers\N360x64\0603000.00E\symnets.sys 2012-08-15 01:04:37 37536 ----a-w- C:\Windows\System32\drivers\N360x64\0603000.00E\srtspx64.sys 2012-08-15 01:04:37 190072 ----a-r- C:\Windows\System32\drivers\N360x64\0603000.00E\ironx64.sys 2012-08-15 01:04:37 167072 ----a-w- C:\Windows\System32\drivers\N360x64\0603000.00E\ccsetx64.sys 2012-08-15 01:04:37 1129120 ----a-w- C:\Windows\System32\drivers\N360x64\0603000.00E\symefa64.sys 2012-08-15 01:04:17 -------- d-----w- C:\Windows\System32\drivers\N360x64\0603000.00E 2012-08-10 04:07:08 -------- d-----w- C:\N360_BACKUP 2012-08-08 20:20:49 -------- d-----w- C:\Users\Val\AppData\Local\CrashDumps . ==================== Find3M ==================== . 2012-08-14 17:49:39 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-14 17:49:39 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-08-03 20:20:28 175736 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS 2012-06-28 03:28:35 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2012-06-28 03:21:17 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-06-28 03:20:41 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-06-28 03:16:25 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-06-28 03:12:35 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-06-28 00:27:12 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-06-28 00:19:52 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-06-28 00:18:16 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-06-28 00:12:08 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-06-28 00:07:44 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-06-05 16:47:28 1401856 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-06-05 16:47:27 1248768 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-06-05 16:22:47 1797120 ----a-w- C:\Windows\System32\msxml6.dll 2012-06-05 16:22:46 1869824 ----a-w- C:\Windows\System32\msxml3.dll 2012-06-04 15:29:59 516480 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-02 22:12:13 88576 ----a-w- C:\Windows\SysWow64\wudriver.dll 2012-06-02 19:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-02 19:19:42 171904 ----a-w- C:\Windows\SysWow64\wuwebv.dll 2012-06-02 19:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-02 19:12:20 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe 2012-06-02 00:22:56 347136 ----a-w- C:\Windows\System32\schannel.dll 2012-06-02 00:22:10 254464 ----a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 00:05:11 77312 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 00:04:25 278528 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 00:03:42 204288 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-05-31 16:25:12 279656 ------w- C:\Windows\System32\MpSigStub.exe . ============= FINISH: 21:52:45.46 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume3 Install Date: 6/1/2009 7:40:11 PM System Uptime: 8/16/2012 9:28:04 PM (0 hours ago) . Motherboard: Dell Inc. | | 0T287N Processor: Intel® Core2 Duo CPU E7400 @ 2.80GHz | Socket 775 | 2800/266mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 684 GiB total, 475.946 GiB free. D: is FIXED (NTFS) - 15 GiB total, 8.448 GiB free. E: is CDROM () F: is Removable H: is Removable I: is Removable J: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft 6to4 Adapter Device ID: ROOT\*6TO4MP\0008 Manufacturer: Microsoft Name: Microsoft 6to4 Adapter PNP Device ID: ROOT\*6TO4MP\0008 Service: tunnel . ==== System Restore Points =================== . RP1194: 7/10/2012 9:46:15 AM - Scheduled Checkpoint RP1195: 7/11/2012 12:00:02 AM - Scheduled Checkpoint RP1196: 7/12/2012 10:14:07 AM - Windows Update RP1197: 7/13/2012 12:00:05 AM - Scheduled Checkpoint RP1198: 7/14/2012 12:51:25 AM - Scheduled Checkpoint RP1199: 7/15/2012 12:00:05 AM - Scheduled Checkpoint RP1200: 7/16/2012 9:48:38 AM - Scheduled Checkpoint RP1202: 7/17/2012 3:31:46 PM - Scheduled Checkpoint RP1203: 7/19/2012 12:00:04 AM - Scheduled Checkpoint RP1204: 7/20/2012 7:51:50 AM - Scheduled Checkpoint RP1205: 7/21/2012 12:00:06 AM - Scheduled Checkpoint RP1206: 7/22/2012 5:28:51 PM - Scheduled Checkpoint RP1207: 7/23/2012 7:57:55 AM - Scheduled Checkpoint RP1208: 7/24/2012 10:07:34 AM - Scheduled Checkpoint RP1209: 7/25/2012 12:00:40 AM - Scheduled Checkpoint RP1211: 7/27/2012 12:18:17 AM - Scheduled Checkpoint RP1212: 7/28/2012 12:00:09 AM - Scheduled Checkpoint RP1213: 7/29/2012 1:40:56 AM - Scheduled Checkpoint RP1214: 7/31/2012 10:20:25 PM - Scheduled Checkpoint RP1215: 8/2/2012 3:34:11 PM - Scheduled Checkpoint RP1216: 8/3/2012 7:40:13 AM - Scheduled Checkpoint RP1217: 8/4/2012 - Scheduled Checkpoint RP1218: 8/5/2012 10:04:54 AM - Scheduled Checkpoint RP1219: 8/9/2012 11:15:40 PM - Scheduled Checkpoint RP1220: 8/10/2012 1:07:42 PM - Scheduled Checkpoint RP1221: 8/12/2012 4:18:58 AM - Scheduled Checkpoint RP1222: 8/13/2012 3:27:06 PM - Scheduled Checkpoint RP1223: 8/15/2012 1:49:33 PM - Scheduled Checkpoint RP1225: 8/15/2012 6:17:10 PM - Windows Defender Checkpoint RP1226: 8/15/2012 6:19:36 PM - Windows Update RP1227: 8/15/2012 7:10:59 PM - Norton 360 Registry Clean RP1228: 8/15/2012 7:38:17 PM - Windows Update RP1229: 8/16/2012 8:15:10 AM - Scheduled Checkpoint RP1230: 8/16/2012 8:58:38 PM - Move file to quarantine: SearchToolbar.dll RP1231: 8/16/2012 9:00:50 PM - Uninstall "Conduit Toolbar" RP1232: 8/16/2012 9:06:37 PM - Removed Bing Bar . ==== Installed Programs ====================== . AA3Deploy Acrobat.com Adobe AIR Adobe Download Assistant Adobe Flash Player 10 Plugin Adobe Flash Player 11 ActiveX Adobe Reader 9.5.0 Adobe Shockwave Player 11.5 AI RoboForm (All Users) AIM 7 AIM Toolbar AIO_Scan Apple Software Update ArcSoft Print Creations ArcSoft Print Creations - Album Page ArcSoft Print Creations - Funhouse ArcSoft Print Creations - Greeting Card ArcSoft Print Creations - Photo Book ArcSoft Print Creations - Photo Calendar ArcSoft Print Creations - Scrapbook ArcSoft Print Creations - Slimline Card Backyard Basketball Bejeweled 2 Deluxe® Bejeweled 3 Blackhawk Striker 2 from WildTangent (remove only) Bonjour BufferChm C4200 C4200_doccd c4200_Help CardRd81 CCScore Choice Guard Compatibility Pack for the 2007 Office system Consumer In-Home Service Agreement Copy Coupon Printer for Windows CR2 Crown Jewels 10K CustomerResearchQFolder Dell-eBay Dell Communications (Support Software) Dell Getting Started Guide Destination Component DeviceDiscovery DeviceManagementQFolder Digital Line Detect DocProc DocProcQFolder Download Updater (AOL LLC) EA Download Manager Emsisoft Anti-Malware ESSBrwr ESSCDBK ESScore ESSgui ESSini ESSPCD ESSPDock ESSTOOLS essvatgt eSupportQFolder Facebook Video Calling 1.2.0.159 GEAR driver installer for x86 and x64 Google Chrome Google Earth Google Update Helper Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HP Photosmart Essential2.01 HP Update HPProductAssistant HPSSupply Hunting Unlimited 2010 Java Auto Updater Java 6 Update 30 Junk Mail filter update Kies mini Kodak EasyShare software LimeWire 5.1.4 Malwarebytes' Anti-Malware MarketResearch Microsoft Fighter Ace II Microsoft Flight Simulator 2002 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Word Viewer 2003 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft VC9 runtime libraries Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works Microsoft WSE 3.0 Runtime Morpheus Photo Warper v3.16 Move Media Player MS Access 97 SP2 MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) netbrdg NetWaiting Network Play System (Patching) NoPayPOKER Norton 360 Octoshape add-in for Adobe Flash Player OfotoXMI PowerDVD PS_AIO_ProductContext PS_AIO_Software PS_AIO_Software_min PSSWCORE PunkBuster Services Quake Live Internet Explorer Plugin QuickTime Realtek High Definition Audio Driver Roll RollerCoaster Tycoon 2 RollerCoaster Tycoon® 3 Roxio Creator Audio Roxio Creator Copy Roxio Creator Data Roxio Creator DE Roxio Creator Tools Roxio Express Labeler 3 Roxio Update Manager Scan SecondLife (remove only) Security Task Manager 1.8d Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) SFR SFR2 SHASTA Silver Oak Casino SimCity 3000 Unlimited Ski Resort Tycoon 2 skin0001 SKINXSDK Skype web features SolutionCenter Spelling Dictionaries Support For Adobe Reader 9 staticcr Status The Sims™ 3 The Sims™ 3 Create a World Tool - Beta Toolbox tooltips TrayApp UnloadSupport Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) VideoToolkit01 Vietnam: Black Ops 2 v1.1 VPRINTOL WebReg Webshots Desktop Weight Watchers Light and Tasty Deluxe West Point Bridge Designer 2011 (2nd Edition) (remove only) WildTangent Games WildTangent Web Driver Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Sync Windows Live Upload Tool Windows Live Writer WIRELESS Yahtzee Zylom Games Player Plugin . ==== Event Viewer Messages From Past Week ======== . 8/9/2012 4:03:07 PM, Error: EventLog [6008] - The previous system shutdown at 3:52:25 PM on 8/9/2012 was unexpected. 8/16/2012 8:40:39 PM, Error: Service Control Manager [7034] - The SupportSoft Sprocket Service (DellComms) service terminated unexpectedly. It has done this 1 time(s). 8/16/2012 8:40:39 PM, Error: Service Control Manager [7034] - The PnkBstrA service terminated unexpectedly. It has done this 1 time(s). 8/15/2012 12:16:14 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user ValD-PC\Val SID (S-1-5-21-3696039469-2759666096-1833586947-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 8/11/2012 7:07:41 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service. 8/11/2012 7:07:11 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TrkWks service. 8/10/2012 7:50:54 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {A47979D2-C419-11D9-A5B4-001185AD2B89} to the user ValD-PC\Val SID (S-1-5-21-3696039469-2759666096-1833586947-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. . ==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.