ubigred
-
Posts
31 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by ubigred
-
So should I give up on Defender?
-
Will try the system cleaning this weekend.
-
Defender still not working.
-
When I do into Security Center and try to enable Windows Defender. I get an error message. It says: Security Center can't update definitions for Windows Defender. When I try clicking on Windows defender from the start menu , I get this error message: Error Found Code: 0x80096001
-
How do I screen shot from the laptop?
-
http://www.pcpitstop...?conid=25091172
-
Windows can not update definitions.
-
Thank you , wireless is working now. Two issues left. 1. How do I speed up my system? 2. Windows defender still does not work.
-
Intel ® Wireless WiFi Link 5100
-
How install the wireless drivers? Factory reset, did not help.
-
ComboFix 12-09-24.03 - Owner 09/25/2012 19:46:44.4.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2939.1689 [GMT -5:00] Running from: c:\users\Owner\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2012-08-26 to 2012-09-26 ))))))))))))))))))))))))))))))) . . 2012-09-26 01:05 . 2012-09-26 01:05 -------- d-----w- c:\users\Owner\AppData\Local\temp 2012-09-26 01:05 . 2012-09-26 01:05 -------- d-----w- c:\users\Guest\AppData\Local\temp 2012-09-26 01:05 . 2012-09-26 01:05 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-09-21 20:24 . 2012-09-21 20:24 -------- d-----w- c:\users\Default\AppData\Local\Google 2012-09-07 23:29 . 2012-09-07 23:29 -------- d-----w- c:\program files\ESET 2012-08-28 02:35 . 2011-03-12 21:55 876032 ----a-w- c:\windows\system32\XpsPrint.dll 2012-08-28 02:35 . 2012-03-01 14:46 219648 ----a-w- c:\windows\system32\d3d10_1core.dll 2012-08-28 02:35 . 2012-02-29 14:08 1172480 ----a-w- c:\windows\system32\d3d10warp.dll 2012-08-28 02:35 . 2012-02-29 13:44 683008 ----a-w- c:\windows\system32\d2d1.dll 2012-08-28 02:35 . 2012-02-29 13:41 1069056 ----a-w- c:\windows\system32\DWrite.dll 2012-08-28 02:35 . 2012-03-01 14:46 160768 ----a-w- c:\windows\system32\d3d10_1.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-25 09:00 . 2012-08-25 09:00 161792 ----a-w- c:\windows\system32\msls31.dll 2012-08-25 09:00 . 2012-08-25 09:00 1129472 ----a-w- c:\windows\system32\wininet.dll 2012-08-25 09:00 . 2012-08-25 09:00 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2012-08-25 09:00 . 2012-08-25 09:00 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2012-08-25 09:00 . 2012-08-25 09:00 48640 ----a-w- c:\windows\system32\mshtmler.dll 2012-08-25 09:00 . 2012-08-25 09:00 86528 ----a-w- c:\windows\system32\iesysprep.dll 2012-08-25 09:00 . 2012-08-25 09:00 63488 ----a-w- c:\windows\system32\tdc.ocx 2012-08-25 09:00 . 2012-08-25 09:00 367104 ----a-w- c:\windows\system32\html.iec 2012-08-25 09:00 . 2012-08-25 09:00 74752 ----a-w- c:\windows\system32\iesetup.dll 2012-08-25 09:00 . 2012-08-25 09:00 23552 ----a-w- c:\windows\system32\licmgr10.dll 2012-08-25 09:00 . 2012-08-25 09:00 152064 ----a-w- c:\windows\system32\wextract.exe 2012-08-25 09:00 . 2012-08-25 09:00 150528 ----a-w- c:\windows\system32\iexpress.exe 2012-08-25 09:00 . 2012-08-25 09:00 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2012-08-25 09:00 . 2012-08-25 09:00 420864 ----a-w- c:\windows\system32\vbscript.dll 2012-08-25 09:00 . 2012-08-25 09:00 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-08-25 09:00 . 2012-08-25 09:00 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2012-08-25 09:00 . 2012-08-25 09:00 11776 ----a-w- c:\windows\system32\mshta.exe 2012-08-25 09:00 . 2012-08-25 09:00 101888 ----a-w- c:\windows\system32\admparse.dll 2012-08-25 09:00 . 2012-08-25 09:00 35840 ----a-w- c:\windows\system32\imgutil.dll 2012-08-25 09:00 . 2012-08-25 09:00 1800704 ----a-w- c:\windows\system32\jscript9.dll 2012-08-25 09:00 . 2012-08-25 09:00 110592 ----a-w- c:\windows\system32\IEAdvpack.dll 2012-08-25 08:58 . 2012-08-25 08:58 979456 ----a-w- c:\windows\system32\MFH264Dec.dll 2012-08-25 08:58 . 2012-08-25 08:58 98816 ----a-w- c:\windows\system32\mfps.dll 2012-08-25 08:58 . 2012-08-25 08:58 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll 2012-08-25 08:58 . 2012-08-25 08:58 302592 ----a-w- c:\windows\system32\mfmp4src.dll 2012-08-25 08:58 . 2012-08-25 08:58 2873344 ----a-w- c:\windows\system32\mf.dll 2012-08-25 08:58 . 2012-08-25 08:58 261632 ----a-w- c:\windows\system32\mfreadwrite.dll 2012-08-25 08:58 . 2012-08-25 08:58 586240 ----a-w- c:\windows\system32\stobject.dll 2012-08-25 08:58 . 2012-08-25 08:58 209920 ----a-w- c:\windows\system32\mfplat.dll 2012-08-25 08:58 . 2012-08-25 08:58 135680 ----a-w- c:\windows\system32\XpsRasterService.dll 2012-08-25 08:58 . 2012-08-25 08:58 486400 ----a-w- c:\windows\system32\d3d10level9.dll 2012-08-25 08:58 . 2012-08-25 08:58 638336 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2012-08-25 08:58 . 2012-08-25 08:58 478720 ----a-w- c:\windows\system32\dxgi.dll 2012-08-25 08:58 . 2012-08-25 08:58 37376 ----a-w- c:\windows\system32\cdd.dll 2012-08-25 08:58 . 2012-08-25 08:58 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll 2012-08-25 08:58 . 2012-08-25 08:58 258048 ----a-w- c:\windows\system32\winspool.drv 2012-08-25 08:58 . 2012-08-25 08:58 189952 ----a-w- c:\windows\system32\d3d10core.dll 2012-08-25 08:58 . 2012-08-25 08:58 1029120 ----a-w- c:\windows\system32\d3d10.dll 2012-08-25 08:58 . 2012-08-25 08:58 847360 ----a-w- c:\windows\system32\OpcServices.dll 2012-08-25 08:58 . 2012-08-25 08:58 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe 2012-08-25 08:58 . 2012-08-25 08:58 1554432 ----a-w- c:\windows\system32\xpsservices.dll 2012-08-25 08:55 . 2012-08-25 08:55 4096 ----a-w- c:\windows\system32\drivers\en-US\dxgkrnl.sys.mui 2012-08-25 08:55 . 2012-08-25 08:55 369664 ----a-w- c:\windows\system32\WMPhoto.dll 2012-08-25 08:55 . 2012-08-25 08:55 252928 ----a-w- c:\windows\system32\dxdiag.exe 2012-08-25 08:55 . 2012-08-25 08:55 195584 ----a-w- c:\windows\system32\dxdiagn.dll 2012-08-25 08:55 . 2012-08-25 08:55 519680 ----a-w- c:\windows\system32\d3d11.dll 2012-08-25 08:55 . 2012-08-25 08:55 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll 2012-08-25 08:55 . 2012-08-25 08:55 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll 2012-08-25 08:55 . 2012-08-25 08:55 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll 2012-08-08 20:55 . 2012-08-08 20:55 476976 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-08-08 20:55 . 2011-06-06 22:53 472880 ----a-w- c:\windows\system32\deployJava1.dll 2012-08-02 20:16 . 2012-08-02 20:16 4024320 ----a-w- c:\program files\GUT841A.tmp 2012-07-19 07:00 . 2012-04-02 20:01 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-07-19 07:00 . 2011-05-31 16:02 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-04 14:02 . 2012-08-25 09:02 2047488 ----a-w- c:\windows\system32\win32k.sys 2012-07-03 18:46 . 2011-12-13 06:03 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-07-03 16:21 . 2010-06-13 07:00 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-07-03 16:21 . 2011-12-12 20:10 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-07-03 16:21 . 2010-06-13 07:00 353688 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-07-03 16:21 . 2010-06-13 07:00 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-07-03 16:21 . 2010-06-13 07:00 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2012-07-03 16:21 . 2010-06-13 07:00 57656 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-07-03 16:21 . 2010-09-10 22:00 41224 ----a-w- c:\windows\avastSS.scr 2012-07-03 16:21 . 2010-06-13 06:59 227648 ----a-w- c:\windows\system32\aswBoot.exe 2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll 2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll 2012-08-05 18:15 . 2011-09-16 00:44 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-07-03 16:21 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2012-09-06 20:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2012-09-06 20:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2012-09-06 20:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2012-09-06 20:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2008-04-24 430080] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "MusicManager"="c:\users\Owner\AppData\Local\Programs\Google\MusicManager\MusicManager.exe" [2012-08-31 7321600] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-25 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-25 150040] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-25 170520] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-25 145944] "RtHDVCpl"="RtHDVCpl.exe" [2008-04-08 6037504] "Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2008-07-31 417792] "TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-02-06 431456] "HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-11-01 54608] "SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2007-06-16 448080] "00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-03-19 716800] "ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-28 75136] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-07 1029416] "NDSTray.exe"="NDSTray.exe" [bU] "ToshibaServiceStation"="c:\program files\TOSHIBA\TOSHIBA Service Station\TSS.exe" [2008-08-04 1242424] "PCMAgent"="c:\program files\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe" [2007-12-14 143360] "CLMLServer"="c:\program files\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe" [2008-07-11 188416] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-11 417792] "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "CinemaNowMediaManagerApp"="c:\program files\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe" [2010-01-14 2148848] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-16 1164584] "HTC Sync Loader"="c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2011-01-27 585728] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2009-12-18 40368] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] . c:\users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2010-4-6 494920] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr bthsvcs REG_MULTI_SZ BthServ LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Contents of the 'Scheduled Tasks' folder . 2012-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-21 20:07] . 2012-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-21 20:07] . 2012-09-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1038527918-3062837077-4051479591-1000Core.job - c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-02 17:06] . 2012-09-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1038527918-3062837077-4051479591-1000UA.job - c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-02 17:06] . . ------- Supplementary Scan ------- . uStart Page = about:blank IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html Trusted Zone: cinemanow.com TCP: DhcpNameServer = 192.168.254.254 FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6zil0nd0.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=109935&tt=050412_30b&babsrc=HP_ss&mntrId=1254a72700000000000000216b26add0 FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=109935&tt=050412_30b&babsrc=KW_ss&mntrId=1254a72700000000000000216b26add0&q= FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109935&tt=050412_30b FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.id - 1254a72700000000000000216b26add0 FF - user.js: extensions.BabylonToolbar_i.hardId - 1254a72700000000000000216b26add0 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15440 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1711:34 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9 FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-09-25 20:05 Windows 6.0.6002 Service Pack 2 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . HKCU\Software\Microsoft\Windows\CurrentVersion\Run TOSCDSPD = c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe?/i?????m5uk????h????????????????? . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Completion time: 2012-09-25 20:08:56 ComboFix-quarantined-files.txt 2012-09-26 01:08 ComboFix2.txt 2012-09-26 00:33 ComboFix3.txt 2012-09-10 05:21 ComboFix4.txt 2012-09-05 16:53 . Pre-Run: 111,320,182,784 bytes free Post-Run: 111,288,856,576 bytes free . - - End Of File - - 210B15471A20DAA0C65191678BF06186
-
Yes I can connect directly and internet works.
-
I usually connect using wireless .
-
I am still not getting internet when I reboot in Safe Mode w/networking.
-
I already uninstalled Norton using Add/Remove programs. Nothing that I can think of , it just stopped working . I am wireless. The only way I can get online is if I use tether via usb with my cell phone. Cell phone is hooked up to wifi.
-
My internet is no longer working? It just started happening out of the blue.
-
3. Which program should I use Windows Defender or Avast (free version)?
-
1. Should I defrag my system? 2. Windows Defender does not update. Error code: Code 0x80096001 (not sure if it even works)
-
# AdwCleaner v2.000 - Logfile created 09/07/2012 at 23:06:48 # Updated 30/08/2012 by Xplode # Operating system : Windows Vista Home Premium Service Pack 2 (32 bits) # User : Owner - OWNER-PC # Boot Mode : Normal # Running from : C:\Users\Owner\Downloads\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** File Found : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml File Found : C:\user.js Folder Found : C:\ProgramData\Babylon Folder Found : C:\Users\Owner\AppData\Local\Babylon Folder Found : C:\Users\Owner\AppData\LocalLow\BabylonToolbar Folder Found : C:\Users\Owner\AppData\LocalLow\Vuze_Remote Folder Found : C:\Users\Owner\AppData\Roaming\Babylon Folder Found : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6zil0nd0.default\ConduitCommon ***** [Registry] ***** Key Found : HKCU\Software\AppDataLow\Software\AskToolbar Key Found : HKCU\Software\Ask.com Key Found : HKCU\Software\Conduit Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Found : HKLM\Software\Babylon Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Found : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2504091 Key Found : HKLM\Software\Conduit Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF Key Found : HKU\S-1-5-21-1038527918-3062837077-4051479591-1000\Software\Microsoft\Internet Explorer\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF} Key Found : HKU\S-1-5-21-1038527918-3062837077-4051479591-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Registry is clean. -\\ Mozilla Firefox v14.0.1 (en-US) Profile name : default File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6zil0nd0.default\prefs.js Found : user_pref("CT2504091..clientLogIsEnabled", true); Found : user_pref("CT2504091..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...] Found : user_pref("CT2504091..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...] Found : user_pref("CT2504091.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Found : user_pref("CT2504091.BrowserCompStateIsOpen_129566938558801595", true); Found : user_pref("CT2504091.CTID", "CT2504091"); Found : user_pref("CT2504091.CurrentServerDate", "28-11-2011"); Found : user_pref("CT2504091.DSInstall", true); Found : user_pref("CT2504091.DialogsAlignMode", "LTR"); Found : user_pref("CT2504091.DialogsGetterLastCheckTime", "Sat Nov 26 2011 11:32:16 GMT-0600 (Central Standa[...] Found : user_pref("CT2504091.DownloadReferralCookieData", ""); Found : user_pref("CT2504091.EMailNotifierPollDate", "Mon Oct 31 2011 14:14:16 GMT-0500 (Central Daylight Ti[...] Found : user_pref("CT2504091.FeedLastCount129079840422964131", 11); Found : user_pref("CT2504091.FeedPollDate128891351169457140", "Mon Nov 28 2011 02:59:14 GMT-0600 (Central St[...] Found : user_pref("CT2504091.FeedPollDate129079840422964131", "Mon Oct 31 2011 14:14:17 GMT-0500 (Central Da[...] Found : user_pref("CT2504091.FeedTTL128891351169457140", 40); Found : user_pref("CT2504091.FirstServerDate", "31-10-2011"); Found : user_pref("CT2504091.FirstTime", true); Found : user_pref("CT2504091.FirstTimeFF3", true); Found : user_pref("CT2504091.FixPageNotFoundErrors", true); Found : user_pref("CT2504091.GroupingServerCheckInterval", 1440); Found : user_pref("CT2504091.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Found : user_pref("CT2504091.HPInstall", false); Found : user_pref("CT2504091.HasUserGlobalKeys", true); Found : user_pref("CT2504091.HomePageProtectorEnabled", false); Found : user_pref("CT2504091.HomepageBeforeUnload", "chrome://branding/locale/browserconfig.properties"); Found : user_pref("CT2504091.Initialize", true); Found : user_pref("CT2504091.InitializeCommonPrefs", true); Found : user_pref("CT2504091.InstallationAndCookieDataSentCount", 3); Found : user_pref("CT2504091.InstallationType", "ConduitIntegration"); Found : user_pref("CT2504091.InstalledDate", "Mon Oct 31 2011 14:14:16 GMT-0500 (Central Daylight Time)"); Found : user_pref("CT2504091.IsAlertDBUpdated", true); Found : user_pref("CT2504091.IsGrouping", false); Found : user_pref("CT2504091.IsInitSetupIni", true); Found : user_pref("CT2504091.IsMulticommunity", false); Found : user_pref("CT2504091.IsOpenThankYouPage", false); Found : user_pref("CT2504091.IsOpenUninstallPage", false); Found : user_pref("CT2504091.LanguagePackLastCheckTime", "Mon Nov 28 2011 01:24:03 GMT-0600 (Central Standar[...] Found : user_pref("CT2504091.LanguagePackReloadIntervalMM", 1440); Found : user_pref("CT2504091.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Found : user_pref("CT2504091.LastLogin_3.7.0.6", "Sun Nov 27 2011 22:23:44 GMT-0600 (Central Standard Time)"[...] Found : user_pref("CT2504091.LatestVersion", "3.8.0.8"); Found : user_pref("CT2504091.Locale", "en-us"); Found : user_pref("CT2504091.MCDetectTooltipHeight", "83"); Found : user_pref("CT2504091.MCDetectTooltipShow", false); Found : user_pref("CT2504091.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Found : user_pref("CT2504091.MCDetectTooltipWidth", "295"); Found : user_pref("CT2504091.MyStuffEnabledAtInstallation", true); Found : user_pref("CT2504091.OriginalFirstVersion", "3.7.0.6"); Found : user_pref("CT2504091.SearchCaption", "Web Search"); Found : user_pref("CT2504091.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties"); Found : user_pref("CT2504091.SearchFromAddressBarIsInit", true); Found : user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT250[...] Found : user_pref("CT2504091.SearchInNewTabEnabled", true); Found : user_pref("CT2504091.SearchInNewTabIntervalMM", 1440); Found : user_pref("CT2504091.SearchInNewTabLastCheckTime", "Sat Nov 26 2011 11:32:14 GMT-0600 (Central Stand[...] Found : user_pref("CT2504091.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...] Found : user_pref("CT2504091.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...] Found : user_pref("CT2504091.SearchProtectorEnabled", false); Found : user_pref("CT2504091.SearchProtectorToolbarDisabled", false); Found : user_pref("CT2504091.SendProtectorDataViaLogin", true); Found : user_pref("CT2504091.ServiceMapLastCheckTime", "Sat Nov 26 2011 11:32:15 GMT-0600 (Central Standard [...] Found : user_pref("CT2504091.SettingsLastCheckTime", "Mon Nov 28 2011 01:24:03 GMT-0600 (Central Standard Ti[...] Found : user_pref("CT2504091.SettingsLastUpdate", "1319755934"); Found : user_pref("CT2504091.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2504091&SearchSource=13"); Found : user_pref("CT2504091.ThirdPartyComponentsInterval", 504); Found : user_pref("CT2504091.ThirdPartyComponentsLastCheck", "Mon Nov 21 2011 17:50:27 GMT-0600 (Central Sta[...] Found : user_pref("CT2504091.ThirdPartyComponentsLastUpdate", "1312887586"); Found : user_pref("CT2504091.ToolbarShrinkedFromSetup", false); Found : user_pref("CT2504091.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2504091"); Found : user_pref("CT2504091.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...] Found : user_pref("CT2504091.UserID", "UN12469748857284946"); Found : user_pref("CT2504091.ValidationData_Toolbar", 1); Found : user_pref("CT2504091.alertChannelId", "897164"); Found : user_pref("CT2504091.approveUntrustedApps", false); Found : user_pref("CT2504091.backendstorage._gpl_firstrun10100", "31333230303838353132"); Found : user_pref("CT2504091.backendstorage.for_aoi", "31333230303838343636"); Found : user_pref("CT2504091.backendstorage.for_ccid", "5375676172204C616E64"); Found : user_pref("CT2504091.backendstorage.for_cdtr2", "31333230303838343636"); Found : user_pref("CT2504091.backendstorage.for_cdtr6", "31333230303838343636"); Found : user_pref("CT2504091.backendstorage.for_cid", "5553"); Found : user_pref("CT2504091.backendstorage.for_ip", "3135312E3231332E3138382E323333"); Found : user_pref("CT2504091.backendstorage.for_lcut", "31333230303838343636"); Found : user_pref("CT2504091.backendstorage.for_pid", "31303231"); Found : user_pref("CT2504091.backendstorage.for_rid", "5458"); Found : user_pref("CT2504091.backendstorage.for_zoneid", "3130313537"); Found : user_pref("CT2504091.backendstorage.hxxp://dl_gameplaylabs_com/items/conduit/temp._gpl_firstrun10100[...] Found : user_pref("CT2504091.components.1000034", false); Found : user_pref("CT2504091.components.129079840422964131", false); Found : user_pref("CT2504091.components.129079849636241789", false); Found : user_pref("CT2504091.components.129408243997825547", false); Found : user_pref("CT2504091.components.129593776931068636", false); Found : user_pref("CT2504091.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...] Found : user_pref("CT2504091.globalFirstTimeInfoLastCheckTime", "Sun Nov 27 2011 22:28:51 GMT-0600 (Central [...] Found : user_pref("CT2504091.homepageProtectorEnableByLogin", true); Found : user_pref("CT2504091.initDone", true); Found : user_pref("CT2504091.isAppTrackingManagerOn", true); Found : user_pref("CT2504091.myStuffEnabled", true); Found : user_pref("CT2504091.myStuffPublihserMinWidth", 400); Found : user_pref("CT2504091.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...] Found : user_pref("CT2504091.myStuffServiceIntervalMM", 1440); Found : user_pref("CT2504091.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...] Found : user_pref("CT2504091.oldAppsList", "129079840421557838,129079840422026594,111,129079849636241789,129[...] Found : user_pref("CT2504091.revertSettingsEnabled", false); Found : user_pref("CT2504091.searchProtectorDialogDelayInSec", 10); Found : user_pref("CT2504091.searchProtectorEnableByLogin", true); Found : user_pref("CT2504091.testingCtid", ""); Found : user_pref("CT2504091.toolbarAppMetaDataLastCheckTime", "Sat Nov 26 2011 11:32:15 GMT-0600 (Central S[...] Found : user_pref("CT2504091.toolbarContextMenuLastCheckTime", "Tue Nov 22 2011 13:55:20 GMT-0600 (Central S[...] Found : user_pref("CT2504091.undefined", "Mon Oct 31 2011 14:14:17 GMT-0500 (Central Daylight Time)"); Found : user_pref("CT2504091.usagesFlag", 2); Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/897164/892962/US", "\"0\"")[...] Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2504091", [...] Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...] Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...] Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...] Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...] Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...] Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...] Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...] Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...] Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...] Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.[...] Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2504091",[...] Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2504091&octid=[...] Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...] Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Owner\\AppData\\Roaming\\Mozilla\\F[...] Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.7.0.6"); Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", ""); Found : user_pref("CommunityToolbar.ToolbarsList", "CT2504091"); Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2504091"); Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2504091"); Found : user_pref("CommunityToolbar.globalUserId", "9a12b527-3b96-4682-a298-42acec3721ed"); Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Tue Nov 22 2011 13:55:1[...] Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440); Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sat Nov 26 2011 11:32:23 GMT-060[...] Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com"); Found : user_pref("CommunityToolbar.notifications.locale", "en"); Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440); Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Nov 27 2011 11:32:14 GMT-0600 (C[...] Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611"); Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20); Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com"); Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false); Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300); Found : user_pref("CommunityToolbar.notifications.userId", "1b208792-d478-452e-9540-b24bbdf1ae8b"); Found : user_pref("CommunityToolbar.originalHomepage", "chrome://branding/locale/browserconfig.properties"); Found : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...] Found : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com"); Found : user_pref("browser.search.defaultenginename", "Search the web (Babylon)"); Found : user_pref("browser.search.order.1", "Search the web (Babylon)"); Found : user_pref("browser.startup.homepage", "hxxp://search.babylon.com/?affID=109935&tt=050412_30b&babsrc=[...] Found : user_pref("extensions.BabylonToolbar_i.aflt", "babsst"); Found : user_pref("extensions.BabylonToolbar_i.babExt", ""); Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109935&tt=050412_30b"); Found : user_pref("extensions.BabylonToolbar_i.hardId", "1254a72700000000000000216b26add0"); Found : user_pref("extensions.BabylonToolbar_i.id", "1254a72700000000000000216b26add0"); Found : user_pref("extensions.BabylonToolbar_i.instlDay", "15440"); Found : user_pref("extensions.BabylonToolbar_i.instlRef", "sst"); Found : user_pref("extensions.BabylonToolbar_i.newTab", true); Found : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=109935&tt=05041[...] Found : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar"); Found : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon"); Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); Found : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9"); Found : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17"); Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1711:34:45"); Found : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17"); Found : user_pref("extensions.vshare@toolbar.install-event-fired", true); Found : user_pref("keyword.URL", "hxxp://search.babylon.com/?affID=109935&tt=050412_30b&babsrc=KW_ss&mntrId=[...] -\\ Google Chrome v21.0.1180.89 File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [18078 octets] - [07/09/2012 23:06:48] ########## EOF - C:\AdwCleaner[R1].txt - [18139 octets] ########## Results of screen317's Security Check version 0.99.50 Windows Vista Service Pack 2 x86 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! avast! Antivirus Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.62.0.1300 Java 6 Update 33 Java 6 Update 6 Java version out of Date! Adobe Flash Player 10 Flash Player out of Date! Adobe Flash Player 11.3.300.265 Adobe Reader 8 Adobe Reader out of Date! Mozilla Firefox 4.0b6 Firefox out of Date! Google Chrome 21.0.1180.83 Google Chrome 21.0.1180.89 ````````Process Check: objlist.exe by Laurent```````` ESET ESET Online Scanner OnlineCmdLineScanner.exe Alwil Software Avast5 AvastSvc.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 4 % Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log``````````````````````
-
C:\Documents and Settings\Owner\Desktop\GS3\Photo.zip Win32/TrojanDownloader.Agent.RAG trojan deleted - quarantined C:\Documents and Settings\Owner\Desktop\GS3\BoatDownload\com.nanoha.SenseScreen-2.3.apk a variant of Android/Adware.AirPush.C application deleted - quarantined C:\Documents and Settings\Owner\Desktop\GS3\download\PicDial160.apk Android/Adware.AirPush.A application deleted - quarantined C:\Documents and Settings\Owner\Desktop\GS3-2\Photo.zip Win32/TrojanDownloader.Agent.RAG trojan deleted - quarantined C:\Documents and Settings\Owner\Desktop\GS3-2\BoatDownload\com.nanoha.SenseScreen-2.3.apk a variant of Android/Adware.AirPush.C application deleted - quarantined C:\Documents and Settings\Owner\Desktop\GS3-2\download\PicDial160.apk Android/Adware.AirPush.A application deleted - quarantined C:\Documents and Settings\Owner\Desktop\GS3-2\external_sd\rerware\MyBackup\AllAppsBackups\Schedule\Apps\com.nanoha.SenseScreen_27.apk a variant of Android/Adware.AirPush.C application deleted - quarantined C:\Documents and Settings\Owner\Desktop\GS3-2\external_sd\rerware\MyBackup\AllAppsBackups\Schedule\Apps\great.app.luck_22.apk a variant of Android/Adware.AirPush.C application deleted - quarantined
-
18:22:17.0981 8100 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48 18:22:18.0345 8100 ============================================================ 18:22:18.0345 8100 Current date / time: 2012/09/07 18:22:18.0345 18:22:18.0345 8100 SystemInfo: 18:22:18.0345 8100 18:22:18.0345 8100 OS Version: 6.0.6002 ServicePack: 2.0 18:22:18.0345 8100 Product type: Workstation 18:22:18.0345 8100 ComputerName: OWNER-PC 18:22:18.0346 8100 UserName: Owner 18:22:18.0346 8100 Windows directory: C:\Windows 18:22:18.0346 8100 System windows directory: C:\Windows 18:22:18.0346 8100 Processor architecture: Intel x86 18:22:18.0346 8100 Number of processors: 2 18:22:18.0346 8100 Page size: 0x1000 18:22:18.0346 8100 Boot type: Normal boot 18:22:18.0346 8100 ============================================================ 18:22:19.0958 8100 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 18:22:19.0963 8100 ============================================================ 18:22:19.0963 8100 \Device\Harddisk0\DR0: 18:22:19.0963 8100 MBR partitions: 18:22:19.0963 8100 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1CED7000 18:22:19.0963 8100 ============================================================ 18:22:20.0057 8100 C: <-> \Device\Harddisk0\DR0\Partition1 18:22:20.0058 8100 ============================================================ 18:22:20.0058 8100 Initialize success 18:22:20.0058 8100 ============================================================ 18:23:00.0939 4784 ============================================================ 18:23:00.0939 4784 Scan started 18:23:00.0939 4784 Mode: Manual; 18:23:00.0939 4784 ============================================================ 18:23:01.0504 4784 ================ Scan system memory ======================== 18:23:01.0505 4784 System memory - ok 18:23:01.0505 4784 ================ Scan services ============================= 18:23:01.0828 4784 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys 18:23:01.0835 4784 ACPI - ok 18:23:02.0020 4784 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 18:23:02.0032 4784 adp94xx - ok 18:23:02.0084 4784 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys 18:23:02.0093 4784 adpahci - ok 18:23:02.0144 4784 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys 18:23:02.0148 4784 adpu160m - ok 18:23:02.0237 4784 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 18:23:02.0241 4784 adpu320 - ok 18:23:02.0483 4784 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 18:23:02.0486 4784 AeLookupSvc - ok 18:23:02.0622 4784 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys 18:23:02.0630 4784 AFD - ok 18:23:02.0715 4784 [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe 18:23:02.0718 4784 AgereModemAudio - ok 18:23:02.0811 4784 [ CE91B158FA490CF4C4D487A4130F4660 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys 18:23:02.0886 4784 AgereSoftModem - ok 18:23:02.0928 4784 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys 18:23:02.0931 4784 agp440 - ok 18:23:02.0981 4784 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys 18:23:02.0984 4784 aic78xx - ok 18:23:03.0041 4784 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe 18:23:03.0044 4784 ALG - ok 18:23:03.0117 4784 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys 18:23:03.0119 4784 aliide - ok 18:23:03.0176 4784 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys 18:23:03.0178 4784 amdagp - ok 18:23:03.0225 4784 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys 18:23:03.0227 4784 amdide - ok 18:23:03.0266 4784 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys 18:23:03.0268 4784 AmdK7 - ok 18:23:03.0345 4784 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 18:23:03.0347 4784 AmdK8 - ok 18:23:03.0431 4784 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll 18:23:03.0434 4784 Appinfo - ok 18:23:03.0471 4784 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys 18:23:03.0474 4784 arc - ok 18:23:03.0525 4784 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys 18:23:03.0528 4784 arcsas - ok 18:23:03.0965 4784 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 18:23:03.0968 4784 aspnet_state - ok 18:23:04.0116 4784 [ 1C1F3D6DDDC046C920C493A779649F66 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys 18:23:04.0117 4784 aswFsBlk - ok 18:23:04.0172 4784 [ A48D8015AF2A0D8B4937613FFBFD28DE ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys 18:23:04.0174 4784 aswMonFlt - ok 18:23:04.0227 4784 [ 982E275D1C5801042FE94209FB0160FB ] aswRdr C:\Windows\system32\drivers\aswRdr.sys 18:23:04.0229 4784 aswRdr - ok 18:23:04.0332 4784 [ 73DBCF808E00580F2A47F93DD9B03876 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys 18:23:04.0344 4784 aswSnx - ok 18:23:04.0371 4784 [ 6CBD7D3A33F498D09C831CDD732DA2E0 ] aswSP C:\Windows\system32\drivers\aswSP.sys 18:23:04.0377 4784 aswSP - ok 18:23:04.0406 4784 [ 7109A9AA551F37CD168C02368465957E ] aswTdi C:\Windows\system32\drivers\aswTdi.sys 18:23:04.0408 4784 aswTdi - ok 18:23:04.0481 4784 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 18:23:04.0483 4784 AsyncMac - ok 18:23:04.0565 4784 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys 18:23:04.0567 4784 atapi - ok 18:23:04.0648 4784 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 18:23:04.0658 4784 AudioEndpointBuilder - ok 18:23:04.0714 4784 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll 18:23:04.0720 4784 Audiosrv - ok 18:23:05.0007 4784 [ 2F7C0F3E39C45E0127FB78B2F18A41F3 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe 18:23:05.0009 4784 avast! Antivirus - ok 18:23:05.0226 4784 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys 18:23:05.0227 4784 Beep - ok 18:23:05.0318 4784 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll 18:23:05.0325 4784 BFE - ok 18:23:05.0476 4784 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll 18:23:05.0491 4784 BITS - ok 18:23:05.0564 4784 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 18:23:05.0566 4784 blbdrive - ok 18:23:05.0637 4784 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys 18:23:05.0639 4784 bowser - ok 18:23:05.0692 4784 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys 18:23:05.0693 4784 BrFiltLo - ok 18:23:05.0706 4784 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys 18:23:05.0708 4784 BrFiltUp - ok 18:23:05.0760 4784 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll 18:23:05.0764 4784 Browser - ok 18:23:06.0025 4784 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys 18:23:06.0028 4784 Brserid - ok 18:23:06.0084 4784 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys 18:23:06.0087 4784 BrSerWdm - ok 18:23:06.0164 4784 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys 18:23:06.0166 4784 BrUsbMdm - ok 18:23:06.0232 4784 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys 18:23:06.0235 4784 BrUsbSer - ok 18:23:06.0258 4784 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 18:23:06.0260 4784 BTHMODEM - ok 18:23:06.0406 4784 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll 18:23:06.0409 4784 BthServ - ok 18:23:06.0789 4784 catchme - ok 18:23:06.0820 4784 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 18:23:06.0823 4784 cdfs - ok 18:23:06.0953 4784 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 18:23:06.0955 4784 cdrom - ok 18:23:07.0073 4784 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll 18:23:07.0076 4784 CertPropSvc - ok 18:23:07.0194 4784 [ 18C6807598D028725CC8BC33C4182B66 ] CinemaNow Service C:\Program Files\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe 18:23:07.0198 4784 CinemaNow Service - ok 18:23:07.0246 4784 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys 18:23:07.0248 4784 circlass - ok 18:23:07.0337 4784 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys 18:23:07.0345 4784 CLFS - ok 18:23:07.0479 4784 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 18:23:07.0483 4784 clr_optimization_v2.0.50727_32 - ok 18:23:07.0723 4784 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 18:23:07.0729 4784 clr_optimization_v4.0.30319_32 - ok 18:23:07.0842 4784 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 18:23:07.0843 4784 CmBatt - ok 18:23:07.0951 4784 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys 18:23:07.0953 4784 cmdide - ok 18:23:07.0996 4784 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 18:23:07.0998 4784 Compbatt - ok 18:23:08.0008 4784 COMSysApp - ok 18:23:08.0146 4784 [ C508B28B9DA7563634A2A2B2EEF4395D ] ConfigFree Service C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe 18:23:08.0149 4784 ConfigFree Service - ok 18:23:08.0160 4784 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 18:23:08.0161 4784 crcdisk - ok 18:23:08.0217 4784 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys 18:23:08.0220 4784 Crusoe - ok 18:23:08.0354 4784 [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc C:\Windows\system32\cryptsvc.dll 18:23:08.0360 4784 CryptSvc - ok 18:23:08.0487 4784 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll 18:23:08.0542 4784 DcomLaunch - ok 18:23:08.0884 4784 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe 18:23:09.0028 4784 DFSR - ok 18:23:09.0077 4784 [ 919F338FD36F47D860775368D0748780 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys 18:23:09.0082 4784 dg_ssudbus - ok 18:23:09.0148 4784 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll 18:23:09.0156 4784 Dhcp - ok 18:23:09.0236 4784 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys 18:23:09.0238 4784 disk - ok 18:23:09.0322 4784 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll 18:23:09.0327 4784 Dnscache - ok 18:23:09.0473 4784 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll 18:23:09.0482 4784 dot3svc - ok 18:23:09.0573 4784 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll 18:23:09.0580 4784 DPS - ok 18:23:09.0617 4784 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 18:23:09.0619 4784 drmkaud - ok 18:23:09.0864 4784 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 18:23:09.0875 4784 DXGKrnl - ok 18:23:10.0216 4784 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys 18:23:10.0220 4784 E1G60 - ok 18:23:10.0325 4784 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll 18:23:10.0330 4784 EapHost - ok 18:23:10.0383 4784 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys 18:23:10.0388 4784 Ecache - ok 18:23:10.0503 4784 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 18:23:10.0512 4784 ehRecvr - ok 18:23:10.0594 4784 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe 18:23:10.0598 4784 ehSched - ok 18:23:10.0626 4784 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll 18:23:10.0628 4784 ehstart - ok 18:23:10.0691 4784 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys 18:23:10.0700 4784 elxstor - ok 18:23:10.0916 4784 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll 18:23:10.0967 4784 EMDMgmt - ok 18:23:11.0063 4784 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys 18:23:11.0065 4784 ErrDev - ok 18:23:11.0138 4784 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll 18:23:11.0147 4784 EventSystem - ok 18:23:11.0290 4784 [ 306AC856622864C761CBDB5E816BB9D8 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 18:23:11.0390 4784 EvtEng - ok 18:23:11.0444 4784 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys 18:23:11.0449 4784 exfat - ok 18:23:11.0492 4784 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys 18:23:11.0497 4784 fastfat - ok 18:23:11.0573 4784 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys 18:23:11.0575 4784 fdc - ok 18:23:11.0709 4784 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll 18:23:11.0713 4784 fdPHost - ok 18:23:11.0752 4784 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll 18:23:11.0757 4784 FDResPub - ok 18:23:11.0779 4784 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 18:23:11.0781 4784 FileInfo - ok 18:23:11.0826 4784 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys 18:23:11.0828 4784 Filetrace - ok 18:23:12.0282 4784 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 18:23:12.0284 4784 flpydisk - ok 18:23:12.0373 4784 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 18:23:12.0379 4784 FltMgr - ok 18:23:12.0506 4784 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll 18:23:12.0695 4784 FontCache - ok 18:23:12.0796 4784 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 18:23:12.0798 4784 FontCache3.0.0.0 - ok 18:23:12.0922 4784 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 18:23:12.0923 4784 Fs_Rec - ok 18:23:12.0963 4784 [ CBC22823628544735625B280665E434E ] FwLnk C:\Windows\system32\DRIVERS\FwLnk.sys 18:23:12.0965 4784 FwLnk - ok 18:23:13.0010 4784 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 18:23:13.0012 4784 gagp30kx - ok 18:23:13.0190 4784 [ 9DCF7DFE5FDBB0A47F8EE01FE13C2876 ] GameConsoleService C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe 18:23:13.0263 4784 GameConsoleService - ok 18:23:13.0333 4784 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll 18:23:13.0385 4784 gpsvc - ok 18:23:13.0467 4784 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 18:23:13.0471 4784 gupdate - ok 18:23:13.0490 4784 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 18:23:13.0492 4784 gupdatem - ok 18:23:13.0588 4784 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 18:23:13.0594 4784 gusvc - ok 18:23:13.0647 4784 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 18:23:13.0654 4784 HdAudAddService - ok 18:23:13.0762 4784 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 18:23:13.0775 4784 HDAudBus - ok 18:23:13.0825 4784 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys 18:23:13.0827 4784 HidBth - ok 18:23:13.0858 4784 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys 18:23:13.0860 4784 HidIr - ok 18:23:13.0989 4784 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll 18:23:13.0994 4784 hidserv - ok 18:23:14.0047 4784 [ 3C64042B95E583B366BA4E5D2450235E ] HidUsb C:\Windows\system32\drivers\hidusb.sys 18:23:14.0048 4784 HidUsb - ok 18:23:14.0092 4784 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll 18:23:14.0101 4784 hkmsvc - ok 18:23:14.0162 4784 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys 18:23:14.0164 4784 HpCISSs - ok 18:23:14.0288 4784 [ CBD09ED9CF6822177EE85AEA4D8816A2 ] HTCAND32 C:\Windows\system32\Drivers\ANDROIDUSB.sys 18:23:14.0289 4784 HTCAND32 - ok 18:23:14.0361 4784 [ 52395A94C127C0266D1C0F3CCE8A4345 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys 18:23:14.0363 4784 htcnprot - ok 18:23:14.0612 4784 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys 18:23:14.0623 4784 HTTP - ok 18:23:14.0709 4784 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys 18:23:14.0711 4784 i2omp - ok 18:23:14.0851 4784 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 18:23:14.0853 4784 i8042prt - ok 18:23:14.0900 4784 [ 707C1692214B1C290271067197F075F6 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 18:23:14.0905 4784 iaStor - ok 18:23:14.0997 4784 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys 18:23:15.0005 4784 iaStorV - ok 18:23:15.0104 4784 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe 18:23:15.0109 4784 IDriverT - ok 18:23:15.0213 4784 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 18:23:15.0254 4784 idsvc - ok 18:23:15.0383 4784 [ 6FB1858D1F0923D122B0331865695041 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys 18:23:15.0492 4784 igfx - ok 18:23:15.0612 4784 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys 18:23:15.0613 4784 iirsp - ok 18:23:15.0717 4784 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll 18:23:15.0727 4784 IKEEXT - ok 18:23:15.0897 4784 [ B9CBD3DEA7CA02868621173BF7A2AF9F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys 18:23:15.0926 4784 IntcAzAudAddService - ok 18:23:16.0028 4784 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys 18:23:16.0030 4784 intelide - ok 18:23:16.0059 4784 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 18:23:16.0061 4784 intelppm - ok 18:23:16.0155 4784 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 18:23:16.0162 4784 IPBusEnum - ok 18:23:16.0193 4784 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 18:23:16.0195 4784 IpFilterDriver - ok 18:23:16.0278 4784 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 18:23:16.0288 4784 iphlpsvc - ok 18:23:16.0300 4784 IpInIp - ok 18:23:16.0349 4784 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys 18:23:16.0352 4784 IPMIDRV - ok 18:23:16.0391 4784 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys 18:23:16.0395 4784 IPNAT - ok 18:23:16.0434 4784 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 18:23:16.0436 4784 IRENUM - ok 18:23:16.0460 4784 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys 18:23:16.0463 4784 isapnp - ok 18:23:16.0575 4784 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys 18:23:16.0582 4784 iScsiPrt - ok 18:23:16.0599 4784 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys 18:23:16.0601 4784 iteatapi - ok 18:23:16.0614 4784 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys 18:23:16.0616 4784 iteraid - ok 18:23:16.0661 4784 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 18:23:16.0663 4784 kbdclass - ok 18:23:16.0674 4784 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 18:23:16.0676 4784 kbdhid - ok 18:23:16.0822 4784 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe 18:23:16.0828 4784 KeyIso - ok 18:23:16.0889 4784 [ E8CA038F51F7761BD6E3A3B0B8014263 ] KR10I C:\Windows\system32\drivers\kr10i.sys 18:23:16.0896 4784 KR10I - ok 18:23:16.0938 4784 [ 6A4ADB9186DD0E114E623DAF57E42B31 ] KR10N C:\Windows\system32\drivers\kr10n.sys 18:23:16.0945 4784 KR10N - ok 18:23:17.0034 4784 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 18:23:17.0055 4784 KSecDD - ok 18:23:17.0115 4784 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll 18:23:17.0293 4784 KtmRm - ok 18:23:17.0346 4784 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll 18:23:17.0359 4784 LanmanServer - ok 18:23:17.0448 4784 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 18:23:17.0504 4784 LanmanWorkstation - ok 18:23:17.0545 4784 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 18:23:17.0548 4784 lltdio - ok 18:23:17.0656 4784 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll 18:23:17.0667 4784 lltdsvc - ok 18:23:17.0695 4784 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll 18:23:17.0702 4784 lmhosts - ok 18:23:17.0753 4784 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 18:23:17.0757 4784 LSI_FC - ok 18:23:17.0769 4784 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 18:23:17.0774 4784 LSI_SAS - ok 18:23:17.0842 4784 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 18:23:17.0845 4784 LSI_SCSI - ok 18:23:17.0876 4784 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys 18:23:17.0879 4784 luafv - ok 18:23:18.0017 4784 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 18:23:18.0025 4784 Mcx2Svc - ok 18:23:18.0052 4784 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys 18:23:18.0054 4784 megasas - ok 18:23:18.0127 4784 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys 18:23:18.0139 4784 MegaSR - ok 18:23:18.0309 4784 [ 7C4C76B39D5525C4A465E0BE32528E19 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe 18:23:18.0362 4784 Microsoft Office Groove Audit Service - ok 18:23:18.0390 4784 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll 18:23:18.0398 4784 MMCSS - ok 18:23:18.0556 4784 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys 18:23:18.0558 4784 Modem - ok 18:23:18.0588 4784 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 18:23:18.0590 4784 monitor - ok 18:23:18.0685 4784 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 18:23:18.0687 4784 mouclass - ok 18:23:18.0720 4784 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\drivers\mouhid.sys 18:23:18.0722 4784 mouhid - ok 18:23:18.0748 4784 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys 18:23:18.0751 4784 MountMgr - ok 18:23:18.0923 4784 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 18:23:18.0927 4784 MozillaMaintenance - ok 18:23:19.0042 4784 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys 18:23:19.0046 4784 mpio - ok 18:23:19.0079 4784 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 18:23:19.0083 4784 mpsdrv - ok 18:23:19.0163 4784 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll 18:23:19.0171 4784 MpsSvc - ok 18:23:19.0210 4784 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys 18:23:19.0212 4784 Mraid35x - ok 18:23:19.0261 4784 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 18:23:19.0263 4784 MRxDAV - ok 18:23:19.0311 4784 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 18:23:19.0314 4784 mrxsmb - ok 18:23:19.0345 4784 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 18:23:19.0349 4784 mrxsmb10 - ok 18:23:19.0372 4784 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 18:23:19.0374 4784 mrxsmb20 - ok 18:23:19.0424 4784 [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci C:\Windows\system32\drivers\msahci.sys 18:23:19.0426 4784 msahci - ok 18:23:19.0451 4784 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys 18:23:19.0454 4784 msdsm - ok 18:23:19.0480 4784 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe 18:23:19.0487 4784 MSDTC - ok 18:23:19.0521 4784 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys 18:23:19.0523 4784 Msfs - ok 18:23:19.0582 4784 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 18:23:19.0583 4784 msisadrv - ok 18:23:19.0728 4784 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 18:23:19.0733 4784 MSiSCSI - ok 18:23:19.0740 4784 msiserver - ok 18:23:19.0797 4784 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 18:23:19.0798 4784 MSKSSRV - ok 18:23:19.0808 4784 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 18:23:19.0853 4784 MSPCLOCK - ok 18:23:19.0889 4784 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 18:23:19.0892 4784 MSPQM - ok 18:23:19.0942 4784 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 18:23:19.0947 4784 MsRPC - ok 18:23:20.0005 4784 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 18:23:20.0007 4784 mssmbios - ok 18:23:20.0042 4784 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 18:23:20.0045 4784 MSTEE - ok 18:23:20.0522 4784 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys 18:23:20.0525 4784 Mup - ok 18:23:20.0788 4784 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll 18:23:20.0809 4784 napagent - ok 18:23:20.0910 4784 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 18:23:20.0916 4784 NativeWifiP - ok 18:23:21.0037 4784 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys 18:23:21.0068 4784 NDIS - ok 18:23:21.0107 4784 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 18:23:21.0110 4784 NdisTapi - ok 18:23:21.0157 4784 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 18:23:21.0159 4784 Ndisuio - ok 18:23:21.0230 4784 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 18:23:21.0235 4784 NdisWan - ok 18:23:21.0257 4784 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 18:23:21.0261 4784 NDProxy - ok 18:23:21.0324 4784 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 18:23:21.0327 4784 NetBIOS - ok 18:23:21.0394 4784 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys 18:23:21.0400 4784 netbt - ok 18:23:21.0424 4784 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe 18:23:21.0431 4784 Netlogon - ok 18:23:21.0488 4784 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll 18:23:21.0510 4784 Netman - ok 18:23:21.0566 4784 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 18:23:21.0573 4784 NetMsmqActivator - ok 18:23:21.0583 4784 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 18:23:21.0588 4784 NetPipeActivator - ok 18:23:21.0619 4784 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll 18:23:21.0641 4784 netprofm - ok 18:23:21.0686 4784 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 18:23:21.0691 4784 NetTcpActivator - ok 18:23:21.0714 4784 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 18:23:21.0718 4784 NetTcpPortSharing - ok 18:23:21.0991 4784 [ E559EA9138C77B5D1FDA8C558764A25F ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys 18:23:22.0144 4784 NETw5v32 - ok 18:23:22.0182 4784 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 18:23:22.0185 4784 nfrd960 - ok 18:23:22.0340 4784 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll 18:23:22.0351 4784 NlaSvc - ok 18:23:22.0526 4784 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys 18:23:22.0529 4784 Npfs - ok 18:23:22.0588 4784 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll 18:23:22.0596 4784 nsi - ok 18:23:22.0607 4784 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 18:23:22.0608 4784 nsiproxy - ok 18:23:22.0746 4784 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 18:23:22.0774 4784 Ntfs - ok 18:23:22.0831 4784 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys 18:23:22.0833 4784 ntrigdigi - ok 18:23:22.0847 4784 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys 18:23:22.0849 4784 Null - ok 18:23:22.0856 4784 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys 18:23:22.0859 4784 nvraid - ok 18:23:22.0867 4784 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys 18:23:22.0869 4784 nvstor - ok 18:23:22.0919 4784 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 18:23:22.0922 4784 nv_agp - ok 18:23:22.0931 4784 NwlnkFlt - ok 18:23:22.0938 4784 NwlnkFwd - ok 18:23:23.0130 4784 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 18:23:23.0138 4784 odserv - ok 18:23:23.0285 4784 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys 18:23:23.0286 4784 ohci1394 - ok 18:23:23.0362 4784 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 18:23:23.0474 4784 ose - ok 18:23:23.0551 4784 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll 18:23:23.0582 4784 p2pimsvc - ok 18:23:23.0594 4784 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll 18:23:23.0601 4784 p2psvc - ok 18:23:23.0701 4784 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys 18:23:23.0704 4784 Parport - ok 18:23:23.0827 4784 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys 18:23:23.0829 4784 partmgr - ok 18:23:23.0943 4784 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys 18:23:23.0945 4784 Parvdm - ok 18:23:24.0102 4784 [ 5FBCC9EEEFACA3019D5BD5979618F298 ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe 18:23:24.0105 4784 PassThru Service - ok 18:23:24.0189 4784 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll 18:23:24.0198 4784 PcaSvc - ok 18:23:24.0248 4784 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys 18:23:24.0253 4784 pci - ok 18:23:24.0329 4784 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\DRIVERS\pciide.sys 18:23:24.0332 4784 pciide - ok 18:23:24.0377 4784 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 18:23:24.0384 4784 pcmcia - ok 18:23:24.0545 4784 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 18:23:24.0601 4784 PEAUTH - ok 18:23:24.0722 4784 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll 18:23:24.0799 4784 pla - ok 18:23:24.0876 4784 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll 18:23:24.0896 4784 PlugPlay - ok 18:23:24.0952 4784 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll 18:23:24.0981 4784 PNRPAutoReg - ok 18:23:25.0002 4784 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll 18:23:25.0009 4784 PNRPsvc - ok 18:23:25.0136 4784 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 18:23:25.0144 4784 PolicyAgent - ok 18:23:25.0290 4784 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 18:23:25.0292 4784 PptpMiniport - ok 18:23:25.0323 4784 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys 18:23:25.0326 4784 Processor - ok 18:23:25.0443 4784 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll 18:23:25.0449 4784 ProfSvc - ok 18:23:25.0493 4784 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe 18:23:25.0496 4784 ProtectedStorage - ok 18:23:25.0627 4784 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys 18:23:25.0630 4784 PSched - ok 18:23:25.0675 4784 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys 18:23:25.0676 4784 PxHelp20 - ok 18:23:25.0732 4784 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 18:23:25.0784 4784 ql2300 - ok 18:23:25.0940 4784 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 18:23:25.0945 4784 ql40xx - ok 18:23:26.0026 4784 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll 18:23:26.0050 4784 QWAVE - ok 18:23:26.0128 4784 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 18:23:26.0131 4784 QWAVEdrv - ok 18:23:26.0228 4784 [ 8F97D374AD1857E1EED85A79F29A1D3D ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll 18:23:26.0234 4784 RapiMgr - ok 18:23:26.0277 4784 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 18:23:26.0280 4784 RasAcd - ok 18:23:26.0325 4784 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll 18:23:26.0340 4784 RasAuto - ok 18:23:26.0390 4784 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 18:23:26.0394 4784 Rasl2tp - ok 18:23:26.0429 4784 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll 18:23:26.0452 4784 RasMan - ok 18:23:26.0487 4784 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 18:23:26.0490 4784 RasPppoe - ok 18:23:26.0587 4784 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 18:23:26.0589 4784 RasSstp - ok 18:23:26.0620 4784 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 18:23:26.0625 4784 rdbss - ok 18:23:26.0662 4784 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 18:23:26.0663 4784 RDPCDD - ok 18:23:26.0721 4784 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys 18:23:26.0726 4784 rdpdr - ok 18:23:26.0732 4784 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 18:23:26.0733 4784 RDPENCDD - ok 18:23:26.0805 4784 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 18:23:26.0810 4784 RDPWD - ok 18:23:26.0897 4784 [ B33C88DF3588ACF250B87A004526C31A ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 18:23:26.0910 4784 RegSrvc - ok 18:23:26.0999 4784 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll 18:23:27.0004 4784 RemoteAccess - ok 18:23:27.0094 4784 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll 18:23:27.0100 4784 RemoteRegistry - ok 18:23:27.0216 4784 [ C2EF513BBE069F0D4EE0938A76F975D3 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys 18:23:27.0218 4784 rimmptsk - ok 18:23:27.0280 4784 [ C398BCA91216755B098679A8DA8A2300 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys 18:23:27.0282 4784 rimsptsk - ok 18:23:27.0310 4784 [ 2A2554CB24506E0A0508FC395C4A1B42 ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys 18:23:27.0312 4784 rismxdp - ok 18:23:27.0351 4784 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe 18:23:27.0356 4784 RpcLocator - ok 18:23:27.0430 4784 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll 18:23:27.0442 4784 RpcSs - ok 18:23:27.0485 4784 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 18:23:27.0487 4784 rspndr - ok 18:23:27.0527 4784 [ 7157E70A90CCE49DEB8885D23A073A39 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys 18:23:27.0532 4784 RTL8169 - ok 18:23:27.0761 4784 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe 18:23:27.0767 4784 SamSs - ok 18:23:27.0897 4784 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 18:23:27.0901 4784 sbp2port - ok 18:23:28.0005 4784 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll 18:23:28.0010 4784 SCardSvr - ok 18:23:28.0123 4784 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll 18:23:28.0153 4784 Schedule - ok 18:23:28.0208 4784 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll 18:23:28.0209 4784 SCPolicySvc - ok 18:23:28.0295 4784 [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys 18:23:28.0299 4784 sdbus - ok 18:23:28.0338 4784 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll 18:23:28.0344 4784 SDRSVC - ok 18:23:28.0387 4784 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys 18:23:28.0388 4784 secdrv - ok 18:23:28.0405 4784 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll 18:23:28.0409 4784 seclogon - ok 18:23:28.0419 4784 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll 18:23:28.0424 4784 SENS - ok 18:23:28.0441 4784 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys 18:23:28.0442 4784 Serenum - ok 18:23:28.0462 4784 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys 18:23:28.0465 4784 Serial - ok 18:23:28.0470 4784 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys 18:23:28.0472 4784 sermouse - ok 18:23:28.0501 4784 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll 18:23:28.0507 4784 SessionEnv - ok 18:23:28.0540 4784 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys 18:23:28.0542 4784 sffdisk - ok 18:23:28.0561 4784 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 18:23:28.0563 4784 sffp_mmc - ok 18:23:28.0636 4784 [ 9F66A46C55D6F1CCABC79BB7AFCCC545 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys 18:23:28.0638 4784 sffp_sd - ok 18:23:28.0645 4784 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 18:23:28.0647 4784 sfloppy - ok 18:23:28.0778 4784 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll 18:23:28.0788 4784 SharedAccess - ok 18:23:28.0915 4784 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 18:23:28.0931 4784 ShellHWDetection - ok 18:23:29.0008 4784 [ A275FBB7C99458C12E088DFF3E58EB4D ] simptcp C:\Windows\System32\tcpsvcs.exe 18:23:29.0018 4784 simptcp - ok 18:23:29.0262 4784 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys 18:23:29.0266 4784 sisagp - ok 18:23:29.0277 4784 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys 18:23:29.0282 4784 SiSRaid2 - ok 18:23:29.0296 4784 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 18:23:29.0302 4784 SiSRaid4 - ok 18:23:29.0541 4784 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe 18:23:29.0699 4784 slsvc - ok 18:23:29.0750 4784 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll 18:23:29.0755 4784 SLUINotify - ok 18:23:29.0802 4784 [ 3566310DF25EA5C3B2E9F50F5B50EAC1 ] SmartFaceVWatchSrv C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe 18:23:29.0803 4784 SmartFaceVWatchSrv - ok 18:23:30.0023 4784 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys 18:23:30.0026 4784 Smb - ok 18:23:30.0103 4784 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 18:23:30.0107 4784 SNMPTRAP - ok 18:23:30.0145 4784 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys 18:23:30.0146 4784 spldr - ok 18:23:30.0193 4784 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe 18:23:30.0199 4784 Spooler - ok 18:23:30.0365 4784 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys 18:23:30.0371 4784 srv - ok 18:23:30.0414 4784 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 18:23:30.0419 4784 srv2 - ok 18:23:30.0701 4784 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 18:23:30.0706 4784 srvnet - ok 18:23:30.0898 4784 [ D5DFFEAA1E15D4EFFABB9D9A3068AC5B ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys 18:23:30.0902 4784 sscdbus - ok 18:23:31.0021 4784 [ 8A1BE0C347814F482F493AEA619D57F6 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys 18:23:31.0024 4784 sscdmdfl - ok 18:23:31.0288 4784 [ 5AB0B1987F682A59B15B78F84C6AD7D0 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys 18:23:31.0293 4784 sscdmdm - ok 18:23:31.0428 4784 [ 751E66EB32EFA80633B80F5D7FF0A1D8 ] sscdserd C:\Windows\system32\DRIVERS\sscdserd.sys 18:23:31.0433 4784 sscdserd - ok 18:23:31.0552 4784 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 18:23:31.0567 4784 SSDPSRV - ok 18:23:31.0679 4784 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll 18:23:31.0692 4784 SstpSvc - ok 18:23:31.0806 4784 [ 8F299012EF58246F1C98DE7B7E48DBF0 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys 18:23:31.0813 4784 ssudmdm - ok 18:23:32.0341 4784 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll 18:23:32.0530 4784 stisvc - ok 18:23:32.0551 4784 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 18:23:32.0553 4784 swenum - ok 18:23:32.0700 4784 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll 18:23:32.0734 4784 swprv - ok 18:23:32.0789 4784 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys 18:23:32.0792 4784 Symc8xx - ok 18:23:32.0888 4784 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys 18:23:32.0892 4784 Sym_hi - ok 18:23:32.0903 4784 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys 18:23:32.0910 4784 Sym_u3 - ok 18:23:33.0028 4784 [ 55F6E55CC2430CA8713387106FA79817 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 18:23:33.0033 4784 SynTP - ok 18:23:33.0165 4784 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll 18:23:33.0233 4784 SysMain - ok 18:23:33.0297 4784 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll 18:23:33.0309 4784 TabletInputService - ok 18:23:33.0362 4784 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll 18:23:33.0407 4784 TapiSrv - ok 18:23:33.0441 4784 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll 18:23:33.0452 4784 TBS - ok 18:23:33.0643 4784 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 18:23:33.0701 4784 Tcpip - ok 18:23:33.0806 4784 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys 18:23:33.0822 4784 Tcpip6 - ok 18:23:33.0976 4784 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 18:23:33.0979 4784 tcpipreg - ok 18:23:34.0080 4784 [ 6FDFBA25002CE4BAC463AC866AE71405 ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys 18:23:34.0083 4784 tdcmdpst - ok 18:23:34.0217 4784 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 18:23:34.0220 4784 TDPIPE - ok 18:23:34.0299 4784 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 18:23:34.0302 4784 TDTCP - ok 18:23:34.0374 4784 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 18:23:34.0379 4784 tdx - ok 18:23:34.0414 4784 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 18:23:34.0417 4784 TermDD - ok 18:23:34.0506 4784 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll 18:23:34.0527 4784 TermService - ok 18:23:34.0562 4784 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll 18:23:34.0576 4784 Themes - ok 18:23:34.0811 4784 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll 18:23:34.0818 4784 THREADORDER - ok 18:23:34.0908 4784 [ E09CAAFB2B323A6FF120CEFB96DA0A44 ] TMachInfo C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe 18:23:34.0910 4784 TMachInfo - ok 18:23:34.0955 4784 [ 89F74C86523F5E334628DBCE66E6D165 ] TNaviSrv C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe 18:23:34.0960 4784 TNaviSrv - ok 18:23:34.0985 4784 [ C5AC715B65B01788ABC22D10749DDDD8 ] TODDSrv C:\Windows\system32\TODDSrv.exe 18:23:34.0998 4784 TODDSrv - ok 18:23:35.0125 4784 [ 44DBAC611B11646683B5B066A049B8E4 ] TosCoSrv C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe 18:23:35.0137 4784 TosCoSrv - ok 18:23:35.0226 4784 [ 8E10E654E354CF330ED75882769A0107 ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe 18:23:35.0231 4784 TOSHIBA Bluetooth Service - ok 18:23:35.0274 4784 [ 22690DFFC7F2A18279A7A0489AA02BAC ] TOSHIBA SMART Log Service C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe 18:23:35.0278 4784 TOSHIBA SMART Log Service - ok 18:23:35.0320 4784 Tosrfcom - ok 18:23:35.0402 4784 [ 5C4103544612E5011EF46301B93D1AA6 ] tosrfec C:\Windows\system32\DRIVERS\tosrfec.sys 18:23:35.0405 4784 tosrfec - ok 18:23:35.0466 4784 [ 4399A9BF7D8F49991A07FD86590A1619 ] tos_sps32 C:\Windows\system32\DRIVERS\tos_sps32.sys 18:23:35.0474 4784 tos_sps32 - ok 18:23:35.0672 4784 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll 18:23:35.0679 4784 TrkWks - ok 18:23:35.0796 4784 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 18:23:35.0797 4784 TrustedInstaller - ok 18:23:35.0887 4784 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 18:23:35.0890 4784 tssecsrv - ok 18:23:35.0958 4784 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys 18:23:35.0961 4784 tunmp - ok 18:23:36.0020 4784 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 18:23:36.0023 4784 tunnel - ok 18:23:36.0398 4784 [ 792A8B80F8188ABA4B2BE271583F3E46 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS 18:23:36.0401 4784 TVALZ - ok 18:23:36.0485 4784 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys 18:23:36.0489 4784 uagp35 - ok 18:23:36.0559 4784 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 18:23:36.0569 4784 udfs - ok 18:23:36.0668 4784 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe 18:23:36.0679 4784 UI0Detect - ok 18:23:36.0843 4784 [ 332D341D92B933600D41953B08360DFB ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe 18:23:36.0845 4784 UleadBurningHelper - ok 18:23:36.0940 4784 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 18:23:36.0944 4784 uliagpkx - ok 18:23:36.0972 4784 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys 18:23:36.0981 4784 uliahci - ok 18:23:37.0045 4784 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys 18:23:37.0050 4784 UlSata - ok 18:23:37.0148 4784 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys 18:23:37.0153 4784 ulsata2 - ok 18:23:37.0219 4784 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 18:23:37.0223 4784 umbus - ok 18:23:37.0299 4784 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll 18:23:37.0315 4784 upnphost - ok 18:23:37.0424 4784 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 18:23:37.0428 4784 usbccgp - ok 18:23:37.0480 4784 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys 18:23:37.0509 4784 usbcir - ok 18:23:37.0582 4784 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 18:23:37.0585 4784 usbehci - ok 18:23:37.0662 4784 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 18:23:37.0666 4784 usbhub - ok 18:23:37.0740 4784 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys 18:23:37.0742 4784 usbohci - ok 18:23:37.0851 4784 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 18:23:37.0852 4784 usbprint - ok 18:23:37.0973 4784 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 18:23:37.0975 4784 usbscan - ok 18:23:38.0334 4784 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 18:23:38.0337 4784 USBSTOR - ok 18:23:38.0538 4784 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 18:23:38.0541 4784 usbuhci - ok 18:23:38.0600 4784 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 18:23:38.0607 4784 usbvideo - ok 18:23:38.0694 4784 [ 35C9095FA7076466AFBFC5B9EC4B779E ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys 18:23:38.0719 4784 usb_rndisx - ok 18:23:38.0752 4784 [ 237C444FBD1C697A2E3FA60F02C61F22 ] UVCFTR C:\Windows\system32\Drivers\UVCFTR_S.SYS 18:23:38.0755 4784 UVCFTR - ok 18:23:38.0874 4784 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll 18:23:38.0886 4784 UxSms - ok 18:23:39.0222 4784 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe 18:23:39.0256 4784 vds - ok 18:23:39.0344 4784 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 18:23:39.0346 4784 vga - ok 18:23:39.0375 4784 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys 18:23:39.0377 4784 VgaSave - ok 18:23:39.0463 4784 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys 18:23:39.0465 4784 viaagp - ok 18:23:39.0538 4784 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys 18:23:39.0539 4784 ViaC7 - ok 18:23:39.0557 4784 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys 18:23:39.0558 4784 viaide - ok 18:23:39.0599 4784 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys 18:23:39.0601 4784 volmgr - ok 18:23:39.0711 4784 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 18:23:39.0718 4784 volmgrx - ok 18:23:39.0757 4784 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys 18:23:39.0763 4784 volsnap - ok 18:23:39.0882 4784 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 18:23:39.0889 4784 vsmraid - ok 18:23:39.0963 4784 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe 18:23:40.0039 4784 VSS - ok 18:23:40.0302 4784 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll 18:23:40.0325 4784 W32Time - ok 18:23:40.0477 4784 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 18:23:40.0481 4784 WacomPen - ok 18:23:40.0747 4784 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys 18:23:40.0751 4784 Wanarp - ok 18:23:40.0760 4784 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 18:23:40.0764 4784 Wanarpv6 - ok 18:23:40.0816 4784 [ 59E19BD13C3BDB857646B9E436BA27F7 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll 18:23:40.0828 4784 WcesComm - ok 18:23:40.0917 4784 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll 18:23:40.0993 4784 wcncsvc - ok 18:23:41.0042 4784 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 18:23:41.0054 4784 WcsPlugInService - ok 18:23:41.0169 4784 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys 18:23:41.0172 4784 Wd - ok 18:23:41.0246 4784 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 18:23:41.0268 4784 Wdf01000 - ok 18:23:41.0315 4784 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll 18:23:41.0328 4784 WdiServiceHost - ok 18:23:41.0337 4784 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll 18:23:41.0350 4784 WdiSystemHost - ok 18:23:41.0433 4784 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll 18:23:41.0463 4784 WebClient - ok 18:23:41.0537 4784 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll 18:23:41.0593 4784 Wecsvc - ok 18:23:41.0672 4784 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll 18:23:41.0684 4784 wercplsupport - ok 18:23:41.0727 4784 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll 18:23:41.0741 4784 WerSvc - ok 18:23:42.0131 4784 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 18:23:42.0142 4784 WinDefend - ok 18:23:42.0166 4784 WinHttpAutoProxySvc - ok 18:23:42.0439 4784 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 18:23:42.0443 4784 Winmgmt - ok 18:23:42.0560 4784 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll 18:23:42.0616 4784 WinRM - ok 18:23:42.0730 4784 [ 676F4B665BDD8053EAA53AC1695B8074 ] winusb C:\Windows\system32\DRIVERS\winusb.sys 18:23:42.0734 4784 winusb - ok 18:23:42.0895 4784 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll 18:23:42.0951 4784 Wlansvc - ok 18:23:43.0038 4784 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 18:23:43.0042 4784 WmiAcpi - ok 18:23:43.0107 4784 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 18:23:43.0113 4784 wmiApSrv - ok 18:23:43.0298 4784 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 18:23:43.0353 4784 WMPNetworkSvc - ok 18:23:43.0505 4784 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll 18:23:43.0519 4784 WPCSvc - ok 18:23:43.0783 4784 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 18:23:43.0798 4784 WPDBusEnum - ok 18:23:43.0976 4784 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys 18:23:43.0979 4784 WpdUsb - ok 18:23:44.0176 4784 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 18:23:44.0209 4784 WPFFontCache_v0400 - ok 18:23:44.0309 4784 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 18:23:44.0312 4784 ws2ifsl - ok 18:23:44.0358 4784 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll 18:23:44.0371 4784 wscsvc - ok 18:23:44.0381 4784 WSearch - ok 18:23:44.0519 4784 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll 18:23:44.0674 4784 wuauserv - ok 18:23:44.0743 4784 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 18:23:44.0777 4784 WUDFRd - ok 18:23:44.0827 4784 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll 18:23:44.0840 4784 wudfsvc - ok 18:23:44.0917 4784 ================ Scan global =============================== 18:23:45.0051 4784 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll 18:23:45.0184 4784 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll 18:23:45.0317 4784 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll 18:23:45.0507 4784 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe 18:23:45.0515 4784 [Global] - ok 18:23:45.0516 4784 ================ Scan MBR ================================== 18:23:45.0544 4784 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0 18:23:46.0538 4784 \Device\Harddisk0\DR0 - ok 18:23:46.0538 4784 ================ Scan VBR ================================== 18:23:46.0600 4784 [ 0A1E9194AE4B1B0EBD941452D274F7C2 ] \Device\Harddisk0\DR0\Partition1 18:23:46.0602 4784 \Device\Harddisk0\DR0\Partition1 - ok 18:23:46.0602 4784 ============================================================ 18:23:46.0602 4784 Scan finished 18:23:46.0602 4784 ============================================================ 18:23:46.0615 5608 Detected object count: 0 18:23:46.0615 5608 Actual detected object count: 0
-
I do not use Norton . It is just on the computer. Secondly, I can not update Windows defender.
-
ComboFix2.txt ComboFix 12-09-04.03 - Owner 09/05/2012 11:15:46.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2939.2069 [GMT -5:00] Running from: c:\users\Owner\Desktop\ComboFix.exe AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} AV: Norton 360 *Disabled/Outdated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855} FW: Norton 360 *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Norton 360 *Disabled/Outdated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\4007428239 c:\programdata\Roaming c:\programdata\Roaming\Intel\Wireless\Settings\Settings.ini c:\users\Owner\Documents\~WRL1347.tmp c:\users\Owner\Documents\~WRL2752.tmp c:\windows\$NtUninstallKB34616$ c:\windows\$NtUninstallKB34616$\1162920552\@ c:\windows\$NtUninstallKB34616$\1162920552\bckfg.tmp c:\windows\$NtUninstallKB34616$\1162920552\cfg.ini c:\windows\$NtUninstallKB34616$\1162920552\Desktop.ini c:\windows\$NtUninstallKB34616$\1162920552\keywords c:\windows\$NtUninstallKB34616$\1162920552\kwrd.dll c:\windows\$NtUninstallKB34616$\1162920552\L\qnbwvoto c:\windows\$NtUninstallKB34616$\1162920552\lsflt7.ver c:\windows\$NtUninstallKB34616$\1162920552\U\00000001.@ c:\windows\$NtUninstallKB34616$\1162920552\U\00000002.@ c:\windows\$NtUninstallKB34616$\1162920552\U\00000004.@ c:\windows\$NtUninstallKB34616$\1162920552\U\80000000.@ c:\windows\$NtUninstallKB34616$\1162920552\U\80000004.@ c:\windows\$NtUninstallKB34616$\1162920552\U\80000032.@ c:\windows\$NtUninstallKB34616$\43465987 c:\windows\system32\pt c:\windows\system32\pt\smartfacevcp.dll.mui c:\windows\system32\pt\toscdspd.cpl.mui . . ((((((((((((((((((((((((( Files Created from 2012-08-05 to 2012-09-05 ))))))))))))))))))))))))))))))) . . 2012-08-28 02:35 . 2012-03-01 14:46 219648 ----a-w- c:\windows\system32\d3d10_1core.dll 2012-08-28 02:35 . 2012-02-29 14:08 1172480 ----a-w- c:\windows\system32\d3d10warp.dll 2012-08-28 02:35 . 2012-02-29 13:44 683008 ----a-w- c:\windows\system32\d2d1.dll 2012-08-28 02:35 . 2012-02-29 13:41 1069056 ----a-w- c:\windows\system32\DWrite.dll 2012-08-28 02:35 . 2012-03-01 14:46 160768 ----a-w- c:\windows\system32\d3d10_1.dll 2012-08-25 10:55 . 2012-08-25 10:55 -------- d-----w- c:\program files\Windows Portable Devices 2012-08-25 10:00 . 2009-10-01 01:02 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll 2012-08-25 09:59 . 2009-10-01 01:01 40448 ----a-w- c:\windows\system32\drivers\WpdUsb.sys 2012-08-25 09:59 . 2009-10-01 01:01 227840 ----a-w- c:\windows\system32\drivers\UMDF\WpdFs.dll 2012-08-25 09:59 . 2009-10-01 01:01 839168 ----a-w- c:\windows\system32\drivers\UMDF\WpdMtpDr.dll 2012-08-25 09:26 . 2012-02-29 13:32 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-08-25 08:58 . 2012-08-25 08:58 486400 ----a-w- c:\windows\system32\d3d10level9.dll 2012-08-25 08:58 . 2012-08-25 08:58 638336 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2012-08-25 08:58 . 2012-08-25 08:58 478720 ----a-w- c:\windows\system32\dxgi.dll 2012-08-25 08:58 . 2012-08-25 08:58 37376 ----a-w- c:\windows\system32\cdd.dll 2012-08-25 08:58 . 2012-08-25 08:58 189952 ----a-w- c:\windows\system32\d3d10core.dll 2012-08-25 08:58 . 2012-08-25 08:58 1029120 ----a-w- c:\windows\system32\d3d10.dll 2012-08-25 08:55 . 2012-08-25 08:55 252928 ----a-w- c:\windows\system32\dxdiag.exe 2012-08-25 08:55 . 2012-08-25 08:55 195584 ----a-w- c:\windows\system32\dxdiagn.dll 2012-08-25 08:55 . 2012-08-25 08:55 519680 ----a-w- c:\windows\system32\d3d11.dll 2012-08-21 19:21 . 2012-04-23 16:00 984064 ----a-w- c:\windows\system32\crypt32.dll 2012-08-21 19:21 . 2012-04-23 16:00 98304 ----a-w- c:\windows\system32\cryptnet.dll 2012-08-21 19:21 . 2012-04-23 16:00 133120 ----a-w- c:\windows\system32\cryptsvc.dll 2012-08-21 19:18 . 2011-10-14 16:02 429056 ----a-w- c:\windows\system32\EncDec.dll 2012-08-21 19:18 . 2012-03-20 23:28 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-08-21 19:18 . 2012-03-30 12:39 905600 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-08-21 19:18 . 2011-08-13 04:43 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll 2012-08-21 19:17 . 2012-02-01 15:11 1218048 ----a-w- c:\program files\Windows Journal\NBDoc.DLL 2012-08-21 19:17 . 2012-02-01 15:10 1404928 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll 2012-08-21 19:17 . 2012-02-01 15:10 964608 ----a-w- c:\program files\Windows Journal\JNWDRV.dll 2012-08-21 19:17 . 2012-02-01 15:10 983040 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll 2012-08-21 19:17 . 2012-02-01 15:10 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2012-08-21 19:17 . 2012-02-01 13:58 47104 ----a-w- c:\program files\Windows Journal\PDIALOG.exe 2012-08-21 19:17 . 2011-02-22 13:33 797696 ----a-w- c:\windows\system32\FntCache.dll 2012-08-21 19:16 . 2012-06-05 16:47 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll 2012-08-21 19:15 . 2011-10-25 15:56 49152 ----a-w- c:\windows\system32\csrsrv.dll 2012-08-21 19:14 . 2012-03-01 11:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2012-08-21 19:14 . 2012-05-01 14:03 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-08-21 19:14 . 2011-09-30 15:57 707584 ----a-w- c:\program files\Common Files\System\wab32.dll 2012-08-21 19:12 . 2012-06-04 15:26 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-08-20 20:09 . 2012-08-20 20:09 -------- d-----w- c:\windows\system32\ca-ES 2012-08-20 20:09 . 2012-08-20 20:09 -------- d-----w- c:\windows\system32\eu-ES 2012-08-20 19:08 . 2012-08-20 19:08 -------- d-----w- c:\windows\system32\EventProviders 2012-08-08 20:53 . 2012-08-08 20:53 -------- d-----w- c:\programdata\McAfee . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-25 09:00 . 2012-08-25 09:00 161792 ----a-w- c:\windows\system32\msls31.dll 2012-08-25 09:00 . 2012-08-25 09:00 1129472 ----a-w- c:\windows\system32\wininet.dll 2012-08-25 09:00 . 2012-08-25 09:00 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2012-08-25 09:00 . 2012-08-25 09:00 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2012-08-25 09:00 . 2012-08-25 09:00 48640 ----a-w- c:\windows\system32\mshtmler.dll 2012-08-25 09:00 . 2012-08-25 09:00 86528 ----a-w- c:\windows\system32\iesysprep.dll 2012-08-25 09:00 . 2012-08-25 09:00 63488 ----a-w- c:\windows\system32\tdc.ocx 2012-08-25 09:00 . 2012-08-25 09:00 74752 ----a-w- c:\windows\system32\iesetup.dll 2012-08-25 09:00 . 2012-08-25 09:00 23552 ----a-w- c:\windows\system32\licmgr10.dll 2012-08-25 09:00 . 2012-08-25 09:00 152064 ----a-w- c:\windows\system32\wextract.exe 2012-08-25 09:00 . 2012-08-25 09:00 150528 ----a-w- c:\windows\system32\iexpress.exe 2012-08-25 09:00 . 2012-08-25 09:00 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2012-08-25 09:00 . 2012-08-25 09:00 420864 ----a-w- c:\windows\system32\vbscript.dll 2012-08-25 09:00 . 2012-08-25 09:00 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-08-25 09:00 . 2012-08-25 09:00 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2012-08-25 09:00 . 2012-08-25 09:00 11776 ----a-w- c:\windows\system32\mshta.exe 2012-08-25 09:00 . 2012-08-25 09:00 35840 ----a-w- c:\windows\system32\imgutil.dll 2012-08-25 09:00 . 2012-08-25 09:00 1800704 ----a-w- c:\windows\system32\jscript9.dll 2012-08-25 08:58 . 2012-08-25 08:58 979456 ----a-w- c:\windows\system32\MFH264Dec.dll 2012-08-25 08:58 . 2012-08-25 08:58 98816 ----a-w- c:\windows\system32\mfps.dll 2012-08-25 08:58 . 2012-08-25 08:58 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll 2012-08-25 08:58 . 2012-08-25 08:58 302592 ----a-w- c:\windows\system32\mfmp4src.dll 2012-08-25 08:58 . 2012-08-25 08:58 2873344 ----a-w- c:\windows\system32\mf.dll 2012-08-25 08:58 . 2012-08-25 08:58 261632 ----a-w- c:\windows\system32\mfreadwrite.dll 2012-08-25 08:58 . 2012-08-25 08:58 586240 ----a-w- c:\windows\system32\stobject.dll 2012-08-25 08:58 . 2012-08-25 08:58 209920 ----a-w- c:\windows\system32\mfplat.dll 2012-08-25 08:58 . 2012-08-25 08:58 135680 ----a-w- c:\windows\system32\XpsRasterService.dll 2012-08-25 08:58 . 2012-08-25 08:58 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll 2012-08-25 08:58 . 2012-08-25 08:58 258048 ----a-w- c:\windows\system32\winspool.drv 2012-08-25 08:58 . 2012-08-25 08:58 847360 ----a-w- c:\windows\system32\OpcServices.dll 2012-08-25 08:58 . 2012-08-25 08:58 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe 2012-08-25 08:58 . 2012-08-25 08:58 1554432 ----a-w- c:\windows\system32\xpsservices.dll 2012-08-25 08:55 . 2012-08-25 08:55 4096 ----a-w- c:\windows\system32\drivers\en-US\dxgkrnl.sys.mui 2012-08-25 08:55 . 2012-08-25 08:55 369664 ----a-w- c:\windows\system32\WMPhoto.dll 2012-08-25 08:55 . 2012-08-25 08:55 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll 2012-08-25 08:55 . 2012-08-25 08:55 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll 2012-08-25 08:55 . 2012-08-25 08:55 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll 2012-08-08 20:55 . 2012-08-08 20:55 476976 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-08-08 20:55 . 2011-06-06 22:53 472880 ----a-w- c:\windows\system32\deployJava1.dll 2012-08-02 20:16 . 2012-08-02 20:16 4024320 ----a-w- c:\program files\GUT841A.tmp 2012-07-19 07:00 . 2012-04-02 20:01 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-07-19 07:00 . 2011-05-31 16:02 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-04 14:02 . 2012-08-25 09:02 2047488 ----a-w- c:\windows\system32\win32k.sys 2012-07-03 18:46 . 2011-12-13 06:03 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-07-03 16:21 . 2010-06-13 07:00 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-07-03 16:21 . 2011-12-12 20:10 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-07-03 16:21 . 2010-06-13 07:00 353688 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-07-03 16:21 . 2010-06-13 07:00 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-07-03 16:21 . 2010-06-13 07:00 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2012-07-03 16:21 . 2010-06-13 07:00 57656 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-07-03 16:21 . 2010-09-10 22:00 41224 ----a-w- c:\windows\avastSS.scr 2012-07-03 16:21 . 2010-06-13 06:59 227648 ----a-w- c:\windows\system32\aswBoot.exe 2012-06-25 21:04 . 2012-06-25 21:04 1394248 ----a-w- c:\windows\system32\msxml4.dll 2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll 2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll 2012-08-05 18:15 . 2011-09-16 00:44 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2008-06-30 18:44 . 2009-09-11 02:33 324976 ----a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-07-03 16:21 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2012-07-20 20:17 556376 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2012-07-20 20:17 556376 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2012-07-20 20:17 556376 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2012-07-20 20:17 556376 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2008-04-24 430080] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "MusicManager"="c:\users\Owner\AppData\Local\Programs\Google\MusicManager\MusicManager.exe" [2012-08-16 7316480] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-25 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-25 150040] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-25 170520] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-25 145944] "RtHDVCpl"="RtHDVCpl.exe" [2008-04-08 6037504] "Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2008-07-31 417792] "TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-02-06 431456] "HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-11-01 54608] "SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2007-06-16 448080] "00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-03-19 716800] "ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-28 75136] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-07 1029416] "NDSTray.exe"="NDSTray.exe" [bU] "ToshibaServiceStation"="c:\program files\TOSHIBA\TOSHIBA Service Station\TSS.exe" [2008-08-04 1242424] "PCMAgent"="c:\program files\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe" [2007-12-14 143360] "CLMLServer"="c:\program files\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe" [2008-07-11 188416] "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048] "osCheck"="c:\program files\Norton 360\osCheck.exe" [2008-02-26 988512] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-11 417792] "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "CinemaNowMediaManagerApp"="c:\program files\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe" [2010-01-14 2148848] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-16 1164584] "HTC Sync Loader"="c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2011-01-27 585728] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2009-12-18 40368] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] . c:\users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2010-4-6 494920] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . --- Other Services/Drivers In Memory --- . *NewlyCreated* - COMHOST . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr bthsvcs REG_MULTI_SZ BthServ LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Contents of the 'Scheduled Tasks' folder . 2012-09-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-21 20:07] . 2012-09-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-21 20:07] . 2012-09-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1038527918-3062837077-4051479591-1000Core.job - c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-02 17:06] . 2012-09-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1038527918-3062837077-4051479591-1000UA.job - c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-02 17:06] . . ------- Supplementary Scan ------- . uStart Page = about:blank IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html Trusted Zone: cinemanow.com TCP: DhcpNameServer = 192.168.254.254 FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6zil0nd0.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=109935&tt=050412_30b&babsrc=HP_ss&mntrId=1254a72700000000000000216b26add0 FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=109935&tt=050412_30b&babsrc=KW_ss&mntrId=1254a72700000000000000216b26add0&q= FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109935&tt=050412_30b FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.id - 1254a72700000000000000216b26add0 FF - user.js: extensions.BabylonToolbar_i.hardId - 1254a72700000000000000216b26add0 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15440 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1711:34 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9 FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . - - - - ORPHANS REMOVED - - - - . URLSearchHooks-{ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file) WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file) WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file) HKLM-Run-cfFncEnabler.exe - cfFncEnabler.exe AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-09-05 11:47 Windows 6.0.6002 Service Pack 2 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . HKCU\Software\Microsoft\Windows\CurrentVersion\Run TOSCDSPD = c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe?/i?????m5uk????h????????????????? . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'Explorer.exe'(4192) c:\windows\system32\timedate.cpl . ------------------------ Other Running Processes ------------------------ . c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe c:\program files\Alwil Software\Avast5\AvastSvc.exe c:\windows\system32\WLANExt.exe c:\program files\Common Files\Symantec Shared\ccSvcHst.exe c:\windows\system32\agrsmsvc.exe c:\program files\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe c:\program files\Intel\WiFi\bin\EvtEng.exe c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe c:\windows\System32\tcpsvcs.exe c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe c:\program files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe c:\windows\system32\TODDSrv.exe c:\program files\Toshiba\Power Saver\TosCoSrv.exe c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe c:\windows\RtHDVCpl.exe c:\windows\system32\igfxsrvc.exe c:\program files\Toshiba\ConfigFree\NDSTray.exe c:\program files\Common Files\Symantec Shared\ccSvcHst.exe c:\windows\system32\wbem\unsecapp.exe c:\windows\ehome\ehmsas.exe c:\program files\Synaptics\SynTP\SynTPHelper.exe c:\program files\Toshiba\ConfigFree\CFSwMgr.exe c:\windows\servicing\TrustedInstaller.exe . ************************************************************************** . Completion time: 2012-09-05 11:53:53 - machine was rebooted ComboFix-quarantined-files.txt 2012-09-05 16:53 . Pre-Run: 118,200,463,360 bytes free Post-Run: 120,579,829,760 bytes free . - - End Of File - - 469184BF2877F59342387E2FD0629AA0
-
Took a while ,but ComboFix ran its course. dds.tx . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_33 Run by Owner at 12:16:35 on 2012-09-05 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2939.1687 [GMT -5:00] . AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} AV: Norton 360 *Disabled/Outdated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton 360 *Disabled/Outdated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8} FW: Norton 360 *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\agrsmsvc.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Windows\System32\tcpsvcs.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe C:\Windows\system32\TODDSrv.exe C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Toshiba\Power Saver\TPwrMain.exe C:\Program Files\Toshiba\SmoothView\SmoothView.exe C:\Program Files\Toshiba\FlashCards\TCrdMain.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Toshiba\ConfigFree\NDSTray.exe C:\Program Files\Toshiba\TOSHIBA Service Station\TSS.exe C:\Program Files\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe C:\Program Files\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe C:\Program Files\CinemaNow\CinemaNow Media Manager\CNRpc.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\Windows\WindowsMobile\wmdc.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Windows\system32\svchost.exe -k WindowsMobile C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe C:\Windows\ehome\ehtray.exe C:\Users\Owner\AppData\Local\Programs\Google\MusicManager\MusicManager.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Windows\System32\mobsync.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\taskeng.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = about:blank BHO: NCO 2.0 IE BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\common files\symantec shared\coshared\browser\2.6\coIEPlg.dll BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\progra~1\common~1\symant~1\ids\IPSBHO.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: Show Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\common files\symantec shared\coshared\browser\2.6\CoIEPlg.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\TOSCDSPD.exe uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe uRun: [MusicManager] "c:\users\owner\appdata\local\programs\google\musicmanager\MusicManager.exe" uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [RtHDVCpl] RtHDVCpl.exe mRun: [Camera Assistant Software] "c:\program files\camera assistant software for toshiba\traybar.exe" /start mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE mRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe mRun: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe mRun: [iTSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [NDSTray.exe] NDSTray.exe mRun: [ToshibaServiceStation] "c:\program files\toshiba\toshiba service station\TSS.exe" /hide mRun: [PCMAgent] "c:\program files\cyberlink\powercinema for toshiba\PCMAgent.exe" mRun: [CLMLServer] "c:\program files\cyberlink\powercinema for toshiba\kernel\clml\CLMLSvc.exe" mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe" mRun: [osCheck] "c:\program files\norton 360\osCheck.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [CinemaNowMediaManagerApp] c:\program files\cinemanow\cinemanow media manager\CinemaNowShell.exe -start mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW mRun: [HTC Sync Loader] "c:\program files\htc\htc sync 3.0\htcUPCTLoader.exe" -startup mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL Trusted Zone: cinemanow.com DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 192.168.254.254 TCP: Interfaces\{05D79543-2CF0-4D61-9A2B-62B02ADB519C} : DhcpNameServer = 192.168.42.129 TCP: Interfaces\{15B4BE00-DEE4-49F2-AEDB-009FFEAFC43E} : DhcpNameServer = 192.168.42.129 TCP: Interfaces\{182B74AA-35CD-479B-AACD-563CC37020FF} : DhcpNameServer = 192.168.254.254 TCP: Interfaces\{F835D912-1E37-4FCF-8E2D-20F6481C5667} : DhcpNameServer = 192.168.42.129 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Notify: igfxcui - igfxdev.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\users\owner\appdata\roaming\mozilla\firefox\profiles\6zil0nd0.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=109935&tt=050412_30b&babsrc=HP_ss&mntrId=1254a72700000000000000216b26add0 FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=109935&tt=050412_30b&babsrc=KW_ss&mntrId=1254a72700000000000000216b26add0&q= FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\4.0.50826.0\npctrlui.dll FF - plugin: c:\users\owner\appdata\local\google\update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: c:\users\owner\appdata\roaming\mozilla\plugins\npgoogletalk.dll FF - plugin: c:\users\owner\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_265.dll FF - plugin: c:\windows\system32\npdeployJava1.dll FF - plugin: c:\windows\system32\npmproxy.dll . ---- FIREFOX POLICIES ---- FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109935&tt=050412_30b FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.id - 1254a72700000000000000216b26add0 FF - user.js: extensions.BabylonToolbar_i.hardId - 1254a72700000000000000216b26add0 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15440 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1711:34:45 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9 FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . ============= SERVICES / DRIVERS =============== . R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-12-12 721000] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-6-13 353688] R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\symantec\defini~1\symcdata\ipsdefs\20091105.001\IDSvix86.sys [2009-11-5 272432] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-6-13 21256] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-6-13 57656] R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-6-13 44808] R2 CinemaNow Service;CinemaNow Service;c:\program files\cinemanow\cinemanow media manager\CinemaNowSvc.exe [2010-1-14 129520] R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2008-7-10 40960] R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504] R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\common files\symantec shared\CCSVCHST.EXE [2008-2-18 149352] R2 PassThru Service;Internet Pass-Through Service;c:\program files\htc\internet pass-through\PassThruSvr.exe [2010-9-16 80896] R2 TMachInfo;TMachInfo;c:\program files\toshiba\toshiba service station\TMachInfo.exe [2008-8-14 46392] R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\toshiba\smartlogservice\TosIPCSrv.exe [2007-12-3 126976] R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2008-8-14 7168] R3 NETw5v32;Intel® Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ;c:\windows\system32\drivers\NETw5v32.sys [2008-4-28 3658752] R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv;c:\program files\toshiba\smartfacev\SmartFaceVWatchSrv.exe [2008-4-24 73728] R3 SYMNDISV;SYMNDISV;c:\windows\system32\drivers\symndisv.sys [2009-2-19 41008] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-21 135664] S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2008-1-12 23888] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2011-11-24 80184] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-21 135664] S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2009-6-10 24576] S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [2010-6-23 23040] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-11 113120] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2011-11-24 181432] S3 Symantec Core LC;Symantec Core LC;c:\progra~1\common~1\symant~1\ccpd-lc\symlcsvc.exe [2008-8-14 1245064] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2012-09-05 16:43:09 -------- d-sh--w- C:\$RECYCLE.BIN 2012-09-05 16:39:17 -------- d-----w- c:\users\owner\appdata\local\temp 2012-09-05 06:58:08 98816 ----a-w- c:\windows\sed.exe 2012-09-05 06:58:08 518144 ----a-w- c:\windows\SWREG.exe 2012-09-05 06:58:08 256000 ----a-w- c:\windows\PEV.exe 2012-09-05 06:58:08 208896 ----a-w- c:\windows\MBR.exe 2012-09-05 06:57:48 -------- d-----w- C:\ComboFix 2012-08-28 02:35:44 876032 ----a-w- c:\windows\system32\XpsPrint.dll 2012-08-28 02:35:42 683008 ----a-w- c:\windows\system32\d2d1.dll 2012-08-28 02:35:42 219648 ----a-w- c:\windows\system32\d3d10_1core.dll 2012-08-28 02:35:42 1172480 ----a-w- c:\windows\system32\d3d10warp.dll 2012-08-28 02:35:42 1069056 ----a-w- c:\windows\system32\DWrite.dll 2012-08-28 02:35:41 160768 ----a-w- c:\windows\system32\d3d10_1.dll 2012-08-25 10:55:21 -------- d-----w- c:\program files\Windows Portable Devices 2012-08-25 10:09:38 92672 ----a-w- c:\windows\system32\UIAnimation.dll 2012-08-25 10:09:32 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll 2012-08-25 10:09:31 3023360 ----a-w- c:\windows\system32\UIRibbon.dll 2012-08-25 10:00:31 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe 2012-08-25 10:00:30 81920 ----a-w- c:\windows\system32\wpdbusenum.dll 2012-08-25 10:00:30 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll 2012-08-25 10:00:13 134144 ----a-w- c:\program files\windows portable devices\sqmapi.dll 2012-08-25 10:00:09 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll 2012-08-25 09:26:42 5120 ----a-w- c:\windows\system32\wmi.dll 2012-08-25 09:26:42 172032 ----a-w- c:\windows\system32\wintrust.dll 2012-08-25 09:26:41 157696 ----a-w- c:\windows\system32\imagehlp.dll 2012-08-25 09:26:40 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-08-25 09:02:25 2047488 ----a-w- c:\windows\system32\win32k.sys 2012-08-25 08:58:27 979456 ----a-w- c:\windows\system32\MFH264Dec.dll 2012-08-25 08:55:58 369664 ----a-w- c:\windows\system32\WMPhoto.dll 2012-08-25 08:55:58 252928 ----a-w- c:\windows\system32\dxdiag.exe 2012-08-25 08:55:58 195584 ----a-w- c:\windows\system32\dxdiagn.dll 2012-08-25 08:55:57 519680 ----a-w- c:\windows\system32\d3d11.dll 2012-08-25 08:55:57 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll 2012-08-25 08:55:57 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll 2012-08-25 08:55:56 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll 2012-08-21 19:22:27 623616 ----a-w- c:\windows\system32\localspl.dll 2012-08-21 19:21:50 984064 ----a-w- c:\windows\system32\crypt32.dll 2012-08-21 19:21:50 98304 ----a-w- c:\windows\system32\cryptnet.dll 2012-08-21 19:21:50 133120 ----a-w- c:\windows\system32\cryptsvc.dll 2012-08-21 19:21:32 293376 ----a-w- c:\windows\system32\psisdecd.dll 2012-08-21 19:21:31 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax 2012-08-21 19:21:31 217088 ----a-w- c:\windows\system32\psisrndr.ax 2012-08-21 19:21:30 57856 ----a-w- c:\windows\system32\MSDvbNP.ax 2012-08-21 19:21:29 189952 ----a-w- c:\windows\system32\winmm.dll 2012-08-21 19:21:28 23552 ----a-w- c:\windows\system32\mciseq.dll 2012-08-21 19:20:39 1205064 ----a-w- c:\windows\system32\ntdll.dll 2012-08-21 19:18:29 429056 ----a-w- c:\windows\system32\EncDec.dll 2012-08-21 19:18:06 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-08-21 19:18:04 905600 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-08-21 19:18:03 6144 ----a-w- c:\program files\internet explorer\iecompat.dll 2012-08-21 19:17:59 1404928 ----a-w- c:\program files\common files\microsoft shared\ink\InkObj.dll 2012-08-21 19:17:59 1218048 ----a-w- c:\program files\windows journal\NBDoc.DLL 2012-08-21 19:17:58 964608 ----a-w- c:\program files\windows journal\JNWDRV.dll 2012-08-21 19:17:57 983040 ----a-w- c:\program files\windows journal\JNTFiltr.dll 2012-08-21 19:17:56 936960 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll 2012-08-21 19:17:55 47104 ----a-w- c:\program files\windows journal\PDIALOG.exe 2012-08-21 19:17:31 797696 ----a-w- c:\windows\system32\FntCache.dll 2012-08-21 19:17:28 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2012-08-21 19:16:52 66560 ----a-w- c:\windows\system32\packager.dll 2012-08-21 19:16:50 680448 ----a-w- c:\windows\system32\msvcrt.dll 2012-08-21 19:16:48 376320 ----a-w- c:\windows\system32\winsrv.dll 2012-08-21 19:16:29 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll 2012-08-21 19:15:44 49152 ----a-w- c:\windows\system32\csrsrv.dll 2012-08-21 19:15:42 1314816 ----a-w- c:\windows\system32\quartz.dll 2012-08-21 19:15:41 497152 ----a-w- c:\windows\system32\qdvd.dll 2012-08-21 19:15:32 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll 2012-08-21 19:15:32 4096 ----a-w- c:\windows\system32\oleaccrc.dll 2012-08-21 19:15:31 563712 ----a-w- c:\windows\system32\oleaut32.dll 2012-08-21 19:15:31 238080 ----a-w- c:\windows\system32\oleacc.dll 2012-08-21 19:15:15 2048 ----a-w- c:\windows\system32\tzres.dll 2012-08-21 19:15:01 377344 ----a-w- c:\windows\system32\winhttp.dll 2012-08-21 19:14:57 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat 2012-08-21 19:14:44 1401856 ----a-w- c:\windows\system32\msxml6.dll 2012-08-21 19:14:44 1248768 ----a-w- c:\windows\system32\msxml3.dll 2012-08-21 19:14:25 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-08-21 19:14:20 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-08-21 19:14:19 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-08-21 19:14:15 707584 ----a-w- c:\program files\common files\system\wab32.dll 2012-08-21 19:12:56 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-08-21 19:12:55 278528 ----a-w- c:\windows\system32\schannel.dll 2012-08-21 19:12:55 1259008 ----a-w- c:\windows\system32\lsasrv.dll 2012-08-21 19:12:54 72704 ----a-w- c:\windows\system32\secur32.dll 2012-08-21 19:12:54 204288 ----a-w- c:\windows\system32\ncrypt.dll 2012-08-21 19:12:53 9728 ----a-w- c:\windows\system32\lsass.exe 2012-08-21 18:57:55 231424 ----a-w- c:\windows\system32\msshsq.dll 2012-08-21 18:44:30 613376 ----a-w- c:\windows\system32\rdpencom.dll 2012-08-21 18:25:40 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-08-21 18:25:06 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-08-21 18:24:49 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-08-21 18:24:49 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-08-20 20:09:10 -------- d-----w- c:\windows\system32\eu-ES 2012-08-20 20:09:10 -------- d-----w- c:\windows\system32\ca-ES 2012-08-20 20:09:09 -------- d-----w- c:\windows\system32\vi-VN 2012-08-20 19:08:24 -------- d-----w- c:\windows\system32\EventProviders 2012-08-08 20:55:45 476976 ----a-w- c:\windows\system32\npdeployJava1.dll . ==================== Find3M ==================== . 2012-08-25 08:58:26 98816 ----a-w- c:\windows\system32\mfps.dll 2012-08-25 08:55:59 4096 ----a-w- c:\windows\system32\drivers\en-us\dxgkrnl.sys.mui 2012-08-08 20:55:26 472880 ----a-w- c:\windows\system32\deployJava1.dll 2012-08-02 20:16:21 4024320 ----a-w- c:\program files\GUT841A.tmp 2012-07-19 07:00:37 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-19 07:00:37 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-07-03 18:46:44 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-07-03 16:21:53 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-07-03 16:21:53 57656 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-07-03 16:21:32 41224 ----a-w- c:\windows\avastSS.scr 2012-06-25 21:04:24 1394248 ----a-w- c:\windows\system32\msxml4.dll . ============= FINISH: 12:17:30.51 ===============
-
ComboFix ran for over 2hrs. Not sure if it saying led out or if it was still going through the process. I went to bed and woke up this morning. A message popped saying I'm infected with the Zero Access virus.