spartan

I followed your instructions per above. Now after running the TFC scan Internet Explorer 9 does not work. It will not load websites or will only partially load them very slowly. I have gone to Microsoft's website and run their Internet Explorer 9 fix and reset the Internet Explorer settings. Microsoft's website said Internet Explorer 9 may be running slowly because I might need to update my video driver so I have gone to Fujitsu's website (my machine is a Fujitsu Lifebook Series A) and updated my video driver. I still cannot get Internet Explorer 9 to work. Firefox and Google Chrome work fine. Any suggestions?

I have unistalled Java6 Update 37. The ESEt log is below. I'm still having the following problem with my computer: When I do a Google, Yahoo or Bing search for the website, retechulous or retechulous.com, and get the search results and then click on the retechulous.com link to go to that website I get redirected instead to http://stped.dnset.com or http://forbidden.4pu.com with an immediate warning that these sites are known to be malicious and unsafe websites that contain harmful software that can damage my computer or put my personal or financial information at risk. This seems to happen only when I do a search for the retechulous.com website and the redirect happens when I use either Explorer, Firefox or Google Chrome as my browser. When I search for any other website or search term my computer seems to work fine without any redirect to the above-mentioned malicious websites. I await your further instructions. Thank you. ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330) # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=b4634cf5b353054b99f269328bf48626 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2012-11-20 12:36:55 # local_time=2012-11-19 04:36:55 (-0800, Pacific Standard Time) # country="United States" # lang=1033 # osver=6.0.6002 NT Service Pack 2 # compatibility_mode=512 16777215 100 0 0 0 0 0 # compatibility_mode=3584 16777215 100 0 0 0 0 0 # compatibility_mode=5892 16776574 100 100 99975729 189967980 0 0 # compatibility_mode=8192 67108863 100 0 0 0 0 0 # scanned=178771 # found=0 # cleaned=0 # scan_time=11362

Here are the JRT and MBAM logs: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 3.3.6 (11.18.2012) OS: Windows Vista Home Premium x86 Ran by Russ on Sun 11/18/2012 at 20:24:57.25 Blog: http://thisisudax.blogspot.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] hkey_classes_root\clsid\{0055c089-8582-441b-a0bf-17b458c2a3a8} Successfully deleted: [Registry Key] hkey_classes_root\clsid\{ef99bd32-c1fb-11d2-892f-0090271d4f88} ~~~ Files Successfully deleted: [File] C:\eula.1028.txt Successfully deleted: [File] C:\eula.1031.txt Successfully deleted: [File] C:\eula.1033.txt Successfully deleted: [File] C:\eula.1036.txt Successfully deleted: [File] C:\eula.1040.txt Successfully deleted: [File] C:\eula.1041.txt Successfully deleted: [File] C:\eula.1042.txt Successfully deleted: [File] C:\eula.2052.txt Successfully deleted: [File] C:\install.res.1028.dll Successfully deleted: [File] C:\install.res.1031.dll Successfully deleted: [File] C:\install.res.1033.dll Successfully deleted: [File] C:\install.res.1036.dll Successfully deleted: [File] C:\install.res.1040.dll Successfully deleted: [File] C:\install.res.1041.dll Successfully deleted: [File] C:\install.res.1042.dll Successfully deleted: [File] C:\install.res.2052.dll Successfully deleted: [File] C:\install.res.3082.dll ~~~ Folders Successfully deleted: [Folder] C:\Program Files\internet download manager ~~~ FireFox Successfully deleted: [Folder] C:\Users\Russ\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Sun 11/18/2012 at 20:30:30.53 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Database version: v2012.11.19.01 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Russ :: RUSS-PC [administrator] 11/18/2012 8:34:35 PM mbam-log-2012-11-18 (20-34-35).txt Scan type: Full scan (C:\|D:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 366787 Time elapsed: 1 hour(s), 49 minute(s), 51 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)

Here are the TDSSKiller and ComboFix Logs: 12:45:26.0494 5160 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 12:45:26.0976 5160 ============================================================ 12:45:26.0976 5160 Current date / time: 2012/11/18 12:45:26.0976 12:45:26.0976 5160 SystemInfo: 12:45:26.0976 5160 12:45:26.0976 5160 OS Version: 6.0.6002 ServicePack: 2.0 12:45:26.0976 5160 Product type: Workstation 12:45:26.0976 5160 ComputerName: RUSS-PC 12:45:26.0977 5160 UserName: Russ 12:45:26.0977 5160 Windows directory: C:\Windows 12:45:26.0977 5160 System windows directory: C:\Windows 12:45:26.0977 5160 Processor architecture: Intel x86 12:45:26.0977 5160 Number of processors: 2 12:45:26.0977 5160 Page size: 0x1000 12:45:26.0977 5160 Boot type: Normal boot 12:45:26.0977 5160 ============================================================ 12:45:28.0619 5160 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 12:45:28.0623 5160 ============================================================ 12:45:28.0623 5160 \Device\Harddisk0\DR0: 12:45:28.0624 5160 MBR partitions: 12:45:28.0624 5160 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x300800, BlocksNum 0x12512800 12:45:28.0624 5160 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x12813000, BlocksNum 0x206000 12:45:28.0624 5160 ============================================================ 12:45:28.0649 5160 C: <-> \Device\Harddisk0\DR0\Partition1 12:45:28.0691 5160 D: <-> \Device\Harddisk0\DR0\Partition2 12:45:28.0691 5160 ============================================================ 12:45:28.0691 5160 Initialize success 12:45:28.0691 5160 ============================================================ 12:45:47.0856 0316 ============================================================ 12:45:47.0856 0316 Scan started 12:45:47.0856 0316 Mode: Manual; TDLFS; 12:45:47.0856 0316 ============================================================ 12:45:48.0214 0316 ================ Scan system memory ======================== 12:45:48.0214 0316 System memory - ok 12:45:48.0215 0316 ================ Scan services ============================= 12:45:48.0433 0316 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys 12:45:48.0437 0316 ACPI - ok 12:45:48.0538 0316 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe 12:45:48.0539 0316 AdobeARMservice - ok 12:45:48.0636 0316 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 12:45:48.0638 0316 AdobeFlashPlayerUpdateSvc - ok 12:45:48.0695 0316 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 12:45:48.0700 0316 adp94xx - ok 12:45:48.0724 0316 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys 12:45:48.0728 0316 adpahci - ok 12:45:48.0746 0316 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys 12:45:48.0748 0316 adpu160m - ok 12:45:48.0771 0316 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys 12:45:48.0773 0316 adpu320 - ok 12:45:48.0835 0316 [ E341A95C1329E272782B2BAECC64316A ] ADVNTDRV C:\Windows\System32\drivers\ADVNTDRV.SYS 12:45:48.0837 0316 ADVNTDRV - ok 12:45:48.0866 0316 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 12:45:48.0867 0316 AeLookupSvc - ok 12:45:48.0970 0316 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys 12:45:48.0974 0316 AFD - ok 12:45:49.0011 0316 [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe 12:45:49.0012 0316 AgereModemAudio - ok 12:45:49.0089 0316 [ 2E3ABAACBF547ABBB5E73A504A56D05A ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys 12:45:49.0103 0316 AgereSoftModem - ok 12:45:49.0135 0316 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys 12:45:49.0136 0316 agp440 - ok 12:45:49.0171 0316 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys 12:45:49.0173 0316 aic78xx - ok 12:45:49.0218 0316 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe 12:45:49.0219 0316 ALG - ok 12:45:49.0238 0316 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys 12:45:49.0239 0316 aliide - ok 12:45:49.0262 0316 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys 12:45:49.0263 0316 amdagp - ok 12:45:49.0288 0316 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys 12:45:49.0290 0316 amdide - ok 12:45:49.0315 0316 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys 12:45:49.0316 0316 AmdK7 - ok 12:45:49.0357 0316 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 12:45:49.0359 0316 AmdK8 - ok 12:45:49.0395 0316 [ 7C2F57BCE81FA74933F0E1C84A97C9DB ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys 12:45:49.0397 0316 ApfiltrService - ok 12:45:49.0492 0316 [ DFAE18C675D71FD06D57DC69D2913975 ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll 12:45:49.0493 0316 AppHostSvc - ok 12:45:49.0546 0316 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll 12:45:49.0547 0316 Appinfo - ok 12:45:49.0577 0316 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys 12:45:49.0578 0316 arc - ok 12:45:49.0612 0316 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys 12:45:49.0613 0316 arcsas - ok 12:45:49.0661 0316 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 12:45:49.0662 0316 AsyncMac - ok 12:45:49.0695 0316 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys 12:45:49.0696 0316 atapi - ok 12:45:49.0736 0316 [ 21F6000DA2E094C210E79B3362BCF5F2 ] atashost C:\Windows\system32\atashost.exe 12:45:49.0739 0316 atashost - ok 12:45:49.0928 0316 [ 999EFF35B4C6D969B232BF575972F86F ] athr C:\Windows\system32\DRIVERS\athr.sys 12:45:49.0936 0316 athr - ok 12:45:50.0103 0316 [ 34572C40DD3AFD6CABD5AA2EC9D17F65 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe 12:45:50.0111 0316 Ati External Event Utility - ok 12:45:50.0145 0316 [ 4AA1EB65481C392955939E735D27118B ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys 12:45:50.0146 0316 AtiPcie - ok 12:45:50.0211 0316 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 12:45:50.0216 0316 AudioEndpointBuilder - ok 12:45:50.0245 0316 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll 12:45:50.0249 0316 Audiosrv - ok 12:45:50.0337 0316 [ B5D974C1FD078A68C7536C561B031D39 ] Automatic LiveUpdate Scheduler C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe 12:45:50.0343 0316 Automatic LiveUpdate Scheduler - ok 12:45:50.0424 0316 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe 12:45:50.0426 0316 BBSvc - ok 12:45:50.0475 0316 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe 12:45:50.0479 0316 BBUpdate - ok 12:45:50.0557 0316 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe 12:45:50.0559 0316 BcmSqlStartupSvc - ok 12:45:50.0591 0316 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys 12:45:50.0591 0316 Beep - ok 12:45:50.0652 0316 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll 12:45:50.0656 0316 BFE - ok 12:45:50.0802 0316 [ 9DFFCB249663AA3C2ECB67202280054E ] BHDrvx86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\BASHDefs\20121106.001\BHDrvx86.sys 12:45:50.0812 0316 BHDrvx86 - ok 12:45:50.0885 0316 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll 12:45:50.0897 0316 BITS - ok 12:45:50.0906 0316 blbdrive - ok 12:45:50.0950 0316 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys 12:45:50.0951 0316 bowser - ok 12:45:50.0992 0316 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys 12:45:50.0993 0316 BrFiltLo - ok 12:45:51.0006 0316 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys 12:45:51.0007 0316 BrFiltUp - ok 12:45:51.0044 0316 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll 12:45:51.0045 0316 Browser - ok 12:45:51.0068 0316 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys 12:45:51.0070 0316 Brserid - ok 12:45:51.0090 0316 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys 12:45:51.0092 0316 BrSerWdm - ok 12:45:51.0117 0316 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys 12:45:51.0118 0316 BrUsbMdm - ok 12:45:51.0134 0316 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys 12:45:51.0135 0316 BrUsbSer - ok 12:45:51.0164 0316 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 12:45:51.0165 0316 BTHMODEM - ok 12:45:51.0247 0316 [ A9ACC4B9730B6D5B0BB2BFFDC53F0812 ] CCALib8 C:\Program Files\Canon\CAL\CALMAIN.exe 12:45:51.0248 0316 CCALib8 - ok 12:45:51.0353 0316 [ ACE85AF1C31F68BDFEE9333F6592917E ] ccSet_NIS C:\Windows\system32\drivers\NIS\1309000.009\ccSetx86.sys 12:45:51.0358 0316 ccSet_NIS - ok 12:45:51.0419 0316 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 12:45:51.0422 0316 cdfs - ok 12:45:51.0467 0316 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 12:45:51.0469 0316 cdrom - ok 12:45:51.0522 0316 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll 12:45:51.0523 0316 CertPropSvc - ok 12:45:51.0545 0316 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys 12:45:51.0546 0316 circlass - ok 12:45:51.0584 0316 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys 12:45:51.0588 0316 CLFS - ok 12:45:51.0644 0316 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 12:45:51.0646 0316 clr_optimization_v2.0.50727_32 - ok 12:45:51.0747 0316 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 12:45:51.0751 0316 clr_optimization_v4.0.30319_32 - ok 12:45:51.0807 0316 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 12:45:51.0809 0316 CmBatt - ok 12:45:51.0839 0316 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys 12:45:51.0842 0316 cmdide - ok 12:45:51.0867 0316 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 12:45:51.0868 0316 Compbatt - ok 12:45:51.0879 0316 COMSysApp - ok 12:45:51.0903 0316 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 12:45:51.0904 0316 crcdisk - ok 12:45:51.0927 0316 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys 12:45:51.0928 0316 Crusoe - ok 12:45:51.0988 0316 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll 12:45:51.0990 0316 CryptSvc - ok 12:45:52.0053 0316 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll 12:45:52.0062 0316 DcomLaunch - ok 12:45:52.0094 0316 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys 12:45:52.0096 0316 DfsC - ok 12:45:52.0236 0316 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe 12:45:52.0258 0316 DFSR - ok 12:45:52.0329 0316 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll 12:45:52.0333 0316 Dhcp - ok 12:45:52.0376 0316 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys 12:45:52.0377 0316 disk - ok 12:45:52.0420 0316 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll 12:45:52.0423 0316 Dnscache - ok 12:45:52.0446 0316 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll 12:45:52.0449 0316 dot3svc - ok 12:45:52.0481 0316 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll 12:45:52.0484 0316 DPS - ok 12:45:52.0518 0316 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 12:45:52.0520 0316 drmkaud - ok 12:45:52.0582 0316 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 12:45:52.0588 0316 DXGKrnl - ok 12:45:52.0616 0316 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys 12:45:52.0618 0316 E1G60 - ok 12:45:52.0677 0316 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll 12:45:52.0679 0316 EapHost - ok 12:45:52.0717 0316 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys 12:45:52.0720 0316 Ecache - ok 12:45:52.0813 0316 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 12:45:52.0818 0316 eeCtrl - ok 12:45:52.0886 0316 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 12:45:52.0890 0316 ehRecvr - ok 12:45:52.0942 0316 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe 12:45:52.0944 0316 ehSched - ok 12:45:52.0981 0316 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll 12:45:52.0984 0316 ehstart - ok 12:45:53.0053 0316 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys 12:45:53.0057 0316 elxstor - ok 12:45:53.0118 0316 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll 12:45:53.0124 0316 EMDMgmt - ok 12:45:53.0175 0316 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 12:45:53.0177 0316 EraserUtilRebootDrv - ok 12:45:53.0229 0316 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll 12:45:53.0232 0316 EventSystem - ok 12:45:53.0285 0316 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys 12:45:53.0287 0316 exfat - ok 12:45:53.0320 0316 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys 12:45:53.0322 0316 fastfat - ok 12:45:53.0355 0316 [ F64B86A52FB20686954703A6F7A955D5 ] FBIOSDRV C:\Windows\system32\drivers\FBIOSDRV.SYS 12:45:53.0356 0316 FBIOSDRV - ok 12:45:53.0406 0316 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys 12:45:53.0407 0316 fdc - ok 12:45:53.0454 0316 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll 12:45:53.0456 0316 fdPHost - ok 12:45:53.0481 0316 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll 12:45:53.0483 0316 FDResPub - ok 12:45:53.0532 0316 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 12:45:53.0533 0316 FileInfo - ok 12:45:53.0564 0316 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys 12:45:53.0566 0316 Filetrace - ok 12:45:53.0579 0316 [ 04895ABDFF069972EB2C56CCC31A0ABF ] FJGSDisk C:\Windows\system32\DRIVERS\FJGSDisk.sys 12:45:53.0580 0316 FJGSDisk - ok 12:45:53.0604 0316 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 12:45:53.0605 0316 flpydisk - ok 12:45:53.0648 0316 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 12:45:53.0650 0316 FltMgr - ok 12:45:53.0738 0316 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll 12:45:53.0748 0316 FontCache - ok 12:45:53.0799 0316 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 12:45:53.0815 0316 FontCache3.0.0.0 - ok 12:45:53.0854 0316 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 12:45:53.0855 0316 Fs_Rec - ok 12:45:53.0898 0316 [ 49E588AC7D2B57F057756A91C6F36D25 ] FUJ02B1 C:\Windows\system32\DRIVERS\FUJ02B1.sys 12:45:53.0899 0316 FUJ02B1 - ok 12:45:53.0912 0316 [ D45474A7E5E2F35150C29A3193747884 ] FUJ02E3 C:\Windows\system32\DRIVERS\FUJ02E3.sys 12:45:53.0913 0316 FUJ02E3 - ok 12:45:53.0948 0316 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 12:45:53.0950 0316 gagp30kx - ok 12:45:54.0024 0316 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe 12:45:54.0026 0316 GoogleDesktopManager-051210-111108 - ok 12:45:54.0079 0316 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll 12:45:54.0086 0316 gpsvc - ok 12:45:54.0154 0316 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 12:45:54.0158 0316 gupdate - ok 12:45:54.0169 0316 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 12:45:54.0171 0316 gupdatem - ok 12:45:54.0231 0316 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 12:45:54.0237 0316 gusvc - ok 12:45:54.0290 0316 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 12:45:54.0298 0316 HdAudAddService - ok 12:45:54.0358 0316 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 12:45:54.0387 0316 HDAudBus - ok 12:45:54.0430 0316 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys 12:45:54.0436 0316 HidBth - ok 12:45:54.0468 0316 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys 12:45:54.0472 0316 HidIr - ok 12:45:54.0504 0316 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll 12:45:54.0507 0316 hidserv - ok 12:45:54.0526 0316 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 12:45:54.0529 0316 HidUsb - ok 12:45:54.0566 0316 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll 12:45:54.0570 0316 hkmsvc - ok 12:45:54.0592 0316 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys 12:45:54.0595 0316 HpCISSs - ok 12:45:54.0651 0316 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys 12:45:54.0674 0316 HTTP - ok 12:45:54.0712 0316 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys 12:45:54.0715 0316 i2omp - ok 12:45:54.0755 0316 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 12:45:54.0759 0316 i8042prt - ok 12:45:54.0819 0316 [ 496DB78E6A0C4C44023D9A92B4A7AC31 ] ialm C:\Windows\system32\DRIVERS\igdkmd32.sys 12:45:54.0866 0316 ialm - ok 12:45:54.0895 0316 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys 12:45:54.0903 0316 iaStorV - ok 12:45:54.0997 0316 [ 6F95324909B502E2651442C1548AB12F ] IDriverT c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe 12:45:55.0001 0316 IDriverT - ok 12:45:55.0087 0316 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 12:45:55.0230 0316 idsvc - ok 12:45:55.0345 0316 [ 404FB2AAF532BC7BBACC8880BE401C74 ] IDSVix86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\IPSDefs\20121116.001\IDSvix86.sys 12:45:55.0368 0316 IDSVix86 - ok 12:45:55.0402 0316 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys 12:45:55.0405 0316 iirsp - ok 12:45:55.0456 0316 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll 12:45:55.0479 0316 IKEEXT - ok 12:45:55.0611 0316 [ 72D98DBBD14549C8F7E9C64712C45407 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys 12:45:55.0689 0316 IntcAzAudAddService - ok 12:45:55.0712 0316 [ 97469037714070E45194ED318D636401 ] intelide C:\Windows\system32\drivers\intelide.sys 12:45:55.0715 0316 intelide - ok 12:45:55.0735 0316 [ CE44CC04262F28216DD4341E9E36A16F ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 12:45:55.0739 0316 intelppm - ok 12:45:55.0776 0316 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 12:45:55.0781 0316 IPBusEnum - ok 12:45:55.0829 0316 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 12:45:55.0832 0316 IpFilterDriver - ok 12:45:55.0878 0316 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 12:45:55.0885 0316 iphlpsvc - ok 12:45:55.0897 0316 IpInIp - ok 12:45:55.0927 0316 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys 12:45:55.0931 0316 IPMIDRV - ok 12:45:55.0966 0316 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys 12:45:55.0971 0316 IPNAT - ok 12:45:56.0010 0316 [ E50A95179211B12946F7E035D60AF560 ] irda C:\Windows\system32\DRIVERS\irda.sys 12:45:56.0014 0316 irda - ok 12:45:56.0058 0316 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 12:45:56.0061 0316 IRENUM - ok 12:45:56.0093 0316 [ CBB0D940221A281BCFEAEA695BD1CDA5 ] Irmon C:\Windows\System32\irmon.dll 12:45:56.0096 0316 Irmon - ok 12:45:56.0114 0316 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys 12:45:56.0117 0316 isapnp - ok 12:45:56.0155 0316 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys 12:45:56.0160 0316 iScsiPrt - ok 12:45:56.0182 0316 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys 12:45:56.0185 0316 iteatapi - ok 12:45:56.0220 0316 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys 12:45:56.0223 0316 iteraid - ok 12:45:56.0268 0316 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 12:45:56.0271 0316 kbdclass - ok 12:45:56.0290 0316 [ D2600CB17B7408B4A83F231DC9A11AC3 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 12:45:56.0294 0316 kbdhid - ok 12:45:56.0324 0316 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe 12:45:56.0326 0316 KeyIso - ok 12:45:56.0378 0316 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 12:45:56.0401 0316 KSecDD - ok 12:45:56.0453 0316 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll 12:45:56.0477 0316 KtmRm - ok 12:45:56.0529 0316 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll 12:45:56.0535 0316 LanmanServer - ok 12:45:56.0582 0316 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 12:45:56.0597 0316 LanmanWorkstation - ok 12:45:56.0781 0316 [ A97EEB81F05BCE3D7AA6C81F04EF39A4 ] LiveUpdate C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE 12:45:56.0885 0316 LiveUpdate - ok 12:45:56.0896 0316 LiveUpdate Notice Ex - ok 12:45:56.0960 0316 [ 2D1389E05A807D956829F44BD4B60389 ] LiveUpdate Notice Service C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe 12:45:56.0983 0316 LiveUpdate Notice Service - ok 12:45:57.0020 0316 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 12:45:57.0023 0316 lltdio - ok 12:45:57.0068 0316 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll 12:45:57.0074 0316 lltdsvc - ok 12:45:57.0108 0316 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll 12:45:57.0111 0316 lmhosts - ok 12:45:57.0143 0316 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 12:45:57.0148 0316 LSI_FC - ok 12:45:57.0166 0316 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 12:45:57.0171 0316 LSI_SAS - ok 12:45:57.0209 0316 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 12:45:57.0214 0316 LSI_SCSI - ok 12:45:57.0258 0316 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys 12:45:57.0262 0316 luafv - ok 12:45:57.0324 0316 [ C57C48FB9AE3EFB9848AF594E3123A63 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2Mon.sys 12:45:57.0330 0316 LVPr2Mon - ok 12:45:57.0394 0316 [ 5C7B88695CE461D8BDA4FE0C0E57E71D ] LVPrcSrv C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe 12:45:57.0398 0316 LVPrcSrv - ok 12:45:57.0442 0316 [ 37072EC9299E825F4335CC554B6FAC6A ] LVRS C:\Windows\system32\DRIVERS\lvrs.sys 12:45:57.0449 0316 LVRS - ok 12:45:57.0885 0316 [ A240E42A7402E927A71B6E8AA4629B13 ] LVUVC C:\Windows\system32\DRIVERS\lvuvc.sys 12:45:58.0104 0316 LVUVC - ok 12:45:58.0140 0316 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 12:45:58.0144 0316 Mcx2Svc - ok 12:45:58.0196 0316 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys 12:45:58.0199 0316 megasas - ok 12:45:58.0220 0316 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll 12:45:58.0225 0316 MMCSS - ok 12:45:58.0268 0316 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys 12:45:58.0271 0316 Modem - ok 12:45:58.0315 0316 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 12:45:58.0319 0316 monitor - ok 12:45:58.0333 0316 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 12:45:58.0337 0316 mouclass - ok 12:45:58.0359 0316 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 12:45:58.0361 0316 mouhid - ok 12:45:58.0407 0316 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys 12:45:58.0410 0316 MountMgr - ok 12:45:58.0497 0316 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 12:45:58.0501 0316 MozillaMaintenance - ok 12:45:58.0545 0316 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys 12:45:58.0549 0316 mpio - ok 12:45:58.0589 0316 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 12:45:58.0592 0316 mpsdrv - ok 12:45:58.0640 0316 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll 12:45:58.0652 0316 MpsSvc - ok 12:45:58.0667 0316 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys 12:45:58.0671 0316 Mraid35x - ok 12:45:58.0711 0316 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 12:45:58.0715 0316 MRxDAV - ok 12:45:58.0744 0316 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 12:45:58.0748 0316 mrxsmb - ok 12:45:58.0788 0316 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 12:45:58.0795 0316 mrxsmb10 - ok 12:45:58.0822 0316 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 12:45:58.0827 0316 mrxsmb20 - ok 12:45:58.0841 0316 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys 12:45:58.0844 0316 msahci - ok 12:45:58.0866 0316 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys 12:45:58.0871 0316 msdsm - ok 12:45:58.0911 0316 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe 12:45:58.0917 0316 MSDTC - ok 12:45:58.0960 0316 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys 12:45:58.0963 0316 Msfs - ok 12:45:58.0996 0316 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 12:45:58.0999 0316 msisadrv - ok 12:45:59.0026 0316 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 12:45:59.0031 0316 MSiSCSI - ok 12:45:59.0044 0316 msiserver - ok 12:45:59.0068 0316 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 12:45:59.0070 0316 MSKSSRV - ok 12:45:59.0134 0316 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 12:45:59.0136 0316 MSPCLOCK - ok 12:45:59.0170 0316 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 12:45:59.0173 0316 MSPQM - ok 12:45:59.0206 0316 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 12:45:59.0211 0316 MsRPC - ok 12:45:59.0234 0316 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 12:45:59.0237 0316 mssmbios - ok 12:45:59.0305 0316 MSSQL$MSSMLBIZ - ok 12:45:59.0357 0316 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe 12:45:59.0359 0316 MSSQLServerADHelper - ok 12:45:59.0368 0316 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 12:45:59.0371 0316 MSTEE - ok 12:45:59.0418 0316 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys 12:45:59.0421 0316 Mup - ok 12:45:59.0457 0316 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll 12:45:59.0480 0316 napagent - ok 12:45:59.0526 0316 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 12:45:59.0532 0316 NativeWifiP - ok 12:45:59.0619 0316 [ 8E4C77AD9BB279900C00F870CC0C674B ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\VirusDefs\20121117.005\NAVENG.SYS 12:45:59.0628 0316 NAVENG - ok 12:45:59.0762 0316 [ 826F699B69E88A3920C70F344DD42D88 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\VirusDefs\20121117.005\NAVEX15.SYS 12:45:59.0850 0316 NAVEX15 - ok 12:45:59.0927 0316 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys 12:45:59.0957 0316 NDIS - ok 12:45:59.0993 0316 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 12:46:00.0004 0316 NdisTapi - ok 12:46:00.0067 0316 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 12:46:00.0073 0316 Ndisuio - ok 12:46:00.0121 0316 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 12:46:00.0125 0316 NdisWan - ok 12:46:00.0157 0316 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 12:46:00.0160 0316 NDProxy - ok 12:46:00.0204 0316 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 12:46:00.0247 0316 NetBIOS - ok 12:46:00.0328 0316 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys 12:46:00.0373 0316 netbt - ok 12:46:00.0417 0316 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe 12:46:00.0420 0316 Netlogon - ok 12:46:00.0506 0316 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll 12:46:00.0516 0316 Netman - ok 12:46:00.0546 0316 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 12:46:00.0550 0316 NetMsmqActivator - ok 12:46:00.0558 0316 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 12:46:00.0560 0316 NetPipeActivator - ok 12:46:00.0608 0316 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll 12:46:00.0616 0316 netprofm - ok 12:46:00.0625 0316 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 12:46:00.0627 0316 NetTcpActivator - ok 12:46:00.0637 0316 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 12:46:00.0640 0316 NetTcpPortSharing - ok 12:46:00.0674 0316 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 12:46:00.0678 0316 nfrd960 - ok 12:46:00.0781 0316 [ F2840DBFE9322F35557219AE82CC4597 ] NIS C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe 12:46:00.0785 0316 NIS - ok 12:46:00.0811 0316 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll 12:46:00.0818 0316 NlaSvc - ok 12:46:00.0849 0316 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys 12:46:00.0852 0316 Npfs - ok 12:46:00.0885 0316 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll 12:46:00.0889 0316 nsi - ok 12:46:00.0925 0316 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 12:46:00.0928 0316 nsiproxy - ok 12:46:01.0006 0316 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 12:46:01.0050 0316 Ntfs - ok 12:46:01.0076 0316 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys 12:46:01.0079 0316 ntrigdigi - ok 12:46:01.0117 0316 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys 12:46:01.0120 0316 Null - ok 12:46:01.0145 0316 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys 12:46:01.0150 0316 nvraid - ok 12:46:01.0176 0316 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys 12:46:01.0179 0316 nvstor - ok 12:46:01.0202 0316 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 12:46:01.0208 0316 nv_agp - ok 12:46:01.0221 0316 NwlnkFlt - ok 12:46:01.0231 0316 NwlnkFwd - ok 12:46:01.0262 0316 [ A7B4D345D0F160649AA7CDC37E5C1A28 ] o2flash C:\Windows\system32\o2flash.exe 12:46:01.0267 0316 o2flash - ok 12:46:01.0284 0316 [ F4AA04F7BA01D54B31F14841386CC60B ] O2MDRDR C:\Windows\system32\DRIVERS\o2media.sys 12:46:01.0287 0316 O2MDRDR - ok 12:46:01.0311 0316 [ BFD27594E1FF49DDFF3C23DAE246AD44 ] O2SDRDR C:\Windows\system32\DRIVERS\o2sd.sys 12:46:01.0315 0316 O2SDRDR - ok 12:46:01.0425 0316 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 12:46:01.0447 0316 odserv - ok 12:46:01.0501 0316 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys 12:46:01.0505 0316 ohci1394 - ok 12:46:01.0547 0316 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 12:46:01.0551 0316 ose - ok 12:46:01.0637 0316 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll 12:46:01.0659 0316 p2pimsvc - ok 12:46:01.0693 0316 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll 12:46:01.0700 0316 p2psvc - ok 12:46:01.0726 0316 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\DRIVERS\parport.sys 12:46:01.0730 0316 Parport - ok 12:46:01.0766 0316 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys 12:46:01.0768 0316 partmgr - ok 12:46:01.0784 0316 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys 12:46:01.0787 0316 Parvdm - ok 12:46:01.0818 0316 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll 12:46:01.0823 0316 PcaSvc - ok 12:46:01.0860 0316 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys 12:46:01.0866 0316 pci - ok 12:46:01.0887 0316 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys 12:46:01.0889 0316 pciide - ok 12:46:01.0917 0316 [ 3BB2244F343B610C29C98035504C9B75 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 12:46:01.0924 0316 pcmcia - ok 12:46:01.0993 0316 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 12:46:02.0026 0316 PEAUTH - ok 12:46:02.0140 0316 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll 12:46:02.0195 0316 pla - ok 12:46:02.0242 0316 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll 12:46:02.0252 0316 PlugPlay - ok 12:46:02.0294 0316 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll 12:46:02.0304 0316 PNRPAutoReg - ok 12:46:02.0338 0316 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll 12:46:02.0348 0316 PNRPsvc - ok 12:46:02.0378 0316 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 12:46:02.0401 0316 PolicyAgent - ok 12:46:02.0422 0316 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 12:46:02.0425 0316 PptpMiniport - ok 12:46:02.0464 0316 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys 12:46:02.0468 0316 Processor - ok 12:46:02.0492 0316 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll 12:46:02.0500 0316 ProfSvc - ok 12:46:02.0516 0316 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe 12:46:02.0519 0316 ProtectedStorage - ok 12:46:02.0558 0316 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys 12:46:02.0561 0316 PSched - ok 12:46:02.0576 0316 [ F7BB4E7A7C02AB4A2672937E124E306E ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys 12:46:02.0580 0316 PxHelp20 - ok 12:46:02.0651 0316 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys 12:46:02.0684 0316 ql2300 - ok 12:46:02.0709 0316 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 12:46:02.0715 0316 ql40xx - ok 12:46:02.0762 0316 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll 12:46:02.0770 0316 QWAVE - ok 12:46:02.0811 0316 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 12:46:02.0813 0316 QWAVEdrv - ok 12:46:02.0924 0316 [ 15B131177EC8A6DD6CBEC2C124712EE4 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys 12:46:03.0000 0316 R300 - ok 12:46:03.0030 0316 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 12:46:03.0033 0316 RasAcd - ok 12:46:03.0071 0316 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll 12:46:03.0077 0316 RasAuto - ok 12:46:03.0120 0316 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 12:46:03.0123 0316 Rasl2tp - ok 12:46:03.0154 0316 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll 12:46:03.0164 0316 RasMan - ok 12:46:03.0202 0316 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 12:46:03.0205 0316 RasPppoe - ok 12:46:03.0248 0316 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 12:46:03.0252 0316 RasSstp - ok 12:46:03.0297 0316 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 12:46:03.0305 0316 rdbss - ok 12:46:03.0340 0316 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 12:46:03.0342 0316 RDPCDD - ok 12:46:03.0374 0316 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys 12:46:03.0382 0316 rdpdr - ok 12:46:03.0390 0316 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 12:46:03.0393 0316 RDPENCDD - ok 12:46:03.0436 0316 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 12:46:03.0442 0316 RDPWD - ok 12:46:03.0540 0316 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll 12:46:03.0545 0316 RemoteAccess - ok 12:46:03.0575 0316 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll 12:46:03.0582 0316 RemoteRegistry - ok 12:46:03.0644 0316 [ B216B03852DF788C7E2AFDF6C6E8A9B0 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe 12:46:03.0651 0316 RichVideo - ok 12:46:03.0681 0316 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe 12:46:03.0685 0316 RpcLocator - ok 12:46:03.0728 0316 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll 12:46:03.0737 0316 RpcSs - ok 12:46:03.0777 0316 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 12:46:03.0780 0316 rspndr - ok 12:46:03.0795 0316 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe 12:46:03.0800 0316 SamSs - ok 12:46:03.0823 0316 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 12:46:03.0828 0316 sbp2port - ok 12:46:03.0866 0316 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll 12:46:03.0873 0316 SCardSvr - ok 12:46:03.0933 0316 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll 12:46:03.0968 0316 Schedule - ok 12:46:04.0005 0316 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll 12:46:04.0007 0316 SCPolicySvc - ok 12:46:04.0044 0316 [ 4339A2585708C7D9B0C0CE5AAD3DD6FF ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys 12:46:04.0053 0316 sdbus - ok 12:46:04.0104 0316 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll 12:46:04.0117 0316 SDRSVC - ok 12:46:04.0138 0316 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys 12:46:04.0141 0316 secdrv - ok 12:46:04.0173 0316 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll 12:46:04.0179 0316 seclogon - ok 12:46:04.0201 0316 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll 12:46:04.0206 0316 SENS - ok 12:46:04.0233 0316 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 12:46:04.0236 0316 Serenum - ok 12:46:04.0267 0316 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\DRIVERS\serial.sys 12:46:04.0272 0316 Serial - ok 12:46:04.0284 0316 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys 12:46:04.0287 0316 sermouse - ok 12:46:04.0337 0316 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll 12:46:04.0343 0316 SessionEnv - ok 12:46:04.0361 0316 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 12:46:04.0364 0316 sffdisk - ok 12:46:04.0390 0316 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 12:46:04.0393 0316 sffp_mmc - ok 12:46:04.0403 0316 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 12:46:04.0409 0316 sffp_sd - ok 12:46:04.0424 0316 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 12:46:04.0428 0316 sfloppy - ok 12:46:04.0456 0316 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll 12:46:04.0466 0316 SharedAccess - ok 12:46:04.0505 0316 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 12:46:04.0514 0316 ShellHWDetection - ok 12:46:04.0537 0316 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys 12:46:04.0541 0316 sisagp - ok 12:46:04.0553 0316 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys 12:46:04.0555 0316 SiSRaid2 - ok 12:46:04.0574 0316 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 12:46:04.0579 0316 SiSRaid4 - ok 12:46:04.0662 0316 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe 12:46:04.0668 0316 SkypeUpdate - ok 12:46:04.0818 0316 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe 12:46:04.0947 0316 slsvc - ok 12:46:05.0019 0316 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll 12:46:05.0026 0316 SLUINotify - ok 12:46:05.0056 0316 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys 12:46:05.0060 0316 Smb - ok 12:46:05.0096 0316 [ 12B62474E707A26D662232C54A4EF322 ] SMSCIRDA C:\Windows\system32\DRIVERS\SMSCirda.sys 12:46:05.0099 0316 SMSCIRDA - ok 12:46:05.0147 0316 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 12:46:05.0152 0316 SNMPTRAP - ok 12:46:05.0180 0316 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys 12:46:05.0184 0316 spldr - ok 12:46:05.0229 0316 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe 12:46:05.0235 0316 Spooler - ok 12:46:05.0274 0316 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe 12:46:05.0280 0316 SQLBrowser - ok 12:46:05.0337 0316 [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 12:46:05.0340 0316 SQLWriter - ok 12:46:05.0452 0316 [ 7BB297CADA42903328E92425D9761DA6 ] SRTSP C:\Windows\System32\Drivers\NIS\1309000.009\SRTSP.SYS 12:46:05.0484 0316 SRTSP - ok 12:46:05.0545 0316 [ 475FCF0F28D845BF1C8ABAC27F19003E ] SRTSPX C:\Windows\system32\drivers\NIS\1309000.009\SRTSPX.SYS 12:46:05.0549 0316 SRTSPX - ok 12:46:05.0595 0316 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys 12:46:05.0603 0316 srv - ok 12:46:05.0647 0316 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 12:46:05.0653 0316 srv2 - ok 12:46:05.0682 0316 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 12:46:05.0687 0316 srvnet - ok 12:46:05.0737 0316 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 12:46:05.0745 0316 SSDPSRV - ok 12:46:05.0783 0316 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll 12:46:05.0790 0316 SstpSvc - ok 12:46:05.0829 0316 [ EF70B3D22B4BFFDA6EA851ECB063EFAA ] StillCam C:\Windows\system32\DRIVERS\serscan.sys 12:46:05.0832 0316 StillCam - ok 12:46:05.0898 0316 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll 12:46:05.0921 0316 stisvc - ok 12:46:05.0934 0316 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 12:46:05.0937 0316 swenum - ok 12:46:05.0976 0316 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll 12:46:05.0987 0316 swprv - ok 12:46:06.0021 0316 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys 12:46:06.0024 0316 Symc8xx - ok 12:46:06.0033 0316 SYMDNS - ok 12:46:06.0078 0316 [ 690FA0E61B90084C4D9A721BD4F3D779 ] SymDS C:\Windows\system32\drivers\NIS\1309000.009\SYMDS.SYS 12:46:06.0101 0316 SymDS - ok 12:46:06.0166 0316 [ 8F88EDB211B12537D2DC2A6D73D6067C ] SymEFA C:\Windows\system32\drivers\NIS\1309000.009\SYMEFA.SYS 12:46:06.0201 0316 SymEFA - ok 12:46:06.0231 0316 [ 74E2521E96176A4449570E50BE91954D ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS 12:46:06.0244 0316 SymEvent - ok 12:46:06.0278 0316 SYMFW - ok 12:46:06.0332 0316 [ 2C356CCA706505CF63CBE39D532B9236 ] SymIRON C:\Windows\system32\drivers\NIS\1309000.009\Ironx86.SYS 12:46:06.0338 0316 SymIRON - ok 12:46:06.0346 0316 SYMNDISV - ok 12:46:06.0358 0316 SYMREDRV - ok 12:46:06.0400 0316 [ 40C6E6417C8B7D7FCF82CFBE71525795 ] SYMTDIv C:\Windows\System32\Drivers\NIS\1309000.009\SYMTDIV.SYS 12:46:06.0410 0316 SYMTDIv - ok 12:46:06.0446 0316 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys 12:46:06.0449 0316 Sym_hi - ok 12:46:06.0466 0316 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys 12:46:06.0470 0316 Sym_u3 - ok 12:46:06.0515 0316 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll 12:46:06.0538 0316 SysMain - ok 12:46:06.0566 0316 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll 12:46:06.0571 0316 TabletInputService - ok 12:46:06.0606 0316 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll 12:46:06.0615 0316 TapiSrv - ok 12:46:06.0649 0316 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll 12:46:06.0654 0316 TBS - ok 12:46:06.0723 0316 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 12:46:06.0756 0316 Tcpip - ok 12:46:06.0800 0316 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys 12:46:06.0810 0316 Tcpip6 - ok 12:46:06.0851 0316 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 12:46:06.0854 0316 tcpipreg - ok 12:46:06.0898 0316 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 12:46:06.0900 0316 TDPIPE - ok 12:46:06.0925 0316 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 12:46:06.0928 0316 TDTCP - ok 12:46:06.0956 0316 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 12:46:06.0960 0316 tdx - ok 12:46:06.0979 0316 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 12:46:06.0983 0316 TermDD - ok 12:46:07.0020 0316 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll 12:46:07.0043 0316 TermService - ok 12:46:07.0072 0316 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll 12:46:07.0079 0316 Themes - ok 12:46:07.0104 0316 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll 12:46:07.0108 0316 THREADORDER - ok 12:46:07.0138 0316 [ 42A23FF09BD172FA3F6A3A0A589EF1B0 ] tosrfbd C:\Windows\system32\DRIVERS\tosrfbd.sys 12:46:07.0144 0316 tosrfbd - ok 12:46:07.0168 0316 [ 410AA85D04CFE697A2C3368286DDD128 ] Tosrfhid C:\Windows\system32\DRIVERS\Tosrfhid.sys 12:46:07.0172 0316 Tosrfhid - ok 12:46:07.0207 0316 [ 967316FB4777BC6EAAA0E15552FEF768 ] tosrfusb C:\Windows\system32\DRIVERS\tosrfusb.sys 12:46:07.0211 0316 tosrfusb - ok 12:46:07.0251 0316 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll 12:46:07.0256 0316 TrkWks - ok 12:46:07.0314 0316 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 12:46:07.0316 0316 TrustedInstaller - ok 12:46:07.0360 0316 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 12:46:07.0363 0316 tssecsrv - ok 12:46:07.0407 0316 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys 12:46:07.0410 0316 tunmp - ok 12:46:07.0452 0316 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 12:46:07.0455 0316 tunnel - ok 12:46:07.0495 0316 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 12:46:07.0498 0316 uagp35 - ok 12:46:07.0533 0316 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 12:46:07.0540 0316 udfs - ok 12:46:07.0575 0316 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe 12:46:07.0581 0316 UI0Detect - ok 12:46:07.0605 0316 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 12:46:07.0610 0316 uliagpkx - ok 12:46:07.0637 0316 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys 12:46:07.0646 0316 uliahci - ok 12:46:07.0671 0316 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys 12:46:07.0677 0316 UlSata - ok 12:46:07.0698 0316 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys 12:46:07.0703 0316 ulsata2 - ok 12:46:07.0737 0316 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 12:46:07.0740 0316 umbus - ok 12:46:07.0797 0316 [ 9E16F1017C4B70B9CB625D6754DFCCC7 ] UpdateNaviInstallService C:\Program Files\Fujitsu\fjdvrupd\updnvsrv.exe 12:46:07.0799 0316 UpdateNaviInstallService - ok 12:46:07.0841 0316 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll 12:46:07.0859 0316 upnphost - ok 12:46:07.0923 0316 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 12:46:07.0933 0316 usbaudio - ok 12:46:07.0957 0316 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 12:46:07.0960 0316 usbccgp - ok 12:46:08.0002 0316 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys 12:46:08.0006 0316 usbcir - ok 12:46:08.0062 0316 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 12:46:08.0065 0316 usbehci - ok 12:46:08.0091 0316 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 12:46:08.0098 0316 usbhub - ok 12:46:08.0135 0316 [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 12:46:08.0137 0316 usbohci - ok 12:46:08.0168 0316 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys 12:46:08.0170 0316 usbprint - ok 12:46:08.0209 0316 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 12:46:08.0214 0316 USBSTOR - ok 12:46:08.0233 0316 [ 325DBBACB8A36AF9988CCF40EAC228CC ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 12:46:08.0236 0316 usbuhci - ok 12:46:08.0277 0316 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 12:46:08.0282 0316 usbvideo - ok 12:46:08.0319 0316 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll 12:46:08.0324 0316 UxSms - ok 12:46:08.0377 0316 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe 12:46:08.0412 0316 vds - ok 12:46:08.0445 0316 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 12:46:08.0448 0316 vga - ok 12:46:08.0494 0316 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys 12:46:08.0497 0316 VgaSave - ok 12:46:08.0526 0316 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys 12:46:08.0530 0316 viaagp - ok 12:46:08.0550 0316 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys 12:46:08.0554 0316 ViaC7 - ok 12:46:08.0576 0316 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys 12:46:08.0580 0316 viaide - ok 12:46:08.0601 0316 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys 12:46:08.0605 0316 volmgr - ok 12:46:08.0649 0316 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 12:46:08.0658 0316 volmgrx - ok 12:46:08.0705 0316 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys 12:46:08.0713 0316 volsnap - ok 12:46:08.0741 0316 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 12:46:08.0746 0316 vsmraid - ok 12:46:08.0818 0316 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe 12:46:08.0863 0316 VSS - ok 12:46:08.0906 0316 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll 12:46:08.0916 0316 W32Time - ok 12:46:08.0986 0316 [ 9CA92191C8F18E8B491A5B28E63C07B7 ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll 12:46:08.0995 0316 W3SVC - ok 12:46:09.0016 0316 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 12:46:09.0020 0316 WacomPen - ok 12:46:09.0055 0316 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys 12:46:09.0058 0316 Wanarp - ok 12:46:09.0072 0316 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 12:46:09.0074 0316 Wanarpv6 - ok 12:46:09.0119 0316 [ 9CA92191C8F18E8B491A5B28E63C07B7 ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll 12:46:09.0123 0316 WAS - ok 12:46:09.0151 0316 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll 12:46:09.0173 0316 wcncsvc - ok 12:46:09.0204 0316 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 12:46:09.0208 0316 WcsPlugInService - ok 12:46:09.0248 0316 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys 12:46:09.0251 0316 Wd - ok 12:46:09.0295 0316 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 12:46:09.0318 0316 Wdf01000 - ok 12:46:09.0347 0316 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll 12:46:09.0353 0316 WdiServiceHost - ok 12:46:09.0361 0316 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll 12:46:09.0369 0316 WdiSystemHost - ok 12:46:09.0406 0316 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll 12:46:09.0414 0316 WebClient - ok 12:46:09.0458 0316 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll 12:46:09.0467 0316 Wecsvc - ok 12:46:09.0505 0316 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll 12:46:09.0511 0316 wercplsupport - ok 12:46:09.0551 0316 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll 12:46:09.0558 0316 WerSvc - ok 12:46:09.0620 0316 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 12:46:09.0627 0316 WinDefend - ok 12:46:09.0638 0316 WinHttpAutoProxySvc - ok 12:46:09.0699 0316 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 12:46:09.0704 0316 Winmgmt - ok 12:46:09.0785 0316 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll 12:46:09.0841 0316 WinRM - ok 12:46:09.0912 0316 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll 12:46:09.0934 0316 Wlansvc - ok 12:46:10.0022 0316 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 12:46:10.0079 0316 wlidsvc - ok 12:46:10.0121 0316 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 12:46:10.0124 0316 WmiAcpi - ok 12:46:10.0162 0316 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 12:46:10.0167 0316 wmiApSrv - ok 12:46:10.0246 0316 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 12:46:10.0281 0316 WMPNetworkSvc - ok 12:46:10.0307 0316 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll 12:46:10.0316 0316 WPCSvc - ok 12:46:10.0357 0316 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 12:46:10.0369 0316 WPDBusEnum - ok 12:46:10.0432 0316 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys 12:46:10.0438 0316 WpdUsb - ok 12:46:10.0625 0316 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 12:46:10.0712 0316 WPFFontCache_v0400 - ok 12:46:10.0755 0316 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 12:46:10.0789 0316 ws2ifsl - ok 12:46:10.0839 0316 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll 12:46:10.0845 0316 wscsvc - ok 12:46:10.0854 0316 WSearch - ok 12:46:10.0923 0316 [ 2A456C4791E405CD810AB2219FF8B070 ] wtpfiltr C:\Windows\system32\drivers\wtpfiltr.sys 12:46:10.0930 0316 wtpfiltr - ok 12:46:11.0040 0316 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll 12:46:11.0108 0316 wuauserv - ok 12:46:11.0150 0316 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 12:46:11.0154 0316 WUDFRd - ok 12:46:11.0190 0316 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll 12:46:11.0196 0316 wudfsvc - ok 12:46:11.0262 0316 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe 12:46:11.0357 0316 YahooAUService - ok 12:46:11.0408 0316 [ 64B7C777B88D3AD5A3553BAFD66F9CAE ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys 12:46:11.0442 0316 yukonwlh - ok 12:46:11.0513 0316 ================ Scan global =============================== 12:46:11.0563 0316 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll 12:46:11.0714 0316 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll 12:46:11.0803 0316 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll 12:46:11.0891 0316 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe 12:46:11.0976 0316 [Global] - ok 12:46:11.0986 0316 ================ Scan MBR ================================== 12:46:12.0017 0316 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0 12:46:12.0556 0316 \Device\Harddisk0\DR0 - ok 12:46:12.0557 0316 ================ Scan VBR ================================== 12:46:12.0562 0316 [ F4763086AF101FBBE226E2B3C2F19FA0 ] \Device\Harddisk0\DR0\Partition1 12:46:12.0564 0316 \Device\Harddisk0\DR0\Partition1 - ok 12:46:12.0587 0316 [ 7AE6DE9486CB2CFB46AEEE340C1F5664 ] \Device\Harddisk0\DR0\Partition2 12:46:12.0590 0316 \Device\Harddisk0\DR0\Partition2 - ok 12:46:12.0591 0316 ============================================================ 12:46:12.0591 0316 Scan finished 12:46:12.0591 0316 ============================================================ 12:46:12.0613 2224 Detected object count: 0 12:46:12.0613 2224 Actual detected object count: 0 12:55:35.0971 5396 Deinitialize success ComboFix 12-11-16.02 - Russ 11/18/2012 13:31:26.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1981.786 [GMT -8:00] Running from: c:\users\Russ\Downloads\ComboFix.exe AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\install.exe c:\users\Russ\AppData\Local\Temp\_MEI32922\_ctypes.pyd c:\users\Russ\AppData\Local\Temp\_MEI32922\_elementtree.pyd c:\users\Russ\AppData\Local\Temp\_MEI32922\_hashlib.pyd c:\users\Russ\AppData\Local\Temp\_MEI32922\_socket.pyd c:\users\Russ\AppData\Local\Temp\_MEI32922\_ssl.pyd c:\users\Russ\AppData\Local\Temp\_MEI32922\pyexpat.pyd c:\users\Russ\AppData\Local\Temp\_MEI32922\pysqlite2._sqlite.pyd c:\users\Russ\AppData\Local\Temp\_MEI32922\python26.dll c:\users\Russ\AppData\Local\Temp\_MEI32922\pythoncom26.dll c:\users\Russ\AppData\Local\Temp\_MEI32922\PyWinTypes26.dll c:\users\Russ\AppData\Local\Temp\_MEI32922\select.pyd c:\users\Russ\AppData\Local\Temp\_MEI32922\unicodedata.pyd c:\users\Russ\AppData\Local\Temp\_MEI32922\win32api.pyd c:\users\Russ\AppData\Local\Temp\_MEI32922\win32com.shell.shell.pyd c:\users\Russ\AppData\Local\Temp\_MEI32922\win32crypt.pyd c:\users\Russ\AppData\Local\Temp\_MEI32922\win32event.pyd c:\users\Russ\AppData\Local\Temp\_MEI32922\win32file.pyd c:\users\Russ\AppData\Local\Temp\_MEI32922\win32inet.pyd c:\users\Russ\AppData\Local\Temp\_MEI32922\win32pdh.pyd c:\users\Russ\AppData\Local\Temp\_MEI32922\win32process.pyd c:\users\Russ\AppData\Local\Temp\_MEI32922\win32profile.pyd c:\users\Russ\AppData\Local\Temp\_MEI32922\win32security.pyd c:\users\Russ\AppData\Local\Temp\_MEI32922\win32ts.pyd c:\users\Russ\AppData\Local\Temp\_MEI32922\windows._cacheinvalidation.pyd c:\users\Russ\AppData\Local\Temp\_MEI32922\wx._controls_.pyd c:\users\Russ\AppData\Local\Temp\_MEI32922\wx._core_.pyd c:\users\Russ\AppData\Local\Temp\_MEI32922\wx._gdi_.pyd c:\users\Russ\AppData\Local\Temp\_MEI32922\wx._html2.pyd c:\users\Russ\AppData\Local\Temp\_MEI32922\wx._misc_.pyd c:\users\Russ\AppData\Local\Temp\_MEI32922\wx._windows_.pyd c:\users\Russ\AppData\Local\Temp\_MEI32922\wx._wizard.pyd c:\users\Russ\AppData\Local\Temp\_MEI32922\wxbase293u_net_vc.dll c:\users\Russ\AppData\Local\Temp\_MEI32922\wxbase293u_vc.dll c:\users\Russ\AppData\Local\Temp\_MEI32922\wxmsw293u_adv_vc.dll c:\users\Russ\AppData\Local\Temp\_MEI32922\wxmsw293u_core_vc.dll c:\users\Russ\AppData\Local\Temp\_MEI32922\wxmsw293u_html_vc.dll c:\users\Russ\AppData\Local\Temp\_MEI32922\wxmsw293u_webview_vc.dll c:\users\Russ\g2mdlhlpx.exe c:\users\Russ\GoToAssistDownloadHelper.exe c:\windows\TEMP\logishrd\LVPrcInj0d.dll . . ((((((((((((((((((((((((( Files Created from 2012-10-18 to 2012-11-18 ))))))))))))))))))))))))))))))) . . No new files created in this timespan . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-11-16 22:17 . 2006-11-02 10:24 64010424 ----a-w- c:\windows\system32\mrt.exe 2012-11-08 13:37 . 2012-03-29 03:59 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-11-08 13:37 . 2011-05-18 13:41 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-10-26 23:48 . 2012-10-26 23:49 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2012-10-26 23:48 . 2012-07-11 02:45 821736 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-10-26 23:48 . 2010-05-26 23:26 746984 ----a-w- c:\windows\system32\deployJava1.dll 2012-10-12 14:29 . 2012-11-14 14:24 2047488 ----a-w- c:\windows\system32\win32k.sys 2012-10-08 08:28 . 2012-11-16 22:11 12320768 ----a-w- c:\windows\system32\mshtml.dll 2012-10-08 07:48 . 2012-11-16 22:11 1103872 ----a-w- c:\windows\system32\urlmon.dll 2012-10-08 07:48 . 2012-11-16 22:11 1129472 ----a-w- c:\windows\system32\wininet.dll 2012-10-08 07:46 . 2012-11-16 22:11 231936 ----a-w- c:\windows\system32\url.dll 2012-10-08 07:43 . 2012-11-16 22:11 420864 ----a-w- c:\windows\system32\vbscript.dll 2012-10-08 07:42 . 2012-11-16 22:11 607744 ----a-w- c:\windows\system32\msfeeds.dll 2012-10-08 07:41 . 2012-11-16 22:11 73216 ----a-w- c:\windows\system32\mshtmled.dll 2012-10-08 07:40 . 2012-11-16 22:11 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-09-25 16:19 . 2012-11-14 14:25 75776 ----a-w- c:\windows\system32\synceng.dll 2012-09-13 13:28 . 2012-10-10 12:48 2048 ----a-w- c:\windows\system32\tzres.dll 2012-08-29 11:27 . 2012-10-10 12:45 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-08-29 11:27 . 2012-10-10 12:45 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-08-24 15:53 . 2012-10-10 12:47 172544 ----a-w- c:\windows\system32\wintrust.dll 2012-10-30 17:11 . 2012-10-30 17:11 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2012-10-25 22:45 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2012-10-25 22:45 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2012-10-25 22:45 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2012-10-25 22:45 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "Skype"="c:\program files\Skype\\Phone\Skype.exe" [2012-07-13 17418928] "Logitech Vid"="c:\program files\Logitech\Vid HD\Vid.exe" [2011-01-13 6129496] "HP Officejet Pro 8600 (NET)"="c:\program files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" [2011-09-09 1804648] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] "Akamai NetSession Interface"="c:\users\Russ\AppData\Local\Akamai\netsession_win.exe" [2012-10-09 4441920] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-27 39408] "GoogleDriveSync"="c:\program files\Google\Drive\googledrivesync.exe" [2012-10-25 16052192] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2008-03-04 5218304] "Apoint"="c:\program files\Apoint2K\Apoint.exe" [2006-09-26 151552] "IndicatorUtility"="c:\program files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe" [2007-02-09 97072] "LoadFUJ02E3"="c:\program files\Fujitsu\FUJ02E3\FUJ02E3.exe" [2006-11-17 80688] "LoadFujitsuQuickTouch"="c:\program files\Fujitsu\Application Panel\QuickTouch.exe" [2006-11-26 260912] "LoadBtnHnd"="c:\program files\Fujitsu\BtnHnd\BtnHnd.exe" [2006-11-12 68400] "SSUtility"="c:\program files\Fujitsu\SSUtility\FJSSDMN.exe" [2006-11-12 239144] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-14 52832] "Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2007-02-21 366400] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-06-28 30192] "FJUPDNV_Chitose"="c:\program files\Fujitsu\fjdvrupd\updatenv.exe" [2007-02-05 167936] "Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-30 583048] "Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-04-26 68592] "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-05-08 2780432] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208] "Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2012-07-27 36800] "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2012-07-27 823224] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] . c:\users\Russ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ CCC.lnk - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ CCC.lnk - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . R3 ADVNTDRV;ADVNTDRV;c:\windows\System32\drivers\ADVNTDRV.SYS [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}] 2011-03-21 17:48 114176 ----a-w- c:\windows\System32\advpack.dll . Contents of the 'Scheduled Tasks' folder . 2012-11-18 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 13:37] . 2012-08-02 c:\windows\Tasks\ErrorEND.job - c:\program files\ErrorEND\ErrorEND.exe [2011-03-09 12:23] . 2012-11-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-03 05:38] . 2012-11-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-03 05:38] . 2012-11-16 c:\windows\Tasks\ParetoLogic Registration3.job - c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2011-03-29 23:17] . 2011-04-22 c:\windows\Tasks\ParetoLogic Update Version3.job - c:\program files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2011-03-29 23:17] . 2012-02-15 c:\windows\Tasks\PC Health Advisor Defrag.job - c:\program files\ParetoLogic\PCHA\PCHA.exe [2011-03-29 23:17] . 2012-07-20 c:\windows\Tasks\PC Health Advisor.job - c:\program files\ParetoLogic\PCHA\PCHA.exe [2011-03-29 23:17] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.yahoo.com/ uInternet Settings,ProxyOverride = <local> Trusted Zone: pristine.com\www Trusted Zone: realist.com Trusted Zone: sandicor.com Trusted Zone: zerohedge.com\www TCP: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12 DPF: {413D6754-BFD4-47FE-9346-319559290BFA} - hxxps://www.webpcfos.com/webpcfos/websabre/HTEweb_v.cab DPF: {F375116A-793C-11D2-BFE1-444553540001} - hxxp://mls.realist.com/mapviewer/mapviewer.cab FF - ProfilePath - c:\users\Russ\AppData\Roaming\Mozilla\Firefox\Profiles\z8uojzrp.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/ FF - prefs.js: network.proxy.type - 0 FF - ExtSQL: 2012-09-19 20:19; {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}; c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} FF - ExtSQL: 2012-10-18 05:32; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} FF - ExtSQL: !HIDDEN! 2011-03-23 18:25; {3112ca9c-de6d-4884-a869-9855de68056c}; c:\programdata\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} FF - ExtSQL: !HIDDEN! 2012-01-11 11:09; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) HKLM_ActiveSetup-ccc-core-static - msiexec . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-11-18 14:24 Windows 6.0.6002 Service Pack 2 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NIS] "ImagePath"="\"c:\program files\Norton Internet Security\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Norton Internet Security\Engine\19.9.0.9\diMaster.dll\" /prefetch:1" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-3471859834-3467075534-2614826630-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "scansk"=hex(0):3f,66,59,82,9c,36,a1,ec,f2,2b,02,93,eb,4b,24,b1,30,11,5f,11,c8, 76,c5,a0,01,6d,22,4c,a8,a3,64,78,0f,c7,aa,f7,a3,e4,5c,1b,00,00,00,00,00,00,\ . [HKEY_USERS\S-1-5-21-3471859834-3467075534-2614826630-1000_Classes\CLSID\{9273a061-d847-495f-aa9f-c08bdaf6dd2f}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:0000005b "Therad"=dword:0000001e "MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26, 38,95,44,85,b1,12,f9,90,dd,23,a1,88,cf,9c,8e,d8,d3,58,13,5a,53,3c,56,d5,ae,\ . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe c:\windows\system32\agrsmsvc.exe c:\windows\system32\atashost.exe c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe c:\program files\Norton Internet Security\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe c:\windows\system32\o2flash.exe c:\program files\CyberLink\Shared Files\RichVideo.exe c:\program files\Norton Internet Security\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe c:\program files\Fujitsu\fjdvrupd\updnvsrv.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe c:\program files\Canon\CAL\CALMAIN.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\RtHDVCpl.exe c:\program files\Apoint2K\ApMsgFwd.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE c:\program files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe c:\program files\Apoint2K\Apntex.exe c:\program files\Apoint2K\HidFind.exe c:\program files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe c:\program files\Microsoft\BingBar\7.1.361.0\SeaPort.exe . ************************************************************************** . Completion time: 2012-11-18 14:52:37 - machine was rebooted ComboFix-quarantined-files.txt 2012-11-18 22:52 . Pre-Run: 66,546,679,808 bytes free Post-Run: 76,767,985,664 bytes free . - - End Of File - - E3FF531F7A5C852A9144DAC9E58999E6

Hello: I am infected with a search re-direct malware that I have been unable to get rid of after Malwarebytes and Norton Internet Security scans. Below are the DDS.txt. and Attch.txt scans. I await your instructions. Thank you in advance for your kind assistance. DDS (Ver_2012-11-07.01) - NTFS_x86 Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 10.9.2 Run by Russ at 12:02:02 on 2012-11-18 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1981.585 [GMT -8:00] . AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\Ati2evxx.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\Ati2evxx.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\agrsmsvc.exe C:\Windows\system32\atashost.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe C:\Windows\system32\o2flash.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Program Files\Fujitsu\fjdvrupd\updnvsrv.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\DllHost.exe C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Fujitsu\fjdvrupd\updatenv.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Logitech\Vid HD\Vid.exe C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe C:\Users\Russ\AppData\Local\Akamai\netsession_win.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Google\Drive\googledrivesync.exe C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe C:\Program Files\Apoint2K\HidFind.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\Apoint2K\Apntex.exe C:\Users\Russ\AppData\Local\Akamai\netsession_win.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\Google\Drive\googledrivesync.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k apphost C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k iissvcs C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.yahoo.com/ uWindow Title = Windows Internet Explorer provided by Yahoo! uSearch Page = hxxp://www.google.com uProxyOverride = <local> BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton internet security\norton internet security\engine\19.9.0.9\coieplg.dll BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton internet security\norton internet security\engine\19.9.0.9\ips\ipsbho.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\microsoft\bingbar\7.1.361.0\BingExt.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton internet security\norton internet security\engine\19.9.0.9\coieplg.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter uRun: [startCCC] c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [skype] "c:\program files\skype\\phone\Skype.exe" /nosplash /minimized uRun: [Logitech Vid] "c:\program files\logitech\vid hd\Vid.exe" -bootmode uRun: [HP Officejet Pro 8600 (NET)] "c:\program files\hp\hp officejet pro 8600\bin\ScanToPCActivationApp.exe" -deviceID "CN221AR28D05KD:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1 uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe uRun: [Akamai NetSession Interface] "c:\users\russ\appdata\local\akamai\netsession_win.exe" uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [GoogleDriveSync] "c:\program files\google\drive\googledrivesync.exe" /autostart mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide mRun: [RtHDVCpl] RtHDVCpl.exe mRun: [Apoint] c:\program files\apoint2k\Apoint.exe mRun: [indicatorUtility] c:\program files\fujitsu\fujitsu hotkey utility\IndicatorUty.exe mRun: [LoadFUJ02E3] c:\program files\fujitsu\fuj02e3\FUJ02E3.exe mRun: [LoadFujitsuQuickTouch] c:\program files\fujitsu\application panel\QuickTouch.exe mRun: [LoadBtnHnd] c:\program files\fujitsu\btnhnd\BtnHnd.exe mRun: [sSUtility] c:\program files\fujitsu\ssutility\FJSSDMN.exe mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe" mRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup mRun: [FJUPDNV_Chitose] c:\program files\fujitsu\fjdvrupd\updatenv.exe mRun: [symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll" mRun: [Google Quick Search Box] "c:\program files\google\quick search box\GoogleQuickSearchBox.exe" /autorun mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 10.0\acrobat\Acrobat_sl.exe" mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 10.0\acrobat\Acrotray.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" StartupFolder: c:\users\russ\appdata\roaming\micros~1\windows\startm~1\programs\startup\ccc.lnk - c:\program files\ati technologies\ati.ace\core-static\CCC.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - c:\program files\hewlett-packard\smartprint\smartprintsetup.exe IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} Trusted Zone: realist.com Trusted Zone: sandicor.com DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab DPF: {413D6754-BFD4-47FE-9346-319559290BFA} - hxxps://www.webpcfos.com/webpcfos/websabre/HTEweb_v.cab DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} - hxxp://www.parallelgraphics.com/l2/bin/cortvrml.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://etradeevents.webex.com/client/T27L/webex/ieatgpc1.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {F375116A-793C-11D2-BFE1-444553540001} - hxxp://mls.realist.com/mapviewer/mapviewer.cab TCP: NameServer = 68.105.28.11 68.105.29.11 68.105.28.12 TCP: Interfaces\{1A869D51-1787-4766-9AB5-9F141C0CCE25} : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12 TCP: Interfaces\{FCD03BA8-033B-4E14-A063-536F5CD40842} : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg mASetup: ccc-core-static - msiexec /fums {9FB9E409-423F-8B24-BF0D-1172F67EFA2F} /qb mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12 . ================= FIREFOX =================== . FF - ProfilePath - c:\users\russ\appdata\roaming\mozilla\firefox\profiles\z8uojzrp.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/ FF - prefs.js: network.proxy.type - 0 FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\coffplgn\components\coFFPlgn.dll FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\ipsffplgn\components\IPSFFPl.dll FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll FF - component: c:\users\russ\appdata\roaming\idm\idmmzcc3\components\idmmzcc.dll FF - component: c:\users\russ\appdata\roaming\mozilla\firefox\profiles\z8uojzrp.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll FF - component: c:\users\russ\appdata\roaming\mozilla\firefox\profiles\z8uojzrp.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll FF - plugin: c:\program files\adobe\acrobat 10.0\acrobat\air\nppdf32.dll FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dll FF - plugin: c:\windows\system32\npdeployJava1.dll FF - plugin: c:\windows\system32\npmproxy.dll FF - ExtSQL: 2012-09-19 20:19; {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}; c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} FF - ExtSQL: 2012-10-18 05:32; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} FF - ExtSQL: !HIDDEN! 2011-03-23 18:25; {3112ca9c-de6d-4884-a869-9855de68056c}; c:\programdata\google\toolbar for firefox\{3112ca9c-de6d-4884-a869-9855de68056c} FF - ExtSQL: !HIDDEN! 2012-01-11 11:09; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension . ============= SERVICES / DRIVERS =============== . R0 FBIOSDRV;FBIOSDRV;c:\windows\system32\drivers\FBIOSDRV.SYS [2007-5-11 8960] R0 FJGSDisk;G-Sensor Application Filter Driver;c:\windows\system32\drivers\FJGSDisk.sys [2007-5-11 10368] R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2006-10-3 36640] R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [2006-10-12 33152] R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1309000.009\symds.sys [2012-10-1 340088] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1309000.009\symefa.sys [2012-10-1 924320] R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.6.2.10\definitions\bashdefs\20121106.001\BHDrvx86.sys [2012-10-23 995488] R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\nis\1309000.009\ccsetx86.sys [2012-10-1 132768] R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.6.2.10\definitions\ipsdefs\20121116.001\IDSvix86.sys [2012-11-18 386720] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1309000.009\ironx86.sys [2012-10-1 149624] R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\nis\1309000.009\symtdiv.sys [2012-10-1 345208] R2 atashost;WebEx Service Host for Support Center;c:\windows\system32\atashost.exe [2010-4-6 43904] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-9-2 21504] R2 NIS;Norton Internet Security;c:\program files\norton internet security\norton internet security\engine\19.9.0.9\ccsvchst.exe [2012-10-1 138272] R2 UpdateNaviInstallService;UpdateNaviInstallService;c:\program files\fujitsu\fjdvrupd\updnvsrv.exe [2007-1-27 11776] R3 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\7.1.361.0\SeaPort.EXE [2012-2-10 240408] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-10-31 106656] R3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\drivers\fuj02e3.sys [2007-5-11 5632] S2 BBSvc;BingBar Service;c:\program files\microsoft\bingbar\7.1.361.0\BBSvc.EXE [2012-2-10 193816] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944] S3 ADVNTDRV;ADVNTDRV;c:\windows\system32\drivers\ADVNTDRV.SYS [2008-11-25 3872] S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2007-5-11 30192] S3 SMSCIRDA;SMSC Infrared Device Driver;c:\windows\system32\drivers\smscirda.sys [2006-11-2 30720] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] S3 wtpfiltr;wtpfiltr;c:\windows\system32\drivers\wtpfiltr.sys [2007-5-11 7680] . =============== Created Last 30 ================ . 2012-11-16 01:28:37 -------- d-----w- c:\users\russ\appdata\roaming\Malwarebytes 2012-11-16 01:28:13 -------- d-----w- c:\programdata\Malwarebytes 2012-11-16 01:28:11 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-11-16 01:28:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-11-14 14:25:09 75776 ----a-w- c:\windows\system32\synceng.dll 2012-11-14 14:24:49 2047488 ----a-w- c:\windows\system32\win32k.sys 2012-11-03 01:08:42 -------- d-----w- c:\program files\JSS 2012-10-31 05:30:06 -------- d-s---w- c:\users\russ\Google Drive 2012-10-30 15:46:29 -------- d-----w- c:\users\russ\appdata\roaming\picpick 2012-10-30 15:43:31 -------- d-----w- c:\program files\PicPick 2012-10-27 01:22:54 -------- d-----w- c:\windows\Keyword Optimizer Pro 2 2012-10-27 01:22:53 -------- d-----w- c:\program files\KeywordOptimizerPro2 2012-10-26 23:49:26 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2012-10-26 23:42:23 -------- d-----w- c:\users\russ\appdata\local\Citrix 2012-10-26 23:42:17 102248 ----a-w- c:\users\russ\GoToAssistDownloadHelper.exe . ==================== Find3M ==================== . 2012-11-16 13:34:06 60304 ----a-w- c:\users\russ\g2mdlhlpx.exe 2012-11-08 13:37:56 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-11-08 13:37:56 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-10-26 23:48:38 821736 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-10-26 23:48:37 746984 ----a-w- c:\windows\system32\deployJava1.dll 2012-10-08 07:56:24 1800704 ----a-w- c:\windows\system32\jscript9.dll 2012-10-08 07:48:03 1129472 ----a-w- c:\windows\system32\wininet.dll 2012-10-08 07:47:44 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2012-10-08 07:44:05 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2012-10-08 07:43:21 420864 ----a-w- c:\windows\system32\vbscript.dll 2012-10-08 07:40:56 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-09-13 13:28:08 2048 ----a-w- c:\windows\system32\tzres.dll 2012-08-29 11:27:41 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-08-29 11:27:41 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-08-24 15:53:29 172544 ----a-w- c:\windows\system32\wintrust.dll . ============= FINISH: 12:03:42.23 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-07.01) . Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 8/27/2008 3:19:28 PM System Uptime: 11/18/2012 11:23:15 AM (1 hours ago) . Motherboard: FUJITSU | | FJNBA03 Processor: AMD Turion 64 X2 Mobile Technology TL-60 | Onboard | 2000/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 147 GiB total, 61.164 GiB free. D: is FIXED (NTFS) - 1 GiB total, 1.001 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft 6to4 Adapter Device ID: ROOT\*6TO4MP\0001 Manufacturer: Microsoft Name: Microsoft 6to4 Adapter #2 PNP Device ID: ROOT\*6TO4MP\0001 Service: tunnel . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft 6to4 Adapter Device ID: ROOT\*6TO4MP\0019 Manufacturer: Microsoft Name: Microsoft 6to4 Adapter #19 PNP Device ID: ROOT\*6TO4MP\0019 Service: tunnel . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft 6to4 Adapter Device ID: ROOT\*6TO4MP\0021 Manufacturer: Microsoft Name: Microsoft 6to4 Adapter #21 PNP Device ID: ROOT\*6TO4MP\0021 Service: tunnel . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft 6to4 Adapter Device ID: ROOT\*6TO4MP\0022 Manufacturer: Microsoft Name: Microsoft 6to4 Adapter #22 PNP Device ID: ROOT\*6TO4MP\0022 Service: tunnel . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft 6to4 Adapter Device ID: ROOT\*6TO4MP\0053 Manufacturer: Microsoft Name: Microsoft 6to4 Adapter #41 PNP Device ID: ROOT\*6TO4MP\0053 Service: tunnel . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft 6to4 Adapter Device ID: ROOT\*6TO4MP\0060 Manufacturer: Microsoft Name: Microsoft 6to4 Adapter #60 PNP Device ID: ROOT\*6TO4MP\0060 Service: tunnel . ==== System Restore Points =================== . . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 7 Day Blog Profits 1.00 Adobe Acrobat Connect Add-in Adobe Acrobat X Pro - English, Français, Deutsch Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.4) Agere Systems HDA Modem Akamai NetSession Interface ALPS Touch Pad Driver Apple Application Support Apple Software Update ATI Catalyst Install Manager ATI Uninstaller Bing Bar Blog Profit Pro Branding Business Contact Manager for Outlook 2007 SP2 Camera Access Library Camera Support Core Library Camera Window DS Camera Window DVC Camera Window MC Canon Camera Access Library Canon Camera Support Core Library Canon Camera Window DC_DV 5 for ZoomBrowser EX Canon Camera Window DC_DV 6 for ZoomBrowser EX Canon Camera Window DSLR 5 for ZoomBrowser EX Canon Camera Window MC 6 for ZoomBrowser EX Canon MovieEdit Task for ZoomBrowser EX Canon PhotoRecord Canon RAW Image Task for ZoomBrowser EX Canon Utilities PhotoStitch 3.1 Canon ZoomBrowser EX (E) Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Vista Catalyst Control Center Localization Chinese Standard Catalyst Control Center Localization Chinese Traditional Catalyst Control Center Localization Czech Catalyst Control Center Localization Danish Catalyst Control Center Localization Dutch Catalyst Control Center Localization Finnish Catalyst Control Center Localization French Catalyst Control Center Localization German Catalyst Control Center Localization Greek Catalyst Control Center Localization Hungarian Catalyst Control Center Localization Italian Catalyst Control Center Localization Japanese Catalyst Control Center Localization Korean Catalyst Control Center Localization Norwegian Catalyst Control Center Localization Polish Catalyst Control Center Localization Portuguese Catalyst Control Center Localization Russian Catalyst Control Center Localization Spanish Catalyst Control Center Localization Swedish Catalyst Control Center Localization Thai Catalyst Control Center Localization Turkish ccc-core-static ccc-utility CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Crypto Tool ErrorEND Forex Signal Live World Market Times Fujitsu Display Manager Fujitsu Driver Update Fujitsu Hotkey Utility Fujitsu MobilityCenter Extension Utility Fujitsu System Extension Utility Google Chrome Google Desktop Google Drive Google Quick Search Box Google Toolbar for Firefox Google Toolbar for Internet Explorer Google Update Helper GoToMeeting 5.3.0.1009 hotComm Lite® hotComm® CL Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HP Officejet Pro 8600 Basic Device Software HP Officejet Pro 8600 Help HP Officejet Pro 8600 Product Improvement Study HP Update I.R.I.S. OCR Japanese Fonts Support For Adobe Reader 8 Java 7 Update 9 Java Auto Updater Java 6 Update 37 Keyword Optimizer Pro 2 Keyword Sweetspotter KeywordOptimizerPro LifeBook Application Panel LiveUpdate 3.2 (Symantec Corporation) LiveUpdate Notice (Symantec Corporation) Logitech Vid HD Logitech Webcam Software Logitech Webcam Software Driver Package MakeDisc Malwarebytes Anti-Malware version 1.65.1.1000 Market Samurai Marketsplash Shortcuts Micro Niche Finder 5.0 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft Office 2003 Web Components Microsoft Office 2007 Primary Interop Assemblies Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Professional 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Small Business Connectivity Components Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) Microsoft SQL Server Native Client Microsoft SQL Server Setup Support Files (English) Microsoft SQL Server VSS Writer Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 MovieEdit Task Mozilla Firefox 15.0 (x86 en-US) Mozilla Maintenance Service MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB941833) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) My Backpage Demo Norton Internet Security O2Micro Flash Memory Card Windows Driver Octoshape add-in for Adobe Flash Player OfficeSharedAddInSetup OGA Notifier 2.0.0048.0 ParetoLogic PC Health Advisor PhotoStitch Picasa 2 PicPick Point2 Photo Utility PowerDirector Express PowerDVD PowerProducer PrimoPDF -- brought to you by Nitro PDF Software Pristine Chat QuickTime RAW Image Task 2.2 RealPlayer Realtek High Definition Audio Driver RealUpgrade 1.1 Roxio Easy Media Creator Home Search Syndicate version 1.0 Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition Shock Sensor Utility Site Spy Skins Skype Toolbars Skype™ 5.10 Smart PDF Converter 6.3.0.495 Spelling Dictionaries Support For Adobe Reader 8 TestDrive Client TradeStation 8.3 (Build 1631) TradeStation 8.4 (Build 1688) TradeStation 8.4 (Build 1693) TradeStation 8.5 (Build 2289) TradeStation 8.6 (Build 2612) TradeStation 8.6 (Build 2696) TradeStation 8.7 (Build 3085) TradeStation 8.8 TradeStation 9.0 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760413) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) VLC media player 1.1.9 WebEx Windows Live ID Sign-in Assistant Xvid 1.2.1 final uninstall Yahoo! Software Update Yahoo! Toolbar YTS . ==== End Of File ===========================