spartan
-
Posts
5 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by spartan
-
-
I have unistalled Java6 Update 37.
The ESEt log is below.
I'm still having the following problem with my computer:
When I do a Google, Yahoo or Bing search for the website, retechulous or retechulous.com, and get the search results and then click on the retechulous.com link to
go to that website I get redirected instead to http://stped.dnset.com or http://forbidden.4pu.com with an immediate warning that these sites are known to be malicious and unsafe websites that contain harmful software that can damage my computer or put my personal or financial information at risk. This seems to happen only when I do a search for the retechulous.com website and the redirect happens when I use either Explorer, Firefox or Google Chrome as my browser. When I search for any other website or search term my computer seems to work fine without any redirect to the above-mentioned malicious websites.
I await your further instructions. Thank you.
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=b4634cf5b353054b99f269328bf48626
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-11-20 12:36:55
# local_time=2012-11-19 04:36:55 (-0800, Pacific Standard Time)
# country="United States"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=3584 16777215 100 0 0 0 0 0
# compatibility_mode=5892 16776574 100 100 99975729 189967980 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=178771
# found=0
# cleaned=0
# scan_time=11362
-
Here are the JRT and MBAM logs:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 3.3.6 (11.18.2012)
OS: Windows Vista Home Premium x86
Ran by Russ on Sun 11/18/2012 at 20:24:57.25
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{0055c089-8582-441b-a0bf-17b458c2a3a8}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{ef99bd32-c1fb-11d2-892f-0090271d4f88}
~~~ Files
Successfully deleted: [File] C:\eula.1028.txt
Successfully deleted: [File] C:\eula.1031.txt
Successfully deleted: [File] C:\eula.1033.txt
Successfully deleted: [File] C:\eula.1036.txt
Successfully deleted: [File] C:\eula.1040.txt
Successfully deleted: [File] C:\eula.1041.txt
Successfully deleted: [File] C:\eula.1042.txt
Successfully deleted: [File] C:\eula.2052.txt
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll
~~~ Folders
Successfully deleted: [Folder] C:\Program Files\internet download manager
~~~ FireFox
Successfully deleted: [Folder] C:\Users\Russ\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 11/18/2012 at 20:30:30.53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org
Database version: v2012.11.19.01
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Russ :: RUSS-PC [administrator]
11/18/2012 8:34:35 PM
mbam-log-2012-11-18 (20-34-35).txt
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 366787
Time elapsed: 1 hour(s), 49 minute(s), 51 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
-
Here are the TDSSKiller and ComboFix Logs:
12:45:26.0494 5160 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
12:45:26.0976 5160 ============================================================
12:45:26.0976 5160 Current date / time: 2012/11/18 12:45:26.0976
12:45:26.0976 5160 SystemInfo:
12:45:26.0976 5160
12:45:26.0976 5160 OS Version: 6.0.6002 ServicePack: 2.0
12:45:26.0976 5160 Product type: Workstation
12:45:26.0976 5160 ComputerName: RUSS-PC
12:45:26.0977 5160 UserName: Russ
12:45:26.0977 5160 Windows directory: C:\Windows
12:45:26.0977 5160 System windows directory: C:\Windows
12:45:26.0977 5160 Processor architecture: Intel x86
12:45:26.0977 5160 Number of processors: 2
12:45:26.0977 5160 Page size: 0x1000
12:45:26.0977 5160 Boot type: Normal boot
12:45:26.0977 5160 ============================================================
12:45:28.0619 5160 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:45:28.0623 5160 ============================================================
12:45:28.0623 5160 \Device\Harddisk0\DR0:
12:45:28.0624 5160 MBR partitions:
12:45:28.0624 5160 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x300800, BlocksNum 0x12512800
12:45:28.0624 5160 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x12813000, BlocksNum 0x206000
12:45:28.0624 5160 ============================================================
12:45:28.0649 5160 C: <-> \Device\Harddisk0\DR0\Partition1
12:45:28.0691 5160 D: <-> \Device\Harddisk0\DR0\Partition2
12:45:28.0691 5160 ============================================================
12:45:28.0691 5160 Initialize success
12:45:28.0691 5160 ============================================================
12:45:47.0856 0316 ============================================================
12:45:47.0856 0316 Scan started
12:45:47.0856 0316 Mode: Manual; TDLFS;
12:45:47.0856 0316 ============================================================
12:45:48.0214 0316 ================ Scan system memory ========================
12:45:48.0214 0316 System memory - ok
12:45:48.0215 0316 ================ Scan services =============================
12:45:48.0433 0316 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
12:45:48.0437 0316 ACPI - ok
12:45:48.0538 0316 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
12:45:48.0539 0316 AdobeARMservice - ok
12:45:48.0636 0316 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:45:48.0638 0316 AdobeFlashPlayerUpdateSvc - ok
12:45:48.0695 0316 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:45:48.0700 0316 adp94xx - ok
12:45:48.0724 0316 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:45:48.0728 0316 adpahci - ok
12:45:48.0746 0316 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
12:45:48.0748 0316 adpu160m - ok
12:45:48.0771 0316 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:45:48.0773 0316 adpu320 - ok
12:45:48.0835 0316 [ E341A95C1329E272782B2BAECC64316A ] ADVNTDRV C:\Windows\System32\drivers\ADVNTDRV.SYS
12:45:48.0837 0316 ADVNTDRV - ok
12:45:48.0866 0316 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:45:48.0867 0316 AeLookupSvc - ok
12:45:48.0970 0316 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
12:45:48.0974 0316 AFD - ok
12:45:49.0011 0316 [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
12:45:49.0012 0316 AgereModemAudio - ok
12:45:49.0089 0316 [ 2E3ABAACBF547ABBB5E73A504A56D05A ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
12:45:49.0103 0316 AgereSoftModem - ok
12:45:49.0135 0316 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:45:49.0136 0316 agp440 - ok
12:45:49.0171 0316 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
12:45:49.0173 0316 aic78xx - ok
12:45:49.0218 0316 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
12:45:49.0219 0316 ALG - ok
12:45:49.0238 0316 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
12:45:49.0239 0316 aliide - ok
12:45:49.0262 0316 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
12:45:49.0263 0316 amdagp - ok
12:45:49.0288 0316 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
12:45:49.0290 0316 amdide - ok
12:45:49.0315 0316 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
12:45:49.0316 0316 AmdK7 - ok
12:45:49.0357 0316 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:45:49.0359 0316 AmdK8 - ok
12:45:49.0395 0316 [ 7C2F57BCE81FA74933F0E1C84A97C9DB ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
12:45:49.0397 0316 ApfiltrService - ok
12:45:49.0492 0316 [ DFAE18C675D71FD06D57DC69D2913975 ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
12:45:49.0493 0316 AppHostSvc - ok
12:45:49.0546 0316 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
12:45:49.0547 0316 Appinfo - ok
12:45:49.0577 0316 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
12:45:49.0578 0316 arc - ok
12:45:49.0612 0316 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:45:49.0613 0316 arcsas - ok
12:45:49.0661 0316 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:45:49.0662 0316 AsyncMac - ok
12:45:49.0695 0316 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
12:45:49.0696 0316 atapi - ok
12:45:49.0736 0316 [ 21F6000DA2E094C210E79B3362BCF5F2 ] atashost C:\Windows\system32\atashost.exe
12:45:49.0739 0316 atashost - ok
12:45:49.0928 0316 [ 999EFF35B4C6D969B232BF575972F86F ] athr C:\Windows\system32\DRIVERS\athr.sys
12:45:49.0936 0316 athr - ok
12:45:50.0103 0316 [ 34572C40DD3AFD6CABD5AA2EC9D17F65 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
12:45:50.0111 0316 Ati External Event Utility - ok
12:45:50.0145 0316 [ 4AA1EB65481C392955939E735D27118B ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
12:45:50.0146 0316 AtiPcie - ok
12:45:50.0211 0316 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:45:50.0216 0316 AudioEndpointBuilder - ok
12:45:50.0245 0316 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
12:45:50.0249 0316 Audiosrv - ok
12:45:50.0337 0316 [ B5D974C1FD078A68C7536C561B031D39 ] Automatic LiveUpdate Scheduler C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
12:45:50.0343 0316 Automatic LiveUpdate Scheduler - ok
12:45:50.0424 0316 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe
12:45:50.0426 0316 BBSvc - ok
12:45:50.0475 0316 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe
12:45:50.0479 0316 BBUpdate - ok
12:45:50.0557 0316 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
12:45:50.0559 0316 BcmSqlStartupSvc - ok
12:45:50.0591 0316 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
12:45:50.0591 0316 Beep - ok
12:45:50.0652 0316 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
12:45:50.0656 0316 BFE - ok
12:45:50.0802 0316 [ 9DFFCB249663AA3C2ECB67202280054E ] BHDrvx86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\BASHDefs\20121106.001\BHDrvx86.sys
12:45:50.0812 0316 BHDrvx86 - ok
12:45:50.0885 0316 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
12:45:50.0897 0316 BITS - ok
12:45:50.0906 0316 blbdrive - ok
12:45:50.0950 0316 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:45:50.0951 0316 bowser - ok
12:45:50.0992 0316 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
12:45:50.0993 0316 BrFiltLo - ok
12:45:51.0006 0316 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
12:45:51.0007 0316 BrFiltUp - ok
12:45:51.0044 0316 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
12:45:51.0045 0316 Browser - ok
12:45:51.0068 0316 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
12:45:51.0070 0316 Brserid - ok
12:45:51.0090 0316 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
12:45:51.0092 0316 BrSerWdm - ok
12:45:51.0117 0316 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
12:45:51.0118 0316 BrUsbMdm - ok
12:45:51.0134 0316 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
12:45:51.0135 0316 BrUsbSer - ok
12:45:51.0164 0316 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:45:51.0165 0316 BTHMODEM - ok
12:45:51.0247 0316 [ A9ACC4B9730B6D5B0BB2BFFDC53F0812 ] CCALib8 C:\Program Files\Canon\CAL\CALMAIN.exe
12:45:51.0248 0316 CCALib8 - ok
12:45:51.0353 0316 [ ACE85AF1C31F68BDFEE9333F6592917E ] ccSet_NIS C:\Windows\system32\drivers\NIS\1309000.009\ccSetx86.sys
12:45:51.0358 0316 ccSet_NIS - ok
12:45:51.0419 0316 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:45:51.0422 0316 cdfs - ok
12:45:51.0467 0316 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:45:51.0469 0316 cdrom - ok
12:45:51.0522 0316 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
12:45:51.0523 0316 CertPropSvc - ok
12:45:51.0545 0316 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
12:45:51.0546 0316 circlass - ok
12:45:51.0584 0316 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
12:45:51.0588 0316 CLFS - ok
12:45:51.0644 0316 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:45:51.0646 0316 clr_optimization_v2.0.50727_32 - ok
12:45:51.0747 0316 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:45:51.0751 0316 clr_optimization_v4.0.30319_32 - ok
12:45:51.0807 0316 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:45:51.0809 0316 CmBatt - ok
12:45:51.0839 0316 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:45:51.0842 0316 cmdide - ok
12:45:51.0867 0316 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:45:51.0868 0316 Compbatt - ok
12:45:51.0879 0316 COMSysApp - ok
12:45:51.0903 0316 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:45:51.0904 0316 crcdisk - ok
12:45:51.0927 0316 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
12:45:51.0928 0316 Crusoe - ok
12:45:51.0988 0316 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:45:51.0990 0316 CryptSvc - ok
12:45:52.0053 0316 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:45:52.0062 0316 DcomLaunch - ok
12:45:52.0094 0316 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:45:52.0096 0316 DfsC - ok
12:45:52.0236 0316 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
12:45:52.0258 0316 DFSR - ok
12:45:52.0329 0316 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
12:45:52.0333 0316 Dhcp - ok
12:45:52.0376 0316 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
12:45:52.0377 0316 disk - ok
12:45:52.0420 0316 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:45:52.0423 0316 Dnscache - ok
12:45:52.0446 0316 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:45:52.0449 0316 dot3svc - ok
12:45:52.0481 0316 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
12:45:52.0484 0316 DPS - ok
12:45:52.0518 0316 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:45:52.0520 0316 drmkaud - ok
12:45:52.0582 0316 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:45:52.0588 0316 DXGKrnl - ok
12:45:52.0616 0316 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
12:45:52.0618 0316 E1G60 - ok
12:45:52.0677 0316 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
12:45:52.0679 0316 EapHost - ok
12:45:52.0717 0316 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
12:45:52.0720 0316 Ecache - ok
12:45:52.0813 0316 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
12:45:52.0818 0316 eeCtrl - ok
12:45:52.0886 0316 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:45:52.0890 0316 ehRecvr - ok
12:45:52.0942 0316 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
12:45:52.0944 0316 ehSched - ok
12:45:52.0981 0316 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
12:45:52.0984 0316 ehstart - ok
12:45:53.0053 0316 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:45:53.0057 0316 elxstor - ok
12:45:53.0118 0316 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
12:45:53.0124 0316 EMDMgmt - ok
12:45:53.0175 0316 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
12:45:53.0177 0316 EraserUtilRebootDrv - ok
12:45:53.0229 0316 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
12:45:53.0232 0316 EventSystem - ok
12:45:53.0285 0316 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
12:45:53.0287 0316 exfat - ok
12:45:53.0320 0316 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:45:53.0322 0316 fastfat - ok
12:45:53.0355 0316 [ F64B86A52FB20686954703A6F7A955D5 ] FBIOSDRV C:\Windows\system32\drivers\FBIOSDRV.SYS
12:45:53.0356 0316 FBIOSDRV - ok
12:45:53.0406 0316 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:45:53.0407 0316 fdc - ok
12:45:53.0454 0316 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
12:45:53.0456 0316 fdPHost - ok
12:45:53.0481 0316 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
12:45:53.0483 0316 FDResPub - ok
12:45:53.0532 0316 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:45:53.0533 0316 FileInfo - ok
12:45:53.0564 0316 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:45:53.0566 0316 Filetrace - ok
12:45:53.0579 0316 [ 04895ABDFF069972EB2C56CCC31A0ABF ] FJGSDisk C:\Windows\system32\DRIVERS\FJGSDisk.sys
12:45:53.0580 0316 FJGSDisk - ok
12:45:53.0604 0316 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:45:53.0605 0316 flpydisk - ok
12:45:53.0648 0316 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:45:53.0650 0316 FltMgr - ok
12:45:53.0738 0316 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
12:45:53.0748 0316 FontCache - ok
12:45:53.0799 0316 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:45:53.0815 0316 FontCache3.0.0.0 - ok
12:45:53.0854 0316 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:45:53.0855 0316 Fs_Rec - ok
12:45:53.0898 0316 [ 49E588AC7D2B57F057756A91C6F36D25 ] FUJ02B1 C:\Windows\system32\DRIVERS\FUJ02B1.sys
12:45:53.0899 0316 FUJ02B1 - ok
12:45:53.0912 0316 [ D45474A7E5E2F35150C29A3193747884 ] FUJ02E3 C:\Windows\system32\DRIVERS\FUJ02E3.sys
12:45:53.0913 0316 FUJ02E3 - ok
12:45:53.0948 0316 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:45:53.0950 0316 gagp30kx - ok
12:45:54.0024 0316 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
12:45:54.0026 0316 GoogleDesktopManager-051210-111108 - ok
12:45:54.0079 0316 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
12:45:54.0086 0316 gpsvc - ok
12:45:54.0154 0316 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
12:45:54.0158 0316 gupdate - ok
12:45:54.0169 0316 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
12:45:54.0171 0316 gupdatem - ok
12:45:54.0231 0316 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
12:45:54.0237 0316 gusvc - ok
12:45:54.0290 0316 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:45:54.0298 0316 HdAudAddService - ok
12:45:54.0358 0316 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:45:54.0387 0316 HDAudBus - ok
12:45:54.0430 0316 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:45:54.0436 0316 HidBth - ok
12:45:54.0468 0316 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
12:45:54.0472 0316 HidIr - ok
12:45:54.0504 0316 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
12:45:54.0507 0316 hidserv - ok
12:45:54.0526 0316 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:45:54.0529 0316 HidUsb - ok
12:45:54.0566 0316 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:45:54.0570 0316 hkmsvc - ok
12:45:54.0592 0316 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
12:45:54.0595 0316 HpCISSs - ok
12:45:54.0651 0316 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:45:54.0674 0316 HTTP - ok
12:45:54.0712 0316 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
12:45:54.0715 0316 i2omp - ok
12:45:54.0755 0316 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:45:54.0759 0316 i8042prt - ok
12:45:54.0819 0316 [ 496DB78E6A0C4C44023D9A92B4A7AC31 ] ialm C:\Windows\system32\DRIVERS\igdkmd32.sys
12:45:54.0866 0316 ialm - ok
12:45:54.0895 0316 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
12:45:54.0903 0316 iaStorV - ok
12:45:54.0997 0316 [ 6F95324909B502E2651442C1548AB12F ] IDriverT c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
12:45:55.0001 0316 IDriverT - ok
12:45:55.0087 0316 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:45:55.0230 0316 idsvc - ok
12:45:55.0345 0316 [ 404FB2AAF532BC7BBACC8880BE401C74 ] IDSVix86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\IPSDefs\20121116.001\IDSvix86.sys
12:45:55.0368 0316 IDSVix86 - ok
12:45:55.0402 0316 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:45:55.0405 0316 iirsp - ok
12:45:55.0456 0316 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
12:45:55.0479 0316 IKEEXT - ok
12:45:55.0611 0316 [ 72D98DBBD14549C8F7E9C64712C45407 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
12:45:55.0689 0316 IntcAzAudAddService - ok
12:45:55.0712 0316 [ 97469037714070E45194ED318D636401 ] intelide C:\Windows\system32\drivers\intelide.sys
12:45:55.0715 0316 intelide - ok
12:45:55.0735 0316 [ CE44CC04262F28216DD4341E9E36A16F ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:45:55.0739 0316 intelppm - ok
12:45:55.0776 0316 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:45:55.0781 0316 IPBusEnum - ok
12:45:55.0829 0316 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:45:55.0832 0316 IpFilterDriver - ok
12:45:55.0878 0316 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:45:55.0885 0316 iphlpsvc - ok
12:45:55.0897 0316 IpInIp - ok
12:45:55.0927 0316 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
12:45:55.0931 0316 IPMIDRV - ok
12:45:55.0966 0316 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
12:45:55.0971 0316 IPNAT - ok
12:45:56.0010 0316 [ E50A95179211B12946F7E035D60AF560 ] irda C:\Windows\system32\DRIVERS\irda.sys
12:45:56.0014 0316 irda - ok
12:45:56.0058 0316 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:45:56.0061 0316 IRENUM - ok
12:45:56.0093 0316 [ CBB0D940221A281BCFEAEA695BD1CDA5 ] Irmon C:\Windows\System32\irmon.dll
12:45:56.0096 0316 Irmon - ok
12:45:56.0114 0316 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:45:56.0117 0316 isapnp - ok
12:45:56.0155 0316 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
12:45:56.0160 0316 iScsiPrt - ok
12:45:56.0182 0316 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
12:45:56.0185 0316 iteatapi - ok
12:45:56.0220 0316 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
12:45:56.0223 0316 iteraid - ok
12:45:56.0268 0316 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:45:56.0271 0316 kbdclass - ok
12:45:56.0290 0316 [ D2600CB17B7408B4A83F231DC9A11AC3 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:45:56.0294 0316 kbdhid - ok
12:45:56.0324 0316 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
12:45:56.0326 0316 KeyIso - ok
12:45:56.0378 0316 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:45:56.0401 0316 KSecDD - ok
12:45:56.0453 0316 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
12:45:56.0477 0316 KtmRm - ok
12:45:56.0529 0316 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
12:45:56.0535 0316 LanmanServer - ok
12:45:56.0582 0316 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:45:56.0597 0316 LanmanWorkstation - ok
12:45:56.0781 0316 [ A97EEB81F05BCE3D7AA6C81F04EF39A4 ] LiveUpdate C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
12:45:56.0885 0316 LiveUpdate - ok
12:45:56.0896 0316 LiveUpdate Notice Ex - ok
12:45:56.0960 0316 [ 2D1389E05A807D956829F44BD4B60389 ] LiveUpdate Notice Service C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
12:45:56.0983 0316 LiveUpdate Notice Service - ok
12:45:57.0020 0316 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:45:57.0023 0316 lltdio - ok
12:45:57.0068 0316 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:45:57.0074 0316 lltdsvc - ok
12:45:57.0108 0316 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:45:57.0111 0316 lmhosts - ok
12:45:57.0143 0316 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:45:57.0148 0316 LSI_FC - ok
12:45:57.0166 0316 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:45:57.0171 0316 LSI_SAS - ok
12:45:57.0209 0316 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:45:57.0214 0316 LSI_SCSI - ok
12:45:57.0258 0316 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
12:45:57.0262 0316 luafv - ok
12:45:57.0324 0316 [ C57C48FB9AE3EFB9848AF594E3123A63 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2Mon.sys
12:45:57.0330 0316 LVPr2Mon - ok
12:45:57.0394 0316 [ 5C7B88695CE461D8BDA4FE0C0E57E71D ] LVPrcSrv C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
12:45:57.0398 0316 LVPrcSrv - ok
12:45:57.0442 0316 [ 37072EC9299E825F4335CC554B6FAC6A ] LVRS C:\Windows\system32\DRIVERS\lvrs.sys
12:45:57.0449 0316 LVRS - ok
12:45:57.0885 0316 [ A240E42A7402E927A71B6E8AA4629B13 ] LVUVC C:\Windows\system32\DRIVERS\lvuvc.sys
12:45:58.0104 0316 LVUVC - ok
12:45:58.0140 0316 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:45:58.0144 0316 Mcx2Svc - ok
12:45:58.0196 0316 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
12:45:58.0199 0316 megasas - ok
12:45:58.0220 0316 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
12:45:58.0225 0316 MMCSS - ok
12:45:58.0268 0316 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
12:45:58.0271 0316 Modem - ok
12:45:58.0315 0316 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:45:58.0319 0316 monitor - ok
12:45:58.0333 0316 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:45:58.0337 0316 mouclass - ok
12:45:58.0359 0316 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:45:58.0361 0316 mouhid - ok
12:45:58.0407 0316 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
12:45:58.0410 0316 MountMgr - ok
12:45:58.0497 0316 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:45:58.0501 0316 MozillaMaintenance - ok
12:45:58.0545 0316 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
12:45:58.0549 0316 mpio - ok
12:45:58.0589 0316 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:45:58.0592 0316 mpsdrv - ok
12:45:58.0640 0316 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
12:45:58.0652 0316 MpsSvc - ok
12:45:58.0667 0316 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
12:45:58.0671 0316 Mraid35x - ok
12:45:58.0711 0316 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:45:58.0715 0316 MRxDAV - ok
12:45:58.0744 0316 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:45:58.0748 0316 mrxsmb - ok
12:45:58.0788 0316 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:45:58.0795 0316 mrxsmb10 - ok
12:45:58.0822 0316 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:45:58.0827 0316 mrxsmb20 - ok
12:45:58.0841 0316 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
12:45:58.0844 0316 msahci - ok
12:45:58.0866 0316 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:45:58.0871 0316 msdsm - ok
12:45:58.0911 0316 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
12:45:58.0917 0316 MSDTC - ok
12:45:58.0960 0316 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:45:58.0963 0316 Msfs - ok
12:45:58.0996 0316 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:45:58.0999 0316 msisadrv - ok
12:45:59.0026 0316 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:45:59.0031 0316 MSiSCSI - ok
12:45:59.0044 0316 msiserver - ok
12:45:59.0068 0316 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:45:59.0070 0316 MSKSSRV - ok
12:45:59.0134 0316 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:45:59.0136 0316 MSPCLOCK - ok
12:45:59.0170 0316 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:45:59.0173 0316 MSPQM - ok
12:45:59.0206 0316 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:45:59.0211 0316 MsRPC - ok
12:45:59.0234 0316 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:45:59.0237 0316 mssmbios - ok
12:45:59.0305 0316 MSSQL$MSSMLBIZ - ok
12:45:59.0357 0316 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
12:45:59.0359 0316 MSSQLServerADHelper - ok
12:45:59.0368 0316 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:45:59.0371 0316 MSTEE - ok
12:45:59.0418 0316 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
12:45:59.0421 0316 Mup - ok
12:45:59.0457 0316 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
12:45:59.0480 0316 napagent - ok
12:45:59.0526 0316 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:45:59.0532 0316 NativeWifiP - ok
12:45:59.0619 0316 [ 8E4C77AD9BB279900C00F870CC0C674B ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\VirusDefs\20121117.005\NAVENG.SYS
12:45:59.0628 0316 NAVENG - ok
12:45:59.0762 0316 [ 826F699B69E88A3920C70F344DD42D88 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.6.2.10\Definitions\VirusDefs\20121117.005\NAVEX15.SYS
12:45:59.0850 0316 NAVEX15 - ok
12:45:59.0927 0316 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:45:59.0957 0316 NDIS - ok
12:45:59.0993 0316 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:46:00.0004 0316 NdisTapi - ok
12:46:00.0067 0316 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:46:00.0073 0316 Ndisuio - ok
12:46:00.0121 0316 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:46:00.0125 0316 NdisWan - ok
12:46:00.0157 0316 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:46:00.0160 0316 NDProxy - ok
12:46:00.0204 0316 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:46:00.0247 0316 NetBIOS - ok
12:46:00.0328 0316 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
12:46:00.0373 0316 netbt - ok
12:46:00.0417 0316 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
12:46:00.0420 0316 Netlogon - ok
12:46:00.0506 0316 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
12:46:00.0516 0316 Netman - ok
12:46:00.0546 0316 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:46:00.0550 0316 NetMsmqActivator - ok
12:46:00.0558 0316 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:46:00.0560 0316 NetPipeActivator - ok
12:46:00.0608 0316 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
12:46:00.0616 0316 netprofm - ok
12:46:00.0625 0316 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:46:00.0627 0316 NetTcpActivator - ok
12:46:00.0637 0316 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:46:00.0640 0316 NetTcpPortSharing - ok
12:46:00.0674 0316 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:46:00.0678 0316 nfrd960 - ok
12:46:00.0781 0316 [ F2840DBFE9322F35557219AE82CC4597 ] NIS C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe
12:46:00.0785 0316 NIS - ok
12:46:00.0811 0316 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:46:00.0818 0316 NlaSvc - ok
12:46:00.0849 0316 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:46:00.0852 0316 Npfs - ok
12:46:00.0885 0316 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
12:46:00.0889 0316 nsi - ok
12:46:00.0925 0316 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:46:00.0928 0316 nsiproxy - ok
12:46:01.0006 0316 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:46:01.0050 0316 Ntfs - ok
12:46:01.0076 0316 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
12:46:01.0079 0316 ntrigdigi - ok
12:46:01.0117 0316 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
12:46:01.0120 0316 Null - ok
12:46:01.0145 0316 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:46:01.0150 0316 nvraid - ok
12:46:01.0176 0316 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:46:01.0179 0316 nvstor - ok
12:46:01.0202 0316 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:46:01.0208 0316 nv_agp - ok
12:46:01.0221 0316 NwlnkFlt - ok
12:46:01.0231 0316 NwlnkFwd - ok
12:46:01.0262 0316 [ A7B4D345D0F160649AA7CDC37E5C1A28 ] o2flash C:\Windows\system32\o2flash.exe
12:46:01.0267 0316 o2flash - ok
12:46:01.0284 0316 [ F4AA04F7BA01D54B31F14841386CC60B ] O2MDRDR C:\Windows\system32\DRIVERS\o2media.sys
12:46:01.0287 0316 O2MDRDR - ok
12:46:01.0311 0316 [ BFD27594E1FF49DDFF3C23DAE246AD44 ] O2SDRDR C:\Windows\system32\DRIVERS\o2sd.sys
12:46:01.0315 0316 O2SDRDR - ok
12:46:01.0425 0316 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:46:01.0447 0316 odserv - ok
12:46:01.0501 0316 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
12:46:01.0505 0316 ohci1394 - ok
12:46:01.0547 0316 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:46:01.0551 0316 ose - ok
12:46:01.0637 0316 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
12:46:01.0659 0316 p2pimsvc - ok
12:46:01.0693 0316 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
12:46:01.0700 0316 p2psvc - ok
12:46:01.0726 0316 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:46:01.0730 0316 Parport - ok
12:46:01.0766 0316 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:46:01.0768 0316 partmgr - ok
12:46:01.0784 0316 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
12:46:01.0787 0316 Parvdm - ok
12:46:01.0818 0316 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
12:46:01.0823 0316 PcaSvc - ok
12:46:01.0860 0316 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
12:46:01.0866 0316 pci - ok
12:46:01.0887 0316 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys
12:46:01.0889 0316 pciide - ok
12:46:01.0917 0316 [ 3BB2244F343B610C29C98035504C9B75 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:46:01.0924 0316 pcmcia - ok
12:46:01.0993 0316 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:46:02.0026 0316 PEAUTH - ok
12:46:02.0140 0316 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
12:46:02.0195 0316 pla - ok
12:46:02.0242 0316 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:46:02.0252 0316 PlugPlay - ok
12:46:02.0294 0316 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
12:46:02.0304 0316 PNRPAutoReg - ok
12:46:02.0338 0316 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
12:46:02.0348 0316 PNRPsvc - ok
12:46:02.0378 0316 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:46:02.0401 0316 PolicyAgent - ok
12:46:02.0422 0316 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:46:02.0425 0316 PptpMiniport - ok
12:46:02.0464 0316 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
12:46:02.0468 0316 Processor - ok
12:46:02.0492 0316 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
12:46:02.0500 0316 ProfSvc - ok
12:46:02.0516 0316 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
12:46:02.0519 0316 ProtectedStorage - ok
12:46:02.0558 0316 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
12:46:02.0561 0316 PSched - ok
12:46:02.0576 0316 [ F7BB4E7A7C02AB4A2672937E124E306E ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
12:46:02.0580 0316 PxHelp20 - ok
12:46:02.0651 0316 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:46:02.0684 0316 ql2300 - ok
12:46:02.0709 0316 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:46:02.0715 0316 ql40xx - ok
12:46:02.0762 0316 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
12:46:02.0770 0316 QWAVE - ok
12:46:02.0811 0316 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:46:02.0813 0316 QWAVEdrv - ok
12:46:02.0924 0316 [ 15B131177EC8A6DD6CBEC2C124712EE4 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
12:46:03.0000 0316 R300 - ok
12:46:03.0030 0316 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:46:03.0033 0316 RasAcd - ok
12:46:03.0071 0316 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
12:46:03.0077 0316 RasAuto - ok
12:46:03.0120 0316 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:46:03.0123 0316 Rasl2tp - ok
12:46:03.0154 0316 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
12:46:03.0164 0316 RasMan - ok
12:46:03.0202 0316 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:46:03.0205 0316 RasPppoe - ok
12:46:03.0248 0316 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:46:03.0252 0316 RasSstp - ok
12:46:03.0297 0316 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:46:03.0305 0316 rdbss - ok
12:46:03.0340 0316 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:46:03.0342 0316 RDPCDD - ok
12:46:03.0374 0316 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
12:46:03.0382 0316 rdpdr - ok
12:46:03.0390 0316 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:46:03.0393 0316 RDPENCDD - ok
12:46:03.0436 0316 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:46:03.0442 0316 RDPWD - ok
12:46:03.0540 0316 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:46:03.0545 0316 RemoteAccess - ok
12:46:03.0575 0316 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:46:03.0582 0316 RemoteRegistry - ok
12:46:03.0644 0316 [ B216B03852DF788C7E2AFDF6C6E8A9B0 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
12:46:03.0651 0316 RichVideo - ok
12:46:03.0681 0316 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
12:46:03.0685 0316 RpcLocator - ok
12:46:03.0728 0316 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
12:46:03.0737 0316 RpcSs - ok
12:46:03.0777 0316 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:46:03.0780 0316 rspndr - ok
12:46:03.0795 0316 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
12:46:03.0800 0316 SamSs - ok
12:46:03.0823 0316 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:46:03.0828 0316 sbp2port - ok
12:46:03.0866 0316 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:46:03.0873 0316 SCardSvr - ok
12:46:03.0933 0316 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
12:46:03.0968 0316 Schedule - ok
12:46:04.0005 0316 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:46:04.0007 0316 SCPolicySvc - ok
12:46:04.0044 0316 [ 4339A2585708C7D9B0C0CE5AAD3DD6FF ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
12:46:04.0053 0316 sdbus - ok
12:46:04.0104 0316 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:46:04.0117 0316 SDRSVC - ok
12:46:04.0138 0316 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:46:04.0141 0316 secdrv - ok
12:46:04.0173 0316 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
12:46:04.0179 0316 seclogon - ok
12:46:04.0201 0316 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
12:46:04.0206 0316 SENS - ok
12:46:04.0233 0316 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:46:04.0236 0316 Serenum - ok
12:46:04.0267 0316 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:46:04.0272 0316 Serial - ok
12:46:04.0284 0316 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:46:04.0287 0316 sermouse - ok
12:46:04.0337 0316 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
12:46:04.0343 0316 SessionEnv - ok
12:46:04.0361 0316 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:46:04.0364 0316 sffdisk - ok
12:46:04.0390 0316 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:46:04.0393 0316 sffp_mmc - ok
12:46:04.0403 0316 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:46:04.0409 0316 sffp_sd - ok
12:46:04.0424 0316 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:46:04.0428 0316 sfloppy - ok
12:46:04.0456 0316 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:46:04.0466 0316 SharedAccess - ok
12:46:04.0505 0316 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:46:04.0514 0316 ShellHWDetection - ok
12:46:04.0537 0316 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
12:46:04.0541 0316 sisagp - ok
12:46:04.0553 0316 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
12:46:04.0555 0316 SiSRaid2 - ok
12:46:04.0574 0316 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:46:04.0579 0316 SiSRaid4 - ok
12:46:04.0662 0316 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
12:46:04.0668 0316 SkypeUpdate - ok
12:46:04.0818 0316 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
12:46:04.0947 0316 slsvc - ok
12:46:05.0019 0316 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
12:46:05.0026 0316 SLUINotify - ok
12:46:05.0056 0316 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:46:05.0060 0316 Smb - ok
12:46:05.0096 0316 [ 12B62474E707A26D662232C54A4EF322 ] SMSCIRDA C:\Windows\system32\DRIVERS\SMSCirda.sys
12:46:05.0099 0316 SMSCIRDA - ok
12:46:05.0147 0316 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:46:05.0152 0316 SNMPTRAP - ok
12:46:05.0180 0316 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
12:46:05.0184 0316 spldr - ok
12:46:05.0229 0316 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
12:46:05.0235 0316 Spooler - ok
12:46:05.0274 0316 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
12:46:05.0280 0316 SQLBrowser - ok
12:46:05.0337 0316 [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
12:46:05.0340 0316 SQLWriter - ok
12:46:05.0452 0316 [ 7BB297CADA42903328E92425D9761DA6 ] SRTSP C:\Windows\System32\Drivers\NIS\1309000.009\SRTSP.SYS
12:46:05.0484 0316 SRTSP - ok
12:46:05.0545 0316 [ 475FCF0F28D845BF1C8ABAC27F19003E ] SRTSPX C:\Windows\system32\drivers\NIS\1309000.009\SRTSPX.SYS
12:46:05.0549 0316 SRTSPX - ok
12:46:05.0595 0316 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:46:05.0603 0316 srv - ok
12:46:05.0647 0316 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:46:05.0653 0316 srv2 - ok
12:46:05.0682 0316 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:46:05.0687 0316 srvnet - ok
12:46:05.0737 0316 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:46:05.0745 0316 SSDPSRV - ok
12:46:05.0783 0316 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:46:05.0790 0316 SstpSvc - ok
12:46:05.0829 0316 [ EF70B3D22B4BFFDA6EA851ECB063EFAA ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
12:46:05.0832 0316 StillCam - ok
12:46:05.0898 0316 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
12:46:05.0921 0316 stisvc - ok
12:46:05.0934 0316 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:46:05.0937 0316 swenum - ok
12:46:05.0976 0316 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
12:46:05.0987 0316 swprv - ok
12:46:06.0021 0316 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
12:46:06.0024 0316 Symc8xx - ok
12:46:06.0033 0316 SYMDNS - ok
12:46:06.0078 0316 [ 690FA0E61B90084C4D9A721BD4F3D779 ] SymDS C:\Windows\system32\drivers\NIS\1309000.009\SYMDS.SYS
12:46:06.0101 0316 SymDS - ok
12:46:06.0166 0316 [ 8F88EDB211B12537D2DC2A6D73D6067C ] SymEFA C:\Windows\system32\drivers\NIS\1309000.009\SYMEFA.SYS
12:46:06.0201 0316 SymEFA - ok
12:46:06.0231 0316 [ 74E2521E96176A4449570E50BE91954D ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
12:46:06.0244 0316 SymEvent - ok
12:46:06.0278 0316 SYMFW - ok
12:46:06.0332 0316 [ 2C356CCA706505CF63CBE39D532B9236 ] SymIRON C:\Windows\system32\drivers\NIS\1309000.009\Ironx86.SYS
12:46:06.0338 0316 SymIRON - ok
12:46:06.0346 0316 SYMNDISV - ok
12:46:06.0358 0316 SYMREDRV - ok
12:46:06.0400 0316 [ 40C6E6417C8B7D7FCF82CFBE71525795 ] SYMTDIv C:\Windows\System32\Drivers\NIS\1309000.009\SYMTDIV.SYS
12:46:06.0410 0316 SYMTDIv - ok
12:46:06.0446 0316 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
12:46:06.0449 0316 Sym_hi - ok
12:46:06.0466 0316 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
12:46:06.0470 0316 Sym_u3 - ok
12:46:06.0515 0316 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
12:46:06.0538 0316 SysMain - ok
12:46:06.0566 0316 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:46:06.0571 0316 TabletInputService - ok
12:46:06.0606 0316 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:46:06.0615 0316 TapiSrv - ok
12:46:06.0649 0316 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
12:46:06.0654 0316 TBS - ok
12:46:06.0723 0316 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:46:06.0756 0316 Tcpip - ok
12:46:06.0800 0316 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
12:46:06.0810 0316 Tcpip6 - ok
12:46:06.0851 0316 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:46:06.0854 0316 tcpipreg - ok
12:46:06.0898 0316 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:46:06.0900 0316 TDPIPE - ok
12:46:06.0925 0316 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:46:06.0928 0316 TDTCP - ok
12:46:06.0956 0316 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:46:06.0960 0316 tdx - ok
12:46:06.0979 0316 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:46:06.0983 0316 TermDD - ok
12:46:07.0020 0316 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
12:46:07.0043 0316 TermService - ok
12:46:07.0072 0316 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
12:46:07.0079 0316 Themes - ok
12:46:07.0104 0316 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
12:46:07.0108 0316 THREADORDER - ok
12:46:07.0138 0316 [ 42A23FF09BD172FA3F6A3A0A589EF1B0 ] tosrfbd C:\Windows\system32\DRIVERS\tosrfbd.sys
12:46:07.0144 0316 tosrfbd - ok
12:46:07.0168 0316 [ 410AA85D04CFE697A2C3368286DDD128 ] Tosrfhid C:\Windows\system32\DRIVERS\Tosrfhid.sys
12:46:07.0172 0316 Tosrfhid - ok
12:46:07.0207 0316 [ 967316FB4777BC6EAAA0E15552FEF768 ] tosrfusb C:\Windows\system32\DRIVERS\tosrfusb.sys
12:46:07.0211 0316 tosrfusb - ok
12:46:07.0251 0316 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
12:46:07.0256 0316 TrkWks - ok
12:46:07.0314 0316 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:46:07.0316 0316 TrustedInstaller - ok
12:46:07.0360 0316 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:46:07.0363 0316 tssecsrv - ok
12:46:07.0407 0316 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
12:46:07.0410 0316 tunmp - ok
12:46:07.0452 0316 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:46:07.0455 0316 tunnel - ok
12:46:07.0495 0316 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:46:07.0498 0316 uagp35 - ok
12:46:07.0533 0316 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:46:07.0540 0316 udfs - ok
12:46:07.0575 0316 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:46:07.0581 0316 UI0Detect - ok
12:46:07.0605 0316 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:46:07.0610 0316 uliagpkx - ok
12:46:07.0637 0316 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
12:46:07.0646 0316 uliahci - ok
12:46:07.0671 0316 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
12:46:07.0677 0316 UlSata - ok
12:46:07.0698 0316 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
12:46:07.0703 0316 ulsata2 - ok
12:46:07.0737 0316 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:46:07.0740 0316 umbus - ok
12:46:07.0797 0316 [ 9E16F1017C4B70B9CB625D6754DFCCC7 ] UpdateNaviInstallService C:\Program Files\Fujitsu\fjdvrupd\updnvsrv.exe
12:46:07.0799 0316 UpdateNaviInstallService - ok
12:46:07.0841 0316 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
12:46:07.0859 0316 upnphost - ok
12:46:07.0923 0316 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:46:07.0933 0316 usbaudio - ok
12:46:07.0957 0316 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:46:07.0960 0316 usbccgp - ok
12:46:08.0002 0316 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:46:08.0006 0316 usbcir - ok
12:46:08.0062 0316 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:46:08.0065 0316 usbehci - ok
12:46:08.0091 0316 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:46:08.0098 0316 usbhub - ok
12:46:08.0135 0316 [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
12:46:08.0137 0316 usbohci - ok
12:46:08.0168 0316 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
12:46:08.0170 0316 usbprint - ok
12:46:08.0209 0316 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:46:08.0214 0316 USBSTOR - ok
12:46:08.0233 0316 [ 325DBBACB8A36AF9988CCF40EAC228CC ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
12:46:08.0236 0316 usbuhci - ok
12:46:08.0277 0316 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
12:46:08.0282 0316 usbvideo - ok
12:46:08.0319 0316 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
12:46:08.0324 0316 UxSms - ok
12:46:08.0377 0316 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
12:46:08.0412 0316 vds - ok
12:46:08.0445 0316 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:46:08.0448 0316 vga - ok
12:46:08.0494 0316 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
12:46:08.0497 0316 VgaSave - ok
12:46:08.0526 0316 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
12:46:08.0530 0316 viaagp - ok
12:46:08.0550 0316 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
12:46:08.0554 0316 ViaC7 - ok
12:46:08.0576 0316 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
12:46:08.0580 0316 viaide - ok
12:46:08.0601 0316 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:46:08.0605 0316 volmgr - ok
12:46:08.0649 0316 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:46:08.0658 0316 volmgrx - ok
12:46:08.0705 0316 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:46:08.0713 0316 volsnap - ok
12:46:08.0741 0316 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:46:08.0746 0316 vsmraid - ok
12:46:08.0818 0316 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
12:46:08.0863 0316 VSS - ok
12:46:08.0906 0316 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
12:46:08.0916 0316 W32Time - ok
12:46:08.0986 0316 [ 9CA92191C8F18E8B491A5B28E63C07B7 ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
12:46:08.0995 0316 W3SVC - ok
12:46:09.0016 0316 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:46:09.0020 0316 WacomPen - ok
12:46:09.0055 0316 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
12:46:09.0058 0316 Wanarp - ok
12:46:09.0072 0316 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:46:09.0074 0316 Wanarpv6 - ok
12:46:09.0119 0316 [ 9CA92191C8F18E8B491A5B28E63C07B7 ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
12:46:09.0123 0316 WAS - ok
12:46:09.0151 0316 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:46:09.0173 0316 wcncsvc - ok
12:46:09.0204 0316 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:46:09.0208 0316 WcsPlugInService - ok
12:46:09.0248 0316 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
12:46:09.0251 0316 Wd - ok
12:46:09.0295 0316 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:46:09.0318 0316 Wdf01000 - ok
12:46:09.0347 0316 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:46:09.0353 0316 WdiServiceHost - ok
12:46:09.0361 0316 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:46:09.0369 0316 WdiSystemHost - ok
12:46:09.0406 0316 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
12:46:09.0414 0316 WebClient - ok
12:46:09.0458 0316 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:46:09.0467 0316 Wecsvc - ok
12:46:09.0505 0316 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:46:09.0511 0316 wercplsupport - ok
12:46:09.0551 0316 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
12:46:09.0558 0316 WerSvc - ok
12:46:09.0620 0316 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
12:46:09.0627 0316 WinDefend - ok
12:46:09.0638 0316 WinHttpAutoProxySvc - ok
12:46:09.0699 0316 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:46:09.0704 0316 Winmgmt - ok
12:46:09.0785 0316 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
12:46:09.0841 0316 WinRM - ok
12:46:09.0912 0316 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:46:09.0934 0316 Wlansvc - ok
12:46:10.0022 0316 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:46:10.0079 0316 wlidsvc - ok
12:46:10.0121 0316 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:46:10.0124 0316 WmiAcpi - ok
12:46:10.0162 0316 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:46:10.0167 0316 wmiApSrv - ok
12:46:10.0246 0316 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
12:46:10.0281 0316 WMPNetworkSvc - ok
12:46:10.0307 0316 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:46:10.0316 0316 WPCSvc - ok
12:46:10.0357 0316 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:46:10.0369 0316 WPDBusEnum - ok
12:46:10.0432 0316 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
12:46:10.0438 0316 WpdUsb - ok
12:46:10.0625 0316 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:46:10.0712 0316 WPFFontCache_v0400 - ok
12:46:10.0755 0316 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:46:10.0789 0316 ws2ifsl - ok
12:46:10.0839 0316 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
12:46:10.0845 0316 wscsvc - ok
12:46:10.0854 0316 WSearch - ok
12:46:10.0923 0316 [ 2A456C4791E405CD810AB2219FF8B070 ] wtpfiltr C:\Windows\system32\drivers\wtpfiltr.sys
12:46:10.0930 0316 wtpfiltr - ok
12:46:11.0040 0316 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
12:46:11.0108 0316 wuauserv - ok
12:46:11.0150 0316 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:46:11.0154 0316 WUDFRd - ok
12:46:11.0190 0316 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:46:11.0196 0316 wudfsvc - ok
12:46:11.0262 0316 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
12:46:11.0357 0316 YahooAUService - ok
12:46:11.0408 0316 [ 64B7C777B88D3AD5A3553BAFD66F9CAE ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
12:46:11.0442 0316 yukonwlh - ok
12:46:11.0513 0316 ================ Scan global ===============================
12:46:11.0563 0316 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
12:46:11.0714 0316 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
12:46:11.0803 0316 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
12:46:11.0891 0316 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
12:46:11.0976 0316 [Global] - ok
12:46:11.0986 0316 ================ Scan MBR ==================================
12:46:12.0017 0316 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
12:46:12.0556 0316 \Device\Harddisk0\DR0 - ok
12:46:12.0557 0316 ================ Scan VBR ==================================
12:46:12.0562 0316 [ F4763086AF101FBBE226E2B3C2F19FA0 ] \Device\Harddisk0\DR0\Partition1
12:46:12.0564 0316 \Device\Harddisk0\DR0\Partition1 - ok
12:46:12.0587 0316 [ 7AE6DE9486CB2CFB46AEEE340C1F5664 ] \Device\Harddisk0\DR0\Partition2
12:46:12.0590 0316 \Device\Harddisk0\DR0\Partition2 - ok
12:46:12.0591 0316 ============================================================
12:46:12.0591 0316 Scan finished
12:46:12.0591 0316 ============================================================
12:46:12.0613 2224 Detected object count: 0
12:46:12.0613 2224 Actual detected object count: 0
12:55:35.0971 5396 Deinitialize success
ComboFix 12-11-16.02 - Russ 11/18/2012 13:31:26.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1981.786 [GMT -8:00]
Running from: c:\users\Russ\Downloads\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Russ\AppData\Local\Temp\_MEI32922\_ctypes.pyd
c:\users\Russ\AppData\Local\Temp\_MEI32922\_elementtree.pyd
c:\users\Russ\AppData\Local\Temp\_MEI32922\_hashlib.pyd
c:\users\Russ\AppData\Local\Temp\_MEI32922\_socket.pyd
c:\users\Russ\AppData\Local\Temp\_MEI32922\_ssl.pyd
c:\users\Russ\AppData\Local\Temp\_MEI32922\pyexpat.pyd
c:\users\Russ\AppData\Local\Temp\_MEI32922\pysqlite2._sqlite.pyd
c:\users\Russ\AppData\Local\Temp\_MEI32922\python26.dll
c:\users\Russ\AppData\Local\Temp\_MEI32922\pythoncom26.dll
c:\users\Russ\AppData\Local\Temp\_MEI32922\PyWinTypes26.dll
c:\users\Russ\AppData\Local\Temp\_MEI32922\select.pyd
c:\users\Russ\AppData\Local\Temp\_MEI32922\unicodedata.pyd
c:\users\Russ\AppData\Local\Temp\_MEI32922\win32api.pyd
c:\users\Russ\AppData\Local\Temp\_MEI32922\win32com.shell.shell.pyd
c:\users\Russ\AppData\Local\Temp\_MEI32922\win32crypt.pyd
c:\users\Russ\AppData\Local\Temp\_MEI32922\win32event.pyd
c:\users\Russ\AppData\Local\Temp\_MEI32922\win32file.pyd
c:\users\Russ\AppData\Local\Temp\_MEI32922\win32inet.pyd
c:\users\Russ\AppData\Local\Temp\_MEI32922\win32pdh.pyd
c:\users\Russ\AppData\Local\Temp\_MEI32922\win32process.pyd
c:\users\Russ\AppData\Local\Temp\_MEI32922\win32profile.pyd
c:\users\Russ\AppData\Local\Temp\_MEI32922\win32security.pyd
c:\users\Russ\AppData\Local\Temp\_MEI32922\win32ts.pyd
c:\users\Russ\AppData\Local\Temp\_MEI32922\windows._cacheinvalidation.pyd
c:\users\Russ\AppData\Local\Temp\_MEI32922\wx._controls_.pyd
c:\users\Russ\AppData\Local\Temp\_MEI32922\wx._core_.pyd
c:\users\Russ\AppData\Local\Temp\_MEI32922\wx._gdi_.pyd
c:\users\Russ\AppData\Local\Temp\_MEI32922\wx._html2.pyd
c:\users\Russ\AppData\Local\Temp\_MEI32922\wx._misc_.pyd
c:\users\Russ\AppData\Local\Temp\_MEI32922\wx._windows_.pyd
c:\users\Russ\AppData\Local\Temp\_MEI32922\wx._wizard.pyd
c:\users\Russ\AppData\Local\Temp\_MEI32922\wxbase293u_net_vc.dll
c:\users\Russ\AppData\Local\Temp\_MEI32922\wxbase293u_vc.dll
c:\users\Russ\AppData\Local\Temp\_MEI32922\wxmsw293u_adv_vc.dll
c:\users\Russ\AppData\Local\Temp\_MEI32922\wxmsw293u_core_vc.dll
c:\users\Russ\AppData\Local\Temp\_MEI32922\wxmsw293u_html_vc.dll
c:\users\Russ\AppData\Local\Temp\_MEI32922\wxmsw293u_webview_vc.dll
c:\users\Russ\g2mdlhlpx.exe
c:\users\Russ\GoToAssistDownloadHelper.exe
c:\windows\TEMP\logishrd\LVPrcInj0d.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-10-18 to 2012-11-18 )))))))))))))))))))))))))))))))
.
.
No new files created in this timespan
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-16 22:17 . 2006-11-02 10:24 64010424 ----a-w- c:\windows\system32\mrt.exe
2012-11-08 13:37 . 2012-03-29 03:59 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-08 13:37 . 2011-05-18 13:41 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-26 23:48 . 2012-10-26 23:49 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-10-26 23:48 . 2012-07-11 02:45 821736 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-10-26 23:48 . 2010-05-26 23:26 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-12 14:29 . 2012-11-14 14:24 2047488 ----a-w- c:\windows\system32\win32k.sys
2012-10-08 08:28 . 2012-11-16 22:11 12320768 ----a-w- c:\windows\system32\mshtml.dll
2012-10-08 07:48 . 2012-11-16 22:11 1103872 ----a-w- c:\windows\system32\urlmon.dll
2012-10-08 07:48 . 2012-11-16 22:11 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-10-08 07:46 . 2012-11-16 22:11 231936 ----a-w- c:\windows\system32\url.dll
2012-10-08 07:43 . 2012-11-16 22:11 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-10-08 07:42 . 2012-11-16 22:11 607744 ----a-w- c:\windows\system32\msfeeds.dll
2012-10-08 07:41 . 2012-11-16 22:11 73216 ----a-w- c:\windows\system32\mshtmled.dll
2012-10-08 07:40 . 2012-11-16 22:11 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-09-25 16:19 . 2012-11-14 14:25 75776 ----a-w- c:\windows\system32\synceng.dll
2012-09-13 13:28 . 2012-10-10 12:48 2048 ----a-w- c:\windows\system32\tzres.dll
2012-08-29 11:27 . 2012-10-10 12:45 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-29 11:27 . 2012-10-10 12:45 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-24 15:53 . 2012-10-10 12:47 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-10-30 17:11 . 2012-10-30 17:11 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-10-25 22:45 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-10-25 22:45 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-10-25 22:45 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-10-25 22:45 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"Skype"="c:\program files\Skype\\Phone\Skype.exe" [2012-07-13 17418928]
"Logitech Vid"="c:\program files\Logitech\Vid HD\Vid.exe" [2011-01-13 6129496]
"HP Officejet Pro 8600 (NET)"="c:\program files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" [2011-09-09 1804648]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"Akamai NetSession Interface"="c:\users\Russ\AppData\Local\Akamai\netsession_win.exe" [2012-10-09 4441920]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-27 39408]
"GoogleDriveSync"="c:\program files\Google\Drive\googledrivesync.exe" [2012-10-25 16052192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-03-04 5218304]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2006-09-26 151552]
"IndicatorUtility"="c:\program files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe" [2007-02-09 97072]
"LoadFUJ02E3"="c:\program files\Fujitsu\FUJ02E3\FUJ02E3.exe" [2006-11-17 80688]
"LoadFujitsuQuickTouch"="c:\program files\Fujitsu\Application Panel\QuickTouch.exe" [2006-11-26 260912]
"LoadBtnHnd"="c:\program files\Fujitsu\BtnHnd\BtnHnd.exe" [2006-11-12 68400]
"SSUtility"="c:\program files\Fujitsu\SSUtility\FJSSDMN.exe" [2006-11-12 239144]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-14 52832]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2007-02-21 366400]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-06-28 30192]
"FJUPDNV_Chitose"="c:\program files\Fujitsu\fjdvrupd\updatenv.exe" [2007-02-05 167936]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-30 583048]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-04-26 68592]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-05-08 2780432]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2012-07-27 36800]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2012-07-27 823224]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\users\Russ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CCC.lnk - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CCC.lnk - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R3 ADVNTDRV;ADVNTDRV;c:\windows\System32\drivers\ADVNTDRV.SYS [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2011-03-21 17:48 114176 ----a-w- c:\windows\System32\advpack.dll
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 13:37]
.
2012-08-02 c:\windows\Tasks\ErrorEND.job
- c:\program files\ErrorEND\ErrorEND.exe [2011-03-09 12:23]
.
2012-11-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-03 05:38]
.
2012-11-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-03 05:38]
.
2012-11-16 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2011-03-29 23:17]
.
2011-04-22 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2011-03-29 23:17]
.
2012-02-15 c:\windows\Tasks\PC Health Advisor Defrag.job
- c:\program files\ParetoLogic\PCHA\PCHA.exe [2011-03-29 23:17]
.
2012-07-20 c:\windows\Tasks\PC Health Advisor.job
- c:\program files\ParetoLogic\PCHA\PCHA.exe [2011-03-29 23:17]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uInternet Settings,ProxyOverride = <local>
Trusted Zone: pristine.com\www
Trusted Zone: realist.com
Trusted Zone: sandicor.com
Trusted Zone: zerohedge.com\www
TCP: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
DPF: {413D6754-BFD4-47FE-9346-319559290BFA} - hxxps://www.webpcfos.com/webpcfos/websabre/HTEweb_v.cab
DPF: {F375116A-793C-11D2-BFE1-444553540001} - hxxp://mls.realist.com/mapviewer/mapviewer.cab
FF - ProfilePath - c:\users\Russ\AppData\Roaming\Mozilla\Firefox\Profiles\z8uojzrp.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2012-09-19 20:19; {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}; c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF - ExtSQL: 2012-10-18 05:32; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
FF - ExtSQL: !HIDDEN! 2011-03-23 18:25; {3112ca9c-de6d-4884-a869-9855de68056c}; c:\programdata\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - ExtSQL: !HIDDEN! 2012-01-11 11:09; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
HKLM_ActiveSetup-ccc-core-static - msiexec
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-11-18 14:24
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Norton Internet Security\Engine\19.9.0.9\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3471859834-3467075534-2614826630-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):3f,66,59,82,9c,36,a1,ec,f2,2b,02,93,eb,4b,24,b1,30,11,5f,11,c8,
76,c5,a0,01,6d,22,4c,a8,a3,64,78,0f,c7,aa,f7,a3,e4,5c,1b,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-3471859834-3467075534-2614826630-1000_Classes\CLSID\{9273a061-d847-495f-aa9f-c08bdaf6dd2f}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:0000005b
"Therad"=dword:0000001e
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,85,b1,12,f9,90,dd,23,a1,88,cf,9c,8e,d8,d3,58,13,5a,53,3c,56,d5,ae,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\agrsmsvc.exe
c:\windows\system32\atashost.exe
c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
c:\program files\Norton Internet Security\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe
c:\windows\system32\o2flash.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Norton Internet Security\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Fujitsu\fjdvrupd\updnvsrv.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\RtHDVCpl.exe
c:\program files\Apoint2K\ApMsgFwd.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
c:\program files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
c:\program files\Apoint2K\Apntex.exe
c:\program files\Apoint2K\HidFind.exe
c:\program files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
c:\program files\Microsoft\BingBar\7.1.361.0\SeaPort.exe
.
**************************************************************************
.
Completion time: 2012-11-18 14:52:37 - machine was rebooted
ComboFix-quarantined-files.txt 2012-11-18 22:52
.
Pre-Run: 66,546,679,808 bytes free
Post-Run: 76,767,985,664 bytes free
.
- - End Of File - - E3FF531F7A5C852A9144DAC9E58999E6
-
Hello:
I am infected with a search re-direct malware that I have been unable to get rid of after Malwarebytes and Norton Internet Security scans. Below are the DDS.txt. and Attch.txt scans. I await your instructions. Thank you in advance for your kind assistance.
DDS (Ver_2012-11-07.01) - NTFS_x86
Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 10.9.2
Run by Russ at 12:02:02 on 2012-11-18
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1981.585 [GMT -8:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\agrsmsvc.exe
C:\Windows\system32\atashost.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe
C:\Windows\system32\o2flash.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Fujitsu\fjdvrupd\updnvsrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Fujitsu\fjdvrupd\updatenv.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Logitech\Vid HD\Vid.exe
C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
C:\Users\Russ\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Apoint2K\Apntex.exe
C:\Users\Russ\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
uWindow Title = Windows Internet Explorer provided by Yahoo!
uSearch Page = hxxp://www.google.com
uProxyOverride = <local>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton internet security\norton internet security\engine\19.9.0.9\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton internet security\norton internet security\engine\19.9.0.9\ips\ipsbho.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\microsoft\bingbar\7.1.361.0\BingExt.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton internet security\norton internet security\engine\19.9.0.9\coieplg.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
uRun: [startCCC] c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe
uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [skype] "c:\program files\skype\\phone\Skype.exe" /nosplash /minimized
uRun: [Logitech Vid] "c:\program files\logitech\vid hd\Vid.exe" -bootmode
uRun: [HP Officejet Pro 8600 (NET)] "c:\program files\hp\hp officejet pro 8600\bin\ScanToPCActivationApp.exe" -deviceID "CN221AR28D05KD:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [Akamai NetSession Interface] "c:\users\russ\appdata\local\akamai\netsession_win.exe"
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [GoogleDriveSync] "c:\program files\google\drive\googledrivesync.exe" /autostart
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Apoint] c:\program files\apoint2k\Apoint.exe
mRun: [indicatorUtility] c:\program files\fujitsu\fujitsu hotkey utility\IndicatorUty.exe
mRun: [LoadFUJ02E3] c:\program files\fujitsu\fuj02e3\FUJ02E3.exe
mRun: [LoadFujitsuQuickTouch] c:\program files\fujitsu\application panel\QuickTouch.exe
mRun: [LoadBtnHnd] c:\program files\fujitsu\btnhnd\BtnHnd.exe
mRun: [sSUtility] c:\program files\fujitsu\ssutility\FJSSDMN.exe
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [FJUPDNV_Chitose] c:\program files\fujitsu\fjdvrupd\updatenv.exe
mRun: [symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
mRun: [Google Quick Search Box] "c:\program files\google\quick search box\GoogleQuickSearchBox.exe" /autorun
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 10.0\acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 10.0\acrobat\Acrotray.exe"
mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\users\russ\appdata\roaming\micros~1\windows\startm~1\programs\startup\ccc.lnk - c:\program files\ati technologies\ati.ace\core-static\CCC.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - c:\program files\hewlett-packard\smartprint\smartprintsetup.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
Trusted Zone: realist.com
Trusted Zone: sandicor.com
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {413D6754-BFD4-47FE-9346-319559290BFA} - hxxps://www.webpcfos.com/webpcfos/websabre/HTEweb_v.cab
DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} - hxxp://www.parallelgraphics.com/l2/bin/cortvrml.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://etradeevents.webex.com/client/T27L/webex/ieatgpc1.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F375116A-793C-11D2-BFE1-444553540001} - hxxp://mls.realist.com/mapviewer/mapviewer.cab
TCP: NameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{1A869D51-1787-4766-9AB5-9F141C0CCE25} : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{FCD03BA8-033B-4E14-A063-536F5CD40842} : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: ccc-core-static - msiexec /fums {9FB9E409-423F-8B24-BF0D-1172F67EFA2F} /qb
mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\russ\appdata\roaming\mozilla\firefox\profiles\z8uojzrp.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: network.proxy.type - 0
FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\coffplgn\components\coFFPlgn.dll
FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\ipsffplgn\components\IPSFFPl.dll
FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
FF - component: c:\users\russ\appdata\roaming\idm\idmmzcc3\components\idmmzcc.dll
FF - component: c:\users\russ\appdata\roaming\mozilla\firefox\profiles\z8uojzrp.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\users\russ\appdata\roaming\mozilla\firefox\profiles\z8uojzrp.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll
FF - plugin: c:\program files\adobe\acrobat 10.0\acrobat\air\nppdf32.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - ExtSQL: 2012-09-19 20:19; {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}; c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF - ExtSQL: 2012-10-18 05:32; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
FF - ExtSQL: !HIDDEN! 2011-03-23 18:25; {3112ca9c-de6d-4884-a869-9855de68056c}; c:\programdata\google\toolbar for firefox\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - ExtSQL: !HIDDEN! 2012-01-11 11:09; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
R0 FBIOSDRV;FBIOSDRV;c:\windows\system32\drivers\FBIOSDRV.SYS [2007-5-11 8960]
R0 FJGSDisk;G-Sensor Application Filter Driver;c:\windows\system32\drivers\FJGSDisk.sys [2007-5-11 10368]
R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2006-10-3 36640]
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [2006-10-12 33152]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1309000.009\symds.sys [2012-10-1 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1309000.009\symefa.sys [2012-10-1 924320]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.6.2.10\definitions\bashdefs\20121106.001\BHDrvx86.sys [2012-10-23 995488]
R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\nis\1309000.009\ccsetx86.sys [2012-10-1 132768]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.6.2.10\definitions\ipsdefs\20121116.001\IDSvix86.sys [2012-11-18 386720]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1309000.009\ironx86.sys [2012-10-1 149624]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\nis\1309000.009\symtdiv.sys [2012-10-1 345208]
R2 atashost;WebEx Service Host for Support Center;c:\windows\system32\atashost.exe [2010-4-6 43904]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-9-2 21504]
R2 NIS;Norton Internet Security;c:\program files\norton internet security\norton internet security\engine\19.9.0.9\ccsvchst.exe [2012-10-1 138272]
R2 UpdateNaviInstallService;UpdateNaviInstallService;c:\program files\fujitsu\fjdvrupd\updnvsrv.exe [2007-1-27 11776]
R3 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\7.1.361.0\SeaPort.EXE [2012-2-10 240408]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-10-31 106656]
R3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\drivers\fuj02e3.sys [2007-5-11 5632]
S2 BBSvc;BingBar Service;c:\program files\microsoft\bingbar\7.1.361.0\BBSvc.EXE [2012-2-10 193816]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 ADVNTDRV;ADVNTDRV;c:\windows\system32\drivers\ADVNTDRV.SYS [2008-11-25 3872]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2007-5-11 30192]
S3 SMSCIRDA;SMSC Infrared Device Driver;c:\windows\system32\drivers\smscirda.sys [2006-11-2 30720]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S3 wtpfiltr;wtpfiltr;c:\windows\system32\drivers\wtpfiltr.sys [2007-5-11 7680]
.
=============== Created Last 30 ================
.
2012-11-16 01:28:37 -------- d-----w- c:\users\russ\appdata\roaming\Malwarebytes
2012-11-16 01:28:13 -------- d-----w- c:\programdata\Malwarebytes
2012-11-16 01:28:11 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-16 01:28:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-11-14 14:25:09 75776 ----a-w- c:\windows\system32\synceng.dll
2012-11-14 14:24:49 2047488 ----a-w- c:\windows\system32\win32k.sys
2012-11-03 01:08:42 -------- d-----w- c:\program files\JSS
2012-10-31 05:30:06 -------- d-s---w- c:\users\russ\Google Drive
2012-10-30 15:46:29 -------- d-----w- c:\users\russ\appdata\roaming\picpick
2012-10-30 15:43:31 -------- d-----w- c:\program files\PicPick
2012-10-27 01:22:54 -------- d-----w- c:\windows\Keyword Optimizer Pro 2
2012-10-27 01:22:53 -------- d-----w- c:\program files\KeywordOptimizerPro2
2012-10-26 23:49:26 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-10-26 23:42:23 -------- d-----w- c:\users\russ\appdata\local\Citrix
2012-10-26 23:42:17 102248 ----a-w- c:\users\russ\GoToAssistDownloadHelper.exe
.
==================== Find3M ====================
.
2012-11-16 13:34:06 60304 ----a-w- c:\users\russ\g2mdlhlpx.exe
2012-11-08 13:37:56 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-08 13:37:56 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-26 23:48:38 821736 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-10-26 23:48:37 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-08 07:56:24 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-10-08 07:48:03 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-10-08 07:47:44 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-10-08 07:44:05 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-10-08 07:43:21 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-10-08 07:40:56 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-09-13 13:28:08 2048 ----a-w- c:\windows\system32\tzres.dll
2012-08-29 11:27:41 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-29 11:27:41 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-24 15:53:29 172544 ----a-w- c:\windows\system32\wintrust.dll
.
============= FINISH: 12:03:42.23 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-07.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 8/27/2008 3:19:28 PM
System Uptime: 11/18/2012 11:23:15 AM (1 hours ago)
.
Motherboard: FUJITSU | | FJNBA03
Processor: AMD Turion 64 X2 Mobile Technology TL-60 | Onboard | 2000/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 147 GiB total, 61.164 GiB free.
D: is FIXED (NTFS) - 1 GiB total, 1.001 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0001
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter #2
PNP Device ID: ROOT\*6TO4MP\0001
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0019
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter #19
PNP Device ID: ROOT\*6TO4MP\0019
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0021
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter #21
PNP Device ID: ROOT\*6TO4MP\0021
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0022
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter #22
PNP Device ID: ROOT\*6TO4MP\0022
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0053
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter #41
PNP Device ID: ROOT\*6TO4MP\0053
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0060
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter #60
PNP Device ID: ROOT\*6TO4MP\0060
Service: tunnel
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
7 Day Blog Profits 1.00
Adobe Acrobat Connect Add-in
Adobe Acrobat X Pro - English, Français, Deutsch
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.4)
Agere Systems HDA Modem
Akamai NetSession Interface
ALPS Touch Pad Driver
Apple Application Support
Apple Software Update
ATI Catalyst Install Manager
ATI Uninstaller
Bing Bar
Blog Profit Pro
Branding
Business Contact Manager for Outlook 2007 SP2
Camera Access Library
Camera Support Core Library
Camera Window DS
Camera Window DVC
Camera Window MC
Canon Camera Access Library
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window DSLR 5 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
Canon MovieEdit Task for ZoomBrowser EX
Canon PhotoRecord
Canon RAW Image Task for ZoomBrowser EX
Canon Utilities PhotoStitch 3.1
Canon ZoomBrowser EX (E)
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center Localization Chinese Standard
Catalyst Control Center Localization Chinese Traditional
Catalyst Control Center Localization Czech
Catalyst Control Center Localization Danish
Catalyst Control Center Localization Dutch
Catalyst Control Center Localization Finnish
Catalyst Control Center Localization French
Catalyst Control Center Localization German
Catalyst Control Center Localization Greek
Catalyst Control Center Localization Hungarian
Catalyst Control Center Localization Italian
Catalyst Control Center Localization Japanese
Catalyst Control Center Localization Korean
Catalyst Control Center Localization Norwegian
Catalyst Control Center Localization Polish
Catalyst Control Center Localization Portuguese
Catalyst Control Center Localization Russian
Catalyst Control Center Localization Spanish
Catalyst Control Center Localization Swedish
Catalyst Control Center Localization Thai
Catalyst Control Center Localization Turkish
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Crypto Tool
ErrorEND
Forex Signal Live World Market Times
Fujitsu Display Manager
Fujitsu Driver Update
Fujitsu Hotkey Utility
Fujitsu MobilityCenter Extension Utility
Fujitsu System Extension Utility
Google Chrome
Google Desktop
Google Drive
Google Quick Search Box
Google Toolbar for Firefox
Google Toolbar for Internet Explorer
Google Update Helper
GoToMeeting 5.3.0.1009
hotComm Lite®
hotComm® CL
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Officejet Pro 8600 Basic Device Software
HP Officejet Pro 8600 Help
HP Officejet Pro 8600 Product Improvement Study
HP Update
I.R.I.S. OCR
Japanese Fonts Support For Adobe Reader 8
Java 7 Update 9
Java Auto Updater
Java 6 Update 37
Keyword Optimizer Pro 2
Keyword Sweetspotter
KeywordOptimizerPro
LifeBook Application Panel
LiveUpdate 3.2 (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
Logitech Vid HD
Logitech Webcam Software
Logitech Webcam Software Driver Package
MakeDisc
Malwarebytes Anti-Malware version 1.65.1.1000
Market Samurai
Marketsplash Shortcuts
Micro Niche Finder 5.0
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Small Business Connectivity Components
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MovieEdit Task
Mozilla Firefox 15.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
My Backpage Demo
Norton Internet Security
O2Micro Flash Memory Card Windows Driver
Octoshape add-in for Adobe Flash Player
OfficeSharedAddInSetup
OGA Notifier 2.0.0048.0
ParetoLogic PC Health Advisor
PhotoStitch
Picasa 2
PicPick
Point2 Photo Utility
PowerDirector Express
PowerDVD
PowerProducer
PrimoPDF -- brought to you by Nitro PDF Software
Pristine Chat
QuickTime
RAW Image Task 2.2
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Roxio Easy Media Creator Home
Search Syndicate version 1.0
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition
Shock Sensor Utility
Site Spy
Skins
Skype Toolbars
Skype™ 5.10
Smart PDF Converter 6.3.0.495
Spelling Dictionaries Support For Adobe Reader 8
TestDrive Client
TradeStation 8.3 (Build 1631)
TradeStation 8.4 (Build 1688)
TradeStation 8.4 (Build 1693)
TradeStation 8.5 (Build 2289)
TradeStation 8.6 (Build 2612)
TradeStation 8.6 (Build 2696)
TradeStation 8.7 (Build 3085)
TradeStation 8.8
TradeStation 9.0
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760413) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VLC media player 1.1.9
WebEx
Windows Live ID Sign-in Assistant
Xvid 1.2.1 final uninstall
Yahoo! Software Update
Yahoo! Toolbar
YTS
.
==== End Of File ===========================
I'm Infected With A Search Re-Direct Malware
in Resolved Malware Removal Logs
Posted
I followed your instructions per above. Now after running the TFC scan Internet Explorer 9 does not work. It will not load websites or will only partially load them very slowly. I have gone to Microsoft's website and run their Internet Explorer 9 fix and reset the Internet Explorer settings. Microsoft's website said Internet Explorer 9 may be running slowly because I might need to update my video driver so I have gone to Fujitsu's website (my machine is a Fujitsu Lifebook Series A) and updated my video driver. I still cannot get Internet Explorer 9 to work. Firefox and Google Chrome work fine. Any suggestions?