AndrewWChang Posted August 9, 2012 ID:582972 Share Posted August 9, 2012 I can not connect to some sites, some freeze up, and I even got a 500 error on this site while posting this 3 times. All antivirus/maleware software show clean scans, I dont think the system is clean though. Any help on what to do please.Thanks for your time,AndrewAttach.txtDDS.txt Link to post Share on other sites More sharing options...
Staff screen317 Posted August 9, 2012 Staff ID:582990 Share Posted August 9, 2012 Hi and welcome to Malwarebytes. In the future, please post all logs directly into your reply instead of attaching them unless otherwise indicated. With that said, please update MBAM, run a Quick Scan, and post its log. Next, run DDS again and post DDS.txt directly in your reply. Link to post Share on other sites More sharing options...
AndrewWChang Posted August 10, 2012 Author ID:583082 Share Posted August 10, 2012 Sorry about that here is the information requested. Thanks for your help.Malwarebytes Anti-Malware 1.62.0.1300www.malwarebytes.orgDatabase version: v2012.08.10.02Windows 7 Service Pack 1 x64 NTFSInternet Explorer 9.0.8112.16421Scorpion Systems :: SCORPIONSYSTEMS [administrator]8/10/2012 12:02:17 AMmbam-log-2012-08-10 (00-02-17).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 217501Time elapsed: 2 minute(s), 48 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 0(No malicious items detected)(end).DDS (Ver_2011-08-26.01) - NTFSAMD64Internet Explorer: 9.0.8112.16421Run by Scorpion Systems at 0:06:15 on 2012-08-10Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5617.3188 [GMT -4:00].AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}.============== Running Processes ===============.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Program Files\IDT\WDM\STacSV64.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exeC:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exeC:\Program Files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exeC:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exeC:\Windows\System32\svchost.exe -k HPZ12C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exeC:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Windows\system32\atieclxx.exeC:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXEC:\Windows\system32\WUDFHost.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exeC:\Windows\system32\taskhost.exeC:\Program Files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exeC:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exeC:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exeC:\Program Files (x86)\Uniblue\SpeedUpMyPC\spnotifier.exeC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exeC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exeC:\Windows\notepad.exeC:\Windows\system32\taskeng.exeC:\Windows\SysWOW64\DllHost.exeC:\Windows\system32\DllHost.exeC:\Windows\system32\DllHost.exeC:\Windows\SysWOW64\cmd.exeC:\Windows\system32\conhost.exeC:\Windows\SysWOW64\cscript.exeC:\Windows\system32\wbem\wmiprvse.exe.============== Pseudo HJT Report ===============.uDefault_Page_URL = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=&Br=GTW&Loc=ENG_US&Sys=DTP&M=FX4710-UB003AuDefault_Search_URL =uSearch Bar = hxxp://www.google.com/ieuSearch Page = hxxp://www.google.comuStart Page = hxxp://www.google.com/uInternet Settings,ProxyOverride = *.localuInternet Settings,ProxyServer = 182.188.9.0:80uSearchAssistant =uSearchURL,(Default) = hxxp://www.google.com/keyword/%smWinlogon: Userinit=userinit.exe,BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - K:\adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dllBHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dllBHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\coIEPlg.dllBHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\IPS\IPSBHO.DLLBHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllBHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllBHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllTB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllTB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - K:\adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dllTB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\coIEPlg.dllTB: Norton Safe Web Lite: {30ceeea2-3742-40e4-85dd-812bf1cbb83d} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\coIEPlg.dllTB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No FileuRun: [AdobeBridge]uRun: [DriverScanner] "C:\Program Files (x86)\Uniblue\DriverScanner\launcher.exe" delay 20000uRun: [speedUpMyPC] "C:\Program Files (x86)\Uniblue\SpeedUpMyPC\launcher.exe" -d 20000 --minimizedmRun: [<NO NAME>]mRun: [HPWUTOOLBOX] C:\Program Files (x86)\HP\HP Officejet Pro K550 Series\Toolbox\HPWUTBX.exe "-i"mPolicies-explorer: NoActiveDesktop = 1 (0x1)mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)mPolicies-system: EnableUIADesktopToggle = 0 (0x0)IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlIE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlIE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.htmlIE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLLIE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dllTrusted Zone: internetTrusted Zone: mcafee.comTCP: DhcpNameServer = 192.168.1.1TCP: Interfaces\{215663CA-A901-4FE5-BD29-5200FCE0BDC8} : DhcpNameServer = 192.168.1.1TCP: Interfaces\{215663CA-A901-4FE5-BD29-5200FCE0BDC8}\3536F6270796F6E63597374756D637 : DhcpNameServer = 192.168.1.1TCP: Interfaces\{C5919B8B-A5CD-4B45-99F6-FB6695411A85} : DhcpNameServer = 192.168.1.1Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllNotify: SDWinLogon - SDWinLogon.dllBHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - K:\adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dllBHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO-X64: AcroIEHelperStub - No FileBHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dllBHO-X64: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\coIEPlg.dllBHO-X64: Norton Identity Protection - No FileBHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\IPS\IPSBHO.DLLBHO-X64: Norton Vulnerability Protection - No FileBHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllBHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllBHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllBHO-X64: SmartSelect - No FileTB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllTB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - K:\adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dllTB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\coIEPlg.dllTB-X64: Norton Safe Web Lite: {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\coIEPlg.dllTB-X64: {472734EA-242A-422B-ADF8-83D1E48CC825} - No FilemRun-x64: [(Default)]mRun-x64: [HPWUTOOLBOX] C:\Program Files (x86)\HP\HP Officejet Pro K550 Series\Toolbox\HPWUTBX.exe "-i"IE-X64: {13C1DBF6-7535-495c-91F6-8C13714ED485}IE-X64: {1FBA04EE-3024-11d2-8F1F-0000F87ABD16}IE-X64: {6EEB80A3-261A-46DE-A0F3-B3A206984A4D}.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Scorpion Systems\AppData\Roaming\Mozilla\Firefox\Profiles\f1yk6sz4.default\FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-i3752&p=FF - prefs.js: browser.search.selectedEngine - GoogleFF - prefs.js: browser.startup.homepage - hxxp://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:officialFF - prefs.js: network.proxy.type - 4FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\coFFPlgn_2011_7_2_3\components\coFFPlgn.dllFF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\IPSFFPlgn\components\IPSFFPl.dllFF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLLFF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dllFF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dllFF - plugin: K:\adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll.---- FIREFOX POLICIES ----FF - user.js: yahoo.homepage.dontask - true============= SERVICES / DRIVERS ===============.R0 amd_sata;amd_sata;C:\Windows\system32\drivers\amd_sata.sys --> C:\Windows\system32\drivers\amd_sata.sys [?]R0 amd_xata;amd_xata;C:\Windows\system32\drivers\amd_xata.sys --> C:\Windows\system32\drivers\amd_xata.sys [?]R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]R0 SMR250;Symantec SMR Utility Service 2.5.0;C:\Windows\system32\drivers\SMR250.SYS --> C:\Windows\system32\drivers\SMR250.SYS [?]R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0602010.005\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0602010.005\SYMDS64.SYS [?]R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0602010.005\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0602010.005\SYMEFA64.SYS [?]R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\BASHDefs\20120804.001\BHDrvx64.sys [2012-8-8 1161376]R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\system32\drivers\N360x64\0602010.005\ccSetx64.sys --> C:\Windows\system32\drivers\N360x64\0602010.005\ccSetx64.sys [?]R1 ccSet_NST;Norton Safe Web Lite Settings Manager;C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys --> C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys [?]R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\IPSDefs\20120809.001\IDSviA64.sys [2012-8-9 509088]R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0602010.005\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0602010.005\Ironx64.SYS [?]R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\N360x64\0602010.005\SYMNETS.SYS --> C:\Windows\system32\Drivers\N360x64\0602010.005\SYMNETS.SYS [?]R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\ccsvchst.exe [2012-5-18 138232]R2 NSL;Norton Safe Web Lite;C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe [2011-11-7 138760]R2 RosettaStoneDaemon;RosettaStoneDaemon;C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [2011-3-31 1646056]R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\system32\drivers\amdhub30.sys --> C:\Windows\system32\drivers\amdhub30.sys [?]R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\system32\drivers\amdxhc.sys --> C:\Windows\system32\drivers\amdxhc.sys [?]R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-9 138912]R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\drivers\usbfilter.sys --> C:\Windows\system32\drivers\usbfilter.sys [?]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]S4 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]S4 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-8-26 89600]S4 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-3-5 136176]S4 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-3-5 136176]S4 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-22 655944]S4 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-5 113120]S4 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-8-26 1128952]S4 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]S4 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184].=============== Created Last 30 ================.2012-08-09 19:26:30 96376 ----a-w- C:\Windows\System32\drivers\SMR250.SYS2012-08-09 19:26:30 -------- d-----w- C:\Users\Scorpion Systems\AppData\Roaming\SPE2012-07-22 23:09:27 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys2012-07-22 23:09:27 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2012-07-22 03:23:33 -------- d-----w- C:\ProgramData\Recovery2012-07-21 21:53:44 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys2012-07-21 21:53:38 125872 ----a-w- C:\Windows\System32\GEARAspi64.dll2012-07-21 21:53:38 106928 ----a-w- C:\Windows\SysWow64\GEARAspi.dll2012-07-21 21:53:22 -------- d-----w- C:\Windows\System32\drivers\NBRTWizardx64\0500000.05A2012-07-21 21:53:22 -------- d-----w- C:\Windows\System32\drivers\NBRTWizardx642012-07-21 21:53:20 -------- d-----w- C:\Program Files (x86)\Norton Bootable Recovery Tool Wizard2012-07-21 05:12:52 -------- d-----w- C:\Users\Scorpion Systems\AppData\Local\Apple2012-07-20 15:53:11 -------- d-----w- C:\Users\Scorpion Systems\AppData\Local\NPE2012-07-19 21:42:46 -------- d-----w- C:\ProgramData\Uniblue2012-07-19 21:26:42 -------- d-----w- C:\Users\Scorpion Systems\AppData\Roaming\Uniblue2012-07-19 21:26:39 -------- d-----w- C:\Program Files (x86)\Uniblue2012-07-11 07:05:39 3148800 ----a-w- C:\Windows\System32\win32k.sys.==================== Find3M ====================.2012-07-22 23:34:13 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2012-07-22 23:34:13 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll2012-06-02 19:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll2012-06-02 19:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll2012-05-17 14:50:10 175736 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS.============= FINISH: 0:06:46.02 =============== Link to post Share on other sites More sharing options...
Staff screen317 Posted August 13, 2012 Staff ID:584460 Share Posted August 13, 2012 Hi,Please visit this webpage for instructions for running ComboFix:http://www.bleepingcomputer.com/combofix/how-to-use-combofixWhen the tool is finished, it will produce a report for you.Please post the C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.-screen317 Link to post Share on other sites More sharing options...
AndrewWChang Posted August 13, 2012 Author ID:584655 Share Posted August 13, 2012 Here are the logs again Thank for your help.ComboFix 12-08-13.01 - Scorpion Systems 08/13/2012 13:14:34.1.4 - x64Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5617.2414 [GMT -4:00]Running from: c:\users\Scorpion Systems\Desktop\ComboFix.exeAV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}SP: Norton 360 *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\users\Scorpion Systems\11c:\users\Scorpion Systems\11\api\cert_key_pem-5.txtc:\users\Scorpion Systems\11\api\cert_key_pem.txtc:\users\Scorpion Systems\11\DoDirectPayment.plc:\users\Scorpion Systems\11\index.plc:\users\Scorpion Systems\11\payment.cgic:\users\Scorpion Systems\111c:\users\Scorpion Systems\DX8Test.exec:\users\Scorpion Systems\DX9Test.exec:\users\Scorpion Systems\WINDOWSG:\Autorun.inf..((((((((((((((((((((((((( Files Created from 2012-07-13 to 2012-08-13 )))))))))))))))))))))))))))))))..2012-08-09 19:26 . 2012-08-09 19:26 96376 ----a-w- c:\windows\system32\drivers\SMR250.SYS2012-08-09 19:26 . 2012-08-09 19:26 -------- d-----w- c:\users\Scorpion Systems\AppData\Roaming\SPE2012-07-22 23:09 . 2012-07-22 23:09 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware2012-07-22 23:09 . 2012-07-03 17:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys2012-07-22 03:23 . 2012-07-22 03:23 -------- d-----w- c:\programdata\Recovery2012-07-21 21:53 . 2009-05-18 07:47 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys2012-07-21 21:53 . 2010-08-27 06:38 125872 ----a-w- c:\windows\system32\GEARAspi64.dll2012-07-21 21:53 . 2010-08-27 06:38 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll2012-07-21 21:53 . 2012-07-21 21:53 -------- d-----w- c:\windows\system32\drivers\NBRTWizardx642012-07-21 21:53 . 2012-07-21 21:53 -------- d-----w- c:\program files (x86)\Norton Bootable Recovery Tool Wizard2012-07-21 19:51 . 2012-07-21 19:51 -------- d-----w- c:\users\Scorpion Systems\AppData\Roaming\Apple Computer2012-07-21 05:13 . 2012-07-21 05:13 -------- d-----w- c:\program files (x86)\Common Files\Apple2012-07-21 05:12 . 2012-07-21 05:12 -------- d-----w- c:\users\Scorpion Systems\AppData\Local\Apple2012-07-21 05:12 . 2012-07-21 05:12 -------- d-----w- c:\program files (x86)\Apple Software Update2012-07-21 05:12 . 2012-07-21 05:12 -------- d-----w- c:\programdata\Apple2012-07-20 15:53 . 2012-07-21 21:41 -------- d-----w- c:\users\Scorpion Systems\AppData\Local\NPE2012-07-19 21:42 . 2012-07-19 21:42 -------- d-----w- c:\programdata\Uniblue2012-07-19 21:26 . 2012-07-19 21:42 -------- d-----w- c:\users\Scorpion Systems\AppData\Roaming\Uniblue2012-07-19 21:26 . 2012-07-19 21:42 -------- d-----w- c:\program files (x86)\Uniblue...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2012-07-22 23:34 . 2012-05-16 05:31 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe2012-07-22 23:34 . 2011-08-26 20:31 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2012-07-11 07:03 . 2011-11-04 23:30 59701280 ----a-w- c:\windows\system32\MRT.exe2012-06-12 03:08 . 2012-07-11 07:05 3148800 ----a-w- c:\windows\system32\win32k.sys2012-06-09 05:43 . 2012-07-10 22:54 14172672 ----a-w- c:\windows\system32\shell32.dll2012-06-06 06:06 . 2012-07-10 22:54 2004480 ----a-w- c:\windows\system32\msxml6.dll2012-06-06 06:06 . 2012-07-10 22:54 1881600 ----a-w- c:\windows\system32\msxml3.dll2012-06-06 06:02 . 2012-07-10 22:54 1133568 ----a-w- c:\windows\system32\cdosys.dll2012-06-06 05:05 . 2012-07-10 22:54 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll2012-06-06 05:05 . 2012-07-10 22:54 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll2012-06-06 05:03 . 2012-07-10 22:54 805376 ----a-w- c:\windows\SysWow64\cdosys.dll2012-06-02 22:19 . 2012-06-21 03:23 38424 ----a-w- c:\windows\system32\wups.dll2012-06-02 22:19 . 2012-06-21 03:24 2428952 ----a-w- c:\windows\system32\wuaueng.dll2012-06-02 22:19 . 2012-06-21 03:24 57880 ----a-w- c:\windows\system32\wuauclt.exe2012-06-02 22:19 . 2012-06-21 03:24 44056 ----a-w- c:\windows\system32\wups2.dll2012-06-02 22:19 . 2012-06-21 03:23 701976 ----a-w- c:\windows\system32\wuapi.dll2012-06-02 22:15 . 2012-06-21 03:24 2622464 ----a-w- c:\windows\system32\wucltux.dll2012-06-02 22:15 . 2012-06-21 03:23 99840 ----a-w- c:\windows\system32\wudriver.dll2012-06-02 19:19 . 2012-06-21 03:23 186752 ----a-w- c:\windows\system32\wuwebv.dll2012-06-02 19:15 . 2012-06-21 03:23 36864 ----a-w- c:\windows\system32\wuapp.exe2012-06-02 12:49 . 2012-07-11 07:02 17807360 ----a-w- c:\windows\system32\mshtml.dll2012-06-02 12:17 . 2012-07-11 07:02 10924032 ----a-w- c:\windows\system32\ieframe.dll2012-06-02 12:12 . 2012-07-11 07:02 2311680 ----a-w- c:\windows\system32\jscript9.dll2012-06-02 12:05 . 2012-07-11 07:02 1346048 ----a-w- c:\windows\system32\urlmon.dll2012-06-02 12:05 . 2012-07-11 07:02 1392128 ----a-w- c:\windows\system32\wininet.dll2012-06-02 12:04 . 2012-07-11 07:02 1494528 ----a-w- c:\windows\system32\inetcpl.cpl2012-06-02 12:04 . 2012-07-11 07:02 237056 ----a-w- c:\windows\system32\url.dll2012-06-02 12:03 . 2012-07-11 07:02 85504 ----a-w- c:\windows\system32\jsproxy.dll2012-06-02 12:01 . 2012-07-11 07:02 173056 ----a-w- c:\windows\system32\ieUnatt.exe2012-06-02 12:00 . 2012-07-11 07:02 818688 ----a-w- c:\windows\system32\jscript.dll2012-06-02 11:59 . 2012-07-11 07:02 2144768 ----a-w- c:\windows\system32\iertutil.dll2012-06-02 11:57 . 2012-07-11 07:02 96768 ----a-w- c:\windows\system32\mshtmled.dll2012-06-02 11:57 . 2012-07-11 07:02 2382848 ----a-w- c:\windows\system32\mshtml.tlb2012-06-02 11:54 . 2012-07-11 07:02 248320 ----a-w- c:\windows\system32\ieui.dll2012-06-02 08:33 . 2012-07-11 07:02 1800192 ----a-w- c:\windows\SysWow64\jscript9.dll2012-06-02 08:25 . 2012-07-11 07:02 1129472 ----a-w- c:\windows\SysWow64\wininet.dll2012-06-02 08:25 . 2012-07-11 07:02 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl2012-06-02 08:20 . 2012-07-11 07:02 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe2012-06-02 08:16 . 2012-07-11 07:02 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb2012-06-02 05:50 . 2012-07-10 22:54 458704 ----a-w- c:\windows\system32\drivers\cng.sys2012-06-02 05:48 . 2012-07-10 22:54 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys2012-06-02 05:48 . 2012-07-10 22:54 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys2012-06-02 05:45 . 2012-07-10 22:54 340992 ----a-w- c:\windows\system32\schannel.dll2012-06-02 05:44 . 2012-07-10 22:54 307200 ----a-w- c:\windows\system32\ncrypt.dll2012-06-02 04:40 . 2012-07-10 22:54 22016 ----a-w- c:\windows\SysWow64\secur32.dll2012-06-02 04:40 . 2012-07-10 22:54 225280 ----a-w- c:\windows\SysWow64\schannel.dll2012-06-02 04:39 . 2012-07-10 22:54 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll2012-06-02 04:34 . 2012-07-10 22:54 96768 ----a-w- c:\windows\SysWow64\sspicli.dll2012-05-17 14:50 . 2011-11-07 21:00 175736 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"DriverScanner"="c:\program files (x86)\Uniblue\DriverScanner\launcher.exe" [2012-07-10 338848]"SpeedUpMyPC"="c:\program files (x86)\Uniblue\SpeedUpMyPC\launcher.exe" [2012-07-08 68504].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"HPWUTOOLBOX"="c:\program files (x86)\HP\HP Officejet Pro K550 Series\Toolbox\HPWUTBX.exe" [2007-01-08 356352].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]"aux1"=wdmaud.drv.[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe.[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp.R0 TfFsMon;TfFsMon; [x]R0 TfSysMon;TfSysMon; [x]R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-06 40464]R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]R3 TfNetMon;TfNetMon; [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-11-04 1255736]R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]R4 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]R4 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-05 136176]R4 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-05 136176]R4 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]R4 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-19 113120]R4 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2011-05-05 1128952]R4 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]R4 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]S0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys [2011-03-04 78976]S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys [2011-03-04 38528]S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]S0 SMR250;Symantec SMR Utility Service 2.5.0;c:\windows\System32\drivers\SMR250.SYS [2012-08-09 96376]S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\0602010.005\SYMDS64.SYS [2012-03-29 451192]S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\0602010.005\SYMEFA64.SYS [2012-03-29 1092728]S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\BASHDefs\20120804.001\BHDrvx64.sys [2012-06-19 1161376]S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\0602010.005\ccSetx64.sys [2011-11-29 167048]S1 ccSet_NST;Norton Safe Web Lite Settings Manager;c:\windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys [2011-08-08 167048]S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\IPSDefs\20120810.001\IDSvia64.sys [2012-06-14 509088]S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\0602010.005\Ironx64.SYS [2012-03-29 190072]S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\0602010.005\SYMNETS.SYS [2012-03-29 405624]S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-07-04 204288]S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exe [2012-03-27 138232]S2 NSL;Norton Safe Web Lite;c:\program files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe [2011-08-10 138760]S2 RosettaStoneDaemon;RosettaStoneDaemon;c:\program files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [2011-03-31 1646056]S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]S3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\drivers\amdhub30.sys [2011-03-18 87168]S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-07-04 9359872]S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-07-04 309760]S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\drivers\amdxhc.sys [2011-03-18 188544]S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-09 138912]S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2011-04-22 1360960]S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-22 471144]S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2010-12-16 47232]..Contents of the 'Scheduled Tasks' folder.2012-08-13 c:\windows\Tasks\DriverScanner.job- c:\program files (x86)\Uniblue\DriverScanner\dsmonitor.exe [2012-07-19 16:51].2012-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-05 09:17].2012-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-05 09:17].2012-08-13 c:\windows\Tasks\HPCeeScheduleForScorpion Systems.job- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15].2012-08-13 c:\windows\Tasks\SpeedUpMyPC.job- c:\program files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe [2012-07-19 11:37]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]"LoadAppInit_DLLs"=0x0.------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmuDefault_Search_URL =uStart Page = hxxp://www.google.com/mLocal Page = c:\windows\SysWOW64\blank.htmuInternet Settings,ProxyOverride = *.localuInternet Settings,ProxyServer = 182.188.9.0:80uSearchAssistant =uSearchURL,(Default) = hxxp://www.google.com/keyword/%sIE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlIE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlIE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.htmlTrusted Zone: internetTrusted Zone: mcafee.comTCP: DhcpNameServer = 192.168.1.1FF - ProfilePath - c:\users\Scorpion Systems\AppData\Roaming\Mozilla\Firefox\Profiles\f1yk6sz4.default\FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-i3752&p=FF - prefs.js: browser.search.selectedEngine - GoogleFF - prefs.js: browser.startup.homepage - hxxp://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:officialFF - prefs.js: network.proxy.type - 4FF - user.js: yahoo.homepage.dontask - true.- - - - ORPHANS REMOVED - - - -.Wow6432Node-HKCU-Run-AdobeBridge - (no file)Notify-SDWinLogon - SDWinLogon.dll...[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\6.2.1.5\diMaster.dll\" /prefetch:1"--.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NSL]"ImagePath"="\"c:\program files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe\" /s \"NSL\" /m \"c:\program files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\diMaster.dll\" /prefetch:1"--.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService".--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_USERS\S-1-5-21-4289785073-2370752609-1280409720-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]@Allowed: (Read) (RestrictedCode).[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.11".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]@Denied: (A 2) (Everyone)@="IFlashBroker4".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).Completion time: 2012-08-13 13:33:38 - machine was rebootedComboFix-quarantined-files.txt 2012-08-13 17:33.Pre-Run: 763,546,628,096 bytes freePost-Run: 764,015,759,360 bytes free.- - End Of File - - DDC9B5E0B832E8C811E01D713FE26AF7DDS (Ver_2011-08-26.01) - NTFSAMD64Internet Explorer: 9.0.8112.16421Run by Scorpion Systems at 13:43:01 on 2012-08-13Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5617.4097 [GMT -4:00].AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}.============== Running Processes ===============.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Program Files\IDT\WDM\STacSV64.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exeC:\Windows\system32\atieclxx.exeC:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exeC:\Program Files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exeC:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exeC:\Windows\System32\svchost.exe -k HPZ12C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exeC:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exeC:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exeC:\Windows\system32\taskeng.exeC:\Windows\Explorer.EXEC:\Windows\system32\zshp2600.exeC:\Program Files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exeC:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXEC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\WUDFHost.exeC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Windows\System32\svchost.exe -k WerSvcGroupC:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exeC:\Windows\system32\sppsvc.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\DllHost.exeC:\Windows\system32\DllHost.exeC:\Windows\SysWOW64\cmd.exeC:\Windows\system32\conhost.exeC:\Windows\SysWOW64\cscript.exe.============== Pseudo HJT Report ===============.uDefault_Search_URL =uStart Page = hxxp://www.google.com/uInternet Settings,ProxyOverride = *.localuInternet Settings,ProxyServer = 182.188.9.0:80uSearchAssistant =uSearchURL,(Default) = hxxp://www.google.com/keyword/%sBHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - K:\adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dllBHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dllBHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\coIEPlg.dllBHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\IPS\IPSBHO.DLLBHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllBHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllBHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllTB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllTB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - K:\adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dllTB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\coIEPlg.dllTB: Norton Safe Web Lite: {30ceeea2-3742-40e4-85dd-812bf1cbb83d} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\coIEPlg.dllTB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No FileuRun: [DriverScanner] "C:\Program Files (x86)\Uniblue\DriverScanner\launcher.exe" delay 20000uRun: [speedUpMyPC] "C:\Program Files (x86)\Uniblue\SpeedUpMyPC\launcher.exe" -d 20000 --minimizedmRun: [HPWUTOOLBOX] C:\Program Files (x86)\HP\HP Officejet Pro K550 Series\Toolbox\HPWUTBX.exe "-i"mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)mPolicies-system: EnableUIADesktopToggle = 0 (0x0)IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlIE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlIE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.htmlIE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLLIE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dllTrusted Zone: internetTrusted Zone: mcafee.comTCP: DhcpNameServer = 192.168.1.1TCP: Interfaces\{215663CA-A901-4FE5-BD29-5200FCE0BDC8} : DhcpNameServer = 192.168.1.1TCP: Interfaces\{215663CA-A901-4FE5-BD29-5200FCE0BDC8}\3536F6270796F6E63597374756D637 : DhcpNameServer = 192.168.1.1TCP: Interfaces\{C5919B8B-A5CD-4B45-99F6-FB6695411A85} : DhcpNameServer = 192.168.1.1Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllNotify: SDWinLogon - SDWinLogon.dllBHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - K:\adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dllBHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO-X64: AcroIEHelperStub - No FileBHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dllBHO-X64: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\coIEPlg.dllBHO-X64: Norton Identity Protection - No FileBHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\IPS\IPSBHO.DLLBHO-X64: Norton Vulnerability Protection - No FileBHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllBHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllBHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllBHO-X64: SmartSelect - No FileTB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllTB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - K:\adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dllTB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\coIEPlg.dllTB-X64: Norton Safe Web Lite: {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\coIEPlg.dllTB-X64: {472734EA-242A-422B-ADF8-83D1E48CC825} - No FilemRun-x64: [HPWUTOOLBOX] C:\Program Files (x86)\HP\HP Officejet Pro K550 Series\Toolbox\HPWUTBX.exe "-i"IE-X64: {13C1DBF6-7535-495c-91F6-8C13714ED485}IE-X64: {1FBA04EE-3024-11d2-8F1F-0000F87ABD16}IE-X64: {6EEB80A3-261A-46DE-A0F3-B3A206984A4D}.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Scorpion Systems\AppData\Roaming\Mozilla\Firefox\Profiles\f1yk6sz4.default\FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-i3752&p=FF - prefs.js: browser.search.selectedEngine - GoogleFF - prefs.js: browser.startup.homepage - hxxp://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:officialFF - prefs.js: network.proxy.type - 4FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLLFF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dllFF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dllFF - plugin: K:\adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll.---- FIREFOX POLICIES ----FF - user.js: yahoo.homepage.dontask - true.============= SERVICES / DRIVERS ===============.R0 amd_sata;amd_sata;C:\Windows\system32\drivers\amd_sata.sys --> C:\Windows\system32\drivers\amd_sata.sys [?]R0 amd_xata;amd_xata;C:\Windows\system32\drivers\amd_xata.sys --> C:\Windows\system32\drivers\amd_xata.sys [?]R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]R0 SMR250;Symantec SMR Utility Service 2.5.0;C:\Windows\system32\drivers\SMR250.SYS --> C:\Windows\system32\drivers\SMR250.SYS [?]R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0602010.005\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0602010.005\SYMDS64.SYS [?]R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0602010.005\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0602010.005\SYMEFA64.SYS [?]R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\BASHDefs\20120804.001\BHDrvx64.sys [2012-8-8 1161376]R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\system32\drivers\N360x64\0602010.005\ccSetx64.sys --> C:\Windows\system32\drivers\N360x64\0602010.005\ccSetx64.sys [?]R1 ccSet_NST;Norton Safe Web Lite Settings Manager;C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys --> C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys [?]R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\IPSDefs\20120810.001\IDSviA64.sys [2012-8-10 509088]R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0602010.005\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0602010.005\Ironx64.SYS [?]R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\N360x64\0602010.005\SYMNETS.SYS --> C:\Windows\system32\Drivers\N360x64\0602010.005\SYMNETS.SYS [?]R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\ccsvchst.exe [2012-5-18 138232]R2 NSL;Norton Safe Web Lite;C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe [2011-11-7 138760]R2 RosettaStoneDaemon;RosettaStoneDaemon;C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [2011-3-31 1646056]R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\system32\drivers\amdhub30.sys --> C:\Windows\system32\drivers\amdhub30.sys [?]R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\system32\drivers\amdxhc.sys --> C:\Windows\system32\drivers\amdxhc.sys [?]R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-9 138912]R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\drivers\usbfilter.sys --> C:\Windows\system32\drivers\usbfilter.sys [?]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]S4 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]S4 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-8-26 89600]S4 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-3-5 136176]S4 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-3-5 136176]S4 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-22 655944]S4 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-5 113120]S4 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-8-26 1128952]S4 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]S4 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184].=============== Created Last 30 ================.2012-08-13 17:40:33 -------- d-sh--w- C:\$RECYCLE.BIN2012-08-13 17:11:43 98816 ----a-w- C:\Windows\sed.exe2012-08-13 17:11:43 518144 ----a-w- C:\Windows\SWREG.exe2012-08-13 17:11:43 256000 ----a-w- C:\Windows\PEV.exe2012-08-13 17:11:43 208896 ----a-w- C:\Windows\MBR.exe2012-08-09 19:26:30 96376 ----a-w- C:\Windows\System32\drivers\SMR250.SYS2012-08-09 19:26:30 -------- d-----w- C:\Users\Scorpion Systems\AppData\Roaming\SPE2012-07-22 23:09:27 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys2012-07-22 23:09:27 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2012-07-22 03:23:33 -------- d-----w- C:\ProgramData\Recovery2012-07-21 21:53:44 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys2012-07-21 21:53:38 125872 ----a-w- C:\Windows\System32\GEARAspi64.dll2012-07-21 21:53:38 106928 ----a-w- C:\Windows\SysWow64\GEARAspi.dll2012-07-21 21:53:22 -------- d-----w- C:\Windows\System32\drivers\NBRTWizardx64\0500000.05A2012-07-21 21:53:22 -------- d-----w- C:\Windows\System32\drivers\NBRTWizardx642012-07-21 21:53:20 -------- d-----w- C:\Program Files (x86)\Norton Bootable Recovery Tool Wizard2012-07-21 05:12:52 -------- d-----w- C:\Users\Scorpion Systems\AppData\Local\Apple2012-07-20 15:53:11 -------- d-----w- C:\Users\Scorpion Systems\AppData\Local\NPE2012-07-19 21:42:46 -------- d-----w- C:\ProgramData\Uniblue2012-07-19 21:26:42 -------- d-----w- C:\Users\Scorpion Systems\AppData\Roaming\Uniblue2012-07-19 21:26:39 -------- d-----w- C:\Program Files (x86)\Uniblue.==================== Find3M ====================.2012-07-22 23:34:13 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2012-07-22 23:34:13 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2012-06-12 03:08:36 3148800 ----a-w- C:\Windows\System32\win32k.sys2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll2012-06-02 19:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll2012-06-02 19:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll2012-05-17 14:50:10 175736 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS.============= FINISH: 13:44:03.47 =============== Link to post Share on other sites More sharing options...
Staff screen317 Posted August 15, 2012 Staff ID:585412 Share Posted August 15, 2012 Hi,Run TFC by OldTimer to clear temporary files:Please download TFC from here and save it to your desktop.Close any open programs and Internet browsers.Double click TFC.exe to run it and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.Please be patient as clearing out temp files may take a while.Once it completes you may be prompted to restart your computer, please do so.Once it's finished you may delete TFC.exe from your Desktop or save it for later use for the cleaning of temporary files.Download the file TDSSKiller.zip and extract it into a folder on the infected PC.Execute the file TDSSKiller.exe by double-clicking on it.Wait for the scan and disinfection process to be over.When its work is over, the utility prompts for a reboot to complete the disinfection.By default, the utility outputs runtime log into the system disk root directory (the disk where the operating system is installed, C:\ as a rule).The log is like UtilityName.Version_Date_Time_log.txt.for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt.Please post that log here.Next, please run a free online scan with the ESET Online ScannerNote: You will need to use Internet Explorer for this scan.Tick the box next to YES, I accept the Terms of Use.Click StartWhen asked, allow the ActiveX control to installClick StartMake sure that the options Remove found threats and the option Scan unwanted applications is checkedClick ScanWait for the scan to finishExport the threats found (if any), and post them here.Next, please download AdwCleaner by Xplode onto your Desktop.Double click on AdwCleaner.exe to run the tool.Click on Search.A logfile will automatically open after the scan has finished.Please post the content of that logfile in your reply.You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.Next, download my Security Check from here or here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document.Let me know how things are running now and what issues remain.-screen317 Link to post Share on other sites More sharing options...
AndrewWChang Posted August 15, 2012 Author ID:585694 Share Posted August 15, 2012 This are the logs from TDSSKiller, AdwCleaner, ESET has been scanning for 6 hours and so far has found 14 files. I am going on business until Tuesday 8/21 if this does not complete by the time I leave will the topic still be open upon my return? 12:46:58.0971 4360 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:0512:47:00.0984 4360 ============================================================12:47:00.0984 4360 Current date / time: 2012/08/15 12:47:00.098412:47:00.0984 4360 SystemInfo:12:47:00.0984 4360 12:47:00.0984 4360 OS Version: 6.1.7601 ServicePack: 1.012:47:00.0984 4360 Product type: Workstation12:47:00.0984 4360 ComputerName: SCORPIONSYSTEMS12:47:00.0984 4360 UserName: Scorpion Systems12:47:00.0984 4360 Windows directory: C:\Windows12:47:00.0984 4360 System windows directory: C:\Windows12:47:00.0984 4360 Running under WOW6412:47:00.0984 4360 Processor architecture: Intel x6412:47:00.0984 4360 Number of processors: 412:47:00.0984 4360 Page size: 0x100012:47:00.0984 4360 Boot type: Normal boot12:47:00.0984 4360 ============================================================12:47:02.0669 4360 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000004012:47:02.0684 4360 Drive \Device\Harddisk1\DR1 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000004012:47:02.0700 4360 Drive \Device\Harddisk2\DR2 - Size: 0x45DD826000 (279.46 Gb), SectorSize: 0x200, Cylinders: 0x8E81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'12:47:02.0715 4360 ============================================================12:47:02.0715 4360 \Device\Harddisk0\DR0:12:47:02.0715 4360 MBR partitions:12:47:02.0715 4360 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3200012:47:02.0715 4360 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72FBF00012:47:02.0715 4360 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x72FF1800, BlocksNum 0x171480012:47:02.0715 4360 \Device\Harddisk1\DR1:12:47:02.0715 4360 MBR partitions:12:47:02.0715 4360 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1F15F6E12:47:02.0715 4360 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x1F15FAD, BlocksNum 0x48940F1412:47:02.0715 4360 \Device\Harddisk2\DR2:12:47:02.0715 4360 MBR partitions:12:47:02.0715 4360 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x42A147E12:47:02.0715 4360 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x42A14FC, BlocksNum 0x4477EF612:47:02.0731 4360 \Device\Harddisk2\DR2\Partition3: MBR, Type 0x7, StartLBA 0x8719431, BlocksNum 0x435D8AE12:47:02.0731 4360 \Device\Harddisk2\DR2\Partition4: MBR, Type 0x7, StartLBA 0xCA76D1E, BlocksNum 0x421801B12:47:02.0747 4360 \Device\Harddisk2\DR2\Partition5: MBR, Type 0x7, StartLBA 0x10C8ED78, BlocksNum 0x45381E712:47:02.0747 4360 \Device\Harddisk2\DR2\Partition6: MBR, Type 0x7, StartLBA 0x151C6F9E, BlocksNum 0x41E8F0F12:47:02.0762 4360 \Device\Harddisk2\DR2\Partition7: MBR, Type 0x7, StartLBA 0x193AFEEC, BlocksNum 0x47F62DA12:47:02.0778 4360 \Device\Harddisk2\DR2\Partition8: MBR, Type 0x7, StartLBA 0x1DBA6205, BlocksNum 0x5344B3C12:47:02.0778 4360 ============================================================12:47:02.0793 4360 C: <-> \Device\Harddisk0\DR0\Partition212:47:02.0856 4360 D: <-> \Device\Harddisk0\DR0\Partition312:47:02.0871 4360 F: <-> \Device\Harddisk1\DR1\Partition212:47:02.0887 4360 G: <-> \Device\Harddisk1\DR1\Partition112:47:02.0918 4360 J: <-> \Device\Harddisk2\DR2\Partition112:47:02.0934 4360 K: <-> \Device\Harddisk2\DR2\Partition412:47:02.0965 4360 L: <-> \Device\Harddisk2\DR2\Partition312:47:02.0981 4360 M: <-> \Device\Harddisk2\DR2\Partition212:47:03.0027 4360 N: <-> \Device\Harddisk2\DR2\Partition512:47:03.0059 4360 O: <-> \Device\Harddisk2\DR2\Partition612:47:03.0105 4360 P: <-> \Device\Harddisk2\DR2\Partition712:47:03.0152 4360 T: <-> \Device\Harddisk2\DR2\Partition812:47:03.0152 4360 ============================================================12:47:03.0152 4360 Initialize success12:47:03.0152 4360 ============================================================12:47:07.0723 1996 ============================================================12:47:07.0723 1996 Scan started12:47:07.0723 1996 Mode: Manual;12:47:07.0723 1996 ============================================================12:47:11.0124 1996 ================ Scan services =============================12:47:11.0295 1996 [ a87d604aea360176311474c87a63bb88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys12:47:11.0311 1996 1394ohci - ok12:47:11.0327 1996 [ d81d9e70b8a6dd14d42d7b4efa65d5f2 ] ACPI C:\Windows\system32\drivers\ACPI.sys12:47:11.0342 1996 ACPI - ok12:47:11.0358 1996 [ 99f8e788246d495ce3794d7e7821d2ca ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys12:47:11.0358 1996 AcpiPmi - ok12:47:11.0451 1996 [ 62b7936f9036dd6ed36e6a7efa805dc0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe12:47:11.0529 1996 AdobeARMservice - ok12:47:11.0545 1996 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys12:47:11.0561 1996 adp94xx - ok12:47:11.0576 1996 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\Windows\system32\drivers\adpahci.sys12:47:11.0576 1996 adpahci - ok12:47:11.0592 1996 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys12:47:11.0607 1996 adpu320 - ok12:47:11.0623 1996 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll12:47:11.0623 1996 AeLookupSvc - ok12:47:11.0670 1996 [ a6fb9db8f1a86861d955fd6975977ae0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe12:47:11.0685 1996 AESTFilters - ok12:47:11.0717 1996 [ 1c7857b62de5994a75b054a9fd4c3825 ] AFD C:\Windows\system32\drivers\afd.sys12:47:11.0732 1996 AFD - ok12:47:11.0748 1996 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\Windows\system32\drivers\agp440.sys12:47:11.0779 1996 agp440 - ok12:47:11.0795 1996 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\Windows\System32\alg.exe12:47:11.0795 1996 ALG - ok12:47:11.0810 1996 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\Windows\system32\drivers\aliide.sys12:47:11.0810 1996 aliide - ok12:47:11.0857 1996 [ 9a75fd4d9a1b9152cfc920d6a9e2b61a ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe12:47:11.0857 1996 AMD External Events Utility - ok12:47:11.0873 1996 [ 30bfeee0dffd5bd79d29157cf080deed ] amdhub30 C:\Windows\system32\drivers\amdhub30.sys12:47:11.0873 1996 amdhub30 - ok12:47:11.0888 1996 [ 1ff8b4431c353ce385c875f194924c0c ] amdide C:\Windows\system32\drivers\amdide.sys12:47:11.0888 1996 amdide - ok12:47:11.0904 1996 [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys12:47:11.0904 1996 AmdK8 - ok12:47:12.0091 1996 [ f937254a1c63b6bb6ddbb41bf69967bb ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys12:47:12.0263 1996 amdkmdag - ok12:47:12.0294 1996 [ 5e709520b37733331d4cea35a9e9483e ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys12:47:12.0294 1996 amdkmdap - ok12:47:12.0309 1996 [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys12:47:12.0309 1996 AmdPPM - ok12:47:12.0325 1996 [ d4121ae6d0c0e7e13aa221aa57ef2d49 ] amdsata C:\Windows\system32\drivers\amdsata.sys12:47:12.0325 1996 amdsata - ok12:47:12.0341 1996 [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs C:\Windows\system32\drivers\amdsbs.sys12:47:12.0341 1996 amdsbs - ok12:47:12.0356 1996 [ 540daf1cea6094886d72126fd7c33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys12:47:12.0356 1996 amdxata - ok12:47:12.0372 1996 [ 321533578132c811ec834a1b741c994c ] amdxhc C:\Windows\system32\drivers\amdxhc.sys12:47:12.0372 1996 amdxhc - ok12:47:12.0387 1996 [ 2fbb00a7616106b95104574c6cd640c2 ] amd_sata C:\Windows\system32\drivers\amd_sata.sys12:47:12.0387 1996 amd_sata - ok12:47:12.0387 1996 [ 87d0d7645cb0d53220649bd5fe15d93e ] amd_xata C:\Windows\system32\drivers\amd_xata.sys12:47:12.0387 1996 amd_xata - ok12:47:12.0387 1996 [ 89a69c3f2f319b43379399547526d952 ] AppID C:\Windows\system32\drivers\appid.sys12:47:12.0403 1996 AppID - ok12:47:12.0403 1996 [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc C:\Windows\System32\appidsvc.dll12:47:12.0419 1996 AppIDSvc - ok12:47:12.0419 1996 [ 3977d4a871ca0d4f2ed1e7db46829731 ] Appinfo C:\Windows\System32\appinfo.dll12:47:12.0434 1996 Appinfo - ok12:47:12.0450 1996 [ c484f8ceb1717c540242531db7845c4e ] arc C:\Windows\system32\drivers\arc.sys12:47:12.0450 1996 arc - ok12:47:12.0465 1996 [ 019af6924aefe7839f61c830227fe79c ] arcsas C:\Windows\system32\drivers\arcsas.sys12:47:12.0481 1996 arcsas - ok12:47:12.0559 1996 [ 9217d874131ae6ff8f642f124f00a555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe12:47:12.0590 1996 aspnet_state - ok12:47:12.0637 1996 [ 769765ce2cc62867468cea93969b2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys12:47:12.0668 1996 AsyncMac - ok12:47:12.0684 1996 [ 02062c0b390b7729edc9e69c680a6f3c ] atapi C:\Windows\system32\drivers\atapi.sys12:47:12.0684 1996 atapi - ok12:47:12.0731 1996 [ f23fef6d569fce88671949894a8becf1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll12:47:12.0731 1996 AudioEndpointBuilder - ok12:47:12.0762 1996 [ f23fef6d569fce88671949894a8becf1 ] AudioSrv C:\Windows\System32\Audiosrv.dll12:47:12.0762 1996 AudioSrv - ok12:47:12.0777 1996 [ a6bf31a71b409dfa8cac83159e1e2aff ] AxInstSV C:\Windows\System32\AxInstSV.dll12:47:12.0777 1996 AxInstSV - ok12:47:12.0793 1996 [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys12:47:12.0809 1996 b06bdrv - ok12:47:12.0824 1996 [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys12:47:12.0824 1996 b57nd60a - ok12:47:12.0840 1996 [ fde360167101b4e45a96f939f388aeb0 ] BDESVC C:\Windows\System32\bdesvc.dll12:47:12.0840 1996 BDESVC - ok12:47:12.0855 1996 [ 16a47ce2decc9b099349a5f840654746 ] Beep C:\Windows\system32\drivers\Beep.sys12:47:12.0855 1996 Beep - ok12:47:12.0887 1996 [ 82974d6a2fd19445cc5171fc378668a4 ] BFE C:\Windows\System32\bfe.dll12:47:12.0887 1996 BFE - ok12:47:13.0074 1996 [ e99f59342171101ee2446d0cd1a60a8d ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\BASHDefs\20120811.003\BHDrvx64.sys12:47:13.0089 1996 BHDrvx64 - ok12:47:13.0136 1996 [ 1ea7969e3271cbc59e1730697dc74682 ] BITS C:\Windows\system32\qmgr.dll12:47:13.0152 1996 BITS - ok12:47:13.0167 1996 [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys12:47:13.0167 1996 blbdrive - ok12:47:13.0183 1996 [ 6c02a83164f5cc0a262f4199f0871cf5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys12:47:13.0183 1996 bowser - ok12:47:13.0214 1996 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys12:47:13.0214 1996 BrFiltLo - ok12:47:13.0230 1996 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys12:47:13.0230 1996 BrFiltUp - ok12:47:13.0261 1996 [ 5c2f352a4e961d72518261257aae204b ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys12:47:13.0261 1996 BridgeMP - ok12:47:13.0292 1996 [ 05f5a0d14a2ee1d8255c2aa0e9e8e694 ] Browser C:\Windows\System32\browser.dll12:47:13.0292 1996 Browser - ok12:47:13.0323 1996 [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid C:\Windows\System32\Drivers\Brserid.sys12:47:13.0339 1996 Brserid - ok12:47:13.0339 1996 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys12:47:13.0355 1996 BrSerWdm - ok12:47:13.0355 1996 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys12:47:13.0370 1996 BrUsbMdm - ok12:47:13.0386 1996 [ a87528880231c54e75ea7a44943b38bf ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys12:47:13.0401 1996 BrUsbSer - ok12:47:13.0417 1996 [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys12:47:13.0417 1996 BTHMODEM - ok12:47:13.0433 1996 [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv C:\Windows\system32\bthserv.dll12:47:13.0448 1996 bthserv - ok12:47:13.0448 1996 catchme - ok12:47:13.0511 1996 [ 2c6ffcca37b002aab3c7c31a6d780a76 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\0603000.00E\ccSetx64.sys12:47:13.0511 1996 ccSet_N360 - ok12:47:13.0589 1996 [ a8ad33c9dd88c810cac00acc7f4329fb ] ccSet_NST C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys12:47:13.0589 1996 ccSet_NST - ok12:47:13.0620 1996 [ b8bd2bb284668c84865658c77574381a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys12:47:13.0635 1996 cdfs - ok12:47:13.0651 1996 [ f036ce71586e93d94dab220d7bdf4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys12:47:13.0651 1996 cdrom - ok12:47:13.0651 1996 [ f17d1d393bbc69c5322fbfafaca28c7f ] CertPropSvc C:\Windows\System32\certprop.dll12:47:13.0667 1996 CertPropSvc - ok12:47:13.0667 1996 [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass C:\Windows\system32\drivers\circlass.sys12:47:13.0667 1996 circlass - ok12:47:13.0698 1996 [ fe1ec06f2253f691fe36217c592a0206 ] CLFS C:\Windows\system32\CLFS.sys12:47:13.0698 1996 CLFS - ok12:47:13.0745 1996 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe12:47:13.0776 1996 clr_optimization_v2.0.50727_32 - ok12:47:13.0823 1996 [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe12:47:13.0823 1996 clr_optimization_v2.0.50727_64 - ok12:47:13.0854 1996 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe12:47:13.0901 1996 clr_optimization_v4.0.30319_32 - ok12:47:13.0916 1996 [ c6f9af94dcd58122a4d7e89db6bed29d ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe12:47:13.0932 1996 clr_optimization_v4.0.30319_64 - ok12:47:13.0963 1996 [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys12:47:13.0963 1996 CmBatt - ok12:47:13.0994 1996 [ e19d3f095812725d88f9001985b94edd ] cmdide C:\Windows\system32\drivers\cmdide.sys12:47:14.0010 1996 cmdide - ok12:47:14.0057 1996 [ 9ac4f97c2d3e93367e2148ea940cd2cd ] CNG C:\Windows\system32\Drivers\cng.sys12:47:14.0072 1996 CNG - ok12:47:14.0103 1996 [ 102de219c3f61415f964c88e9085ad14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys12:47:14.0103 1996 Compbatt - ok12:47:14.0119 1996 [ 03edb043586cceba243d689bdda370a8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys12:47:14.0119 1996 CompositeBus - ok12:47:14.0135 1996 COMSysApp - ok12:47:14.0150 1996 [ 1c827878a998c18847245fe1f34ee597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys12:47:14.0150 1996 crcdisk - ok12:47:14.0181 1996 [ 4f5414602e2544a4554d95517948b705 ] CryptSvc C:\Windows\system32\cryptsvc.dll12:47:14.0181 1996 CryptSvc - ok12:47:14.0291 1996 [ 72794d112cbaff3bc0c29bf7350d4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE12:47:14.0322 1996 cvhsvc - ok12:47:14.0337 1996 [ 5c627d1b1138676c0a7ab2c2c190d123 ] DcomLaunch C:\Windows\system32\rpcss.dll12:47:14.0353 1996 DcomLaunch - ok12:47:14.0369 1996 [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc C:\Windows\System32\defragsvc.dll12:47:14.0400 1996 defragsvc - ok12:47:14.0415 1996 [ 9bb2ef44eaa163b29c4a4587887a0fe4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys12:47:14.0415 1996 DfsC - ok12:47:14.0447 1996 [ 43d808f5d9e1a18e5eeb5ebc83969e4e ] Dhcp C:\Windows\system32\dhcpcore.dll12:47:14.0462 1996 Dhcp - ok12:47:14.0493 1996 [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache C:\Windows\system32\drivers\discache.sys12:47:14.0493 1996 discache - ok12:47:14.0509 1996 [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk C:\Windows\system32\drivers\disk.sys12:47:14.0509 1996 Disk - ok12:47:14.0540 1996 [ 16835866aaa693c7d7fceba8fff706e4 ] Dnscache C:\Windows\System32\dnsrslvr.dll12:47:14.0540 1996 Dnscache - ok12:47:14.0556 1996 [ b1fb3ddca0fdf408750d5843591afbc6 ] dot3svc C:\Windows\System32\dot3svc.dll12:47:14.0571 1996 dot3svc - ok12:47:14.0587 1996 [ b26f4f737e8f9df4f31af6cf31d05820 ] DPS C:\Windows\system32\dps.dll12:47:14.0587 1996 DPS - ok12:47:14.0603 1996 [ 9b19f34400d24df84c858a421c205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys12:47:14.0603 1996 drmkaud - ok12:47:14.0649 1996 [ f5bee30450e18e6b83a5012c100616fd ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys12:47:14.0665 1996 DXGKrnl - ok12:47:14.0681 1996 [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost C:\Windows\System32\eapsvc.dll12:47:14.0681 1996 EapHost - ok12:47:14.0743 1996 [ dc5d737f51be844d8c82c695eb17372f ] ebdrv C:\Windows\system32\drivers\evbda.sys12:47:14.0805 1996 ebdrv - ok12:47:14.0868 1996 [ 4353ff94d47a0a9d52b89eccf0cdb013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys12:47:14.0883 1996 eeCtrl - ok12:47:14.0915 1996 [ c118a82cd78818c29ab228366ebf81c3 ] EFS C:\Windows\System32\lsass.exe12:47:14.0915 1996 EFS - ok12:47:14.0977 1996 [ c4002b6b41975f057d98c439030cea07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe12:47:14.0993 1996 ehRecvr - ok12:47:15.0008 1996 [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched C:\Windows\ehome\ehsched.exe12:47:15.0008 1996 ehSched - ok12:47:15.0024 1996 [ 0e5da5369a0fcaea12456dd852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys12:47:15.0039 1996 elxstor - ok12:47:15.0086 1996 [ c5bccb378d0a896304a3e71be7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys12:47:15.0086 1996 EraserUtilRebootDrv - ok12:47:15.0102 1996 [ 34a3c54752046e79a126e15c51db409b ] ErrDev C:\Windows\system32\drivers\errdev.sys12:47:15.0102 1996 ErrDev - ok12:47:15.0149 1996 [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem C:\Windows\system32\es.dll12:47:15.0149 1996 EventSystem - ok12:47:15.0164 1996 [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat C:\Windows\system32\drivers\exfat.sys12:47:15.0180 1996 exfat - ok12:47:15.0195 1996 [ 0adc83218b66a6db380c330836f3e36d ] fastfat C:\Windows\system32\drivers\fastfat.sys12:47:15.0195 1996 fastfat - ok12:47:15.0211 1996 [ dbefd454f8318a0ef691fdd2eaab44eb ] Fax C:\Windows\system32\fxssvc.exe12:47:15.0227 1996 Fax - ok12:47:15.0242 1996 [ d765d19cd8ef61f650c384f62fac00ab ] fdc C:\Windows\system32\drivers\fdc.sys12:47:15.0242 1996 fdc - ok12:47:15.0258 1996 [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost C:\Windows\system32\fdPHost.dll12:47:15.0258 1996 fdPHost - ok12:47:15.0258 1996 [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub C:\Windows\system32\fdrespub.dll12:47:15.0258 1996 FDResPub - ok12:47:15.0273 1996 [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys12:47:15.0289 1996 FileInfo - ok12:47:15.0289 1996 [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys12:47:15.0289 1996 Filetrace - ok12:47:15.0367 1996 [ 8669be94f63944e4f899c3950b520241 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe12:47:15.0398 1996 FLEXnet Licensing Service - ok12:47:15.0429 1996 [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys12:47:15.0429 1996 flpydisk - ok12:47:15.0445 1996 [ da6b67270fd9db3697b20fce94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys12:47:15.0461 1996 FltMgr - ok12:47:15.0492 1996 [ 5c4cb4086fb83115b153e47add961a0c ] FontCache C:\Windows\system32\FntCache.dll12:47:15.0507 1996 FontCache - ok12:47:15.0554 1996 [ a8b7f3818ab65695e3a0bb3279f6dce6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe12:47:15.0570 1996 FontCache3.0.0.0 - ok12:47:15.0601 1996 [ d43703496149971890703b4b1b723eac ] FsDepends C:\Windows\system32\drivers\FsDepends.sys12:47:15.0601 1996 FsDepends - ok12:47:15.0632 1996 [ 6bd9295cc032dd3077c671fccf579a7b ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys12:47:15.0632 1996 Fs_Rec - ok12:47:15.0663 1996 [ 1f7b25b858fa27015169fe95e54108ed ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys12:47:15.0663 1996 fvevol - ok12:47:15.0695 1996 [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys12:47:15.0695 1996 gagp30kx - ok12:47:15.0741 1996 [ e403aacf8c7bb11375122d2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys12:47:15.0741 1996 GEARAspiWDM - ok12:47:15.0773 1996 [ 277bbc7e1aa1ee957f573a10eca7ef3a ] gpsvc C:\Windows\System32\gpsvc.dll12:47:15.0788 1996 gpsvc - ok12:47:15.0835 1996 [ f02a533f517eb38333cb12a9e8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe12:47:15.0851 1996 gupdate - ok12:47:15.0851 1996 [ f02a533f517eb38333cb12a9e8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe12:47:15.0851 1996 gupdatem - ok12:47:15.0882 1996 [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys12:47:15.0882 1996 hcw85cir - ok12:47:15.0897 1996 [ 975761c778e33cd22498059b91e7373a ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys12:47:15.0897 1996 HdAudAddService - ok12:47:15.0929 1996 [ 97bfed39b6b79eb12cddbfeed51f56bb ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys12:47:15.0929 1996 HDAudBus - ok12:47:15.0944 1996 [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt C:\Windows\system32\drivers\HidBatt.sys12:47:15.0944 1996 HidBatt - ok12:47:15.0960 1996 [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth C:\Windows\system32\drivers\hidbth.sys12:47:15.0975 1996 HidBth - ok12:47:15.0975 1996 [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr C:\Windows\system32\drivers\hidir.sys12:47:15.0991 1996 HidIr - ok12:47:15.0991 1996 [ bd9eb3958f213f96b97b1d897dee006d ] hidserv C:\Windows\System32\hidserv.dll12:47:16.0007 1996 hidserv - ok12:47:16.0007 1996 [ 9592090a7e2b61cd582b612b6df70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys12:47:16.0007 1996 HidUsb - ok12:47:16.0022 1996 [ 387e72e739e15e3d37907a86d9ff98e2 ] hkmsvc C:\Windows\system32\kmsvc.dll12:47:16.0038 1996 hkmsvc - ok12:47:16.0053 1996 [ efdfb3dd38a4376f93e7985173813abd ] HomeGroupListener C:\Windows\system32\ListSvc.dll12:47:16.0053 1996 HomeGroupListener - ok12:47:16.0069 1996 [ 908acb1f594274965a53926b10c81e89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll12:47:16.0069 1996 HomeGroupProvider - ok12:47:16.0131 1996 [ 13bb1114451c63bfb41ba7daa4d70a29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe12:47:16.0131 1996 HP Support Assistant Service - ok12:47:16.0194 1996 [ 6a181452d4e240b8ecc7614b9a19bde9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe12:47:16.0194 1996 HPClientSvc - ok12:47:16.0256 1996 [ bcc4a8b2e2e902f52e7f2e7d8e125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe12:47:16.0256 1996 HPDrvMntSvc.exe - ok12:47:16.0287 1996 [ ec9739a46f1f83c6e52a7a4697f44a65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe12:47:16.0319 1996 hpqwmiex - ok12:47:16.0350 1996 [ 39d2abcd392f3d8a6dce7b60ae7b8efc ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys12:47:16.0365 1996 HpSAMD - ok12:47:16.0397 1996 [ 0ea7de1acb728dd5a369fd742d6eee28 ] HTTP C:\Windows\system32\drivers\HTTP.sys12:47:16.0397 1996 HTTP - ok12:47:16.0428 1996 [ a5462bd6884960c9dc85ed49d34ff392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys12:47:16.0428 1996 hwpolicy - ok12:47:16.0428 1996 [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys12:47:16.0443 1996 i8042prt - ok12:47:16.0443 1996 [ aaaf44db3bd0b9d1fb6969b23ecc8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys12:47:16.0459 1996 iaStorV - ok12:47:16.0506 1996 [ 5988fc40f8db5b0739cd1e3a5d0d78bd ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe12:47:16.0537 1996 idsvc - ok12:47:16.0646 1996 [ ce0bf35c79e03bb89da6b14fac838605 ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\IPSDefs\20120814.005\IDSvia64.sys12:47:16.0662 1996 IDSVia64 - ok12:47:16.0787 1996 [ a87261ef1546325b559374f5689cf5bc ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys12:47:16.0896 1996 igfx - ok12:47:16.0911 1996 [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp C:\Windows\system32\drivers\iirsp.sys12:47:16.0911 1996 iirsp - ok12:47:16.0958 1996 [ fcd84c381e0140af901e58d48882d26b ] IKEEXT C:\Windows\System32\ikeext.dll12:47:16.0958 1996 IKEEXT - ok12:47:16.0974 1996 [ f00f20e70c6ec3aa366910083a0518aa ] intelide C:\Windows\system32\drivers\intelide.sys12:47:16.0974 1996 intelide - ok12:47:16.0989 1996 [ ada036632c664caa754079041cf1f8c1 ] intelppm C:\Windows\system32\drivers\intelppm.sys12:47:16.0989 1996 intelppm - ok12:47:17.0005 1996 [ 098a91c54546a3b878dad6a7e90a455b ] IPBusEnum C:\Windows\system32\ipbusenum.dll12:47:17.0021 1996 IPBusEnum - ok12:47:17.0021 1996 [ c9f0e1bd74365a8771590e9008d22ab6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys12:47:17.0036 1996 IpFilterDriver - ok12:47:17.0052 1996 [ a34a587fffd45fa649fba6d03784d257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll12:47:17.0067 1996 iphlpsvc - ok12:47:17.0067 1996 [ 0fc1aea580957aa8817b8f305d18ca3a ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys12:47:17.0067 1996 IPMIDRV - ok12:47:17.0083 1996 [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys12:47:17.0083 1996 IPNAT - ok12:47:17.0099 1996 [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM C:\Windows\system32\drivers\irenum.sys12:47:17.0099 1996 IRENUM - ok12:47:17.0114 1996 [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp C:\Windows\system32\drivers\isapnp.sys12:47:17.0114 1996 isapnp - ok12:47:17.0130 1996 [ d931d7309deb2317035b07c9f9e6b0bd ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys12:47:17.0130 1996 iScsiPrt - ok12:47:17.0145 1996 [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys12:47:17.0145 1996 kbdclass - ok12:47:17.0161 1996 [ 0705eff5b42a9db58548eec3b26bb484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys12:47:17.0161 1996 kbdhid - ok12:47:17.0177 1996 [ c118a82cd78818c29ab228366ebf81c3 ] KeyIso C:\Windows\system32\lsass.exe12:47:17.0177 1996 KeyIso - ok12:47:17.0192 1996 [ 97a7070aea4c058b6418519e869a63b4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys12:47:17.0192 1996 KSecDD - ok12:47:17.0208 1996 [ 26c43a7c2862447ec59deda188d1da07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys12:47:17.0208 1996 KSecPkg - ok12:47:17.0223 1996 [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys12:47:17.0223 1996 ksthunk - ok12:47:17.0239 1996 [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm C:\Windows\system32\msdtckrm.dll12:47:17.0270 1996 KtmRm - ok12:47:17.0301 1996 [ d9f42719019740baa6d1c6d536cbdaa6 ] LanmanServer C:\Windows\System32\srvsvc.dll12:47:17.0301 1996 LanmanServer - ok12:47:17.0317 1996 [ 851a1382eed3e3a7476db004f4ee3e1a ] LanmanWorkstation C:\Windows\System32\wkssvc.dll12:47:17.0317 1996 LanmanWorkstation - ok12:47:17.0333 1996 [ 1538831cf8ad2979a04c423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys12:47:17.0333 1996 lltdio - ok12:47:17.0348 1996 [ c1185803384ab3feed115f79f109427f ] lltdsvc C:\Windows\System32\lltdsvc.dll12:47:17.0364 1996 lltdsvc - ok12:47:17.0379 1996 [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts C:\Windows\System32\lmhsvc.dll12:47:17.0379 1996 lmhosts - ok12:47:17.0395 1996 [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys12:47:17.0395 1996 LSI_FC - ok12:47:17.0411 1996 [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys12:47:17.0411 1996 LSI_SAS - ok12:47:17.0426 1996 [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys12:47:17.0426 1996 LSI_SAS2 - ok12:47:17.0442 1996 [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys12:47:17.0442 1996 LSI_SCSI - ok12:47:17.0473 1996 [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv C:\Windows\system32\drivers\luafv.sys12:47:17.0473 1996 luafv - ok12:47:17.0489 1996 [ dc8490812a3b72811ae534f423b4c206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys12:47:17.0504 1996 MBAMProtector - ok12:47:17.0535 1996 [ 43683e970f008c93c9429ef428147a54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe12:47:17.0567 1996 MBAMService - ok12:47:17.0598 1996 [ 0be09cd858abf9df6ed259d57a1a1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll12:47:17.0598 1996 Mcx2Svc - ok12:47:17.0598 1996 [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas C:\Windows\system32\drivers\megasas.sys12:47:17.0598 1996 megasas - ok12:47:17.0613 1996 [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys12:47:17.0629 1996 MegaSR - ok12:47:17.0645 1996 [ e40e80d0304a73e8d269f7141d77250b ] MMCSS C:\Windows\system32\mmcss.dll12:47:17.0645 1996 MMCSS - ok12:47:17.0660 1996 [ 800ba92f7010378b09f9ed9270f07137 ] Modem C:\Windows\system32\drivers\modem.sys12:47:17.0676 1996 Modem - ok12:47:17.0691 1996 [ b03d591dc7da45ece20b3b467e6aadaa ] monitor C:\Windows\system32\DRIVERS\monitor.sys12:47:17.0691 1996 monitor - ok12:47:17.0707 1996 [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys12:47:17.0707 1996 mouclass - ok12:47:17.0738 1996 [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys12:47:17.0738 1996 mouhid - ok12:47:17.0738 1996 [ 32e7a3d591d671a6df2db515a5cbe0fa ] mountmgr C:\Windows\system32\drivers\mountmgr.sys12:47:17.0754 1996 mountmgr - ok12:47:17.0801 1996 [ 46297fa8e30a6007f14118fc2b942fbc ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe12:47:17.0816 1996 MozillaMaintenance - ok12:47:17.0847 1996 [ a44b420d30bd56e145d6a2bc8768ec58 ] mpio C:\Windows\system32\drivers\mpio.sys12:47:17.0847 1996 mpio - ok12:47:17.0863 1996 [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys12:47:17.0863 1996 mpsdrv - ok12:47:17.0894 1996 [ 54ffc9c8898113ace189d4aa7199d2c1 ] MpsSvc C:\Windows\system32\mpssvc.dll12:47:17.0910 1996 MpsSvc - ok12:47:17.0925 1996 [ dc722758b8261e1abafd31a3c0a66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys12:47:17.0941 1996 MRxDAV - ok12:47:17.0972 1996 [ a5d9106a73dc88564c825d317cac68ac ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys12:47:17.0988 1996 mrxsmb - ok12:47:17.0988 1996 [ d711b3c1d5f42c0c2415687be09fc163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys12:47:18.0003 1996 mrxsmb10 - ok12:47:18.0019 1996 [ 9423e9d355c8d303e76b8cfbd8a5c30c ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys12:47:18.0019 1996 mrxsmb20 - ok12:47:18.0050 1996 [ c25f0bafa182cbca2dd3c851c2e75796 ] msahci C:\Windows\system32\drivers\msahci.sys12:47:18.0050 1996 msahci - ok12:47:18.0081 1996 [ db801a638d011b9633829eb6f663c900 ] msdsm C:\Windows\system32\drivers\msdsm.sys12:47:18.0081 1996 msdsm - ok12:47:18.0113 1996 [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC C:\Windows\System32\msdtc.exe12:47:18.0113 1996 MSDTC - ok12:47:18.0144 1996 [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs C:\Windows\system32\drivers\Msfs.sys12:47:18.0144 1996 Msfs - ok12:47:18.0159 1996 [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys12:47:18.0159 1996 mshidkmdf - ok12:47:18.0191 1996 [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv C:\Windows\system32\drivers\msisadrv.sys12:47:18.0191 1996 msisadrv - ok12:47:18.0206 1996 [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll12:47:18.0237 1996 MSiSCSI - ok12:47:18.0253 1996 msiserver - ok12:47:18.0284 1996 [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys12:47:18.0284 1996 MSKSSRV - ok12:47:18.0300 1996 [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys12:47:18.0300 1996 MSPCLOCK - ok12:47:18.0315 1996 [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys12:47:18.0315 1996 MSPQM - ok12:47:18.0331 1996 [ 759a9eeb0fa9ed79da1fb7d4ef78866d ] MsRPC C:\Windows\system32\drivers\MsRPC.sys12:47:18.0347 1996 MsRPC - ok12:47:18.0347 1996 [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys12:47:18.0347 1996 mssmbios - ok12:47:18.0378 1996 [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys12:47:18.0378 1996 MSTEE - ok12:47:18.0393 1996 [ 7ea404308934e675bffde8edf0757bcd ] MTConfig C:\Windows\system32\drivers\MTConfig.sys12:47:18.0393 1996 MTConfig - ok12:47:18.0409 1996 [ f9a18612fd3526fe473c1bda678d61c8 ] Mup C:\Windows\system32\Drivers\mup.sys12:47:18.0409 1996 Mup - ok12:47:18.0565 1996 [ f2840dbfe9322f35557219ae82cc4597 ] N360 C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\ccSvcHst.exe12:47:18.0565 1996 N360 - ok12:47:18.0612 1996 [ 582ac6d9873e31dfa28a4547270862dd ] napagent C:\Windows\system32\qagentRT.dll12:47:18.0612 1996 napagent - ok12:47:18.0643 1996 [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys12:47:18.0643 1996 NativeWifiP - ok12:47:18.0705 1996 [ 8043d41f881d6ace40b854ad6e32217f ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\VirusDefs\20120814.025\ENG64.SYS12:47:18.0705 1996 NAVENG - ok12:47:18.0783 1996 [ 9a9ab2fc45d701daed465d14980f1305 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\VirusDefs\20120814.025\EX64.SYS12:47:18.0815 1996 NAVEX15 - ok12:47:18.0861 1996 [ 79b47fd40d9a817e932f9d26fac0a81c ] NDIS C:\Windows\system32\drivers\ndis.sys12:47:18.0861 1996 NDIS - ok12:47:18.0877 1996 [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys12:47:18.0877 1996 NdisCap - ok12:47:18.0893 1996 [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys12:47:18.0893 1996 NdisTapi - ok12:47:18.0908 1996 [ 136185f9fb2cc61e573e676aa5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys12:47:18.0908 1996 Ndisuio - ok12:47:18.0924 1996 [ 53f7305169863f0a2bddc49e116c2e11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys12:47:18.0924 1996 NdisWan - ok12:47:18.0939 1996 [ 015c0d8e0e0421b4cfd48cffe2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys12:47:18.0939 1996 NDProxy - ok12:47:18.0955 1996 [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys12:47:18.0955 1996 NetBIOS - ok12:47:18.0971 1996 [ 09594d1089c523423b32a4229263f068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys12:47:18.0971 1996 NetBT - ok12:47:18.0986 1996 [ c118a82cd78818c29ab228366ebf81c3 ] Netlogon C:\Windows\system32\lsass.exe12:47:18.0986 1996 Netlogon - ok12:47:19.0017 1996 [ 847d3ae376c0817161a14a82c8922a9e ] Netman C:\Windows\System32\netman.dll12:47:19.0017 1996 Netman - ok12:47:19.0049 1996 [ d22cd77d4f0d63d1169bb35911bff12d ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe12:47:19.0111 1996 NetMsmqActivator - ok12:47:19.0127 1996 [ d22cd77d4f0d63d1169bb35911bff12d ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe12:47:19.0127 1996 NetPipeActivator - ok12:47:19.0158 1996 [ 5f28111c648f1e24f7dbc87cdeb091b8 ] netprofm C:\Windows\System32\netprofm.dll12:47:19.0158 1996 netprofm - ok12:47:19.0189 1996 [ 8b5d2d7cb0ef5b1967860b8ab742a46c ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys12:47:19.0205 1996 netr28x - ok12:47:19.0220 1996 [ d22cd77d4f0d63d1169bb35911bff12d ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe12:47:19.0220 1996 NetTcpActivator - ok12:47:19.0220 1996 [ d22cd77d4f0d63d1169bb35911bff12d ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe12:47:19.0220 1996 NetTcpPortSharing - ok12:47:19.0236 1996 [ 77889813be4d166cdab78ddba990da92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys12:47:19.0236 1996 nfrd960 - ok12:47:19.0267 1996 [ 1ee99a89cc788ada662441d1e9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll12:47:19.0267 1996 NlaSvc - ok12:47:19.0298 1996 [ 3ceee0be85d24d911b9c02714817774c ] NPF C:\Windows\system32\drivers\npf.sys12:47:19.0314 1996 NPF - ok12:47:19.0329 1996 [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs C:\Windows\system32\drivers\Npfs.sys12:47:19.0345 1996 Npfs - ok12:47:19.0345 1996 [ d54bfdf3e0c953f823b3d0bfe4732528 ] nsi C:\Windows\system32\nsisvc.dll12:47:19.0345 1996 nsi - ok12:47:19.0361 1996 [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys12:47:19.0361 1996 nsiproxy - ok12:47:19.0439 1996 [ e127420b7feb65c7f279eaac183bbc0e ] NSL C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe12:47:19.0439 1996 NSL - ok12:47:19.0517 1996 [ a2f74975097f52a00745f9637451fdd8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys12:47:19.0548 1996 Ntfs - ok12:47:19.0563 1996 [ 9899284589f75fa8724ff3d16aed75c1 ] Null C:\Windows\system32\drivers\Null.sys12:47:19.0563 1996 Null - ok12:47:19.0579 1996 [ 0a92cb65770442ed0dc44834632f66ad ] nvraid C:\Windows\system32\drivers\nvraid.sys12:47:19.0595 1996 nvraid - ok12:47:19.0610 1996 [ dab0e87525c10052bf65f06152f37e4a ] nvstor C:\Windows\system32\drivers\nvstor.sys12:47:19.0610 1996 nvstor - ok12:47:19.0641 1996 [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys12:47:19.0641 1996 nv_agp - ok12:47:19.0657 1996 [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys12:47:19.0657 1996 ohci1394 - ok12:47:19.0688 1996 [ 9d10f99a6712e28f8acd5641e3a7ea6b ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE12:47:19.0704 1996 ose - ok12:47:19.0829 1996 [ 61bffb5f57ad12f83ab64b7181829b34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE12:47:19.0953 1996 osppsvc - ok12:47:19.0985 1996 [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc C:\Windows\system32\pnrpsvc.dll12:47:19.0985 1996 p2pimsvc - ok12:47:20.0000 1996 [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc C:\Windows\system32\p2psvc.dll12:47:20.0016 1996 p2psvc - ok12:47:20.0016 1996 [ 0086431c29c35be1dbc43f52cc273887 ] Parport C:\Windows\system32\drivers\parport.sys12:47:20.0016 1996 Parport - ok12:47:20.0063 1996 [ e9766131eeade40a27dc27d2d68fba9c ] partmgr C:\Windows\system32\drivers\partmgr.sys12:47:20.0063 1996 partmgr - ok12:47:20.0078 1996 [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll12:47:20.0078 1996 PcaSvc - ok12:47:20.0109 1996 [ 94575c0571d1462a0f70bde6bd6ee6b3 ] pci C:\Windows\system32\drivers\pci.sys12:47:20.0109 1996 pci - ok12:47:20.0125 1996 [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide C:\Windows\system32\drivers\pciide.sys12:47:20.0125 1996 pciide - ok12:47:20.0141 1996 [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia C:\Windows\system32\drivers\pcmcia.sys12:47:20.0156 1996 pcmcia - ok12:47:20.0172 1996 [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw C:\Windows\system32\drivers\pcw.sys12:47:20.0172 1996 pcw - ok12:47:20.0187 1996 pdfcDispatcher - ok12:47:20.0219 1996 [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH C:\Windows\system32\drivers\peauth.sys12:47:20.0219 1996 PEAUTH - ok12:47:20.0297 1996 [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost C:\Windows\SysWow64\perfhost.exe12:47:20.0297 1996 PerfHost - ok12:47:20.0328 1996 [ c7cf6a6e137463219e1259e3f0f0dd6c ] pla C:\Windows\system32\pla.dll12:47:20.0359 1996 pla - ok12:47:20.0406 1996 [ 25fbdef06c4d92815b353f6e792c8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll12:47:20.0406 1996 PlugPlay - ok12:47:20.0468 1996 [ f485770eec8959684cc4c4786b63c06c ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll12:47:20.0468 1996 Pml Driver HPZ12 - ok12:47:20.0484 1996 [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll12:47:20.0484 1996 PNRPAutoReg - ok12:47:20.0499 1996 [ 3eac4455472cc2c97107b5291e0dcafe ] PNRPsvc C:\Windows\system32\pnrpsvc.dll12:47:20.0499 1996 PNRPsvc - ok12:47:20.0515 1996 [ 4f15d75adf6156bf56eced6d4a55c389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll12:47:20.0531 1996 PolicyAgent - ok12:47:20.0546 1996 [ 6ba9d927dded70bd1a9caded45f8b184 ] Power C:\Windows\system32\umpo.dll12:47:20.0546 1996 Power - ok12:47:20.0562 1996 [ f92a2c41117a11a00be01ca01a7fcde9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys12:47:20.0562 1996 PptpMiniport - ok12:47:20.0577 1996 [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor C:\Windows\system32\drivers\processr.sys12:47:20.0577 1996 Processor - ok12:47:20.0624 1996 [ 53e83f1f6cf9d62f32801cf66d8352a8 ] ProfSvc C:\Windows\system32\profsvc.dll12:47:20.0624 1996 ProfSvc - ok12:47:20.0640 1996 [ c118a82cd78818c29ab228366ebf81c3 ] ProtectedStorage C:\Windows\system32\lsass.exe12:47:20.0655 1996 ProtectedStorage - ok12:47:20.0655 1996 [ 0557cf5a2556bd58e26384169d72438d ] Psched C:\Windows\system32\DRIVERS\pacer.sys12:47:20.0671 1996 Psched - ok12:47:20.0702 1996 [ 4712cc14e720ecccc0aa16949d18aaf1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys12:47:20.0702 1996 PxHlpa64 - ok12:47:20.0749 1996 [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys12:47:20.0780 1996 ql2300 - ok12:47:20.0796 1996 [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys12:47:20.0811 1996 ql40xx - ok12:47:20.0827 1996 [ 906191634e99aea92c4816150bda3732 ] QWAVE C:\Windows\system32\qwave.dll12:47:20.0827 1996 QWAVE - ok12:47:20.0843 1996 [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys12:47:20.0843 1996 QWAVEdrv - ok12:47:20.0858 1996 [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys12:47:20.0858 1996 RasAcd - ok12:47:20.0874 1996 [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys12:47:20.0889 1996 RasAgileVpn - ok12:47:20.0889 1996 [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto C:\Windows\System32\rasauto.dll12:47:20.0905 1996 RasAuto - ok12:47:20.0905 1996 [ 471815800ae33e6f1c32fb1b97c490ca ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys12:47:20.0921 1996 Rasl2tp - ok12:47:20.0921 1996 [ ee867a0870fc9e4972ba9eaad35651e2 ] RasMan C:\Windows\System32\rasmans.dll12:47:20.0936 1996 RasMan - ok12:47:20.0952 1996 [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys12:47:20.0952 1996 RasPppoe - ok12:47:20.0967 1996 [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys12:47:20.0967 1996 RasSstp - ok12:47:20.0983 1996 [ 77f665941019a1594d887a74f301fa2f ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys12:47:20.0983 1996 rdbss - ok12:47:20.0999 1996 [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus C:\Windows\system32\drivers\rdpbus.sys12:47:20.0999 1996 rdpbus - ok12:47:21.0014 1996 [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys12:47:21.0014 1996 RDPCDD - ok12:47:21.0030 1996 [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys12:47:21.0030 1996 RDPENCDD - ok12:47:21.0045 1996 [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys12:47:21.0045 1996 RDPREFMP - ok12:47:21.0092 1996 [ e61608aa35e98999af9aaeeea6114b0a ] RDPWD C:\Windows\system32\drivers\RDPWD.sys12:47:21.0108 1996 RDPWD - ok12:47:21.0123 1996 [ 34ed295fa0121c241bfef24764fc4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys12:47:21.0139 1996 rdyboost - ok12:47:21.0170 1996 [ 254fb7a22d74e5511c73a3f6d802f192 ] RemoteAccess C:\Windows\System32\mprdim.dll12:47:21.0186 1996 RemoteAccess - ok12:47:21.0201 1996 [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll12:47:21.0217 1996 RemoteRegistry - ok12:47:21.0295 1996 [ e7062dbd907e0c5ceeb5abdaf07e6b32 ] RosettaStoneDaemon C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe12:47:21.0326 1996 RosettaStoneDaemon - ok12:47:21.0357 1996 [ 085d18c71ab2611a3d61528132b6501e ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe12:47:21.0389 1996 RoxioNow Service - ok12:47:21.0420 1996 [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll12:47:21.0420 1996 RpcEptMapper - ok12:47:21.0451 1996 [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator C:\Windows\system32\locator.exe12:47:21.0451 1996 RpcLocator - ok12:47:21.0482 1996 [ 5c627d1b1138676c0a7ab2c2c190d123 ] RpcSs C:\Windows\system32\rpcss.dll12:47:21.0498 1996 RpcSs - ok12:47:21.0513 1996 [ ddc86e4f8e7456261e637e3552e804ff ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys12:47:21.0513 1996 rspndr - ok12:47:21.0545 1996 [ f4c374b1c46de294b573bb43723ac3f6 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys12:47:21.0560 1996 RTL8167 - ok12:47:21.0576 1996 [ c118a82cd78818c29ab228366ebf81c3 ] SamSs C:\Windows\system32\lsass.exe12:47:21.0576 1996 SamSs - ok12:47:21.0591 1996 [ ac03af3329579fffb455aa2daabbe22b ] sbp2port C:\Windows\system32\drivers\sbp2port.sys12:47:21.0591 1996 sbp2port - ok12:47:21.0607 1996 [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr C:\Windows\System32\SCardSvr.dll12:47:21.0623 1996 SCardSvr - ok12:47:21.0638 1996 [ 253f38d0d7074c02ff8deb9836c97d2b ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys12:47:21.0638 1996 scfilter - ok12:47:21.0669 1996 [ 262f6592c3299c005fd6bec90fc4463a ] Schedule C:\Windows\system32\schedsvc.dll12:47:21.0685 1996 Schedule - ok12:47:21.0716 1996 [ f17d1d393bbc69c5322fbfafaca28c7f ] SCPolicySvc C:\Windows\System32\certprop.dll12:47:21.0716 1996 SCPolicySvc - ok12:47:21.0716 1996 [ 111e0ebc0ad79cb0fa014b907b231cf0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys12:47:21.0716 1996 sdbus - ok12:47:21.0732 1996 [ 6ea4234dc55346e0709560fe7c2c1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll12:47:21.0732 1996 SDRSVC - ok12:47:21.0747 1996 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys12:47:21.0747 1996 secdrv - ok12:47:21.0747 1996 [ bc617a4e1b4fa8df523a061739a0bd87 ] seclogon C:\Windows\system32\seclogon.dll12:47:21.0763 1996 seclogon - ok12:47:21.0763 1996 [ c32ab8fa018ef34c0f113bd501436d21 ] SENS C:\Windows\system32\sens.dll12:47:21.0763 1996 SENS - ok12:47:21.0779 1996 [ 0336cffafaab87a11541f1cf1594b2b2 ] SensrSvc C:\Windows\system32\sensrsvc.dll12:47:21.0779 1996 SensrSvc - ok12:47:21.0794 1996 [ cb624c0035412af0debec78c41f5ca1b ] Serenum C:\Windows\system32\drivers\serenum.sys12:47:21.0794 1996 Serenum - ok12:47:21.0810 1996 [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial C:\Windows\system32\drivers\serial.sys12:47:21.0810 1996 Serial - ok12:47:21.0841 1996 [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse C:\Windows\system32\drivers\sermouse.sys12:47:21.0841 1996 sermouse - ok12:47:21.0872 1996 [ 0b6231bf38174a1628c4ac812cc75804 ] SessionEnv C:\Windows\system32\sessenv.dll12:47:21.0888 1996 SessionEnv - ok12:47:21.0903 1996 [ a554811bcd09279536440c964ae35bbf ] sffdisk C:\Windows\system32\drivers\sffdisk.sys12:47:21.0903 1996 sffdisk - ok12:47:21.0919 1996 [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys12:47:21.0919 1996 sffp_mmc - ok12:47:21.0935 1996 [ dd85b78243a19b59f0637dcf284da63c ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys12:47:21.0935 1996 sffp_sd - ok12:47:21.0950 1996 [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys12:47:21.0950 1996 sfloppy - ok12:47:22.0013 1996 [ c6cc9297bd53e5229653303e556aa539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys12:47:22.0028 1996 Sftfs - ok12:47:22.0075 1996 [ 13693b6354dd6e72dc5131da7d764b90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe12:47:22.0091 1996 sftlist - ok12:47:22.0122 1996 [ 390aa7bc52cee43f6790cdea1e776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys12:47:22.0122 1996 Sftplay - ok12:47:22.0153 1996 [ 617e29a0b0a2807466560d4c4e338d3e ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys12:47:22.0153 1996 Sftredir - ok12:47:22.0169 1996 [ 8f571f016fa1976f445147e9e6c8ae9b ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys12:47:22.0169 1996 Sftvol - ok12:47:22.0184 1996 [ c3cddd18f43d44ab713cf8c4916f7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe12:47:22.0200 1996 sftvsa - ok12:47:22.0215 1996 [ b95f6501a2f8b2e78c697fec401970ce ] SharedAccess C:\Windows\System32\ipnathlp.dll12:47:22.0231 1996 SharedAccess - ok12:47:22.0262 1996 [ aaf932b4011d14052955d4b212a4da8d ] ShellHWDetection C:\Windows\System32\shsvcs.dll12:47:22.0262 1996 ShellHWDetection - ok12:47:22.0278 1996 [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys12:47:22.0278 1996 SiSRaid2 - ok12:47:22.0293 1996 [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys12:47:22.0293 1996 SiSRaid4 - ok12:47:22.0293 1996 [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb C:\Windows\system32\DRIVERS\smb.sys12:47:22.0309 1996 Smb - ok12:47:22.0356 1996 [ 27f71f20e87fbf177c82ae924f9317f7 ] SMR250 C:\Windows\system32\drivers\SMR250.SYS12:47:22.0356 1996 SMR250 - ok12:47:22.0371 1996 [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP C:\Windows\System32\snmptrap.exe12:47:22.0371 1996 SNMPTRAP - ok12:47:22.0403 1996 [ b9e31e5cacdfe584f34f730a677803f9 ] spldr C:\Windows\system32\drivers\spldr.sys12:47:22.0403 1996 spldr - ok12:47:22.0449 1996 [ 85daa09a98c9286d4ea2ba8d0e644377 ] Spooler C:\Windows\System32\spoolsv.exe12:47:22.0449 1996 Spooler - ok12:47:22.0512 1996 [ e17e0188bb90fae42d83e98707efa59c ] sppsvc C:\Windows\system32\sppsvc.exe12:47:22.0559 1996 sppsvc - ok12:47:22.0574 1996 [ 93d7d61317f3d4bc4f4e9f8a96a7de45 ] sppuinotify C:\Windows\system32\sppuinotify.dll12:47:22.0574 1996 sppuinotify - ok12:47:22.0637 1996 [ 891793e00432fa055cf040605c260e49 ] SRTSP C:\Windows\System32\Drivers\N360x64\0603000.00E\SRTSP64.SYS12:47:22.0652 1996 SRTSP - ok12:47:22.0683 1996 [ 1cb7bb3b0561fb5ecfe37f7731e8bf3e ] SRTSPX C:\Windows\system32\drivers\N360x64\0603000.00E\SRTSPX64.SYS12:47:22.0683 1996 SRTSPX - ok12:47:22.0730 1996 [ 441fba48bff01fdb9d5969ebc1838f0b ] srv C:\Windows\system32\DRIVERS\srv.sys12:47:22.0746 1996 srv - ok12:47:22.0761 1996 [ b4adebbf5e3677cce9651e0f01f7cc28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys12:47:22.0777 1996 srv2 - ok12:47:22.0777 1996 [ 27e461f0be5bff5fc737328f749538c3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys12:47:22.0793 1996 srvnet - ok12:47:22.0793 1996 [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll12:47:22.0808 1996 SSDPSRV - ok12:47:22.0808 1996 [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc C:\Windows\system32\sstpsvc.dll12:47:22.0824 1996 SstpSvc - ok12:47:22.0871 1996 [ e942412186178b1331f8335e30fa076f ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe12:47:22.0871 1996 STacSV - ok12:47:22.0902 1996 [ f3817967ed533d08327dc73bc4d5542a ] stexstor C:\Windows\system32\drivers\stexstor.sys12:47:22.0902 1996 stexstor - ok12:47:22.0949 1996 [ dcc8845692dea3477bcf6ce9d06c711f ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys12:47:22.0964 1996 STHDA - ok12:47:22.0995 1996 [ 8dd52e8e6128f4b2da92ce27402871c1 ] stisvc C:\Windows\System32\wiaservc.dll12:47:23.0011 1996 stisvc - ok12:47:23.0011 1996 [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum C:\Windows\system32\drivers\swenum.sys12:47:23.0027 1996 swenum - ok12:47:23.0089 1996 [ f577910a133a592234ebaad3f3afa258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe12:47:23.0120 1996 SwitchBoard - ok12:47:23.0151 1996 [ e08e46fdd841b7184194011ca1955a0b ] swprv C:\Windows\System32\swprv.dll12:47:23.0167 1996 swprv - ok12:47:23.0229 1996 [ 8b2430762099598da40686f754632efd ] SymDS C:\Windows\system32\drivers\N360x64\0603000.00E\SYMDS64.SYS12:47:23.0229 1996 SymDS - ok12:47:23.0292 1996 [ 5cb7f2fd7e30a0f52f93574bfc3a8041 ] SymEFA C:\Windows\system32\drivers\N360x64\0603000.00E\SYMEFA64.SYS12:47:23.0307 1996 SymEFA - ok12:47:23.0354 1996 [ 898bb48c797483420df523b2bbc1ecdb ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS12:47:23.0370 1996 SymEvent - ok12:47:23.0401 1996 [ b681d1b0f9596684225dcc9b94c6bacf ] SymIM C:\Windows\system32\DRIVERS\SymIMv.sys12:47:23.0401 1996 SymIM - ok12:47:23.0432 1996 [ 5013a76caaa1d7cf1c55214b490b4e35 ] SymIRON C:\Windows\system32\drivers\N360x64\0603000.00E\Ironx64.SYS12:47:23.0448 1996 SymIRON - ok12:47:23.0479 1996 [ 3911bd0e68c010e5438a87706abbe9ab ] SymNetS C:\Windows\System32\Drivers\N360x64\0603000.00E\SYMNETS.SYS12:47:23.0479 1996 SymNetS - ok12:47:23.0541 1996 [ bf9ccc0bf39b418c8d0ae8b05cf95b7d ] SysMain C:\Windows\system32\sysmain.dll12:47:23.0588 1996 SysMain - ok12:47:23.0588 1996 [ e3c61fd7b7c2557e1f1b0b4cec713585 ] TabletInputService C:\Windows\System32\TabSvc.dll12:47:23.0604 1996 TabletInputService - ok12:47:23.0635 1996 [ 40f0849f65d13ee87b9a9ae3c1dd6823 ] TapiSrv C:\Windows\System32\tapisrv.dll12:47:23.0635 1996 TapiSrv - ok12:47:23.0651 1996 [ 1be03ac720f4d302ea01d40f588162f6 ] TBS C:\Windows\System32\tbssvc.dll12:47:23.0651 1996 TBS - ok12:47:23.0729 1996 [ acb82bda8f46c84f465c1afa517dc4b9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys12:47:23.0775 1996 Tcpip - ok12:47:23.0807 1996 [ acb82bda8f46c84f465c1afa517dc4b9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys12:47:23.0822 1996 TCPIP6 - ok12:47:23.0853 1996 [ df687e3d8836bfb04fcc0615bf15a519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys12:47:23.0853 1996 tcpipreg - ok12:47:23.0853 1996 [ 3371d21011695b16333a3934340c4e7c ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys12:47:23.0869 1996 TDPIPE - ok12:47:23.0916 1996 [ 51c5eceb1cdee2468a1748be550cfbc8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys12:47:23.0947 1996 TDTCP - ok12:47:23.0963 1996 [ ddad5a7ab24d8b65f8d724f5c20fd806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys12:47:23.0978 1996 tdx - ok12:47:24.0009 1996 [ 561e7e1f06895d78de991e01dd0fb6e5 ] TermDD C:\Windows\system32\drivers\termdd.sys12:47:24.0009 1996 TermDD - ok12:47:24.0041 1996 [ 2e648163254233755035b46dd7b89123 ] TermService C:\Windows\System32\termsrv.dll12:47:24.0056 1996 TermService - ok12:47:24.0072 1996 TfFsMon - ok12:47:24.0072 1996 TfNetMon - ok12:47:24.0072 1996 TfSysMon - ok12:47:24.0087 1996 [ f0344071948d1a1fa732231785a0664c ] Themes C:\Windows\system32\themeservice.dll12:47:24.0087 1996 Themes - ok12:47:24.0134 1996 [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER C:\Windows\system32\mmcss.dll12:47:24.0134 1996 THREADORDER - ok12:47:24.0150 1996 [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks C:\Windows\System32\trkwks.dll12:47:24.0150 1996 TrkWks - ok12:47:24.0212 1996 [ 773212b2aaa24c1e31f10246b15b276c ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe12:47:24.0212 1996 TrustedInstaller - ok12:47:24.0243 1996 [ ce18b2cdfc837c99e5fae9ca6cba5d30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys12:47:24.0243 1996 tssecsrv - ok12:47:24.0259 1996 [ d11c783e3ef9a3c52c0ebe83cc5000e9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys12:47:24.0275 1996 TsUsbFlt - ok12:47:24.0290 1996 [ 9cc2ccae8a84820eaecb886d477cbcb8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys12:47:24.0290 1996 TsUsbGD - ok12:47:24.0306 1996 [ 3566a8daafa27af944f5d705eaa64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys12:47:24.0321 1996 tunnel - ok12:47:24.0353 1996 [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys12:47:24.0353 1996 uagp35 - ok12:47:24.0399 1996 [ ff4232a1a64012baa1fd97c7b67df593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys12:47:24.0399 1996 udfs - ok12:47:24.0431 1996 [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect C:\Windows\system32\UI0Detect.exe12:47:24.0446 1996 UI0Detect - ok12:47:24.0462 1996 [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys12:47:24.0462 1996 uliagpkx - ok12:47:24.0477 1996 [ dc54a574663a895c8763af0fa1ff7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys12:47:24.0477 1996 umbus - ok12:47:24.0509 1996 [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass C:\Windows\system32\drivers\umpass.sys12:47:24.0509 1996 UmPass - ok12:47:24.0555 1996 [ d47ec6a8e81633dd18d2436b19baf6de ] upnphost C:\Windows\System32\upnphost.dll12:47:24.0571 1996 upnphost - ok12:47:24.0618 1996 [ 82e8f44688e6fac57b5b7c6fc7adbc2a ] usbaudio C:\Windows\system32\drivers\usbaudio.sys12:47:24.0618 1996 usbaudio - ok12:47:24.0633 1996 [ 6f1a3157a1c89435352ceb543cdb359c ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys12:47:24.0633 1996 usbccgp - ok12:47:24.0665 1996 [ af0892a803fdda7492f595368e3b68e7 ] usbcir C:\Windows\system32\drivers\usbcir.sys12:47:24.0665 1996 usbcir - ok12:47:24.0680 1996 [ c025055fe7b87701eb042095df1a2d7b ] usbehci C:\Windows\system32\drivers\usbehci.sys12:47:24.0680 1996 usbehci - ok12:47:24.0696 1996 [ 573d192e268f0c5b486b7e96f661e538 ] usbfilter C:\Windows\system32\drivers\usbfilter.sys12:47:24.0696 1996 usbfilter - ok12:47:24.0711 1996 [ 287c6c9410b111b68b52ca298f7b8c24 ] usbhub C:\Windows\system32\drivers\usbhub.sys12:47:24.0711 1996 usbhub - ok12:47:24.0711 1996 [ 9840fc418b4cbd632d3d0a667a725c31 ] usbohci C:\Windows\system32\drivers\usbohci.sys12:47:24.0727 1996 usbohci - ok12:47:24.0743 1996 [ 73188f58fb384e75c4063d29413cee3d ] usbprint C:\Windows\system32\drivers\usbprint.sys12:47:24.0743 1996 usbprint - ok12:47:24.0758 1996 [ fed648b01349a3c8395a5169db5fb7d6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS12:47:24.0758 1996 USBSTOR - ok12:47:24.0774 1996 [ 62069a34518bcf9c1fd9e74b3f6db7cd ] usbuhci C:\Windows\system32\drivers\usbuhci.sys12:47:24.0774 1996 usbuhci - ok12:47:24.0789 1996 [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms C:\Windows\System32\uxsms.dll12:47:24.0789 1996 UxSms - ok12:47:24.0805 1996 [ c118a82cd78818c29ab228366ebf81c3 ] VaultSvc C:\Windows\system32\lsass.exe12:47:24.0805 1996 VaultSvc - ok12:47:24.0821 1996 [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys12:47:24.0821 1996 vdrvroot - ok12:47:24.0852 1996 [ 8d6b481601d01a456e75c3210f1830be ] vds C:\Windows\System32\vds.exe12:47:24.0883 1996 vds - ok12:47:24.0899 1996 [ da4da3f5e02943c2dc8c6ed875de68dd ] vga C:\Windows\system32\DRIVERS\vgapnp.sys12:47:24.0914 1996 vga - ok12:47:24.0945 1996 [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave C:\Windows\System32\drivers\vga.sys12:47:24.0945 1996 VgaSave - ok12:47:24.0961 1996 [ 2ce2df28c83aeaf30084e1b1eb253cbb ] vhdmp C:\Windows\system32\drivers\vhdmp.sys12:47:24.0961 1996 vhdmp - ok12:47:24.0977 1996 [ e5689d93ffe4e5d66c0178761240dd54 ] viaide C:\Windows\system32\drivers\viaide.sys12:47:24.0977 1996 viaide - ok12:47:24.0992 1996 [ d2aafd421940f640b407aefaaebd91b0 ] volmgr C:\Windows\system32\drivers\volmgr.sys12:47:24.0992 1996 volmgr - ok12:47:25.0008 1996 [ a255814907c89be58b79ef2f189b843b ] volmgrx C:\Windows\system32\drivers\volmgrx.sys12:47:25.0008 1996 volmgrx - ok12:47:25.0023 1996 [ df8126bd41180351a093a3ad2fc8903b ] volsnap C:\Windows\system32\drivers\volsnap.sys12:47:25.0023 1996 volsnap - ok12:47:25.0055 1996 [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys12:47:25.0055 1996 vsmraid - ok12:47:25.0086 1996 [ b60ba0bc31b0cb414593e169f6f21cc2 ] VSS C:\Windows\system32\vssvc.exe12:47:25.0117 1996 VSS - ok12:47:25.0133 1996 [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys12:47:25.0133 1996 vwifibus - ok12:47:25.0148 1996 [ 6a3d66263414ff0d6fa754c646612f3f ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys12:47:25.0148 1996 vwififlt - ok12:47:25.0179 1996 [ 1c9d80cc3849b3788048078c26486e1a ] W32Time C:\Windows\system32\w32time.dll12:47:25.0179 1996 W32Time - ok12:47:25.0195 1996 [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen C:\Windows\system32\drivers\wacompen.sys12:47:25.0195 1996 WacomPen - ok12:47:25.0211 1996 [ 356afd78a6ed4457169241ac3965230c ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys12:47:25.0226 1996 WANARP - ok12:47:25.0226 1996 [ 356afd78a6ed4457169241ac3965230c ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys12:47:25.0226 1996 Wanarpv6 - ok12:47:25.0257 1996 [ 3cec96de223e49eaae3651fcf8faea6c ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe12:47:25.0289 1996 WatAdminSvc - ok12:47:25.0351 1996 [ 78f4e7f5c56cb9716238eb57da4b6a75 ] wbengine C:\Windows\system32\wbengine.exe12:47:25.0382 1996 wbengine - ok12:47:25.0398 1996 [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll12:47:25.0398 1996 WbioSrvc - ok12:47:25.0413 1996 [ 7368a2afd46e5a4481d1de9d14848edd ] wcncsvc C:\Windows\System32\wcncsvc.dll12:47:25.0413 1996 wcncsvc - ok12:47:25.0429 1996 [ 20f7441334b18cee52027661df4a6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll12:47:25.0429 1996 WcsPlugInService - ok12:47:25.0445 1996 [ 72889e16ff12ba0f235467d6091b17dc ] Wd C:\Windows\system32\drivers\wd.sys12:47:25.0445 1996 Wd - ok12:47:25.0476 1996 [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys12:47:25.0491 1996 Wdf01000 - ok12:47:25.0491 1996 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost C:\Windows\system32\wdi.dll12:47:25.0507 1996 WdiServiceHost - ok12:47:25.0507 1996 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost C:\Windows\system32\wdi.dll12:47:25.0507 1996 WdiSystemHost - ok12:47:25.0523 1996 [ 3db6d04e1c64272f8b14eb8bc4616280 ] WebClient C:\Windows\System32\webclnt.dll12:47:25.0538 1996 WebClient - ok12:47:25.0554 1996 [ c749025a679c5103e575e3b48e092c43 ] Wecsvc C:\Windows\system32\wecsvc.dll12:47:25.0554 1996 Wecsvc - ok12:47:25.0569 1996 [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport C:\Windows\System32\wercplsupport.dll12:47:25.0569 1996 wercplsupport - ok12:47:25.0585 1996 [ 6d137963730144698cbd10f202e9f251 ] WerSvc C:\Windows\System32\WerSvc.dll12:47:25.0601 1996 WerSvc - ok12:47:25.0601 1996 [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys12:47:25.0601 1996 WfpLwf - ok12:47:25.0616 1996 [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount C:\Windows\system32\drivers\wimmount.sys12:47:25.0616 1996 WIMMount - ok12:47:25.0647 1996 WinDefend - ok12:47:25.0647 1996 WinHttpAutoProxySvc - ok12:47:25.0694 1996 [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll12:47:25.0694 1996 Winmgmt - ok12:47:25.0757 1996 [ bcb1310604aa415c4508708975b3931e ] WinRM C:\Windows\system32\WsmSvc.dll12:47:25.0803 1996 WinRM - ok12:47:25.0850 1996 [ fe88b288356e7b47b74b13372add906d ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys12:47:25.0866 1996 WinUsb - ok12:47:25.0913 1996 [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc C:\Windows\System32\wlansvc.dll12:47:25.0928 1996 Wlansvc - ok12:47:25.0959 1996 [ 06c8fa1cf39de6a735b54d906ba791c6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe12:47:25.0975 1996 wlcrasvc - ok12:47:26.0053 1996 [ 7e47c328fc4768cb8beafbcfafa70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE12:47:26.0084 1996 wlidsvc - ok12:47:26.0100 1996 [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys12:47:26.0100 1996 WmiAcpi - ok12:47:26.0115 1996 [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe12:47:26.0115 1996 wmiApSrv - ok12:47:26.0131 1996 WMPNetworkSvc - ok12:47:26.0147 1996 [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc C:\Windows\System32\wpcsvc.dll12:47:26.0147 1996 WPCSvc - ok12:47:26.0147 1996 [ 93221146d4ebbf314c29b23cd6cc391d ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll12:47:26.0162 1996 WPDBusEnum - ok12:47:26.0178 1996 [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys12:47:26.0178 1996 ws2ifsl - ok12:47:26.0193 1996 [ e8b1fe6669397d1772d8196df0e57a9e ] wscsvc C:\Windows\system32\wscsvc.dll12:47:26.0193 1996 wscsvc - ok12:47:26.0193 1996 WSearch - ok12:47:26.0318 1996 [ d9ef901dca379cfe914e9fa13b73b4c4 ] wuauserv C:\Windows\system32\wuaueng.dll12:47:26.0381 1996 wuauserv - ok12:47:26.0396 1996 [ d3381dc54c34d79b22cee0d65ba91b7c ] WudfPf C:\Windows\system32\drivers\WudfPf.sys12:47:26.0396 1996 WudfPf - ok12:47:26.0412 1996 [ cf8d590be3373029d57af80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys12:47:26.0412 1996 WUDFRd - ok12:47:26.0427 1996 [ 7a95c95b6c4cf292d689106bcae49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll12:47:26.0427 1996 wudfsvc - ok12:47:26.0443 1996 [ 9a3452b3c2a46c073166c5cf49fad1ae ] WwanSvc C:\Windows\System32\wwansvc.dll12:47:26.0443 1996 WwanSvc - ok12:47:26.0459 1996 ================ Scan global ===============================12:47:26.0490 1996 (ba0cd8c393e8c9f83354106093832c7b) C:\Windows\system32\basesrv.dll12:47:26.0521 1996 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll12:47:26.0537 1996 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll12:47:26.0568 1996 (d6160f9d869ba3af0b787f971db56368) C:\Windows\system32\sxssrv.dll12:47:26.0583 1996 (24acb7e5be595468e3b9aa488b9b4fcb) C:\Windows\system32\services.exe12:47:26.0583 1996 [Global] - ok12:47:26.0583 1996 ================ Scan MBR ==================================12:47:26.0599 1996 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR012:47:26.0817 1996 \Device\Harddisk0\DR0 - ok12:47:26.0833 1996 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR112:47:27.0114 1996 \Device\Harddisk1\DR1 - ok12:47:27.0145 1996 MBR (0x1B8) (35c6b2fcde68facbefe0a4a7200bae58) \Device\Harddisk2\DR212:47:29.0891 1996 \Device\Harddisk2\DR2 - ok12:47:29.0891 1996 ================ Scan VBR ==================================12:47:29.0906 1996 Boot (0x1200) (dc2a5801ec19a32d87f93356204571f4) \Device\Harddisk0\DR0\Partition112:47:29.0906 1996 \Device\Harddisk0\DR0\Partition1 - ok12:47:29.0922 1996 Boot (0x1200) (dc81d3fb15c5e7647a1b6a84e37e6df1) \Device\Harddisk0\DR0\Partition212:47:29.0922 1996 \Device\Harddisk0\DR0\Partition2 - ok12:47:29.0938 1996 Boot (0x1200) (b538db8685a993b2d4cc87a4240f98b3) \Device\Harddisk0\DR0\Partition312:47:29.0938 1996 \Device\Harddisk0\DR0\Partition3 - ok12:47:29.0953 1996 Boot (0x1200) (1beb894840559e6edb0c90bcceee81b4) \Device\Harddisk1\DR1\Partition112:47:29.0953 1996 \Device\Harddisk1\DR1\Partition1 - ok12:47:29.0969 1996 Boot (0x1200) (fe741b5a828f8aebbf6644082d236a1d) \Device\Harddisk1\DR1\Partition212:47:29.0969 1996 \Device\Harddisk1\DR1\Partition2 - ok12:47:29.0969 1996 Boot (0x1200) (6d34cba5c2cc57d1d9e9a0e917cee09a) \Device\Harddisk2\DR2\Partition112:47:29.0984 1996 \Device\Harddisk2\DR2\Partition1 - ok12:47:29.0984 1996 Boot (0x1200) (1bf0b79cb81530aafb0a92d290a810fa) \Device\Harddisk2\DR2\Partition212:47:29.0984 1996 \Device\Harddisk2\DR2\Partition2 - ok12:47:30.0000 1996 Boot (0x1200) (fd7ba07e7a81e9ba2d18dee139775197) \Device\Harddisk2\DR2\Partition312:47:30.0000 1996 \Device\Harddisk2\DR2\Partition3 - ok12:47:30.0031 1996 Boot (0x1200) (29d6d75c0eec577d96b3852d6d441eaf) \Device\Harddisk2\DR2\Partition412:47:30.0031 1996 \Device\Harddisk2\DR2\Partition4 - ok12:47:30.0047 1996 Boot (0x1200) (49ef9a9e8bbcb031d037088379b4063d) \Device\Harddisk2\DR2\Partition512:47:30.0047 1996 \Device\Harddisk2\DR2\Partition5 - ok12:47:30.0047 1996 Boot (0x1200) (4cd4546dafbf9f3f4c62514a1ccc289d) \Device\Harddisk2\DR2\Partition612:47:30.0062 1996 \Device\Harddisk2\DR2\Partition6 - ok12:47:30.0078 1996 Boot (0x1200) (851d73b5ea89277970157c4dc039d680) \Device\Harddisk2\DR2\Partition712:47:30.0078 1996 \Device\Harddisk2\DR2\Partition7 - ok12:47:30.0094 1996 Boot (0x1200) (6a173d55e339749c3a52d19606a9d896) \Device\Harddisk2\DR2\Partition812:47:30.0094 1996 \Device\Harddisk2\DR2\Partition8 - ok12:47:30.0094 1996 ============================================================12:47:30.0094 1996 Scan finished12:47:30.0094 1996 ============================================================12:47:30.0109 3148 Detected object count: 012:47:30.0109 3148 Actual detected object count: 012:47:44.0227 4144 Deinitialize success# AdwCleaner v1.801 - Logfile created 08/15/2012 at 16:06:35# Updated 14/08/2012 by Xplode# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)# User : Scorpion Systems - SCORPIONSYSTEMS# Boot Mode : Normal# Running from : C:\Users\Scorpion Systems\Downloads\adwcleaner.exe# Option [search]***** [services] ********** [Files / Folders] *****Folder Found : C:\ProgramData\InstallMateFolder Found : C:\ProgramData\PremiumFile Found : C:\Users\Scorpion Systems\AppData\Roaming\Mozilla\Firefox\Profiles\f1yk6sz4.default\searchplugins\Conduit.xml***** [Registry] ********** [Registre - GUID] *****Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}[x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}[x64] Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}***** [internet Browsers] *****-\\ Internet Explorer v9.0.8112.16421[OK] Registry is clean.-\\ Mozilla Firefox v14.0.1 (en-US)Profile name : defaultFile : C:\Users\Scorpion Systems\AppData\Roaming\Mozilla\Firefox\Profiles\f1yk6sz4.default\prefs.jsFound : user_pref("CT2117678..clientLogIsEnabled", true);Found : user_pref("CT2117678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]Found : user_pref("CT2117678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]Found : user_pref("CT2117678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");Found : user_pref("CT2117678.CurrentServerDate", "15-12-2010");Found : user_pref("CT2117678.DialogsAlignMode", "LTR");Found : user_pref("CT2117678.DownloadReferralCookieData", "");Found : user_pref("CT2117678.EMailNotifierPollDate", "Wed Dec 15 2010 01:58:28 GMT-0500 (Eastern Standard Ti[...]Found : user_pref("CT2117678.FirstServerDate", "15-12-2010");Found : user_pref("CT2117678.FirstTimeFF3", true);Found : user_pref("CT2117678.GroupingServerCheckInterval", 1440);Found : user_pref("CT2117678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");Found : user_pref("CT2117678.InstallationAndCookieDataSentCount", 1);Found : user_pref("CT2117678.InstalledDate", "Wed Dec 15 2010 01:58:29 GMT-0500 (Eastern Standard Time)");Found : user_pref("CT2117678.InvalidateCache", false);Found : user_pref("CT2117678.IsGrouping", false);Found : user_pref("CT2117678.IsOpenThankYouPage", true);Found : user_pref("CT2117678.IsOpenUninstallPage", true);Found : user_pref("CT2117678.LanguagePackLastCheckTime", "Wed Dec 15 2010 01:58:29 GMT-0500 (Eastern Standar[...]Found : user_pref("CT2117678.LanguagePackReloadIntervalMM", 1440);Found : user_pref("CT2117678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]Found : user_pref("CT2117678.LastLogin_3.2.3.3", "Wed Dec 15 2010 01:58:28 GMT-0500 (Eastern Standard Time)"[...]Found : user_pref("CT2117678.LatestVersion", "2.7.2.0");Found : user_pref("CT2117678.Locale", "en-us");Found : user_pref("CT2117678.MCDetectTooltipHeight", "83");Found : user_pref("CT2117678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");Found : user_pref("CT2117678.MCDetectTooltipWidth", "295");Found : user_pref("CT2117678.RadioIsPodcast", false);Found : user_pref("CT2117678.RadioLastCheckTime", "Wed Dec 15 2010 01:58:28 GMT-0500 (Eastern Standard Time)[...]Found : user_pref("CT2117678.RadioLastUpdateIPServer", "3");Found : user_pref("CT2117678.RadioLastUpdateServer", "128929877726170000");Found : user_pref("CT2117678.RadioMediaID", "9583498");Found : user_pref("CT2117678.RadioMediaType", "Media Player");Found : user_pref("CT2117678.RadioMenuSelectedID", "EBRadioMenu_CT21176789583498");Found : user_pref("CT2117678.RadioStationName", "ABC%20Newsradio%20");Found : user_pref("CT2117678.RadioStationURL", "hxxp://www.abc.net.au/streaming/newsradio.asx");Found : user_pref("CT2117678.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]Found : user_pref("CT2117678.SearchFromAddressBarIsInit", true);Found : user_pref("CT2117678.SearchInNewTabEnabled", true);Found : user_pref("CT2117678.SearchInNewTabIntervalMM", 1440);Found : user_pref("CT2117678.SearchInNewTabLastCheckTime", "Wed Dec 15 2010 01:58:29 GMT-0500 (Eastern Stand[...]Found : user_pref("CT2117678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]Found : user_pref("CT2117678.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]Found : user_pref("CT2117678.ServiceMapLastCheckTime", "Wed Dec 15 2010 01:58:28 GMT-0500 (Eastern Standard [...]Found : user_pref("CT2117678.SettingsLastCheckTime", "Wed Dec 15 2010 01:58:28 GMT-0500 (Eastern Standard Ti[...]Found : user_pref("CT2117678.SettingsLastUpdate", "1286206526");Found : user_pref("CT2117678.ThirdPartyComponentsInterval", 504);Found : user_pref("CT2117678.ThirdPartyComponentsLastCheck", "Wed Dec 15 2010 01:58:28 GMT-0500 (Eastern Sta[...]Found : user_pref("CT2117678.ThirdPartyComponentsLastUpdate", "1246790578");Found : user_pref("CT2117678.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]Found : user_pref("CT2117678.Uninstall", true);Found : user_pref("CT2117678.UserID", "UN22759566286750954");Found : user_pref("CT2117678.WeatherNetwork", "");Found : user_pref("CT2117678.WeatherPollDate", "Wed Dec 15 2010 01:58:28 GMT-0500 (Eastern Standard Time)");Found : user_pref("CT2117678.WeatherUnit", "C");Found : user_pref("CT2117678.alertChannelId", "522511");Found : user_pref("CT2117678.myStuffEnabled", true);Found : user_pref("CT2117678.myStuffPublihserMinWidth", 400);Found : user_pref("CT2117678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]Found : user_pref("CT2117678.myStuffServiceIntervalMM", 1440);Found : user_pref("CT2117678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]Found : user_pref("CT2117678.toolbarAppMetaDataLastCheckTime", "Wed Dec 15 2010 01:58:28 GMT-0500 (Eastern S[...]Found : user_pref("CT2117678.toolbarContextMenuLastCheckTime", "Wed Dec 15 2010 01:58:29 GMT-0500 (Eastern S[...]Found : user_pref("CT2464976.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");Found : user_pref("CT2464976.CTID", "CT2464976");Found : user_pref("CT2464976.CommunitiesChangesLastCheckTime", "0");Found : user_pref("CT2464976.CurrentServerDate", "26-8-2010");Found : user_pref("CT2464976.DialogsAlignMode", "LTR");Found : user_pref("CT2464976.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"Bann[...]Found : user_pref("CT2464976.FirstServerDate", "12-6-2010");Found : user_pref("CT2464976.FirstTime", true);Found : user_pref("CT2464976.FirstTimeFF3", true);Found : user_pref("CT2464976.FirstTimeSettingsDone", true);Found : user_pref("CT2464976.FixPageNotFoundErrors", true);Found : user_pref("CT2464976.GroupingInvalidateCache", false);Found : user_pref("CT2464976.GroupingLastCheckTime", "0");Found : user_pref("CT2464976.GroupingLastServerUpdateTime", "0");Found : user_pref("CT2464976.GroupingServerCheckInterval", 1440);Found : user_pref("CT2464976.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");Found : user_pref("CT2464976.Initialize", true);Found : user_pref("CT2464976.InitializeCommonPrefs", true);Found : user_pref("CT2464976.InstallationAndCookieDataSentCount", 3);Found : user_pref("CT2464976.InstalledDate", "Wed Jun 09 2010 23:30:04 GMT-0400 (Eastern Daylight Time)");Found : user_pref("CT2464976.InvalidateCache", false);Found : user_pref("CT2464976.IsGrouping", false);Found : user_pref("CT2464976.IsMulticommunity", false);Found : user_pref("CT2464976.IsOpenThankYouPage", true);Found : user_pref("CT2464976.IsOpenUninstallPage", true);Found : user_pref("CT2464976.LanguagePackLastCheckTime", "Wed Aug 25 2010 12:25:54 GMT-0400 (Eastern Dayligh[...]Found : user_pref("CT2464976.LanguagePackReloadIntervalMM", 1440);Found : user_pref("CT2464976.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]Found : user_pref("CT2464976.LastLogin_2.7.1.3", "Sun Aug 22 2010 01:05:22 GMT-0400 (Eastern Daylight Time)"[...]Found : user_pref("CT2464976.LastLogin_2.7.2.0", "Thu Aug 26 2010 14:30:15 GMT-0400 (Eastern Daylight Time)"[...]Found : user_pref("CT2464976.LatestVersion", "2.7.2.0");Found : user_pref("CT2464976.Locale", "en");Found : user_pref("CT2464976.LoginCache", 4);Found : user_pref("CT2464976.MCDetectTooltipHeight", "83");Found : user_pref("CT2464976.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");Found : user_pref("CT2464976.MCDetectTooltipWidth", "295");Found : user_pref("CT2464976.RadioLastCheckTime", "0");Found : user_pref("CT2464976.RadioLastUpdateIPServer", "0");Found : user_pref("CT2464976.RadioLastUpdateServer", "0");Found : user_pref("CT2464976.SHRINK_TOOLBAR", 1);Found : user_pref("CT2464976.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]Found : user_pref("CT2464976.SearchFromAddressBarIsInit", true);Found : user_pref("CT2464976.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT246[...]Found : user_pref("CT2464976.SearchInNewTabEnabled", true);Found : user_pref("CT2464976.SearchInNewTabIntervalMM", 1440);Found : user_pref("CT2464976.SearchInNewTabLastCheckTime", "Thu Aug 26 2010 14:10:04 GMT-0400 (Eastern Dayli[...]Found : user_pref("CT2464976.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]Found : user_pref("CT2464976.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]Found : user_pref("CT2464976.SettingsCheckIntervalMin", 120);Found : user_pref("CT2464976.SettingsLastCheckTime", "Thu Aug 26 2010 08:59:52 GMT-0400 (Eastern Daylight Ti[...]Found : user_pref("CT2464976.SettingsLastUpdate", "1282768339");Found : user_pref("CT2464976.ThirdPartyComponentsInterval", 504);Found : user_pref("CT2464976.ThirdPartyComponentsLastCheck", "Sun Aug 22 2010 02:29:19 GMT-0400 (Eastern Day[...]Found : user_pref("CT2464976.ThirdPartyComponentsLastUpdate", "1277319592");Found : user_pref("CT2464976.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]Found : user_pref("CT2464976.Uninstall", true);Found : user_pref("CT2464976.UserID", "UN75056686929088187");Found : user_pref("CT2464976.ValidationData_Search", 0);Found : user_pref("CT2464976.ValidationData_Toolbar", 2);Found : user_pref("CT2464976.alertChannelId", "858611");Found : user_pref("CT2464976.clientLogIsEnabled", false);Found : user_pref("CT2464976.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]Found : user_pref("CT2464976.myStuffEnabled", true);Found : user_pref("CT2464976.myStuffPublihserMinWidth", 400);Found : user_pref("CT2464976.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]Found : user_pref("CT2464976.myStuffServiceIntervalMM", 1440);Found : user_pref("CT2464976.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]Found : user_pref("CT2464976.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1178763/1174448/US", "\"0\"[...]Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/522511/518381/US", "\"0\"")[...]Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/US", "\"0\"")[...]Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2117678", [...]Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2786678", [...]Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63427934310393[...]Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=11/8/20[...]Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2786678&octid=[...]Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/?ctid=CT2786678&octid=CT[...]Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2117678/CT2117678[...]Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2786678/CT2786678[...]Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]Found : user_pref("CommunityToolbar.EngineOwner", "");Found : user_pref("CommunityToolbar.EngineOwnerGuid", "");Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "");Found : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);Found : user_pref("CommunityToolbar.OriginalEngineOwner", "");Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "");Found : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "");Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]Found : user_pref("CommunityToolbar.ToolbarsList", "CT2464976");Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2464976");Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Dec 15 2010 01:58:28 GMT-0500 (Easte[...]Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");Found : user_pref("CommunityToolbar.alert.locale", "en");Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Tue Dec 14 2010 15:18:46 GMT-0500 (Eastern S[...]Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291052234");Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);Found : user_pref("CommunityToolbar.alert.userId", "bbd42123-cd16-4567-97d6-79b2e0eb027e");Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Mon Dec 13 2010 15:18:51 GMT-0500 (Eas[...]*************************AdwCleaner[R1].txt - [16170 octets] - [15/08/2012 16:06:35]########## EOF - C:\AdwCleaner[R1].txt - [16299 octets] ########## Link to post Share on other sites More sharing options...
AndrewWChang Posted August 16, 2012 Author ID:585930 Share Posted August 16, 2012 Flight Canceled just me luck. Here are the other 2 logs. Thank you for your help. Things are still running the same some sites such as Facebook, Ebay, Amazon wont load on this pc but will on laptop same connectionC:\pdf\spynomore.exe Win32/Adware.SpyNoMore application cleaned by deleting - quarantinedC:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe Win32/SpeedUpMyPC application cleaned by deleting - quarantinedC:\Program Files (x86)\Uniblue\SpeedUpMyPC\spnotifier.exe Win32/SpeedUpMyPC application cleaned by deleting - quarantinedC:\Program Files (x86)\Uniblue\SpeedUpMyPC\sp_move_serial.exe Win32/SpeedUpMyPC application cleaned by deleting - quarantinedC:\Program Files (x86)\Uniblue\SpeedUpMyPC\sp_ubm.exe Win32/SpeedUpMyPC application cleaned by deleting - quarantinedC:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe Win32/SpeedUpMyPC application cleaned by deleting - quarantinedC:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\IdentitySafeDataStore\S-1-5-21-2338045119-2004918162-2729742732-1000\{c6079eb3-f550-4876-bc70-eb3ffba70cc3}.ico HTML/ScrInject.B.Gen virus unable to cleanC:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\IdentitySafeDataStore\S-1-5-21-2338045119-2004918162-2729742732-1000\{c6079eb3-f550-4876-bc70-eb3ffba70cc3}.ico HTML/ScrInject.B.Gen virus deleted (after the next restart) - quarantinedC:\Users\Scorpion Systems\Desktop\New Folder\Zip Files\idevaff_v4.0\affiliates\admin\templates\footer.php PHP/Obfuscated.F application cleaned by deleting - quarantinedC:\Users\Scorpion Systems\Documents\iwanttocoach\admin\calendar\desktop.ini Win32/VB.NEI worm cleaned by deleting - quarantinedC:\Users\Scorpion Systems\Downloads\FreeTwitTubeSetup.exe a variant of Win32/KBM.A application cleaned by deleting - quarantinedC:\Users\Scorpion Systems\Downloads\jZipV1c.exe multiple threats cleaned by deleting - quarantinedF:\pdf\spynomore.exe Win32/Adware.SpyNoMore application cleaned by deleting - quarantinedF:\Program Files (x86)\Club World Casinos\casino.dll a variant of Win32/CasOnline application cleaned by deleting - quarantinedF:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\IdentitySafeDataStore\S-1-5-21-2338045119-2004918162-2729742732-1000\{c6079eb3-f550-4876-bc70-eb3ffba70cc3}.ico HTML/ScrInject.B.Gen virus deleted - quarantinedF:\Users\All Users\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\IdentitySafeDataStore\S-1-5-21-2338045119-2004918162-2729742732-1000\{c6079eb3-f550-4876-bc70-eb3ffba70cc3}.ico HTML/ScrInject.B.Gen virus deleted (after the next restart) - quarantinedF:\Users\Andrew W Chang\AppData\Local\Google\Chrome\User Data\Default\old_Cache_000\f_0003d5 HTML/ScrInject.B.Gen virus deleted - quarantinedF:\Users\Andrew W Chang\Desktop\New Folder\Zip Files\idevaff_v4.0\affiliates\admin\templates\footer.php PHP/Obfuscated.F application cleaned by deleting - quarantinedF:\Users\Andrew W Chang\Documents\iwanttocoach\admin\calendar\desktop.ini Win32/VB.NEI worm cleaned by deleting - quarantinedF:\Users\Andrew W Chang\Downloads\jZipV1c.exe multiple threats cleaned by deleting - quarantinedO:\iwanttocoach\admin\calendar\desktop.ini Win32/VB.NEI worm cleaned by deleting - quarantinedO:\QQ\drive backup\Documents and Settings\Andrew W. Chang\Desktop\Zip Files\idevaff_v4.0\affiliates\admin\templates\footer.php PHP/Obfuscated.F application cleaned by deleting - quarantinedO:\QQ\source\jZipV1c.exe multiple threats cleaned by deleting - quarantinedP:\Program Files\AIM\Sysfiles\WxBug.EXE Win32/Adware.WBug.A application cleaned by deleting - quarantined Results of screen317's Security Check version 0.99.43 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Norton 360 WMI entry may not exist for antivirus; attempting automatic update.`````````Anti-malware/Other Utilities Check:````````` Spybot - Search & Destroy Malwarebytes Anti-Malware version 1.62.0.1300 Adobe Reader X (10.1.3) Mozilla Firefox (14.0.1)````````Process Check: objlist.exe by Laurent```````` Norton ccSvcHst.exe`````````````````System Health check````````````````` Total Fragmentation on Drive C: 2%````````````````````End of Log`````````````````````` Link to post Share on other sites More sharing options...
Staff screen317 Posted August 18, 2012 Staff ID:587048 Share Posted August 18, 2012 Please close all open programs and internet browsers.Double click on adwcleaner.exe to run the tool.Click on Delete.Confirm each time with OK.Your computer will be rebooted automatically. A text file will open after the restart.Please post the content of that logfile in your reply.You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order numberReboot.Click Start --> Run, and enter this command:cmd /c ipconfig /flushdnsPress Enter.When it finishes, reboot and see if the issue persists. Link to post Share on other sites More sharing options...
Staff screen317 Posted August 30, 2012 Staff ID:591511 Share Posted August 30, 2012 Are you still with us? This topic will be closed in a few days if we do not hear back from you. Link to post Share on other sites More sharing options...
Maurice Naggar Posted September 9, 2012 ID:595255 Share Posted September 9, 2012 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts