Infected! The specified device does not exist as an installed device.

[ubigred]

Hello all.

I am issues with my Toshiba laptop.

I have access to the internet and for the most part things seem, except for the network sharing capabilities can not be turned on. Furthermore, I am not able to enable Windows Firewall or Defender. I am running Vista.

I ran the Malware Removal program and below you will see the log.

Please help and advise. Thanks!

Malwarebytes Anti-Malware 1.62.0.1300

www.malwarebytes.org

Database version: v2012.08.18.01

Windows Vista Service Pack 1 x86 NTFS

Internet Explorer 8.0.6001.19088

Owner :: OWNER-PC [administrator]

8/18/2012 3:19:22 AM

mbam-log-2012-08-20 (13-55-19).txt

Scan type: Full scan (C:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 453503

Time elapsed: 2 hour(s), 46 minute(s), 21 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 1

HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command| (Hijack.StartMenuInternet) -> Bad: ("C:\Users\Owner\AppData\Local\ain.exe" -a "C:\Program Files\Internet Explorer\iexplore.exe") Good: (iexplore.exe) -> No action taken.

Folders Detected: 0

(No malicious items detected)

Files Detected: 6

C:\Users\Owner\AppData\Local\Temp\is1373634743\IWantThis_US.exe (Adware.GamePlayLabs) -> No action taken.

C:\Users\Owner\AppData\Local\Temp\wz38c6\Microsoft Office 2007 FULL + Keygen ( Vista comp.)\Office [Keygen].exe (RiskWare.Tool.CK) -> No action taken.

C:\Users\Owner\AppData\Local\Temp\wz3ab9\Microsoft Office 2007 FULL + Keygen ( Vista comp.)\Office [Keygen].exe (RiskWare.Tool.CK) -> No action taken.

C:\Users\Owner\AppData\Local\Temp\wz8540\Microsoft Office 2007 FULL + Keygen ( Vista comp.)\Office [Keygen].exe (RiskWare.Tool.CK) -> No action taken.

C:\Users\Owner\Documents\Vuze Downloads\Microsoft Office 2007 FULL + Keygen ( Vista comp.)\Microsoft Office 2007 FULL + Keygen ( Vista comp.)\Office [Keygen].exe (RiskWare.Tool.CK) -> No action taken.

C:\Users\Owner\Documents\Microsoft Office 2007 FULL + Keygen ( Vista comp.)\Office [Keygen].exe (RiskWare.Tool.CK) -> No action taken.

(end)

[ubigred]

Help would be much appreciated.

[ubigred]

dds.txt

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.19088 BrowserJavaVersion: 1.6.0_33

Run by Owner at 15:55:54 on 2012-08-20

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

C:\Windows\system32\SLsvc.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\Windows\system32\agrsmsvc.exe

C:\Program Files\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe

C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe

C:\Windows\system32\TODDSrv.exe

C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe

C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Program Files\CinemaNow\CinemaNow Media Manager\CNRpc.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe

C:\Program Files\Toshiba\Power Saver\TPwrMain.exe

C:\Program Files\Toshiba\SmoothView\SmoothView.exe

C:\Program Files\Toshiba\FlashCards\TCrdMain.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Toshiba\ConfigFree\NDSTray.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Toshiba\TOSHIBA Service Station\TSS.exe

C:\Program Files\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe

C:\Program Files\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\Windows\WindowsMobile\wmdc.exe

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe

C:\Windows\ehome\ehtray.exe

C:\Users\Owner\AppData\Local\Programs\Google\MusicManager\MusicManager.exe

C:\Program Files\WinZip\WZQKPICK.EXE

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Windows Media Player\WMPNSCFG.exe

C:\Windows\System32\OptionalFeatures.exe

C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Owner\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Owner\Downloads\dds.com

C:\Program Files\Windows Media Player\wmplayer.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\svchost.exe -k WindowsMobile

.

============== Pseudo HJT Report ===============

.

uStart Page = about:blank

uDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart

mDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart

uURLSearchHooks: H - No File

BHO: NCO 2.0 IE BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\common files\symantec shared\coshared\browser\2.6\coIEPlg.dll

BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\progra~1\common~1\symant~1\ids\IPSBHO.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7725.1624\swg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: Show Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\common files\symantec shared\coshared\browser\2.6\CoIEPlg.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll

TB: {043C5167-00BB-4324-AF7E-62013FAEDACF} - No File

TB: {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File

TB: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File

uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\TOSCDSPD.exe

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [Google Update] "c:\users\owner\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [MusicManager] "c:\users\owner\appdata\local\programs\google\musicmanager\MusicManager.exe"

uRun: [307537703] c:\users\owner\appdata\local\temp\tmph5745375836265147951.tmp

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [RtHDVCpl] RtHDVCpl.exe

mRun: [Camera Assistant Software] "c:\program files\camera assistant software for toshiba\traybar.exe" /start

mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE

mRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe

mRun: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe

mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe

mRun: [iTSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [NDSTray.exe] NDSTray.exe

mRun: [cfFncEnabler.exe] cfFncEnabler.exe

mRun: [ToshibaServiceStation] "c:\program files\toshiba\toshiba service station\TSS.exe" /hide

mRun: [PCMAgent] "c:\program files\cyberlink\powercinema for toshiba\PCMAgent.exe"

mRun: [CLMLServer] "c:\program files\cyberlink\powercinema for toshiba\kernel\clml\CLMLSvc.exe"

mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"

mRun: [osCheck] "c:\program files\norton 360\osCheck.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe

mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [CinemaNowMediaManagerApp] c:\program files\cinemanow\cinemanow media manager\CinemaNowShell.exe -start

mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW

mRun: [HTC Sync Loader] "c:\program files\htc\htc sync 3.0\htcUPCTLoader.exe" -startup

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll

IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

Trusted Zone: cinemanow.com

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.254.254

TCP: Interfaces\{05D79543-2CF0-4D61-9A2B-62B02ADB519C} : DhcpNameServer = 192.168.42.129

TCP: Interfaces\{15B4BE00-DEE4-49F2-AEDB-009FFEAFC43E} : DhcpNameServer = 192.168.42.129

TCP: Interfaces\{182B74AA-35CD-479B-AACD-563CC37020FF} : DhcpNameServer = 192.168.254.254

TCP: Interfaces\{F835D912-1E37-4FCF-8E2D-20F6481C5667} : DhcpNameServer = 192.168.42.129

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Notify: igfxcui - igfxdev.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\owner\appdata\roaming\mozilla\firefox\profiles\6zil0nd0.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=109935&tt=050412_30b&babsrc=HP_ss&mntrId=1254a72700000000000000216b26add0

FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=109935&tt=050412_30b&babsrc=KW_ss&mntrId=1254a72700000000000000216b26add0&q=

FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll

FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll

FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll

FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll

FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.50826.0\npctrlui.dll

FF - plugin: c:\users\owner\appdata\local\google\update\1.3.21.115\npGoogleUpdate3.dll

FF - plugin: c:\users\owner\appdata\local\google\update\1.3.21.67\npGoogleUpdate3.dll

FF - plugin: c:\users\owner\appdata\roaming\mozilla\plugins\npgoogletalk.dll

FF - plugin: c:\users\owner\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_265.dll

FF - plugin: c:\windows\system32\npdeployJava1.dll

FF - plugin: c:\windows\system32\npmproxy.dll

.

---- FIREFOX POLICIES ----

FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109935&tt=050412_30b

FF - user.js: extensions.BabylonToolbar_i.babExt -

FF - user.js: extensions.BabylonToolbar_i.srcExt - ss

FF - user.js: extensions.BabylonToolbar_i.id - 1254a72700000000000000216b26add0

FF - user.js: extensions.BabylonToolbar_i.hardId - 1254a72700000000000000216b26add0

FF - user.js: extensions.BabylonToolbar_i.instlDay - 15440

FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1711:34:45

FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar_i.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.smplGrp - none

FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9

FF - user.js: extensions.BabylonToolbar_i.instlRef - sst

.

============= SERVICES / DRIVERS ===============

.

R? COH_Mon;COH_Mon

R? dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)

R? gupdate;Google Update Service (gupdate)

R? gupdatem;Google Update Service (gupdatem)

R? HTCAND32;HTC Device Driver

R? htcnprot;HTC NDIS Protocol Driver

R? MozillaMaintenance;Mozilla Maintenance Service

R? ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)

R? Symantec Core LC;Symantec Core LC

R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0

S? aswFsBlk;aswFsBlk

S? aswMonFlt;aswMonFlt

S? aswSnx;aswSnx

S? aswSP;aswSP

S? avast! Antivirus;avast! Antivirus

S? CinemaNow Service;CinemaNow Service

S? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86

S? ConfigFree Service;ConfigFree Service

S? FwLnk;FwLnk Driver

S? IDSvix86;Symantec Intrusion Prevention Driver

S? LiveUpdate Notice;LiveUpdate Notice

S? NETw5v32;Intel® Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit

S? PassThru Service;Internet Pass-Through Service

S? SmartFaceVWatchSrv;SmartFaceVWatchSrv

S? SYMNDISV;SYMNDISV

S? TMachInfo;TMachInfo

S? TOSHIBA SMART Log Service;TOSHIBA SMART Log Service

.

=============== Created Last 30 ================

.

2012-08-20 20:09:10 -------- d-----w- c:\windows\system32\eu-ES

2012-08-20 20:09:10 -------- d-----w- c:\windows\system32\ca-ES

2012-08-20 20:09:09 -------- d-----w- c:\windows\system32\vi-VN

2012-08-20 19:08:24 -------- d-----w- c:\windows\system32\EventProviders

2012-08-08 20:55:45 476976 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-08-02 20:16:21 4024320 ----a-w- c:\program files\GUT841A.tmp

2012-08-02 20:16:21 -------- d-----w- c:\program files\GUM8419.tmp

.

==================== Find3M ====================

.

2012-08-08 20:55:26 472880 ----a-w- c:\windows\system32\deployJava1.dll

2012-07-19 07:00:37 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-07-19 07:00:37 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-07-03 18:46:44 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-07-03 16:21:53 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2012-07-03 16:21:53 57656 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2012-07-03 16:21:32 41224 ----a-w- c:\windows\avastSS.scr

.

============= FINISH: 15:57:36.79 ===============

[ubigred]

Attach.txt

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 8/14/2009 11:06:37 PM

System Uptime: 8/20/2012 3:11:49 PM (0 hours ago)

.

Motherboard: Intel Corp. | | Base Board Product Name

Processor: Intel® Core2 Duo CPU T5800 @ 2.00GHz | CPU | 800/800mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 231 GiB total, 118.38 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP469: 8/18/2012 2:33:24 AM - Scheduled Checkpoint

RP470: 8/18/2012 3:00:10 AM - Windows Update

RP471: 8/20/2012 2:07:21 PM - Windows Update

.

==== Installed Programs ======================

.

.

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader 8.2.0

Amazon Links

AppCore

Apple Application Support

Apple Software Update

avast! Free Antivirus

Backup

Bluetooth Stack for Windows by Toshiba

Camera Assistant Software for Toshiba

ccCommon

CD/DVD Drive Acoustic Silencer

CinemaNow Media Manager

CyberLink PowerCinema for TOSHIBA

DivX Converter

DivX Plus DirectShow Filters

DivX Setup

DivX Version Checker

DivX Web Player

DVD MovieFactory for TOSHIBA

FormatFactory 2.60

GearDrvs

Google Chrome

Google Drive

Google Talk Plugin

Google Toolbar for Internet Explorer

Google Update Helper

HashCheck Shell Extension (x86-32)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

HTC BMP USB Driver

HTC Driver Installer

HTC Sync

HTC Touch Pro2 User Guide

Intel PROSet Wireless

Intel® Graphics Media Accelerator Driver

Intel® PROSet/Wireless WiFi Software

Intel® Matrix Storage Manager

Java Auto Updater

Java 6 Update 33

Java 6 Update 6

K-Lite Codec Pack 5.6.1 (Standard)

LiveUpdate (Symantec Corporation)

Malwarebytes Anti-Malware version 1.62.0.1300

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Suite Activation Assistant

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft XML Parser

Mozilla Firefox 14.0.1 (x86 en-US)

Mozilla Firefox 4.0b6 (x86 en-US)

Mozilla Maintenance Service

MSXML 4.0 SP2 (KB941833)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB973685)

Music Manager

Napster Download Manager

NetZero Internet Access Installer

Norton 360

Norton 360 (Symantec Corporation)

Norton 360 HTMLHelp

Norton Confidential Core

OGA Notifier 2.0.0048.0

Picasa 2

QuickBooks Financial Center

QuickTime

RapidShare Manager

Realtek 8169 8168 8101E 8102E Ethernet Driver

Realtek High Definition Audio Driver

RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.02

Security Update for 2007 Microsoft Office System (KB2277947)

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for 2007 Microsoft Office System (KB982312)

Security Update for 2007 Microsoft Office System (KB982331)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft Office Access 2007 (KB979440)

Security Update for Microsoft Office Excel 2007 (KB982308)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office Outlook 2007 (KB2288953)

Security Update for Microsoft Office PowerPoint 2007 (KB982158)

Security Update for Microsoft Office Publisher 2007 (KB982124)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2251419)

Security Update for Windows Media Encoder (KB2447961)

Security Update for Windows Media Encoder (KB954156)

Security Update for Windows Media Encoder (KB979332)

SPBBC 32bit

Symantec Real Time Storage Protection Component

Symantec Technical Support Controls

SymNet

Synaptics Pointing Device Driver

TOSHIBA Application Disc Creator

TOSHIBA Assist

TOSHIBA ConfigFree

TOSHIBA Desktop Links

TOSHIBA Disc Creator

TOSHIBA DVD PLAYER

TOSHIBA Extended Tiles for Windows Mobility Center

TOSHIBA Face Recognition

TOSHIBA Hardware Setup

TOSHIBA PowerCinema Helper

Toshiba Registration

TOSHIBA SD Memory Utilities

TOSHIBA Service Station

TOSHIBA Software Modem

TOSHIBA Speech System Applications

TOSHIBA Speech System SR Engine(U.S.) Version1.0

TOSHIBA Speech System TTS Engine(U.S.) Version1.0

TOSHIBA Supervisor Password

TOSHIBA Value Added Package

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 (KB980729)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Update for Outlook 2007 Junk Email Filter (kb2291599)

VC80CRTRedist - 8.0.50727.4053

WildTangent Games

Windows Media Encoder 9 Series

Windows Media Player Firefox Plugin

Windows Mobile Device Center

Windows Mobile Device Center Driver Update

WinRAR archiver

WinZip 14.5

Yahoo! Detect

Yahoo! SiteBuilder

YouTube Downloader 2.5.4

.

==== End Of File ===========================

ROGUEKILLER

RogueKiller V7.6.6 [08/10/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version

Started in : Normal mode

User: Owner [Admin rights]

Mode: Scan -- Date: 08/20/2012 16:20:42

¤¤¤ Bad processes: 1 ¤¤¤

[sUSP PATH] MusicManager.exe -- C:\Users\Owner\AppData\Local\Programs\Google\MusicManager\MusicManager.exe -> KILLED [TermProc]

¤¤¤ Registry Entries: 7 ¤¤¤

[sUSP PATH] HKCU\[...]\Run : MusicManager ("C:\Users\Owner\AppData\Local\Programs\Google\MusicManager\MusicManager.exe") -> FOUND

[sUSP PATH] HKCU\[...]\Run : 307537703 (C:\Users\Owner\AppData\Local\Temp\tmph5745375836265147951.tmp) -> FOUND

[sUSP PATH] HKUS\S-1-5-21-1038527918-3062837077-4051479591-1000[...]\Run : MusicManager ("C:\Users\Owner\AppData\Local\Programs\Google\MusicManager\MusicManager.exe") -> FOUND

[sUSP PATH] HKUS\S-1-5-21-1038527918-3062837077-4051479591-1000[...]\Run : 307537703 (C:\Users\Owner\AppData\Local\Temp\tmph5745375836265147951.tmp) -> FOUND

[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

SSDT[13] : NtAlertResumeThread @ 0x82E9951D -> HOOKED (Unknown @ 0x93BD32B0)

SSDT[14] : NtAlertThread @ 0x82E121E5 -> HOOKED (Unknown @ 0x93BD3370)

SSDT[21] : NtAlpcConnectPort @ 0x82DF081F -> HOOKED (Unknown @ 0x93AA6B08)

SSDT[67] : NtCreateMutant @ 0x82E267BC -> HOOKED (Unknown @ 0x93B6DF00)

SSDT[78] : NtCreateThread @ 0x82E97B98 -> HOOKED (Unknown @ 0x93BD54F8)

SSDT[116] : NtDebugActiveProcess @ 0x82E6ACE2 -> HOOKED (Unknown @ 0x93B6DCC0)

SSDT[156] : NtImpersonateAnonymousToken @ 0x82DC0EE2 -> HOOKED (Unknown @ 0x93B6DFD0)

SSDT[158] : NtImpersonateThread @ 0x82DD64E4 -> HOOKED (Unknown @ 0x93BD31F0)

SSDT[177] : NtMapViewOfSection @ 0x82E1682A -> HOOKED (Unknown @ 0x93B60F30)

SSDT[184] : NtOpenEvent @ 0x82DFFD5F -> HOOKED (Unknown @ 0x93B6DE40)

SSDT[195] : NtOpenProcessToken @ 0x82E079BE -> HOOKED (Unknown @ 0x93BD5480)

SSDT[202] : NtOpenThreadToken @ 0x82E22258 -> HOOKED (Unknown @ 0x93B60CD0)

SSDT[282] : NtResumeThread @ 0x82E21AF5 -> HOOKED (Unknown @ 0x93B7FA88)

SSDT[289] : NtSetContextThread @ 0x82E98867 -> HOOKED (Unknown @ 0x93B60C10)

SSDT[305] : NtSetInformationProcess @ 0x82E1A858 -> HOOKED (Unknown @ 0x93B60DA0)

SSDT[306] : NtSetInformationThread @ 0x82DFF23D -> HOOKED (Unknown @ 0x93BD35F8)

SSDT[330] : NtSuspendProcess @ 0x82E99457 -> HOOKED (Unknown @ 0x93B6DD80)

SSDT[331] : NtSuspendThread @ 0x82DA092D -> HOOKED (Unknown @ 0x93BD3478)

SSDT[335] : NtTerminateThread @ 0x82E224DF -> HOOKED (Unknown @ 0x93BD3538)

SSDT[348] : NtUnmapViewOfSection @ 0x82E16AED -> HOOKED (Unknown @ 0x93B60E70)

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD2500BEVT-00ZCT0 +++++

--- User ---

[MBR] 5f577f3690278f6ef3b9d57cbfd5bb42

[bSP] 7271b13cbf72c5313a8bdaf1ff7d50b5 : Windows Vista MBR Code

Partition table:

0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 236974 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

[ubigred]

Did I post this in the correct forum? If not, my apologies and please instruct me to the proper forum. Thanks.

[screen317]

Hi and welcome to Malwarebytes.

Please see:

Forum Piracy Policy

We will not assist users that are obviously using illegal software.

If any such evidence is found you will be given the benefit of the doubt and the opportunity to completely uninstall and delete any such data from your system.

During the scanning process if any further evidence shows up your topic will be closed and no further assistance will be provided.

If you're using Peer 2 Peer software such as uTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

It's likely why your issue began in the first place.

[ubigred]

Hello,

I thought my thread was left for dead.

I deleted the Vuse software. I downloaded it to watch NFL games when I was out of the country.

[screen317]

Hi,

Please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

• When the tool is finished, it will produce a report for you.
  
• Please post the C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

If after ComboFix reboots you get a message about an "Invalid Option Registry Key Marked for Deletion," please reboot again and the error will go away.

-screen317

[ubigred]

ComboFix ran for over 2hrs. Not sure if it saying led out or if it was still going through the process. I went to bed and woke up this morning. A message popped saying I'm infected with the Zero Access virus.

[ubigred]

Took a while ,but ComboFix ran its course.

dds.tx

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_33

Run by Owner at 12:16:35 on 2012-09-05

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2939.1687 [GMT -5:00]

.

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: Norton 360 *Disabled/Outdated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton 360 *Disabled/Outdated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}

FW: Norton 360 *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\agrsmsvc.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Program Files\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe

C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

C:\Windows\System32\tcpsvcs.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe

C:\Windows\system32\TODDSrv.exe

C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe

C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe

C:\Windows\system32\taskeng.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Toshiba\Power Saver\TPwrMain.exe

C:\Program Files\Toshiba\SmoothView\SmoothView.exe

C:\Program Files\Toshiba\FlashCards\TCrdMain.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Toshiba\ConfigFree\NDSTray.exe

C:\Program Files\Toshiba\TOSHIBA Service Station\TSS.exe

C:\Program Files\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe

C:\Program Files\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe

C:\Program Files\CinemaNow\CinemaNow Media Manager\CNRpc.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\Windows\WindowsMobile\wmdc.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Windows\system32\svchost.exe -k WindowsMobile

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe

C:\Windows\ehome\ehtray.exe

C:\Users\Owner\AppData\Local\Programs\Google\MusicManager\MusicManager.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\WinZip\WZQKPICK.EXE

C:\Windows\System32\mobsync.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\taskeng.exe

C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = about:blank

BHO: NCO 2.0 IE BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\common files\symantec shared\coshared\browser\2.6\coIEPlg.dll

BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\progra~1\common~1\symant~1\ids\IPSBHO.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: Show Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\common files\symantec shared\coshared\browser\2.6\CoIEPlg.dll

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\TOSCDSPD.exe

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [MusicManager] "c:\users\owner\appdata\local\programs\google\musicmanager\MusicManager.exe"

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [RtHDVCpl] RtHDVCpl.exe

mRun: [Camera Assistant Software] "c:\program files\camera assistant software for toshiba\traybar.exe" /start

mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE

mRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe

mRun: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe

mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe

mRun: [iTSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [NDSTray.exe] NDSTray.exe

mRun: [ToshibaServiceStation] "c:\program files\toshiba\toshiba service station\TSS.exe" /hide

mRun: [PCMAgent] "c:\program files\cyberlink\powercinema for toshiba\PCMAgent.exe"

mRun: [CLMLServer] "c:\program files\cyberlink\powercinema for toshiba\kernel\clml\CLMLSvc.exe"

mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"

mRun: [osCheck] "c:\program files\norton 360\osCheck.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [CinemaNowMediaManagerApp] c:\program files\cinemanow\cinemanow media manager\CinemaNowShell.exe -start

mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW

mRun: [HTC Sync Loader] "c:\program files\htc\htc sync 3.0\htcUPCTLoader.exe" -startup

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll

IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

Trusted Zone: cinemanow.com

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.254.254

TCP: Interfaces\{05D79543-2CF0-4D61-9A2B-62B02ADB519C} : DhcpNameServer = 192.168.42.129

TCP: Interfaces\{15B4BE00-DEE4-49F2-AEDB-009FFEAFC43E} : DhcpNameServer = 192.168.42.129

TCP: Interfaces\{182B74AA-35CD-479B-AACD-563CC37020FF} : DhcpNameServer = 192.168.254.254

TCP: Interfaces\{F835D912-1E37-4FCF-8E2D-20F6481C5667} : DhcpNameServer = 192.168.42.129

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Notify: igfxcui - igfxdev.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\owner\appdata\roaming\mozilla\firefox\profiles\6zil0nd0.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=109935&tt=050412_30b&babsrc=HP_ss&mntrId=1254a72700000000000000216b26add0

FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=109935&tt=050412_30b&babsrc=KW_ss&mntrId=1254a72700000000000000216b26add0&q=

FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.50826.0\npctrlui.dll

FF - plugin: c:\users\owner\appdata\local\google\update\1.3.21.115\npGoogleUpdate3.dll

FF - plugin: c:\users\owner\appdata\roaming\mozilla\plugins\npgoogletalk.dll

FF - plugin: c:\users\owner\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_265.dll

FF - plugin: c:\windows\system32\npdeployJava1.dll

FF - plugin: c:\windows\system32\npmproxy.dll

.

---- FIREFOX POLICIES ----

FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109935&tt=050412_30b

FF - user.js: extensions.BabylonToolbar_i.babExt -

FF - user.js: extensions.BabylonToolbar_i.srcExt - ss

FF - user.js: extensions.BabylonToolbar_i.id - 1254a72700000000000000216b26add0

FF - user.js: extensions.BabylonToolbar_i.hardId - 1254a72700000000000000216b26add0

FF - user.js: extensions.BabylonToolbar_i.instlDay - 15440

FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1711:34:45

FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar_i.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.smplGrp - none

FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9

FF - user.js: extensions.BabylonToolbar_i.instlRef - sst

.

============= SERVICES / DRIVERS ===============

.

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-12-12 721000]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-6-13 353688]

R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\symantec\defini~1\symcdata\ipsdefs\20091105.001\IDSvix86.sys [2009-11-5 272432]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-6-13 21256]

R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-6-13 57656]

R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-6-13 44808]

R2 CinemaNow Service;CinemaNow Service;c:\program files\cinemanow\cinemanow media manager\CinemaNowSvc.exe [2010-1-14 129520]

R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2008-7-10 40960]

R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]

R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\common files\symantec shared\CCSVCHST.EXE [2008-2-18 149352]

R2 PassThru Service;Internet Pass-Through Service;c:\program files\htc\internet pass-through\PassThruSvr.exe [2010-9-16 80896]

R2 TMachInfo;TMachInfo;c:\program files\toshiba\toshiba service station\TMachInfo.exe [2008-8-14 46392]

R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\toshiba\smartlogservice\TosIPCSrv.exe [2007-12-3 126976]

R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2008-8-14 7168]

R3 NETw5v32;Intel® Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ;c:\windows\system32\drivers\NETw5v32.sys [2008-4-28 3658752]

R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv;c:\program files\toshiba\smartfacev\SmartFaceVWatchSrv.exe [2008-4-24 73728]

R3 SYMNDISV;SYMNDISV;c:\windows\system32\drivers\symndisv.sys [2009-2-19 41008]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-21 135664]

S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2008-1-12 23888]

S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2011-11-24 80184]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-21 135664]

S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2009-6-10 24576]

S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [2010-6-23 23040]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-11 113120]

S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2011-11-24 181432]

S3 Symantec Core LC;Symantec Core LC;c:\progra~1\common~1\symant~1\ccpd-lc\symlcsvc.exe [2008-8-14 1245064]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2012-09-05 16:43:09 -------- d-sh--w- C:\$RECYCLE.BIN

2012-09-05 16:39:17 -------- d-----w- c:\users\owner\appdata\local\temp

2012-09-05 06:58:08 98816 ----a-w- c:\windows\sed.exe

2012-09-05 06:58:08 518144 ----a-w- c:\windows\SWREG.exe

2012-09-05 06:58:08 256000 ----a-w- c:\windows\PEV.exe

2012-09-05 06:58:08 208896 ----a-w- c:\windows\MBR.exe

2012-09-05 06:57:48 -------- d-----w- C:\ComboFix

2012-08-28 02:35:44 876032 ----a-w- c:\windows\system32\XpsPrint.dll

2012-08-28 02:35:42 683008 ----a-w- c:\windows\system32\d2d1.dll

2012-08-28 02:35:42 219648 ----a-w- c:\windows\system32\d3d10_1core.dll

2012-08-28 02:35:42 1172480 ----a-w- c:\windows\system32\d3d10warp.dll

2012-08-28 02:35:42 1069056 ----a-w- c:\windows\system32\DWrite.dll

2012-08-28 02:35:41 160768 ----a-w- c:\windows\system32\d3d10_1.dll

2012-08-25 10:55:21 -------- d-----w- c:\program files\Windows Portable Devices

2012-08-25 10:09:38 92672 ----a-w- c:\windows\system32\UIAnimation.dll

2012-08-25 10:09:32 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll

2012-08-25 10:09:31 3023360 ----a-w- c:\windows\system32\UIRibbon.dll

2012-08-25 10:00:31 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe

2012-08-25 10:00:30 81920 ----a-w- c:\windows\system32\wpdbusenum.dll

2012-08-25 10:00:30 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll

2012-08-25 10:00:13 134144 ----a-w- c:\program files\windows portable devices\sqmapi.dll

2012-08-25 10:00:09 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll

2012-08-25 09:26:42 5120 ----a-w- c:\windows\system32\wmi.dll

2012-08-25 09:26:42 172032 ----a-w- c:\windows\system32\wintrust.dll

2012-08-25 09:26:41 157696 ----a-w- c:\windows\system32\imagehlp.dll

2012-08-25 09:26:40 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys

2012-08-25 09:02:25 2047488 ----a-w- c:\windows\system32\win32k.sys

2012-08-25 08:58:27 979456 ----a-w- c:\windows\system32\MFH264Dec.dll

2012-08-25 08:55:58 369664 ----a-w- c:\windows\system32\WMPhoto.dll

2012-08-25 08:55:58 252928 ----a-w- c:\windows\system32\dxdiag.exe

2012-08-25 08:55:58 195584 ----a-w- c:\windows\system32\dxdiagn.dll

2012-08-25 08:55:57 519680 ----a-w- c:\windows\system32\d3d11.dll

2012-08-25 08:55:57 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll

2012-08-25 08:55:57 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll

2012-08-25 08:55:56 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll

2012-08-21 19:22:27 623616 ----a-w- c:\windows\system32\localspl.dll

2012-08-21 19:21:50 984064 ----a-w- c:\windows\system32\crypt32.dll

2012-08-21 19:21:50 98304 ----a-w- c:\windows\system32\cryptnet.dll

2012-08-21 19:21:50 133120 ----a-w- c:\windows\system32\cryptsvc.dll

2012-08-21 19:21:32 293376 ----a-w- c:\windows\system32\psisdecd.dll

2012-08-21 19:21:31 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax

2012-08-21 19:21:31 217088 ----a-w- c:\windows\system32\psisrndr.ax

2012-08-21 19:21:30 57856 ----a-w- c:\windows\system32\MSDvbNP.ax

2012-08-21 19:21:29 189952 ----a-w- c:\windows\system32\winmm.dll

2012-08-21 19:21:28 23552 ----a-w- c:\windows\system32\mciseq.dll

2012-08-21 19:20:39 1205064 ----a-w- c:\windows\system32\ntdll.dll

2012-08-21 19:18:29 429056 ----a-w- c:\windows\system32\EncDec.dll

2012-08-21 19:18:06 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys

2012-08-21 19:18:04 905600 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-08-21 19:18:03 6144 ----a-w- c:\program files\internet explorer\iecompat.dll

2012-08-21 19:17:59 1404928 ----a-w- c:\program files\common files\microsoft shared\ink\InkObj.dll

2012-08-21 19:17:59 1218048 ----a-w- c:\program files\windows journal\NBDoc.DLL

2012-08-21 19:17:58 964608 ----a-w- c:\program files\windows journal\JNWDRV.dll

2012-08-21 19:17:57 983040 ----a-w- c:\program files\windows journal\JNTFiltr.dll

2012-08-21 19:17:56 936960 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll

2012-08-21 19:17:55 47104 ----a-w- c:\program files\windows journal\PDIALOG.exe

2012-08-21 19:17:31 797696 ----a-w- c:\windows\system32\FntCache.dll

2012-08-21 19:17:28 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll

2012-08-21 19:16:52 66560 ----a-w- c:\windows\system32\packager.dll

2012-08-21 19:16:50 680448 ----a-w- c:\windows\system32\msvcrt.dll

2012-08-21 19:16:48 376320 ----a-w- c:\windows\system32\winsrv.dll

2012-08-21 19:16:29 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll

2012-08-21 19:15:44 49152 ----a-w- c:\windows\system32\csrsrv.dll

2012-08-21 19:15:42 1314816 ----a-w- c:\windows\system32\quartz.dll

2012-08-21 19:15:41 497152 ----a-w- c:\windows\system32\qdvd.dll

2012-08-21 19:15:32 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll

2012-08-21 19:15:32 4096 ----a-w- c:\windows\system32\oleaccrc.dll

2012-08-21 19:15:31 563712 ----a-w- c:\windows\system32\oleaut32.dll

2012-08-21 19:15:31 238080 ----a-w- c:\windows\system32\oleacc.dll

2012-08-21 19:15:15 2048 ----a-w- c:\windows\system32\tzres.dll

2012-08-21 19:15:01 377344 ----a-w- c:\windows\system32\winhttp.dll

2012-08-21 19:14:57 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat

2012-08-21 19:14:44 1401856 ----a-w- c:\windows\system32\msxml6.dll

2012-08-21 19:14:44 1248768 ----a-w- c:\windows\system32\msxml3.dll

2012-08-21 19:14:25 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-08-21 19:14:20 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-08-21 19:14:19 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-08-21 19:14:15 707584 ----a-w- c:\program files\common files\system\wab32.dll

2012-08-21 19:12:56 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-08-21 19:12:55 278528 ----a-w- c:\windows\system32\schannel.dll

2012-08-21 19:12:55 1259008 ----a-w- c:\windows\system32\lsasrv.dll

2012-08-21 19:12:54 72704 ----a-w- c:\windows\system32\secur32.dll

2012-08-21 19:12:54 204288 ----a-w- c:\windows\system32\ncrypt.dll

2012-08-21 19:12:53 9728 ----a-w- c:\windows\system32\lsass.exe

2012-08-21 18:57:55 231424 ----a-w- c:\windows\system32\msshsq.dll

2012-08-21 18:44:30 613376 ----a-w- c:\windows\system32\rdpencom.dll

2012-08-21 18:25:40 2422272 ----a-w- c:\windows\system32\wucltux.dll

2012-08-21 18:25:06 88576 ----a-w- c:\windows\system32\wudriver.dll

2012-08-21 18:24:49 33792 ----a-w- c:\windows\system32\wuapp.exe

2012-08-21 18:24:49 171904 ----a-w- c:\windows\system32\wuwebv.dll

2012-08-20 20:09:10 -------- d-----w- c:\windows\system32\eu-ES

2012-08-20 20:09:10 -------- d-----w- c:\windows\system32\ca-ES

2012-08-20 20:09:09 -------- d-----w- c:\windows\system32\vi-VN

2012-08-20 19:08:24 -------- d-----w- c:\windows\system32\EventProviders

2012-08-08 20:55:45 476976 ----a-w- c:\windows\system32\npdeployJava1.dll

.

==================== Find3M ====================

.

2012-08-25 08:58:26 98816 ----a-w- c:\windows\system32\mfps.dll

2012-08-25 08:55:59 4096 ----a-w- c:\windows\system32\drivers\en-us\dxgkrnl.sys.mui

2012-08-08 20:55:26 472880 ----a-w- c:\windows\system32\deployJava1.dll

2012-08-02 20:16:21 4024320 ----a-w- c:\program files\GUT841A.tmp

2012-07-19 07:00:37 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-07-19 07:00:37 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-07-03 18:46:44 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-07-03 16:21:53 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2012-07-03 16:21:53 57656 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2012-07-03 16:21:32 41224 ----a-w- c:\windows\avastSS.scr

2012-06-25 21:04:24 1394248 ----a-w- c:\windows\system32\msxml4.dll

.

============= FINISH: 12:17:30.51 ===============

[ubigred]

ComboFix2.txt

ComboFix 12-09-04.03 - Owner 09/05/2012 11:15:46.1.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2939.2069 [GMT -5:00]

Running from: c:\users\Owner\Desktop\ComboFix.exe

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: Norton 360 *Disabled/Outdated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}

FW: Norton 360 *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Norton 360 *Disabled/Outdated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\4007428239

c:\programdata\Roaming

c:\programdata\Roaming\Intel\Wireless\Settings\Settings.ini

c:\users\Owner\Documents\~WRL1347.tmp

c:\users\Owner\Documents\~WRL2752.tmp

c:\windows\$NtUninstallKB34616$

c:\windows\$NtUninstallKB34616$\1162920552\@

c:\windows\$NtUninstallKB34616$\1162920552\bckfg.tmp

c:\windows\$NtUninstallKB34616$\1162920552\cfg.ini

c:\windows\$NtUninstallKB34616$\1162920552\Desktop.ini

c:\windows\$NtUninstallKB34616$\1162920552\keywords

c:\windows\$NtUninstallKB34616$\1162920552\kwrd.dll

c:\windows\$NtUninstallKB34616$\1162920552\L\qnbwvoto

c:\windows\$NtUninstallKB34616$\1162920552\lsflt7.ver

c:\windows\$NtUninstallKB34616$\1162920552\U\00000001.@

c:\windows\$NtUninstallKB34616$\1162920552\U\00000002.@

c:\windows\$NtUninstallKB34616$\1162920552\U\00000004.@

c:\windows\$NtUninstallKB34616$\1162920552\U\80000000.@

c:\windows\$NtUninstallKB34616$\1162920552\U\80000004.@

c:\windows\$NtUninstallKB34616$\1162920552\U\80000032.@

c:\windows\$NtUninstallKB34616$\43465987

c:\windows\system32\pt

c:\windows\system32\pt\smartfacevcp.dll.mui

c:\windows\system32\pt\toscdspd.cpl.mui

.

.

((((((((((((((((((((((((( Files Created from 2012-08-05 to 2012-09-05 )))))))))))))))))))))))))))))))

.

.

2012-08-28 02:35 . 2012-03-01 14:46 219648 ----a-w- c:\windows\system32\d3d10_1core.dll

2012-08-28 02:35 . 2012-02-29 14:08 1172480 ----a-w- c:\windows\system32\d3d10warp.dll

2012-08-28 02:35 . 2012-02-29 13:44 683008 ----a-w- c:\windows\system32\d2d1.dll

2012-08-28 02:35 . 2012-02-29 13:41 1069056 ----a-w- c:\windows\system32\DWrite.dll

2012-08-28 02:35 . 2012-03-01 14:46 160768 ----a-w- c:\windows\system32\d3d10_1.dll

2012-08-25 10:55 . 2012-08-25 10:55 -------- d-----w- c:\program files\Windows Portable Devices

2012-08-25 10:00 . 2009-10-01 01:02 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll

2012-08-25 09:59 . 2009-10-01 01:01 40448 ----a-w- c:\windows\system32\drivers\WpdUsb.sys

2012-08-25 09:59 . 2009-10-01 01:01 227840 ----a-w- c:\windows\system32\drivers\UMDF\WpdFs.dll

2012-08-25 09:59 . 2009-10-01 01:01 839168 ----a-w- c:\windows\system32\drivers\UMDF\WpdMtpDr.dll

2012-08-25 09:26 . 2012-02-29 13:32 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys

2012-08-25 08:58 . 2012-08-25 08:58 486400 ----a-w- c:\windows\system32\d3d10level9.dll

2012-08-25 08:58 . 2012-08-25 08:58 638336 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2012-08-25 08:58 . 2012-08-25 08:58 478720 ----a-w- c:\windows\system32\dxgi.dll

2012-08-25 08:58 . 2012-08-25 08:58 37376 ----a-w- c:\windows\system32\cdd.dll

2012-08-25 08:58 . 2012-08-25 08:58 189952 ----a-w- c:\windows\system32\d3d10core.dll

2012-08-25 08:58 . 2012-08-25 08:58 1029120 ----a-w- c:\windows\system32\d3d10.dll

2012-08-25 08:55 . 2012-08-25 08:55 252928 ----a-w- c:\windows\system32\dxdiag.exe

2012-08-25 08:55 . 2012-08-25 08:55 195584 ----a-w- c:\windows\system32\dxdiagn.dll

2012-08-25 08:55 . 2012-08-25 08:55 519680 ----a-w- c:\windows\system32\d3d11.dll

2012-08-21 19:21 . 2012-04-23 16:00 984064 ----a-w- c:\windows\system32\crypt32.dll

2012-08-21 19:21 . 2012-04-23 16:00 98304 ----a-w- c:\windows\system32\cryptnet.dll

2012-08-21 19:21 . 2012-04-23 16:00 133120 ----a-w- c:\windows\system32\cryptsvc.dll

2012-08-21 19:18 . 2011-10-14 16:02 429056 ----a-w- c:\windows\system32\EncDec.dll

2012-08-21 19:18 . 2012-03-20 23:28 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys

2012-08-21 19:18 . 2012-03-30 12:39 905600 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-08-21 19:18 . 2011-08-13 04:43 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll

2012-08-21 19:17 . 2012-02-01 15:11 1218048 ----a-w- c:\program files\Windows Journal\NBDoc.DLL

2012-08-21 19:17 . 2012-02-01 15:10 1404928 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll

2012-08-21 19:17 . 2012-02-01 15:10 964608 ----a-w- c:\program files\Windows Journal\JNWDRV.dll

2012-08-21 19:17 . 2012-02-01 15:10 983040 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll

2012-08-21 19:17 . 2012-02-01 15:10 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll

2012-08-21 19:17 . 2012-02-01 13:58 47104 ----a-w- c:\program files\Windows Journal\PDIALOG.exe

2012-08-21 19:17 . 2011-02-22 13:33 797696 ----a-w- c:\windows\system32\FntCache.dll

2012-08-21 19:16 . 2012-06-05 16:47 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll

2012-08-21 19:15 . 2011-10-25 15:56 49152 ----a-w- c:\windows\system32\csrsrv.dll

2012-08-21 19:14 . 2012-03-01 11:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat

2012-08-21 19:14 . 2012-05-01 14:03 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-08-21 19:14 . 2011-09-30 15:57 707584 ----a-w- c:\program files\Common Files\System\wab32.dll

2012-08-21 19:12 . 2012-06-04 15:26 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-08-20 20:09 . 2012-08-20 20:09 -------- d-----w- c:\windows\system32\ca-ES

2012-08-20 20:09 . 2012-08-20 20:09 -------- d-----w- c:\windows\system32\eu-ES

2012-08-20 19:08 . 2012-08-20 19:08 -------- d-----w- c:\windows\system32\EventProviders

2012-08-08 20:53 . 2012-08-08 20:53 -------- d-----w- c:\programdata\McAfee

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-25 09:00 . 2012-08-25 09:00 161792 ----a-w- c:\windows\system32\msls31.dll

2012-08-25 09:00 . 2012-08-25 09:00 1129472 ----a-w- c:\windows\system32\wininet.dll

2012-08-25 09:00 . 2012-08-25 09:00 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2012-08-25 09:00 . 2012-08-25 09:00 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2012-08-25 09:00 . 2012-08-25 09:00 48640 ----a-w- c:\windows\system32\mshtmler.dll

2012-08-25 09:00 . 2012-08-25 09:00 86528 ----a-w- c:\windows\system32\iesysprep.dll

2012-08-25 09:00 . 2012-08-25 09:00 63488 ----a-w- c:\windows\system32\tdc.ocx

2012-08-25 09:00 . 2012-08-25 09:00 74752 ----a-w- c:\windows\system32\iesetup.dll

2012-08-25 09:00 . 2012-08-25 09:00 23552 ----a-w- c:\windows\system32\licmgr10.dll

2012-08-25 09:00 . 2012-08-25 09:00 152064 ----a-w- c:\windows\system32\wextract.exe

2012-08-25 09:00 . 2012-08-25 09:00 150528 ----a-w- c:\windows\system32\iexpress.exe

2012-08-25 09:00 . 2012-08-25 09:00 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2012-08-25 09:00 . 2012-08-25 09:00 420864 ----a-w- c:\windows\system32\vbscript.dll

2012-08-25 09:00 . 2012-08-25 09:00 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-08-25 09:00 . 2012-08-25 09:00 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2012-08-25 09:00 . 2012-08-25 09:00 11776 ----a-w- c:\windows\system32\mshta.exe

2012-08-25 09:00 . 2012-08-25 09:00 35840 ----a-w- c:\windows\system32\imgutil.dll

2012-08-25 09:00 . 2012-08-25 09:00 1800704 ----a-w- c:\windows\system32\jscript9.dll

2012-08-25 08:58 . 2012-08-25 08:58 979456 ----a-w- c:\windows\system32\MFH264Dec.dll

2012-08-25 08:58 . 2012-08-25 08:58 98816 ----a-w- c:\windows\system32\mfps.dll

2012-08-25 08:58 . 2012-08-25 08:58 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll

2012-08-25 08:58 . 2012-08-25 08:58 302592 ----a-w- c:\windows\system32\mfmp4src.dll

2012-08-25 08:58 . 2012-08-25 08:58 2873344 ----a-w- c:\windows\system32\mf.dll

2012-08-25 08:58 . 2012-08-25 08:58 261632 ----a-w- c:\windows\system32\mfreadwrite.dll

2012-08-25 08:58 . 2012-08-25 08:58 586240 ----a-w- c:\windows\system32\stobject.dll

2012-08-25 08:58 . 2012-08-25 08:58 209920 ----a-w- c:\windows\system32\mfplat.dll

2012-08-25 08:58 . 2012-08-25 08:58 135680 ----a-w- c:\windows\system32\XpsRasterService.dll

2012-08-25 08:58 . 2012-08-25 08:58 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll

2012-08-25 08:58 . 2012-08-25 08:58 258048 ----a-w- c:\windows\system32\winspool.drv

2012-08-25 08:58 . 2012-08-25 08:58 847360 ----a-w- c:\windows\system32\OpcServices.dll

2012-08-25 08:58 . 2012-08-25 08:58 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe

2012-08-25 08:58 . 2012-08-25 08:58 1554432 ----a-w- c:\windows\system32\xpsservices.dll

2012-08-25 08:55 . 2012-08-25 08:55 4096 ----a-w- c:\windows\system32\drivers\en-US\dxgkrnl.sys.mui

2012-08-25 08:55 . 2012-08-25 08:55 369664 ----a-w- c:\windows\system32\WMPhoto.dll

2012-08-25 08:55 . 2012-08-25 08:55 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll

2012-08-25 08:55 . 2012-08-25 08:55 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll

2012-08-25 08:55 . 2012-08-25 08:55 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll

2012-08-08 20:55 . 2012-08-08 20:55 476976 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-08-08 20:55 . 2011-06-06 22:53 472880 ----a-w- c:\windows\system32\deployJava1.dll

2012-08-02 20:16 . 2012-08-02 20:16 4024320 ----a-w- c:\program files\GUT841A.tmp

2012-07-19 07:00 . 2012-04-02 20:01 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-07-19 07:00 . 2011-05-31 16:02 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-07-04 14:02 . 2012-08-25 09:02 2047488 ----a-w- c:\windows\system32\win32k.sys

2012-07-03 18:46 . 2011-12-13 06:03 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-07-03 16:21 . 2010-06-13 07:00 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2012-07-03 16:21 . 2011-12-12 20:10 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2012-07-03 16:21 . 2010-06-13 07:00 353688 ----a-w- c:\windows\system32\drivers\aswSP.sys

2012-07-03 16:21 . 2010-06-13 07:00 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2012-07-03 16:21 . 2010-06-13 07:00 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2012-07-03 16:21 . 2010-06-13 07:00 57656 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2012-07-03 16:21 . 2010-09-10 22:00 41224 ----a-w- c:\windows\avastSS.scr

2012-07-03 16:21 . 2010-06-13 06:59 227648 ----a-w- c:\windows\system32\aswBoot.exe

2012-06-25 21:04 . 2012-06-25 21:04 1394248 ----a-w- c:\windows\system32\msxml4.dll

2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll

2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll

2012-08-05 18:15 . 2011-09-16 00:44 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

2008-06-30 18:44 . 2009-09-11 02:33 324976 ----a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2012-07-03 16:21 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]

2012-07-20 20:17 556376 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]

2012-07-20 20:17 556376 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]

2012-07-20 20:17 556376 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]

2012-07-20 20:17 556376 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2008-04-24 430080]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]

"MusicManager"="c:\users\Owner\AppData\Local\Programs\Google\MusicManager\MusicManager.exe" [2012-08-16 7316480]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-25 39408]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-25 150040]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-25 170520]

"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-25 145944]

"RtHDVCpl"="RtHDVCpl.exe" [2008-04-08 6037504]

"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2008-07-31 417792]

"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-02-06 431456]

"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-11-01 54608]

"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2007-06-16 448080]

"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-03-19 716800]

"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-28 75136]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-07 1029416]

"NDSTray.exe"="NDSTray.exe" [bU]

"ToshibaServiceStation"="c:\program files\TOSHIBA\TOSHIBA Service Station\TSS.exe" [2008-08-04 1242424]

"PCMAgent"="c:\program files\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe" [2007-12-14 143360]

"CLMLServer"="c:\program files\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe" [2008-07-11 188416]

"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]

"osCheck"="c:\program files\Norton 360\osCheck.exe" [2008-02-26 988512]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-11 417792]

"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

"CinemaNowMediaManagerApp"="c:\program files\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe" [2010-01-14 2148848]

"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-16 1164584]

"HTC Sync Loader"="c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2011-01-27 585728]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2009-12-18 40368]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

.

c:\users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2010-4-6 494920]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - COMHOST

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

WindowsMobile REG_MULTI_SZ wcescomm rapimgr

LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

bthsvcs REG_MULTI_SZ BthServ

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

.

Contents of the 'Scheduled Tasks' folder

.

2012-09-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-21 20:07]

.

2012-09-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-21 20:07]

.

2012-09-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1038527918-3062837077-4051479591-1000Core.job

- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-02 17:06]

.

2012-09-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1038527918-3062837077-4051479591-1000UA.job

- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-02 17:06]

.

.

------- Supplementary Scan -------

.

uStart Page = about:blank

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

Trusted Zone: cinemanow.com

TCP: DhcpNameServer = 192.168.254.254

FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6zil0nd0.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=109935&tt=050412_30b&babsrc=HP_ss&mntrId=1254a72700000000000000216b26add0

FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=109935&tt=050412_30b&babsrc=KW_ss&mntrId=1254a72700000000000000216b26add0&q=

FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109935&tt=050412_30b

FF - user.js: extensions.BabylonToolbar_i.babExt -

FF - user.js: extensions.BabylonToolbar_i.srcExt - ss

FF - user.js: extensions.BabylonToolbar_i.id - 1254a72700000000000000216b26add0

FF - user.js: extensions.BabylonToolbar_i.hardId - 1254a72700000000000000216b26add0

FF - user.js: extensions.BabylonToolbar_i.instlDay - 15440

FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1711:34

FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar_i.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.smplGrp - none

FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9

FF - user.js: extensions.BabylonToolbar_i.instlRef - sst

.

- - - - ORPHANS REMOVED - - - -

.

URLSearchHooks-{ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)

WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)

WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)

HKLM-Run-cfFncEnabler.exe - cfFncEnabler.exe

AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-09-05 11:47

Windows 6.0.6002 Service Pack 2 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

HKCU\Software\Microsoft\Windows\CurrentVersion\Run

TOSCDSPD = c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe?/i?????m5uk????h?????????????????

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'Explorer.exe'(4192)

c:\windows\system32\timedate.cpl

.

------------------------ Other Running Processes ------------------------

.

c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

c:\program files\Alwil Software\Avast5\AvastSvc.exe

c:\windows\system32\WLANExt.exe

c:\program files\Common Files\Symantec Shared\ccSvcHst.exe

c:\windows\system32\agrsmsvc.exe

c:\program files\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe

c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe

c:\program files\Intel\WiFi\bin\EvtEng.exe

c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe

c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe

c:\windows\System32\tcpsvcs.exe

c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

c:\program files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe

c:\windows\system32\TODDSrv.exe

c:\program files\Toshiba\Power Saver\TosCoSrv.exe

c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe

c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

c:\program files\Windows Media Player\wmpnetwk.exe

c:\program files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe

c:\windows\RtHDVCpl.exe

c:\windows\system32\igfxsrvc.exe

c:\program files\Toshiba\ConfigFree\NDSTray.exe

c:\program files\Common Files\Symantec Shared\ccSvcHst.exe

c:\windows\system32\wbem\unsecapp.exe

c:\windows\ehome\ehmsas.exe

c:\program files\Synaptics\SynTP\SynTPHelper.exe

c:\program files\Toshiba\ConfigFree\CFSwMgr.exe

c:\windows\servicing\TrustedInstaller.exe

.

**************************************************************************

.

Completion time: 2012-09-05 11:53:53 - machine was rebooted

ComboFix-quarantined-files.txt 2012-09-05 16:53

.

Pre-Run: 118,200,463,360 bytes free

Post-Run: 120,579,829,760 bytes free

.

- - End Of File - - 469184BF2877F59342387E2FD0629AA0

[screen317]

Hi,

I notice that you are using more than one antivirus program (Norton and avast). This is very dangerous, as multiple AVs can interfere with one another and actually allow MORE viruses to get through. I strongly suggest you go to Start -> Control Panel -> Add or Remove Programs and uninstall all but one antivirus program.

Reboot.

Run TFC by OldTimer to clear temporary files:

• Please download TFC from here and save it to your desktop.
  
• Close any open programs and Internet browsers.
  
• Double click TFC.exe to run it and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  
• Please be patient as clearing out temp files may take a while.
  
• Once it completes you may be prompted to restart your computer, please do so.
  
• Once it's finished you may delete TFC.exe from your Desktop or save it for later use for the cleaning of temporary files.
  

• Download the file TDSSKiller.zip and extract it into a folder on the infected PC.
  
• Execute the file TDSSKiller.exe by double-clicking on it.
  
• Wait for the scan and disinfection process to be over.
  
• When its work is over, the utility prompts for a reboot to complete the disinfection.

By default, the utility outputs runtime log into the system disk root directory (the disk where the operating system is installed, C:\ as a rule).

The log is like UtilityName.Version_Date_Time_log.txt.

for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt.

Please post that log here.

Next, please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan.

1. Tick the box next to YES, I accept the Terms of Use.
   
2. Click Start
   
3. When asked, allow the ActiveX control to install
   
4. Click Start
   
5. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
   
6. Click Scan
   Wait for the scan to finish
   
7. Export the threats found (if any), and post them here.
   

Next, please download AdwCleaner by Xplode onto your Desktop.

• Double click on AdwCleaner.exe to run the tool.
  
• Click on Search.
  
• A logfile will automatically open after the scan has finished.
  
• Please post the content of that logfile in your reply.
  
• You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.

Next, download my Security Check from here or here.

• Save it to your Desktop.
  
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.
  

Let me know how things are running now and what issues remain.

-screen317

[ubigred]

I do not use Norton . It is just on the computer.

Secondly, I can not update Windows defender.

[ubigred]

18:22:17.0981 8100 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48

18:22:18.0345 8100 ============================================================

18:22:18.0345 8100 Current date / time: 2012/09/07 18:22:18.0345

18:22:18.0345 8100 SystemInfo:

18:22:18.0345 8100

18:22:18.0345 8100 OS Version: 6.0.6002 ServicePack: 2.0

18:22:18.0345 8100 Product type: Workstation

18:22:18.0345 8100 ComputerName: OWNER-PC

18:22:18.0346 8100 UserName: Owner

18:22:18.0346 8100 Windows directory: C:\Windows

18:22:18.0346 8100 System windows directory: C:\Windows

18:22:18.0346 8100 Processor architecture: Intel x86

18:22:18.0346 8100 Number of processors: 2

18:22:18.0346 8100 Page size: 0x1000

18:22:18.0346 8100 Boot type: Normal boot

18:22:18.0346 8100 ============================================================

18:22:19.0958 8100 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

18:22:19.0963 8100 ============================================================

18:22:19.0963 8100 \Device\Harddisk0\DR0:

18:22:19.0963 8100 MBR partitions:

18:22:19.0963 8100 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1CED7000

18:22:19.0963 8100 ============================================================

18:22:20.0057 8100 C: <-> \Device\Harddisk0\DR0\Partition1

18:22:20.0058 8100 ============================================================

18:22:20.0058 8100 Initialize success

18:22:20.0058 8100 ============================================================

18:23:00.0939 4784 ============================================================

18:23:00.0939 4784 Scan started

18:23:00.0939 4784 Mode: Manual;

18:23:00.0939 4784 ============================================================

18:23:01.0504 4784 ================ Scan system memory ========================

18:23:01.0505 4784 System memory - ok

18:23:01.0505 4784 ================ Scan services =============================

18:23:01.0828 4784 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys

18:23:01.0835 4784 ACPI - ok

18:23:02.0020 4784 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

18:23:02.0032 4784 adp94xx - ok

18:23:02.0084 4784 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys

18:23:02.0093 4784 adpahci - ok

18:23:02.0144 4784 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys

18:23:02.0148 4784 adpu160m - ok

18:23:02.0237 4784 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys

18:23:02.0241 4784 adpu320 - ok

18:23:02.0483 4784 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

18:23:02.0486 4784 AeLookupSvc - ok

18:23:02.0622 4784 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys

18:23:02.0630 4784 AFD - ok

18:23:02.0715 4784 [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe

18:23:02.0718 4784 AgereModemAudio - ok

18:23:02.0811 4784 [ CE91B158FA490CF4C4D487A4130F4660 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys

18:23:02.0886 4784 AgereSoftModem - ok

18:23:02.0928 4784 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys

18:23:02.0931 4784 agp440 - ok

18:23:02.0981 4784 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys

18:23:02.0984 4784 aic78xx - ok

18:23:03.0041 4784 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe

18:23:03.0044 4784 ALG - ok

18:23:03.0117 4784 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys

18:23:03.0119 4784 aliide - ok

18:23:03.0176 4784 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys

18:23:03.0178 4784 amdagp - ok

18:23:03.0225 4784 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys

18:23:03.0227 4784 amdide - ok

18:23:03.0266 4784 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys

18:23:03.0268 4784 AmdK7 - ok

18:23:03.0345 4784 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys

18:23:03.0347 4784 AmdK8 - ok

18:23:03.0431 4784 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll

18:23:03.0434 4784 Appinfo - ok

18:23:03.0471 4784 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys

18:23:03.0474 4784 arc - ok

18:23:03.0525 4784 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys

18:23:03.0528 4784 arcsas - ok

18:23:03.0965 4784 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

18:23:03.0968 4784 aspnet_state - ok

18:23:04.0116 4784 [ 1C1F3D6DDDC046C920C493A779649F66 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys

18:23:04.0117 4784 aswFsBlk - ok

18:23:04.0172 4784 [ A48D8015AF2A0D8B4937613FFBFD28DE ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys

18:23:04.0174 4784 aswMonFlt - ok

18:23:04.0227 4784 [ 982E275D1C5801042FE94209FB0160FB ] aswRdr C:\Windows\system32\drivers\aswRdr.sys

18:23:04.0229 4784 aswRdr - ok

18:23:04.0332 4784 [ 73DBCF808E00580F2A47F93DD9B03876 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys

18:23:04.0344 4784 aswSnx - ok

18:23:04.0371 4784 [ 6CBD7D3A33F498D09C831CDD732DA2E0 ] aswSP C:\Windows\system32\drivers\aswSP.sys

18:23:04.0377 4784 aswSP - ok

18:23:04.0406 4784 [ 7109A9AA551F37CD168C02368465957E ] aswTdi C:\Windows\system32\drivers\aswTdi.sys

18:23:04.0408 4784 aswTdi - ok

18:23:04.0481 4784 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

18:23:04.0483 4784 AsyncMac - ok

18:23:04.0565 4784 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys

18:23:04.0567 4784 atapi - ok

18:23:04.0648 4784 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

18:23:04.0658 4784 AudioEndpointBuilder - ok

18:23:04.0714 4784 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll

18:23:04.0720 4784 Audiosrv - ok

18:23:05.0007 4784 [ 2F7C0F3E39C45E0127FB78B2F18A41F3 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

18:23:05.0009 4784 avast! Antivirus - ok

18:23:05.0226 4784 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys

18:23:05.0227 4784 Beep - ok

18:23:05.0318 4784 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll

18:23:05.0325 4784 BFE - ok

18:23:05.0476 4784 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll

18:23:05.0491 4784 BITS - ok

18:23:05.0564 4784 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys

18:23:05.0566 4784 blbdrive - ok

18:23:05.0637 4784 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys

18:23:05.0639 4784 bowser - ok

18:23:05.0692 4784 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys

18:23:05.0693 4784 BrFiltLo - ok

18:23:05.0706 4784 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys

18:23:05.0708 4784 BrFiltUp - ok

18:23:05.0760 4784 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll

18:23:05.0764 4784 Browser - ok

18:23:06.0025 4784 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys

18:23:06.0028 4784 Brserid - ok

18:23:06.0084 4784 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys

18:23:06.0087 4784 BrSerWdm - ok

18:23:06.0164 4784 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys

18:23:06.0166 4784 BrUsbMdm - ok

18:23:06.0232 4784 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys

18:23:06.0235 4784 BrUsbSer - ok

18:23:06.0258 4784 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys

18:23:06.0260 4784 BTHMODEM - ok

18:23:06.0406 4784 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll

18:23:06.0409 4784 BthServ - ok

18:23:06.0789 4784 catchme - ok

18:23:06.0820 4784 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

18:23:06.0823 4784 cdfs - ok

18:23:06.0953 4784 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

18:23:06.0955 4784 cdrom - ok

18:23:07.0073 4784 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll

18:23:07.0076 4784 CertPropSvc - ok

18:23:07.0194 4784 [ 18C6807598D028725CC8BC33C4182B66 ] CinemaNow Service C:\Program Files\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe

18:23:07.0198 4784 CinemaNow Service - ok

18:23:07.0246 4784 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys

18:23:07.0248 4784 circlass - ok

18:23:07.0337 4784 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys

18:23:07.0345 4784 CLFS - ok

18:23:07.0479 4784 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

18:23:07.0483 4784 clr_optimization_v2.0.50727_32 - ok

18:23:07.0723 4784 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

18:23:07.0729 4784 clr_optimization_v4.0.30319_32 - ok

18:23:07.0842 4784 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

18:23:07.0843 4784 CmBatt - ok

18:23:07.0951 4784 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys

18:23:07.0953 4784 cmdide - ok

18:23:07.0996 4784 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

18:23:07.0998 4784 Compbatt - ok

18:23:08.0008 4784 COMSysApp - ok

18:23:08.0146 4784 [ C508B28B9DA7563634A2A2B2EEF4395D ] ConfigFree Service C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

18:23:08.0149 4784 ConfigFree Service - ok

18:23:08.0160 4784 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

18:23:08.0161 4784 crcdisk - ok

18:23:08.0217 4784 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys

18:23:08.0220 4784 Crusoe - ok

18:23:08.0354 4784 [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc C:\Windows\system32\cryptsvc.dll

18:23:08.0360 4784 CryptSvc - ok

18:23:08.0487 4784 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll

18:23:08.0542 4784 DcomLaunch - ok

18:23:08.0884 4784 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe

18:23:09.0028 4784 DFSR - ok

18:23:09.0077 4784 [ 919F338FD36F47D860775368D0748780 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys

18:23:09.0082 4784 dg_ssudbus - ok

18:23:09.0148 4784 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll

18:23:09.0156 4784 Dhcp - ok

18:23:09.0236 4784 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys

18:23:09.0238 4784 disk - ok

18:23:09.0322 4784 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll

18:23:09.0327 4784 Dnscache - ok

18:23:09.0473 4784 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll

18:23:09.0482 4784 dot3svc - ok

18:23:09.0573 4784 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll

18:23:09.0580 4784 DPS - ok

18:23:09.0617 4784 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

18:23:09.0619 4784 drmkaud - ok

18:23:09.0864 4784 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

18:23:09.0875 4784 DXGKrnl - ok

18:23:10.0216 4784 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys

18:23:10.0220 4784 E1G60 - ok

18:23:10.0325 4784 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll

18:23:10.0330 4784 EapHost - ok

18:23:10.0383 4784 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys

18:23:10.0388 4784 Ecache - ok

18:23:10.0503 4784 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

18:23:10.0512 4784 ehRecvr - ok

18:23:10.0594 4784 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe

18:23:10.0598 4784 ehSched - ok

18:23:10.0626 4784 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll

18:23:10.0628 4784 ehstart - ok

18:23:10.0691 4784 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys

18:23:10.0700 4784 elxstor - ok

18:23:10.0916 4784 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll

18:23:10.0967 4784 EMDMgmt - ok

18:23:11.0063 4784 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys

18:23:11.0065 4784 ErrDev - ok

18:23:11.0138 4784 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll

18:23:11.0147 4784 EventSystem - ok

18:23:11.0290 4784 [ 306AC856622864C761CBDB5E816BB9D8 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe

18:23:11.0390 4784 EvtEng - ok

18:23:11.0444 4784 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys

18:23:11.0449 4784 exfat - ok

18:23:11.0492 4784 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys

18:23:11.0497 4784 fastfat - ok

18:23:11.0573 4784 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys

18:23:11.0575 4784 fdc - ok

18:23:11.0709 4784 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll

18:23:11.0713 4784 fdPHost - ok

18:23:11.0752 4784 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll

18:23:11.0757 4784 FDResPub - ok

18:23:11.0779 4784 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

18:23:11.0781 4784 FileInfo - ok

18:23:11.0826 4784 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys

18:23:11.0828 4784 Filetrace - ok

18:23:12.0282 4784 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

18:23:12.0284 4784 flpydisk - ok

18:23:12.0373 4784 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

18:23:12.0379 4784 FltMgr - ok

18:23:12.0506 4784 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll

18:23:12.0695 4784 FontCache - ok

18:23:12.0796 4784 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

18:23:12.0798 4784 FontCache3.0.0.0 - ok

18:23:12.0922 4784 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

18:23:12.0923 4784 Fs_Rec - ok

18:23:12.0963 4784 [ CBC22823628544735625B280665E434E ] FwLnk C:\Windows\system32\DRIVERS\FwLnk.sys

18:23:12.0965 4784 FwLnk - ok

18:23:13.0010 4784 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

18:23:13.0012 4784 gagp30kx - ok

18:23:13.0190 4784 [ 9DCF7DFE5FDBB0A47F8EE01FE13C2876 ] GameConsoleService C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe

18:23:13.0263 4784 GameConsoleService - ok

18:23:13.0333 4784 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll

18:23:13.0385 4784 gpsvc - ok

18:23:13.0467 4784 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe

18:23:13.0471 4784 gupdate - ok

18:23:13.0490 4784 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe

18:23:13.0492 4784 gupdatem - ok

18:23:13.0588 4784 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

18:23:13.0594 4784 gusvc - ok

18:23:13.0647 4784 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

18:23:13.0654 4784 HdAudAddService - ok

18:23:13.0762 4784 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys

18:23:13.0775 4784 HDAudBus - ok

18:23:13.0825 4784 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys

18:23:13.0827 4784 HidBth - ok

18:23:13.0858 4784 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys

18:23:13.0860 4784 HidIr - ok

18:23:13.0989 4784 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll

18:23:13.0994 4784 hidserv - ok

18:23:14.0047 4784 [ 3C64042B95E583B366BA4E5D2450235E ] HidUsb C:\Windows\system32\drivers\hidusb.sys

18:23:14.0048 4784 HidUsb - ok

18:23:14.0092 4784 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll

18:23:14.0101 4784 hkmsvc - ok

18:23:14.0162 4784 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys

18:23:14.0164 4784 HpCISSs - ok

18:23:14.0288 4784 [ CBD09ED9CF6822177EE85AEA4D8816A2 ] HTCAND32 C:\Windows\system32\Drivers\ANDROIDUSB.sys

18:23:14.0289 4784 HTCAND32 - ok

18:23:14.0361 4784 [ 52395A94C127C0266D1C0F3CCE8A4345 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys

18:23:14.0363 4784 htcnprot - ok

18:23:14.0612 4784 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys

18:23:14.0623 4784 HTTP - ok

18:23:14.0709 4784 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys

18:23:14.0711 4784 i2omp - ok

18:23:14.0851 4784 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys

18:23:14.0853 4784 i8042prt - ok

18:23:14.0900 4784 [ 707C1692214B1C290271067197F075F6 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys

18:23:14.0905 4784 iaStor - ok

18:23:14.0997 4784 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys

18:23:15.0005 4784 iaStorV - ok

18:23:15.0104 4784 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

18:23:15.0109 4784 IDriverT - ok

18:23:15.0213 4784 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

18:23:15.0254 4784 idsvc - ok

18:23:15.0383 4784 [ 6FB1858D1F0923D122B0331865695041 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys

18:23:15.0492 4784 igfx - ok

18:23:15.0612 4784 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys

18:23:15.0613 4784 iirsp - ok

18:23:15.0717 4784 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll

18:23:15.0727 4784 IKEEXT - ok

18:23:15.0897 4784 [ B9CBD3DEA7CA02868621173BF7A2AF9F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys

18:23:15.0926 4784 IntcAzAudAddService - ok

18:23:16.0028 4784 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys

18:23:16.0030 4784 intelide - ok

18:23:16.0059 4784 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

18:23:16.0061 4784 intelppm - ok

18:23:16.0155 4784 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll

18:23:16.0162 4784 IPBusEnum - ok

18:23:16.0193 4784 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

18:23:16.0195 4784 IpFilterDriver - ok

18:23:16.0278 4784 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

18:23:16.0288 4784 iphlpsvc - ok

18:23:16.0300 4784 IpInIp - ok

18:23:16.0349 4784 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys

18:23:16.0352 4784 IPMIDRV - ok

18:23:16.0391 4784 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys

18:23:16.0395 4784 IPNAT - ok

18:23:16.0434 4784 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

18:23:16.0436 4784 IRENUM - ok

18:23:16.0460 4784 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys

18:23:16.0463 4784 isapnp - ok

18:23:16.0575 4784 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys

18:23:16.0582 4784 iScsiPrt - ok

18:23:16.0599 4784 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys

18:23:16.0601 4784 iteatapi - ok

18:23:16.0614 4784 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys

18:23:16.0616 4784 iteraid - ok

18:23:16.0661 4784 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

18:23:16.0663 4784 kbdclass - ok

18:23:16.0674 4784 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

18:23:16.0676 4784 kbdhid - ok

18:23:16.0822 4784 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe

18:23:16.0828 4784 KeyIso - ok

18:23:16.0889 4784 [ E8CA038F51F7761BD6E3A3B0B8014263 ] KR10I C:\Windows\system32\drivers\kr10i.sys

18:23:16.0896 4784 KR10I - ok

18:23:16.0938 4784 [ 6A4ADB9186DD0E114E623DAF57E42B31 ] KR10N C:\Windows\system32\drivers\kr10n.sys

18:23:16.0945 4784 KR10N - ok

18:23:17.0034 4784 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

18:23:17.0055 4784 KSecDD - ok

18:23:17.0115 4784 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll

18:23:17.0293 4784 KtmRm - ok

18:23:17.0346 4784 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll

18:23:17.0359 4784 LanmanServer - ok

18:23:17.0448 4784 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

18:23:17.0504 4784 LanmanWorkstation - ok

18:23:17.0545 4784 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

18:23:17.0548 4784 lltdio - ok

18:23:17.0656 4784 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll

18:23:17.0667 4784 lltdsvc - ok

18:23:17.0695 4784 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll

18:23:17.0702 4784 lmhosts - ok

18:23:17.0753 4784 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

18:23:17.0757 4784 LSI_FC - ok

18:23:17.0769 4784 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

18:23:17.0774 4784 LSI_SAS - ok

18:23:17.0842 4784 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

18:23:17.0845 4784 LSI_SCSI - ok

18:23:17.0876 4784 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys

18:23:17.0879 4784 luafv - ok

18:23:18.0017 4784 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

18:23:18.0025 4784 Mcx2Svc - ok

18:23:18.0052 4784 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys

18:23:18.0054 4784 megasas - ok

18:23:18.0127 4784 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys

18:23:18.0139 4784 MegaSR - ok

18:23:18.0309 4784 [ 7C4C76B39D5525C4A465E0BE32528E19 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe

18:23:18.0362 4784 Microsoft Office Groove Audit Service - ok

18:23:18.0390 4784 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll

18:23:18.0398 4784 MMCSS - ok

18:23:18.0556 4784 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys

18:23:18.0558 4784 Modem - ok

18:23:18.0588 4784 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys

18:23:18.0590 4784 monitor - ok

18:23:18.0685 4784 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

18:23:18.0687 4784 mouclass - ok

18:23:18.0720 4784 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\drivers\mouhid.sys

18:23:18.0722 4784 mouhid - ok

18:23:18.0748 4784 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys

18:23:18.0751 4784 MountMgr - ok

18:23:18.0923 4784 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

18:23:18.0927 4784 MozillaMaintenance - ok

18:23:19.0042 4784 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys

18:23:19.0046 4784 mpio - ok

18:23:19.0079 4784 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

18:23:19.0083 4784 mpsdrv - ok

18:23:19.0163 4784 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll

18:23:19.0171 4784 MpsSvc - ok

18:23:19.0210 4784 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys

18:23:19.0212 4784 Mraid35x - ok

18:23:19.0261 4784 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

18:23:19.0263 4784 MRxDAV - ok

18:23:19.0311 4784 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

18:23:19.0314 4784 mrxsmb - ok

18:23:19.0345 4784 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

18:23:19.0349 4784 mrxsmb10 - ok

18:23:19.0372 4784 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

18:23:19.0374 4784 mrxsmb20 - ok

18:23:19.0424 4784 [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci C:\Windows\system32\drivers\msahci.sys

18:23:19.0426 4784 msahci - ok

18:23:19.0451 4784 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys

18:23:19.0454 4784 msdsm - ok

18:23:19.0480 4784 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe

18:23:19.0487 4784 MSDTC - ok

18:23:19.0521 4784 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys

18:23:19.0523 4784 Msfs - ok

18:23:19.0582 4784 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

18:23:19.0583 4784 msisadrv - ok

18:23:19.0728 4784 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

18:23:19.0733 4784 MSiSCSI - ok

18:23:19.0740 4784 msiserver - ok

18:23:19.0797 4784 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

18:23:19.0798 4784 MSKSSRV - ok

18:23:19.0808 4784 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

18:23:19.0853 4784 MSPCLOCK - ok

18:23:19.0889 4784 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

18:23:19.0892 4784 MSPQM - ok

18:23:19.0942 4784 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

18:23:19.0947 4784 MsRPC - ok

18:23:20.0005 4784 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys

18:23:20.0007 4784 mssmbios - ok

18:23:20.0042 4784 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

18:23:20.0045 4784 MSTEE - ok

18:23:20.0522 4784 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys

18:23:20.0525 4784 Mup - ok

18:23:20.0788 4784 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll

18:23:20.0809 4784 napagent - ok

18:23:20.0910 4784 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

18:23:20.0916 4784 NativeWifiP - ok

18:23:21.0037 4784 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys

18:23:21.0068 4784 NDIS - ok

18:23:21.0107 4784 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

18:23:21.0110 4784 NdisTapi - ok

18:23:21.0157 4784 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

18:23:21.0159 4784 Ndisuio - ok

18:23:21.0230 4784 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

18:23:21.0235 4784 NdisWan - ok

18:23:21.0257 4784 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

18:23:21.0261 4784 NDProxy - ok

18:23:21.0324 4784 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

18:23:21.0327 4784 NetBIOS - ok

18:23:21.0394 4784 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys

18:23:21.0400 4784 netbt - ok

18:23:21.0424 4784 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe

18:23:21.0431 4784 Netlogon - ok

18:23:21.0488 4784 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll

18:23:21.0510 4784 Netman - ok

18:23:21.0566 4784 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

18:23:21.0573 4784 NetMsmqActivator - ok

18:23:21.0583 4784 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

18:23:21.0588 4784 NetPipeActivator - ok

18:23:21.0619 4784 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll

18:23:21.0641 4784 netprofm - ok

18:23:21.0686 4784 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

18:23:21.0691 4784 NetTcpActivator - ok

18:23:21.0714 4784 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

18:23:21.0718 4784 NetTcpPortSharing - ok

18:23:21.0991 4784 [ E559EA9138C77B5D1FDA8C558764A25F ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys

18:23:22.0144 4784 NETw5v32 - ok

18:23:22.0182 4784 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

18:23:22.0185 4784 nfrd960 - ok

18:23:22.0340 4784 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll

18:23:22.0351 4784 NlaSvc - ok

18:23:22.0526 4784 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys

18:23:22.0529 4784 Npfs - ok

18:23:22.0588 4784 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll

18:23:22.0596 4784 nsi - ok

18:23:22.0607 4784 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

18:23:22.0608 4784 nsiproxy - ok

18:23:22.0746 4784 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

18:23:22.0774 4784 Ntfs - ok

18:23:22.0831 4784 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys

18:23:22.0833 4784 ntrigdigi - ok

18:23:22.0847 4784 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys

18:23:22.0849 4784 Null - ok

18:23:22.0856 4784 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys

18:23:22.0859 4784 nvraid - ok

18:23:22.0867 4784 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys

18:23:22.0869 4784 nvstor - ok

18:23:22.0919 4784 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

18:23:22.0922 4784 nv_agp - ok

18:23:22.0931 4784 NwlnkFlt - ok

18:23:22.0938 4784 NwlnkFwd - ok

18:23:23.0130 4784 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

18:23:23.0138 4784 odserv - ok

18:23:23.0285 4784 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys

18:23:23.0286 4784 ohci1394 - ok

18:23:23.0362 4784 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

18:23:23.0474 4784 ose - ok

18:23:23.0551 4784 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll

18:23:23.0582 4784 p2pimsvc - ok

18:23:23.0594 4784 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll

18:23:23.0601 4784 p2psvc - ok

18:23:23.0701 4784 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys

18:23:23.0704 4784 Parport - ok

18:23:23.0827 4784 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys

18:23:23.0829 4784 partmgr - ok

18:23:23.0943 4784 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys

18:23:23.0945 4784 Parvdm - ok

18:23:24.0102 4784 [ 5FBCC9EEEFACA3019D5BD5979618F298 ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe

18:23:24.0105 4784 PassThru Service - ok

18:23:24.0189 4784 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll

18:23:24.0198 4784 PcaSvc - ok

18:23:24.0248 4784 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys

18:23:24.0253 4784 pci - ok

18:23:24.0329 4784 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\DRIVERS\pciide.sys

18:23:24.0332 4784 pciide - ok

18:23:24.0377 4784 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys

18:23:24.0384 4784 pcmcia - ok

18:23:24.0545 4784 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys

18:23:24.0601 4784 PEAUTH - ok

18:23:24.0722 4784 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll

18:23:24.0799 4784 pla - ok

18:23:24.0876 4784 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll

18:23:24.0896 4784 PlugPlay - ok

18:23:24.0952 4784 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll

18:23:24.0981 4784 PNRPAutoReg - ok

18:23:25.0002 4784 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll

18:23:25.0009 4784 PNRPsvc - ok

18:23:25.0136 4784 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

18:23:25.0144 4784 PolicyAgent - ok

18:23:25.0290 4784 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

18:23:25.0292 4784 PptpMiniport - ok

18:23:25.0323 4784 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys

18:23:25.0326 4784 Processor - ok

18:23:25.0443 4784 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll

18:23:25.0449 4784 ProfSvc - ok

18:23:25.0493 4784 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe

18:23:25.0496 4784 ProtectedStorage - ok

18:23:25.0627 4784 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys

18:23:25.0630 4784 PSched - ok

18:23:25.0675 4784 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys

18:23:25.0676 4784 PxHelp20 - ok

18:23:25.0732 4784 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys

18:23:25.0784 4784 ql2300 - ok

18:23:25.0940 4784 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

18:23:25.0945 4784 ql40xx - ok

18:23:26.0026 4784 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll

18:23:26.0050 4784 QWAVE - ok

18:23:26.0128 4784 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

18:23:26.0131 4784 QWAVEdrv - ok

18:23:26.0228 4784 [ 8F97D374AD1857E1EED85A79F29A1D3D ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll

18:23:26.0234 4784 RapiMgr - ok

18:23:26.0277 4784 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

18:23:26.0280 4784 RasAcd - ok

18:23:26.0325 4784 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll

18:23:26.0340 4784 RasAuto - ok

18:23:26.0390 4784 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

18:23:26.0394 4784 Rasl2tp - ok

18:23:26.0429 4784 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll

18:23:26.0452 4784 RasMan - ok

18:23:26.0487 4784 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

18:23:26.0490 4784 RasPppoe - ok

18:23:26.0587 4784 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

18:23:26.0589 4784 RasSstp - ok

18:23:26.0620 4784 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

18:23:26.0625 4784 rdbss - ok

18:23:26.0662 4784 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

18:23:26.0663 4784 RDPCDD - ok

18:23:26.0721 4784 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys

18:23:26.0726 4784 rdpdr - ok

18:23:26.0732 4784 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

18:23:26.0733 4784 RDPENCDD - ok

18:23:26.0805 4784 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

18:23:26.0810 4784 RDPWD - ok

18:23:26.0897 4784 [ B33C88DF3588ACF250B87A004526C31A ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

18:23:26.0910 4784 RegSrvc - ok

18:23:26.0999 4784 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll

18:23:27.0004 4784 RemoteAccess - ok

18:23:27.0094 4784 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll

18:23:27.0100 4784 RemoteRegistry - ok

18:23:27.0216 4784 [ C2EF513BBE069F0D4EE0938A76F975D3 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys

18:23:27.0218 4784 rimmptsk - ok

18:23:27.0280 4784 [ C398BCA91216755B098679A8DA8A2300 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys

18:23:27.0282 4784 rimsptsk - ok

18:23:27.0310 4784 [ 2A2554CB24506E0A0508FC395C4A1B42 ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys

18:23:27.0312 4784 rismxdp - ok

18:23:27.0351 4784 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe

18:23:27.0356 4784 RpcLocator - ok

18:23:27.0430 4784 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll

18:23:27.0442 4784 RpcSs - ok

18:23:27.0485 4784 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

18:23:27.0487 4784 rspndr - ok

18:23:27.0527 4784 [ 7157E70A90CCE49DEB8885D23A073A39 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys

18:23:27.0532 4784 RTL8169 - ok

18:23:27.0761 4784 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe

18:23:27.0767 4784 SamSs - ok

18:23:27.0897 4784 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

18:23:27.0901 4784 sbp2port - ok

18:23:28.0005 4784 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll

18:23:28.0010 4784 SCardSvr - ok

18:23:28.0123 4784 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll

18:23:28.0153 4784 Schedule - ok

18:23:28.0208 4784 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll

18:23:28.0209 4784 SCPolicySvc - ok

18:23:28.0295 4784 [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys

18:23:28.0299 4784 sdbus - ok

18:23:28.0338 4784 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll

18:23:28.0344 4784 SDRSVC - ok

18:23:28.0387 4784 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys

18:23:28.0388 4784 secdrv - ok

18:23:28.0405 4784 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll

18:23:28.0409 4784 seclogon - ok

18:23:28.0419 4784 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll

18:23:28.0424 4784 SENS - ok

18:23:28.0441 4784 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys

18:23:28.0442 4784 Serenum - ok

18:23:28.0462 4784 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys

18:23:28.0465 4784 Serial - ok

18:23:28.0470 4784 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys

18:23:28.0472 4784 sermouse - ok

18:23:28.0501 4784 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll

18:23:28.0507 4784 SessionEnv - ok

18:23:28.0540 4784 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys

18:23:28.0542 4784 sffdisk - ok

18:23:28.0561 4784 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

18:23:28.0563 4784 sffp_mmc - ok

18:23:28.0636 4784 [ 9F66A46C55D6F1CCABC79BB7AFCCC545 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys

18:23:28.0638 4784 sffp_sd - ok

18:23:28.0645 4784 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys

18:23:28.0647 4784 sfloppy - ok

18:23:28.0778 4784 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll

18:23:28.0788 4784 SharedAccess - ok

18:23:28.0915 4784 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

18:23:28.0931 4784 ShellHWDetection - ok

18:23:29.0008 4784 [ A275FBB7C99458C12E088DFF3E58EB4D ] simptcp C:\Windows\System32\tcpsvcs.exe

18:23:29.0018 4784 simptcp - ok

18:23:29.0262 4784 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys

18:23:29.0266 4784 sisagp - ok

18:23:29.0277 4784 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys

18:23:29.0282 4784 SiSRaid2 - ok

18:23:29.0296 4784 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

18:23:29.0302 4784 SiSRaid4 - ok

18:23:29.0541 4784 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe

18:23:29.0699 4784 slsvc - ok

18:23:29.0750 4784 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll

18:23:29.0755 4784 SLUINotify - ok

18:23:29.0802 4784 [ 3566310DF25EA5C3B2E9F50F5B50EAC1 ] SmartFaceVWatchSrv C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe

18:23:29.0803 4784 SmartFaceVWatchSrv - ok

18:23:30.0023 4784 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys

18:23:30.0026 4784 Smb - ok

18:23:30.0103 4784 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe

18:23:30.0107 4784 SNMPTRAP - ok

18:23:30.0145 4784 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys

18:23:30.0146 4784 spldr - ok

18:23:30.0193 4784 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe

18:23:30.0199 4784 Spooler - ok

18:23:30.0365 4784 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys

18:23:30.0371 4784 srv - ok

18:23:30.0414 4784 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

18:23:30.0419 4784 srv2 - ok

18:23:30.0701 4784 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

18:23:30.0706 4784 srvnet - ok

18:23:30.0898 4784 [ D5DFFEAA1E15D4EFFABB9D9A3068AC5B ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys

18:23:30.0902 4784 sscdbus - ok

18:23:31.0021 4784 [ 8A1BE0C347814F482F493AEA619D57F6 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys

18:23:31.0024 4784 sscdmdfl - ok

18:23:31.0288 4784 [ 5AB0B1987F682A59B15B78F84C6AD7D0 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys

18:23:31.0293 4784 sscdmdm - ok

18:23:31.0428 4784 [ 751E66EB32EFA80633B80F5D7FF0A1D8 ] sscdserd C:\Windows\system32\DRIVERS\sscdserd.sys

18:23:31.0433 4784 sscdserd - ok

18:23:31.0552 4784 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

18:23:31.0567 4784 SSDPSRV - ok

18:23:31.0679 4784 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll

18:23:31.0692 4784 SstpSvc - ok

18:23:31.0806 4784 [ 8F299012EF58246F1C98DE7B7E48DBF0 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys

18:23:31.0813 4784 ssudmdm - ok

18:23:32.0341 4784 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll

18:23:32.0530 4784 stisvc - ok

18:23:32.0551 4784 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys

18:23:32.0553 4784 swenum - ok

18:23:32.0700 4784 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll

18:23:32.0734 4784 swprv - ok

18:23:32.0789 4784 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys

18:23:32.0792 4784 Symc8xx - ok

18:23:32.0888 4784 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys

18:23:32.0892 4784 Sym_hi - ok

18:23:32.0903 4784 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys

18:23:32.0910 4784 Sym_u3 - ok

18:23:33.0028 4784 [ 55F6E55CC2430CA8713387106FA79817 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys

18:23:33.0033 4784 SynTP - ok

18:23:33.0165 4784 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll

18:23:33.0233 4784 SysMain - ok

18:23:33.0297 4784 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll

18:23:33.0309 4784 TabletInputService - ok

18:23:33.0362 4784 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll

18:23:33.0407 4784 TapiSrv - ok

18:23:33.0441 4784 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll

18:23:33.0452 4784 TBS - ok

18:23:33.0643 4784 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

18:23:33.0701 4784 Tcpip - ok

18:23:33.0806 4784 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys

18:23:33.0822 4784 Tcpip6 - ok

18:23:33.0976 4784 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

18:23:33.0979 4784 tcpipreg - ok

18:23:34.0080 4784 [ 6FDFBA25002CE4BAC463AC866AE71405 ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys

18:23:34.0083 4784 tdcmdpst - ok

18:23:34.0217 4784 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

18:23:34.0220 4784 TDPIPE - ok

18:23:34.0299 4784 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

18:23:34.0302 4784 TDTCP - ok

18:23:34.0374 4784 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

18:23:34.0379 4784 tdx - ok

18:23:34.0414 4784 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys

18:23:34.0417 4784 TermDD - ok

18:23:34.0506 4784 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll

18:23:34.0527 4784 TermService - ok

18:23:34.0562 4784 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll

18:23:34.0576 4784 Themes - ok

18:23:34.0811 4784 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll

18:23:34.0818 4784 THREADORDER - ok

18:23:34.0908 4784 [ E09CAAFB2B323A6FF120CEFB96DA0A44 ] TMachInfo C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

18:23:34.0910 4784 TMachInfo - ok

18:23:34.0955 4784 [ 89F74C86523F5E334628DBCE66E6D165 ] TNaviSrv C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe

18:23:34.0960 4784 TNaviSrv - ok

18:23:34.0985 4784 [ C5AC715B65B01788ABC22D10749DDDD8 ] TODDSrv C:\Windows\system32\TODDSrv.exe

18:23:34.0998 4784 TODDSrv - ok

18:23:35.0125 4784 [ 44DBAC611B11646683B5B066A049B8E4 ] TosCoSrv C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe

18:23:35.0137 4784 TosCoSrv - ok

18:23:35.0226 4784 [ 8E10E654E354CF330ED75882769A0107 ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

18:23:35.0231 4784 TOSHIBA Bluetooth Service - ok

18:23:35.0274 4784 [ 22690DFFC7F2A18279A7A0489AA02BAC ] TOSHIBA SMART Log Service C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe

18:23:35.0278 4784 TOSHIBA SMART Log Service - ok

18:23:35.0320 4784 Tosrfcom - ok

18:23:35.0402 4784 [ 5C4103544612E5011EF46301B93D1AA6 ] tosrfec C:\Windows\system32\DRIVERS\tosrfec.sys

18:23:35.0405 4784 tosrfec - ok

18:23:35.0466 4784 [ 4399A9BF7D8F49991A07FD86590A1619 ] tos_sps32 C:\Windows\system32\DRIVERS\tos_sps32.sys

18:23:35.0474 4784 tos_sps32 - ok

18:23:35.0672 4784 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll

18:23:35.0679 4784 TrkWks - ok

18:23:35.0796 4784 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

18:23:35.0797 4784 TrustedInstaller - ok

18:23:35.0887 4784 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

18:23:35.0890 4784 tssecsrv - ok

18:23:35.0958 4784 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys

18:23:35.0961 4784 tunmp - ok

18:23:36.0020 4784 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

18:23:36.0023 4784 tunnel - ok

18:23:36.0398 4784 [ 792A8B80F8188ABA4B2BE271583F3E46 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS

18:23:36.0401 4784 TVALZ - ok

18:23:36.0485 4784 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys

18:23:36.0489 4784 uagp35 - ok

18:23:36.0559 4784 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

18:23:36.0569 4784 udfs - ok

18:23:36.0668 4784 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe

18:23:36.0679 4784 UI0Detect - ok

18:23:36.0843 4784 [ 332D341D92B933600D41953B08360DFB ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

18:23:36.0845 4784 UleadBurningHelper - ok

18:23:36.0940 4784 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

18:23:36.0944 4784 uliagpkx - ok

18:23:36.0972 4784 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys

18:23:36.0981 4784 uliahci - ok

18:23:37.0045 4784 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys

18:23:37.0050 4784 UlSata - ok

18:23:37.0148 4784 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys

18:23:37.0153 4784 ulsata2 - ok

18:23:37.0219 4784 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

18:23:37.0223 4784 umbus - ok

18:23:37.0299 4784 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll

18:23:37.0315 4784 upnphost - ok

18:23:37.0424 4784 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

18:23:37.0428 4784 usbccgp - ok

18:23:37.0480 4784 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys

18:23:37.0509 4784 usbcir - ok

18:23:37.0582 4784 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

18:23:37.0585 4784 usbehci - ok

18:23:37.0662 4784 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

18:23:37.0666 4784 usbhub - ok

18:23:37.0740 4784 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys

18:23:37.0742 4784 usbohci - ok

18:23:37.0851 4784 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

18:23:37.0852 4784 usbprint - ok

18:23:37.0973 4784 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

18:23:37.0975 4784 usbscan - ok

18:23:38.0334 4784 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

18:23:38.0337 4784 USBSTOR - ok

18:23:38.0538 4784 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys

18:23:38.0541 4784 usbuhci - ok

18:23:38.0600 4784 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys

18:23:38.0607 4784 usbvideo - ok

18:23:38.0694 4784 [ 35C9095FA7076466AFBFC5B9EC4B779E ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys

18:23:38.0719 4784 usb_rndisx - ok

18:23:38.0752 4784 [ 237C444FBD1C697A2E3FA60F02C61F22 ] UVCFTR C:\Windows\system32\Drivers\UVCFTR_S.SYS

18:23:38.0755 4784 UVCFTR - ok

18:23:38.0874 4784 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll

18:23:38.0886 4784 UxSms - ok

18:23:39.0222 4784 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe

18:23:39.0256 4784 vds - ok

18:23:39.0344 4784 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

18:23:39.0346 4784 vga - ok

18:23:39.0375 4784 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys

18:23:39.0377 4784 VgaSave - ok

18:23:39.0463 4784 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys

18:23:39.0465 4784 viaagp - ok

18:23:39.0538 4784 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys

18:23:39.0539 4784 ViaC7 - ok

18:23:39.0557 4784 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys

18:23:39.0558 4784 viaide - ok

18:23:39.0599 4784 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys

18:23:39.0601 4784 volmgr - ok

18:23:39.0711 4784 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

18:23:39.0718 4784 volmgrx - ok

18:23:39.0757 4784 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys

18:23:39.0763 4784 volsnap - ok

18:23:39.0882 4784 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

18:23:39.0889 4784 vsmraid - ok

18:23:39.0963 4784 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe

18:23:40.0039 4784 VSS - ok

18:23:40.0302 4784 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll

18:23:40.0325 4784 W32Time - ok

18:23:40.0477 4784 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys

18:23:40.0481 4784 WacomPen - ok

18:23:40.0747 4784 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys

18:23:40.0751 4784 Wanarp - ok

18:23:40.0760 4784 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

18:23:40.0764 4784 Wanarpv6 - ok

18:23:40.0816 4784 [ 59E19BD13C3BDB857646B9E436BA27F7 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll

18:23:40.0828 4784 WcesComm - ok

18:23:40.0917 4784 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll

18:23:40.0993 4784 wcncsvc - ok

18:23:41.0042 4784 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

18:23:41.0054 4784 WcsPlugInService - ok

18:23:41.0169 4784 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys

18:23:41.0172 4784 Wd - ok

18:23:41.0246 4784 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

18:23:41.0268 4784 Wdf01000 - ok

18:23:41.0315 4784 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll

18:23:41.0328 4784 WdiServiceHost - ok

18:23:41.0337 4784 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll

18:23:41.0350 4784 WdiSystemHost - ok

18:23:41.0433 4784 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll

18:23:41.0463 4784 WebClient - ok

18:23:41.0537 4784 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll

18:23:41.0593 4784 Wecsvc - ok

18:23:41.0672 4784 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll

18:23:41.0684 4784 wercplsupport - ok

18:23:41.0727 4784 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll

18:23:41.0741 4784 WerSvc - ok

18:23:42.0131 4784 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll

18:23:42.0142 4784 WinDefend - ok

18:23:42.0166 4784 WinHttpAutoProxySvc - ok

18:23:42.0439 4784 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

18:23:42.0443 4784 Winmgmt - ok

18:23:42.0560 4784 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll

18:23:42.0616 4784 WinRM - ok

18:23:42.0730 4784 [ 676F4B665BDD8053EAA53AC1695B8074 ] winusb C:\Windows\system32\DRIVERS\winusb.sys

18:23:42.0734 4784 winusb - ok

18:23:42.0895 4784 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll

18:23:42.0951 4784 Wlansvc - ok

18:23:43.0038 4784 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

18:23:43.0042 4784 WmiAcpi - ok

18:23:43.0107 4784 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

18:23:43.0113 4784 wmiApSrv - ok

18:23:43.0298 4784 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe

18:23:43.0353 4784 WMPNetworkSvc - ok

18:23:43.0505 4784 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll

18:23:43.0519 4784 WPCSvc - ok

18:23:43.0783 4784 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

18:23:43.0798 4784 WPDBusEnum - ok

18:23:43.0976 4784 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys

18:23:43.0979 4784 WpdUsb - ok

18:23:44.0176 4784 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

18:23:44.0209 4784 WPFFontCache_v0400 - ok

18:23:44.0309 4784 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

18:23:44.0312 4784 ws2ifsl - ok

18:23:44.0358 4784 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll

18:23:44.0371 4784 wscsvc - ok

18:23:44.0381 4784 WSearch - ok

18:23:44.0519 4784 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll

18:23:44.0674 4784 wuauserv - ok

18:23:44.0743 4784 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

18:23:44.0777 4784 WUDFRd - ok

18:23:44.0827 4784 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll

18:23:44.0840 4784 wudfsvc - ok

18:23:44.0917 4784 ================ Scan global ===============================

18:23:45.0051 4784 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll

18:23:45.0184 4784 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll

18:23:45.0317 4784 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll

18:23:45.0507 4784 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe

18:23:45.0515 4784 [Global] - ok

18:23:45.0516 4784 ================ Scan MBR ==================================

18:23:45.0544 4784 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0

18:23:46.0538 4784 \Device\Harddisk0\DR0 - ok

18:23:46.0538 4784 ================ Scan VBR ==================================

18:23:46.0600 4784 [ 0A1E9194AE4B1B0EBD941452D274F7C2 ] \Device\Harddisk0\DR0\Partition1

18:23:46.0602 4784 \Device\Harddisk0\DR0\Partition1 - ok

18:23:46.0602 4784 ============================================================

18:23:46.0602 4784 Scan finished

18:23:46.0602 4784 ============================================================

18:23:46.0615 5608 Detected object count: 0

18:23:46.0615 5608 Actual detected object count: 0

[ubigred]

C:\Documents and Settings\Owner\Desktop\GS3\Photo.zip Win32/TrojanDownloader.Agent.RAG trojan deleted - quarantined

C:\Documents and Settings\Owner\Desktop\GS3\BoatDownload\com.nanoha.SenseScreen-2.3.apk a variant of Android/Adware.AirPush.C application deleted - quarantined

C:\Documents and Settings\Owner\Desktop\GS3\download\PicDial160.apk Android/Adware.AirPush.A application deleted - quarantined

C:\Documents and Settings\Owner\Desktop\GS3-2\Photo.zip Win32/TrojanDownloader.Agent.RAG trojan deleted - quarantined

C:\Documents and Settings\Owner\Desktop\GS3-2\BoatDownload\com.nanoha.SenseScreen-2.3.apk a variant of Android/Adware.AirPush.C application deleted - quarantined

C:\Documents and Settings\Owner\Desktop\GS3-2\download\PicDial160.apk Android/Adware.AirPush.A application deleted - quarantined

C:\Documents and Settings\Owner\Desktop\GS3-2\external_sd\rerware\MyBackup\AllAppsBackups\Schedule\Apps\com.nanoha.SenseScreen_27.apk a variant of Android/Adware.AirPush.C application deleted - quarantined

C:\Documents and Settings\Owner\Desktop\GS3-2\external_sd\rerware\MyBackup\AllAppsBackups\Schedule\Apps\great.app.luck_22.apk a variant of Android/Adware.AirPush.C application deleted - quarantined

[ubigred]

# AdwCleaner v2.000 - Logfile created 09/07/2012 at 23:06:48

# Updated 30/08/2012 by Xplode

# Operating system : Windows Vista Home Premium Service Pack 2 (32 bits)

# User : Owner - OWNER-PC

# Boot Mode : Normal

# Running from : C:\Users\Owner\Downloads\adwcleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

File Found : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml

File Found : C:\user.js

Folder Found : C:\ProgramData\Babylon

Folder Found : C:\Users\Owner\AppData\Local\Babylon

Folder Found : C:\Users\Owner\AppData\LocalLow\BabylonToolbar

Folder Found : C:\Users\Owner\AppData\LocalLow\Vuze_Remote

Folder Found : C:\Users\Owner\AppData\Roaming\Babylon

Folder Found : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6zil0nd0.default\ConduitCommon

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\AskToolbar

Key Found : HKCU\Software\Ask.com

Key Found : HKCU\Software\Conduit

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}

Key Found : HKLM\Software\Babylon

Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Key Found : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}

Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine

Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2504091

Key Found : HKLM\Software\Conduit

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF

Key Found : HKU\S-1-5-21-1038527918-3062837077-4051479591-1000\Software\Microsoft\Internet Explorer\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}

Key Found : HKU\S-1-5-21-1038527918-3062837077-4051479591-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default

File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6zil0nd0.default\prefs.js

Found : user_pref("CT2504091..clientLogIsEnabled", true);

Found : user_pref("CT2504091..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]

Found : user_pref("CT2504091..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]

Found : user_pref("CT2504091.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");

Found : user_pref("CT2504091.BrowserCompStateIsOpen_129566938558801595", true);

Found : user_pref("CT2504091.CTID", "CT2504091");

Found : user_pref("CT2504091.CurrentServerDate", "28-11-2011");

Found : user_pref("CT2504091.DSInstall", true);

Found : user_pref("CT2504091.DialogsAlignMode", "LTR");

Found : user_pref("CT2504091.DialogsGetterLastCheckTime", "Sat Nov 26 2011 11:32:16 GMT-0600 (Central Standa[...]

Found : user_pref("CT2504091.DownloadReferralCookieData", "");

Found : user_pref("CT2504091.EMailNotifierPollDate", "Mon Oct 31 2011 14:14:16 GMT-0500 (Central Daylight Ti[...]

Found : user_pref("CT2504091.FeedLastCount129079840422964131", 11);

Found : user_pref("CT2504091.FeedPollDate128891351169457140", "Mon Nov 28 2011 02:59:14 GMT-0600 (Central St[...]

Found : user_pref("CT2504091.FeedPollDate129079840422964131", "Mon Oct 31 2011 14:14:17 GMT-0500 (Central Da[...]

Found : user_pref("CT2504091.FeedTTL128891351169457140", 40);

Found : user_pref("CT2504091.FirstServerDate", "31-10-2011");

Found : user_pref("CT2504091.FirstTime", true);

Found : user_pref("CT2504091.FirstTimeFF3", true);

Found : user_pref("CT2504091.FixPageNotFoundErrors", true);

Found : user_pref("CT2504091.GroupingServerCheckInterval", 1440);

Found : user_pref("CT2504091.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");

Found : user_pref("CT2504091.HPInstall", false);

Found : user_pref("CT2504091.HasUserGlobalKeys", true);

Found : user_pref("CT2504091.HomePageProtectorEnabled", false);

Found : user_pref("CT2504091.HomepageBeforeUnload", "chrome://branding/locale/browserconfig.properties");

Found : user_pref("CT2504091.Initialize", true);

Found : user_pref("CT2504091.InitializeCommonPrefs", true);

Found : user_pref("CT2504091.InstallationAndCookieDataSentCount", 3);

Found : user_pref("CT2504091.InstallationType", "ConduitIntegration");

Found : user_pref("CT2504091.InstalledDate", "Mon Oct 31 2011 14:14:16 GMT-0500 (Central Daylight Time)");

Found : user_pref("CT2504091.IsAlertDBUpdated", true);

Found : user_pref("CT2504091.IsGrouping", false);

Found : user_pref("CT2504091.IsInitSetupIni", true);

Found : user_pref("CT2504091.IsMulticommunity", false);

Found : user_pref("CT2504091.IsOpenThankYouPage", false);

Found : user_pref("CT2504091.IsOpenUninstallPage", false);

Found : user_pref("CT2504091.LanguagePackLastCheckTime", "Mon Nov 28 2011 01:24:03 GMT-0600 (Central Standar[...]

Found : user_pref("CT2504091.LanguagePackReloadIntervalMM", 1440);

Found : user_pref("CT2504091.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]

Found : user_pref("CT2504091.LastLogin_3.7.0.6", "Sun Nov 27 2011 22:23:44 GMT-0600 (Central Standard Time)"[...]

Found : user_pref("CT2504091.LatestVersion", "3.8.0.8");

Found : user_pref("CT2504091.Locale", "en-us");

Found : user_pref("CT2504091.MCDetectTooltipHeight", "83");

Found : user_pref("CT2504091.MCDetectTooltipShow", false);

Found : user_pref("CT2504091.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");

Found : user_pref("CT2504091.MCDetectTooltipWidth", "295");

Found : user_pref("CT2504091.MyStuffEnabledAtInstallation", true);

Found : user_pref("CT2504091.OriginalFirstVersion", "3.7.0.6");

Found : user_pref("CT2504091.SearchCaption", "Web Search");

Found : user_pref("CT2504091.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");

Found : user_pref("CT2504091.SearchFromAddressBarIsInit", true);

Found : user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT250[...]

Found : user_pref("CT2504091.SearchInNewTabEnabled", true);

Found : user_pref("CT2504091.SearchInNewTabIntervalMM", 1440);

Found : user_pref("CT2504091.SearchInNewTabLastCheckTime", "Sat Nov 26 2011 11:32:14 GMT-0600 (Central Stand[...]

Found : user_pref("CT2504091.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]

Found : user_pref("CT2504091.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]

Found : user_pref("CT2504091.SearchProtectorEnabled", false);

Found : user_pref("CT2504091.SearchProtectorToolbarDisabled", false);

Found : user_pref("CT2504091.SendProtectorDataViaLogin", true);

Found : user_pref("CT2504091.ServiceMapLastCheckTime", "Sat Nov 26 2011 11:32:15 GMT-0600 (Central Standard [...]

Found : user_pref("CT2504091.SettingsLastCheckTime", "Mon Nov 28 2011 01:24:03 GMT-0600 (Central Standard Ti[...]

Found : user_pref("CT2504091.SettingsLastUpdate", "1319755934");

Found : user_pref("CT2504091.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2504091&SearchSource=13");

Found : user_pref("CT2504091.ThirdPartyComponentsInterval", 504);

Found : user_pref("CT2504091.ThirdPartyComponentsLastCheck", "Mon Nov 21 2011 17:50:27 GMT-0600 (Central Sta[...]

Found : user_pref("CT2504091.ThirdPartyComponentsLastUpdate", "1312887586");

Found : user_pref("CT2504091.ToolbarShrinkedFromSetup", false);

Found : user_pref("CT2504091.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2504091");

Found : user_pref("CT2504091.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]

Found : user_pref("CT2504091.UserID", "UN12469748857284946");

Found : user_pref("CT2504091.ValidationData_Toolbar", 1);

Found : user_pref("CT2504091.alertChannelId", "897164");

Found : user_pref("CT2504091.approveUntrustedApps", false);

Found : user_pref("CT2504091.backendstorage._gpl_firstrun10100", "31333230303838353132");

Found : user_pref("CT2504091.backendstorage.for_aoi", "31333230303838343636");

Found : user_pref("CT2504091.backendstorage.for_ccid", "5375676172204C616E64");

Found : user_pref("CT2504091.backendstorage.for_cdtr2", "31333230303838343636");

Found : user_pref("CT2504091.backendstorage.for_cdtr6", "31333230303838343636");

Found : user_pref("CT2504091.backendstorage.for_cid", "5553");

Found : user_pref("CT2504091.backendstorage.for_ip", "3135312E3231332E3138382E323333");

Found : user_pref("CT2504091.backendstorage.for_lcut", "31333230303838343636");

Found : user_pref("CT2504091.backendstorage.for_pid", "31303231");

Found : user_pref("CT2504091.backendstorage.for_rid", "5458");

Found : user_pref("CT2504091.backendstorage.for_zoneid", "3130313537");

Found : user_pref("CT2504091.backendstorage.hxxp://dl_gameplaylabs_com/items/conduit/temp._gpl_firstrun10100[...]

Found : user_pref("CT2504091.components.1000034", false);

Found : user_pref("CT2504091.components.129079840422964131", false);

Found : user_pref("CT2504091.components.129079849636241789", false);

Found : user_pref("CT2504091.components.129408243997825547", false);

Found : user_pref("CT2504091.components.129593776931068636", false);

Found : user_pref("CT2504091.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]

Found : user_pref("CT2504091.globalFirstTimeInfoLastCheckTime", "Sun Nov 27 2011 22:28:51 GMT-0600 (Central [...]

Found : user_pref("CT2504091.homepageProtectorEnableByLogin", true);

Found : user_pref("CT2504091.initDone", true);

Found : user_pref("CT2504091.isAppTrackingManagerOn", true);

Found : user_pref("CT2504091.myStuffEnabled", true);

Found : user_pref("CT2504091.myStuffPublihserMinWidth", 400);

Found : user_pref("CT2504091.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]

Found : user_pref("CT2504091.myStuffServiceIntervalMM", 1440);

Found : user_pref("CT2504091.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]

Found : user_pref("CT2504091.oldAppsList", "129079840421557838,129079840422026594,111,129079849636241789,129[...]

Found : user_pref("CT2504091.revertSettingsEnabled", false);

Found : user_pref("CT2504091.searchProtectorDialogDelayInSec", 10);

Found : user_pref("CT2504091.searchProtectorEnableByLogin", true);

Found : user_pref("CT2504091.testingCtid", "");

Found : user_pref("CT2504091.toolbarAppMetaDataLastCheckTime", "Sat Nov 26 2011 11:32:15 GMT-0600 (Central S[...]

Found : user_pref("CT2504091.toolbarContextMenuLastCheckTime", "Tue Nov 22 2011 13:55:20 GMT-0600 (Central S[...]

Found : user_pref("CT2504091.undefined", "Mon Oct 31 2011 14:14:17 GMT-0500 (Central Daylight Time)");

Found : user_pref("CT2504091.usagesFlag", 2);

Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/897164/892962/US", "\"0\"")[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2504091", [...]

Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2504091",[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2504091&octid=[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]

Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Owner\\AppData\\Roaming\\Mozilla\\F[...]

Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.7.0.6");

Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");

Found : user_pref("CommunityToolbar.ToolbarsList", "CT2504091");

Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2504091");

Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2504091");

Found : user_pref("CommunityToolbar.globalUserId", "9a12b527-3b96-4682-a298-42acec3721ed");

Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);

Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);

Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Tue Nov 22 2011 13:55:1[...]

Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);

Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sat Nov 26 2011 11:32:23 GMT-060[...]

Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");

Found : user_pref("CommunityToolbar.notifications.locale", "en");

Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);

Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Nov 27 2011 11:32:14 GMT-0600 (C[...]

Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");

Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);

Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");

Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);

Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);

Found : user_pref("CommunityToolbar.notifications.userId", "1b208792-d478-452e-9540-b24bbdf1ae8b");

Found : user_pref("CommunityToolbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");

Found : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]

Found : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");

Found : user_pref("browser.search.defaultenginename", "Search the web (Babylon)");

Found : user_pref("browser.search.order.1", "Search the web (Babylon)");

Found : user_pref("browser.startup.homepage", "hxxp://search.babylon.com/?affID=109935&tt=050412_30b&babsrc=[...]

Found : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");

Found : user_pref("extensions.BabylonToolbar_i.babExt", "");

Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109935&tt=050412_30b");

Found : user_pref("extensions.BabylonToolbar_i.hardId", "1254a72700000000000000216b26add0");

Found : user_pref("extensions.BabylonToolbar_i.id", "1254a72700000000000000216b26add0");

Found : user_pref("extensions.BabylonToolbar_i.instlDay", "15440");

Found : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");

Found : user_pref("extensions.BabylonToolbar_i.newTab", true);

Found : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=109935&tt=05041[...]

Found : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");

Found : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");

Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");

Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");

Found : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");

Found : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");

Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1711:34:45");

Found : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");

Found : user_pref("extensions.vshare@toolbar.install-event-fired", true);

Found : user_pref("keyword.URL", "hxxp://search.babylon.com/?affID=109935&tt=050412_30b&babsrc=KW_ss&mntrId=[...]

-\\ Google Chrome v21.0.1180.89

File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [18078 octets] - [07/09/2012 23:06:48]

########## EOF - C:\AdwCleaner[R1].txt - [18139 octets] ##########

Results of screen317's Security Check version 0.99.50

Windows Vista Service Pack 2 x86 (UAC is enabled)

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

avast! Antivirus

Antivirus up to date! (On Access scanning disabled!)

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware version 1.62.0.1300

Java 6 Update 33

Java 6 Update 6

Java version out of Date!

Adobe Flash Player 10 Flash Player out of Date!

Adobe Flash Player 11.3.300.265

Adobe Reader 8 Adobe Reader out of Date!

Mozilla Firefox 4.0b6 Firefox out of Date!

Google Chrome 21.0.1180.83

Google Chrome 21.0.1180.89

````````Process Check: objlist.exe by Laurent````````

ESET ESET Online Scanner OnlineCmdLineScanner.exe

Alwil Software Avast5 AvastSvc.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 4 % Defragment your hard drive soon! (Do NOT defrag if SSD!)

````````````````````End of Log``````````````````````

[ubigred]

1. Should I defrag my system?

2. Windows Defender does not update. Error code: Code 0x80096001 (not sure if it even works)

[ubigred]

3. Which program should I use Windows Defender or Avast (free version)?

[ubigred]

My internet is no longer working? It just started happening out of the blue.

[screen317]

ubigred,

My apologies for the delay. I thought I responded a long time ago.

What happened just before you lost Internet? Describe your network setup (router, wired, etc.)..

Run Norton's removal tool from here.

Reboot.

Is your Internet still disabled?

[ubigred]

I already uninstalled Norton using Add/Remove programs.

Nothing that I can think of , it just stopped working . I am wireless.

The only way I can get online is if I use tether via usb with my cell phone. Cell phone is hooked up to wifi.

[screen317]

Hi,

My apologies for the extended delay.

Please reboot to Safe Mode With Networking (tap the F8 key just before Windows starts to load and select the Safe Mode With Networking option from the menu).

Are you still not getting Internet? Please describe your network.

[ubigred]

I am still not getting internet when I reboot in Safe Mode w/networking.

[ubigred]

I usually connect using wireless .

[screen317]

Can you plug in directly and see if you can connect? This is so strange that it started all of a sudden. Grab a fresh copy of ComboFix, run it, and post its log.