Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infosmash redirect on Google search


  • This topic is locked This topic is locked
25 replies to this topic

#1 Talthan

Talthan

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:58 AM

Posted 30 June 2012 - 01:21 AM

Today I noticed I was getting a redirect on the first click of a searched link on Google to Infosmash, after it happened a few times I quickly realized that something was wrong and did a search on Infosmash to discover eeeks I had a problem. Not sure what I did or how it happened But I’d like to fix and then hopefully prevent it from reoccurring. I used Norton’s 360 and religiously update, I update my Java and Adobe frequently and have them set for auto updates in case I forget. I run Spybot search and destroy at least once a week and immunize IE.

Ran Spybot S&D with no results Norton’s didn’t pick anything up. I then downloaded and installed Malware bytes which found a lot of tracking cookies and I removed them ran ESET which found some other things which I then removed and left me with a error on reboot about \symantic\SWTOR\vpcqypvt.dll (I am not sure why and now need to fix this error)

Thank you in advance below is what I have currently reporting



Ran DDS

============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Broadcom\BPowMon\BPowMon.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exe
C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Windows\SysWOW64\nlssrv32.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
C:\Users\Danegeld\AppData\Local\Apps\2.0\K4DPDHOH.792\82HZ0AC1.C04\curs..tion_9e9e83ddf3ed3ead_0005.0001_31b318dc2771b66c\CurseClient.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Windows\system32\conhost.exe
C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files\Alienware\Command Center\ThermalController.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
C:\Windows\system32\conhost.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Alienware\Command Center\AlienFusionService.exe
C:\Program Files\Alienware\Command Center\AlienFusionController.exe
C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
uDefault_Page_URL = hxxp://www.alienware.com/
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\coIEPlg.dll
BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\IPS\IPSBHO.DLL
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\coIEPlg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [Google Update] "C:\Users\Danegeld\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [AdobeBridge]
uRun: [Logitech Vid] "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [SWTOR] rundll32.exe "C:\Users\Danegeld\AppData\Local\Symantec\SWTOR\vpcqypvt.dll",CreateInstance
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
mRun: [VMM Mode Selection] C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
StartupFolder: C:\Users\Danegeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
StartupFolder: C:\Users\Danegeld\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LAUNCH~1.LNK - C:\Users\Danegeld\AppData\Roaming\Verizon\UA_ar\UtilityApplication.exe
StartupFolder: C:\Users\Danegeld\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~2.LNK - C:\Program Files (x86)\Logitech\G930\eReg.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NETGEA~1.LNK - C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
Trusted Zone: villagephotos.com\old
Trusted Zone: villagephotos.com\www
DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} - hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxp://support.dell.com/systemprofiler/SysProExe.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{94730246-77D2-4760-B64C-11D8B760ABE4} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{F1986E5C-96FB-447A-A611-0FEEF09E16D5} : DhcpNameServer = 75.75.75.75 75.75.76.76
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO-X64: Increase performance and video formats for your HTML5 <video> - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO-X64: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\coIEPlg.dll
BHO-X64: Norton Identity Protection - No File
BHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\IPS\IPSBHO.DLL
BHO-X64: Norton Vulnerability Protection - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\coIEPlg.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
mRun-x64: [UpdReg] C:\Windows\UpdReg.EXE
mRun-x64: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [CTxfiHlp] CTXFIHLP.EXE
mRun-x64: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun-x64: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun-x64: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
mRun-x64: [VMM Mode Selection] C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce-x64: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
mRunOnce-x64: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 SCMNdisP;General NDIS Protocol Driver;C:\Windows\system32\DRIVERS\scmndisp.sys --> C:\Windows\system32\DRIVERS\scmndisp.sys [?]
R0 SMR300;Symantec SMR Utility Service 3.0.0;C:\Windows\system32\drivers\SMR300.SYS --> C:\Windows\system32\drivers\SMR300.SYS [?]
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0602010.005\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0602010.005\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0602010.005\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0602010.005\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120619.001\BHDrvx64.sys [2012-6-18 1161376]
R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\system32\drivers\N360x64\0602010.005\ccSetx64.sys --> C:\Windows\system32\drivers\N360x64\0602010.005\ccSetx64.sys [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20120629.001\IDSviA64.sys [2012-6-29 509088]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0602010.005\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0602010.005\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\N360x64\0602010.005\SYMNETS.SYS --> C:\Windows\system32\Drivers\N360x64\0602010.005\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]
R2 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7};Power Control [2012/04/20 16:00:58];C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl [2010-4-29 146928]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AlienFusionService;Alienware Fusion Service;C:\Program Files\Alienware\Command Center\AlienFusionService.exe [2011-5-2 15296]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 BPowMon;Broadcom Power monitoring service;C:\Program Files\Broadcom\BPowMon\BPowMon.exe [2009-10-27 117608]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-4-29 13336]
R2 IOCBIOS;IOCBIOS;C:\ProgramData\Intel\Extreme Tuning Utility\IOCbios\64bit\iOCbios.sys [2009-7-9 27096]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exe [2012-5-28 138232]
R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\nlssrv32.exe [2011-11-16 66560]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-5-15 1153368]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-4-29 1692480]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
R2 WSWNDA3100v2;WSWNDA3100v2;C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [2012-6-2 303360]
R2 XTUService;Intel® Extreme Tuning Utility;C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe [2009-7-27 30944]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 CompFilter64;UVCCompositeFilter;C:\Windows\system32\DRIVERS\lvbflt64.sys --> C:\Windows\system32\DRIVERS\lvbflt64.sys [?]
R3 CT20XUT.SYS;CT20XUT.SYS;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?]
R3 CTHWIUT.SYS;CTHWIUT.SYS;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-6-2 138912]
R3 ha20x22k;Creative 20X2 HAL Driver;C:\Windows\system32\drivers\ha20x22k.sys --> C:\Windows\system32\drivers\ha20x22k.sys [?]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 LADF_CaptureOnly;LADF Capture Filter Driver;C:\Windows\system32\DRIVERS\ladfGSCamd64.sys --> C:\Windows\system32\DRIVERS\ladfGSCamd64.sys [?]
R3 LADF_RenderOnly;LADF Render Filter Driver;C:\Windows\system32\DRIVERS\ladfGSRamd64.sys --> C:\Windows\system32\DRIVERS\ladfGSRamd64.sys [?]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\system32\drivers\LGBusEnum.sys --> C:\Windows\system32\drivers\LGBusEnum.sys [?]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\system32\drivers\LGVirHid.sys --> C:\Windows\system32\drivers\LGVirHid.sys [?]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
R3 LVUVC64;Logitech HD Pro Webcam C910(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]
R3 mio;Master IO Filter Driver;C:\Windows\system32\DRIVERS\mio.sys --> C:\Windows\system32\DRIVERS\mio.sys [?]
S1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
S2 CLKMSVC10_1628BCEA;CyberLink Product - 2012/04/20 16:00:55;C:\Program Files (x86)\CyberLink\PowerDVD DX\Kernel\BD\NavFilter\kmsvc.exe [2011-4-3 240360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-3-30 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-6 250056]
S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;C:\Windows\system32\DRIVERS\bcmwlhigh664.sys --> C:\Windows\system32\DRIVERS\bcmwlhigh664.sys [?]
S3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-4-29 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-4-29 79360]
S3 CT20XUT;CT20XUT;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?]
S3 CTEXFIFX;CTEXFIFX;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?]
S3 CTHWIUT;CTHWIUT;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-3-30 136176]
S3 LADF_BakerCOnly;BakerC Filter Driver;C:\Windows\system32\DRIVERS\ladfBakerCamd64.sys --> C:\Windows\system32\DRIVERS\ladfBakerCamd64.sys [?]
S3 LADF_BakerROnly;BakerR Filter Driver;C:\Windows\system32\DRIVERS\ladfBakerRamd64.sys --> C:\Windows\system32\DRIVERS\ladfBakerRamd64.sys [?]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys --> C:\Windows\system32\DRIVERS\ssadbus.sys [?]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys --> C:\Windows\system32\DRIVERS\ssadmdfl.sys [?]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys --> C:\Windows\system32\DRIVERS\ssadmdm.sys [?]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-06-30 05:01:45 -------- d-----w- C:\Users\Danegeld\AppData\Roaming\SUPERAntiSpyware.com
2012-06-30 05:01:24 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2012-06-30 05:01:24 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2012-06-30 03:59:40 -------- d-----w- C:\Program Files (x86)\Oracle
2012-06-30 03:56:56 -------- d-----w- C:\Users\Danegeld\AppData\Roaming\Malwarebytes
2012-06-30 03:56:50 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-06-30 03:56:50 -------- d-----w- C:\ProgramData\Malwarebytes
2012-06-30 03:56:50 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-30 03:47:54 -------- d-----w- C:\Program Files (x86)\ESET
2012-06-30 03:41:06 96376 ----a-w- C:\Windows\System32\drivers\SMR300.SYS
2012-06-30 03:10:38 256904 ----a-w- C:\Windows\SysWow64\drivers\tmcomm.sys
2012-06-21 13:18:19 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-21 13:18:15 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-21 13:18:09 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-21 13:18:09 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-19 03:16:18 476936 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2012-06-14 04:25:21 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-06-03 01:13:46 1256192 ----a-w- C:\Windows\System32\drivers\bcmwlhigh664.sys
2012-06-03 01:13:43 53299 ----a-w- C:\Windows\SysWow64\pthreadVC.dll
2012-06-03 01:13:43 47632 ----a-w- C:\Windows\System32\drivers\npf.sys
2012-06-03 01:13:43 281104 ----a-w- C:\Windows\SysWow64\wpcap.dll
2012-06-03 01:13:43 25056 ----a-w- C:\Windows\System32\drivers\SCMNdisP.sys
2012-06-02 15:04:17 95544 ----a-w- C:\Windows\System32\bcmwlcoi.dll
2012-06-02 15:04:17 3900928 ----a-w- C:\Windows\System32\bcmihvsrv64.dll
2012-06-02 15:04:17 3566592 ----a-w- C:\Windows\System32\bcmihvui64.dll
2012-06-02 15:04:14 96784 ----a-w- C:\Windows\SysWow64\Packet.dll
2012-06-02 15:04:13 -------- d-----w- C:\Program Files (x86)\NETGEAR
2012-06-01 11:30:25 -------- d-----w- C:\Program Files (x86)\AMD APP
.
==================== Find3M ====================
.
2012-06-23 23:23:18 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-23 23:23:18 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-05-29 03:56:16 175736 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-05-15 01:32:33 3146752 ----a-w- C:\Windows\System32\win32k.sys
2012-05-04 23:29:16 687504 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll
2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll
2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-04-07 12:31:40 3216384 ----a-w- C:\Windows\System32\msi.dll
2012-04-07 11:26:29 2342400 ----a-w- C:\Windows\SysWow64\msi.dll
2012-04-06 02:34:26 187392 ----a-w- C:\Windows\System32\clinfo.exe
2012-04-06 02:34:10 74752 ----a-w- C:\Windows\System32\OpenVideo64.dll
2012-04-06 02:34:04 64512 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2012-04-06 02:33:56 63488 ----a-w- C:\Windows\System32\OVDecode64.dll
2012-04-06 02:33:52 56320 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2012-04-06 02:33:44 16457216 ----a-w- C:\Windows\System32\amdocl64.dll
2012-04-06 02:32:56 13007872 ----a-w- C:\Windows\SysWow64\amdocl.dll
.
============= FINISH: 1:07:21.09 ===============

Ran Malware

____________________________________________________________________

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.29.12

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Danegeld :: THANTOSV-PC [administrator]

6/30/2012 12:54:39 AM
mbam-log-2012-06-30 (00-54-39).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 235347
Time elapsed: 33 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


Ran Mini toolbox

MiniToolBox by Farbar Version: 25-06-2012
Ran by Danegeld (administrator) on 30-06-2012 at 02:14:57
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com

There are 15218 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : ThantosV-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.fl.comcast.net.

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : hsd1.fl.comcast.net.
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : A4-BA-DB-FA-28-90
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::f4e1:c6d0:3d67:1d10%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.198(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, June 30, 2012 1:33:39 AM
Lease Expires . . . . . . . . . . : Sunday, July 01, 2012 1:33:39 AM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 245676763
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-6B-8A-72-A4-BA-DB-FA-28-90
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.hsd1.fl.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.fl.comcast.net.
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:24d8:11fc:9d0b:2698(Preferred)
Link-local IPv6 Address . . . . . : fe80::24d8:11fc:9d0b:2698%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Name: google.com
Addresses: 2001:4860:800a::66
74.125.134.100
74.125.134.101
74.125.134.113
74.125.134.138
74.125.134.139
74.125.134.102


Pinging google.com [74.125.45.100] with 32 bytes of data:
Reply from 74.125.45.100: bytes=32 time=33ms TTL=51
Reply from 74.125.45.100: bytes=32 time=34ms TTL=51

Ping statistics for 74.125.45.100:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 33ms, Maximum = 34ms, Average = 33ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=54ms TTL=49
Reply from 209.191.122.70: bytes=32 time=54ms TTL=49

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 54ms, Maximum = 54ms, Average = 54ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...a4 ba db fa 28 90 ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.198 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.198 266
192.168.0.198 255.255.255.255 On-link 192.168.0.198 266
192.168.0.255 255.255.255.255 On-link 192.168.0.198 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.198 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.198 266
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:24d8:11fc:9d0b:2698/128
On-link
10 266 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::24d8:11fc:9d0b:2698/128
On-link
10 266 fe80::f4e1:c6d0:3d67:1d10/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
10 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/30/2012 02:09:07 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/30/2012 01:53:54 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/30/2012 01:51:21 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/29/2012 11:47:52 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/27/2012 11:33:24 PM) (Source: Application Error) (User: )
Description: Faulting application name: CivilizationV_DX11.exe, version: 1.0.1.674, time stamp: 0x4fc504cb
Faulting module name: CvGameCoreDLLFinal Release.dll, version: 3.0.3.0, time stamp: 0x4fc50810
Exception code: 0xc0000005
Fault offset: 0x0000ef75
Faulting process id: 0xde0
Faulting application start time: 0xCivilizationV_DX11.exe0
Faulting application path: CivilizationV_DX11.exe1
Faulting module path: CivilizationV_DX11.exe2
Report Id: CivilizationV_DX11.exe3

Error: (06/26/2012 01:23:03 PM) (Source: XTUservice) (User: )
Description: Service cannot be started. The service process could not connect to the service controller

Error: (06/24/2012 06:11:41 PM) (Source: Application Hang) (User: )
Description: The program OUTLOOK.EXE version 12.0.6607.1000 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1490

Start Time: 01cd524eda750bed

Termination Time: 9

Application Path: C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE

Report Id: 8a635906-be49-11e1-9b9f-a4badbfa2890

Error: (06/17/2012 00:08:11 PM) (Source: Application Hang) (User: )
Description: The program chrome.exe version 19.0.1084.56 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2858

Start Time: 01cd4c9fed7c7bf5

Termination Time: 20

Application Path: C:\Users\Danegeld\AppData\Local\Google\Chrome\Application\chrome.exe

Report Id: 9a0dc85b-b896-11e1-a882-a4badbfa2890

Error: (06/15/2012 05:43:30 PM) (Source: Application Error) (User: )
Description: Faulting application name: CivilizationV_DX11.exe, version: 1.0.1.674, time stamp: 0x4fc504cb
Faulting module name: CvGameCoreDLLFinal Release.dll, version: 3.0.3.0, time stamp: 0x4fc50810
Exception code: 0xc0000005
Fault offset: 0x0003761e
Faulting process id: 0x27cc
Faulting application start time: 0xCivilizationV_DX11.exe0
Faulting application path: CivilizationV_DX11.exe1
Faulting module path: CivilizationV_DX11.exe2
Report Id: CivilizationV_DX11.exe3

Error: (06/06/2012 11:19:33 AM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16421 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2e34

Start Time: 01cd43d9fd840216

Termination Time: 0

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:


System errors:
=============
Error: (06/30/2012 01:34:46 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (06/30/2012 01:34:16 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (06/30/2012 01:19:47 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (06/30/2012 01:19:17 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (06/29/2012 11:37:20 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer SHAMUSV
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{94730246-77D2-4760-B64C-11D8B760ABE4}.
The master browser is stopping or an election is being forced.

Error: (06/29/2012 11:26:50 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer KIRSTIN-LAPTOP
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{94730246-77D2-4760-B64C-11D8B760ABE4}.
The master browser is stopping or an election is being forced.

Error: (06/29/2012 11:22:59 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (06/29/2012 11:22:29 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (06/29/2012 11:19:23 PM) (Source: Service Control Manager) (User: )
Description: The Group Policy Client service did not shut down properly after receiving a preshutdown control.

Error: (06/29/2012 11:06:43 PM) (Source: DCOM) (User: ThantosV-PC)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}ThantosV-PCDanegeldS-1-5-21-2035710577-4104604380-1009470740-1001LocalHost (Using LRPC)


Microsoft Office Sessions:
=========================
Error: (02/18/2011 02:07:10 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 0 seconds with 0 seconds of active time. This session ended with a crash.

Error: (12/09/2010 02:25:47 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12478 seconds with 0 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
3DMark Vantage (Version: 1.0.3.1)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe AIR (Version: 3.1.0.4880)
Adobe Community Help (Version: 3.4.980)
Adobe Download Assistant (Version: 1.0.6)
Adobe Flash Player 10 ActiveX 64-bit (Version: 10.3.162.28)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.257)
Adobe Flash Player 11 Plugin (Version: 11.3.300.262)
Adobe Photoshop CS5.1 (Version: 12.1)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.5 (Version: 11.5.8.612)
Advertising Center (Version: 0.0.0.2)
AMD Accelerated Video Transcoding (Version: 2.00.0002)
AMD APP SDK Runtime (Version: 10.0.923.1)
AMD Catalyst Install Manager (Version: 8.0.873.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.70405.2224)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
ATI AVIVO64 Codecs (Version: 11.6.0.51125)
ATI Catalyst Registration (Version: 3.00.0000)
ATI Problem Report Wizard (Version: 3.0.804.0)
Banctec Service Agreement (Version: 2.0.0)
Bonjour (Version: 3.0.0.10)
Borderlands
Broadcom Management Programs (Version: 12.53.01)
CameraHelperMsi (Version: 13.31.1038.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2012.0405.2205.37728)
Catalyst Control Center Graphics Previews Common (Version: 2012.0405.2205.37728)
Catalyst Control Center InstallProxy (Version: 2009.1006.2226.38455)
Catalyst Control Center InstallProxy (Version: 2012.0405.2205.37728)
Catalyst Control Center Localization All (Version: 2012.0405.2205.37728)
ccc-utility64 (Version: 2012.0405.2205.37728)
CCC Help English (Version: 2012.0405.2204.37728)
Comcast Access (Version: 1.59)
Comcast Access (Version: ComcastAccess-1.59)
Command Center (Version: 2.6.17.0)
Creative ALchemy (Version: 1.41)
Creative Audio Control Panel (Version: 3.00)
Creative Console Launcher (Version: 2.61)
Creative Diagnostics (Version: 5.11)
Creative Software AutoUpdate (Version: 1.40)
Creative Sound Blaster Properties x64 Edition (Version: 1.02)
Curse Client (Version: 5.1.1.370)
D3DX10 (Version: 15.4.2368.0902)
Dead Island
Dell DataSafe Local Backup - Support Software (Version: 9.4.60)
Dell DataSafe Local Backup (Version: 9.4.60)
Dell Driver Download Manager (Version: 2.1.0.0)
Diablo III (Version: 1.0.2.9858)
Diablo III Beta (Version: 0.11.0.9359)
DivX Setup (Version: 2.6.1.9)
Dolby Digital Live Pack (Version: 3.00)
DTS Connect Pack (Version: 1.00)
DTVblizzcon (Version: 3.0.0.18)
Dual-Core Optimizer (Version: 1.1.4.0169)
erLT (Version: 1.20.138.34)
ESET Online Scanner v3
Fallout: New Vegas
Feedback Tool (Version: 1.2.0)
Futuremark SystemInfo (Version: 3.21.2.1)
Google Chrome (Version: 19.0.1084.56)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
iCloud (Version: 1.1.0.40)
ImagXpress (Version: 7.0.74.0)
Intel Extreme Tuning Utility (Version: 1.3.9.1)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Rapid Storage Technology (Version: 9.5.6.1001)
Intel® SMBus
Internet TV for Windows Media Center (Version: 4.2.2.0)
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 17 (64-bit) (Version: 6.0.170)
Java™ 6 Update 33 (Version: 6.0.330)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
Kernel for Outlook Evaluation ver 7.05.01
Logitech Gaming Software 8.12 (Version: 8.12.030)
Logitech Vid HD (Version: 7.2 (7259))
Logitech Webcam Software (Version: 2.0)
LWS Facebook (Version: 13.31.1038.0)
LWS Gallery (Version: 13.31.1038.0)
LWS Help_main (Version: 13.31.1044.0)
LWS Launcher (Version: 13.31.1038.0)
LWS Motion Detection (Version: 13.30.1395.0)
LWS Pictures And Video (Version: 13.31.1038.0)
LWS Twitter (Version: 13.30.1346.0)
LWS Video Mask Maker (Version: 13.30.1379.0)
LWS VideoEffects (Version: 13.30.1379.0)
LWS Webcam Software (Version: 13.31.1038.0)
LWS WLM Plugin (Version: 1.30.1201.0)
LWS YouTube Plugin (Version: 13.31.1038.0)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
Move Media Player
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NEF Codec (Version: 1.00.0000)
Nero 11 InfoTool (Version: 11.0.00500)
Nero 9 Essentials
Nero BurnRights (Version: 3.4.13.100)
Nero BurnRights Help (Version: 3.4.4.100)
Nero ControlCenter (Version: 9.0.0.1)
Nero Core Components 11 (Version: 11.0.15401.1.15)
Nero CoverDesigner (Version: 4.4.12.100)
Nero CoverDesigner Help (Version: 4.4.9.100)
Nero Disc Copy Gadget (Version: 2.4.34.0)
Nero Disc Copy Gadget Help (Version: 2.4.34.0)
Nero DiscSpeed (Version: 5.4.13.100)
Nero DiscSpeed Help (Version: 5.4.4.100)
Nero DriveSpeed (Version: 4.4.12.100)
Nero DriveSpeed Help (Version: 4.4.4.100)
Nero Express Help (Version: 9.4.26.100)
Nero InfoTool (Version: 6.4.12.100)
Nero InfoTool 11 (Version: 8.0.10400.1.100)
Nero InfoTool 11 Help (CHM) (Version: 11.0.10000)
Nero InfoTool Help (Version: 6.4.4.100)
Nero Installer (Version: 4.4.9.0)
Nero Online Upgrade (Version: 1.3.0.0)
Nero Rescue Agent (Version: 2.4.14.100)
Nero RescueAgent Help (Version: 2.4.4.100)
Nero StartSmart (Version: 9.4.19.100)
Nero StartSmart Help (Version: 9.4.19.100)
nero.prerequisites.msi (Version: 11.0.20008)
NeroExpress (Version: 9.4.26.100)
neroxml (Version: 1.0.0)
NETGEAR WNDA3100v2 wireless USB 2.0 adapter (Version: 1.03.000)
Nikon File Uploader 2 (Version: 2.00.0001)
Nikon Message Center 2 (Version: 2.0.1)
Norton 360 (Version: 6.2.1.5)
NVIDIA PhysX (Version: 9.10.0224)
OpenAL
PDF Settings CS5 (Version: 10.0)
Perfect Photo Suite 6 (Version: 6.0.0)
Picture Control Utility (Version: 1.2.2)
PowerDVD DX (Version: 8.3.7501)
QuickTime (Version: 7.71.80.42)
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.1900.0)
Sid Meier's Civilization V
Sound Blaster X-Fi (Version: 1.0)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Spybot - Search & Destroy (Version: 1.6.2)
Star Wars: The Old Republic (Version: 1.00)
StarCraft II (Version: 1.0.0.16117)
Steam (Version: 1.0.0.0)
SUPERAntiSpyware (Version: 5.5.1006)
The Elder Scrolls V: Skyrim
The Lord of the Rings Online™
Uniblue ProcessScanner
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687267) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Ventrilo Client for Windows x64 (Version: 3.0.8.0)
Verizon Wireless Software Utility Application for Android - Samsung (Version: 1.11.0305)
ViewNX 2 (Version: 2.1.2)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WModem Driver Installer (Version: 2.0.6.9)
World of Warcraft (Version: 5.0.1.15544)
World of Warcraft Beta (Version: 5.0.1.15752)
Yahoo! Detect

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 31%
Total physical RAM: 12278.89 MB
Available physical RAM: 8464.67 MB
Total Pagefile: 24555.98 MB
Available Pagefile: 20508.32 MB
Total Virtual: 4095.88 MB
Available Virtual: 3978.47 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:550.85 GB) (Free:63.03 GB) NTFS

========================= Users: ========================================

User accounts for \\THANTOSV-PC

Administrator Danegeld Guest
Mcx1-THANTOSV-PC


**** End of log ****

when I ran ESET a 2nd time it was clean

~moderator edit: moved from AII to the appropriate forum. DDS logs are not allowed outside MRL. Also merged subsequent post into this one. - Queen-Evie~

Edited by Queen-Evie, 30 June 2012 - 08:16 AM.


BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 134,640 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:58 AM

Posted 01 July 2012 - 12:54 AM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

Security Check

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.



Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic


Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 Talthan

Talthan
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:58 AM

Posted 01 July 2012 - 11:52 AM

will do thanks

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 134,640 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:58 AM

Posted 01 July 2012 - 01:18 PM

Ok I will be waiting



gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic


Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 Talthan

Talthan
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:58 AM

Posted 01 July 2012 - 05:00 PM

Results of screen317's Security Check version 0.99.42
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
Norton 360
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
MVPS Hosts File
Spybot - Search & Destroy
Malwarebytes Anti-Malware version 1.61.0.1400
JavaFX 2.1.1
Java™ 6 Update 33
Java™ 7 Update 5
Adobe Reader 9 Adobe Reader out of Date!
Adobe Reader X (10.1.3)
Google Chrome 19.0.1084.52
Google Chrome 19.0.1084.56
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
Alienware Command Center ThermalController.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 3%
````````````````````End of Log``````````````````````

#6 Talthan

Talthan
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:58 AM

Posted 01 July 2012 - 05:26 PM

ComboFix 12-07-01.03 - Danegeld 07/01/2012 18:01:37.1.12 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.12279.9090 [GMT -4:00]
Running from: c:\users\Danegeld\Downloads\ComboFix.exe
AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\users\Danegeld\AppData\Local\Temp\{E670A6CA-53B1-4AC7-BC4C-D614C9DB58BF}\fpb.tmp
c:\users\Danegeld\Documents\~Outlook (1).pst.tmp
c:\windows\system32\jucheck.exe
c:\windows\system32\jusched.exe
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\SET2510.tmp
c:\windows\SysWow64\SET25AE.tmp
c:\windows\SysWow64\SET299F.tmp
c:\windows\SysWow64\SET2AFB.tmp
c:\windows\SysWow64\SET2B0D.tmp
c:\windows\SysWow64\SET2C1E.tmp
c:\windows\SysWow64\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NPF
.
.
((((((((((((((((((((((((( Files Created from 2012-06-01 to 2012-07-01 )))))))))))))))))))))))))))))))
.
.
2012-06-30 07:11 . 2012-06-30 07:11 -------- d-----w- c:\program files\CCleaner
2012-06-30 05:01 . 2012-06-30 05:01 -------- d-----w- c:\users\Danegeld\AppData\Roaming\SUPERAntiSpyware.com
2012-06-30 05:01 . 2012-06-30 05:01 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-06-30 05:01 . 2012-06-30 05:01 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-06-30 04:00 . 2012-06-30 04:00 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-06-30 03:59 . 2012-06-30 03:59 -------- d-----w- c:\program files (x86)\Oracle
2012-06-30 03:56 . 2012-06-30 03:56 -------- d-----w- c:\users\Danegeld\AppData\Roaming\Malwarebytes
2012-06-30 03:56 . 2012-06-30 03:56 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-06-30 03:56 . 2012-06-30 03:56 -------- d-----w- c:\programdata\Malwarebytes
2012-06-30 03:56 . 2012-04-04 19:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-30 03:47 . 2012-06-30 03:47 -------- d-----w- c:\program files (x86)\ESET
2012-06-30 03:10 . 2012-06-05 07:37 256904 ----a-w- c:\windows\SysWow64\drivers\tmcomm.sys
2012-06-21 13:18 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-21 13:18 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-21 13:18 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-21 13:18 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-21 13:18 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-21 13:18 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-21 13:18 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-21 13:18 . 2012-06-02 19:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-21 13:18 . 2012-06-02 19:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-19 03:16 . 2012-06-19 03:16 476936 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-06-14 04:25 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-03 01:13 . 2011-12-12 21:42 1256192 ----a-w- c:\windows\system32\drivers\bcmwlhigh664.sys
2012-06-03 01:13 . 2011-07-22 14:33 25056 ----a-w- c:\windows\system32\drivers\SCMNdisP.sys
2012-06-03 01:13 . 2010-02-03 15:20 47632 ----a-w- c:\windows\system32\drivers\npf.sys
2012-06-02 15:04 . 2011-04-19 21:52 95544 ----a-w- c:\windows\system32\bcmwlcoi.dll
2012-06-02 15:04 . 2011-04-19 21:31 3900928 ----a-w- c:\windows\system32\bcmihvsrv64.dll
2012-06-02 15:04 . 2011-04-19 21:31 3566592 ----a-w- c:\windows\system32\bcmihvui64.dll
2012-06-02 15:04 . 2012-06-02 15:04 -------- d-----w- c:\program files (x86)\NETGEAR
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-25 22:36 . 2011-07-06 23:10 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2012-06-25 22:36 . 2010-05-18 21:37 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2012-06-25 22:35 . 2010-05-18 21:36 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-06-25 22:35 . 2010-12-25 17:32 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-06-23 23:23 . 2012-04-07 02:24 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-23 23:23 . 2011-06-14 13:39 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-08 21:19 . 2010-05-16 23:22 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2012-06-08 09:02 . 2010-05-16 23:21 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-06-08 09:02 . 2010-06-02 21:34 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2012-06-01 11:27 . 2012-06-01 11:27 16090624 ----a-w- c:\windows\system32\aticaldd64.dll
2012-06-01 11:27 . 2012-03-09 05:04 6800896 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-06-01 11:27 . 2012-06-01 11:27 95760 ----a-w- c:\windows\system32\drivers\AtihdW76.sys
2012-06-01 11:27 . 2010-09-29 01:30 4731904 ----a-w- c:\windows\system32\atiumd6a.dll
2012-06-01 11:27 . 2011-04-20 06:22 41984 ----a-w- c:\windows\system32\atig6txx.dll
2012-06-01 11:27 . 2010-11-26 02:16 54784 ----a-w- c:\windows\system32\atiuxp64.dll
2012-06-01 11:27 . 2010-09-29 01:21 7431680 ----a-w- c:\windows\system32\atiumd64.dll
2012-06-01 11:27 . 2010-04-07 01:46 64000 ----a-w- c:\windows\system32\coinst.dll
2012-06-01 11:27 . 2012-06-01 11:27 54784 ----a-w- c:\windows\system32\atimpc64.dll
2012-06-01 11:27 . 2012-06-01 11:27 54784 ----a-w- c:\windows\system32\amdpcom64.dll
2012-06-01 11:27 . 2012-06-01 11:27 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-06-01 11:27 . 2012-06-01 11:27 1120768 ----a-w- c:\windows\system32\atiumd6v.dll
2012-06-01 11:27 . 2012-06-01 11:27 19753984 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-06-01 11:27 . 2012-03-09 03:56 41984 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-06-01 11:27 . 2012-06-01 11:27 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-06-01 11:27 . 2010-11-26 02:22 4795904 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-06-01 11:27 . 2012-06-01 11:27 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-06-01 11:27 . 2012-06-01 11:27 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-06-01 11:27 . 2012-06-01 11:27 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-06-01 11:27 . 2012-06-01 11:27 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-06-01 11:27 . 2012-06-01 11:27 236544 ----a-w- c:\windows\system32\atiesrxx.exe
2012-06-01 11:27 . 2010-11-26 02:30 6203392 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-06-01 11:27 . 2010-11-26 02:17 514560 ----a-w- c:\windows\system32\atiadlxx.dll
2012-06-01 11:27 . 2012-06-01 11:27 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-06-01 11:27 . 2012-06-01 11:27 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-06-01 11:27 . 2011-04-20 07:30 26181632 ----a-w- c:\windows\system32\atio6axx.dll
2012-06-01 11:27 . 2010-11-26 02:15 32256 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-06-01 11:27 . 2012-06-01 11:27 1831424 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2012-06-01 11:27 . 2012-06-01 11:27 7479296 ----a-w- c:\windows\system32\atidxx64.dll
2012-06-01 11:27 . 2012-06-01 11:27 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-06-01 11:27 . 2010-11-26 02:58 909312 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-06-01 11:27 . 2010-11-26 02:57 1067520 ----a-w- c:\windows\system32\aticfx64.dll
2012-06-01 11:27 . 2012-06-01 11:27 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2012-06-01 11:27 . 2010-09-29 01:13 44544 ----a-w- c:\windows\system32\atiu9p64.dll
2012-06-01 11:27 . 2012-06-01 11:27 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-06-01 11:27 . 2012-06-01 11:27 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-06-01 11:27 . 2012-06-01 11:27 11174400 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-06-01 11:27 . 2012-06-01 11:27 13764096 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-06-01 11:27 . 2012-03-09 05:11 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-06-01 11:27 . 2012-06-01 11:27 503808 ----a-w- c:\windows\system32\atieclxx.exe
2012-06-01 11:27 . 2011-04-20 06:22 17408 ----a-w- c:\windows\system32\atig6pxx.dll
2012-06-01 11:27 . 2012-06-01 11:27 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-06-01 11:27 . 2012-06-01 11:27 53760 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-06-01 11:27 . 2012-06-01 11:27 53760 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-06-01 11:27 . 2012-06-01 11:27 343040 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-06-01 11:27 . 2012-06-01 11:27 360448 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-05-29 03:56 . 2010-05-06 20:29 175736 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2012-05-04 23:29 . 2010-05-06 20:04 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-04-06 02:34 . 2012-04-06 02:34 187392 ----a-w- c:\windows\system32\clinfo.exe
2012-04-06 02:34 . 2012-04-06 02:34 74752 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-04-06 02:34 . 2012-04-06 02:34 64512 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-04-06 02:33 . 2012-04-06 02:33 63488 ----a-w- c:\windows\system32\OVDecode64.dll
2012-04-06 02:33 . 2012-04-06 02:33 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-04-06 02:33 . 2012-04-06 02:33 16457216 ----a-w- c:\windows\system32\amdocl64.dll
2012-04-06 02:32 . 2012-04-06 02:32 13007872 ----a-w- c:\windows\SysWow64\amdocl.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2012-02-23 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2009-12-23 284696]
"VolPanel"="c:\program files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [2009-04-09 241789]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2011-03-01 144616]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"CTxfiHlp"="CTXFIHLP.EXE" [2010-07-07 24576]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-04-06 641664]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-10-12 559616]
.
c:\users\Danegeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2010-5-6 0]
Logitech blank Product Registration.lnk - c:\program files (x86)\Logitech\G930\eReg.exe [N/A]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
NETGEAR WNDA3100v2 Genie.lnk - c:\program files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe [2012-6-2 8453376]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 AlienFusionService;Alienware Fusion Service;c:\program files\Alienware\Command Center\AlienFusionService.exe [2011-05-02 15296]
R2 CLKMSVC10_1628BCEA;CyberLink Product - 2012/04/20 16:00;c:\program files (x86)\CyberLink\PowerDVD DX\Kernel\BD\NavFilter\kmsvc.exe [2011-03-01 240360]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-30 136176]
R2 WSWNDA3100v2;WSWNDA3100v2;c:\program files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [2011-12-14 303360]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 250056]
R3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\DRIVERS\bcmwlhigh664.sys [2011-12-12 1256192]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-04-14 54824]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 cpuz130;cpuz130;c:\users\Danegeld\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-09-21 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-04-29 79360]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [2010-07-07 230488]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [2010-07-07 1445976]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [2010-07-07 95320]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-30 136176]
R3 LADF_BakerCOnly;BakerC Filter Driver;c:\windows\system32\DRIVERS\ladfBakerCamd64.sys [2011-03-18 410184]
R3 LADF_BakerROnly;BakerR Filter Driver;c:\windows\system32\DRIVERS\ladfBakerRamd64.sys [2011-03-18 335688]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2011-12-07 16008]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-06 1255736]
S0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\DRIVERS\scmndisp.sys [2011-07-22 25056]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\0602010.005\SYMDS64.SYS [2012-03-29 451192]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\0602010.005\SYMEFA64.SYS [2012-03-29 1092728]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120619.001\BHDrvx64.sys [2012-06-19 1161376]
S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\0602010.005\ccSetx64.sys [2011-11-29 167048]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20120629.001\IDSvia64.sys [2012-06-14 509088]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\0602010.005\Ironx64.SYS [2012-03-29 190072]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\0602010.005\SYMNETS.SYS [2012-03-29 405624]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S2 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7};Power Control [2012/04/20 16:00];c:\program files (x86)\CyberLink\PowerDVD DX\000.fcl [2009-12-29 21:35 146928]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-06-01 236544]
S2 BPowMon;Broadcom Power monitoring service;c:\program files\Broadcom\BPowMon\BPowMon.exe [2009-10-27 117608]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-23 13336]
S2 IOCBIOS;IOCBIOS;c:\programdata\Intel\Extreme Tuning Utility\IOCbios\64bit\IOCBIOS.SYS [2009-07-09 27096]
S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exe [2012-03-27 138232]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\nlssrv32.exe [2011-10-25 66560]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
S2 XTUService;Intel® Extreme Tuning Utility;c:\program files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe [2009-07-27 30944]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-06-01 11174400]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-06-01 343040]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-06-01 95760]
S3 CompFilter64;UVCCompositeFilter;c:\windows\system32\DRIVERS\lvbflt64.sys [2012-01-18 25632]
S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [2010-07-07 230488]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [2010-07-07 1445976]
S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [2010-07-07 95320]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-06-02 138912]
S3 ha20x22k;Creative 20X2 HAL Driver;c:\windows\system32\drivers\ha20x22k.sys [2010-07-07 1612888]
S3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-10-16 321064]
S3 LADF_CaptureOnly;LADF Capture Filter Driver;c:\windows\system32\DRIVERS\ladfGSCamd64.sys [2011-12-07 410184]
S3 LADF_RenderOnly;LADF Render Filter Driver;c:\windows\system32\DRIVERS\ladfGSRamd64.sys [2011-12-07 341832]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2011-12-07 22408]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]
S3 LVUVC64;Logitech HD Pro Webcam C910(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]
S3 mio;Master IO Filter Driver;c:\windows\system32\DRIVERS\mio.sys [2010-10-13 14928]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - CLKMDRV10_1628BCEA
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-07 23:23]
.
2012-07-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-30 19:58]
.
2012-07-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-30 19:58]
.
2012-07-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2035710577-4104604380-1009470740-1001Core.job
- c:\users\Danegeld\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-20 17:43]
.
2012-07-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2035710577-4104604380-1009470740-1001UA.job
- c:\users\Danegeld\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-20 17:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"Command Center Controllers"="c:\program files\Alienware\Command Center\AWCCStartupOrchestrator.exe" [2011-05-02 13256]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2011-09-29 110360]
"combofix"="c:\combofix\CF24280.3XE" [2010-11-20 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.yahoo.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: villagephotos.com\old
Trusted Zone: villagephotos.com\www
TCP: DhcpNameServer = 192.168.0.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Toolbar-Locked - (no file)
HKLM-Run-(Default) - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\6.2.1.5\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD DX\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
.
**************************************************************************
.
Completion time: 2012-07-01 18:11:05 - machine was rebooted
ComboFix-quarantined-files.txt 2012-07-01 22:11
.
Pre-Run: 55,139,737,600 bytes free
Post-Run: 54,518,165,504 bytes free
.
- - End Of File - - 50411B5334C5730210EF31706CD6A980

#7 Talthan

Talthan
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:58 AM

Posted 01 July 2012 - 05:32 PM

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

a scary thing to see... :o

Since I made this post It seems things are back to normal, however I did want to continue just to make sure whatever it was ...was gone for good.

Noticed I need to update Acrobat Reader so I will do that while I wait for next instructions

thank you

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 134,640 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:58 AM

Posted 01 July 2012 - 05:54 PM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic


Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 Talthan

Talthan
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:58 AM

Posted 01 July 2012 - 05:58 PM

18:55:38.0956 2104 TDSS rootkit removing tool 2.7.43.0 Jun 29 2012 17:54:22
18:55:39.0273 2104 ============================================================
18:55:39.0273 2104 Current date / time: 2012/07/01 18:55:39.0273
18:55:39.0273 2104 SystemInfo:
18:55:39.0273 2104
18:55:39.0273 2104 OS Version: 6.1.7601 ServicePack: 1.0
18:55:39.0273 2104 Product type: Workstation
18:55:39.0273 2104 ComputerName: THANTOSV-PC
18:55:39.0273 2104 UserName: Danegeld
18:55:39.0273 2104 Windows directory: C:\Windows
18:55:39.0273 2104 System windows directory: C:\Windows
18:55:39.0273 2104 Running under WOW64
18:55:39.0273 2104 Processor architecture: Intel x64
18:55:39.0273 2104 Number of processors: 12
18:55:39.0273 2104 Page size: 0x1000
18:55:39.0273 2104 Boot type: Normal boot
18:55:39.0273 2104 ============================================================
18:55:39.0945 2104 Drive \Device\Harddisk0\DR0 - Size: 0x8BBAB00000 (558.92 Gb), SectorSize: 0x200, Cylinders: 0x11D01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:55:39.0975 2104 ============================================================
18:55:39.0975 2104 \Device\Harddisk0\DR0:
18:55:39.0975 2104 MBR partitions:
18:55:39.0975 2104 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x100D000
18:55:39.0975 2104 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1021000, BlocksNum 0x44DB4000
18:55:39.0975 2104 ============================================================
18:55:39.0984 2104 C: <-> \Device\Harddisk0\DR0\Partition1
18:55:39.0985 2104 ============================================================
18:55:39.0985 2104 Initialize success
18:55:39.0985 2104 ============================================================
18:55:43.0510 9908 ============================================================
18:55:43.0510 9908 Scan started
18:55:43.0510 9908 Mode: Manual;
18:55:43.0510 9908 ============================================================
18:55:44.0243 9908 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
18:55:44.0244 9908 !SASCORE - ok
18:55:44.0409 9908 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
18:55:44.0410 9908 1394ohci - ok
18:55:44.0466 9908 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
18:55:44.0467 9908 ACPI - ok
18:55:44.0502 9908 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
18:55:44.0503 9908 AcpiPmi - ok
18:55:44.0637 9908 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:55:44.0637 9908 AdobeARMservice - ok
18:55:44.0715 9908 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:55:44.0715 9908 AdobeFlashPlayerUpdateSvc - ok
18:55:44.0793 9908 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
18:55:44.0793 9908 adp94xx - ok
18:55:44.0824 9908 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
18:55:44.0826 9908 adpahci - ok
18:55:44.0843 9908 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
18:55:44.0845 9908 adpu320 - ok
18:55:44.0856 9908 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
18:55:44.0856 9908 AeLookupSvc - ok
18:55:44.0910 9908 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
18:55:44.0912 9908 AFD - ok
18:55:44.0923 9908 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
18:55:44.0924 9908 agp440 - ok
18:55:44.0940 9908 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
18:55:44.0941 9908 ALG - ok
18:55:45.0036 9908 AlienFusionService (976d409a347340c907cd854fb9a9b252) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
18:55:45.0037 9908 AlienFusionService - ok
18:55:45.0074 9908 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
18:55:45.0083 9908 aliide - ok
18:55:45.0123 9908 AMD External Events Utility (20c8a3e435a47f0408a1ea674afa6194) C:\Windows\system32\atiesrxx.exe
18:55:45.0126 9908 AMD External Events Utility - ok
18:55:45.0134 9908 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
18:55:45.0135 9908 amdide - ok
18:55:45.0175 9908 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
18:55:45.0183 9908 AmdK8 - ok
18:55:45.0376 9908 amdkmdag (0b45c18b0f3ee996d25baa4e74884b83) C:\Windows\system32\DRIVERS\atikmdag.sys
18:55:45.0445 9908 amdkmdag - ok
18:55:45.0512 9908 amdkmdap (0e57258e5cc4cc7a9a9a877afdf0cec6) C:\Windows\system32\DRIVERS\atikmpag.sys
18:55:45.0513 9908 amdkmdap - ok
18:55:45.0529 9908 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
18:55:45.0535 9908 AmdPPM - ok
18:55:45.0570 9908 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
18:55:45.0571 9908 amdsata - ok
18:55:45.0620 9908 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
18:55:45.0621 9908 amdsbs - ok
18:55:45.0629 9908 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
18:55:45.0629 9908 amdxata - ok
18:55:45.0682 9908 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
18:55:45.0686 9908 AppID - ok
18:55:45.0732 9908 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
18:55:45.0733 9908 AppIDSvc - ok
18:55:45.0768 9908 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
18:55:45.0769 9908 Appinfo - ok
18:55:45.0876 9908 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:55:45.0877 9908 Apple Mobile Device - ok
18:55:45.0916 9908 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
18:55:45.0917 9908 arc - ok
18:55:45.0935 9908 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
18:55:45.0938 9908 arcsas - ok
18:55:45.0960 9908 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
18:55:45.0960 9908 AsyncMac - ok
18:55:46.0012 9908 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
18:55:46.0019 9908 atapi - ok
18:55:46.0092 9908 AtiHDAudioService (24464b908e143d2561e9e452fee97309) C:\Windows\system32\drivers\AtihdW76.sys
18:55:46.0092 9908 AtiHDAudioService - ok
18:55:46.0123 9908 AtiHdmiService (7e2f5a758f63f80f8b03f889b4e6b19f) C:\Windows\system32\drivers\AtiHdmi.sys
18:55:46.0123 9908 AtiHdmiService - ok
18:55:46.0216 9908 atikmdag (0b45c18b0f3ee996d25baa4e74884b83) C:\Windows\system32\DRIVERS\atikmdag.sys
18:55:46.0248 9908 atikmdag - ok
18:55:46.0294 9908 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
18:55:46.0310 9908 AudioEndpointBuilder - ok
18:55:46.0310 9908 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
18:55:46.0310 9908 AudioSrv - ok
18:55:46.0326 9908 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
18:55:46.0341 9908 AxInstSV - ok
18:55:46.0372 9908 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
18:55:46.0388 9908 b06bdrv - ok
18:55:46.0404 9908 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
18:55:46.0419 9908 b57nd60a - ok
18:55:46.0513 9908 BCMH43XX (44e6e51aedbf3e0b38a6cd5432649e57) C:\Windows\system32\DRIVERS\bcmwlhigh664.sys
18:55:46.0513 9908 BCMH43XX - ok
18:55:46.0544 9908 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
18:55:46.0544 9908 BDESVC - ok
18:55:46.0591 9908 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
18:55:46.0591 9908 Beep - ok
18:55:46.0669 9908 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
18:55:46.0669 9908 BFE - ok
18:55:46.0856 9908 BHDrvx64 (c8ab71a5102d0fc103f6dfc750005137) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120619.001\BHDrvx64.sys
18:55:46.0856 9908 BHDrvx64 - ok
18:55:46.0918 9908 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
18:55:46.0918 9908 BITS - ok
18:55:46.0950 9908 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
18:55:46.0950 9908 blbdrive - ok
18:55:47.0012 9908 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
18:55:47.0012 9908 Bonjour Service - ok
18:55:47.0028 9908 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
18:55:47.0028 9908 bowser - ok
18:55:47.0074 9908 BPowMon (cd6d4b6583f56f03f9c6971cff159314) C:\Program Files\Broadcom\BPowMon\BPowMon.exe
18:55:47.0074 9908 BPowMon - ok
18:55:47.0090 9908 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:55:47.0090 9908 BrFiltLo - ok
18:55:47.0106 9908 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:55:47.0106 9908 BrFiltUp - ok
18:55:47.0168 9908 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
18:55:47.0168 9908 BridgeMP - ok
18:55:47.0199 9908 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
18:55:47.0199 9908 Browser - ok
18:55:47.0230 9908 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
18:55:47.0230 9908 Brserid - ok
18:55:47.0246 9908 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
18:55:47.0246 9908 BrSerWdm - ok
18:55:47.0246 9908 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:55:47.0246 9908 BrUsbMdm - ok
18:55:47.0262 9908 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
18:55:47.0262 9908 BrUsbSer - ok
18:55:47.0308 9908 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
18:55:47.0308 9908 BthEnum - ok
18:55:47.0340 9908 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
18:55:47.0340 9908 BTHMODEM - ok
18:55:47.0355 9908 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
18:55:47.0355 9908 BthPan - ok
18:55:47.0418 9908 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
18:55:47.0433 9908 BTHPORT - ok
18:55:47.0449 9908 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
18:55:47.0464 9908 bthserv - ok
18:55:47.0480 9908 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
18:55:47.0480 9908 BTHUSB - ok
18:55:47.0542 9908 btusbflt (2641a3fe3d7b0646308f33b67f3b5300) C:\Windows\system32\drivers\btusbflt.sys
18:55:47.0542 9908 btusbflt - ok
18:55:47.0558 9908 btwaudio - ok
18:55:47.0558 9908 btwl2cap - ok
18:55:47.0558 9908 btwrchid - ok
18:55:47.0574 9908 catchme - ok
18:55:47.0636 9908 ccSet_N360 (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\N360x64\0602010.005\ccSetx64.sys
18:55:47.0652 9908 ccSet_N360 - ok
18:55:47.0667 9908 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
18:55:47.0683 9908 cdfs - ok
18:55:47.0730 9908 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
18:55:47.0730 9908 cdrom - ok
18:55:47.0761 9908 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
18:55:47.0761 9908 CertPropSvc - ok
18:55:47.0776 9908 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
18:55:47.0776 9908 circlass - ok
18:55:47.0823 9908 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
18:55:47.0823 9908 CLFS - ok
18:55:47.0901 9908 CLKMSVC10_1628BCEA (de48552360fa8bdf569d83f07cb1b566) C:\Program Files (x86)\CyberLink\PowerDVD DX\Kernel\BD\NavFilter\kmsvc.exe
18:55:47.0901 9908 CLKMSVC10_1628BCEA - ok
18:55:47.0948 9908 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:55:47.0948 9908 clr_optimization_v2.0.50727_32 - ok
18:55:47.0979 9908 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:55:47.0995 9908 clr_optimization_v2.0.50727_64 - ok
18:55:48.0057 9908 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:55:48.0057 9908 clr_optimization_v4.0.30319_32 - ok
18:55:48.0104 9908 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:55:48.0120 9908 clr_optimization_v4.0.30319_64 - ok
18:55:48.0135 9908 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
18:55:48.0135 9908 CmBatt - ok
18:55:48.0151 9908 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
18:55:48.0166 9908 cmdide - ok
18:55:48.0213 9908 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
18:55:48.0213 9908 CNG - ok
18:55:48.0229 9908 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
18:55:48.0229 9908 Compbatt - ok
18:55:48.0260 9908 CompFilter64 (59d203c3f46f3ca536ecac0e084cd887) C:\Windows\system32\DRIVERS\lvbflt64.sys
18:55:48.0260 9908 CompFilter64 - ok
18:55:48.0291 9908 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
18:55:48.0291 9908 CompositeBus - ok
18:55:48.0307 9908 COMSysApp - ok
18:55:48.0369 9908 cpuz130 - ok
18:55:48.0385 9908 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
18:55:48.0385 9908 crcdisk - ok
18:55:48.0400 9908 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
18:55:48.0416 9908 Creative ALchemy AL6 Licensing Service - ok
18:55:48.0432 9908 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
18:55:48.0432 9908 Creative Audio Engine Licensing Service - ok
18:55:48.0478 9908 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
18:55:48.0478 9908 CryptSvc - ok
18:55:48.0541 9908 CT20XUT (148c9c111291c41d6b2abfb6fbb43856) C:\Windows\system32\drivers\CT20XUT.SYS
18:55:48.0541 9908 CT20XUT - ok
18:55:48.0541 9908 CT20XUT.SYS (148c9c111291c41d6b2abfb6fbb43856) C:\Windows\System32\drivers\CT20XUT.SYS
18:55:48.0556 9908 CT20XUT.SYS - ok
18:55:48.0619 9908 ctac32k (397fbd4454e5b2fb77e55d1013df548c) C:\Windows\system32\drivers\ctac32k.sys
18:55:48.0619 9908 ctac32k - ok
18:55:48.0666 9908 ctaud2k (50a8cd4df066fe57d0c473a2645988cc) C:\Windows\system32\drivers\ctaud2k.sys
18:55:48.0666 9908 ctaud2k - ok
18:55:48.0712 9908 CTAudSvcService (5ce3d0e1d1b3832ee052cfc442eee0fa) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
18:55:48.0728 9908 CTAudSvcService - ok
18:55:48.0775 9908 CTEXFIFX (6f9c3c6c78f5296f4bc7102fb0f7cb65) C:\Windows\system32\drivers\CTEXFIFX.SYS
18:55:48.0790 9908 CTEXFIFX - ok
18:55:48.0806 9908 CTEXFIFX.SYS (6f9c3c6c78f5296f4bc7102fb0f7cb65) C:\Windows\System32\drivers\CTEXFIFX.SYS
18:55:48.0806 9908 CTEXFIFX.SYS - ok
18:55:48.0837 9908 CTHWIUT (ae78ca7ee865a28ac841211db655acf3) C:\Windows\system32\drivers\CTHWIUT.SYS
18:55:48.0837 9908 CTHWIUT - ok
18:55:48.0837 9908 CTHWIUT.SYS (ae78ca7ee865a28ac841211db655acf3) C:\Windows\System32\drivers\CTHWIUT.SYS
18:55:48.0837 9908 CTHWIUT.SYS - ok
18:55:48.0853 9908 ctprxy2k (757776e207ca5e71e4a16bd1260ae1f2) C:\Windows\system32\drivers\ctprxy2k.sys
18:55:48.0853 9908 ctprxy2k - ok
18:55:48.0868 9908 ctsfm2k (9b111ee2f488a8d9c21a13ed4c777795) C:\Windows\system32\drivers\ctsfm2k.sys
18:55:48.0868 9908 ctsfm2k - ok
18:55:48.0915 9908 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
18:55:48.0915 9908 DcomLaunch - ok
18:55:48.0946 9908 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
18:55:48.0946 9908 defragsvc - ok
18:55:48.0978 9908 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
18:55:48.0978 9908 DfsC - ok
18:55:49.0009 9908 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
18:55:49.0009 9908 Dhcp - ok
18:55:49.0056 9908 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
18:55:49.0056 9908 discache - ok
18:55:49.0087 9908 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
18:55:49.0087 9908 Disk - ok
18:55:49.0118 9908 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
18:55:49.0118 9908 Dnscache - ok
18:55:49.0165 9908 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
18:55:49.0165 9908 dot3svc - ok
18:55:49.0212 9908 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
18:55:49.0212 9908 DPS - ok
18:55:49.0243 9908 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
18:55:49.0243 9908 drmkaud - ok
18:55:49.0305 9908 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
18:55:49.0305 9908 DXGKrnl - ok
18:55:49.0321 9908 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
18:55:49.0321 9908 EapHost - ok
18:55:49.0446 9908 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
18:55:49.0446 9908 ebdrv - ok
18:55:49.0524 9908 eeCtrl (ba6420c1f7070ed8f1ba372844f3e1ec) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
18:55:49.0539 9908 eeCtrl - ok
18:55:49.0555 9908 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
18:55:49.0555 9908 EFS - ok
18:55:49.0586 9908 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
18:55:49.0602 9908 ehRecvr - ok
18:55:49.0617 9908 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
18:55:49.0617 9908 ehSched - ok
18:55:49.0648 9908 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
18:55:49.0648 9908 elxstor - ok
18:55:49.0680 9908 emupia (683dcaf0d4efc3f95a32e8924849202d) C:\Windows\system32\drivers\emupia2k.sys
18:55:49.0680 9908 emupia - ok
18:55:49.0726 9908 EraserUtilRebootDrv (1343df3451bc0c442dc69837c6fba21b) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
18:55:49.0726 9908 EraserUtilRebootDrv - ok
18:55:49.0742 9908 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
18:55:49.0742 9908 ErrDev - ok
18:55:49.0804 9908 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
18:55:49.0804 9908 EventSystem - ok
18:55:49.0836 9908 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
18:55:49.0851 9908 exfat - ok
18:55:49.0867 9908 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
18:55:49.0867 9908 fastfat - ok
18:55:49.0929 9908 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
18:55:49.0929 9908 Fax - ok
18:55:49.0945 9908 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
18:55:49.0945 9908 fdc - ok
18:55:49.0960 9908 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
18:55:49.0960 9908 fdPHost - ok
18:55:49.0976 9908 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
18:55:49.0976 9908 FDResPub - ok
18:55:49.0992 9908 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
18:55:49.0992 9908 FileInfo - ok
18:55:50.0007 9908 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
18:55:50.0007 9908 Filetrace - ok
18:55:50.0007 9908 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
18:55:50.0007 9908 flpydisk - ok
18:55:50.0054 9908 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
18:55:50.0054 9908 FltMgr - ok
18:55:50.0132 9908 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
18:55:50.0132 9908 FontCache - ok
18:55:50.0194 9908 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:55:50.0194 9908 FontCache3.0.0.0 - ok
18:55:50.0210 9908 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
18:55:50.0210 9908 FsDepends - ok
18:55:50.0226 9908 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
18:55:50.0226 9908 Fs_Rec - ok
18:55:50.0257 9908 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
18:55:50.0257 9908 fvevol - ok
18:55:50.0272 9908 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:55:50.0272 9908 gagp30kx - ok
18:55:50.0304 9908 GEARAspiWDM (af4dee5531395dee72b35b36c9671fd0) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:55:50.0304 9908 GEARAspiWDM - ok
18:55:50.0350 9908 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
18:55:50.0350 9908 gpsvc - ok
18:55:50.0413 9908 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:55:50.0413 9908 gupdate - ok
18:55:50.0444 9908 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:55:50.0444 9908 gupdatem - ok
18:55:50.0460 9908 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
18:55:50.0475 9908 gusvc - ok
18:55:50.0553 9908 ha20x22k (076f366b87575adc7d152c7a34acb3dc) C:\Windows\system32\drivers\ha20x22k.sys
18:55:50.0569 9908 ha20x22k - ok
18:55:50.0662 9908 ha20x2k (4a7533eb52dc9d1847e7f78dee1ce322) C:\Windows\system32\drivers\ha20x2k.sys
18:55:50.0678 9908 ha20x2k - ok
18:55:50.0709 9908 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
18:55:50.0709 9908 hcw85cir - ok
18:55:50.0756 9908 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
18:55:50.0756 9908 HdAudAddService - ok
18:55:50.0772 9908 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
18:55:50.0787 9908 HDAudBus - ok
18:55:50.0803 9908 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
18:55:50.0803 9908 HidBatt - ok
18:55:50.0818 9908 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
18:55:50.0818 9908 HidBth - ok
18:55:50.0818 9908 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
18:55:50.0818 9908 HidIr - ok
18:55:50.0834 9908 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
18:55:50.0850 9908 hidserv - ok
18:55:50.0881 9908 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
18:55:50.0881 9908 HidUsb - ok
18:55:50.0912 9908 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
18:55:50.0912 9908 hkmsvc - ok
18:55:50.0959 9908 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
18:55:50.0959 9908 HomeGroupListener - ok
18:55:50.0990 9908 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
18:55:50.0990 9908 HomeGroupProvider - ok
18:55:51.0021 9908 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
18:55:51.0021 9908 HpSAMD - ok
18:55:51.0052 9908 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
18:55:51.0052 9908 HTTP - ok
18:55:51.0068 9908 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
18:55:51.0068 9908 hwpolicy - ok
18:55:51.0115 9908 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
18:55:51.0115 9908 i8042prt - ok
18:55:51.0162 9908 iaStor (42e00996dfc13c46366689c0ea8abc5e) C:\Windows\system32\DRIVERS\iaStor.sys
18:55:51.0162 9908 iaStor - ok
18:55:51.0208 9908 IAStorDataMgrSvc (48362e5db5cb2c000c514ee1f3890acd) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
18:55:51.0208 9908 IAStorDataMgrSvc - ok
18:55:51.0255 9908 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
18:55:51.0255 9908 iaStorV - ok
18:55:51.0302 9908 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
18:55:51.0318 9908 IDriverT - ok
18:55:51.0364 9908 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:55:51.0380 9908 idsvc - ok
18:55:51.0474 9908 IDSVia64 (ce0bf35c79e03bb89da6b14fac838605) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20120629.001\IDSvia64.sys
18:55:51.0474 9908 IDSVia64 - ok
18:55:51.0489 9908 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
18:55:51.0489 9908 iirsp - ok
18:55:51.0536 9908 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
18:55:51.0536 9908 IKEEXT - ok
18:55:51.0567 9908 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
18:55:51.0567 9908 intelide - ok
18:55:51.0598 9908 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
18:55:51.0598 9908 intelppm - ok
18:55:51.0645 9908 IOCBIOS (0e3a39c18c9c7a25d363e2d5889cb5a2) C:\ProgramData\Intel\Extreme Tuning Utility\IOCbios\64bit\IOCBIOS.SYS
18:55:51.0645 9908 IOCBIOS - ok
18:55:51.0676 9908 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
18:55:51.0676 9908 IPBusEnum - ok
18:55:51.0708 9908 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:55:51.0708 9908 IpFilterDriver - ok
18:55:51.0754 9908 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
18:55:51.0754 9908 iphlpsvc - ok
18:55:51.0787 9908 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
18:55:51.0792 9908 IPMIDRV - ok
18:55:51.0813 9908 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
18:55:51.0814 9908 IPNAT - ok
18:55:51.0902 9908 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
18:55:51.0905 9908 iPod Service - ok
18:55:51.0909 9908 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
18:55:51.0910 9908 IRENUM - ok
18:55:51.0947 9908 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
18:55:51.0948 9908 isapnp - ok
18:55:51.0981 9908 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
18:55:51.0982 9908 iScsiPrt - ok
18:55:52.0035 9908 k57nd60a (9d7ea8c7215d8d4ae7be110eee61085d) C:\Windows\system32\DRIVERS\k57nd60a.sys
18:55:52.0037 9908 k57nd60a - ok
18:55:52.0065 9908 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
18:55:52.0065 9908 kbdclass - ok
18:55:52.0102 9908 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
18:55:52.0103 9908 kbdhid - ok
18:55:52.0122 9908 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:55:52.0123 9908 KeyIso - ok
18:55:52.0164 9908 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
18:55:52.0164 9908 KSecDD - ok
18:55:52.0195 9908 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
18:55:52.0196 9908 KSecPkg - ok
18:55:52.0219 9908 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
18:55:52.0219 9908 ksthunk - ok
18:55:52.0255 9908 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
18:55:52.0261 9908 KtmRm - ok
18:55:52.0320 9908 LADF_BakerCOnly (86f06574763a0e7cdcd57dd85632e44f) C:\Windows\system32\DRIVERS\ladfBakerCamd64.sys
18:55:52.0327 9908 LADF_BakerCOnly - ok
18:55:52.0365 9908 LADF_BakerROnly (89b4981f949a14148365de8d98a310b5) C:\Windows\system32\DRIVERS\ladfBakerRamd64.sys
18:55:52.0381 9908 LADF_BakerROnly - ok
18:55:52.0422 9908 LADF_CaptureOnly (ce4347e2d90db2e5517b6f2bc720a862) C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
18:55:52.0423 9908 LADF_CaptureOnly - ok
18:55:52.0445 9908 LADF_RenderOnly (85a9d21d3ae2ea963e111cb150895877) C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
18:55:52.0446 9908 LADF_RenderOnly - ok
18:55:52.0503 9908 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
18:55:52.0505 9908 LanmanServer - ok
18:55:52.0529 9908 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
18:55:52.0530 9908 LanmanWorkstation - ok
18:55:52.0563 9908 LGBusEnum (fa529fb35694c24bf98a9ef67c1cd9d0) C:\Windows\system32\drivers\LGBusEnum.sys
18:55:52.0563 9908 LGBusEnum - ok
18:55:52.0578 9908 LGVirHid (94b29ce153765e768f004fb3440be2b0) C:\Windows\system32\drivers\LGVirHid.sys
18:55:52.0578 9908 LGVirHid - ok
18:55:52.0613 9908 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
18:55:52.0614 9908 lltdio - ok
18:55:52.0657 9908 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
18:55:52.0659 9908 lltdsvc - ok
18:55:52.0667 9908 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
18:55:52.0667 9908 lmhosts - ok
18:55:52.0708 9908 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:55:52.0709 9908 LSI_FC - ok
18:55:52.0741 9908 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:55:52.0742 9908 LSI_SAS - ok
18:55:52.0760 9908 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:55:52.0760 9908 LSI_SAS2 - ok
18:55:52.0776 9908 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:55:52.0782 9908 LSI_SCSI - ok
18:55:52.0811 9908 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
18:55:52.0811 9908 luafv - ok
18:55:52.0852 9908 LVRS64 (0c85b2b6fb74b36a251792d45e0ef860) C:\Windows\system32\DRIVERS\lvrs64.sys
18:55:52.0853 9908 LVRS64 - ok
18:55:52.0985 9908 LVUVC64 (ff3a488924b0032b1a9ca6948c1fa9e8) C:\Windows\system32\DRIVERS\lvuvc64.sys
18:55:53.0001 9908 LVUVC64 - ok
18:55:53.0033 9908 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
18:55:53.0034 9908 Mcx2Svc - ok
18:55:53.0052 9908 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
18:55:53.0053 9908 megasas - ok
18:55:53.0099 9908 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
18:55:53.0101 9908 MegaSR - ok
18:55:53.0149 9908 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
18:55:53.0149 9908 Microsoft Office Groove Audit Service - ok
18:55:53.0212 9908 mio (8fa3c6a34458bc78c9b13ce08b277faf) C:\Windows\system32\DRIVERS\mio.sys
18:55:53.0212 9908 mio - ok
18:55:53.0227 9908 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:55:53.0243 9908 MMCSS - ok
18:55:53.0243 9908 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
18:55:53.0243 9908 Modem - ok
18:55:53.0274 9908 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
18:55:53.0274 9908 monitor - ok
18:55:53.0290 9908 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
18:55:53.0290 9908 mouclass - ok
18:55:53.0305 9908 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
18:55:53.0305 9908 mouhid - ok
18:55:53.0352 9908 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
18:55:53.0352 9908 mountmgr - ok
18:55:53.0383 9908 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
18:55:53.0383 9908 mpio - ok
18:55:53.0399 9908 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
18:55:53.0399 9908 mpsdrv - ok
18:55:53.0461 9908 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
18:55:53.0461 9908 MpsSvc - ok
18:55:53.0492 9908 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
18:55:53.0492 9908 MRxDAV - ok
18:55:53.0539 9908 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:55:53.0539 9908 mrxsmb - ok
18:55:53.0570 9908 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:55:53.0570 9908 mrxsmb10 - ok
18:55:53.0586 9908 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:55:53.0602 9908 mrxsmb20 - ok
18:55:53.0602 9908 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
18:55:53.0602 9908 msahci - ok
18:55:53.0633 9908 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
18:55:53.0633 9908 msdsm - ok
18:55:53.0648 9908 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
18:55:53.0648 9908 MSDTC - ok
18:55:53.0664 9908 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
18:55:53.0664 9908 Msfs - ok
18:55:53.0680 9908 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
18:55:53.0680 9908 mshidkmdf - ok
18:55:53.0695 9908 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
18:55:53.0695 9908 msisadrv - ok
18:55:53.0726 9908 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
18:55:53.0726 9908 MSiSCSI - ok
18:55:53.0726 9908 msiserver - ok
18:55:53.0758 9908 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
18:55:53.0758 9908 MSKSSRV - ok
18:55:53.0773 9908 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
18:55:53.0800 9908 MSPCLOCK - ok
18:55:53.0817 9908 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
18:55:53.0818 9908 MSPQM - ok
18:55:53.0855 9908 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
18:55:53.0857 9908 MsRPC - ok
18:55:53.0868 9908 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
18:55:53.0869 9908 mssmbios - ok
18:55:53.0887 9908 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
18:55:53.0887 9908 MSTEE - ok
18:55:53.0897 9908 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
18:55:53.0897 9908 MTConfig - ok
18:55:53.0911 9908 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
18:55:53.0911 9908 Mup - ok
18:55:53.0974 9908 N360 (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exe
18:55:53.0975 9908 N360 - ok
18:55:54.0011 9908 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
18:55:54.0014 9908 napagent - ok
18:55:54.0055 9908 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
18:55:54.0056 9908 NativeWifiP - ok
18:55:54.0154 9908 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120630.009\ENG64.SYS
18:55:54.0160 9908 NAVENG - ok
18:55:54.0276 9908 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120630.009\EX64.SYS
18:55:54.0289 9908 NAVEX15 - ok
18:55:54.0346 9908 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
18:55:54.0349 9908 NDIS - ok
18:55:54.0367 9908 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
18:55:54.0368 9908 NdisCap - ok
18:55:54.0398 9908 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
18:55:54.0398 9908 NdisTapi - ok
18:55:54.0413 9908 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
18:55:54.0413 9908 Ndisuio - ok
18:55:54.0441 9908 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
18:55:54.0445 9908 NdisWan - ok
18:55:54.0453 9908 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
18:55:54.0454 9908 NDProxy - ok
18:55:54.0544 9908 Nero BackItUp Scheduler 4.0 (7d2633295eb6ff2b938185874884059d) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
18:55:54.0548 9908 Nero BackItUp Scheduler 4.0 - ok
18:55:54.0584 9908 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
18:55:54.0584 9908 NetBIOS - ok
18:55:54.0617 9908 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
18:55:54.0618 9908 NetBT - ok
18:55:54.0636 9908 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:55:54.0637 9908 Netlogon - ok
18:55:54.0689 9908 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
18:55:54.0691 9908 Netman - ok
18:55:54.0723 9908 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
18:55:54.0725 9908 netprofm - ok
18:55:54.0761 9908 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:55:54.0761 9908 NetTcpPortSharing - ok
18:55:54.0776 9908 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
18:55:54.0776 9908 nfrd960 - ok
18:55:54.0823 9908 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
18:55:54.0823 9908 NlaSvc - ok
18:55:54.0917 9908 nlsX86cc (b1ef4686961986dffb7fe8f18e6fcb5b) C:\Windows\SysWOW64\nlssrv32.exe
18:55:54.0917 9908 nlsX86cc - ok
18:55:54.0917 9908 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
18:55:54.0917 9908 Npfs - ok
18:55:54.0932 9908 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
18:55:54.0948 9908 nsi - ok
18:55:54.0948 9908 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
18:55:54.0948 9908 nsiproxy - ok
18:55:55.0026 9908 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
18:55:55.0026 9908 Ntfs - ok
18:55:55.0042 9908 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
18:55:55.0042 9908 Null - ok
18:55:55.0088 9908 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
18:55:55.0088 9908 nvraid - ok
18:55:55.0120 9908 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
18:55:55.0120 9908 nvstor - ok
18:55:55.0151 9908 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
18:55:55.0151 9908 nv_agp - ok
18:55:55.0213 9908 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:55:55.0213 9908 odserv - ok
18:55:55.0244 9908 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
18:55:55.0244 9908 ohci1394 - ok
18:55:55.0276 9908 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:55:55.0292 9908 ose - ok
18:55:55.0352 9908 ossrv (a29a80a1cf63d0dc27eefcaf27d34664) C:\Windows\system32\drivers\ctoss2k.sys
18:55:55.0352 9908 ossrv - ok
18:55:55.0383 9908 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:55:55.0385 9908 p2pimsvc - ok
18:55:55.0415 9908 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
18:55:55.0417 9908 p2psvc - ok
18:55:55.0442 9908 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
18:55:55.0443 9908 Parport - ok
18:55:55.0460 9908 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
18:55:55.0461 9908 partmgr - ok
18:55:55.0486 9908 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
18:55:55.0487 9908 PcaSvc - ok
18:55:55.0505 9908 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
18:55:55.0505 9908 pci - ok
18:55:55.0512 9908 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
18:55:55.0513 9908 pciide - ok
18:55:55.0537 9908 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
18:55:55.0538 9908 pcmcia - ok
18:55:55.0543 9908 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
18:55:55.0544 9908 pcw - ok
18:55:55.0591 9908 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
18:55:55.0593 9908 PEAUTH - ok
18:55:55.0613 9908 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
18:55:55.0614 9908 PerfHost - ok
18:55:55.0704 9908 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
18:55:55.0709 9908 pla - ok
18:55:55.0761 9908 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
18:55:55.0764 9908 PlugPlay - ok
18:55:55.0774 9908 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
18:55:55.0775 9908 PNRPAutoReg - ok
18:55:55.0781 9908 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:55:55.0783 9908 PNRPsvc - ok
18:55:55.0816 9908 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
18:55:55.0816 9908 Point64 - ok
18:55:55.0860 9908 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
18:55:55.0862 9908 PolicyAgent - ok
18:55:55.0888 9908 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
18:55:55.0889 9908 Power - ok
18:55:55.0933 9908 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
18:55:55.0935 9908 PptpMiniport - ok
18:55:55.0947 9908 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
18:55:55.0948 9908 Processor - ok
18:55:56.0001 9908 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
18:55:56.0002 9908 ProfSvc - ok
18:55:56.0004 9908 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:55:56.0004 9908 ProtectedStorage - ok
18:55:56.0041 9908 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
18:55:56.0042 9908 Psched - ok
18:55:56.0117 9908 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
18:55:56.0123 9908 ql2300 - ok
18:55:56.0145 9908 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
18:55:56.0147 9908 ql40xx - ok
18:55:56.0176 9908 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
18:55:56.0181 9908 QWAVE - ok
18:55:56.0186 9908 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
18:55:56.0187 9908 QWAVEdrv - ok
18:55:56.0202 9908 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
18:55:56.0205 9908 RasAcd - ok
18:55:56.0240 9908 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:55:56.0244 9908 RasAgileVpn - ok
18:55:56.0256 9908 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
18:55:56.0263 9908 RasAuto - ok
18:55:56.0279 9908 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:55:56.0295 9908 Rasl2tp - ok
18:55:56.0310 9908 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
18:55:56.0310 9908 RasMan - ok
18:55:56.0326 9908 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
18:55:56.0326 9908 RasPppoe - ok
18:55:56.0373 9908 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
18:55:56.0373 9908 RasSstp - ok
18:55:56.0404 9908 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
18:55:56.0404 9908 rdbss - ok
18:55:56.0404 9908 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
18:55:56.0404 9908 rdpbus - ok
18:55:56.0419 9908 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:55:56.0419 9908 RDPCDD - ok
18:55:56.0451 9908 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
18:55:56.0451 9908 RDPENCDD - ok
18:55:56.0451 9908 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
18:55:56.0451 9908 RDPREFMP - ok
18:55:56.0513 9908 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
18:55:56.0513 9908 RDPWD - ok
18:55:56.0560 9908 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
18:55:56.0560 9908 rdyboost - ok
18:55:56.0560 9908 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
18:55:56.0575 9908 RemoteAccess - ok
18:55:56.0575 9908 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
18:55:56.0591 9908 RemoteRegistry - ok
18:55:56.0622 9908 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
18:55:56.0622 9908 RFCOMM - ok
18:55:56.0653 9908 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
18:55:56.0653 9908 RpcEptMapper - ok
18:55:56.0669 9908 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
18:55:56.0685 9908 RpcLocator - ok
18:55:56.0716 9908 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
18:55:56.0716 9908 RpcSs - ok
18:55:56.0731 9908 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
18:55:56.0747 9908 rspndr - ok
18:55:56.0747 9908 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:55:56.0747 9908 SamSs - ok
18:55:56.0794 9908 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
18:55:56.0794 9908 SASDIFSV - ok
18:55:56.0809 9908 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
18:55:56.0809 9908 SASKUTIL - ok
18:55:56.0841 9908 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
18:55:56.0856 9908 sbp2port - ok
18:55:56.0950 9908 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
18:55:56.0950 9908 SBSDWSCService - ok
18:55:56.0965 9908 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
18:55:56.0965 9908 SCardSvr - ok
18:55:56.0981 9908 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
18:55:56.0981 9908 scfilter - ok
18:55:57.0043 9908 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
18:55:57.0043 9908 Schedule - ok
18:55:57.0090 9908 SCMNdisP (2a50be713faf033420466c25979c028e) C:\Windows\system32\DRIVERS\scmndisp.sys
18:55:57.0090 9908 SCMNdisP - ok
18:55:57.0106 9908 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
18:55:57.0106 9908 SCPolicySvc - ok
18:55:57.0137 9908 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
18:55:57.0137 9908 SDRSVC - ok
18:55:57.0153 9908 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:55:57.0153 9908 secdrv - ok
18:55:57.0168 9908 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
18:55:57.0168 9908 seclogon - ok
18:55:57.0184 9908 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
18:55:57.0184 9908 SENS - ok
18:55:57.0184 9908 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
18:55:57.0184 9908 SensrSvc - ok
18:55:57.0199 9908 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
18:55:57.0199 9908 Serenum - ok
18:55:57.0215 9908 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
18:55:57.0231 9908 Serial - ok
18:55:57.0231 9908 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
18:55:57.0231 9908 sermouse - ok
18:55:57.0277 9908 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
18:55:57.0277 9908 SessionEnv - ok
18:55:57.0293 9908 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
18:55:57.0293 9908 sffdisk - ok
18:55:57.0309 9908 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
18:55:57.0309 9908 sffp_mmc - ok
18:55:57.0324 9908 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
18:55:57.0324 9908 sffp_sd - ok
18:55:57.0340 9908 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
18:55:57.0340 9908 sfloppy - ok
18:55:57.0433 9908 SftService (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
18:55:57.0449 9908 SftService - ok
18:55:57.0480 9908 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
18:55:57.0480 9908 SharedAccess - ok
18:55:57.0527 9908 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
18:55:57.0527 9908 ShellHWDetection - ok
18:55:57.0543 9908 SI3132 (0f498dee92fd73dd999bae4d506367f5) C:\Windows\system32\DRIVERS\SI3132.sys
18:55:57.0543 9908 SI3132 - ok
18:55:57.0558 9908 SiFilter (127ce10e01f53f2edaca7fe42e5631ea) C:\Windows\system32\DRIVERS\SiWinAcc.sys
18:55:57.0574 9908 SiFilter - ok
18:55:57.0574 9908 SiRemFil (b742c37002b8ebef6e230df9b4b28546) C:\Windows\system32\DRIVERS\SiRemFil.sys
18:55:57.0574 9908 SiRemFil - ok
18:55:57.0589 9908 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:55:57.0589 9908 SiSRaid2 - ok
18:55:57.0589 9908 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
18:55:57.0605 9908 SiSRaid4 - ok
18:55:57.0636 9908 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
18:55:57.0636 9908 Smb - ok
18:55:57.0667 9908 smbusp (14a6c16f523be06ba307cb68597eaa82) C:\Windows\system32\DRIVERS\intelsmb.sys
18:55:57.0667 9908 smbusp - ok
18:55:57.0699 9908 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
18:55:57.0699 9908 SNMPTRAP - ok
18:55:57.0714 9908 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
18:55:57.0714 9908 spldr - ok
18:55:57.0730 9908 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
18:55:57.0730 9908 Spooler - ok
18:55:57.0842 9908 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
18:55:57.0856 9908 sppsvc - ok
18:55:57.0879 9908 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
18:55:57.0887 9908 sppuinotify - ok
18:55:57.0960 9908 SRTSP (06b9a7ba94356ec5207c5ddb59540378) C:\Windows\System32\Drivers\N360x64\0602010.005\SRTSP64.SYS
18:55:57.0963 9908 SRTSP - ok
18:55:57.0989 9908 SRTSPX (fbb8945a61e55a2345d12487c74a9d76) C:\Windows\system32\drivers\N360x64\0602010.005\SRTSPX64.SYS
18:55:57.0990 9908 SRTSPX - ok
18:55:58.0037 9908 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
18:55:58.0039 9908 srv - ok
18:55:58.0063 9908 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
18:55:58.0065 9908 srv2 - ok
18:55:58.0091 9908 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
18:55:58.0092 9908 srvnet - ok
18:55:58.0122 9908 ssadbus (8f8324ed1de63ffc7b1a02cd2d963c72) C:\Windows\system32\DRIVERS\ssadbus.sys
18:55:58.0123 9908 ssadbus - ok
18:55:58.0165 9908 ssadmdfl (58221efcb74167b73667f0024c661ce0) C:\Windows\system32\DRIVERS\ssadmdfl.sys
18:55:58.0166 9908 ssadmdfl - ok
18:55:58.0205 9908 ssadmdm (4da7c71bfac5ad71255b7e4cab980163) C:\Windows\system32\DRIVERS\ssadmdm.sys
18:55:58.0206 9908 ssadmdm - ok
18:55:58.0250 9908 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
18:55:58.0252 9908 SSDPSRV - ok
18:55:58.0266 9908 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
18:55:58.0267 9908 SstpSvc - ok
18:55:58.0325 9908 Steam Client Service - ok
18:55:58.0347 9908 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
18:55:58.0353 9908 stexstor - ok
18:55:58.0407 9908 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
18:55:58.0410 9908 stisvc - ok
18:55:58.0436 9908 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
18:55:58.0437 9908 swenum - ok
18:55:58.0550 9908 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:55:58.0552 9908 SwitchBoard - ok
18:55:58.0586 9908 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
18:55:58.0588 9908 swprv - ok
18:55:58.0673 9908 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\N360x64\0602010.005\SYMDS64.SYS
18:55:58.0675 9908 SymDS - ok
18:55:58.0725 9908 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\N360x64\0602010.005\SYMEFA64.SYS
18:55:58.0728 9908 SymEFA - ok
18:55:58.0789 9908 SymEvent (898bb48c797483420df523b2bbc1ecdb) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
18:55:58.0790 9908 SymEvent - ok
18:55:58.0810 9908 SymIM (b681d1b0f9596684225dcc9b94c6bacf) C:\Windows\system32\DRIVERS\SymIMv.sys
18:55:58.0810 9908 SymIM - ok
18:55:58.0842 9908 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\N360x64\0602010.005\Ironx64.SYS
18:55:58.0842 9908 SymIRON - ok
18:55:58.0888 9908 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\System32\Drivers\N360x64\0602010.005\SYMNETS.SYS
18:55:58.0888 9908 SymNetS - ok
18:55:58.0982 9908 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
18:55:58.0982 9908 SysMain - ok
18:55:59.0013 9908 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
18:55:59.0013 9908 TabletInputService - ok
18:55:59.0044 9908 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
18:55:59.0044 9908 TapiSrv - ok
18:55:59.0060 9908 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
18:55:59.0060 9908 TBS - ok
18:55:59.0154 9908 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
18:55:59.0169 9908 Tcpip - ok
18:55:59.0185 9908 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
18:55:59.0200 9908 TCPIP6 - ok
18:55:59.0216 9908 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
18:55:59.0232 9908 tcpipreg - ok
18:55:59.0247 9908 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
18:55:59.0247 9908 TDPIPE - ok
18:55:59.0278 9908 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
18:55:59.0278 9908 TDTCP - ok
18:55:59.0325 9908 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
18:55:59.0325 9908 tdx - ok
18:55:59.0341 9908 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
18:55:59.0341 9908 TermDD - ok
18:55:59.0388 9908 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
18:55:59.0388 9908 TermService - ok
18:55:59.0403 9908 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
18:55:59.0403 9908 Themes - ok
18:55:59.0419 9908 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:55:59.0419 9908 THREADORDER - ok
18:55:59.0466 9908 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
18:55:59.0481 9908 TrkWks - ok
18:55:59.0528 9908 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
18:55:59.0528 9908 TrustedInstaller - ok
18:55:59.0559 9908 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:55:59.0559 9908 tssecsrv - ok
18:55:59.0606 9908 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
18:55:59.0606 9908 TsUsbFlt - ok
18:55:59.0637 9908 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
18:55:59.0637 9908 tunnel - ok
18:55:59.0653 9908 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
18:55:59.0653 9908 uagp35 - ok
18:55:59.0700 9908 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
18:55:59.0700 9908 udfs - ok
18:55:59.0715 9908 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
18:55:59.0715 9908 UI0Detect - ok
18:55:59.0731 9908 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
18:55:59.0731 9908 uliagpkx - ok
18:55:59.0762 9908 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
18:55:59.0762 9908 umbus - ok
18:55:59.0814 9908 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
18:55:59.0820 9908 UmPass - ok
18:55:59.0914 9908 UMVPFSrv (67a95b9d129ed5399e7965cd09cf30e7) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
18:55:59.0915 9908 UMVPFSrv - ok
18:55:59.0942 9908 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
18:55:59.0944 9908 upnphost - ok
18:55:59.0997 9908 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
18:56:00.0006 9908 USBAAPL64 - ok
18:56:00.0033 9908 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
18:56:00.0034 9908 usbaudio - ok
18:56:00.0047 9908 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
18:56:00.0048 9908 usbccgp - ok
18:56:00.0073 9908 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
18:56:00.0080 9908 usbcir - ok
18:56:00.0108 9908 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
18:56:00.0109 9908 usbehci - ok
18:56:00.0139 9908 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
18:56:00.0140 9908 usbhub - ok
18:56:00.0150 9908 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
18:56:00.0151 9908 usbohci - ok
18:56:00.0164 9908 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
18:56:00.0165 9908 usbprint - ok
18:56:00.0183 9908 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:56:00.0184 9908 USBSTOR - ok
18:56:00.0206 9908 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
18:56:00.0209 9908 usbuhci - ok
18:56:00.0215 9908 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
18:56:00.0216 9908 UxSms - ok
18:56:00.0234 9908 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:56:00.0235 9908 VaultSvc - ok
18:56:00.0256 9908 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
18:56:00.0257 9908 vdrvroot - ok
18:56:00.0294 9908 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
18:56:00.0296 9908 vds - ok
18:56:00.0306 9908 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
18:56:00.0308 9908 vga - ok
18:56:00.0315 9908 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
18:56:00.0316 9908 VgaSave - ok
18:56:00.0356 9908 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
18:56:00.0358 9908 vhdmp - ok
18:56:00.0367 9908 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
18:56:00.0373 9908 viaide - ok
18:56:00.0389 9908 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
18:56:00.0389 9908 volmgr - ok
18:56:00.0442 9908 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
18:56:00.0444 9908 volmgrx - ok
18:56:00.0480 9908 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
18:56:00.0481 9908 volsnap - ok
18:56:00.0506 9908 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
18:56:00.0507 9908 vsmraid - ok
18:56:00.0577 9908 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
18:56:00.0584 9908 VSS - ok
18:56:00.0597 9908 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
18:56:00.0598 9908 vwifibus - ok
18:56:00.0613 9908 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
18:56:00.0614 9908 vwififlt - ok
18:56:00.0666 9908 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
18:56:00.0669 9908 W32Time - ok
18:56:00.0681 9908 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
18:56:00.0682 9908 WacomPen - ok
18:56:00.0750 9908 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:56:00.0751 9908 WANARP - ok
18:56:00.0763 9908 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:56:00.0764 9908 Wanarpv6 - ok
18:56:00.0860 9908 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
18:56:00.0875 9908 WatAdminSvc - ok
18:56:00.0953 9908 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
18:56:00.0953 9908 wbengine - ok
18:56:00.0984 9908 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
18:56:00.0984 9908 WbioSrvc - ok
18:56:01.0016 9908 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
18:56:01.0016 9908 wcncsvc - ok
18:56:01.0031 9908 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
18:56:01.0031 9908 WcsPlugInService - ok
18:56:01.0047 9908 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
18:56:01.0047 9908 Wd - ok
18:56:01.0078 9908 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
18:56:01.0078 9908 Wdf01000 - ok
18:56:01.0094 9908 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:56:01.0094 9908 WdiServiceHost - ok
18:56:01.0094 9908 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:56:01.0094 9908 WdiSystemHost - ok
18:56:01.0109 9908 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
18:56:01.0109 9908 WebClient - ok
18:56:01.0125 9908 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
18:56:01.0140 9908 Wecsvc - ok
18:56:01.0140 9908 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
18:56:01.0156 9908 wercplsupport - ok
18:56:01.0187 9908 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
18:56:01.0187 9908 WerSvc - ok
18:56:01.0218 9908 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
18:56:01.0234 9908 WfpLwf - ok
18:56:01.0281 9908 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
18:56:01.0281 9908 WimFltr - ok
18:56:01.0296 9908 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
18:56:01.0296 9908 WIMMount - ok
18:56:01.0312 9908 WinDefend - ok
18:56:01.0312 9908 WinHttpAutoProxySvc - ok
18:56:01.0343 9908 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
18:56:01.0359 9908 Winmgmt - ok
18:56:01.0421 9908 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
18:56:01.0437 9908 WinRM - ok
18:56:01.0468 9908 winusb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.SYS
18:56:01.0484 9908 winusb - ok
18:56:01.0515 9908 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
18:56:01.0530 9908 Wlansvc - ok
18:56:01.0655 9908 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:56:01.0671 9908 wlidsvc - ok
18:56:01.0702 9908 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
18:56:01.0702 9908 WmiAcpi - ok
18:56:01.0750 9908 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
18:56:01.0751 9908 wmiApSrv - ok
18:56:01.0756 9908 WMPNetworkSvc - ok
18:56:01.0778 9908 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
18:56:01.0780 9908 WPCSvc - ok
18:56:01.0809 9908 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
18:56:01.0810 9908 WPDBusEnum - ok
18:56:01.0825 9908 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
18:56:01.0825 9908 ws2ifsl - ok
18:56:01.0844 9908 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
18:56:01.0845 9908 wscsvc - ok
18:56:01.0847 9908 WSearch - ok
18:56:01.0909 9908 WSWNDA3100v2 (d161d62ae8d3f3ec1197b012d5e47431) C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
18:56:01.0910 9908 WSWNDA3100v2 - ok
18:56:01.0996 9908 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
18:56:02.0006 9908 wuauserv - ok
18:56:02.0025 9908 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
18:56:02.0026 9908 WudfPf - ok
18:56:02.0069 9908 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:56:02.0070 9908 WUDFRd - ok
18:56:02.0088 9908 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
18:56:02.0089 9908 wudfsvc - ok
18:56:02.0109 9908 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
18:56:02.0111 9908 WwanSvc - ok
18:56:02.0126 9908 XTUService (ac6b43f32e452e358bdc5ecabf894452) C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe
18:56:02.0127 9908 XTUService - ok
18:56:02.0179 9908 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} (74983addca2d9618512c088d856d6615) C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl
18:56:02.0180 9908 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} - ok
18:56:02.0200 9908 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
18:56:02.0292 9908 \Device\Harddisk0\DR0 - ok
18:56:02.0293 9908 Boot (0x1200) (2690a5756eba4f03cae1790dabd5e841) \Device\Harddisk0\DR0\Partition0
18:56:02.0293 9908 \Device\Harddisk0\DR0\Partition0 - ok
18:56:02.0295 9908 Boot (0x1200) (6ef63d783bbd9a28c15f3d414194d5f5) \Device\Harddisk0\DR0\Partition1
18:56:02.0295 9908 \Device\Harddisk0\DR0\Partition1 - ok
18:56:02.0296 9908 ============================================================
18:56:02.0296 9908 Scan finished
18:56:02.0296 9908 ============================================================
18:56:02.0300 8148 Detected object count: 0
18:56:02.0300 8148 Actual detected object count: 0

#10 Talthan

Talthan
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:58 AM

Posted 01 July 2012 - 06:08 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-01 18:56:13
-----------------------------
18:56:13.494 OS Version: Windows x64 6.1.7601 Service Pack 1
18:56:13.494 Number of processors: 12 586 0x2C02
18:56:13.494 ComputerName: THANTOSV-PC UserName: Danegeld
18:56:14.052 Initialize success
18:57:03.620 AVAST engine defs: 12070101
18:58:19.033 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-2
18:58:19.033 Disk 0 Vendor: Intel___ 1.0. Size: 572331MB BusType: 8
18:58:19.033 Disk 0 MBR read successfully
18:58:19.033 Disk 0 MBR scan
18:58:19.033 Disk 0 Windows VISTA default MBR code
18:58:19.048 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
18:58:19.048 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 8218 MB offset 81920
18:58:19.048 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 564072 MB offset 16912384
18:58:19.064 Disk 0 scanning C:\Windows\system32\drivers
18:58:27.719 Service scanning
18:58:42.200 Modules scanning
18:58:42.200 Disk 0 trace - called modules:
18:58:42.200 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
18:58:42.200 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800ae58790]
18:58:42.200 3 CLASSPNP.SYS[fffff88001d6f43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-2[0xfffffa800ab75050]
18:58:42.871 AVAST engine scan C:\Windows
18:58:44.135 AVAST engine scan C:\Windows\system32
19:00:53.376 AVAST engine scan C:\Windows\system32\drivers
19:01:05.841 AVAST engine scan C:\Users\Danegeld
19:07:32.992 Disk 0 MBR has been saved successfully to "C:\Users\Danegeld\Documents\MBR.dat"
19:07:32.995 The log file has been saved successfully to "C:\Users\Danegeld\Documents\aswMBRcow.txt"

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 134,640 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:58 AM

Posted 01 July 2012 - 08:53 PM

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic


Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 Talthan

Talthan
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:58 AM

Posted 01 July 2012 - 09:12 PM

ComboFix 12-07-01.04 - Danegeld 07/01/2012 22:04:21.2.12 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.12279.8844 [GMT -4:00]
Running from: c:\users\Danegeld\Downloads\ComboFix.exe
AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-06-02 to 2012-07-02 )))))))))))))))))))))))))))))))
.
.
2012-07-02 02:08 . 2012-07-02 02:08 -------- d-----w- c:\users\Mcx1-THANTOSV-PC\AppData\Local\temp
2012-07-02 02:08 . 2012-07-02 02:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-30 07:11 . 2012-07-01 22:19 -------- d-----w- c:\program files\CCleaner
2012-06-30 05:01 . 2012-06-30 05:01 -------- d-----w- c:\users\Danegeld\AppData\Roaming\SUPERAntiSpyware.com
2012-06-30 05:01 . 2012-06-30 05:01 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-06-30 05:01 . 2012-06-30 05:01 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-06-30 04:00 . 2012-06-30 04:00 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-06-30 03:59 . 2012-06-30 03:59 -------- d-----w- c:\program files (x86)\Oracle
2012-06-30 03:56 . 2012-06-30 03:56 -------- d-----w- c:\users\Danegeld\AppData\Roaming\Malwarebytes
2012-06-30 03:56 . 2012-06-30 03:56 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-06-30 03:56 . 2012-06-30 03:56 -------- d-----w- c:\programdata\Malwarebytes
2012-06-30 03:56 . 2012-04-04 19:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-30 03:47 . 2012-06-30 03:47 -------- d-----w- c:\program files (x86)\ESET
2012-06-30 03:10 . 2012-06-05 07:37 256904 ----a-w- c:\windows\SysWow64\drivers\tmcomm.sys
2012-06-21 13:18 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-21 13:18 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-21 13:18 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-21 13:18 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-21 13:18 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-21 13:18 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-21 13:18 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-21 13:18 . 2012-06-02 19:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-21 13:18 . 2012-06-02 19:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-19 03:16 . 2012-06-19 03:16 476936 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-06-14 04:25 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-03 01:13 . 2011-12-12 21:42 1256192 ----a-w- c:\windows\system32\drivers\bcmwlhigh664.sys
2012-06-03 01:13 . 2011-07-22 14:33 25056 ----a-w- c:\windows\system32\drivers\SCMNdisP.sys
2012-06-03 01:13 . 2010-02-03 15:20 47632 ----a-w- c:\windows\system32\drivers\npf.sys
2012-06-02 15:04 . 2011-04-19 21:52 95544 ----a-w- c:\windows\system32\bcmwlcoi.dll
2012-06-02 15:04 . 2011-04-19 21:31 3900928 ----a-w- c:\windows\system32\bcmihvsrv64.dll
2012-06-02 15:04 . 2011-04-19 21:31 3566592 ----a-w- c:\windows\system32\bcmihvui64.dll
2012-06-02 15:04 . 2012-06-02 15:04 -------- d-----w- c:\program files (x86)\NETGEAR
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-25 22:36 . 2011-07-06 23:10 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2012-06-25 22:36 . 2010-05-18 21:37 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2012-06-25 22:35 . 2010-05-18 21:36 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-06-25 22:35 . 2010-12-25 17:32 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-06-23 23:23 . 2012-04-07 02:24 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-23 23:23 . 2011-06-14 13:39 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-08 21:19 . 2010-05-16 23:22 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2012-06-08 09:02 . 2010-05-16 23:21 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-06-08 09:02 . 2010-06-02 21:34 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2012-06-01 11:27 . 2012-06-01 11:27 16090624 ----a-w- c:\windows\system32\aticaldd64.dll
2012-06-01 11:27 . 2012-03-09 05:04 6800896 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-06-01 11:27 . 2012-06-01 11:27 95760 ----a-w- c:\windows\system32\drivers\AtihdW76.sys
2012-06-01 11:27 . 2010-09-29 01:30 4731904 ----a-w- c:\windows\system32\atiumd6a.dll
2012-06-01 11:27 . 2011-04-20 06:22 41984 ----a-w- c:\windows\system32\atig6txx.dll
2012-06-01 11:27 . 2010-11-26 02:16 54784 ----a-w- c:\windows\system32\atiuxp64.dll
2012-06-01 11:27 . 2010-09-29 01:21 7431680 ----a-w- c:\windows\system32\atiumd64.dll
2012-06-01 11:27 . 2010-04-07 01:46 64000 ----a-w- c:\windows\system32\coinst.dll
2012-06-01 11:27 . 2012-06-01 11:27 54784 ----a-w- c:\windows\system32\atimpc64.dll
2012-06-01 11:27 . 2012-06-01 11:27 54784 ----a-w- c:\windows\system32\amdpcom64.dll
2012-06-01 11:27 . 2012-06-01 11:27 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-06-01 11:27 . 2012-06-01 11:27 1120768 ----a-w- c:\windows\system32\atiumd6v.dll
2012-06-01 11:27 . 2012-06-01 11:27 19753984 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-06-01 11:27 . 2012-03-09 03:56 41984 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-06-01 11:27 . 2012-06-01 11:27 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-06-01 11:27 . 2010-11-26 02:22 4795904 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-06-01 11:27 . 2012-06-01 11:27 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-06-01 11:27 . 2012-06-01 11:27 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-06-01 11:27 . 2012-06-01 11:27 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-06-01 11:27 . 2012-06-01 11:27 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-06-01 11:27 . 2012-06-01 11:27 236544 ----a-w- c:\windows\system32\atiesrxx.exe
2012-06-01 11:27 . 2010-11-26 02:30 6203392 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-06-01 11:27 . 2010-11-26 02:17 514560 ----a-w- c:\windows\system32\atiadlxx.dll
2012-06-01 11:27 . 2012-06-01 11:27 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-06-01 11:27 . 2012-06-01 11:27 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-06-01 11:27 . 2011-04-20 07:30 26181632 ----a-w- c:\windows\system32\atio6axx.dll
2012-06-01 11:27 . 2010-11-26 02:15 32256 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-06-01 11:27 . 2012-06-01 11:27 1831424 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2012-06-01 11:27 . 2012-06-01 11:27 7479296 ----a-w- c:\windows\system32\atidxx64.dll
2012-06-01 11:27 . 2012-06-01 11:27 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-06-01 11:27 . 2010-11-26 02:58 909312 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-06-01 11:27 . 2010-11-26 02:57 1067520 ----a-w- c:\windows\system32\aticfx64.dll
2012-06-01 11:27 . 2012-06-01 11:27 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2012-06-01 11:27 . 2010-09-29 01:13 44544 ----a-w- c:\windows\system32\atiu9p64.dll
2012-06-01 11:27 . 2012-06-01 11:27 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-06-01 11:27 . 2012-06-01 11:27 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-06-01 11:27 . 2012-06-01 11:27 11174400 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-06-01 11:27 . 2012-06-01 11:27 13764096 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-06-01 11:27 . 2012-03-09 05:11 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-06-01 11:27 . 2012-06-01 11:27 503808 ----a-w- c:\windows\system32\atieclxx.exe
2012-06-01 11:27 . 2011-04-20 06:22 17408 ----a-w- c:\windows\system32\atig6pxx.dll
2012-06-01 11:27 . 2012-06-01 11:27 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-06-01 11:27 . 2012-06-01 11:27 53760 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-06-01 11:27 . 2012-06-01 11:27 53760 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-06-01 11:27 . 2012-06-01 11:27 343040 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-06-01 11:27 . 2012-06-01 11:27 360448 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-05-29 03:56 . 2010-05-06 20:29 175736 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2012-05-04 23:29 . 2010-05-06 20:04 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-04-06 02:34 . 2012-04-06 02:34 187392 ----a-w- c:\windows\system32\clinfo.exe
2012-04-06 02:34 . 2012-04-06 02:34 74752 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-04-06 02:34 . 2012-04-06 02:34 64512 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-04-06 02:33 . 2012-04-06 02:33 63488 ----a-w- c:\windows\system32\OVDecode64.dll
2012-04-06 02:33 . 2012-04-06 02:33 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-04-06 02:33 . 2012-04-06 02:33 16457216 ----a-w- c:\windows\system32\amdocl64.dll
2012-04-06 02:32 . 2012-04-06 02:32 13007872 ----a-w- c:\windows\SysWow64\amdocl.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-07-01_22.08.01 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-04-29 16:56 . 2012-07-01 22:25 79832 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-07-01 22:25 33496 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-05-06 19:36 . 2012-07-01 22:25 24452 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2035710577-4104604380-1009470740-1001_UserData.bin
+ 2009-07-14 04:46 . 2012-07-01 22:27 94640 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2012-07-01 22:21 . 2012-07-01 22:21 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-07-01 22:07 . 2012-07-01 22:07 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-07-01 22:07 . 2012-07-01 22:07 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-07-01 22:21 . 2012-07-01 22:21 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 02:36 . 2012-07-01 23:12 627066 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-06-30 07:24 627066 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-07-01 23:12 107382 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-06-30 07:24 107382 c:\windows\system32\perfc009.dat
+ 2009-07-14 05:01 . 2012-07-01 22:18 474628 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-07-01 22:05 474628 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2010-09-24 16:57 . 2012-07-01 22:18 8390976 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2035710577-4104604380-1009470740-1001-8192.dat
- 2010-09-24 16:57 . 2012-07-01 22:05 8390976 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2035710577-4104604380-1009470740-1001-8192.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2012-02-23 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2009-12-23 284696]
"VolPanel"="c:\program files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [2009-04-09 241789]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2011-03-01 144616]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"CTxfiHlp"="CTXFIHLP.EXE" [2010-07-07 24576]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-04-06 641664]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-10-12 559616]
.
c:\users\Danegeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2010-5-6 0]
Logitech blank Product Registration.lnk - c:\program files (x86)\Logitech\G930\eReg.exe [N/A]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
NETGEAR WNDA3100v2 Genie.lnk - c:\program files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe [2012-6-2 8453376]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 CLKMSVC10_1628BCEA;CyberLink Product - 2012/04/20 16:00;c:\program files (x86)\CyberLink\PowerDVD DX\Kernel\BD\NavFilter\kmsvc.exe [2011-03-01 240360]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-30 136176]
R2 WSWNDA3100v2;WSWNDA3100v2;c:\program files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [2011-12-14 303360]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 250056]
R3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\DRIVERS\bcmwlhigh664.sys [2011-12-12 1256192]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-04-14 54824]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 cpuz130;cpuz130;c:\users\Danegeld\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-09-21 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-04-29 79360]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [2010-07-07 230488]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [2010-07-07 1445976]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [2010-07-07 95320]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-30 136176]
R3 LADF_BakerCOnly;BakerC Filter Driver;c:\windows\system32\DRIVERS\ladfBakerCamd64.sys [2011-03-18 410184]
R3 LADF_BakerROnly;BakerR Filter Driver;c:\windows\system32\DRIVERS\ladfBakerRamd64.sys [2011-03-18 335688]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-06 1255736]
S0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\DRIVERS\scmndisp.sys [2011-07-22 25056]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\0602010.005\SYMDS64.SYS [2012-03-29 451192]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\0602010.005\SYMEFA64.SYS [2012-03-29 1092728]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120619.001\BHDrvx64.sys [2012-06-19 1161376]
S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\0602010.005\ccSetx64.sys [2011-11-29 167048]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20120629.001\IDSvia64.sys [2012-06-14 509088]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\0602010.005\Ironx64.SYS [2012-03-29 190072]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\0602010.005\SYMNETS.SYS [2012-03-29 405624]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S2 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7};Power Control [2012/04/20 16:00];c:\program files (x86)\CyberLink\PowerDVD DX\000.fcl [2009-12-29 21:35 146928]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AlienFusionService;Alienware Fusion Service;c:\program files\Alienware\Command Center\AlienFusionService.exe [2011-05-02 15296]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-06-01 236544]
S2 BPowMon;Broadcom Power monitoring service;c:\program files\Broadcom\BPowMon\BPowMon.exe [2009-10-27 117608]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-23 13336]
S2 IOCBIOS;IOCBIOS;c:\programdata\Intel\Extreme Tuning Utility\IOCbios\64bit\IOCBIOS.SYS [2009-07-09 27096]
S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exe [2012-03-27 138232]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\nlssrv32.exe [2011-10-25 66560]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
S2 XTUService;Intel® Extreme Tuning Utility;c:\program files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe [2009-07-27 30944]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-06-01 11174400]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-06-01 343040]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-06-01 95760]
S3 CompFilter64;UVCCompositeFilter;c:\windows\system32\DRIVERS\lvbflt64.sys [2012-01-18 25632]
S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [2010-07-07 230488]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [2010-07-07 1445976]
S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [2010-07-07 95320]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-06-02 138912]
S3 ha20x22k;Creative 20X2 HAL Driver;c:\windows\system32\drivers\ha20x22k.sys [2010-07-07 1612888]
S3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-10-16 321064]
S3 LADF_CaptureOnly;LADF Capture Filter Driver;c:\windows\system32\DRIVERS\ladfGSCamd64.sys [2011-12-07 410184]
S3 LADF_RenderOnly;LADF Render Filter Driver;c:\windows\system32\DRIVERS\ladfGSRamd64.sys [2011-12-07 341832]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2011-12-07 22408]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2011-12-07 16008]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]
S3 LVUVC64;Logitech HD Pro Webcam C910(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]
S3 mio;Master IO Filter Driver;c:\windows\system32\DRIVERS\mio.sys [2010-10-13 14928]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 44762346
*Deregistered* - 44762346
*Deregistered* - aswMBR
*Deregistered* - CLKMDRV10_1628BCEA
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-07 23:23]
.
2012-07-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-30 19:58]
.
2012-07-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-30 19:58]
.
2012-07-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2035710577-4104604380-1009470740-1001Core.job
- c:\users\Danegeld\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-20 17:43]
.
2012-07-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2035710577-4104604380-1009470740-1001UA.job
- c:\users\Danegeld\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-20 17:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"Command Center Controllers"="c:\program files\Alienware\Command Center\AWCCStartupOrchestrator.exe" [2011-05-02 13256]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2011-09-29 110360]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.yahoo.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: villagephotos.com\old
Trusted Zone: villagephotos.com\www
TCP: DhcpNameServer = 192.168.0.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\6.2.1.5\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD DX\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-07-01 22:10:07
ComboFix-quarantined-files.txt 2012-07-02 02:10
ComboFix2.txt 2012-07-01 22:11
.
Pre-Run: 59,741,237,248 bytes free
Post-Run: 59,727,552,512 bytes free
.
- - End Of File - - 1FF3476B5CDC7F4A34BC9224D3EBAA58

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 134,640 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:58 AM

Posted 01 July 2012 - 09:36 PM

Hello

I would like to see a report that combofix makes.

extra combofix report

  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
C:\Qoobox\Add-Remove Programs.txt
  • click ok

copy and paste the report into this topic for me to review

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic


Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 Talthan

Talthan
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:58 AM

Posted 01 July 2012 - 09:54 PM

Update for Microsoft Office 2007 (KB2508958)
3DMark Vantage
Adobe AIR
Adobe Community Help
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS5.1
Adobe Reader X (10.1.3)
Adobe Shockwave Player 11.5
Advertising Center
Apple Application Support
Apple Software Update
ATI Catalyst Registration
Banctec Service Agreement
Borderlands
CameraHelperMsi
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
CCC Help English
Comcast Access
Command Center
Creative ALchemy
Creative Audio Control Panel
Creative Console Launcher
Creative Diagnostics
Creative Software AutoUpdate
Creative Sound Blaster Properties x64 Edition
Curse Client
D3DX10
Dead Island
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell Driver Download Manager
Diablo III
Diablo III Beta
DivX Setup
Dolby Digital Live Pack
DTS Connect Pack
DTVblizzcon
Dual-Core Optimizer
erLT
ESET Online Scanner v3
Fallout: New Vegas
Feedback Tool
Futuremark SystemInfo
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
ImagXpress
Intel Extreme Tuning Utility
Intel® Control Center
Intel® Rapid Storage Technology
Internet TV for Windows Media Center
Java Auto Updater
Java™ 6 Update 33
Java™ 7 Update 5
JavaFX 2.1.1
Kernel for Outlook Evaluation ver 7.05.01
Logitech Vid HD
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Malwarebytes Anti-Malware version 1.61.0.1400
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
Move Media Player
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NEF Codec
Nero 11 InfoTool
Nero 9 Essentials
Nero BurnRights
Nero BurnRights Help
Nero ControlCenter
Nero Core Components 11
Nero CoverDesigner
Nero CoverDesigner Help
Nero Disc Copy Gadget
Nero Disc Copy Gadget Help
Nero DiscSpeed
Nero DiscSpeed Help
Nero DriveSpeed
Nero DriveSpeed Help
Nero Express Help
Nero InfoTool
Nero InfoTool 11
Nero InfoTool 11 Help (CHM)
Nero InfoTool Help
Nero Installer
Nero Online Upgrade
Nero Rescue Agent
Nero RescueAgent Help
Nero StartSmart
Nero StartSmart Help
nero.prerequisites.msi
NeroExpress
neroxml
NETGEAR WNDA3100v2 wireless USB 2.0 adapter
Nikon File Uploader 2
Nikon Message Center 2
Norton 360
NVIDIA PhysX
OpenAL
PDF Settings CS5
Perfect Photo Suite 6
Picture Control Utility
PowerDVD DX
QuickTime
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Sid Meier's Civilization V
Sound Blaster X-Fi
Spelling Dictionaries Support For Adobe Reader 9
Spybot - Search & Destroy
Star Wars: The Old Republic
StarCraft II
Steam
The Elder Scrolls V: Skyrim
The Lord of the Rings Online™
Uniblue ProcessScanner
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687267) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.6195
Verizon Wireless Software Utility Application for Android - Samsung
ViewNX 2
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Messenger
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Media Player Firefox Plugin
WModem Driver Installer
World of Warcraft
World of Warcraft Beta
Yahoo! Detect

Once again thank you for your efforts :clapping:

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 134,640 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:58 AM

Posted 01 July 2012 - 10:08 PM

These logs are looking allot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

uninstall some programs

NOTE** Because of the cleanup process some of the programs I have listed may not be in add/remove anymore this is fine just move to the next item on the list.

You can remove these programs using add/remove or you can use the free uninstaller from Revo (Revo does allot better of a job)

Programs to remove

Java™ 6 Update 33 [/list]


  • Please download and install Revo Uninstaller Free
  • Double click Revo Uninstaller to run it.
  • From the list of programs double click on The Program to remove
  • When prompted if you want to uninstall click Yes.
  • Be sure the Moderate option is selected then click Next.
  • The program will run, If prompted again click Yes
  • when the built-in uninstaller is finished click on Next.
  • Once the program has searched for leftovers click Next.
  • Check/tick the bolded items only on the list then click Delete
  • when prompted click on Yes and then on next.
  • put a check on any folders that are found and select delete
  • when prompted select yes then on next
  • Once done click Finish.
.

Clean Out Temp Files

  • This small application you may want to keep and use once a week to keep the computer clean.

    Download CCleaner from here http://www.ccleaner.com/

  • Run the installer to install the application.
  • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
  • Run CCleaner. (make sure under Windows tab all the boxes of Internet Explorer and Windows explorer are checked. Under System check Empty Recycle Bin and Temporary Files. Under Application tab all the boxes should be checked).
  • Click Run Cleaner.
  • Close CCleaner.

: Malwarebytes' Anti-Malware :

  • I would like you to rerun MBAM
  • Double-click mbam icon
  • go to the update tab at the top
  • click on check for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
  • If you accidentally close it, the log file is saved here and will be named like this:
  • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.


Download HijackThis

If you have any problems running Hijackthis see NOTE** below (Host file not read, blank notepad ...)

  • Go Here to download HijackThis Installer
  • Save HijackThis Installer to your desktop.
  • Double-click on the HijackThis Installer icon on your desktop. (Vista and Win 7 right click and run as admin)
  • By default it will install to C:\Program Files\Trend Micro\HijackThis .
  • Click on Install.
  • It will create a HijackThis icon on the desktop.
  • Once installed it will launch Hijackthis.
  • Click on the Do a system scan and save a log file button. It will scan and the log should open in notepad.
  • Click on Edit > Select All then click on Edit > Copy to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT use the Analyze This button its findings are dangerous if misinterpreted.
  • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

NOTE**
sometimes we have to run it like this To run HijackThis as an administrator, right-click HijackThis.exe
(located: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe)<--32bit
(located: C:\Program Files(86)\Trend Micro\HiJackThis\HiJackThis.exe)<--64bit
and select to run as administrator

"information and logs"

  • In your next post I need the following

  • Log From MBAM
  • report from Hijackthis
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic


Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users