Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

laughing noises virus?


  • This topic is locked This topic is locked
8 replies to this topic

#1 shellieh98

shellieh98

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:58 PM

Posted 15 August 2011 - 01:56 PM

my computer is only 2 weeks old, and trying to put my old computer files on here, i must have picked up a virus or something. i doesnt do it all the time, but sometimes when browsing, all of a sudden my computer will make laughing noises, and once played a radio station, but nothing was open. i did as the instructions said but with the gmer file it did not give me the option to un check or check boxes, they were greyed out, so i ran the scan, it did c drive registry and something else. i will attach. thank you for any help you can give me.

.
DDS (Ver_2011-06-23.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514
Run by shellie at 11:38:26 on 2011-08-15
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7935.5945 [GMT -6:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
C:\Program Files (x86)\WinTV\TVServer\CaptureGenUSB.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\ehome\ehRecvr.exe
C:\Windows\ehome\mcGlidHost.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
C:\Windows\system32\UI0Detect.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.facebook.com/
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
BHO: LivingPlay: {d9291f9e-7010-4d7a-8df6-455deef8ef51} - C:\Program Files (x86)\LivingPlay Games\lplaytl.dll
TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: MasterCook Bar: {c92041c1-6d22-4069-ba0e-66246aa752b0} - C:\Windows\SysWOW64\shdocvw.dll
uRun: [Corel Photo Downloader] "c:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
uRun: [Logitech Vid] "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode
uRun: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [Corel File Shell Monitor] c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe
mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
StartupFolder: C:\Users\shellie\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files (x86)\Logitech\Ereg\eReg.exe
StartupFolder: C:\Users\shellie\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
StartupFolder: C:\Users\shellie\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTOST~1.LNK - C:\Program Files (x86)\WinTV\Ir.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WINTVR~1.LNK - C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: MasterCook: Select Image - C:\Program Files (x86)\MasterCook 9\Web\MCIEContext.hta
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {E6EF5071-7647-4E85-9785-87B6CF5CB561} - {C92041C1-6D22-4069-BA0E-66246AA752B0} - C:\Windows\SysWOW64\shdocvw.dll
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{BCFAA3F2-DE01-477A-94B8-50139F4B34AF} : DhcpNameServer = 192.168.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
BHO-X64: Symantec NCO BHO - No File
BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL
BHO-X64: Symantec Intrusion Prevention - No File
BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO-X64: Search Helper - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
BHO-X64: LivingPlay: {D9291F9E-7010-4D7A-8DF6-455DEEF8EF51} - C:\Program Files (x86)\LivingPlay Games\lplaytl.dll
BHO-X64: LivingPlay - No File
TB-X64: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB-X64: {C92041C1-6D22-4069-BA0E-66246AA752B0} - No File
mRun-x64: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun-x64: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun-x64: [Corel File Shell Monitor] c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe
mRun-x64: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
Hosts: 0.0.0.0 localhost
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\system32\drivers\amd_sata.sys --> C:\Windows\system32\drivers\amd_sata.sys [?]
R0 amd_xata;amd_xata;C:\Windows\system32\drivers\amd_xata.sys --> C:\Windows\system32\drivers\amd_xata.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1206000.01D\SYMDS64.SYS --> C:\Windows\system32\drivers\NISx64\1206000.01D\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1206000.01D\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1206000.01D\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110723.001\BHDrvx64.sys [2011-7-23 1151096]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110812.030\IDSviA64.sys [2011-8-12 488056]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1206000.01D\Ironx64.SYS --> C:\Windows\system32\drivers\NISx64\1206000.01D\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\NISx64\1206000.01D\SYMNETS.SYS --> C:\Windows\system32\Drivers\NISx64\1206000.01D\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 HauppaugeTVServer;HauppaugeTVServer;C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [2011-8-5 562176]
R2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-16 682040]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-1-25 92216]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccsvchst.exe [2011-8-4 130008]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-5-30 1127448]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-4-1 428640]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-8-5 136824]
R3 hcw72ADFilter;WinTV HVR-950 USB Audio Filter Driver;C:\Windows\system32\DRIVERS\hcw72ADFilter.sys --> C:\Windows\system32\DRIVERS\hcw72ADFilter.sys [?]
R3 hcw72ATV;WinTV HVR-950 NTSC;C:\Windows\system32\DRIVERS\hcw72ATV.sys --> C:\Windows\system32\DRIVERS\hcw72ATV.sys [?]
R3 hcw72DTV;WinTV HVR-950 ATSC/QAM;C:\Windows\system32\DRIVERS\hcw72DTV.sys --> C:\Windows\system32\DRIVERS\hcw72DTV.sys [?]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
R3 LVUVC64;Logitech Webcam 250(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]
R3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\drivers\usbfilter.sys --> C:\Windows\system32\drivers\usbfilter.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-1-21 51445112]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2011-08-14 14:59:22 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared
2011-08-14 14:55:16 -------- d-----w- C:\Users\shellie\AppData\Local\OpenCandy
2011-08-14 14:55:11 -------- d-----w- C:\Users\shellie\AppData\Roaming\OpenCandy
2011-08-14 14:53:32 -------- d-----w- C:\Program Files (x86)\LivingPlay Games
2011-08-14 01:42:28 -------- d-----w- C:\Users\shellie\AppData\Local\{698B9276-C627-4B7C-9B40-759C946E3DE3}
2011-08-14 01:42:17 -------- d-----w- C:\Users\shellie\AppData\Local\{725ADD03-557A-474B-BD8E-1F438248A35B}
2011-08-14 01:42:17 -------- d-----w- C:\Users\shellie\AppData\Local\{29952796-37D6-4DE0-9C13-090AD468569C}
2011-08-14 01:42:03 -------- d-----w- C:\Users\shellie\Tracing
2011-08-12 23:58:00 -------- d-----w- C:\Users\shellie\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2011-08-12 23:57:36 -------- d-----w- C:\Users\shellie\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2011-08-12 23:57:36 -------- d-----w- C:\Users\shellie\AppData\Roaming\Adobe Mini Bridge CS5
2011-08-12 23:56:30 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
2011-08-12 23:45:35 -------- d-----w- C:\ProgramData\ALM
2011-08-12 23:40:12 -------- d-----w- C:\Users\shellie\Adobe Flash Builder 4
2011-08-12 23:32:50 55280 ------w- C:\Windows\System32\drivers\PxHlpa64.sys
2011-08-12 23:32:50 10224 ------w- C:\Windows\System32\drivers\cdralw2k.sys
2011-08-12 23:32:50 10224 ------w- C:\Windows\System32\drivers\cdr4_xp.sys
2011-08-12 23:32:50 -------- d-----w- C:\Program Files (x86)\My Company Name
2011-08-12 23:32:50 -------- d-----w- C:\Program Files (x86)\Common Files\Sonic Shared
2011-08-12 23:32:50 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine
2011-08-12 00:55:33 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-08-11 21:21:15 -------- d-----w- C:\ProgramData\Blio
2011-08-11 21:21:02 -------- d-----w- C:\Users\shellie\AppData\Roaming\Blio
2011-08-10 21:13:37 -------- d-----w- C:\Users\shellie\AppData\Roaming\JTTSoft
2011-08-10 21:13:32 -------- d-----w- C:\Program Files (x86)\BrainsBreaker 5
2011-08-10 20:06:39 -------- d-----w- C:\ProgramData\CraftEdge
2011-08-10 20:06:31 -------- d-----w- C:\Program Files (x86)\Craft Edge
2011-08-09 20:32:52 1923968 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-08-08 00:52:29 -------- d-----w- C:\Program Files\Microsoft Synchronization Services
2011-08-08 00:52:11 -------- d-----w- C:\Windows\PCHEALTH
2011-08-08 00:52:11 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition
2011-08-08 00:50:24 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
2011-08-08 00:49:31 -------- d-----w- C:\Program Files\Microsoft Analysis Services
2011-08-08 00:49:31 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2011-08-08 00:48:40 -------- d-----w- C:\Users\shellie\AppData\Local\Microsoft Help
2011-08-07 16:03:37 -------- d-----w- C:\Windows\AutoKMS
2011-08-07 15:50:31 -------- d-----w- C:\Program Files (x86)\ADLSoft UnCompressor
2011-08-07 15:25:19 -------- d-----w- C:\Users\shellie\CS5.5 Master Collection
2011-08-07 15:23:28 -------- d-----w- C:\Users\shellie\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2011-08-07 15:23:25 -------- d-----w- C:\Program Files (x86)\Adobe Download Assistant
2011-08-07 15:21:06 -------- d-----w- C:\Users\shellie\AppData\Local\Adobe
2011-08-07 15:03:09 -------- d-----w- C:\Program Files (x86)\Nsasoft
2011-08-07 14:44:45 -------- d-----w- C:\Program Files (x86)\uTorrent
2011-08-07 14:43:51 -------- d-----w- C:\Users\shellie\AppData\Roaming\uTorrent
2011-08-07 14:43:51 -------- d-----w- C:\Users\shellie\AppData\Local\uTorrent
2011-08-07 09:01:29 -------- d-----w- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2011-08-06 19:57:54 -------- d-----w- C:\Users\shellie\AppData\Local\Ilivid Player
2011-08-06 19:43:24 -------- d-----w- C:\Program Files (x86)\iLivid
2011-08-06 19:41:14 -------- d-----w- C:\Users\shellie\AppData\Local\PackageAware
2011-08-06 19:38:52 153600 ----a-w- C:\Windows\PhotoChances-ScreenSaver.scr
2011-08-06 19:37:33 -------- d-----w- C:\Users\shellie\AppData\Roaming\PhotoChances
2011-08-06 19:37:31 1935360 ----a-w- C:\Program Files (x86)\PhotoChances.8bf
2011-08-06 19:37:31 -------- d-----w- C:\ProgramData\PhotoChances
2011-08-06 19:37:31 -------- d-----w- C:\Program Files (x86)\JTTSoft
2011-08-06 19:34:41 737280 ----a-w- C:\Windows\iun6002.exe
2011-08-06 19:34:40 -------- d-----w- C:\Program Files (x86)\AndreaMosaic
2011-08-06 19:26:00 -------- d-----w- C:\Program Files (x86)\MasterCook 9
2011-08-06 19:10:53 -------- d-----w- C:\Users\shellie\AppData\Local\LiveCraft
2011-08-06 19:10:25 -------- d-----w- C:\Program Files (x86)\vp5e
2011-08-06 19:06:35 -------- d-----w- C:\Users\shellie\AppData\Roaming\FreeFileViewer
2011-08-06 19:05:51 -------- d-----w- C:\Program Files (x86)\File Type Assistant
2011-08-06 19:05:43 -------- d-----w- C:\Program Files (x86)\FreeFileViewer
2011-08-06 18:34:25 -------- d-----w- C:\Program Files (x86)\TwistingPixels
2011-08-06 18:14:55 -------- d-----r- C:\Program Files (x86)\Dreamsuite
2011-08-06 18:13:26 -------- d---a-r- C:\Program Files (x86)\Mystical
2011-08-06 18:05:01 86016 ----a-w- C:\Windows\unvise32.exe
2011-08-06 18:04:38 -------- d-----w- C:\Program Files (x86)\MysticalTTC
2011-08-06 13:22:00 96768 ----a-w- C:\Windows\System32\fsutil.exe
2011-08-06 13:22:00 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2011-08-06 13:22:00 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2011-08-06 13:22:00 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2011-08-06 13:22:00 2565632 ----a-w- C:\Windows\System32\esent.dll
2011-08-06 13:22:00 189824 ----a-w- C:\Windows\System32\drivers\storport.sys
2011-08-06 13:22:00 1699328 ----a-w- C:\Windows\SysWow64\esent.dll
2011-08-06 13:22:00 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2011-08-06 13:22:00 1659776 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2011-08-06 13:22:00 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2011-08-06 13:22:00 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2011-08-06 13:21:52 98816 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2011-08-06 13:21:52 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys
2011-08-06 13:21:52 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2011-08-06 13:21:52 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2011-08-06 13:21:52 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2011-08-06 13:21:52 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2011-08-06 13:21:52 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2011-08-06 04:31:20 -------- d-----w- C:\Users\shellie\AppData\Local\CrashDumps
2011-08-06 04:29:29 -------- d-----w- C:\Users\shellie\AppData\Roaming\Macroplant, LLC
2011-08-06 04:28:41 -------- d-----w- C:\Users\shellie\AppData\Local\Macroplant,_LLC
2011-08-06 04:28:02 -------- d-----w- C:\Users\shellie\AppData\Local\myPod_Apps
2011-08-06 04:03:27 -------- d-----w- C:\Users\shellie\AppData\Local\Apple Computer
2011-08-06 04:03:09 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2011-08-06 04:03:09 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll
2011-08-06 04:03:09 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
2011-08-06 04:02:55 -------- d-----w- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-08-06 04:02:55 -------- d-----w- C:\Program Files\iTunes
2011-08-06 04:02:55 -------- d-----w- C:\Program Files\iPod
2011-08-06 04:02:55 -------- d-----w- C:\Program Files (x86)\iTunes
2011-08-06 04:00:14 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2011-08-06 04:00:14 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2011-08-06 04:00:14 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2011-08-06 04:00:14 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2011-08-06 04:00:14 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2011-08-06 04:00:14 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2011-08-06 04:00:14 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2011-08-06 03:59:22 -------- d-----w- C:\Users\shellie\AppData\Local\Apple
2011-08-06 03:44:25 -------- d-----w- C:\Users\shellie\AppData\Roaming\Anthropics
2011-08-06 03:44:24 -------- d-----w- C:\Program Files (x86)\Portrait Professional Max 6
2011-08-06 03:41:42 -------- d-----w- C:\Program Files (x86)\Pod to PC
2011-08-06 02:27:00 -------- d-----w- C:\Program Files (x86)\Cricut Software
2011-08-05 23:45:18 -------- d-----w- C:\Users\shellie\AppData\Roaming\HP Support Assistant
2011-08-05 22:15:52 -------- d-----w- C:\Users\shellie\AppData\Roaming\HpUpdate
2011-08-05 22:06:51 -------- d---a-w- C:\HP Personal Media Drive
2011-08-05 21:45:38 -------- d-----w- C:\Users\shellie\AppData\Local\Diagnostics
2011-08-05 21:21:19 -------- d-----w- C:\Users\shellie\AppData\Local\LogiShrd
2011-08-05 20:37:19 53248 ----a-r- C:\Users\shellie\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2011-08-05 20:36:54 -------- d-----w- C:\Program Files (x86)\Common Files\LWS
2011-08-05 20:20:36 38672 ----a-w- C:\Windows\SysWow64\pcleUtil.dll
2011-08-05 20:20:35 142337 ----a-w- C:\Windows\SysWow64\Wait.exe
2011-08-05 20:20:35 -------- d-----w- C:\Program Files (x86)\WinTV
2011-08-05 20:17:24 831554 ----a-w- C:\Windows\SysWow64\hcwtvwnd.dll
2011-08-05 20:17:24 36921 ----a-w- C:\Windows\SysWow64\hcwutl32.dll
2011-08-05 20:17:24 323640 ----a-w- C:\Windows\SysWow64\hcwpnp32.dll
2011-08-05 20:17:24 118849 ----a-w- C:\Windows\SysWow64\hcwi2c32.dll
2011-08-05 20:15:57 -------- d-----w- C:\Users\shellie\AppData\Local\autorun
2011-08-05 20:11:54 100352 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\HPZPPLHN.DLL
2011-08-05 20:06:40 -------- d-----w- C:\Windows\SysWow64\Wat
2011-08-05 20:06:40 -------- d-----w- C:\Windows\System32\Wat
2011-08-05 19:49:46 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2011-08-05 19:20:22 -------- d-----w- C:\ProgramData\Corel
2011-08-05 19:20:22 -------- d-----w- C:\Program Files (x86)\Common Files\Protexis
2011-08-05 19:18:49 -------- d-----w- C:\Users\shellie\AppData\Local\Corel
2011-08-05 17:12:34 -------- d-----w- C:\ProgramData\VirtualizedApplications
2011-08-05 15:22:06 715776 ----a-w- C:\Windows\System32\kerberos.dll
2011-08-05 15:22:06 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll
2011-08-05 15:22:00 142336 ----a-w- C:\Windows\System32\poqexec.exe
2011-08-05 15:22:00 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2011-08-05 15:20:35 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2011-08-05 15:18:57 605552 ----a-w- C:\Windows\System32\winload.exe
2011-08-05 15:02:07 -------- d-----w- C:\Users\shellie\AppData\Local\SoftGrid Client
2011-08-05 15:02:06 -------- d-----w- C:\Users\shellie\AppData\Roaming\SoftGrid Client
2011-08-05 15:01:10 -------- d-----w- C:\Users\shellie\AppData\Roaming\TP
2011-08-05 04:43:00 -------- d-----w- C:\Windows\en
2011-08-05 04:38:16 -------- d-----w- C:\Users\shellie\AppData\Local\Downloaded Installations
2011-08-05 04:20:20 48488 ----a-w- C:\Windows\System32\drivers\fssfltr.sys
2011-08-05 04:19:13 -------- d-----w- C:\Program Files\Bonjour
2011-08-05 04:19:13 -------- d-----w- C:\Program Files (x86)\Bonjour
2011-08-05 04:18:13 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\b0cb1c001cc532601\MeshBetaRemover.exe
2011-08-05 04:18:02 -------- d-----w- C:\Users\shellie\AppData\Local\Windows Live
2011-08-05 01:49:10 912504 ----a-w- C:\Windows\System32\drivers\NISx64\1206000.01D\symefa64.sys
2011-08-05 01:49:10 744568 ----a-w- C:\Windows\System32\drivers\NISx64\1206000.01D\srtsp64.sys
2011-08-05 01:49:10 450680 ----a-w- C:\Windows\System32\drivers\NISx64\1206000.01D\symds64.sys
2011-08-05 01:49:10 40568 ----a-w- C:\Windows\System32\drivers\NISx64\1206000.01D\srtspx64.sys
2011-08-05 01:49:10 386168 ----a-w- C:\Windows\System32\drivers\NISx64\1206000.01D\symnets.sys
2011-08-05 01:49:10 171128 ----a-w- C:\Windows\System32\drivers\NISx64\1206000.01D\ironx64.sys
2011-08-04 23:11:14 -------- d-----w- C:\Users\shellie\hpremote
2011-08-04 23:04:03 -------- d-----w- C:\Windows\System32\drivers\NISx64\1206000.01D
2011-08-04 22:54:14 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2011-08-04 22:11:04 -------- d-----w- C:\Users\shellie\AppData\Local\ElevatedDiagnostics
2011-08-04 22:01:53 737072 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2011-08-04 22:01:16 4283672 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2011-08-04 21:59:41 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2011-08-04 21:59:37 539968 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-08-04 21:47:57 -------- d-----w- C:\Users\shellie\old computer
2011-08-04 21:47:53 -------- d-----w- C:\Users\shellie\AppData\Local\ATI
2011-08-04 21:47:08 -------- dc----w- C:\Users\shellie\AppData\Local\MigWiz
2011-08-04 21:46:52 -------- d-----w- C:\Users\shellie\AppData\Local\PDFC
2011-08-04 21:46:18 -------- d-----w- C:\Users\shellie\AppData\Local\VirtualStore
2011-08-04 21:46:06 -------- d-----w- C:\Users\shellie\AppData\Local\RemEngine
2011-08-04 21:40:44 -------- d-----w- C:\Users\shellie\AppData\Local\Hewlett-Packard
2011-08-04 21:40:33 -------- d-----w- C:\Users\shellie\AppData\Local\Hewlett-Packard_Company
.
==================== Find3M ====================
.
2011-08-14 14:59:13 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2011-08-14 14:59:13 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2011-08-05 01:49:12 174200 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2011-07-22 05:22:26 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-07-22 04:54:18 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-07-16 05:41:50 362496 ----a-w- C:\Windows\System32\wow64win.dll
2011-07-16 05:41:49 243200 ----a-w- C:\Windows\System32\wow64.dll
2011-07-16 05:41:49 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2011-07-16 05:39:10 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2011-07-16 05:37:12 421888 ----a-w- C:\Windows\System32\KernelBase.dll
2011-07-16 04:29:19 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2011-07-16 04:26:00 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2011-07-16 04:25:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2011-07-16 04:24:23 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2011-07-16 04:24:22 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2011-07-16 02:21:44 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2011-07-16 02:21:41 2048 ----a-w- C:\Windows\SysWow64\user.exe
2011-07-16 02:17:19 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:17:19 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:17:19 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:17:19 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2011-07-12 17:34:00 96104 ----a-w- C:\Windows\System32\dns-sd.exe
2011-07-12 17:34:00 85864 ----a-w- C:\Windows\System32\dnssd.dll
2011-07-12 17:34:00 61288 ----a-w- C:\Windows\System32\jdns_sd.dll
2011-07-12 17:34:00 212840 ----a-w- C:\Windows\System32\dnssdX.dll
2011-07-12 17:20:54 83816 ----a-w- C:\Windows\SysWow64\dns-sd.exe
2011-07-12 17:20:54 73064 ----a-w- C:\Windows\SysWow64\dnssd.dll
2011-07-12 17:20:54 50536 ----a-w- C:\Windows\SysWow64\jdns_sd.dll
2011-07-12 17:20:54 178536 ----a-w- C:\Windows\SysWow64\dnssdX.dll
2011-07-09 02:46:28 288768 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-06-24 05:34:53 214528 ----a-w- C:\Windows\System32\winsrv.dll
2011-06-24 05:25:49 338432 ----a-w- C:\Windows\System32\conhost.exe
2011-06-23 05:43:12 5561216 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-06-23 04:33:57 3967872 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-06-23 04:33:57 3912576 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-06-21 06:20:53 1188864 ----a-w- C:\Windows\System32\wininet.dll
2011-06-21 05:28:33 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-06-15 10:02:23 212992 ----a-w- C:\Windows\System32\odbctrac.dll
2011-06-15 10:02:23 163840 ----a-w- C:\Windows\System32\odbccp32.dll
2011-06-15 10:02:23 106496 ----a-w- C:\Windows\System32\odbccu32.dll
2011-06-15 10:02:23 106496 ----a-w- C:\Windows\System32\odbccr32.dll
2011-06-15 08:55:19 86016 ----a-w- C:\Windows\SysWow64\odbccu32.dll
2011-06-15 08:55:19 81920 ----a-w- C:\Windows\SysWow64\odbccr32.dll
2011-06-15 08:55:19 319488 ----a-w- C:\Windows\SysWow64\odbcjt32.dll
2011-06-15 08:55:19 163840 ----a-w- C:\Windows\SysWow64\odbctrac.dll
2011-06-15 08:55:19 122880 ----a-w- C:\Windows\SysWow64\odbccp32.dll
2011-06-11 03:07:25 3137536 ----a-w- C:\Windows\System32\win32k.sys
2011-05-30 22:51:03 0 ----a-w- C:\Windows\ativpsrm.bin
2011-05-24 11:42:55 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll
2011-05-24 10:40:05 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2011-05-24 10:40:05 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
2011-05-24 10:39:38 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
2011-05-24 10:37:54 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
2003-06-01 17:02:32 6138368 ----a-w- C:\Program Files (x86)\MysticalTTC.exe
2003-05-28 23:50:12 1408000 ----a-w- C:\Program Files (x86)\Mystical_PlugIn_TTC.8bf
2003-05-16 14:01:38 9705984 ----a-w- C:\Program Files (x86)\DS.exe
2003-05-01 19:59:32 1413120 ----a-w- C:\Program Files (x86)\DS_PlugIn.8bf
2003-01-31 10:43:19 6065152 ----a-w- C:\Program Files (x86)\Mystical.exe
2003-01-31 01:20:26 1396736 ----a-w- C:\Program Files (x86)\Mystical_PlugIn.8bf
.
============= FINISH: 11:39:01.46 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:58 PM

Posted 20 August 2011 - 02:00 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resouce! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/414532 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 shellieh98

shellieh98
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:58 PM

Posted 22 August 2011 - 11:05 PM

oh and i forgot to say my windows live isn't running when this happens, and i am o the internet usually facebook when this happens. thankyou.

#4 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:58 PM

Posted 23 August 2011 - 10:06 AM

Hi,

My name is Casey and I will be helping you with your malware problems.

Whilst I research the problems in your logs, it is very important that you do not make any changes to this PC. Specifically, do not run any further malware removal tools or try to remove anything yourself.

You may wish to "Watch Topic" so that you are immediately informed of any replies I make. I also ask that you reply to my posts within 5 days else your topic will be closed as stale.

Throughout the removal process, if you have any questions then you should ask them. If you are unsure of my instructions or something does not go as planned - then please tell me. Conversely, it is also important that you answer any questions I have and that you keep me updated on the state of the PC.

:exclame: Could I just check - does it tend to happen with specific web pages (i.e. Facebook)? Also, does it occur in different browsers (i.e. Internet Explorer or Firefox)?

Regards,

Casey

Edited by Casey_boy, 23 August 2011 - 10:07 AM.
addendum

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#5 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:58 PM

Posted 23 August 2011 - 11:30 AM

Hi again,

Nothing in the log stands out. I have read that sometimes those sort of noises/laughing are in fact from an advert currently being displayed on a webpage (not necessarily the page you have in front of you, but one that is open in another tab). Which might explain why you've only ever heard it whilst on the internet.

However, let's just check it's nothing malicious!

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe (v2.4.0.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

Casey

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#6 shellieh98

shellieh98
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:58 PM

Posted 23 August 2011 - 08:43 PM

Thankyou for your response Casey.
So I am not sure if it happens when I'm on another site, I do know that if I have more than one tab open and the laughing starts, it is like constant. then If I open another tab, the laughing slows down and then stops until I go back to the first tab, then it starts again. I am not sure if it only happens on facebook or not, I play their zynga poker quite often, and I notice that is when it usually occurs. I'm not a big internet person except for that, I use my computer mostly for photo stuff, scrapbooking, and banking. I have not done any banking since this, scared it is some sort of logger or something. I havent used other browsers on this computer only explorer. I downloaded the kasperskys thing, ill copy and paste here. I'm frustrated! it didn't find anything. Oh and I didn't see anything on the web page that would be making that laughing noise either. it goes ahhh hahahahahaha over and over. then sometimes it giggles, and goes back to the laughing. ugg! Thank you for your help.
2011/08/23 19:33:02.0980 5524 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57
2011/08/23 19:33:03.0729 5524 ================================================================================
2011/08/23 19:33:03.0729 5524 SystemInfo:
2011/08/23 19:33:03.0729 5524
2011/08/23 19:33:03.0729 5524 OS Version: 6.1.7601 ServicePack: 1.0
2011/08/23 19:33:03.0730 5524 Product type: Workstation
2011/08/23 19:33:03.0730 5524 ComputerName: SHELLIE-HP
2011/08/23 19:33:03.0731 5524 UserName: shellie
2011/08/23 19:33:03.0731 5524 Windows directory: C:\Windows
2011/08/23 19:33:03.0731 5524 System windows directory: C:\Windows
2011/08/23 19:33:03.0731 5524 Running under WOW64
2011/08/23 19:33:03.0731 5524 Processor architecture: Intel x64
2011/08/23 19:33:03.0731 5524 Number of processors: 4
2011/08/23 19:33:03.0731 5524 Page size: 0x1000
2011/08/23 19:33:03.0731 5524 Boot type: Normal boot
2011/08/23 19:33:03.0731 5524 ================================================================================
2011/08/23 19:33:04.0818 5524 Initialize success
2011/08/23 19:33:09.0851 8936 ================================================================================
2011/08/23 19:33:09.0852 8936 Scan started
2011/08/23 19:33:09.0852 8936 Mode: Manual;
2011/08/23 19:33:09.0852 8936 ================================================================================
2011/08/23 19:33:10.0978 8936 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
2011/08/23 19:33:11.0108 8936 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
2011/08/23 19:33:11.0146 8936 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
2011/08/23 19:33:11.0184 8936 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
2011/08/23 19:33:11.0221 8936 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
2011/08/23 19:33:11.0292 8936 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
2011/08/23 19:33:11.0377 8936 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
2011/08/23 19:33:11.0406 8936 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
2011/08/23 19:33:11.0457 8936 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
2011/08/23 19:33:11.0529 8936 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
2011/08/23 19:33:11.0566 8936 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
2011/08/23 19:33:11.0703 8936 amdkmdag (75e4baca583ae02c11e9ac8747e2abe0) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/08/23 19:33:11.0822 8936 amdkmdap (b765cf4b32f347be747b21ae22641025) C:\Windows\system32\DRIVERS\atikmpag.sys
2011/08/23 19:33:11.0874 8936 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
2011/08/23 19:33:11.0923 8936 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
2011/08/23 19:33:11.0949 8936 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
2011/08/23 19:33:12.0018 8936 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
2011/08/23 19:33:12.0056 8936 amd_sata (caee7c1afc9f1c9ee8dd11acd18d22e7) C:\Windows\system32\drivers\amd_sata.sys
2011/08/23 19:33:12.0082 8936 amd_xata (23726116b4fbcc84fc45b95157c08f5f) C:\Windows\system32\drivers\amd_xata.sys
2011/08/23 19:33:12.0123 8936 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
2011/08/23 19:33:12.0195 8936 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
2011/08/23 19:33:12.0226 8936 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
2011/08/23 19:33:12.0288 8936 aswFsBlk (55353cd0da287b2c3782485740965b54) C:\Windows\system32\drivers\aswFsBlk.sys
2011/08/23 19:33:12.0393 8936 aswMonFlt (b38061cdefb71361e0c7547ac60527e8) C:\Windows\system32\drivers\aswMonFlt.sys
2011/08/23 19:33:12.0453 8936 aswRdr (91e7aca95933633b2557f47cdfdb74c3) C:\Windows\system32\drivers\aswRdr.sys
2011/08/23 19:33:12.0495 8936 aswSnx (2b15499f68fad60ce69264a327e9b0f0) C:\Windows\system32\drivers\aswSnx.sys
2011/08/23 19:33:12.0528 8936 aswSP (4d939ecb19dc930056593390d1c87c43) C:\Windows\system32\drivers\aswSP.sys
2011/08/23 19:33:12.0568 8936 aswTdi (d633426c5a207ce21767569aa4946891) C:\Windows\system32\drivers\aswTdi.sys
2011/08/23 19:33:12.0599 8936 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/08/23 19:33:12.0652 8936 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
2011/08/23 19:33:12.0760 8936 AtiPcie (e82e61f46d1336447f4deff8c074f13e) C:\Windows\system32\drivers\AtiPcie64.sys
2011/08/23 19:33:12.0859 8936 Avgfwfd (705417fd6c165ccf926aca943b478d68) C:\Windows\system32\DRIVERS\avgfwd6a.sys
2011/08/23 19:33:12.0919 8936 AVGIDSDriver (eee718457f24f2154f23a7fad1a0cea3) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
2011/08/23 19:33:12.0938 8936 AVGIDSEH (1553b388e0f0462c25ad8f30c3c29e83) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
2011/08/23 19:33:13.0007 8936 AVGIDSFilter (dca426a66739e75f51a72160dfb945ad) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
2011/08/23 19:33:13.0053 8936 Avgldx64 (ff7383388a7d2283dae5831abc2b0720) C:\Windows\system32\DRIVERS\avgldx64.sys
2011/08/23 19:33:13.0083 8936 Avgmfx64 (997d002827d3e3dcbbb25bf46db161ab) C:\Windows\system32\DRIVERS\avgmfx64.sys
2011/08/23 19:33:13.0132 8936 Avgrkx64 (bccfe3374c887075cde2ac8fdb1cb2f8) C:\Windows\system32\DRIVERS\avgrkx64.sys
2011/08/23 19:33:13.0166 8936 Avgtdia (0d49adcebe243b79366ea523b647519a) C:\Windows\system32\DRIVERS\avgtdia.sys
2011/08/23 19:33:13.0277 8936 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
2011/08/23 19:33:13.0319 8936 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/08/23 19:33:13.0365 8936 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/08/23 19:33:13.0527 8936 BHDrvx64 (c823adeedd3ae6f3db52b6152e5789cf) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110812.001\BHDrvx64.sys
2011/08/23 19:33:13.0630 8936 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
2011/08/23 19:33:13.0699 8936 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
2011/08/23 19:33:13.0733 8936 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
2011/08/23 19:33:13.0758 8936 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
2011/08/23 19:33:13.0783 8936 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/08/23 19:33:13.0854 8936 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/08/23 19:33:13.0897 8936 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/08/23 19:33:13.0922 8936 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/08/23 19:33:13.0948 8936 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
2011/08/23 19:33:14.0027 8936 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/08/23 19:33:14.0076 8936 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
2011/08/23 19:33:14.0112 8936 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
2011/08/23 19:33:14.0146 8936 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/08/23 19:33:14.0230 8936 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
2011/08/23 19:33:14.0262 8936 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
2011/08/23 19:33:14.0310 8936 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
2011/08/23 19:33:14.0352 8936 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
2011/08/23 19:33:14.0376 8936 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
2011/08/23 19:33:14.0405 8936 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
2011/08/23 19:33:14.0518 8936 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
2011/08/23 19:33:14.0563 8936 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/08/23 19:33:14.0601 8936 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
2011/08/23 19:33:14.0650 8936 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/08/23 19:33:14.0682 8936 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
2011/08/23 19:33:14.0781 8936 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
2011/08/23 19:33:14.0865 8936 eeCtrl (5e3a50930447f464c66032e05a4632f5) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
2011/08/23 19:33:14.0996 8936 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
2011/08/23 19:33:15.0041 8936 EraserUtilRebootDrv (dcb76ecc6b50a266fdc16e1963ab98ce) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
2011/08/23 19:33:15.0074 8936 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
2011/08/23 19:33:15.0123 8936 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/08/23 19:33:15.0196 8936 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/08/23 19:33:15.0250 8936 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
2011/08/23 19:33:15.0296 8936 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/08/23 19:33:15.0322 8936 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/08/23 19:33:15.0353 8936 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
2011/08/23 19:33:15.0418 8936 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
2011/08/23 19:33:15.0444 8936 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/08/23 19:33:15.0482 8936 fssfltr (dc0dce4ec2c5d2cf6472f9fd6aa9a7dc) C:\Windows\system32\DRIVERS\fssfltr.sys
2011/08/23 19:33:15.0520 8936 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/08/23 19:33:15.0551 8936 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/08/23 19:33:15.0634 8936 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
2011/08/23 19:33:15.0689 8936 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/08/23 19:33:15.0739 8936 hcw72ADFilter (f531c096d13a9e12b143db770814de92) C:\Windows\system32\DRIVERS\hcw72ADFilter.sys
2011/08/23 19:33:15.0792 8936 hcw72ATV (0496f2a26a9b45412c5cc096d451aa22) C:\Windows\system32\DRIVERS\hcw72ATV.sys
2011/08/23 19:33:15.0883 8936 hcw72DTV (13d8e1f19e5f461f99c24e50bc987b58) C:\Windows\system32\DRIVERS\hcw72DTV.sys
2011/08/23 19:33:15.0934 8936 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/08/23 19:33:15.0994 8936 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
2011/08/23 19:33:16.0087 8936 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/08/23 19:33:16.0174 8936 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
2011/08/23 19:33:16.0222 8936 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
2011/08/23 19:33:16.0269 8936 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
2011/08/23 19:33:16.0373 8936 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
2011/08/23 19:33:16.0484 8936 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
2011/08/23 19:33:16.0527 8936 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
2011/08/23 19:33:16.0554 8936 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
2011/08/23 19:33:16.0646 8936 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
2011/08/23 19:33:16.0701 8936 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
2011/08/23 19:33:16.0905 8936 IDSVia64 (0b97f1a640ad3d159a7b5d2164c42e50) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110822.031\IDSvia64.sys
2011/08/23 19:33:17.0083 8936 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
2011/08/23 19:33:17.0157 8936 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
2011/08/23 19:33:17.0301 8936 IntcAzAudAddService (589b94a9b73a0e819ff873743a480834) C:\Windows\system32\drivers\RTKVHD64.sys
2011/08/23 19:33:17.0344 8936 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
2011/08/23 19:33:17.0384 8936 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
2011/08/23 19:33:17.0415 8936 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/08/23 19:33:17.0485 8936 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
2011/08/23 19:33:17.0506 8936 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/08/23 19:33:17.0537 8936 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/08/23 19:33:17.0572 8936 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
2011/08/23 19:33:17.0600 8936 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
2011/08/23 19:33:17.0674 8936 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/08/23 19:33:17.0696 8936 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/08/23 19:33:17.0737 8936 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
2011/08/23 19:33:17.0762 8936 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
2011/08/23 19:33:17.0779 8936 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/08/23 19:33:17.0877 8936 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/08/23 19:33:17.0953 8936 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
2011/08/23 19:33:17.0990 8936 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
2011/08/23 19:33:18.0013 8936 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
2011/08/23 19:33:18.0049 8936 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
2011/08/23 19:33:18.0132 8936 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/08/23 19:33:18.0171 8936 LVRS64 (ef586b959f747e74c76603ff16ae417b) C:\Windows\system32\DRIVERS\lvrs64.sys
2011/08/23 19:33:18.0269 8936 LVUVC64 (edf73bfa1bd24d74d1d64dc0ed28a7cd) C:\Windows\system32\DRIVERS\lvuvc64.sys
2011/08/23 19:33:18.0330 8936 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
2011/08/23 19:33:18.0400 8936 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
2011/08/23 19:33:18.0493 8936 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/08/23 19:33:18.0552 8936 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/08/23 19:33:18.0604 8936 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/08/23 19:33:18.0675 8936 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/08/23 19:33:18.0698 8936 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
2011/08/23 19:33:18.0738 8936 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
2011/08/23 19:33:18.0761 8936 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/08/23 19:33:18.0792 8936 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
2011/08/23 19:33:18.0824 8936 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/08/23 19:33:18.0905 8936 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/08/23 19:33:18.0941 8936 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/08/23 19:33:18.0966 8936 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
2011/08/23 19:33:18.0997 8936 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
2011/08/23 19:33:19.0047 8936 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/08/23 19:33:19.0116 8936 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/08/23 19:33:19.0134 8936 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
2011/08/23 19:33:19.0163 8936 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/08/23 19:33:19.0179 8936 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/08/23 19:33:19.0195 8936 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/08/23 19:33:19.0225 8936 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
2011/08/23 19:33:19.0257 8936 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
2011/08/23 19:33:19.0317 8936 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/08/23 19:33:19.0359 8936 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
2011/08/23 19:33:19.0379 8936 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/08/23 19:33:19.0423 8936 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/08/23 19:33:19.0588 8936 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20110823.081\ENG64.SYS
2011/08/23 19:33:19.0665 8936 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20110823.081\EX64.SYS
2011/08/23 19:33:19.0767 8936 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
2011/08/23 19:33:19.0802 8936 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/08/23 19:33:19.0856 8936 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/08/23 19:33:19.0929 8936 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/08/23 19:33:19.0952 8936 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/08/23 19:33:19.0968 8936 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
2011/08/23 19:33:20.0005 8936 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/08/23 19:33:20.0063 8936 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
2011/08/23 19:33:20.0166 8936 netr28x (24cf1304d899124336f67f88f3c15e21) C:\Windows\system32\DRIVERS\netr28x.sys
2011/08/23 19:33:20.0230 8936 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
2011/08/23 19:33:20.0295 8936 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/08/23 19:33:20.0364 8936 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/08/23 19:33:20.0420 8936 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
2011/08/23 19:33:20.0458 8936 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/08/23 19:33:20.0509 8936 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
2011/08/23 19:33:20.0558 8936 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
2011/08/23 19:33:20.0606 8936 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
2011/08/23 19:33:20.0662 8936 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
2011/08/23 19:33:20.0750 8936 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
2011/08/23 19:33:20.0795 8936 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
2011/08/23 19:33:20.0861 8936 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
2011/08/23 19:33:20.0890 8936 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2011/08/23 19:33:20.0918 8936 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
2011/08/23 19:33:20.0970 8936 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/08/23 19:33:21.0016 8936 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/08/23 19:33:21.0146 8936 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
2011/08/23 19:33:21.0204 8936 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
2011/08/23 19:33:21.0254 8936 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
2011/08/23 19:33:21.0330 8936 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
2011/08/23 19:33:21.0438 8936 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
2011/08/23 19:33:21.0475 8936 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
2011/08/23 19:33:21.0514 8936 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/08/23 19:33:21.0581 8936 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/08/23 19:33:21.0625 8936 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/08/23 19:33:21.0653 8936 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/08/23 19:33:21.0681 8936 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/08/23 19:33:21.0703 8936 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/08/23 19:33:21.0769 8936 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
2011/08/23 19:33:21.0802 8936 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
2011/08/23 19:33:21.0825 8936 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/08/23 19:33:21.0852 8936 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/08/23 19:33:21.0873 8936 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/08/23 19:33:21.0902 8936 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
2011/08/23 19:33:21.0929 8936 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
2011/08/23 19:33:22.0012 8936 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/08/23 19:33:22.0058 8936 RTL8167 (afc12dfa4c7b089673ad67402ca19edb) C:\Windows\system32\DRIVERS\Rt64win7.sys
2011/08/23 19:33:22.0092 8936 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
2011/08/23 19:33:22.0117 8936 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
2011/08/23 19:33:22.0181 8936 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/08/23 19:33:22.0277 8936 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
2011/08/23 19:33:22.0325 8936 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
2011/08/23 19:33:22.0343 8936 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
2011/08/23 19:33:22.0389 8936 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
2011/08/23 19:33:22.0418 8936 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
2011/08/23 19:33:22.0450 8936 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
2011/08/23 19:33:22.0479 8936 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
2011/08/23 19:33:22.0569 8936 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
2011/08/23 19:33:22.0611 8936 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
2011/08/23 19:33:22.0657 8936 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/08/23 19:33:22.0700 8936 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/08/23 19:33:22.0825 8936 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\NISx64\1206000.01D\SRTSP64.SYS
2011/08/23 19:33:22.0852 8936 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\NISx64\1206000.01D\SRTSPX64.SYS
2011/08/23 19:33:22.0890 8936 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
2011/08/23 19:33:22.0917 8936 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
2011/08/23 19:33:22.0953 8936 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
2011/08/23 19:33:23.0041 8936 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
2011/08/23 19:33:23.0093 8936 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
2011/08/23 19:33:23.0172 8936 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\NISx64\1206000.01D\SYMDS64.SYS
2011/08/23 19:33:23.0202 8936 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\NISx64\1206000.01D\SYMEFA64.SYS
2011/08/23 19:33:23.0288 8936 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2011/08/23 19:33:23.0314 8936 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\NISx64\1206000.01D\Ironx64.SYS
2011/08/23 19:33:23.0346 8936 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\Windows\System32\Drivers\NISx64\1206000.01D\SYMNETS.SYS
2011/08/23 19:33:23.0431 8936 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
2011/08/23 19:33:23.0514 8936 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
2011/08/23 19:33:23.0549 8936 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
2011/08/23 19:33:23.0576 8936 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/08/23 19:33:23.0590 8936 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/08/23 19:33:23.0612 8936 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
2011/08/23 19:33:23.0647 8936 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
2011/08/23 19:33:23.0756 8936 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/08/23 19:33:23.0792 8936 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
2011/08/23 19:33:23.0818 8936 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
2011/08/23 19:33:23.0844 8936 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
2011/08/23 19:33:23.0875 8936 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
2011/08/23 19:33:23.0927 8936 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
2011/08/23 19:33:23.0982 8936 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
2011/08/23 19:33:24.0013 8936 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
2011/08/23 19:33:24.0033 8936 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
2011/08/23 19:33:24.0080 8936 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
2011/08/23 19:33:24.0150 8936 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
2011/08/23 19:33:24.0191 8936 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/08/23 19:33:24.0235 8936 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
2011/08/23 19:33:24.0261 8936 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/08/23 19:33:24.0282 8936 usbfilter (2c780746dc44a28fe67004dc58173f05) C:\Windows\system32\drivers\usbfilter.sys
2011/08/23 19:33:24.0353 8936 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
2011/08/23 19:33:24.0394 8936 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
2011/08/23 19:33:24.0444 8936 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/08/23 19:33:24.0491 8936 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
2011/08/23 19:33:24.0523 8936 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
2011/08/23 19:33:24.0565 8936 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
2011/08/23 19:33:24.0644 8936 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/08/23 19:33:24.0672 8936 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/08/23 19:33:24.0714 8936 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
2011/08/23 19:33:24.0744 8936 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
2011/08/23 19:33:24.0782 8936 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
2011/08/23 19:33:24.0857 8936 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
2011/08/23 19:33:24.0902 8936 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
2011/08/23 19:33:24.0929 8936 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
2011/08/23 19:33:24.0953 8936 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/08/23 19:33:24.0988 8936 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/08/23 19:33:25.0062 8936 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
2011/08/23 19:33:25.0111 8936 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/08/23 19:33:25.0126 8936 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/08/23 19:33:25.0176 8936 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
2011/08/23 19:33:25.0211 8936 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/08/23 19:33:25.0312 8936 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/08/23 19:33:25.0347 8936 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/08/23 19:33:25.0446 8936 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/08/23 19:33:25.0505 8936 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
2011/08/23 19:33:25.0586 8936 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/08/23 19:33:25.0627 8936 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
2011/08/23 19:33:25.0665 8936 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/08/23 19:33:25.0708 8936 MBR (0x1B8) (ef4cc5431b415cbc9823d00f44dc8304) \Device\Harddisk0\DR0
2011/08/23 19:33:25.0923 8936 MBR (0x1B8) (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk1\DR1
2011/08/23 19:33:25.0935 8936 Boot (0x1200) (f3d048c5da050c574090003c7a318842) \Device\Harddisk0\DR0\Partition0
2011/08/23 19:33:25.0953 8936 Boot (0x1200) (0e16c945c8984c808171d1d69cd02c4e) \Device\Harddisk0\DR0\Partition1
2011/08/23 19:33:25.0997 8936 Boot (0x1200) (04bbcf5bd9130457ccf0959f88103c21) \Device\Harddisk0\DR0\Partition2
2011/08/23 19:33:26.0021 8936 Boot (0x1200) (a566323407e9946bb94421a346cbf54c) \Device\Harddisk1\DR1\Partition0
2011/08/23 19:33:26.0033 8936 ================================================================================
2011/08/23 19:33:26.0034 8936 Scan finished
2011/08/23 19:33:26.0034 8936 ================================================================================
2011/08/23 19:33:26.0046 8408 Detected object count: 0
2011/08/23 19:33:26.0046 8408 Actual detected object count: 0

#7 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:58 PM

Posted 24 August 2011 - 05:29 AM

Hi again,

I'd be interested to see if using Mozilla Firefox and installing Adblock Plus or using Google Chrome and installing AdBlock help.

Casey

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#8 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:58 PM

Posted 27 August 2011 - 11:55 AM

Hi,

This is a 3 day bump.

Hopefully you're still with us but please be aware that if there is no reply within two days, then this topic will be closed as stale.

Casey

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#9 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:58 PM

Posted 29 August 2011 - 05:42 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users